nexo-brain 2.5.0 → 2.5.1

package/README.md

@@ -535,8 +535,12 @@ That's it. No need to run `claude` manually. Your operator will greet you immedi
 | MCP server | 147+ tools for memory, cognition, learning, guard | NEXO_HOME/ |
 | Plugins | Guard, episodic memory, cognitive memory, entities, preferences, update, etc. | Code: src/plugins/, Personal: NEXO_HOME/plugins/ |
 | Hooks (7) | SessionStart, Stop, PostToolUse, PreCompact, PostCompact | NEXO_HOME/hooks/ |
-| Nervous system | 15 autonomous processes (decay, sleep, audit, evolution, watchdog, etc.) | NEXO_HOME/scripts/ |
-| Dashboard | Web UI at localhost:6174 (6 pages) | NEXO_HOME/dashboard/ |
+| Nervous system | 17 autonomous processes (decay, sleep, audit, evolution, watchdog, orchestrator, dashboard, etc.) | NEXO_HOME/scripts/ |
+| Dashboard | Web UI at localhost:6174 (23 modules, dark theme) — opt-in, always-on | NEXO_HOME/dashboard/ |
+| Runtime CLI | `nexo` command: scripts, doctor, skills, update | NEXO_HOME/bin/ |
+| Doctor | Unified diagnostics: boot/runtime/deep tiers, `--fix` mode | src/doctor/ |
+| Skills v2 | Executable skills with guide/execute/hybrid modes, approval levels | NEXO_HOME/skills/ |
+| Day Orchestrator | Autonomous cycles every 15 min (8:00-23:00) — opt-in | LaunchAgent |
 | CLAUDE.md | Complete operator instructions (Codex, hooks, guard, trust, memory) | ~/.claude/CLAUDE.md |
 | Schedule config | schedule.json with customizable process times and timezone | NEXO_HOME/config/ |
 | Auto-update | Non-blocking startup check (5s max), opt-out via schedule.json | Built into server startup |
@@ -789,6 +793,15 @@ If NEXO Brain is useful to you, consider:
 
 ## Changelog
 
+### v2.5.0 — Runtime CLI, Doctor, Skills v2, Day Orchestrator (2026-04-03)
+- **Runtime CLI** (`nexo`): New operational CLI separate from installer. `nexo scripts list/run/doctor/call` for personal scripts, `nexo doctor` for diagnostics, `nexo skills apply` for executable skills, `nexo update` for one-step sync.
+- **Unified Doctor**: Modular diagnostic system with boot/runtime/deep tiers. Report-only by default, deterministic `--fix` mode. MCP tool `nexo_doctor`. LaunchAgent schedule drift detection and reconciliation.
+- **Skills v2**: Executable skills with guide/execute/hybrid modes. Security levels (read-only/local/remote) with explicit approval. Core vs personal vs community directories. Deep Sleep auto-evolution integration.
+- **Day Orchestrator**: Autonomous NEXO cycles every 15 min (8:00-23:00). Launches Claude Code headless with full MCP. Checks followups, emails, infra — acts autonomously, emails user only when needed. Opt-in.
+- **Dashboard always-on**: Web UI at localhost:6174 as persistent LaunchAgent. 23 modules, Jinja2 templating, dark theme. Opt-in.
+- **Personal Scripts Framework**: Auto-discovery in NEXO_HOME/scripts/, inline metadata, runtime detection, forbidden-pattern validation, vendorable helper, template.
+- Configurable operator name (UserContext singleton), watchdog normalized to 30 min, LaunchAgent drift fix.
+
 ### v2.4.0 — Skills, Cron Scheduler, Security, Full Audit (2026-04-03)
 - **Skill Auto-Creation**: Deep Sleep extracts reusable procedures from sessions. Content stored as markdown with steps and gotchas. Trust pipeline with autonomous quality control.
 - **Cron Scheduler**: execution tracking (`cron_runs` table), `nexo_schedule_status` and `nexo_schedule_add` MCP tools, universal cron wrapper for all processes.

package/bin/nexo-brain.js

@@ -15,6 +15,7 @@
  */
 
 const { execSync, spawnSync } = require("child_process");
+const crypto = require("crypto");
 const fs = require("fs");
 const path = require("path");
 const readline = require("readline");
@@ -59,6 +60,33 @@ function log(msg) {
   console.log(`  ${msg}`);
 }
 
+function syncWatchdogHashRegistry(nexoHome) {
+  try {
+    const watchdogPath = path.join(nexoHome, "scripts", "nexo-watchdog.sh");
+    if (!fs.existsSync(watchdogPath)) return;
+
+    const registryPath = path.join(nexoHome, "scripts", ".watchdog-hashes");
+    const entries = new Map();
+    if (fs.existsSync(registryPath)) {
+      for (const line of fs.readFileSync(registryPath, "utf8").split(/\r?\n/)) {
+        if (!line.includes("|")) continue;
+        const [filePath, expectedHash] = line.split("|");
+        if (filePath) entries.set(filePath, expectedHash || "");
+      }
+    }
+
+    const digest = crypto.createHash("sha256").update(fs.readFileSync(watchdogPath)).digest("hex");
+    entries.set(watchdogPath, digest);
+    const body = Array.from(entries.entries())
+      .sort(([a], [b]) => a.localeCompare(b))
+      .map(([filePath, hash]) => `${filePath}|${hash}`)
+      .join("\n");
+    fs.writeFileSync(registryPath, `${body}\n`);
+  } catch (err) {
+    log(`WARN: could not sync watchdog hash registry: ${err.message}`);
+  }
+}
+
 // ══════════════════════════════════════════════════════════════════════════════
 // CORE PROCESS & HOOK DEFINITIONS
 // All 13 nightly/periodic processes and all 8 core hooks that make NEXO functional.
@@ -1370,7 +1398,7 @@ async function main() {
       objective: "Improve operational excellence and reduce repeated errors",
       focus_areas: ["error_prevention", "proactivity", "memory_quality"],
       evolution_enabled: true,
-      evolution_mode: "review",
+      evolution_mode: "auto",
       dimensions: {
         episodic_memory: { current: 0, target: 90 },
         autonomy: { current: 0, target: 80 },
@@ -1502,6 +1530,7 @@ async function main() {
     fs.readdirSync(scriptsDest).filter(f => f.endsWith(".sh")).forEach(f => {
       fs.chmodSync(path.join(scriptsDest, f), "755");
     });
+    syncWatchdogHashRegistry(NEXO_HOME);
   }
 
   // Core skills are shipped separately from personal skills.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nexo-brain",
-  "version": "2.5.0",
+  "version": "2.5.1",
   "mcpName": "io.github.wazionapps/nexo",
   "description": "NEXO — Cognitive co-operator for Claude Code. Memory, emotional intelligence, overnight learning (Deep Sleep), cron management, trust scoring, and adaptive calibration.",
   "bin": {
@@ -39,7 +39,12 @@
     "cron-manifest",
     "session-tone",
     "mood-tracking",
-    "productivity-analysis"
+    "productivity-analysis",
+    "runtime-cli",
+    "doctor",
+    "executable-skills",
+    "day-orchestrator",
+    "work-continuity"
   ],
   "author": "NEXO Brain <info@nexo-brain.com>",
   "license": "AGPL-3.0",

package/src/auto_update.py

@@ -8,6 +8,7 @@ This is separate from plugins/update.py which handles MANUAL updates with rollba
 """
 
 import json
+import hashlib
 import os
 import re
 import subprocess
@@ -56,6 +57,30 @@ def _write_last_check(data: dict):
         _log(f"Failed to write last-check file: {e}")
 
 
+def _sync_watchdog_hash_registry():
+    """Keep the immutable-hash registry aligned with the installed watchdog script."""
+    try:
+        watchdog_file = NEXO_HOME / "scripts" / "nexo-watchdog.sh"
+        if not watchdog_file.exists():
+            return
+        registry_file = NEXO_HOME / "scripts" / ".watchdog-hashes"
+        entries: dict[str, str] = {}
+        if registry_file.exists():
+            for line in registry_file.read_text().splitlines():
+                if "|" not in line:
+                    continue
+                filepath, expected = line.split("|", 1)
+                if filepath:
+                    entries[filepath] = expected
+        actual_hash = hashlib.sha256(watchdog_file.read_bytes()).hexdigest()
+        entries[str(watchdog_file)] = actual_hash
+        registry_file.write_text(
+            "\n".join(f"{filepath}|{digest}" for filepath, digest in sorted(entries.items())) + "\n"
+        )
+    except Exception as e:
+        _log(f"watchdog hash registry sync error: {e}")
+
+
 def _is_git_repo() -> bool:
     """Check if REPO_DIR is inside a git repository."""
     try:
@@ -811,13 +836,14 @@ def auto_update_check() -> dict:
     # Backfill evolution-objective.json for existing installs
     try:
         evo_obj_path = NEXO_HOME / "brain" / "evolution-objective.json"
+        from evolution_cycle import normalize_objective
         if not evo_obj_path.exists():
             (NEXO_HOME / "brain").mkdir(parents=True, exist_ok=True)
             default_objective = {
                 "objective": "Improve operational excellence and reduce repeated errors",
                 "focus_areas": ["error_prevention", "proactivity", "memory_quality"],
                 "evolution_enabled": True,
-                "evolution_mode": "review",
+                "evolution_mode": "auto",
                 "dimensions": {
                     "episodic_memory": {"current": 0, "target": 90},
                     "autonomy": {"current": 0, "target": 80},
@@ -831,6 +857,12 @@ def auto_update_check() -> dict:
             }
             evo_obj_path.write_text(json.dumps(default_objective, indent=2))
             _log("Backfilled evolution-objective.json for existing install")
+        else:
+            raw_objective = json.loads(evo_obj_path.read_text())
+            normalized = normalize_objective(raw_objective)
+            if normalized != raw_objective:
+                evo_obj_path.write_text(json.dumps(normalized, indent=2, ensure_ascii=False))
+                _log("Normalized legacy evolution-objective.json")
     except Exception as e:
         _log(f"evolution-objective.json backfill error: {e}")
 
@@ -853,6 +885,8 @@ def auto_update_check() -> dict:
     except Exception as e:
         _log(f"scripts backfill error: {e}")
 
+    _sync_watchdog_hash_registry()
+
     # Backfill runtime CLI modules for existing installs
     try:
         for fname in ("cli.py", "script_registry.py", "skills_runtime.py"):

package/src/cli.py

@@ -30,6 +30,17 @@ from pathlib import Path
 NEXO_HOME = Path(os.environ.get("NEXO_HOME", str(Path.home() / ".nexo")))
 NEXO_CODE = Path(os.environ.get("NEXO_CODE", str(Path(__file__).resolve().parent)))
 
+
+def _get_version() -> str:
+    """Read version from package.json automatically."""
+    for candidate in [NEXO_CODE.parent / "package.json", NEXO_HOME / "package.json"]:
+        try:
+            if candidate.is_file():
+                return json.loads(candidate.read_text()).get("version", "?")
+        except Exception:
+            continue
+    return "?"
+
 # Ensure src/ is on path for imports
 if str(NEXO_CODE) not in sys.path:
     sys.path.insert(0, str(NEXO_CODE))
@@ -357,6 +368,71 @@ def _update(args):
     return 0
 
 
+def _service_control(service_name: str, action: str) -> int:
+    """Control a LaunchAgent/systemd service: on, off, status."""
+    import platform as plat
+
+    label = f"com.nexo.{service_name}"
+
+    if plat.system() != "Darwin":
+        print(f"Service control only supported on macOS for now.", file=sys.stderr)
+        return 1
+
+    plist_path = Path.home() / "Library" / "LaunchAgents" / f"{label}.plist"
+    uid = os.getuid()
+
+    if action == "status":
+        result = subprocess.run(
+            ["launchctl", "list"],
+            capture_output=True, text=True,
+        )
+        running = label in (result.stdout or "")
+        if running:
+            print(f"{service_name}: running")
+        else:
+            print(f"{service_name}: stopped")
+        return 0
+
+    if action == "on":
+        if not plist_path.is_file():
+            print(f"LaunchAgent not found: {plist_path}", file=sys.stderr)
+            print(f"Run 'nexo-brain' to install it, or enable it during setup.", file=sys.stderr)
+            return 1
+        subprocess.run(
+            ["launchctl", "bootout", f"gui/{uid}", str(plist_path)],
+            capture_output=True,
+        )
+        result = subprocess.run(
+            ["launchctl", "bootstrap", f"gui/{uid}", str(plist_path)],
+            capture_output=True, text=True,
+        )
+        if result.returncode == 0:
+            print(f"{service_name}: started")
+        else:
+            print(f"Failed to start {service_name}: {result.stderr.strip()}", file=sys.stderr)
+            return 1
+        return 0
+
+    if action == "off":
+        result = subprocess.run(
+            ["launchctl", "bootout", f"gui/{uid}", str(plist_path)],
+            capture_output=True, text=True,
+        )
+        print(f"{service_name}: stopped")
+        return 0
+
+    print(f"Unknown action: {action}. Use on, off, or status.", file=sys.stderr)
+    return 1
+
+
+def _dashboard(args):
+    return _service_control("dashboard", args.action)
+
+
+def _orchestrator(args):
+    return _service_control("day-orchestrator", args.action)
+
+
 def _doctor(args):
     """Run unified doctor diagnostics."""
     try:
@@ -482,8 +558,27 @@ def _skills_evolution(args):
     return 0
 
 
+def _print_help():
+    v = _get_version()
+    print(f"""NEXO Runtime CLI v{v}
+
+Commands:
+  nexo doctor [--tier boot|runtime|deep|all] [--fix]   System diagnostics
+  nexo scripts list|run|doctor|call                    Personal scripts
+  nexo skills list|apply|sync|approve                  Executable skills
+  nexo update                                          Sync repo to NEXO_HOME
+  nexo dashboard on|off|status                         Web dashboard control
+  nexo orchestrator on|off|status                      Autonomous mode control
+
+Run 'nexo <command> --help' for details.
+Homepage: https://nexo-brain.com
+GitHub:   https://github.com/wazionapps/nexo""")
+
+
 def main():
-    parser = argparse.ArgumentParser(prog="nexo", description="NEXO Runtime CLI")
+    parser = argparse.ArgumentParser(prog="nexo", description="NEXO Runtime CLI", add_help=False)
+    parser.add_argument("-h", "--help", action="store_true", help="Show help")
+    parser.add_argument("-v", "--version", action="store_true", help="Show version")
     sub = parser.add_subparsers(dest="command")
 
     # -- scripts --
@@ -560,8 +655,23 @@ def main():
     skills_evolution_p = skills_sub.add_parser("evolution", help="Evolution candidates")
     skills_evolution_p.add_argument("--json", action="store_true", help="JSON output")
 
+    # -- dashboard --
+    dashboard_parser = sub.add_parser("dashboard", help="Web dashboard control")
+    dashboard_parser.add_argument("action", choices=["on", "off", "status"], help="Start, stop, or check dashboard")
+
+    # -- orchestrator --
+    orchestrator_parser = sub.add_parser("orchestrator", help="Autonomous mode control")
+    orchestrator_parser.add_argument("action", choices=["on", "off", "status"], help="Start, stop, or check orchestrator")
+
     args = parser.parse_args()
 
+    if args.help or (not args.command and not args.version):
+        _print_help()
+        return 0
+    if args.version:
+        print(f"nexo v{_get_version()}")
+        return 0
+
     if args.command == "scripts":
         if args.scripts_command == "list":
             return _scripts_list(args)
@@ -596,8 +706,12 @@ def main():
         else:
             skills_parser.print_help()
             return 0
+    elif args.command == "dashboard":
+        return _dashboard(args)
+    elif args.command == "orchestrator":
+        return _orchestrator(args)
     else:
-        parser.print_help()
+        _print_help()
         return 0
 
 

package/src/evolution_cycle.py

@@ -34,14 +34,83 @@ PROMPT_FILE = _resolve_evolution_file("evolution-prompt.md")
 MAX_SNAPSHOTS = 8
 
 
+def _normalize_dimensions(raw: dict | None) -> dict:
+    normalized = {}
+    for key, value in (raw or {}).items():
+        canonical_key = "agi" if key == "agi_readiness" else key
+        if isinstance(value, dict):
+            normalized[canonical_key] = {
+                "current": int(value.get("current", 0) or 0),
+                "target": int(value.get("target", 0) or 0),
+            }
+        else:
+            normalized[canonical_key] = {
+                "current": 0,
+                "target": int(value or 0),
+            }
+    return normalized
+
+
+def normalize_objective(obj: dict | None) -> dict:
+    """Upgrade legacy objective files to the canonical schema."""
+    source = dict(obj or {})
+
+    if "evolution_mode" in source:
+        mode = str(source.get("evolution_mode") or "auto").strip().lower()
+    else:
+        legacy_mode = str(source.get("review_mode") or "").strip().lower()
+        if legacy_mode in {"manual", "review"}:
+            mode = "review"
+        elif legacy_mode in {"managed", "hybrid", "owner", "core"}:
+            mode = "managed"
+        else:
+            mode = "auto"
+
+    if mode not in {"auto", "review", "managed"}:
+        mode = "auto"
+
+    dimensions = source.get("dimensions")
+    if not isinstance(dimensions, dict) or not dimensions:
+        dimensions = _normalize_dimensions(source.get("dimension_targets"))
+    else:
+        dimensions = _normalize_dimensions(dimensions)
+
+    defaults = {
+        "episodic_memory": {"current": 0, "target": 90},
+        "autonomy": {"current": 0, "target": 80},
+        "proactivity": {"current": 0, "target": 70},
+        "self_improvement": {"current": 0, "target": 60},
+        "agi": {"current": 0, "target": 20},
+    }
+    merged_dimensions = dict(defaults)
+    merged_dimensions.update(dimensions)
+
+    normalized = dict(source)
+    normalized["evolution_mode"] = mode
+    normalized["dimensions"] = merged_dimensions
+    normalized["total_evolutions"] = int(source.get("total_evolutions", source.get("cycles_completed", 0)) or 0)
+    normalized["last_evolution"] = source.get("last_evolution", source.get("last_cycle"))
+    normalized["total_proposals_made"] = int(source.get("total_proposals_made", 0) or 0)
+    normalized["total_auto_applied"] = int(source.get("total_auto_applied", 0) or 0)
+    normalized["consecutive_failures"] = int(source.get("consecutive_failures", 0) or 0)
+    normalized["history"] = source.get("history", []) if isinstance(source.get("history"), list) else []
+    normalized["evolution_enabled"] = bool(source.get("evolution_enabled", True))
+    normalized.pop("review_mode", None)
+    normalized.pop("dimension_targets", None)
+    normalized.pop("cycles_completed", None)
+    normalized.pop("last_cycle", None)
+    return normalized
+
+
 def load_objective() -> dict:
     if OBJECTIVE_FILE.exists():
-        return json.loads(OBJECTIVE_FILE.read_text())
-    return {}
+        return normalize_objective(json.loads(OBJECTIVE_FILE.read_text()))
+    return normalize_objective({})
 
 
 def save_objective(obj: dict):
-    OBJECTIVE_FILE.write_text(json.dumps(obj, indent=2, ensure_ascii=False))
+    OBJECTIVE_FILE.parent.mkdir(parents=True, exist_ok=True)
+    OBJECTIVE_FILE.write_text(json.dumps(normalize_objective(obj), indent=2, ensure_ascii=False))
 
 
 def get_week_data(db_path: str) -> dict:
@@ -196,9 +265,18 @@ def build_evolution_prompt(week_data: dict, objective: dict) -> str:
         "current_scores": {dim: m["score"] for dim, m in week_data.get("current_metrics", {}).items()},
     }
 
-    mode = objective.get("evolution_mode", "auto")
+    mode = normalize_objective(objective).get("evolution_mode", "auto")
     total = objective.get("total_evolutions", 0)
     max_auto = max_auto_changes(total)
+    if mode == "review":
+        mode_desc = "review-only, nothing executes automatically"
+        safe_zones = "~/.nexo/scripts/, ~/.nexo/plugins/, ~/.nexo/brain/"
+    elif mode == "managed":
+        mode_desc = f"owner-managed, max {max_auto} auto-applied changes with rollback and followups"
+        safe_zones = "~/.nexo/scripts/, ~/.nexo/plugins/, ~/.nexo/brain/, NEXO_CODE/src, repo bin/docs/templates/tests"
+    else:
+        mode_desc = f"public auto, max {max_auto} auto-applied changes in personal safe zones"
+        safe_zones = "~/.nexo/scripts/, ~/.nexo/plugins/"
 
     prompt = f"""You are NEXO Evolution — the weekly self-improvement cycle.
 
@@ -212,7 +290,7 @@ WEEK SUMMARY:
 - {stats['evolution_history']} past evolution proposals
 - Current scores: {json.dumps(stats['current_scores'])}
 
-MODE: {mode} ({"proposals only, owner reviews" if mode == "review" else f"max {max_auto} auto-applied changes"})
+MODE: {mode} ({mode_desc})
 CYCLE: #{total + 1}
 
 INVESTIGATE using these tools:
@@ -232,9 +310,11 @@ LOOK FOR:
 - Patterns in self-critique that suggest systemic issues
 
 SAFETY:
-- Safe zones for auto changes: ~/.nexo/scripts/, ~/.nexo/plugins/, ~/.nexo/brain/
+- Safe zones for this mode: {safe_zones}
 - IMMUTABLE files (never touch): db.py, server.py, plugin_loader.py, cognitive.py, CLAUDE.md
 - Every change needs: what file, what to change, why, risk, how to verify
+- AUTO changes must be deterministic. If the edit is ambiguous, risky, or needs human taste, mark it as "propose".
+- In managed mode, failed AUTO changes will be rolled back automatically and turned into followups with evidence.
 
 OUTPUT FORMAT (JSON):
 {{

package/src/plugins/evolution.py

@@ -43,8 +43,15 @@ def handle_evolution_history(limit: int = 10) -> str:
 
     lines = [f"EVOLUTION HISTORY ({len(history)} entries):"]
     for h in history:
-        status_icon = {"applied": "✓", "rolled_back": "✗", "proposed": "?",
-                       "accepted": "✓✓", "rejected": "✗✗"}.get(h["status"], "·")
+        status_icon = {
+            "applied": "✓",
+            "rolled_back": "↺",
+            "blocked": "⛔",
+            "proposed": "?",
+            "pending_review": "…",
+            "accepted": "✓✓",
+            "rejected": "✗✗",
+        }.get(h["status"], "·")
         lines.append(f"  {status_icon} #{h['id']} [{h['classification']}] {h['dimension']}")
         lines.append(f"    {h['proposal'][:100]}")
         if h.get("test_result"):

package/src/scripts/nexo-evolution-run.py

@@ -34,23 +34,6 @@ SANDBOX_DIR = CLAUDE_DIR / "sandbox" / "workspace"
 MAX_CONSECUTIVE_FAILURES = 3
 MAX_SNAPSHOTS = 8
 
-# ── Safe zones for AUTO execution ────────────────────────────────────────
-# "review" mode (owner): broader zones, but nothing executes without approval
-# "auto" mode (public users): restricted to user scripts and plugins ONLY
-AUTO_SAFE_PREFIXES = [
-    str(CLAUDE_DIR / "scripts") + "/",
-    str(CLAUDE_DIR / "brain") + "/",
-    str(NEXO_CODE / "plugins") + "/",
-    str(CLAUDE_DIR / "logs") + "/",
-    str(CLAUDE_DIR / "coordination") + "/",
-]
-
-# Public mode: user scripts and plugins only — NEVER core code
-AUTO_SAFE_PREFIXES_PUBLIC = [
-    str(CLAUDE_DIR / "scripts") + "/",
-    str(CLAUDE_DIR / "plugins") + "/",
-]
-
 # ── Immutable files — NEVER touch (applies to ALL modes) ────────────────
 IMMUTABLE_FILES = {
     "db.py", "server.py", "plugin_loader.py", "nexo-watchdog.sh",
@@ -64,6 +47,52 @@ IMMUTABLE_FILES = {
     "tools_task_history.py", "tools_menu.py",
 }
 
+
+def _repo_root() -> Path | None:
+    candidate = NEXO_CODE.parent
+    if (candidate / "package.json").exists():
+        return candidate
+    return None
+
+
+def _public_safe_prefixes() -> list[str]:
+    return [
+        str(CLAUDE_DIR / "scripts") + "/",
+        str(CLAUDE_DIR / "plugins") + "/",
+        str(CLAUDE_DIR / "skills") + "/",
+        str(CLAUDE_DIR / "skills-runtime") + "/",
+    ]
+
+
+def _managed_safe_prefixes() -> list[str]:
+    prefixes = [
+        str(CLAUDE_DIR / "scripts") + "/",
+        str(CLAUDE_DIR / "plugins") + "/",
+        str(CLAUDE_DIR / "brain") + "/",
+        str(CLAUDE_DIR / "coordination") + "/",
+        str(CLAUDE_DIR / "logs") + "/",
+        str(CLAUDE_DIR / "skills") + "/",
+        str(CLAUDE_DIR / "skills-core") + "/",
+        str(CLAUDE_DIR / "skills-runtime") + "/",
+        str(NEXO_CODE) + "/",
+    ]
+    repo_root = _repo_root()
+    if repo_root:
+        for rel in ("bin", "docs", "templates", "tests"):
+            prefixes.append(str(repo_root / rel) + "/")
+    return prefixes
+
+
+def _normalize_mode(mode: str) -> str:
+    value = str(mode or "auto").strip().lower()
+    aliases = {
+        "owner": "managed",
+        "core": "managed",
+        "hybrid": "managed",
+        "manual": "review",
+    }
+    return aliases.get(value, value if value in {"auto", "review", "managed"} else "auto")
+
 # ── Claude CLI path ──────────────────────────────────────────────────────
 def _resolve_claude_cli() -> Path:
     """Find claude CLI: saved path > PATH > common locations."""
@@ -162,16 +191,18 @@ def call_claude_cli(prompt: str) -> str:
 # ── File safety validation ───────────────────────────────────────────────
 def is_safe_path(filepath: str, mode: str = "auto") -> bool:
     """Check if a file path is within safe zones and not immutable.
-    mode='auto' (public): restricted to scripts/ and plugins/ only.
-    mode='review' (owner): broader zones but nothing executes without approval anyway.
+    mode='auto' (public): restricted to personal automation surfaces.
+    mode='managed' (owner): broader repo/core surfaces with rollback.
+    mode='review': broader zones for proposal validation, but no execution.
     """
     expanded = str(Path(filepath).expanduser().resolve())
     filename = Path(expanded).name
+    mode = _normalize_mode(mode)
 
     if filename in IMMUTABLE_FILES:
         return False
 
-    prefixes = AUTO_SAFE_PREFIXES if mode == "review" else AUTO_SAFE_PREFIXES_PUBLIC
+    prefixes = _managed_safe_prefixes() if mode in {"managed", "review"} else _public_safe_prefixes()
     for prefix in prefixes:
         resolved_prefix = str(Path(prefix).expanduser().resolve())
         if expanded.startswith(resolved_prefix):
@@ -218,13 +249,13 @@ def validate_syntax(filepath: str) -> tuple[bool, str]:
 
 
 # ── Apply a single change operation ──────────────────────────────────────
-def apply_change(change: dict) -> tuple[bool, str]:
+def apply_change(change: dict, mode: str = "auto") -> tuple[bool, str]:
     """Apply a single file change operation. Returns (success, message)."""
     filepath = str(Path(change["file"]).expanduser())
     operation = change.get("operation", "")
     content = change.get("content", "")
 
-    if not is_safe_path(filepath):
+    if not is_safe_path(filepath, mode=mode):
         return False, f"BLOCKED: {filepath} is outside safe zones or immutable"
 
     try:
@@ -269,7 +300,7 @@ def apply_change(change: dict) -> tuple[bool, str]:
 
 
 # ── Execute AUTO proposals ───────────────────────────────────────────────
-def execute_auto_proposal(proposal: dict, cycle_num: int, conn: sqlite3.Connection) -> dict:
+def execute_auto_proposal(proposal: dict, cycle_num: int, conn: sqlite3.Connection, mode: str = "auto") -> dict:
     """Execute an AUTO proposal with snapshot/apply/validate/rollback."""
     changes = proposal.get("changes", [])
     if not changes:
@@ -278,7 +309,7 @@ def execute_auto_proposal(proposal: dict, cycle_num: int, conn: sqlite3.Connecti
     # Validate all paths first
     for change in changes:
         filepath = str(Path(change["file"]).expanduser())
-        if not is_safe_path(filepath):
+        if not is_safe_path(filepath, mode=mode):
             return {"status": "blocked", "reason": f"Unsafe path: {filepath}"}
 
     # Collect files to snapshot (existing files only)
@@ -299,7 +330,7 @@ def execute_auto_proposal(proposal: dict, cycle_num: int, conn: sqlite3.Connecti
     all_results = []
     try:
         for change in changes:
-            success, msg = apply_change(change)
+            success, msg = apply_change(change, mode=mode)
             all_results.append(msg)
             log(f"    {msg}")
             if not success:
@@ -343,57 +374,102 @@ def execute_auto_proposal(proposal: dict, cycle_num: int, conn: sqlite3.Connecti
                     log(f"  Removed created file: {filepath}")
 
         return {
-            "status": "failed",
+            "status": "rolled_back",
             "snapshot_ref": snapshot_ref,
             "files_changed": [],
             "test_result": f"ROLLBACK: {e}; " + "; ".join(all_results),
         }
 
 
-# ── Review followup for owner mode ──────────────────────────────────────
-def _create_review_followup(conn: sqlite3.Connection, cycle_num: int,
-                            items: list[dict], analysis: str):
-    """Create a followup summarizing Evolution proposals for owner review."""
+# ── Followups for managed/review modes ──────────────────────────────────
+def _insert_followup(conn: sqlite3.Connection, followup_id: str, description: str,
+                     verification: str, due_date: str | None = None):
+    now_epoch = datetime.now().timestamp()
+    conn.execute(
+        "INSERT OR REPLACE INTO followups (id, description, date, status, verification, created_at, updated_at) "
+        "VALUES (?, ?, ?, 'PENDING', ?, ?, ?)",
+        (followup_id, description, due_date, verification, now_epoch, now_epoch)
+    )
+    conn.commit()
+
+
+def _create_cycle_followup(conn: sqlite3.Connection, cycle_num: int,
+                           items: list[dict], analysis: str, mode: str):
+    """Create a followup summarizing pending proposals or owner review items."""
     tomorrow = (date.today() + timedelta(days=1)).isoformat()
     followup_id = f"NF-EVO-C{cycle_num}"
 
     public_items = [i for i in items if i.get("scope") == "public"]
     local_items = [i for i in items if i.get("scope") != "public"]
 
-    lines = [f"Evolution Cycle #{cycle_num} — {len(items)} proposals to review."]
+    title = "proposals to review" if mode == "review" else "items needing attention"
+    lines = [f"Evolution Cycle #{cycle_num} — {len(items)} {title}."]
     lines.append(f"Analysis: {analysis[:200]}")
     lines.append("")
 
     if public_items:
         lines.append(f"FOR EVERYONE ({len(public_items)}):")
         for i, item in enumerate(public_items, 1):
-            lines.append(f"  {i}. [{item['dimension']}] {item['action'][:120]}")
+            status = item.get("status", "proposed").upper()
+            lines.append(f"  {i}. [{status}] [{item['dimension']}] {item['action'][:120]}")
             lines.append(f"     Why: {item['reasoning'][:100]}")
+            if item.get("detail"):
+                lines.append(f"     Detail: {item['detail'][:160]}")
         lines.append("")
 
     if local_items:
         lines.append(f"FOR YOU ONLY ({len(local_items)}):")
         for i, item in enumerate(local_items, 1):
-            lines.append(f"  {i}. [{item['dimension']}] {item['action'][:120]}")
+            status = item.get("status", "proposed").upper()
+            lines.append(f"  {i}. [{status}] [{item['dimension']}] {item['action'][:120]}")
             lines.append(f"     Why: {item['reasoning'][:100]}")
+            if item.get("detail"):
+                lines.append(f"     Detail: {item['detail'][:160]}")
 
     description = "\n".join(lines)
 
     try:
-        now_epoch = datetime.now().timestamp()
-        conn.execute(
-            "INSERT OR REPLACE INTO followups (id, description, date, status, verification, created_at, updated_at) "
-            "VALUES (?, ?, ?, 'pending', ?, ?, ?)",
-            (followup_id, description, tomorrow,
-             f"SELECT * FROM evolution_log WHERE cycle_number={cycle_num}",
-             now_epoch, now_epoch)
+        _insert_followup(
+            conn,
+            followup_id,
+            description,
+            f"SELECT * FROM evolution_log WHERE cycle_number={cycle_num}",
+            due_date=tomorrow,
         )
-        conn.commit()
         log(f"  Followup {followup_id} created for {tomorrow}")
     except Exception as e:
         log(f"  WARN: Failed to create followup: {e}")
 
 
+def _create_failure_followup(conn: sqlite3.Connection, cycle_num: int, log_id: int,
+                             proposal: dict, result: dict):
+    """Create an incident-style followup for a failed or blocked AUTO proposal."""
+    followup_id = f"NF-EVO-L{log_id}"
+    lines = [
+        f"Evolution AUTO proposal failed in cycle #{cycle_num}.",
+        f"Action: {proposal.get('action', '')[:200]}",
+        f"Dimension: {proposal.get('dimension', 'other')}",
+        f"Status: {result.get('status', 'failed')}",
+        f"Reason: {(result.get('reason') or result.get('test_result') or 'unknown')[:400]}",
+    ]
+    snapshot_ref = result.get("snapshot_ref")
+    if snapshot_ref:
+        lines.append(f"Snapshot: {snapshot_ref}")
+    description = "\n".join(lines)
+
+    try:
+        _insert_followup(
+            conn,
+            followup_id,
+            description,
+            f"SELECT * FROM evolution_log WHERE id={log_id}",
+            due_date=(date.today() + timedelta(days=1)).isoformat(),
+        )
+        log(f"  Failure followup {followup_id} created")
+    except Exception as e:
+        log(f"  WARN: Failed to create failure followup: {e}")
+
+
 # ── Main run ─────────────────────────────────────────────────────────────
 def run():
     log("=" * 60)
@@ -482,14 +558,12 @@ def run():
     max_auto = max_auto_changes(objective.get("total_evolutions", 0))
     auto_count = 0
     auto_applied = 0
-    evolution_mode = objective.get("evolution_mode", "auto")  # "auto" (public) or "review" (owner)
+    evolution_mode = _normalize_mode(objective.get("evolution_mode", "auto"))
 
     conn = sqlite3.connect(str(NEXO_DB), timeout=10)
     conn.execute("PRAGMA busy_timeout=5000")
 
-    # In "review" mode: log everything as pending_review, create followup
-    # In "auto" mode: execute AUTO proposals, log PROPOSE as proposed
-    review_items = []
+    followup_items = []
 
     for p in proposals:
         classification = p.get("classification", "propose")
@@ -499,30 +573,29 @@ def run():
         scope = p.get("scope", "local")  # "public" or "local"
 
         if evolution_mode == "review":
-            # Owner mode: nothing executes, everything queued for review
             log(f"  QUEUED [{scope}]: {action[:80]}")
             conn.execute(
                 "INSERT INTO evolution_log (cycle_number, dimension, proposal, classification, "
                 "reasoning, status) VALUES (?, ?, ?, ?, ?, ?)",
                 (cycle_num, dimension, action, classification, reasoning, "pending_review")
             )
-            review_items.append({
+            followup_items.append({
                 "dimension": dimension,
                 "action": action,
                 "reasoning": reasoning,
                 "scope": scope,
                 "classification": classification,
+                "status": "pending_review",
             })
 
         elif classification == "auto" and auto_count < max_auto:
-            # Public mode: execute AUTO proposals
             auto_count += 1
             log(f"  AUTO #{auto_count}/{max_auto}: {action[:80]}")
 
-            result = execute_auto_proposal(p, cycle_num, conn)
+            result = execute_auto_proposal(p, cycle_num, conn, mode=evolution_mode)
             status = result["status"]
 
-            conn.execute(
+            cur = conn.execute(
                 "INSERT INTO evolution_log (cycle_number, dimension, proposal, classification, "
                 "reasoning, status, files_changed, snapshot_ref, test_result) "
                 "VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)",
@@ -531,16 +604,20 @@ def run():
                  result.get("snapshot_ref", ""),
                  result.get("test_result", ""))
             )
+            log_id = cur.lastrowid
 
             if status == "applied":
                 auto_applied += 1
                 log(f"    APPLIED successfully")
             elif status == "blocked":
-                log(f"    BLOCKED: {result.get('test_result', '')}")
+                detail = result.get("reason") or result.get("test_result", "")
+                log(f"    BLOCKED: {detail[:100]}")
+                _create_failure_followup(conn, cycle_num, log_id, p, result)
             elif status == "skipped":
                 log(f"    SKIPPED: {result.get('reason', '')}")
             else:
-                log(f"    FAILED: {result.get('test_result', '')[:100]}")
+                log(f"    ROLLED BACK: {result.get('test_result', '')[:100]}")
+                _create_failure_followup(conn, cycle_num, log_id, p, result)
 
         else:
             # PROPOSE or over auto limit
@@ -555,12 +632,20 @@ def run():
                 "reasoning, status) VALUES (?, ?, ?, ?, ?, ?)",
                 (cycle_num, dimension, action, classification, reasoning, "proposed")
             )
+            if evolution_mode in {"review", "managed"}:
+                followup_items.append({
+                    "dimension": dimension,
+                    "action": action,
+                    "reasoning": reasoning,
+                    "scope": scope,
+                    "classification": classification,
+                    "status": "proposed",
+                })
 
     conn.commit()
 
-    # In review mode: create followup for owner
-    if evolution_mode == "review" and review_items:
-        _create_review_followup(conn, cycle_num, review_items, response.get("analysis", ""))
+    if evolution_mode in {"review", "managed"} and followup_items:
+        _create_cycle_followup(conn, cycle_num, followup_items, response.get("analysis", ""), evolution_mode)
 
     # Update metrics
     scores = response.get("dimension_scores", {})
@@ -591,6 +676,7 @@ def run():
     objective.setdefault("history", []).insert(0, {
         "cycle": cycle_num,
         "date": str(date.today()),
+        "mode": evolution_mode,
         "proposals": len(proposals),
         "auto_count": auto_count,
         "auto_applied": auto_applied,