mtrx-cli 0.1.23 → 0.1.25

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mtrx-cli",
-  "version": "0.1.23",
+  "version": "0.1.25",
   "description": "MATRX CLI for routing Codex, Claude, and Cursor through Matrx",
   "homepage": "https://mtrx.so",
   "repository": {
@@ -33,6 +33,8 @@
     "src/matrx/cli/cursor_proxy.py",
     "src/matrx/cli/cursor_reroute.py",
     "src/matrx/cli/cursor_service.py",
+    "src/matrx/cli/bootstrap.py",
+    "src/matrx/cli/gemini_env_bootstrap.cjs",
     "src/matrx/cli/launcher.py",
     "src/matrx/cli/main.py",
     "src/matrx/cli/project_cmds.py",

package/src/matrx/__init__.py

@@ -1 +1 @@
-__version__ = "0.1.23"
+__version__ = "0.1.25"

package/src/matrx/cli/bootstrap.py

@@ -0,0 +1,119 @@
+"""
+Bootstrap command — warms the system registry for an existing project.
+Called by `mtrx init`.
+"""
+from __future__ import annotations
+
+import json
+import subprocess
+from pathlib import Path
+
+_DEFAULT_SYSTEMS_TEMPLATE = [
+    {
+        "id": "memory",
+        "name": "Memory System",
+        "description": "Memory flywheel: extract, store, retrieve, inject",
+        "file_patterns": ["core/memory.py", "services/memory.py", "core/extractor.py", "core/profile_builder.py"]
+    },
+    {
+        "id": "proxy",
+        "name": "Proxy Service",
+        "description": "Intercepts all LLM calls, applies compression + injection",
+        "file_patterns": ["services/proxy.py", "core/compressor.py", "core/summarizer.py"]
+    },
+    {
+        "id": "auth",
+        "name": "Auth & Multi-Org",
+        "description": "Clerk JWT validation, org/project scoping, API keys",
+        "file_patterns": ["middleware/auth.py", "api/auth.py", "api/orgs.py", "models/org_member.py"]
+    },
+    {
+        "id": "analytics",
+        "name": "Analytics",
+        "description": "Usage snapshots, memory hit rate, token tracking",
+        "file_patterns": ["services/analytics.py", "api/analytics.py"]
+    },
+]
+
+
+def run_init(project_root: str = ".") -> None:
+    """Entry point for `mtrx init`."""
+    root = Path(project_root).resolve()
+    print(f"Matrx init: analyzing {root}")
+
+    # Step 1: Load or create .matrx/systems.json
+    matrx_dir = root / ".matrx"
+    matrx_dir.mkdir(exist_ok=True)
+    systems_path = matrx_dir / "systems.json"
+
+    if not systems_path.exists():
+        _seed_systems_json(root, systems_path)
+        print(f"  Created {systems_path}")
+    else:
+        print(f"  Found existing {systems_path}")
+
+    # Step 2: Analyze git log for hot systems
+    hot_files = _get_hot_files(root, days=30)
+    print(f"  Found {len(hot_files)} recently modified files")
+
+    # Step 3: Map to systems
+    systems = json.loads(systems_path.read_text()).get("systems", [])
+    hot_systems = _rank_systems_by_activity(hot_files, systems)
+
+    if hot_systems:
+        print("\n  Active systems detected:")
+        for sys_id, count, depth in hot_systems:
+            meta = next((s for s in systems if s["id"] == sys_id), None)
+            if meta:
+                print(f"    {meta['name']:<25} {count:>3} touches → {depth} card")
+    else:
+        print("\n  No recently active systems detected (no git history or no matches).")
+
+    print(f"\n  Matrx will generate cards for detected systems on first use.")
+    print(f"  Run your agent — cards will be ready within the first few calls.\n")
+    print("  Done.")
+
+
+def _get_hot_files(root: Path, days: int = 30) -> dict[str, int]:
+    """Parse git log, return file → touch count mapping."""
+    try:
+        result = subprocess.run(
+            ["git", "log", f"--since={days} days ago", "--name-only", "--pretty=format:"],
+            cwd=root, capture_output=True, text=True, timeout=10,
+        )
+        counts: dict[str, int] = {}
+        for line in result.stdout.splitlines():
+            line = line.strip()
+            if line and not line.startswith("commit"):
+                counts[line] = counts.get(line, 0) + 1
+        return counts
+    except Exception:
+        return {}
+
+
+def _rank_systems_by_activity(
+    hot_files: dict[str, int], systems: list[dict]
+) -> list[tuple[str, int, str]]:
+    """Return [(system_id, touch_count, depth)] sorted by activity."""
+    ranked = []
+    for s in systems:
+        patterns = s.get("file_patterns", [])
+        total = sum(
+            count for f, count in hot_files.items()
+            if any(pat in f or f.endswith(pat) for pat in patterns)
+        )
+        if total > 0:
+            ranked.append((s["id"], total, "standard"))
+
+    ranked.sort(key=lambda x: x[1], reverse=True)
+    # Re-assign depths by rank
+    result = []
+    for i, (sid, count, _) in enumerate(ranked):
+        depth = "full" if i < 3 else ("standard" if i < 8 else "distilled")
+        result.append((sid, count, depth))
+    return result
+
+
+def _seed_systems_json(root: Path, out_path: Path) -> None:
+    """Write default systems.json. Users can hand-edit afterward."""
+    out_path.write_text(json.dumps({"systems": _DEFAULT_SYSTEMS_TEMPLATE}, indent=2))

package/src/matrx/cli/cursor_proxy.py

@@ -33,7 +33,7 @@ import httpx
 from matrx.cli.cursor_ca import CertCache, load_ca
 
 try:
-    from matrx.cli.cursor_reroute import is_ai_path, try_reroute_to_matrx
+    from matrx.cli.cursor_reroute import is_ai_path, try_inject_context, try_reroute_to_matrx
 except ImportError:
     # Stubs when cursor_reroute not available (e.g. npm package omit).
     def is_ai_path(path: str) -> bool:
@@ -42,6 +42,9 @@ except ImportError:
     async def try_reroute_to_matrx(*, path: str, method: str, **kwargs: Any) -> None:
         return None
 
+    async def try_inject_context(**kwargs: Any) -> None:
+        return None
+
 logger = logging.getLogger(__name__)
 
 DEFAULT_PORT = 8842
@@ -287,8 +290,10 @@ class MITMProxy:
             path = parts[1] if len(parts) > 1 else "/"
 
             req_body_size = 0
+            _is_ai_req = method == "POST" and is_ai_path(path)
+            _req_session_id = str(uuid.uuid4()) if _is_ai_req else ""
             # For AI paths: buffer request and try rerouting through MTRX (live injection)
-            if method == "POST" and is_ai_path(path):
+            if _is_ai_req:
                 req_headers, req_cl, req_chunked = await self._read_headers_only(
                     client_reader
                 )
@@ -303,7 +308,7 @@ class MITMProxy:
                     req_body=req_body,
                     matrx_base_url=self.matrx_base_url,
                     matrx_key=self.matrx_key,
-                    session_id=str(uuid.uuid4()),
+                    session_id=_req_session_id,
                 )
                 if result is not None:
                     success, resp_headers, resp_body, is_streaming = result
@@ -327,10 +332,20 @@ class MITMProxy:
                         )
                         continue
                     # Reroute returned but failed — fall through to forward
-                # Reroute not implemented or failed — forward to upstream
+                # Inject MTRX memory context into request before forwarding
+                injected_body = await try_inject_context(
+                    req_body=req_body,
+                    req_headers=req_headers,
+                    matrx_base_url=self.matrx_base_url,
+                    matrx_key=self.matrx_key,
+                    session_id=_req_session_id,
+                )
+                body_to_forward = injected_body if injected_body is not None else req_body
+                fwd_headers = dict(req_headers)
+                fwd_headers["content-length"] = str(len(body_to_forward))
                 up_writer.write(req_line)
-                await self._write_headers(up_writer, req_headers)
-                up_writer.write(req_body)
+                await self._write_headers(up_writer, fwd_headers)
+                up_writer.write(body_to_forward)
                 await up_writer.drain()
             else:
                 up_writer.write(req_line)
@@ -369,9 +384,20 @@ class MITMProxy:
                 for t in ("text/event-stream", "grpc", "proto", "connect")
             )
 
-            resp_body_size = await self._forward_body(
-                up_reader, client_writer, resp_cl, resp_chunked
-            )
+            if _is_ai_req:
+                resp_body_size, resp_captured = await self._forward_body_with_capture(
+                    up_reader, client_writer, resp_cl, resp_chunked
+                )
+                if resp_captured:
+                    asyncio.create_task(
+                        self._extract_ai_response(
+                            resp_captured, _req_session_id, hostname
+                        )
+                    )
+            else:
+                resp_body_size = await self._forward_body(
+                    up_reader, client_writer, resp_cl, resp_chunked
+                )
 
             elapsed_ms = int((time.monotonic() - started) * 1000)
             self._request_count += 1
@@ -397,6 +423,114 @@ class MITMProxy:
             if "close" in conn_h:
                 break
 
+    async def _forward_body_with_capture(
+        self,
+        reader: asyncio.StreamReader,
+        writer: asyncio.StreamWriter,
+        content_length: int,
+        chunked: bool,
+    ) -> tuple[int, bytes]:
+        """Forward body like ``_forward_body`` while also capturing a copy.
+
+        Returns ``(bytes_forwarded, captured_bytes)``.  The capture enables
+        background response extraction without blocking the forward path.
+        """
+        parts: list[bytes] = []
+
+        if content_length > 0:
+            total = 0
+            remaining = content_length
+            while remaining > 0:
+                chunk = await reader.read(min(remaining, 65536))
+                if not chunk:
+                    break
+                writer.write(chunk)
+                await writer.drain()
+                parts.append(chunk)
+                total += len(chunk)
+                remaining -= len(chunk)
+            return total, b"".join(parts)
+
+        if chunked:
+            total = 0
+            while True:
+                size_line = await reader.readline()
+                if not size_line:
+                    break
+                writer.write(size_line)
+                await writer.drain()
+                size_str = size_line.decode("utf-8", errors="replace").strip()
+                try:
+                    chunk_size = int(size_str.split(";")[0], 16)
+                except ValueError:
+                    break
+                if chunk_size == 0:
+                    trailer = await reader.readline()
+                    writer.write(trailer)
+                    await writer.drain()
+                    break
+                remaining = chunk_size
+                chunk_parts: list[bytes] = []
+                while remaining > 0:
+                    data = await reader.read(min(remaining, 65536))
+                    if not data:
+                        return total, b"".join(parts)
+                    writer.write(data)
+                    await writer.drain()
+                    chunk_parts.append(data)
+                    total += len(data)
+                    remaining -= len(data)
+                chunk_data = b"".join(chunk_parts)
+                parts.append(chunk_data)
+                crlf = await reader.readline()
+                writer.write(crlf)
+                await writer.drain()
+            return total, b"".join(parts)
+
+        return 0, b""
+
+    async def _extract_ai_response(
+        self,
+        resp_bytes: bytes,
+        session_id: str,
+        hostname: str,
+    ) -> None:
+        """Parse Connect frames from *resp_bytes* and ship response telemetry.
+
+        Fire-and-forget — never raises, never blocks the forward path.
+        """
+        try:
+            from matrx.cli.cursor_connect import parse_all_frames
+            from matrx.cli.cursor_extraction import (
+                extract_from_response_frame,
+                parse_response_proto,
+                ship_ai_telemetry,
+            )
+
+            frames = parse_all_frames(resp_bytes)
+            accumulated: dict = {
+                "session_id": session_id,
+                "response_text": "",
+                "tool_calls": [],
+                "usage": None,
+            }
+            for flags, payload in frames:
+                if flags == 0x02:  # end-of-stream trailer — stop
+                    break
+                resp_proto = parse_response_proto(payload)
+                frame_data = extract_from_response_frame(resp_proto)
+                if frame_data:
+                    accumulated["response_text"] = (
+                        accumulated.get("response_text", "") + frame_data.get("text", "")
+                    )
+                    accumulated["tool_calls"].extend(frame_data.get("tool_calls", []))
+                    if frame_data.get("usage"):
+                        accumulated["usage"] = frame_data["usage"]
+
+            await ship_ai_telemetry(accumulated, self.matrx_base_url, self.matrx_key)
+        except Exception:
+            logger.debug("proxy: _extract_ai_response failed", exc_info=True)
+
     async def _read_headers_only(
         self, reader: asyncio.StreamReader
     ) -> tuple[dict[str, str], int, bool]:

package/src/matrx/cli/cursor_reroute.py

@@ -13,11 +13,14 @@ Refs: cursor-tap (https://github.com/burpheart/cursor-tap), everestmz/cursor-rpc
 
 from __future__ import annotations
 
+import asyncio
 import json
 import logging
 import re
 from typing import Any
 
+import httpx
+
 logger = logging.getLogger(__name__)
 
 # Cursor AI RPC paths (Connect protocol). RunSSE = main chat, StreamCpp = code completion.
@@ -46,6 +49,67 @@ def _cursor_model_to_openai(cursor_model: str) -> str:
     return cursor_model
 
 
+def _build_search_query(extracted: dict[str, Any]) -> str:
+    files = extracted.get("files", [])
+    query_parts = [f.get("path", "").strip() for f in files[:3] if f.get("path")]
+    if query_parts:
+        return " ".join(query_parts)
+    return (extracted.get("conversation_summary") or "").strip()
+
+
+def _prepend_context_items(context_items: Any, injected_items: list[Any]) -> None:
+    for item in reversed(injected_items):
+        try:
+            context_items.insert(0, item)
+        except Exception:
+            context_items.append(item)
+
+
+def _inject_memory_context_items(
+    *,
+    req_proto: Any,
+    memory_results: list[dict[str, Any]],
+    server_chat_pb2: Any,
+    existing_files: list[dict[str, Any]] | None = None,
+    limit: int = 5,
+) -> int:
+    existing_contents = {
+        (entry.get("content") or "").strip() for entry in (existing_files or []) if entry.get("content")
+    }
+    injected_contents: set[str] = set()
+    injected_items: list[Any] = []
+
+    for mem in memory_results:
+        if len(injected_items) >= limit:
+            break
+        content = (mem.get("content") or "").strip()
+        if not content or content in existing_contents or content in injected_contents:
+            continue
+
+        cached_item = server_chat_pb2.PotentiallyCachedContextItem()
+        ctx_item = server_chat_pb2.ContextItem()
+        file_chunk = server_chat_pb2.FileChunk()
+        file_chunk.file_path = f"[matrx:{(mem.get('id') or '')[:8]}]"
+        file_chunk.content = content[:4096]
+        if hasattr(getattr(ctx_item, "file_chunk", None), "CopyFrom"):
+            ctx_item.file_chunk.CopyFrom(file_chunk)
+        else:
+            ctx_item.file_chunk = file_chunk
+        if hasattr(getattr(cached_item, "context_item", None), "CopyFrom"):
+            cached_item.context_item.CopyFrom(ctx_item)
+        else:
+            cached_item.context_item = ctx_item
+
+        injected_items.append(cached_item)
+        injected_contents.add(content)
+
+    if not injected_items:
+        return 0
+
+    _prepend_context_items(req_proto.context_items, injected_items)
+    return len(injected_items)
+
+
 async def try_reroute_to_matrx(
     *,
     path: str,
@@ -74,3 +138,111 @@ async def try_reroute_to_matrx(
     # convert response back to Cursor's gRPC format.
     logger.debug("cursor_reroute: path=%s would reroute (protobuf conversion not yet implemented)", path)
     return None
+
+
+# ---------------------------------------------------------------------------
+# Context injection
+# ---------------------------------------------------------------------------
+
+
+async def _query_memory(
+    *,
+    query: str,
+    matrx_base_url: str,
+    matrx_key: str,
+    limit: int = 5,
+) -> list[dict]:
+    """Query MTRX memory search API. Returns list of memory entry dicts."""
+    try:
+        async with httpx.AsyncClient(timeout=0.1) as client:  # 100 ms budget
+            resp = await client.get(
+                f"{matrx_base_url.rstrip('/')}/v1/memory/search",
+                params={"q": query, "limit": limit},
+                headers={"X-Matrx-Key": matrx_key},
+            )
+            if resp.status_code == 200:
+                return resp.json().get("entries", [])
+    except Exception:
+        logger.debug("cursor_reroute: memory query failed", exc_info=True)
+    return []
+
+
+async def try_inject_context(
+    *,
+    req_body: bytes,
+    req_headers: dict[str, str],
+    matrx_base_url: str,
+    matrx_key: str,
+    session_id: str,
+) -> bytes | None:
+    """Parse the Connect+proto request, extract data, inject MTRX memory context items.
+
+    Returns modified request bytes with injected context items prepended, or
+    ``None`` to signal that the original request should be forwarded unchanged.
+    Wraps everything in try/except — never raises.
+    """
+    try:
+        from matrx.cli.cursor_connect import (
+            build_connect_frame,
+            is_connect_proto_request,
+            parse_connect_frame,
+        )
+        from matrx.cli.cursor_extraction import (
+            _PROTOS_AVAILABLE,
+            extract_from_request,
+            parse_request_proto,
+            ship_ai_telemetry,
+        )
+
+        if not is_connect_proto_request(req_headers):
+            return None
+
+        # Parse Connect envelope → raw proto bytes
+        flags, proto_bytes = parse_connect_frame(req_body)
+
+        # Deserialize proto
+        req_proto = parse_request_proto(proto_bytes)
+
+        # Extract structured data and ship telemetry fire-and-forget
+        extracted = extract_from_request(req_proto)
+        extracted["session_id"] = extracted.get("session_id") or session_id
+        asyncio.create_task(ship_ai_telemetry(extracted, matrx_base_url, matrx_key))
+
+        # Cannot inject without compiled protos or a successfully parsed proto
+        if not _PROTOS_AVAILABLE or req_proto is None:
+            return None
+
+        # Build search query from the open file paths
+        search_query = _build_search_query(extracted)
+        if not search_query:
+            return None
+
+        # Query MTRX memory (100 ms budget — never blocks the forward path)
+        memory_results = await _query_memory(
+            query=search_query,
+            matrx_base_url=matrx_base_url,
+            matrx_key=matrx_key,
+            limit=5,
+        )
+        if not memory_results:
+            return None
+
+        # Inject memory results as PotentiallyCachedContextItem entries
+        from matrx.cli.cursor_proto import server_chat_pb2  # type: ignore[import]
+
+        inserted = _inject_memory_context_items(
+            req_proto=req_proto,
+            memory_results=memory_results,
+            server_chat_pb2=server_chat_pb2,
+            existing_files=extracted.get("files", []),
+        )
+        if inserted == 0:
+            return None
+
+        # Serialize modified proto and re-wrap in Connect frame
+        new_proto_bytes = req_proto.SerializeToString()
+        return build_connect_frame(flags, new_proto_bytes)
+
+    except Exception:
+        logger.warning("cursor_reroute: try_inject_context failed", exc_info=True)
+        return None

package/src/matrx/cli/gemini_env_bootstrap.cjs

@@ -0,0 +1,34 @@
+"use strict";
+
+function decodeBase64Env(name) {
+  const value = process.env[name];
+  if (!value) {
+    return undefined;
+  }
+  try {
+    return Buffer.from(value, "base64").toString("utf8");
+  } catch {
+    return undefined;
+  }
+}
+
+const envMappings = [
+  ["MTRX_GEMINI_CUSTOM_HEADERS_B64", "GEMINI_CLI_CUSTOM_HEADERS"],
+  ["MTRX_CODE_ASSIST_ENDPOINT_B64", "CODE_ASSIST_ENDPOINT"],
+  ["MTRX_GEMINI_API_ENDPOINT_B64", "GEMINI_API_ENDPOINT"],
+];
+
+for (const [sourceName, targetName] of envMappings) {
+  const decoded = decodeBase64Env(sourceName);
+  if (decoded && !process.env[targetName]) {
+    process.env[targetName] = decoded;
+  }
+}
+
+if (
+  process.env.MTRX_GEMINI_API_KEY_AUTH_MECHANISM &&
+  !process.env.GEMINI_API_KEY_AUTH_MECHANISM
+) {
+  process.env.GEMINI_API_KEY_AUTH_MECHANISM =
+    process.env.MTRX_GEMINI_API_KEY_AUTH_MECHANISM;
+}

package/src/matrx/cli/launcher.py

@@ -95,6 +95,46 @@ def _runtime_agent_basename(tool: str) -> tuple[str, str, list[str], str]:
     return normalized, f"{tool.capitalize()} CLI", ["cli", tool], tool
 
 
+def _append_sandbox_env(env: dict[str, str], key: str, value: str | None) -> None:
+    if not value:
+        return
+    entry = f"{key}={value}"
+    existing = [item.strip() for item in (env.get("SANDBOX_ENV") or "").split(",") if item.strip()]
+    filtered = [item for item in existing if not item.startswith(f"{key}=")]
+    filtered.append(entry)
+    env["SANDBOX_ENV"] = ",".join(filtered)
+
+
+def _remove_sandbox_env_keys(env: dict[str, str], keys: tuple[str, ...]) -> None:
+    existing = [item.strip() for item in (env.get("SANDBOX_ENV") or "").split(",") if item.strip()]
+    filtered = [
+        item for item in existing
+        if not any(item.startswith(f"{key}=") for key in keys)
+    ]
+    if filtered:
+        env["SANDBOX_ENV"] = ",".join(filtered)
+    else:
+        env.pop("SANDBOX_ENV", None)
+
+
+def _ensure_node_require(env: dict[str, str], script_path: str) -> None:
+    require_flag = f"--require={script_path}"
+    existing = (env.get("NODE_OPTIONS") or "").strip()
+    if require_flag in existing.split():
+        return
+    env["NODE_OPTIONS"] = f"{existing} {require_flag}".strip()
+
+
+def _remove_node_require(env: dict[str, str], script_path: str) -> None:
+    require_flag = f"--require={script_path}"
+    existing = (env.get("NODE_OPTIONS") or "").split()
+    filtered = [part for part in existing if part != require_flag]
+    if filtered:
+        env["NODE_OPTIONS"] = " ".join(filtered)
+    else:
+        env.pop("NODE_OPTIONS", None)
+
+
 def configured_route(state: dict, tool: str) -> str | None:
     route = state.get("defaults", {}).get(tool)
     if route in VALID_ROUTES:
@@ -467,6 +507,20 @@ def _capture_git_context(cwd: str | None = None) -> tuple[str, str]:
     return branch, commit
 
 
+def _capture_git_remote_url(cwd: str | None = None) -> str:
+    root = cwd or os.getcwd()
+    try:
+        r = subprocess.run(
+            ["git", "-C", root, "remote", "get-url", "origin"],
+            capture_output=True, text=True, timeout=2, check=False,
+        )
+        if r.returncode == 0:
+            return r.stdout.strip()
+    except (OSError, subprocess.SubprocessError):
+        pass
+    return ""
+
+
 def _resolve_matrx_context_overrides(
     state: dict,
     env: dict[str, str],
@@ -544,10 +598,13 @@ def _build_codex_env(
         if project_id:
             header_parts.append(f'"X-Matrx-Project-Id" = "{project_id}"')
         _git_branch, _git_commit = _capture_git_context(_workspace_cwd(env))
+        _git_repo_url = _capture_git_remote_url(_workspace_cwd(env))
         if _git_branch:
             header_parts.append(f'"X-Matrx-Branch" = "{_git_branch}"')
         if _git_commit:
             header_parts.append(f'"X-Matrx-Commit" = "{_git_commit}"')
+        if _git_repo_url:
+            header_parts.append(f'"X-Matrx-Repo-Url" = "{_git_repo_url}"')
         if env_b64:
             header_parts.append(f'"X-Matrx-Env" = "{env_b64}"')
         headers_str = ", ".join(header_parts)
@@ -589,6 +646,7 @@ def _build_gemini_env(
     proxy_base = ensure_v1_url(matrx.get("base_url"))
     mx_key, matrx_auth_source = _resolve_matrx_route_key(state, env)
     direct_key = (env.get("GEMINI_API_KEY") or env.get("GOOGLE_API_KEY") or "").strip()
+    bootstrap_script = str(Path(__file__).with_name("gemini_env_bootstrap.cjs").resolve())
 
     if route == "matrx":
         if not mx_key:
@@ -610,6 +668,7 @@ def _build_gemini_env(
         if runtime_agent_id:
             ctx_params.append(f"mtrx_agent={runtime_agent_id}")
         git_branch, git_commit = _capture_git_context(_workspace_cwd(env))
+        git_repo_url = _capture_git_remote_url(_workspace_cwd(env))
         if git_branch:
             ctx_params.append(f"mtrx_branch={git_branch}")
         if git_commit:
@@ -632,6 +691,8 @@ def _build_gemini_env(
             custom_headers.append(f"x-matrx-branch: {git_branch}")
         if git_commit:
             custom_headers.append(f"x-matrx-commit: {git_commit}")
+        if git_repo_url:
+            custom_headers.append(f"x-matrx-repo-url: {git_repo_url}")
         if env_b64:
             custom_headers.append(f"x-matrx-env: {env_b64}")
 
@@ -641,6 +702,27 @@ def _build_gemini_env(
         env["CODE_ASSIST_ENDPOINT"] = proxy_base
         env["GEMINI_CLI_CUSTOM_HEADERS"] = ", ".join(custom_headers)
         env["GEMINI_API_KEY_AUTH_MECHANISM"] = "bearer"
+        _ensure_node_require(env, bootstrap_script)
+        _append_sandbox_env(
+            env,
+            "MTRX_GEMINI_CUSTOM_HEADERS_B64",
+            base64.b64encode(env["GEMINI_CLI_CUSTOM_HEADERS"].encode("utf-8")).decode("ascii"),
+        )
+        _append_sandbox_env(
+            env,
+            "MTRX_CODE_ASSIST_ENDPOINT_B64",
+            base64.b64encode(env["CODE_ASSIST_ENDPOINT"].encode("utf-8")).decode("ascii"),
+        )
+        _append_sandbox_env(
+            env,
+            "MTRX_GEMINI_API_ENDPOINT_B64",
+            base64.b64encode(env["GEMINI_API_ENDPOINT"].encode("utf-8")).decode("ascii"),
+        )
+        _append_sandbox_env(
+            env,
+            "MTRX_GEMINI_API_KEY_AUTH_MECHANISM",
+            env["GEMINI_API_KEY_AUTH_MECHANISM"],
+        )
 
         return env, matrx_auth_source
 
@@ -655,6 +737,16 @@ def _build_gemini_env(
         value = (env.get(key) or "").strip()
         if "matrx" in value.lower() or "mtrx.so" in value.lower():
             env.pop(key, None)
+    _remove_node_require(env, bootstrap_script)
+    _remove_sandbox_env_keys(
+        env,
+        (
+            "MTRX_GEMINI_CUSTOM_HEADERS_B64",
+            "MTRX_CODE_ASSIST_ENDPOINT_B64",
+            "MTRX_GEMINI_API_ENDPOINT_B64",
+            "MTRX_GEMINI_API_KEY_AUTH_MECHANISM",
+        ),
+    )
 
     custom_headers = (env.get("GEMINI_CLI_CUSTOM_HEADERS") or "").strip().lower()
     if "x-matrx-" in custom_headers:
@@ -718,10 +810,13 @@ def _build_claude_env(
         if project_id:
             custom_headers += f"\nx-matrx-project-id: {project_id}"
         _git_branch, _git_commit = _capture_git_context(_workspace_cwd(env))
+        _git_repo_url = _capture_git_remote_url(_workspace_cwd(env))
         if _git_branch:
             custom_headers += f"\nx-matrx-branch: {_git_branch}"
         if _git_commit:
             custom_headers += f"\nx-matrx-commit: {_git_commit}"
+        if _git_repo_url:
+            custom_headers += f"\nx-matrx-repo-url: {_git_repo_url}"
         if env_b64:
             custom_headers += f"\nx-matrx-env: {env_b64}"
         env["ANTHROPIC_CUSTOM_HEADERS"] = custom_headers
@@ -973,6 +1068,12 @@ def _validate_gemini_launch_plan(plan: LaunchPlan, state: dict) -> None:
     if "x-matrx-agent-id:" not in custom_headers:
         raise ValueError("Gemini Matrx route is missing GEMINI_CLI_CUSTOM_HEADERS with X-Matrx-Agent-Id")
 
+    sandbox_env = (plan.env.get("SANDBOX_ENV") or "").strip()
+    if "MTRX_GEMINI_CUSTOM_HEADERS_B64=" not in sandbox_env:
+        raise ValueError("Gemini Matrx route is missing sandbox bootstrap for GEMINI_CLI_CUSTOM_HEADERS")
+    if "MTRX_CODE_ASSIST_ENDPOINT_B64=" not in sandbox_env:
+        raise ValueError("Gemini Matrx route is missing sandbox bootstrap for CODE_ASSIST_ENDPOINT")
+
 
 def _validate_codex_launch_plan(plan: LaunchPlan, state: dict) -> None:
     if plan.route != "matrx":

package/src/matrx/cli/main.py

@@ -144,7 +144,7 @@ def _build_parser() -> argparse.ArgumentParser:
     cursor.add_argument(
         "--launch",
         action="store_true",
-        help="Launch Cursor with proxy env (required for traffic to flow)",
+        help="Launch Cursor after applying the current Matrx settings",
     )
 
     return parser
@@ -932,6 +932,7 @@ def _cmd_launch(tool: str, route: str | None, remainder: list[str]) -> int:
 
 def _cmd_cursor(args) -> int:
     from matrx.cli.cursor_hooks import install_mtrx_hooks, is_mtrx_hooks_installed
+    from matrx.cli.cursor_service import is_proxy_running
     from matrx.cli.cursor_launcher import find_cursor_executable
 
     route = args.route
@@ -942,10 +943,13 @@ def _cmd_cursor(args) -> int:
         hooks_installed = is_mtrx_hooks_installed()
         base_url = ensure_v1_url(state.get("auth", {}).get("matrx", {}).get("base_url"))
         prev_path = config_dir() / "cursor-previous-settings.json"
+        legacy_proxy_prev_path = config_dir() / "cursor-proxy-previous-settings.json"
         configured = prev_path.exists()
+        legacy_proxy_active = is_proxy_running() or legacy_proxy_prev_path.exists()
         print("MTRX Cursor integration:")
         print(f"  mode: {'Base URL override (all models)' if configured else 'not configured'}")
         print(f"  hooks: {'active (sessionEnd, stop → telemetry)' if hooks_installed else 'not installed'}")
+        print(f"  legacy MITM proxy: {'active' if legacy_proxy_active else 'not active'}")
         if configured:
             print(f"  matrx: {base_url}")
         return 0
@@ -1001,6 +1005,11 @@ def _cmd_cursor(args) -> int:
             "Use `mtrx use cursor direct` to opt out.",
         )
 
+    # Ensure legacy MITM routing is fully torn down before enabling the
+    # current Cursor base-URL override flow. Leaving both active causes
+    # Cursor traffic to keep flowing through the old telemetry proxy.
+    _restore_cursor_if_needed()
+
     # Configure Cursor's Override Base URL — sends chat to MTRX (any model: Claude, GPT-5, Gemini, etc.)
     prev_path = config_dir() / "cursor-previous-settings.json"
     previous = configure_cursor_for_proxy(matrx_proxy_url, mx_key)