nexo-brain 5.9.1 → 5.10.0

package/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "nexo-brain",
-  "version": "5.9.1",
+  "version": "5.10.0",
   "description": "Local cognitive runtime for Claude Code \u2014 persistent memory, overnight learning, doctor diagnostics, personal scripts, recovery-aware jobs, startup preflight, and optional dashboard/power helper.",
   "author": {
     "name": "NEXO Brain",

package/README.md

@@ -18,7 +18,9 @@
 
 [Watch the overview video](https://nexo-brain.com/watch/) · [Watch on YouTube](https://www.youtube.com/watch?v=i2lkGhKyVqI) · [Open the infographic](https://nexo-brain.com/assets/nexo-brain-infographic-v5.png)
 
-Version `5.9.1` is the current packaged-runtime line: adds `default_resonance` to `brain/calibration.json` via the Desktop-facing schema (`nexo schema --json`), so NEXO Desktop's Preferences dialog renders a select with `Máximo` / `Alto (recomendado)` / `Medio` / `Bajo` automatically — no Desktop release needed. `resolve_tier_for_caller` reads calibration first and falls back to the legacy `schedule.json` location. `nexo preferences --resonance` writes both. The UI control only affects interactive sessions (`nexo chat`, Desktop new conversation, interactive `nexo update`); crons and background processes stay pinned per caller in `resonance_map.py`.
+Version `5.10.0` is the current packaged-runtime line: fixes the deep-sleep extract bloat that made Session 1 take ~57 minutes on some installs (new `bare_mode` on `run_automation_prompt` wires `claude --bare` for JSON-only extractor callers — ~4.3× faster per child, sourced from `ANTHROPIC_API_KEY` env or `~/.claude/anthropic-api-key.txt`). `caller=` is now **mandatory** on `run_automation_prompt` — no silent fallback; every automation subprocess traces back to a registered caller with a deliberate tier. Five personal scripts (`personal/email-monitor`, `personal/github-monitor`, `personal/post-x`, `personal/followup-runner`, `personal/orchestrator-v2`) joined the resonance map with tiers picked per caller based on what each one does. gbp/* marketing posts bumped from `medio` to `alto` (public-facing copy, quality first over speed). 65 legacy protocol debts bulk-resolved as part of the audit — the patterns that generated them are structurally closed by mandatory `caller=` + unified session log + bare_mode.
+
+Previously in `5.9.1`: adds `default_resonance` to `brain/calibration.json` via the Desktop-facing schema (`nexo schema --json`), so NEXO Desktop's Preferences dialog renders a select with `Máximo` / `Alto (recomendado)` / `Medio` / `Bajo` automatically — no Desktop release needed. `resolve_tier_for_caller` reads calibration first and falls back to the legacy `schedule.json` location. `nexo preferences --resonance` writes both. The UI control only affects interactive sessions (`nexo chat`, Desktop new conversation, interactive `nexo update`); crons and background processes stay pinned per caller in `resonance_map.py`.
 
 Previously in `5.9.0`: every Claude/Codex invocation now flows through a central **resonance map** and a **unified session log**. Four tiers (`MAXIMO` / `ALTO` / `MEDIO` / `BAJO`) each resolve to a concrete `(model, reasoning_effort)` pair per backend. User-facing callers (`nexo chat`, Desktop new conversation, interactive `nexo update`) honour the user's `default_resonance` preference; system-owned callers (deep-sleep, evolution, catchup, GBP posts, …) run at a fixed tier chosen per caller in `src/resonance_map.py` — the user's preference never downgrades a cron we decided needs `MAXIMO`. Unknown callers raise `UnregisteredCallerError`. Migration #41 adds `caller`, `session_type`, `started_at`, `ended_at`, `pid`, `resonance_tier` to `automation_runs`; interactive sessions record a row at spawn (with `ended_at=NULL`) and update it on close, so the Brain now has a single source of truth for every Claude/Codex call regardless of origin. New `nexo preferences --resonance` CLI. New MCP tools `nexo_session_log_create` / `nexo_session_log_close` let NEXO Desktop (which spawns `claude` directly from its TypeScript process) feed the same log.
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nexo-brain",
-  "version": "5.9.1",
+  "version": "5.10.0",
   "mcpName": "io.github.wazionapps/nexo",
   "description": "NEXO Brain \u2014 Shared brain for AI agents. Persistent memory, semantic RAG, natural forgetting, metacognitive guard, trust scoring, 150+ MCP tools. Works with Claude Code, Codex, Claude Desktop & any MCP client. 100% local, free.",
   "homepage": "https://nexo-brain.com",

package/src/agent_runner.py

@@ -792,6 +792,52 @@ def _build_enforcement_system_prompt() -> str:
     return "\n".join(lines) if (must_rules or should_rules) else ""
 
 
+_ANTHROPIC_API_KEY_SEARCH_PATHS = (
+    Path.home() / ".claude" / "anthropic-api-key.txt",
+    Path.home() / ".nexo" / "config" / "anthropic-api-key.txt",
+)
+
+
+def _resolve_anthropic_api_key() -> str:
+    """Locate an Anthropic API key for bare-mode invocations.
+
+    ``claude --bare`` skips macOS Keychain auth entirely, so the child
+    must find the API key in ``ANTHROPIC_API_KEY`` or via ``apiKeyHelper``.
+    Rather than forcing the operator to export the key in every shell, we
+    check the two conventional NEXO locations:
+
+        ~/.claude/anthropic-api-key.txt
+        ~/.nexo/config/anthropic-api-key.txt
+
+    Returns the trimmed key string, or "" if none is available. Callers
+    that want to run in bare mode must fall back to non-bare execution
+    when this returns empty.
+    """
+    env_key = os.environ.get("ANTHROPIC_API_KEY", "").strip()
+    if env_key:
+        return env_key
+    for path in _ANTHROPIC_API_KEY_SEARCH_PATHS:
+        try:
+            if path.is_file():
+                key = path.read_text().strip()
+                if key:
+                    return key
+        except OSError:
+            continue
+    return ""
+
+
+# Callers for which bare_mode=True is safe. The child's only allowed_tools
+# must be file/grep/shell (no ``mcp__nexo__*``), otherwise --bare's opt-out
+# of plugin sync / MCP bootstrap breaks the run. Extract/synthesize fit
+# this profile: they read transcripts + shared-context and emit JSON, no
+# NEXO tool calls.
+BARE_MODE_SAFE_CALLERS: frozenset[str] = frozenset({
+    "deep-sleep/extract",
+    "deep-sleep/synthesize",
+})
+
+
 def run_automation_prompt(
     prompt: str,
     *,
@@ -807,6 +853,7 @@ def run_automation_prompt(
     append_system_prompt: str = "",
     allowed_tools: str = "",
     extra_args: list[str] | tuple[str, ...] | None = None,
+    bare_mode: bool | None = None,
 ) -> subprocess.CompletedProcess:
     prefs = load_client_preferences()
     selected_backend = backend or resolve_automation_backend(preferences=prefs)
@@ -822,35 +869,40 @@ def run_automation_prompt(
             reasoning_effort = profile["reasoning_effort"]
     selected_backend = _resolve_available_backend(selected_backend, preferences=prefs)
 
-    # Resonance map takes over model+effort decisions when the caller is
-    # registered. Explicit model/effort arguments still win (required for
-    # edge cases like the fallback JSON-conversion call inside extract.py
-    # that asks a shorter/cheaper follow-up).
-    resonance_tier = ""
-    if caller and not model and not reasoning_effort:
-        try:
-            from resonance_map import (
-                resolve_model_and_effort,
-                resolve_tier_for_caller,
-                UnregisteredCallerError,
-            )
-            user_default = ""
-            if isinstance(prefs, dict):
-                user_default = str(prefs.get("default_resonance") or "").strip()
-            resonance_tier = resolve_tier_for_caller(
-                caller, user_default=user_default or None
-            )
-            mapped_model, mapped_effort = resolve_model_and_effort(
-                caller, selected_backend, user_default=user_default or None
-            )
-            if mapped_model:
-                model = mapped_model
-            if mapped_effort:
-                reasoning_effort = mapped_effort
-        except (ImportError, UnregisteredCallerError):
-            # Unknown caller during a transitional release: fall back to
-            # the legacy task_profile / model_defaults resolution below.
-            pass
+    # Resonance map decides (model, effort) for every call. ``caller`` is
+    # MANDATORY — every script that invokes the automation backend must be
+    # registered in src/resonance_map.py so its reasoning budget is a
+    # deliberate choice rather than an accident of the global default.
+    #
+    # Explicit ``model`` or ``reasoning_effort`` arguments still override
+    # the mapped value (required for edge cases like the fallback JSON-
+    # conversion call inside extract.py that runs on a shorter budget).
+    from resonance_map import (
+        resolve_model_and_effort,
+        resolve_tier_for_caller,
+        UnregisteredCallerError,
+    )
+    if not caller:
+        raise UnregisteredCallerError(
+            "run_automation_prompt requires caller=. Register a new entry in "
+            "src/resonance_map.py under USER_FACING_CALLERS or "
+            "SYSTEM_OWNED_CALLERS and pass the id here."
+        )
+    user_default = ""
+    if isinstance(prefs, dict):
+        user_default = str(prefs.get("default_resonance") or "").strip()
+    # This raises UnregisteredCallerError if caller is unknown — the
+    # same fail-closed rule we wanted. No silent fallback.
+    resonance_tier = resolve_tier_for_caller(
+        caller, user_default=user_default or None
+    )
+    mapped_model, mapped_effort = resolve_model_and_effort(
+        caller, selected_backend, user_default=user_default or None
+    )
+    if mapped_model and not model:
+        model = mapped_model
+    if mapped_effort and not reasoning_effort:
+        reasoning_effort = mapped_effort
 
     enforcement_fragment = _build_enforcement_system_prompt()
     if enforcement_fragment:
@@ -877,6 +929,39 @@ def run_automation_prompt(
             raise AutomationBackendUnavailableError(
                 "Claude Code automation backend selected but `claude` is not installed."
             )
+
+        # bare_mode: when the caller only needs the model (no MCP tool
+        # calls, no CLAUDE.md context, no plugins) we pass Claude CLI's
+        # --bare flag. That skips hooks, LSP, plugin sync, CLAUDE.md
+        # auto-discovery, keychain reads, and background prefetches —
+        # reducing the per-invocation overhead from ~9s to ~2s on 2.1.x.
+        # Concretely: deep-sleep/extract was running 57min on Session 1
+        # because each extract attempt inherited ~15KB of NEXO CLAUDE.md
+        # system prompt it did not need. With --bare that extraction
+        # completes in seconds.
+        #
+        # Selection rules:
+        #   - bare_mode=True explicit → trust the caller.
+        #   - bare_mode=None (default) + caller in BARE_MODE_SAFE_CALLERS
+        #     → auto-enable.
+        #   - bare_mode=False → never.
+        #   - --bare disables keychain auth, so we must provide an
+        #     ANTHROPIC_API_KEY. If one cannot be located, fall back to
+        #     normal mode with a warning on stderr rather than failing.
+        resolved_bare = False
+        if bare_mode is True:
+            resolved_bare = True
+        elif bare_mode is None and caller in BARE_MODE_SAFE_CALLERS:
+            resolved_bare = True
+
+        bare_api_key = ""
+        if resolved_bare:
+            bare_api_key = _resolve_anthropic_api_key()
+            if not bare_api_key:
+                # Silent fallback: we would rather take the slower path
+                # than force the caller to fail-closed on an env quirk.
+                resolved_bare = False
+
         # Headless claude -p does NOT reliably honour permissions.allow from
         # settings.json for MCP tool calls — it can stall waiting for an
         # approval that will never come in non-interactive mode. All NEXO
@@ -885,7 +970,15 @@ def run_automation_prompt(
         # so the process actually runs instead of zombying. Interactive
         # sessions (`nexo chat`) never go through this code path and keep
         # their normal approval prompts.
-        cmd = [claude_bin, "-p", prompt, "--dangerously-skip-permissions"]
+        cmd = [claude_bin, "-p", prompt]
+        if resolved_bare:
+            cmd.append("--bare")
+            # Guarantee the child sees the API key regardless of how the
+            # parent's env was sanitized by _headless_env.
+            run_env = dict(run_env)
+            run_env["ANTHROPIC_API_KEY"] = bare_api_key
+        else:
+            cmd.append("--dangerously-skip-permissions")
         if resolved_model:
             cmd.extend(["--model", resolved_model])
         if resolved_effort:

package/src/resonance_map.py

@@ -143,14 +143,25 @@ SYSTEM_OWNED_CALLERS: dict[str, str] = {
     "tools/drive_search":               "medio",
 
     # ---- Marketing automation ---------------------------------------------
-    # These produce short copy; we could run them at BAJO for speed, but the
-    # output is user-visible on a public surface, so we lean MEDIO for safety
-    # against embarrassing outputs.
-    "gbp/daily_post":                   "medio",
-    "gbp/post_wazion":                  "medio",
-    "gbp/post_psicologa":               "medio",
-    "gbp/monthly_audit":                "medio",
-    "gbp/reviews_watch":                "medio",
+    # These post to Google Business Profile on behalf of Francisco's
+    # businesses. Short copy, but user-visible on a public surface; a
+    # mediocre post embarrasses the brand. Running them ALTO even though
+    # it's ~200 chars keeps the output quality tight.
+    "gbp/daily_post":                   "alto",
+    "gbp/post_wazion":                  "alto",
+    "gbp/post_psicologa":               "alto",
+    "gbp/monthly_audit":                "alto",
+    "gbp/reviews_watch":                "alto",
+
+    # ---- Personal scripts (operators' own LaunchAgents) -------------------
+    # Francisco + Maria ship the same set of personal scripts via
+    # ~/.nexo/scripts (installed per-user, not through the core manifest).
+    # They all call into mcp__nexo__* so they cannot run under --bare.
+    "personal/email-monitor":           "alto",   # answer real user emails, quality matters
+    "personal/github-monitor":          "alto",   # reason about issues/PRs, not mechanical
+    "personal/post-x":                  "alto",   # public-facing copy
+    "personal/followup-runner":         "alto",   # executes due followups, output is user-visible
+    "personal/orchestrator-v2":         "maximo", # autonomous orchestration, critical reasoning
 }
 
 ALL_REGISTERED_CALLERS: frozenset[str] = frozenset(