nexo-brain 2.5.0 → 2.6.0

package/.claude-plugin/plugin.json

@@ -0,0 +1,33 @@
+{
+  "name": "nexo-brain",
+  "version": "2.5.1",
+  "description": "Cognitive co-operator — persistent memory, learning, autonomous processes, Deep Sleep overnight analysis, unified diagnostics, executable skills, day orchestrator, and web dashboard for AI agents.",
+  "author": {
+    "name": "NEXO Brain",
+    "email": "info@nexo-brain.com",
+    "url": "https://nexo-brain.com"
+  },
+  "homepage": "https://nexo-brain.com",
+  "repository": "https://github.com/wazionapps/nexo",
+  "license": "AGPL-3.0",
+  "keywords": [
+    "memory",
+    "cognitive",
+    "autonomous",
+    "deep-sleep",
+    "learning",
+    "mcp",
+    "work-continuity",
+    "skills",
+    "doctor",
+    "dashboard"
+  ],
+  "mcpServers": "./.mcp.json",
+  "hooks": "./hooks/hooks.json",
+  "userConfig": {
+    "operator_name": {
+      "description": "What should your AI co-operator call itself? (default: NEXO)",
+      "sensitive": false
+    }
+  }
+}

package/.mcp.json

@@ -0,0 +1,12 @@
+{
+  "mcpServers": {
+    "nexo": {
+      "command": "${CLAUDE_PLUGIN_DATA}/.venv/bin/python3",
+      "args": ["${CLAUDE_PLUGIN_ROOT}/src/server.py"],
+      "env": {
+        "NEXO_HOME": "${CLAUDE_PLUGIN_DATA}",
+        "NEXO_CODE": "${CLAUDE_PLUGIN_ROOT}/src"
+      }
+    }
+  }
+}

package/README.md

@@ -6,7 +6,7 @@
 [![GitHub stars](https://img.shields.io/github/stars/wazionapps/nexo?style=social)](https://github.com/wazionapps/nexo/stargazers)
 [![License: AGPL-3.0](https://img.shields.io/badge/License-AGPL--3.0-blue.svg)](https://www.gnu.org/licenses/agpl-3.0)
 
-> The first AI memory system with architectural inhibitory control — the agent reasons about whether to act before acting. Cognitive Cortex, Context Continuity via auto-compaction hooks, Smart Startup, Context Packets, Auto-Prime, 30 Core Rules as DNA, auto-update, auto-diary, and CLAUDE.md version tracker. Battle-tested from 6 months of production use, validated via multi-AI debate.
+> The first AI memory system with architectural inhibitory control — the agent reasons about whether to act before acting. Cognitive Cortex, Context Continuity via auto-compaction hooks, Smart Startup, Context Packets, Auto-Prime, 30 Core Rules as DNA, auto-update, auto-diary, CLAUDE.md version tracker, personal scripts registry, and Claude Code plugin structure. Battle-tested from 6 months of production use, validated via multi-AI debate.
 
 **NEXO Brain transforms any MCP-compatible AI agent from a stateless assistant into a cognitive partner that remembers, learns, forgets, adapts, and builds a relationship with you over time.**
 
@@ -198,7 +198,7 @@ This means long sessions (8+ hours) feel like one continuous conversation instea
 
 ## Cognitive Features
 
-NEXO Brain provides **147+ MCP tools** across 20+ categories. These features implement cognitive science concepts that go beyond basic memory:
+NEXO Brain provides **144+ MCP tools** across 20+ categories. These features implement cognitive science concepts that go beyond basic memory:
 
 ### Input Pipeline
 
@@ -269,7 +269,7 @@ Full results in [`benchmarks/locomo/results/`](benchmarks/locomo/results/).
 
 ## Nervous System (v2.0.0)
 
-NEXO Brain doesn't just respond — it runs 15 autonomous processes in the background, like a biological nervous system. They handle maintenance, health monitoring, and self-improvement without any user interaction:
+NEXO Brain doesn't just respond — it runs 14 autonomous processes in the background, like a biological nervous system. They handle maintenance, health monitoring, and self-improvement without any user interaction:
 
 | Script | Schedule | What It Does |
 |--------|----------|-------------|
@@ -289,7 +289,7 @@ NEXO Brain doesn't just respond — it runs 15 autonomous processes in the backg
 | **watchdog** | Every 30 min | Monitors services, LaunchAgents, and infrastructure health |
 | **auto-close-sessions** | Every 5 min | Cleans stale sessions |
 
-Core processes are defined in `src/crons/manifest.json` and auto-synced to your system by `nexo_update`. On macOS they run via LaunchAgents; on Linux via systemd user timers. `tcc-approve`, `prevent-sleep`, and `backup` are platform/personal helpers — not in the manifest but listed above for completeness. Personal crons (your own scripts) are never touched by the sync. If your Mac was asleep during a scheduled process, the catch-up script re-runs everything in order when it wakes.
+Core processes are defined in `src/crons/manifest.json` and auto-synced to your system by `nexo_update`. On macOS they run via LaunchAgents; on Linux via systemd user timers. `tcc-approve`, `prevent-sleep`, and `backup` are platform/personal helpers — not in the manifest but listed above for completeness. Personal scripts (your own automations) are tracked separately in the Personal Scripts Registry and never touched by the core sync. If your Mac was asleep during a scheduled process, the catch-up script re-runs everything in order when it wakes.
 
 ## Deep Sleep v2 — Overnight Learning (v2.1.0)
 
@@ -390,7 +390,7 @@ This opens `localhost:6174` in your browser. Add `--port 8080` to change the por
 
 ## Full Orchestration System
 
-Memory alone doesn't make a co-operator. What makes the difference is the **behavioral loop** — the automated discipline that ensures every session starts informed, runs with guardrails, and ends with self-reflection.
+Memory alone doesn't make a co-operator. What makes the difference is the **behavioral loop** — the automated discipline that ensures every session starts informed, runs with guardrails, and ends with self-reflection. The hooks and lifecycle below are built into the core product. The optional Day Orchestrator (autonomous headless cycles) was removed from core in v2.6.0 — power users can set it up as a personal script.
 
 ### Automated Hooks
 
@@ -501,7 +501,7 @@ The installer handles everything:
     - Node.js project detected
   Configuring MCP server...
   Setting up nervous system...
-    15 autonomous processes configured.
+    14 autonomous processes configured.
     Dashboard configured at localhost:6174.
   Caffeinate enabled.
   Generating operator instructions...
@@ -532,23 +532,31 @@ That's it. No need to run `claude` manually. Your operator will greet you immedi
 | Component | What | Where |
 |-----------|------|-------|
 | Cognitive engine | Python: fastembed, numpy, vector search | pip packages |
-| MCP server | 147+ tools for memory, cognition, learning, guard | NEXO_HOME/ |
+| MCP server | 144+ tools for memory, cognition, learning, guard | NEXO_HOME/ |
 | Plugins | Guard, episodic memory, cognitive memory, entities, preferences, update, etc. | Code: src/plugins/, Personal: NEXO_HOME/plugins/ |
 | Hooks (7) | SessionStart, Stop, PostToolUse, PreCompact, PostCompact | NEXO_HOME/hooks/ |
-| Nervous system | 15 autonomous processes (decay, sleep, audit, evolution, watchdog, etc.) | NEXO_HOME/scripts/ |
-| Dashboard | Web UI at localhost:6174 (6 pages) | NEXO_HOME/dashboard/ |
+| Nervous system | 14 autonomous processes (decay, sleep, audit, evolution, watchdog, dashboard, etc.) | NEXO_HOME/scripts/ |
+| Dashboard | Web UI at localhost:6174 (23 modules, dark theme) — opt-in, always-on | NEXO_HOME/dashboard/ |
+| Runtime CLI | `nexo` command: chat, scripts, doctor, skills, update | NEXO_HOME/bin/ |
+| Doctor | Unified diagnostics: boot/runtime/deep tiers, `--fix` mode | src/doctor/ |
+| Skills v2 | Executable skills with guide/execute/hybrid modes, approval levels | NEXO_HOME/skills/ |
+| Personal Scripts Registry | User-defined scripts tracked in SQLite with scheduling, reconciliation, and 9 MCP tools | NEXO_HOME/scripts/ |
 | CLAUDE.md | Complete operator instructions (Codex, hooks, guard, trust, memory) | ~/.claude/CLAUDE.md |
 | Schedule config | schedule.json with customizable process times and timezone | NEXO_HOME/config/ |
 | Auto-update | Non-blocking startup check (5s max), opt-out via schedule.json | Built into server startup |
 | CLAUDE.md tracker | Version-tracked core sections with safe updates preserving customizations | Built into auto-update |
 | Auto-diary | 3-layer system: PostToolUse every 10 calls, PreCompact emergency, heartbeat DIARY_OVERDUE | Built into hooks |
-| Claude Code config | MCP server + 7 hooks + 15 processes registered | ~/.claude/settings.json |
+| Claude Code config | MCP server + 7 hooks + core processes registered | ~/.claude/settings.json |
 
 ### Runtime CLI
 
 After installation or auto-update, NEXO adds `NEXO_HOME/bin` to your shell `PATH`. Open a new terminal and the `nexo` command provides operational tools:
 
 ```bash
+# Claude Code
+nexo chat                    # Launch Claude Code in the current directory
+nexo chat ~/claude           # Launch Claude Code in a specific directory
+
 # Personal Scripts
 nexo scripts list              # List your personal scripts
 nexo scripts run my-script     # Run a script with injected NEXO env
@@ -570,7 +578,7 @@ nexo doctor --tier runtime --json  # Machine-readable health report
 nexo doctor --fix              # Apply deterministic repairs
 ```
 
-Personal scripts live in `NEXO_HOME/scripts/` with inline metadata. See `docs/writing-scripts.md` for details.
+Personal scripts live in `NEXO_HOME/scripts/` with inline metadata and are tracked in a first-class registry (SQLite). 9 MCP tools manage the full lifecycle: `nexo_personal_scripts_list`, `nexo_personal_script_create`, `nexo_personal_script_remove`, `nexo_personal_scripts_reconcile`, `nexo_personal_scripts_sync`, `nexo_personal_scripts_classify`, `nexo_personal_script_schedules`, `nexo_personal_script_unschedule`, `nexo_personal_scripts_ensure_schedules`. See `docs/writing-scripts.md` for details.
 
 Skills v2 combine procedural guides with optional executable scripts. Personal skills live in `NEXO_HOME/skills/`, packaged core skills live in `NEXO_CODE/skills/` during development and `NEXO_HOME/skills-core/` in installed environments, and staged runtime copies live in `NEXO_HOME/skills-runtime/`. Execution is fully autonomous: Deep Sleep can evolve mature guide skills into executable drafts automatically, and runtime execution no longer waits for manual approval. See `docs/skills-v2.md` for the full model.
 
@@ -580,7 +588,7 @@ The Doctor system reads existing health artifacts (immune, watchdog, self-audit)
 
 - **macOS or Linux** (Windows via [WSL](https://learn.microsoft.com/en-us/windows/wsl/install))
 - **Node.js 18+** (for the installer)
-- **Claude Opus (latest version) strongly recommended.** NEXO Brain provides 147+ MCP tools across 20+ categories. This cognitive load requires a top-tier model with large context window. Smaller models (Haiku, Sonnet) may struggle with tool selection and produce inconsistent results. Opus handles all 147+ tools without hesitation.
+- **Claude Opus (latest version) strongly recommended.** NEXO Brain provides 144+ MCP tools across 20+ categories. This cognitive load requires a top-tier model with large context window. Smaller models (Haiku, Sonnet) may struggle with tool selection and produce inconsistent results. Opus handles all 144+ tools without hesitation.
 - Python 3, Homebrew, and Claude Code are installed automatically if missing.
 
 ## Architecture
@@ -599,7 +607,7 @@ NEXO Brain separates **code** (immutable, in the repo or npm package) from **dat
 
 The plugin loader scans `src/plugins/` first (base), then `NEXO_HOME/plugins/` (personal override by filename). This dual-directory approach lets you extend NEXO without forking the repo.
 
-### 147+ MCP Tools across 20+ Categories
+### 144+ MCP Tools across 20+ Categories
 
 | Category | Count | Tools | Purpose |
 |----------|-------|-------|---------|
@@ -624,6 +632,7 @@ The plugin loader scans `src/plugins/` first (base), then `NEXO_HOME/plugins/` (
 | Adaptive & Somatic | 4 | adaptive_weights, adaptive_override, somatic_check, somatic_stats | Learned signal weights + pain memory per file |
 | Knowledge Graph | 4 | kg_query, kg_path, kg_neighbors, kg_stats | Bi-temporal entity-relationship graph |
 | Context Continuity | 2 | checkpoint_save, checkpoint_read | Auto-compaction session preservation |
+| Personal Scripts | 9 | personal_scripts_list, personal_script_create, personal_script_remove, personal_scripts_reconcile, personal_scripts_sync, personal_scripts_classify, personal_script_schedules, personal_script_unschedule, personal_scripts_ensure_schedules | First-class script registry with lifecycle, scheduling, and reconciliation |
 | Update | 1 | update | Pull latest code, backup, migrate, verify (with rollback) |
 
 ### Plugin System
@@ -682,7 +691,7 @@ NEXO Brain is designed as an MCP server. Claude Code is the primary supported cl
 npx nexo-brain
 ```
 
-All 147+ tools are available immediately after installation. The installer configures Claude Code's `~/.claude/settings.json` automatically.
+All 144+ tools are available immediately after installation. The installer configures Claude Code's `~/.claude/settings.json` automatically.
 
 ### OpenClaw
 
@@ -778,17 +787,33 @@ If NEXO Brain is useful to you, consider:
 
 [![Star History Chart](https://api.star-history.com/svg?repos=wazionapps/nexo&type=Date)](https://star-history.com/#wazionapps/nexo&Date)
 
-## Known Issues (v2.0.0)
+## Known Issues
 
-| Priority | Issue | Planned |
-|----------|-------|---------|
-| P0 | Credentials stored in plaintext SQLite — protect with filesystem permissions | v2.1.0 |
-| P0 | Shell hooks use SQL string interpolation (injection risk) | v2.1.0 |
-| P0 | Dashboard has no authentication (localhost only) | v2.1.0 |
-| P0 | Database migrations are fail-open (errors logged but not blocking) | v2.1.0 |
+| Priority | Issue | Status |
+|----------|-------|--------|
+| P1 | Credentials stored in plaintext SQLite — protect with filesystem permissions | Mitigated: secret redaction in tool logs (v2.4.0) |
+| P2 | Dashboard has no authentication (localhost only) | By design — bind to localhost, no remote access |
 
 ## Changelog
 
+### v2.6.0 — Personal Scripts Registry, Plugin Marketplace, Orchestrator Decoupled (2026-04-03)
+- **Personal Scripts Registry**: First-class script tracking in SQLite with 9 MCP tools for full lifecycle management — create, list, remove, schedule, unschedule, reconcile, sync, classify.
+- **Orchestrator removed from core**: Day Orchestrator decoupled from the product. Power users keep it as a personal script. Reduces complexity for standard installs.
+- **Claude Code plugin structure**: `plugin.json` + entry point for Anthropic marketplace submission.
+- **`nexo chat`**: Official CLI command to launch Claude Code with NEXO as operator.
+- **Managed Evolution hardening**: Can now modify core behavior modules with rollback followups. Fixed false-positive watchdog tamper detection.
+- **Cron reliability**: Hardened recovery, TCC diagnostics, keepalive sync, disabled optional cron respect.
+- **Duplicate learning prevention**: Exact-title guard before insert.
+
+### v2.5.0 — Runtime CLI, Doctor, Skills v2, Day Orchestrator (2026-04-03)
+- **Runtime CLI** (`nexo`): New operational CLI separate from installer. `nexo scripts list/run/doctor/call` for personal scripts, `nexo doctor` for diagnostics, `nexo skills apply` for executable skills, `nexo update` for one-step sync.
+- **Unified Doctor**: Modular diagnostic system with boot/runtime/deep tiers. Report-only by default, deterministic `--fix` mode. MCP tool `nexo_doctor`. LaunchAgent schedule drift detection and reconciliation.
+- **Skills v2**: Executable skills with guide/execute/hybrid modes. Security levels (read-only/local/remote) with explicit approval. Core vs personal vs community directories. Deep Sleep auto-evolution integration.
+- **Day Orchestrator**: Autonomous NEXO cycles every 15 min (8:00-23:00). *(Removed from core in v2.6.0 — available as personal script.)*
+- **Dashboard always-on**: Web UI at localhost:6174 as persistent LaunchAgent. 23 modules, Jinja2 templating, dark theme. Opt-in.
+- **Personal Scripts Framework**: Auto-discovery in NEXO_HOME/scripts/, inline metadata, runtime detection, forbidden-pattern validation. *(Promoted to first-class registry in v2.6.0.)*
+- Configurable operator name (UserContext singleton), watchdog normalized to 30 min, LaunchAgent drift fix.
+
 ### v2.4.0 — Skills, Cron Scheduler, Security, Full Audit (2026-04-03)
 - **Skill Auto-Creation**: Deep Sleep extracts reusable procedures from sessions. Content stored as markdown with steps and gotchas. Trust pipeline with autonomous quality control.
 - **Cron Scheduler**: execution tracking (`cron_runs` table), `nexo_schedule_status` and `nexo_schedule_add` MCP tools, universal cron wrapper for all processes.
@@ -811,9 +836,9 @@ If NEXO Brain is useful to you, consider:
 - **Auto-diary**: 3-layer system — PostToolUse every 10 calls, PreCompact emergency save, heartbeat DIARY_OVERDUE signal.
 - **CLAUDE.md version tracker**: Section markers enable safe core updates without losing user customizations.
 - **schedule.json**: Customizable process schedules with timezone support and `auto_update` flag.
-- **15 autonomous processes**: Added auto-close-sessions, synthesis, backup, tcc-approve, prevent-sleep (cross-platform).
+- **14 autonomous processes**: Added auto-close-sessions, synthesis, backup, tcc-approve, prevent-sleep (cross-platform).
 - **7 hooks**: SessionStart (timestamp + briefing), Stop, PostToolUse (capture + inbox), PreCompact, PostCompact.
-- **147+ MCP tools**: Added `nexo_update` tool for manual updates with rollback.
+- **144+ MCP tools**: Added `nexo_update` tool for manual updates with rollback.
 - **Lambda fix**: Decay values were 24x too aggressive (STM: 7h to 7d, LTM: 2.4d to 60d).
 - **Guard scoping**: Was returning 35+ irrelevant blocking rules; now scoped to area and gated to high/critical.
 - **12 rounds of external audit**: ~60 findings resolved.

package/bin/nexo-brain.js

@@ -15,6 +15,7 @@
  */
 
 const { execSync, spawnSync } = require("child_process");
+const crypto = require("crypto");
 const fs = require("fs");
 const path = require("path");
 const readline = require("readline");
@@ -59,13 +60,67 @@ function log(msg) {
   console.log(`  ${msg}`);
 }
 
+function syncWatchdogHashRegistry(nexoHome) {
+  try {
+    const watchdogPath = path.join(nexoHome, "scripts", "nexo-watchdog.sh");
+    if (!fs.existsSync(watchdogPath)) return;
+
+    const registryPath = path.join(nexoHome, "scripts", ".watchdog-hashes");
+    const entries = new Map();
+    if (fs.existsSync(registryPath)) {
+      for (const line of fs.readFileSync(registryPath, "utf8").split(/\r?\n/)) {
+        if (!line.includes("|")) continue;
+        const [filePath, expectedHash] = line.split("|");
+        if (filePath) entries.set(filePath, expectedHash || "");
+      }
+    }
+
+    const digest = crypto.createHash("sha256").update(fs.readFileSync(watchdogPath)).digest("hex");
+    entries.set(watchdogPath, digest);
+    const body = Array.from(entries.entries())
+      .sort(([a], [b]) => a.localeCompare(b))
+      .map(([filePath, hash]) => `${filePath}|${hash}`)
+      .join("\n");
+    fs.writeFileSync(registryPath, `${body}\n`);
+  } catch (err) {
+    log(`WARN: could not sync watchdog hash registry: ${err.message}`);
+  }
+}
+
+function isProtectedMacPath(candidate) {
+  if (process.platform !== "darwin" || !candidate) return false;
+  const homeDir = require("os").homedir();
+  const expanded = candidate.replace(/^~/, homeDir);
+  const resolved = path.resolve(expanded);
+  const protectedRoots = [
+    path.join(homeDir, "Documents"),
+    path.join(homeDir, "Desktop"),
+    path.join(homeDir, "Downloads"),
+    path.join(homeDir, "Library", "Mobile Documents"),
+  ];
+  return protectedRoots.some((root) => resolved === root || resolved.startsWith(`${root}${path.sep}`));
+}
+
+function logMacPermissionsNotice(nexoHome, pythonPath = "") {
+  if (!isProtectedMacPath(nexoHome)) return;
+  log("macOS protected-folder warning:");
+  log(`  NEXO_HOME is inside a protected folder: ${nexoHome}`);
+  log("  Background jobs may fail with 'Operation not permitted'.");
+  log("  Recommended: move NEXO_HOME outside Documents/Desktop/Downloads/iCloud Drive.");
+  log("  If you keep it there, grant Full Disk Access to /bin/bash and your Python runtime.");
+  if (pythonPath) {
+    log(`  Python runtime: ${pythonPath}`);
+  }
+  log("  System Settings → Privacy & Security → Full Disk Access");
+}
+
 // ══════════════════════════════════════════════════════════════════════════════
 // CORE PROCESS & HOOK DEFINITIONS
-// All 13 nightly/periodic processes and all 8 core hooks that make NEXO functional.
+// All core nightly/periodic processes and all 8 core hooks that make NEXO functional.
 // ══════════════════════════════════════════════════════════════════════════════
 
 /**
- * Complete definition of all 13 NEXO automated processes.
+ * Complete definition of all core NEXO automated processes.
  * Each entry specifies the script, its interpreter ("python" or "bash"),
  * the schedule type, and default schedule values.
  */
@@ -95,8 +150,6 @@ const ALL_PROCESSES = [
     type: "keepAlive", purpose: "Keep machine awake for nocturnal processes" },
   { name: "dashboard", script: "nexo-dashboard.sh", interpreter: "bash", scriptDir: "scripts",
     type: "keepAlive", optional: "dashboard", purpose: "Web dashboard at localhost:6174" },
-  { name: "day-orchestrator", script: "nexo-day-orchestrator.sh", interpreter: "bash", scriptDir: "scripts",
-    type: "keepAlive", optional: "orchestrator", purpose: "Autonomous NEXO cycles every 15 min (8:00-23:00)" },
   // --- Daily (times from schedule.json) ---
   { name: "cognitive-decay", script: "nexo-cognitive-decay.py", interpreter: "python", scriptDir: "scripts",
     type: "daily", defaultHour: 3, defaultMinute: 0, purpose: "Memory decay" },
@@ -741,7 +794,7 @@ async function main() {
         fs.writeFileSync(CLAUDE_SETTINGS, JSON.stringify(settings, null, 2));
         log("  All 8 core hooks registered in Claude Code settings.");
 
-        // Regenerate ALL 13 LaunchAgents / systemd timers
+        // Regenerate all core LaunchAgents / systemd timers
         const migSchedule = loadOrCreateSchedule(NEXO_HOME);
         const migPython = findVenvPython(NEXO_HOME) || "python3";
         let migOptionals = {};
@@ -865,6 +918,8 @@ async function main() {
         });
       }
 
+      logMacPermissionsNotice(NEXO_HOME, syncPython);
+
       log(`Already at v${currentVersion}. No migration needed.`);
       rl.close();
       return;
@@ -909,6 +964,7 @@ async function main() {
   }
   const pyVersion = run(`${python} --version`);
   log(`Found ${pyVersion} at ${python}`);
+  logMacPermissionsNotice(NEXO_HOME, python);
 
   // Find or install Claude Code
   let claudeInstalled = run("which claude");
@@ -972,9 +1028,6 @@ async function main() {
       dashboardQ: "  Enable web dashboard at localhost:6174?\n  (Always-on UI to explore memory, sessions, learnings, and system health)\n    1. Yes\n    2. No\n  > ",
       dashYes: "Dashboard enabled.",
       dashNo: "Dashboard disabled. You can start it manually: nexo dashboard",
-      orchestratorQ: "  Enable autonomous mode? (I'll work on my own every 15 min: check followups, emails, infra, and report by email)\n    1. Yes\n    2. No\n  > ",
-      orchYes: "Autonomous mode enabled. I'll be working for you 8:00-23:00.",
-      orchNo: "Autonomous mode disabled. I'll only work when you open a session.",
       autoInstallQ: "  Can I install tools automatically if I need them? (brew, pip, npm)\n    1. Yes, install whatever you need\n    2. Ask me before installing anything\n  > ",
       autoInstallYes: "Auto-install enabled.",
       autoInstallNo: "I'll ask before installing.",
@@ -1007,9 +1060,6 @@ async function main() {
       dashboardQ: "  ¿Activar el dashboard web en localhost:6174?\n  (UI siempre activa para explorar memoria, sesiones, learnings y salud del sistema)\n    1. Sí\n    2. No\n  > ",
       dashYes: "Dashboard activado.",
       dashNo: "Dashboard desactivado. Puedes iniciarlo manualmente: nexo dashboard",
-      orchestratorQ: "  ¿Activar modo autónomo? (Trabajo solo cada 15 min: reviso followups, emails, infra, y te informo por email)\n    1. Sí\n    2. No\n  > ",
-      orchYes: "Modo autónomo activado. Estaré trabajando para ti de 8:00 a 23:00.",
-      orchNo: "Modo autónomo desactivado. Solo trabajo cuando abras sesión.",
       autoInstallQ: "  ¿Puedo instalar herramientas automáticamente si las necesito? (brew, pip, npm)\n    1. Sí, instala lo que necesites\n    2. Pregúntame antes de instalar algo\n  > ",
       autoInstallYes: "Auto-instalación activada.",
       autoInstallNo: "Te preguntaré antes.",
@@ -1042,9 +1092,6 @@ async function main() {
       dashboardQ: "  Activer le dashboard web sur localhost:6174 ?\n  (UI toujours active pour explorer mémoire, sessions et santé du système)\n    1. Oui\n    2. Non\n  > ",
       dashYes: "Dashboard activé.",
       dashNo: "Dashboard désactivé. Démarrage manuel : nexo dashboard",
-      orchestratorQ: "  Activer le mode autonome ? (Je travaille seul toutes les 15 min : followups, emails, infra, rapport par email)\n    1. Oui\n    2. Non\n  > ",
-      orchYes: "Mode autonome activé. Je travaille pour vous de 8h à 23h.",
-      orchNo: "Mode autonome désactivé. Je travaille uniquement en session.",
       autoInstallQ: "  Puis-je installer des outils automatiquement ? (brew, pip, npm)\n    1. Oui\n    2. Demande-moi avant\n  > ",
       autoInstallYes: "Auto-installation activée.",
       autoInstallNo: "Je demanderai avant.",
@@ -1077,9 +1124,6 @@ async function main() {
       dashboardQ: "  Web-Dashboard auf localhost:6174 aktivieren?\n  (Immer aktive UI für Speicher, Sitzungen und Systemgesundheit)\n    1. Ja\n    2. Nein\n  > ",
       dashYes: "Dashboard aktiviert.",
       dashNo: "Dashboard deaktiviert. Manuell starten: nexo dashboard",
-      orchestratorQ: "  Autonomen Modus aktivieren? (Ich arbeite alle 15 Min selbstständig: Followups, E-Mails, Infra, Bericht per E-Mail)\n    1. Ja\n    2. Nein\n  > ",
-      orchYes: "Autonomer Modus aktiviert. Ich arbeite für dich von 8:00 bis 23:00.",
-      orchNo: "Autonomer Modus deaktiviert. Ich arbeite nur in Sitzungen.",
       autoInstallQ: "  Darf ich Tools automatisch installieren? (brew, pip, npm)\n    1. Ja\n    2. Frag mich vorher\n  > ",
       autoInstallYes: "Auto-Installation aktiviert.",
       autoInstallNo: "Frage vorher.",
@@ -1112,9 +1156,6 @@ async function main() {
       dashboardQ: "  Attivare la dashboard web su localhost:6174?\n  (UI sempre attiva per esplorare memoria, sessioni e salute del sistema)\n    1. Sì\n    2. No\n  > ",
       dashYes: "Dashboard attivata.",
       dashNo: "Dashboard disattivata. Avvio manuale: nexo dashboard",
-      orchestratorQ: "  Attivare la modalità autonoma? (Lavoro da solo ogni 15 min: followup, email, infra, report via email)\n    1. Sì\n    2. No\n  > ",
-      orchYes: "Modalità autonoma attivata. Lavoro per te dalle 8:00 alle 23:00.",
-      orchNo: "Modalità autonoma disattivata. Lavoro solo nelle sessioni.",
       autoInstallQ: "  Posso installare strumenti automaticamente? (brew, pip, npm)\n    1. Sì\n    2. Chiedimi prima\n  > ",
       autoInstallYes: "Auto-installazione attivata.",
       autoInstallNo: "Chiederò prima.",
@@ -1147,9 +1188,6 @@ async function main() {
       dashboardQ: "  Ativar dashboard web em localhost:6174?\n  (UI sempre ativa para explorar memória, sessões e saúde do sistema)\n    1. Sim\n    2. Não\n  > ",
       dashYes: "Dashboard ativado.",
       dashNo: "Dashboard desativado. Iniciar manualmente: nexo dashboard",
-      orchestratorQ: "  Ativar modo autônomo? (Trabalho sozinho a cada 15 min: followups, emails, infra, relatório por email)\n    1. Sim\n    2. Não\n  > ",
-      orchYes: "Modo autônomo ativado. Trabalho para você das 8:00 às 23:00.",
-      orchNo: "Modo autônomo desativado. Trabalho apenas nas sessões.",
       autoInstallQ: "  Posso instalar ferramentas automaticamente? (brew, pip, npm)\n    1. Sim\n    2. Pergunta antes\n  > ",
       autoInstallYes: "Auto-instalação ativada.",
       autoInstallNo: "Perguntarei antes.",
@@ -1269,7 +1307,6 @@ async function main() {
   let doScan = false;
   let doCaffeinate = false;
   let doDashboard = false;
-  let doOrchestrator = false;
   let autoInstall = "ask";
   if (!useDefaults) {
     const scanAnswer = await ask(t.scanQ);
@@ -1290,12 +1327,6 @@ async function main() {
     log(doDashboard ? `✓ ${t.dashYes}` : t.dashNo);
     console.log("");
 
-    // Step 6c: Day Orchestrator — autonomous NEXO cycles
-    const orchAnswer = await ask(t.orchestratorQ);
-    doOrchestrator = orchAnswer.trim() === "1" || orchAnswer.trim().toLowerCase().startsWith("y") || orchAnswer.trim().toLowerCase().startsWith("s");
-    log(doOrchestrator ? `✓ ${t.orchYes}` : t.orchNo);
-    console.log("");
-
     // Step 7: Auto-install permission (P11)
     const autoInstallAnswer = await ask(t.autoInstallQ);
     autoInstall = (autoInstallAnswer.trim() === "1" || autoInstallAnswer.trim().toLowerCase().startsWith("y") || autoInstallAnswer.trim().toLowerCase().startsWith("s")) ? "auto" : "ask";
@@ -1370,7 +1401,7 @@ async function main() {
       objective: "Improve operational excellence and reduce repeated errors",
       focus_areas: ["error_prevention", "proactivity", "memory_quality"],
       evolution_enabled: true,
-      evolution_mode: "review",
+      evolution_mode: "auto",
       dimensions: {
         episodic_memory: { current: 0, target: 90 },
         autonomy: { current: 0, target: 80 },
@@ -1502,6 +1533,7 @@ async function main() {
     fs.readdirSync(scriptsDest).filter(f => f.endsWith(".sh")).forEach(f => {
       fs.chmodSync(path.join(scriptsDest, f), "755");
     });
+    syncWatchdogHashRegistry(NEXO_HOME);
   }
 
   // Core skills are shipped separately from personal skills.
@@ -2033,10 +2065,10 @@ ${doScan ? `- Stack: ${Object.keys(profileData.code.languages || {}).slice(0, 5)
   fs.writeFileSync(CLAUDE_SETTINGS, JSON.stringify(settings, null, 2));
   log("MCP server + 8 core hooks configured in Claude Code settings.");
 
-  // Step 7: Create schedule.json (only on fresh install) and install ALL 13 processes
+  // Step 7: Create schedule.json (only on fresh install) and install core processes
   log("Setting up automated processes...");
   const schedule = loadOrCreateSchedule(NEXO_HOME);
-  const enabledOptionals = { dashboard: doDashboard, orchestrator: doOrchestrator };
+  const enabledOptionals = { dashboard: doDashboard };
   if (isEphemeralInstall(NEXO_HOME)) {
     log("Ephemeral HOME/NEXO_HOME detected — skipping LaunchAgents installation.");
   } else {

package/hooks/hooks.json

@@ -0,0 +1,14 @@
+{
+  "hooks": {
+    "SessionStart": [
+      {
+        "hooks": [
+          {
+            "type": "command",
+            "command": "diff -q \"${CLAUDE_PLUGIN_ROOT}/src/requirements.txt\" \"${CLAUDE_PLUGIN_DATA}/requirements.txt\" >/dev/null 2>&1 || (python3 -m venv \"${CLAUDE_PLUGIN_DATA}/.venv\" 2>/dev/null; cp \"${CLAUDE_PLUGIN_ROOT}/src/requirements.txt\" \"${CLAUDE_PLUGIN_DATA}/requirements.txt\"; \"${CLAUDE_PLUGIN_DATA}/.venv/bin/pip\" install --quiet -r \"${CLAUDE_PLUGIN_DATA}/requirements.txt\") || rm -f \"${CLAUDE_PLUGIN_DATA}/requirements.txt\""
+          }
+        ]
+      }
+    ]
+  }
+}

package/package.json

@@ -1,8 +1,8 @@
 {
   "name": "nexo-brain",
-  "version": "2.5.0",
+  "version": "2.6.0",
   "mcpName": "io.github.wazionapps/nexo",
-  "description": "NEXO — Cognitive co-operator for Claude Code. Memory, emotional intelligence, overnight learning (Deep Sleep), cron management, trust scoring, and adaptive calibration.",
+  "description": "NEXO — Cognitive co-operator for Claude Code. Memory, emotional intelligence, overnight learning (Deep Sleep), personal scripts registry, cron management, trust scoring, managed evolution, and adaptive calibration.",
   "bin": {
     "nexo-brain": "./bin/nexo-brain.js",
     "nexo": "./bin/nexo.js"
@@ -39,7 +39,16 @@
     "cron-manifest",
     "session-tone",
     "mood-tracking",
-    "productivity-analysis"
+    "productivity-analysis",
+    "runtime-cli",
+    "doctor",
+    "executable-skills",
+    "work-continuity",
+    "personal-scripts",
+    "script-registry",
+    "claude-code-plugin",
+    "managed-evolution",
+    "nexo-chat"
   ],
   "author": "NEXO Brain <info@nexo-brain.com>",
   "license": "AGPL-3.0",
@@ -63,6 +72,9 @@
     "!src/**/*.pyc",
     "!src/**/*.pyo",
     "templates/",
+    ".claude-plugin/",
+    ".mcp.json",
+    "hooks/hooks.json",
     "README.md",
     "LICENSE"
   ]

package/src/auto_update.py

@@ -8,6 +8,7 @@ This is separate from plugins/update.py which handles MANUAL updates with rollba
 """
 
 import json
+import hashlib
 import os
 import re
 import subprocess
@@ -56,6 +57,53 @@ def _write_last_check(data: dict):
         _log(f"Failed to write last-check file: {e}")
 
 
+def _sync_watchdog_hash_registry():
+    """Keep the immutable-hash registry aligned with the installed watchdog script."""
+    try:
+        watchdog_file = NEXO_HOME / "scripts" / "nexo-watchdog.sh"
+        if not watchdog_file.exists():
+            return
+        registry_file = NEXO_HOME / "scripts" / ".watchdog-hashes"
+        entries: dict[str, str] = {}
+        if registry_file.exists():
+            for line in registry_file.read_text().splitlines():
+                if "|" not in line:
+                    continue
+                filepath, expected = line.split("|", 1)
+                if filepath:
+                    entries[filepath] = expected
+        actual_hash = hashlib.sha256(watchdog_file.read_bytes()).hexdigest()
+        entries[str(watchdog_file)] = actual_hash
+        registry_file.write_text(
+            "\n".join(f"{filepath}|{digest}" for filepath, digest in sorted(entries.items())) + "\n"
+        )
+    except Exception as e:
+        _log(f"watchdog hash registry sync error: {e}")
+
+
+def _warn_protected_runtime_location():
+    """Log a targeted macOS TCC warning for risky NEXO_HOME locations."""
+    if sys.platform != "darwin":
+        return
+    try:
+        home = Path.home()
+        resolved = NEXO_HOME.resolve(strict=False)
+        protected_roots = (
+            home / "Documents",
+            home / "Desktop",
+            home / "Downloads",
+            home / "Library" / "Mobile Documents",
+        )
+        if any(resolved == root or root in resolved.parents for root in protected_roots):
+            _log(
+                "NEXO_HOME is inside a macOS protected folder. Background jobs may need Full Disk Access "
+                "for /bin/bash and the NEXO Python runtime, or NEXO_HOME should be moved outside "
+                "Documents/Desktop/Downloads/iCloud Drive."
+            )
+    except Exception as e:
+        _log(f"protected runtime warning skipped: {e}")
+
+
 def _is_git_repo() -> bool:
     """Check if REPO_DIR is inside a git repository."""
     try:
@@ -205,6 +253,24 @@ def _refresh_installed_manifest():
         _log(f"Manifest refresh warning: {e}")
 
 
+def _cleanup_retired_runtime_files():
+    """Remove retired core files that should not survive updates."""
+    retired = [
+        NEXO_HOME / "scripts" / "nexo-day-orchestrator.sh",
+    ]
+    for target in retired:
+        try:
+            if target.exists():
+                if target.is_dir():
+                    import shutil
+                    shutil.rmtree(target)
+                else:
+                    target.unlink()
+                _log(f"Removed retired runtime file: {target.name}")
+        except Exception as e:
+            _log(f"Retired runtime cleanup warning ({target.name}): {e}")
+
+
 def _sync_crons():
     """Sync cron definitions with manifest after a git pull."""
     try:
@@ -219,6 +285,7 @@ def _sync_crons():
                 _log(f"Cron sync failed (exit {result.returncode}): {result.stderr or result.stdout}")
                 return  # Don't refresh manifest if timers weren't actually updated
             _log("Synced cron definitions with manifest")
+        _cleanup_retired_runtime_files()
         # Refresh the installed manifest only after successful sync
         _refresh_installed_manifest()
     except Exception as e:
@@ -811,13 +878,14 @@ def auto_update_check() -> dict:
     # Backfill evolution-objective.json for existing installs
     try:
         evo_obj_path = NEXO_HOME / "brain" / "evolution-objective.json"
+        from evolution_cycle import normalize_objective
         if not evo_obj_path.exists():
             (NEXO_HOME / "brain").mkdir(parents=True, exist_ok=True)
             default_objective = {
                 "objective": "Improve operational excellence and reduce repeated errors",
                 "focus_areas": ["error_prevention", "proactivity", "memory_quality"],
                 "evolution_enabled": True,
-                "evolution_mode": "review",
+                "evolution_mode": "auto",
                 "dimensions": {
                     "episodic_memory": {"current": 0, "target": 90},
                     "autonomy": {"current": 0, "target": 80},
@@ -831,6 +899,12 @@ def auto_update_check() -> dict:
             }
             evo_obj_path.write_text(json.dumps(default_objective, indent=2))
             _log("Backfilled evolution-objective.json for existing install")
+        else:
+            raw_objective = json.loads(evo_obj_path.read_text())
+            normalized = normalize_objective(raw_objective)
+            if normalized != raw_objective:
+                evo_obj_path.write_text(json.dumps(normalized, indent=2, ensure_ascii=False))
+                _log("Normalized legacy evolution-objective.json")
     except Exception as e:
         _log(f"evolution-objective.json backfill error: {e}")
 
@@ -853,9 +927,12 @@ def auto_update_check() -> dict:
     except Exception as e:
         _log(f"scripts backfill error: {e}")
 
+    _sync_watchdog_hash_registry()
+    _warn_protected_runtime_location()
+
     # Backfill runtime CLI modules for existing installs
     try:
-        for fname in ("cli.py", "script_registry.py", "skills_runtime.py"):
+        for fname in ("cli.py", "script_registry.py", "skills_runtime.py", "cron_recovery.py"):
             src_file = SRC_DIR / fname
             dest_file = NEXO_HOME / fname
             if src_file.is_file() and (not dest_file.exists() or src_file.stat().st_mtime > dest_file.stat().st_mtime):