nexo-brain 7.1.2 → 7.1.3

package/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "nexo-brain",
-  "version": "7.1.2",
+  "version": "7.1.3",
   "description": "Local cognitive runtime for Claude Code \u2014 persistent memory, overnight learning, doctor diagnostics, personal scripts, recovery-aware jobs, startup preflight, and optional dashboard/power helper.",
   "author": {
     "name": "NEXO Brain",

package/README.md

@@ -18,7 +18,7 @@
 
 [Watch the overview video](https://nexo-brain.com/watch/) · [Watch on YouTube](https://www.youtube.com/watch?v=i2lkGhKyVqI) · [Open the infographic](https://nexo-brain.com/assets/nexo-brain-infographic-v5.png)
 
-Version `7.1.2` is the current packaged-runtime line. It consolidates the prompt catalog migration that had already landed above `7.1.1`, fixes lazy-loading gaps that still affected standalone runtime paths (`agent_runner`, email account DB access, and Deep Sleep extract), and refreshes the public release surfaces so the open-source Brain and the companion Desktop client describe the same shipped contract again. The companion NEXO Desktop client (v0.22.2, closed-source distributed separately) embeds the same release line for its guided bootstrap and repair flow.
+Version `7.1.3` is the current packaged-runtime line. It closes the remaining post-`7.1.2` product/runtime gap for packaged Desktop-managed installs: the Brain updater can reuse Desktop's bundled npm runtime, portable user-data restores are inspectable before import, product-mode detection is tighter on real packaged machines, and the public release surfaces once again match the runtime line that actually ships. The companion NEXO Desktop client (v0.22.3, closed-source distributed separately) embeds the same release line for its guided bootstrap, repair, and restore flow.
 
 Previously in `7.0.1`: hotfix over v7.0.0 (db._core.DB_PATH was only caller still hardcoded to legacy ~/.nexo/data/nexo.db; every shared-DB command silently returned empty results post-migration). Previously in `7.0.0`: **BREAKING — Plan Consolidado fase F0.6**: physical separation of the runtime tree into `~/.nexo/{core,personal,runtime}/`. The flat layout (`~/.nexo/scripts/`, `brain/`, `data/`, `operations/`, ...) is gone. Operators on v6.x are auto-migrated on first `nexo update`; fresh installs land directly in the new tree. New `paths.py` helpers are transition-aware.
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nexo-brain",
-  "version": "7.1.2",
+  "version": "7.1.3",
   "mcpName": "io.github.wazionapps/nexo",
   "description": "NEXO Brain \u2014 Shared brain for AI agents. Persistent memory, semantic RAG, natural forgetting, metacognitive guard, trust scoring, 150+ MCP tools. Works with Claude Code, Codex, Claude Desktop & any MCP client. 100% local, free.",
   "homepage": "https://nexo-brain.com",

package/src/auto_update.py

@@ -20,7 +20,17 @@ import threading
 import time
 from pathlib import Path
 
-from product_mode import enforce_desktop_product_contract
+try:
+    from product_mode import enforce_desktop_product_contract
+except ModuleNotFoundError as exc:
+    if getattr(exc, "name", "") != "product_mode":
+        raise
+    _core_runtime = Path(__file__).resolve().parent / "core"
+    if _core_runtime.is_dir():
+        core_path = str(_core_runtime)
+        if core_path not in sys.path:
+            sys.path.insert(0, core_path)
+    from product_mode import enforce_desktop_product_contract
 from runtime_home import export_resolved_nexo_home, managed_nexo_home
 
 try:

package/src/cli.py

@@ -4,6 +4,7 @@
 Entry points:
   nexo chat [PATH]
   nexo export [PATH] [--json]
+  nexo import-inspect PATH [--json]
   nexo import PATH [--json]
   nexo scripts list [--all] [--json]
   nexo scripts create NAME [--runtime python|shell] [--description TEXT]
@@ -857,6 +858,27 @@ def _import_bundle(args):
     return 0 if result.get("ok") else 1
 
 
+def _inspect_bundle(args):
+    from user_data_portability import inspect_user_bundle
+
+    result = inspect_user_bundle(args.path)
+    if args.json:
+        print(json.dumps(result, indent=2, ensure_ascii=False))
+    else:
+        if not result.get("ok"):
+            print(result.get("error", "Inspect failed"), file=sys.stderr)
+            return 1
+        sections = result.get("section_names", [])
+        print(f"Bundle ready: {result['path']}")
+        print(f"  Bundle version: {result.get('bundle_version', '?')}")
+        print(f"  Current runtime: {result.get('current_version', '?')}")
+        print(f"  Sections: {', '.join(sections) if sections else '(none)'}")
+        warnings = result.get("warning_codes", [])
+        if warnings:
+            print(f"  Warnings: {', '.join(warnings)}")
+    return 0 if result.get("ok") else 1
+
+
 def _runtime_python_candidates() -> list[str]:
     candidates: list[str] = []
     seen: set[str] = set()
@@ -2321,6 +2343,7 @@ def _print_help():
 Commands:
   nexo chat [path] [--client claude_code|codex]      Launch a NEXO terminal client
   nexo export [path]                                 Export a portable user-data bundle
+  nexo import-inspect PATH                           Inspect a portable user-data bundle
   nexo import PATH                                   Import a portable user-data bundle
   nexo doctor [--tier boot|runtime|deep|all] [--fix]   System diagnostics
   nexo scripts list|create|classify|sync|reconcile|ensure-schedules|schedules|schedule|run|doctor|call|unschedule|remove
@@ -2364,6 +2387,11 @@ def main():
     export_parser.add_argument("path", nargs="?", default="", help="Output bundle path (default: NEXO_HOME/exports/...)")
     export_parser.add_argument("--json", action="store_true", help="JSON output")
 
+    # -- import inspect --
+    inspect_parser = sub.add_parser("import-inspect", help="Inspect a portable user-data bundle")
+    inspect_parser.add_argument("path", help="Bundle path created by `nexo export`")
+    inspect_parser.add_argument("--json", action="store_true", help="JSON output")
+
     # -- import --
     import_parser = sub.add_parser("import", help="Import a portable user-data bundle")
     import_parser.add_argument("path", help="Bundle path created by `nexo export`")
@@ -2822,6 +2850,8 @@ def main():
         return _chat(args)
     elif args.command == "export":
         return _export_bundle(args)
+    elif args.command == "import-inspect":
+        return _inspect_bundle(args)
     elif args.command == "import":
         return _import_bundle(args)
     elif args.command == "update":

package/src/enforcement_engine.py

@@ -16,6 +16,7 @@ import time
 from pathlib import Path
 import re
 import paths
+from core_prompts import render_core_prompt
 
 try:
     from r13_pre_edit_guard import should_inject_r13, ToolCallRecord, WATCHED_WRITE_TOOLS
@@ -524,15 +525,11 @@ class HeadlessEnforcer:
         if tag is None:
             return
         path_str = ", ".join(files) if files else "(unknown target)"
-        prompt = (
-            "R13 pre-Edit guard: a write-class tool (" + tool_name + ") is about "
-            "to touch " + path_str + " without a recent nexo_guard_check on that "
-            "path. Execute nexo_guard_check(files='" + (files[0] if files else "") + "') "
-            "first, review any blocking learnings, then acknowledge via "
-            "nexo_task_acknowledge_guard before the next edit. Do not produce "
-            "visible text for this reminder — act on it. After handling the silent "
-            "action, continue with your previous task; this reminder is silent "
-            "context, not a new instruction."
+        prompt = render_core_prompt(
+            "r13-pre-edit-guard-injection",
+            tool_name=tool_name,
+            path_str=path_str,
+            first_file=(files[0] if files else ""),
         )
         if mode == "shadow":
             _logger.info("[R13 SHADOW] would inject: tag=%s files=%s", tag, files)

package/src/plugins/update.py

@@ -129,8 +129,8 @@ def _ensure_managed_venv(runtime_root: Path = NEXO_HOME) -> str | None:
 def _find_npm_pkg_src() -> Path | None:
     """Locate the nexo-brain npm package's src/ directory for requirements.txt."""
     try:
-        result = subprocess.run(
-            ["npm", "root", "-g"],
+        result = _run_npm(
+            ["root", "-g"],
             capture_output=True, text=True, timeout=10,
         )
         if result.returncode == 0:
@@ -142,6 +142,26 @@ def _find_npm_pkg_src() -> Path | None:
     return None
 
 
+def _npm_command_parts() -> tuple[list[str], dict[str, str]]:
+    """Return the npm invocation, preferring Desktop's managed runtime when present."""
+    desktop_node = str(os.environ.get("NEXO_DESKTOP_NODE", "")).strip()
+    bundled_npm_cli = str(os.environ.get("NEXO_DESKTOP_NPM_CLI", "")).strip()
+    env = dict(os.environ)
+    if desktop_node and bundled_npm_cli and Path(desktop_node).exists():
+        env["ELECTRON_RUN_AS_NODE"] = "1"
+        return [desktop_node, bundled_npm_cli], env
+    return ["npm"], env
+
+
+def _run_npm(args: list[str], **kwargs):
+    cmd, env = _npm_command_parts()
+    extra_env = kwargs.pop("env", None)
+    merged_env = dict(env)
+    if extra_env:
+        merged_env.update(extra_env)
+    return subprocess.run([*cmd, *args], env=merged_env, **kwargs)
+
+
 def _runtime_code_root(runtime_root: Path | None = None) -> Path:
     runtime_root = Path(runtime_root or NEXO_HOME)
     core_root = runtime_root / "core"
@@ -497,8 +517,8 @@ def _validate_npm_name(name: str) -> bool:
 def _get_npm_global_version(package_name: str) -> str | None:
     """Return the currently installed global npm package version, or None."""
     try:
-        result = subprocess.run(
-            ["npm", "list", "-g", package_name, "--json", "--depth=0"],
+        result = _run_npm(
+            ["list", "-g", package_name, "--json", "--depth=0"],
             capture_output=True, text=True, timeout=15,
         )
         # npm list returns exit 1 with valid JSON for peer dep issues;
@@ -521,8 +541,8 @@ def _get_npm_global_version(package_name: str) -> str | None:
 def _get_npm_registry_version(package_name: str) -> str | None:
     """Return the latest version of a package from the npm registry."""
     try:
-        result = subprocess.run(
-            ["npm", "view", package_name, "version"],
+        result = _run_npm(
+            ["view", package_name, "version"],
             capture_output=True, text=True, timeout=15,
         )
         if result.returncode == 0 and result.stdout.strip():
@@ -593,8 +613,8 @@ def _update_runtime_dependencies(progress_fn=None) -> list[dict]:
             # Install it
             _emit_progress(progress_fn, f"Installing {name}...")
             try:
-                r = subprocess.run(
-                    ["npm", "install", "-g", name],
+                r = _run_npm(
+                    ["install", "-g", name],
                     capture_output=True, text=True, timeout=120,
                 )
                 if r.returncode == 0:
@@ -638,8 +658,8 @@ def _update_runtime_dependencies(progress_fn=None) -> list[dict]:
         # Update
         _emit_progress(progress_fn, f"Updating {name} {old_version} -> {latest_version or 'latest'}...")
         try:
-            r = subprocess.run(
-                ["npm", "update", "-g", name],
+            r = _run_npm(
+                ["update", "-g", name],
                 capture_output=True, text=True, timeout=120,
             )
             if r.returncode == 0:
@@ -876,8 +896,8 @@ def _rollback_npm_package(target_version: str) -> str | None:
     from our own pre-update backup — no need for postinstall migration.
     """
     try:
-        result = subprocess.run(
-            ["npm", "install", "-g", f"nexo-brain@{target_version}"],
+        result = _run_npm(
+            ["install", "-g", f"nexo-brain@{target_version}"],
             capture_output=True, text=True, timeout=120,
             env={**os.environ, "NEXO_SKIP_POSTINSTALL": "1", "NEXO_HOME": str(NEXO_HOME)},
         )
@@ -1049,8 +1069,8 @@ def _handle_packaged_update(progress_fn=None, *, include_clis: bool = True) -> s
     # 3. Run npm update (postinstall.js will migrate NEXO_HOME in-place)
     try:
         _emit_progress(progress_fn, "Downloading and applying the latest npm package...")
-        result = subprocess.run(
-            ["npm", "update", "-g", "nexo-brain"],
+        result = _run_npm(
+            ["update", "-g", "nexo-brain"],
             capture_output=True, text=True, timeout=120,
             env={**os.environ, "NEXO_HOME": str(NEXO_HOME)},
         )

package/src/scripts/deep-sleep/extract.py

@@ -219,12 +219,9 @@ def analyze_session(
         # Fallback: if Claude returned text instead of JSON, ask a short conversion call
         if not parsed and len(output.strip()) > 50:
             print(f"    Got text instead of JSON ({len(output)} chars). Converting...")
-            convert_prompt = (
-                f"Convert the following analysis into the exact JSON schema required. "
-                f"Return ONLY the JSON object, nothing else.\n\n"
-                f"Analysis:\n{output[:8000]}\n\n"
-                f"Required schema: session_id, findings[], emotional_timeline[], "
-                f"abandoned_projects[], skill_candidates[], productivity_score, protocol_summary"
+            convert_prompt = render_core_prompt(
+                "deep-sleep-extract-json-conversion",
+                analysis=output[:8000],
             )
             convert_result = run_automation_prompt(
                 convert_prompt,

package/src/t4_llm_gate.py

@@ -23,6 +23,8 @@ import hashlib
 import time
 from typing import Any, Callable, Optional
 
+from core_prompts import render_core_prompt
+
 _TTL_SECONDS = 5 * 60
 _MAX_ENTRIES = 256
 
@@ -75,99 +77,30 @@ def classify_with_llm(
     return verdict
 
 
-PROMPTS: dict[str, dict] = {
-    "R15": {
-        "instruction": (
-            "Decide whether the user just started work on a project without the "
-            "agent having pulled the project context (atlas, git log, project "
-            "files). Answer \"yes\" if a context pull is required, \"no\" if the "
-            "turn is conversational / off-topic / meta."
-        ),
-        "positives": [
-            "User: \"Vamos a arreglar el bug del checkout\" → yes",
-            "User: \"Hazme un refactor del login de CanaRirural\" → yes",
-            "User: \"Revisa la PR del orchestrator\" → yes",
-        ],
-        "negatives": [
-            "User: \"qué hora es\" → no",
-            "User: \"gracias, ya está\" → no",
-            "User: \"dime un chiste\" → no",
-        ],
-    },
-    "R23e": {
-        "instruction": (
-            "Decide whether the proposed `git push --force` command would actually "
-            "rewrite a protected branch (main, master, production, release-*). "
-            "Answer \"yes\" if the target is protected, \"no\" if it targets a "
-            "personal branch, a temporary backup branch, or is clearly a local-only "
-            "operation that the user explicitly authorised."
-        ),
-        "positives": [
-            "`git push --force origin main` → yes",
-            "`git push -f origin production` → yes",
-            "`git push --force origin release-2026-04` → yes",
-        ],
-        "negatives": [
-            "`git push --force origin my-feature` → no",
-            "`git push --force-with-lease origin main` → no",
-            "`git push --force origin backup-before-refactor` → no",
-        ],
-    },
-    "R23f": {
-        "instruction": (
-            "Decide whether the SQL statement performs DELETE/UPDATE without a "
-            "WHERE clause against a production table. Answer \"yes\" if it is an "
-            "unscoped destructive write, \"no\" if it is a well-scoped delete, a "
-            "DDL command, or a scratch table known to be temporary."
-        ),
-        "positives": [
-            "`DELETE FROM orders` → yes",
-            "`UPDATE users SET active=0` → yes",
-            "`DELETE FROM clients` → yes",
-        ],
-        "negatives": [
-            "`DELETE FROM orders WHERE id = 123` → no",
-            "`TRUNCATE TABLE tmp_scratch` → no",
-            "`UPDATE users SET last_login = NOW() WHERE id = 42` → no",
-        ],
-    },
-    "R23h": {
-        "instruction": (
-            "Decide whether the shebang of the script disagrees with the "
-            "interpreter that will actually be invoked. Answer \"yes\" if the "
-            "mismatch will break execution, \"no\" otherwise."
-        ),
-        "positives": [
-            "\"#!/usr/bin/env python3\" + bash body with `for i in $(seq 1 10); do` → yes",
-            "\"#!/bin/sh\" + bashisms like `[[ ${foo} == \"bar\" ]]` → yes",
-            "\"#!/usr/bin/env node\" + bash heredoc body → yes",
-        ],
-        "negatives": [
-            "\"#!/usr/bin/env python3\" + real Python body → no",
-            "\"#!/bin/bash\" + bash arrays → no",
-            "Python script with no shebang at all → no",
-        ],
-    },
+PROMPT_TEMPLATE_NAMES: dict[str, str] = {
+    "R15": "t4-r15-project-context-gate",
+    "R23e": "t4-r23e-force-push-gate",
+    "R23f": "t4-r23f-db-no-where-gate",
+    "R23h": "t4-r23h-shebang-mismatch-gate",
 }
 
 
 def build_prompt(rule_id: str, *, span: str = "", context: str = "") -> Optional[str]:
-    p = PROMPTS.get(rule_id)
-    if p is None:
+    template_name = PROMPT_TEMPLATE_NAMES.get(rule_id)
+    if template_name is None:
         return None
-    examples = "\n".join(
-        ["+ " + e for e in p["positives"]] + ["- " + e for e in p["negatives"]]
-    )
-    body = p["instruction"] + "\n\nExamples:\n" + examples
-    body += "\n\nNow decide. Input:\n" + (span or "")
+    context_section = ""
     if context:
-        body += "\n\nAdditional context:\n" + context
-    body += "\n\nAnswer exactly \"yes\" or \"no\"."
-    return body
+        context_section = "\n\nAdditional context:\n" + context
+    return render_core_prompt(
+        template_name,
+        span=(span or ""),
+        context_section=context_section,
+    )
 
 
 __all__ = [
-    "PROMPTS",
+    "PROMPT_TEMPLATE_NAMES",
     "build_prompt",
     "classify_with_llm",
     "_cache",

package/src/user_data_portability.py

@@ -11,6 +11,7 @@ import tarfile
 import tempfile
 import threading
 import time
+import re
 from datetime import datetime, timezone
 from pathlib import Path
 
@@ -75,6 +76,32 @@ def _runtime_version() -> str:
     return "?"
 
 
+def _parse_version_tuple(value: str) -> tuple[int, ...] | None:
+    text = str(value or "").strip()
+    if not text:
+        return None
+    parts: list[int] = []
+    for token in text.split("."):
+        match = re.match(r"^(\d+)", token.strip())
+        if not match:
+            return None
+        parts.append(int(match.group(1)))
+    return tuple(parts) if parts else None
+
+
+def _version_relation(bundle_version: str, current_version: str) -> str:
+    bundle_tuple = _parse_version_tuple(bundle_version)
+    current_tuple = _parse_version_tuple(current_version)
+    if not bundle_tuple or not current_tuple:
+        return "unknown"
+    width = max(len(bundle_tuple), len(current_tuple))
+    bundle_norm = bundle_tuple + (0,) * (width - len(bundle_tuple))
+    current_norm = current_tuple + (0,) * (width - len(current_tuple))
+    if bundle_norm == current_norm:
+        return "match"
+    return "bundle_newer" if bundle_norm > current_norm else "bundle_older"
+
+
 def _sqlite_backup(src: Path, dest: Path) -> None:
     dest.parent.mkdir(parents=True, exist_ok=True)
     src_conn = sqlite3.connect(str(src))
@@ -183,6 +210,56 @@ def _safe_extract(archive_path: Path, dest_dir: Path) -> None:
             target.chmod(member.mode & 0o777)
 
 
+def _stage_bundle(archive_path: Path) -> tuple[Path, Path, dict]:
+    STAGING_DIR.mkdir(parents=True, exist_ok=True)
+    stage_dir = Path(tempfile.mkdtemp(prefix="nexo-import-", dir=str(STAGING_DIR)))
+    try:
+        _safe_extract(archive_path, stage_dir)
+        bundle_root = stage_dir / "bundle"
+        manifest_path = bundle_root / "manifest.json"
+        if not manifest_path.is_file():
+            raise ValueError("bundle manifest missing")
+        manifest = json.loads(manifest_path.read_text())
+        if manifest.get("kind") != "nexo-user-data-bundle":
+            raise ValueError(f"unsupported bundle kind: {manifest.get('kind', 'unknown')}")
+        return stage_dir, bundle_root, manifest
+    except Exception:
+        shutil.rmtree(stage_dir, ignore_errors=True)
+        raise
+
+
+def _inspect_manifest(manifest: dict, archive_path: Path) -> dict:
+    current_version = _runtime_version()
+    bundle_version = str(manifest.get("version") or "?")
+    section_names = sorted(
+        str(name).strip()
+        for name in (manifest.get("sections") or {}).keys()
+        if str(name).strip()
+    )
+    warning_codes: list[str] = []
+    relation = _version_relation(bundle_version, current_version)
+    if relation == "bundle_newer":
+        warning_codes.append("bundle_newer")
+    elif relation == "bundle_older":
+        warning_codes.append("bundle_older")
+    elif relation == "unknown" and bundle_version != current_version:
+        warning_codes.append("version_unknown")
+    if not section_names:
+        warning_codes.append("no_sections")
+    return {
+        "ok": True,
+        "path": str(archive_path),
+        "kind": str(manifest.get("kind") or ""),
+        "bundle_version": bundle_version,
+        "current_version": current_version,
+        "created_at": str(manifest.get("created_at") or ""),
+        "section_names": section_names,
+        "section_count": len(section_names),
+        "version_relation": relation,
+        "warning_codes": warning_codes,
+    }
+
+
 def _load_personal_scripts() -> tuple[list[dict], list[dict]]:
     from script_registry import classify_scripts_dir, discover_personal_schedules
 
@@ -196,10 +273,11 @@ def _load_personal_scripts() -> tuple[list[dict], list[dict]]:
     return scripts, schedules
 
 
-def export_user_bundle(output_path: str = "") -> dict:
-    err = _check_export_rate_limit()
-    if err is not None:
-        return {"ok": False, "error": err, "rate_limited": True}
+def export_user_bundle(output_path: str = "", *, enforce_rate_limit: bool = True) -> dict:
+    if enforce_rate_limit:
+        err = _check_export_rate_limit()
+        if err is not None:
+            return {"ok": False, "error": err, "rate_limited": True}
     output = Path(output_path).expanduser() if output_path.strip() else (EXPORTS_DIR / f"nexo-user-data-{_now_stamp()}.tar.gz")
     output.parent.mkdir(parents=True, exist_ok=True)
     STAGING_DIR.mkdir(parents=True, exist_ok=True)
@@ -286,35 +364,42 @@ def export_user_bundle(output_path: str = "") -> dict:
         shutil.rmtree(stage_dir, ignore_errors=True)
 
 
+def inspect_user_bundle(bundle_path: str) -> dict:
+    archive_path = Path(bundle_path).expanduser()
+    if not archive_path.is_file():
+        return {"ok": False, "error": f"bundle not found: {archive_path}", "path": str(archive_path)}
+
+    stage_dir: Path | None = None
+    try:
+        stage_dir, _bundle_root, manifest = _stage_bundle(archive_path)
+        return _inspect_manifest(manifest, archive_path)
+    except Exception as exc:
+        return {"ok": False, "error": str(exc), "path": str(archive_path)}
+    finally:
+        if stage_dir is not None:
+            shutil.rmtree(stage_dir, ignore_errors=True)
+
+
 def import_user_bundle(bundle_path: str) -> dict:
     archive_path = Path(bundle_path).expanduser()
     if not archive_path.is_file():
         return {"ok": False, "error": f"bundle not found: {archive_path}"}
 
+    inspection = inspect_user_bundle(str(archive_path))
+    if not inspection.get("ok"):
+        return inspection
+
     backups_dir = paths.backups_dir()
     backups_dir.mkdir(parents=True, exist_ok=True)
     safety_backup = backups_dir / f"pre-import-user-data-{_now_stamp()}.tar.gz"
-    safety_result = export_user_bundle(str(safety_backup))
+    safety_result = export_user_bundle(str(safety_backup), enforce_rate_limit=False)
     if not safety_result.get("ok"):
         return {"ok": False, "error": "failed to create safety backup", "safety_backup": str(safety_backup)}
 
-    STAGING_DIR.mkdir(parents=True, exist_ok=True)
-    stage_dir = Path(tempfile.mkdtemp(prefix="nexo-import-", dir=str(STAGING_DIR)))
+    stage_dir: Path | None = None
 
     try:
-        _safe_extract(archive_path, stage_dir)
-        bundle_root = stage_dir / "bundle"
-        manifest_path = bundle_root / "manifest.json"
-        if not manifest_path.is_file():
-            return {"ok": False, "error": "bundle manifest missing", "safety_backup": str(safety_backup)}
-
-        manifest = json.loads(manifest_path.read_text())
-        if manifest.get("kind") != "nexo-user-data-bundle":
-            return {
-                "ok": False,
-                "error": f"unsupported bundle kind: {manifest.get('kind', 'unknown')}",
-                "safety_backup": str(safety_backup),
-            }
+        stage_dir, bundle_root, manifest = _stage_bundle(archive_path)
 
         restored: dict[str, dict] = {}
 
@@ -368,6 +453,9 @@ def import_user_bundle(bundle_path: str) -> dict:
             "path": str(archive_path),
             "kind": manifest.get("kind"),
             "bundle_version": manifest.get("version"),
+            "current_version": inspection.get("current_version"),
+            "version_relation": inspection.get("version_relation"),
+            "warning_codes": inspection.get("warning_codes", []),
             "safety_backup": str(safety_backup),
             "restored": restored,
             "skill_sync": skill_sync_result,
@@ -382,4 +470,5 @@ def import_user_bundle(bundle_path: str) -> dict:
             "safety_backup": str(safety_backup),
         }
     finally:
-        shutil.rmtree(stage_dir, ignore_errors=True)
+        if stage_dir is not None:
+            shutil.rmtree(stage_dir, ignore_errors=True)

package/templates/core-prompts/deep-sleep-extract-json-conversion.md

@@ -0,0 +1,6 @@
+Convert the following analysis into the exact JSON schema required. Return ONLY the JSON object, nothing else.
+
+Analysis:
+[[analysis]]
+
+Required schema: session_id, findings[], emotional_timeline[], abandoned_projects[], skill_candidates[], productivity_score, protocol_summary

package/templates/core-prompts/r13-pre-edit-guard-injection.md

@@ -0,0 +1 @@
+R13 pre-Edit guard: a write-class tool ([[tool_name]]) is about to touch [[path_str]] without a recent nexo_guard_check on that path. Execute nexo_guard_check(files='[[first_file]]') first, review any blocking learnings, then acknowledge via nexo_task_acknowledge_guard before the next edit. Do not produce visible text for this reminder — act on it. After handling the silent action, continue with your previous task; this reminder is silent context, not a new instruction.

package/templates/core-prompts/t4-r15-project-context-gate.md

@@ -0,0 +1,14 @@
+Decide whether the user just started work on a project without the agent having pulled the project context (atlas, git log, project files). Answer "yes" if a context pull is required, "no" if the turn is conversational / off-topic / meta.
+
+Examples:
++ User: "Vamos a arreglar el bug del checkout" -> yes
++ User: "Hazme un refactor del login de CanaRirural" -> yes
++ User: "Revisa la PR del orchestrator" -> yes
+- User: "qué hora es" -> no
+- User: "gracias, ya está" -> no
+- User: "dime un chiste" -> no
+
+Now decide. Input:
+[[span]][[context_section]]
+
+Answer exactly "yes" or "no".

package/templates/core-prompts/t4-r23e-force-push-gate.md

@@ -0,0 +1,14 @@
+Decide whether the proposed `git push --force` command would actually rewrite a protected branch (main, master, production, release-*). Answer "yes" if the target is protected, "no" if it targets a personal branch, a temporary backup branch, or is clearly a local-only operation that the user explicitly authorised.
+
+Examples:
++ `git push --force origin main` -> yes
++ `git push -f origin production` -> yes
++ `git push --force origin release-2026-04` -> yes
+- `git push --force origin my-feature` -> no
+- `git push --force-with-lease origin main` -> no
+- `git push --force origin backup-before-refactor` -> no
+
+Now decide. Input:
+[[span]][[context_section]]
+
+Answer exactly "yes" or "no".

package/templates/core-prompts/t4-r23f-db-no-where-gate.md

@@ -0,0 +1,14 @@
+Decide whether the SQL statement performs DELETE/UPDATE without a WHERE clause against a production table. Answer "yes" if it is an unscoped destructive write, "no" if it is a well-scoped delete, a DDL command, or a scratch table known to be temporary.
+
+Examples:
++ `DELETE FROM orders` -> yes
++ `UPDATE users SET active=0` -> yes
++ `DELETE FROM clients` -> yes
+- `DELETE FROM orders WHERE id = 123` -> no
+- `TRUNCATE TABLE tmp_scratch` -> no
+- `UPDATE users SET last_login = NOW() WHERE id = 42` -> no
+
+Now decide. Input:
+[[span]][[context_section]]
+
+Answer exactly "yes" or "no".

package/templates/core-prompts/t4-r23h-shebang-mismatch-gate.md

@@ -0,0 +1,14 @@
+Decide whether the shebang of the script disagrees with the interpreter that will actually be invoked. Answer "yes" if the mismatch will break execution, "no" otherwise.
+
+Examples:
++ "#!/usr/bin/env python3" + bash body with `for i in $(seq 1 10); do` -> yes
++ "#!/bin/sh" + bashisms like `[[ ${foo} == "bar" ]]` -> yes
++ "#!/usr/bin/env node" + bash heredoc body -> yes
+- "#!/usr/bin/env python3" + real Python body -> no
+- "#!/bin/bash" + bash arrays -> no
+- Python script with no shebang at all -> no
+
+Now decide. Input:
+[[span]][[context_section]]
+
+Answer exactly "yes" or "no".