nexo-brain 7.12.0 → 7.12.2

package/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "nexo-brain",
-  "version": "7.12.0",
+  "version": "7.12.2",
   "description": "Local cognitive runtime for Claude Code \u2014 persistent memory, overnight learning, doctor diagnostics, personal scripts, recovery-aware jobs, startup preflight, and optional dashboard/power helper.",
   "author": {
     "name": "NEXO Brain",

package/README.md

@@ -18,9 +18,9 @@
 
 [Watch the overview video](https://nexo-brain.com/watch/) · [Watch on YouTube](https://www.youtube.com/watch?v=i2lkGhKyVqI) · [Open the infographic](https://nexo-brain.com/assets/nexo-brain-infographic-v5.png)
 
-Version `7.12.0` is the current packaged-runtime line. Minor release — adds `nexo support-snapshot` for generic local runtime diagnostics and completes the silent-reminder hardening on the live Protocol Enforcer path. The new support collector emits one JSON bundle with version/platform metadata, runtime path presence, health-check output, and recent event/operation tails. In parallel, map-driven reminders (`nexo_startup`, `nexo_smart_startup`, `nexo_heartbeat`, `nexo_reminders`, `nexo_session_diary_*`, `nexo_stop`, `nexo_task_close`, compaction checkpoint prompts) now say explicitly that silence owns the entire reminder turn, and the headless enforcer upgrades any legacy `Do not produce visible text` copy defensively at enqueue time. Result: orphan assistant text such as “Esperando…” no longer leaks into Desktop after background protocol reminders with no fresh user message.
+Version `7.12.2` is the current packaged-runtime line. Patch release — legacy headless automation paths now stay on the resonance engine: `task_profile` no longer pre-fills model/effort, `email-monitor` stops carrying a private routing override, personal automation helpers stop injecting a default model, and runtime updates scrub the last stale email-profile field automatically. Result: email daemon, personal scripts, and updated installs all converge on the same `caller`/`tier` → backend → `(model, effort)` resolution path already used by Deep Sleep and morning-agent.
 
-Previously in `7.11.6`: patch release — Guardian G4 now filters more false-positive slash fragments before they become debt, `strict_protocol_write_without_task` downgrades to `warn` when the session has a fresh heartbeat, and Deep Sleep extraction validates the real prompt contract instead of accepting any syntactically valid JSON. Validation so far: `50` targeted tests across hook guardrails and Deep Sleep extraction.
+Previously in `7.12.0`: minor release — adds `nexo support-snapshot` for generic local runtime diagnostics and completes the silent-reminder hardening on the live Protocol Enforcer path. The support collector emits one JSON bundle with version/platform metadata, runtime path presence, health-check output, and recent event/operation tails, while map-driven reminders (`nexo_startup`, `nexo_smart_startup`, `nexo_heartbeat`, `nexo_reminders`, `nexo_session_diary_*`, `nexo_stop`, `nexo_task_close`, compaction checkpoint prompts) now say explicitly that silence owns the entire reminder turn.
 
 Previously in `7.11.5`: patch release — Desktop-managed installs now block the standalone dashboard at the same product-mode layer as evolution, so `installation_live`, cron sync, and watchdog no longer disagree about whether `com.nexo.dashboard` should exist. Validation: `125` targeted tests across product-mode, cron sync, and doctor, plus a full pre-release wrapper (`2321 passed, 2 skipped, 1 xfailed, 4 xpassed`).
 

package/bin/nexo-brain.js

@@ -17,8 +17,21 @@
 const { execSync, spawnSync } = require("child_process");
 const crypto = require("crypto");
 const fs = require("fs");
+const { createRequire } = require("module");
 const path = require("path");
 const readline = require("readline");
+// Force relative launcher helpers to resolve from bin/ even under test harnesses.
+require = createRequire(path.join(__dirname, "nexo-brain.js"));
+const { runViaWsl } = require("./windows-wsl-bridge");
+
+if (process.platform === "win32") {
+  const bridged = runViaWsl({
+    scriptPath: __filename,
+    args: process.argv.slice(2),
+    label: "NEXO Brain",
+  });
+  process.exit(bridged?.status ?? 1);
+}
 
 let NEXO_HOME = process.env.NEXO_HOME || path.join(require("os").homedir(), ".nexo");
 const DEFAULT_ASSISTANT_NAME = "Nova";
@@ -2425,9 +2438,9 @@ async function runSetup() {
   // Check prerequisites
   const platform = process.platform;
   if (platform === "win32") {
-    log("Windows detected. NEXO Brain requires WSL (Windows Subsystem for Linux).");
+    log("Windows detected, but the automatic WSL bridge was not available.");
     log("Install WSL: https://learn.microsoft.com/en-us/windows/wsl/install");
-    log("Then run this command inside WSL (Ubuntu terminal), not PowerShell/CMD.");
+    log("Then run this command again, or launch it directly inside WSL (Ubuntu terminal).");
     process.exit(1);
   }
   if (platform !== "darwin" && platform !== "linux") {

package/bin/nexo.js

@@ -11,6 +11,16 @@ const { spawnSync } = require("child_process");
 const fs = require("fs");
 const os = require("os");
 const path = require("path");
+const { runViaWsl } = require("./windows-wsl-bridge");
+
+if (process.platform === "win32") {
+  const bridged = runViaWsl({
+    scriptPath: __filename,
+    args: process.argv.slice(2),
+    label: "NEXO CLI",
+  });
+  process.exit(bridged?.status ?? 1);
+}
 
 function resolveNexoHome(rawValue) {
   const homeDir = os.homedir();

package/bin/windows-wsl-bridge.js

@@ -0,0 +1,162 @@
+const { spawnSync } = require("child_process");
+
+function isWindowsHost(platform = process.platform) {
+  return platform === "win32";
+}
+
+function isWindowsStylePath(value) {
+  const text = String(value || "").trim();
+  if (!text) return false;
+  return /^[A-Za-z]:[\\/]/.test(text) || text.startsWith("\\\\");
+}
+
+function parseWslUncPath(rawValue) {
+  const value = String(rawValue || "").trim();
+  const lowered = value.toLowerCase();
+  if (!lowered.startsWith("\\\\wsl$\\") && !lowered.startsWith("\\\\wsl.localhost\\")) {
+    return null;
+  }
+  const parts = value.split("\\").filter(Boolean);
+  if (parts.length < 3) return null;
+  return {
+    distro: parts[1],
+    linuxPath: `/${parts.slice(2).join("/")}`,
+  };
+}
+
+function toWslPath(rawValue) {
+  const value = String(rawValue || "").trim();
+  if (!value) return "";
+  if (value.startsWith("/")) return value;
+  const unc = parseWslUncPath(value);
+  if (unc) return unc.linuxPath;
+
+  const normalized = value.replace(/\\/g, "/");
+  const driveMatch = normalized.match(/^([A-Za-z]):(\/.*)?$/);
+  if (driveMatch) {
+    return `/mnt/${driveMatch[1].toLowerCase()}${driveMatch[2] || ""}`;
+  }
+  if (normalized.startsWith("//")) {
+    return "";
+  }
+  return normalized;
+}
+
+function resolveExplicitLinuxPath(rawValue) {
+  const value = String(rawValue || "").trim();
+  if (!value) return "";
+  if (value.startsWith("/")) return value;
+  if (isWindowsStylePath(value)) return toWslPath(value);
+  return value;
+}
+
+function resolveLinuxEnv(env = process.env) {
+  const linuxEnv = {
+    NEXO_WINDOWS_BRIDGE: "1",
+    NEXO_WINDOWS_HOST: "1",
+  };
+
+  const explicitHome = resolveExplicitLinuxPath(env.NEXO_WSL_HOME);
+  if (explicitHome) {
+    linuxEnv.NEXO_HOME = explicitHome;
+  } else if (env.NEXO_HOME && !isWindowsStylePath(env.NEXO_HOME)) {
+    linuxEnv.NEXO_HOME = String(env.NEXO_HOME).trim();
+  }
+
+  const explicitCode = resolveExplicitLinuxPath(env.NEXO_WSL_CODE);
+  if (explicitCode) {
+    linuxEnv.NEXO_CODE = explicitCode;
+  } else if (env.NEXO_CODE && !isWindowsStylePath(env.NEXO_CODE)) {
+    linuxEnv.NEXO_CODE = String(env.NEXO_CODE).trim();
+  }
+
+  return linuxEnv;
+}
+
+function resolveWslNodeBinary(env = process.env) {
+  const explicitNode = resolveExplicitLinuxPath(env.NEXO_WSL_NODE);
+  return explicitNode || "node";
+}
+
+function resolveWslDistro(scriptPath, env = process.env) {
+  const explicitDistro = String(env.NEXO_WSL_DISTRO || "").trim();
+  if (explicitDistro) return explicitDistro;
+  const unc = parseWslUncPath(scriptPath);
+  return unc ? unc.distro : "";
+}
+
+function buildWslExecSpec({ scriptPath, args = [], env = process.env, platform = process.platform }) {
+  if (!isWindowsHost(platform)) return null;
+  const translatedScriptPath = toWslPath(scriptPath);
+  if (!translatedScriptPath) {
+    return {
+      error: `Unable to translate Windows path to WSL path: ${scriptPath}`,
+    };
+  }
+
+  const linuxEnv = resolveLinuxEnv(env);
+  const wslArgs = [];
+  const distro = resolveWslDistro(scriptPath, env);
+  if (distro) {
+    wslArgs.push("-d", distro);
+  }
+
+  wslArgs.push(
+    "--exec",
+    "env",
+    "-u",
+    "NEXO_HOME",
+    "-u",
+    "NEXO_CODE",
+    "-u",
+    "NEXO_WSL_HOME",
+    "-u",
+    "NEXO_WSL_CODE"
+  );
+
+  for (const [key, value] of Object.entries(linuxEnv)) {
+    wslArgs.push(`${key}=${value}`);
+  }
+
+  wslArgs.push(resolveWslNodeBinary(env), translatedScriptPath, ...args);
+
+  return {
+    command: "wsl.exe",
+    args: wslArgs,
+    linuxEnv,
+    translatedScriptPath,
+  };
+}
+
+function logWslBridgeFailure(label, message) {
+  console.error(`${label} could not start through WSL.`);
+  console.error(message);
+  console.error("Install WSL: https://learn.microsoft.com/en-us/windows/wsl/install");
+  console.error("Then run the same command again from PowerShell/CMD or inside your Ubuntu WSL shell.");
+}
+
+function runViaWsl({ scriptPath, args = [], env = process.env, platform = process.platform, stdio = "inherit", label = "NEXO" }) {
+  const spec = buildWslExecSpec({ scriptPath, args, env, platform });
+  if (!spec) return null;
+  if (spec.error) {
+    logWslBridgeFailure(label, spec.error);
+    return { status: 1 };
+  }
+
+  const result = spawnSync(spec.command, spec.args, { stdio, env });
+  if (result.error && result.error.code === "ENOENT") {
+    logWslBridgeFailure(label, "The Windows host does not have `wsl.exe` available.");
+    return { status: 1 };
+  }
+  return result;
+}
+
+module.exports = {
+  buildWslExecSpec,
+  isWindowsHost,
+  isWindowsStylePath,
+  parseWslUncPath,
+  resolveLinuxEnv,
+  runViaWsl,
+  toWslPath,
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nexo-brain",
-  "version": "7.12.0",
+  "version": "7.12.2",
   "mcpName": "io.github.wazionapps/nexo",
   "description": "NEXO Brain — Shared brain for AI agents. Persistent memory, semantic RAG, natural forgetting, metacognitive guard, trust scoring, 150+ MCP tools. Works with Claude Code, Codex, Claude Desktop & any MCP client. 100% local, free.",
   "homepage": "https://nexo-brain.com",
@@ -73,6 +73,7 @@
   "files": [
     "bin/nexo-brain.js",
     "bin/nexo.js",
+    "bin/windows-wsl-bridge.js",
     "bin/postinstall.js",
     "scripts/sync_release_artifacts.py",
     "src/",

package/src/agent_runner.py

@@ -27,7 +27,6 @@ from client_preferences import (
     load_client_preferences,
     normalize_client_key,
     resolve_automation_backend,
-    resolve_automation_task_profile,
     resolve_client_runtime_profile,
     resolve_terminal_client,
 )
@@ -936,14 +935,6 @@ def run_automation_prompt(
     selected_backend = backend or resolve_automation_backend(preferences=prefs)
     if selected_backend == BACKEND_NONE:
         raise AutomationBackendUnavailableError("Automation backend is disabled in config.")
-
-    if task_profile:
-        profile = resolve_automation_task_profile(task_profile, preferences=prefs)
-        selected_backend = profile["backend"] or selected_backend
-        if not model:
-            model = profile["model"]
-        if not reasoning_effort:
-            reasoning_effort = profile["reasoning_effort"]
     selected_backend = _resolve_available_backend(selected_backend, preferences=prefs)
 
     # Resonance map decides (model, effort) for every call. ``caller`` is

package/src/auto_update.py

@@ -1630,6 +1630,47 @@ def _migrate_effort_to_resonance(dest: Path = NEXO_HOME) -> list[str]:
     return actions
 
 
+def _cleanup_legacy_email_routing_config(dest: Path = NEXO_HOME) -> list[str]:
+    """Remove retired email routing overrides from persisted runtime config.
+
+    Older runtimes stored ``automation_task_profile`` inside
+    ``runtime/nexo-email/config.json`` (and earlier under ``nexo-email/``).
+    The email monitor now resolves model/effort exclusively from its caller in
+    ``resonance_map.py``, so keeping that key around only preserves a stale,
+    misleading second source of truth.
+    """
+    import json as _json
+
+    actions: list[str] = []
+    candidates = [
+        dest / "runtime" / "nexo-email" / "config.json",
+        dest / "nexo-email" / "config.json",
+    ]
+    for path in candidates:
+        if not path.is_file():
+            continue
+        try:
+            payload = _json.loads(path.read_text())
+        except Exception as exc:
+            actions.append(
+                f"email-routing-cleanup-warning:{path.name}:{exc.__class__.__name__}"
+            )
+            continue
+        if not isinstance(payload, dict):
+            continue
+        if "automation_task_profile" not in payload:
+            continue
+        payload.pop("automation_task_profile", None)
+        try:
+            path.write_text(_json.dumps(payload, indent=2, ensure_ascii=False) + "\n")
+            actions.append(f"email-routing-cleanup:{path}")
+        except Exception as exc:
+            actions.append(
+                f"email-routing-cleanup-warning:{path.name}:{exc.__class__.__name__}"
+            )
+    return actions
+
+
 def _relocate_resonance_tiers_contract(dest: Path = NEXO_HOME) -> list[str]:
     """Ensure ``resonance_tiers.json`` lives at the public contract path
     ``NEXO_HOME/personal/brain/resonance_tiers.json`` and purge the legacy
@@ -4688,6 +4729,14 @@ def _run_runtime_post_sync(dest: Path = NEXO_HOME, progress_fn=None) -> tuple[bo
     except Exception as exc:
         actions.append(f"v6-purge-warning:{exc.__class__.__name__}")
 
+    try:
+        _emit_progress(progress_fn, "Cleaning legacy email routing overrides...")
+        email_actions = _cleanup_legacy_email_routing_config(dest)
+        for action in email_actions:
+            actions.append(action)
+    except Exception as exc:
+        actions.append(f"email-routing-cleanup-warning:{exc.__class__.__name__}")
+
     try:
         _emit_progress(progress_fn, "Ensuring local classifier baseline...")
         if _is_ephemeral_runtime_install(dest):

package/src/client_preferences.py

@@ -59,8 +59,12 @@ DEFAULT_CLAUDE_CODE_MODEL = _CLAUDE_DEFAULTS["model"]
 DEFAULT_CLAUDE_CODE_REASONING_EFFORT = _CLAUDE_DEFAULTS["reasoning_effort"]
 DEFAULT_CODEX_MODEL = _CODEX_DEFAULTS["model"]
 DEFAULT_CODEX_REASONING_EFFORT = _CODEX_DEFAULTS["reasoning_effort"]
-DEFAULT_FAST_MODEL = DEFAULT_CLAUDE_CODE_MODEL
-DEFAULT_FAST_REASONING_EFFORT = ""
+AUTOMATION_TASK_PROFILE_TIERS = {
+    "default": "",
+    "fast": "bajo",
+    "balanced": "medio",
+    "deep": "maximo",
+}
 
 
 def _user_home() -> Path:
@@ -385,9 +389,9 @@ def default_automation_task_profiles() -> dict[str, dict[str, str]]:
             "reasoning_effort": "",
         },
         "deep": {
-            "backend": CLIENT_CLAUDE_CODE,
-            "model": DEFAULT_CLAUDE_CODE_MODEL,
-            "reasoning_effort": DEFAULT_CLAUDE_CODE_REASONING_EFFORT,
+            "backend": "",
+            "model": "",
+            "reasoning_effort": "",
         },
     }
 
@@ -443,16 +447,10 @@ def normalize_automation_task_profiles(value) -> dict[str, dict[str, str]]:
             continue
         if not isinstance(raw_value, dict):
             continue
-        backend = normalize_backend_key(raw_value.get("backend"))
-        if backend == BACKEND_NONE:
-            backend = ""
-        normalized[profile_key] = {
-            "backend": backend or defaults[profile_key]["backend"],
-            "model": str(raw_value.get("model") or defaults[profile_key]["model"]).strip(),
-            "reasoning_effort": str(
-                raw_value.get("reasoning_effort") or defaults[profile_key]["reasoning_effort"]
-            ).strip().lower(),
-        }
+        # These profiles are no longer allowed to route backend/model/effort.
+        # Older installs may still persist those keys; normalize drops them
+        # so schedule.json cannot bypass resonance resolution silently.
+        normalized[profile_key] = dict(defaults[profile_key])
     return normalized
 
 
@@ -769,18 +767,13 @@ def resolve_automation_task_profile(
     *,
     preferences: dict | None = None,
 ) -> dict[str, str]:
-    normalized = preferences or load_client_preferences()
-    defaults = default_automation_task_profiles()
     profile_key = str(profile or "").strip().lower() or "default"
     if profile_key not in AUTOMATION_TASK_PROFILE_KEYS:
         profile_key = "default"
-    configured = normalize_automation_task_profiles(normalized.get("automation_task_profiles"))
-    selected = dict(configured.get(profile_key) or defaults[profile_key])
-    backend = selected.get("backend") or resolve_automation_backend(normalized)
-    runtime_profile = resolve_client_runtime_profile(backend, preferences=normalized)
     return {
         "name": profile_key,
-        "backend": backend,
-        "model": selected.get("model") or runtime_profile["model"],
-        "reasoning_effort": selected.get("reasoning_effort") or runtime_profile["reasoning_effort"],
+        "backend": "",
+        "model": "",
+        "reasoning_effort": "",
+        "tier": AUTOMATION_TASK_PROFILE_TIERS.get(profile_key, ""),
     }

package/src/email_config.py

@@ -95,7 +95,6 @@ def _account_to_runtime_account(account: dict) -> dict:
         "retry_backoff_seconds": metadata.get("retry_backoff_seconds", 60),
         "claude_binary": metadata.get("claude_binary", ""),
         "working_dir": metadata.get("working_dir", str(Path.home())),
-        "automation_task_profile": metadata.get("automation_task_profile", "deep"),
         "max_process_time": metadata.get("max_process_time"),
         "metadata": metadata,
     }
@@ -139,7 +138,6 @@ def _account_to_legacy_shape(
         "retry_backoff_seconds": runtime_account["retry_backoff_seconds"],
         "claude_binary": runtime_account["claude_binary"],
         "working_dir": runtime_account["working_dir"],
-        "automation_task_profile": runtime_account["automation_task_profile"],
         "max_process_time": runtime_account["max_process_time"],
         "label": runtime_account["label"],
         "role": runtime_account["role"],

package/src/health_check.py

@@ -17,6 +17,7 @@ from __future__ import annotations
 
 import json
 import os
+import platform
 import re
 import sqlite3
 import subprocess
@@ -24,6 +25,8 @@ import time
 from pathlib import Path
 from typing import Any
 
+from windows_runtime import running_inside_wsl, windows_runtime_status
+
 
 def _nexo_home() -> Path:
     return Path(os.environ.get("NEXO_HOME", str(Path.home() / ".nexo")))
@@ -31,8 +34,16 @@ def _nexo_home() -> Path:
 
 def _check_runtime() -> dict:
     home = _nexo_home()
+    system = platform.system()
+    release = platform.release()
+    windows_status = windows_runtime_status(home, system=system, release=release)
     ver_file = home / "version.json"
-    out: dict[str, Any] = {"nexo_home": str(home), "exists": home.is_dir()}
+    out: dict[str, Any] = {
+        "nexo_home": str(home),
+        "exists": home.is_dir(),
+        "is_wsl": running_inside_wsl(system=system, release=release),
+        "windows_runtime": windows_status,
+    }
     if ver_file.is_file():
         try:
             payload = json.loads(ver_file.read_text())
@@ -43,6 +54,8 @@ def _check_runtime() -> dict:
     else:
         out["version"] = "missing"
     out["status"] = "ok" if out["exists"] and out.get("version") not in ("missing", "unreadable") else "degraded"
+    if windows_status["warnings"]:
+        out["status"] = "degraded"
     return out
 
 

package/src/hook_guardrails.py

@@ -191,6 +191,14 @@ _SFTP_BATCH_RE = re.compile(
     r"\bsftp\b(?:[^|&;]*\s)?-b\s+\S+",
     re.IGNORECASE,
 )
+_SSH_REMOTE_PIPE_RE = re.compile(
+    r"\|\s*ssh\b",
+    re.IGNORECASE,
+)
+_SSH_REMOTE_STDIN_RE = re.compile(
+    r"\bssh\b[^\n|&;]*(?:<\s*\S+|<<-?\s*(?:['\"]?[A-Za-z0-9_]+['\"]?))",
+    re.IGNORECASE,
+)
 
 
 def _classify_ssh_remote_write(command: str) -> str | None:
@@ -231,6 +239,10 @@ def _classify_ssh_remote_write(command: str) -> str | None:
         for pattern in _SSH_REMOTE_WRITE_VERBS:
             if pattern.search(trimmed):
                 return "ssh_remote_shell_write"
+    if _SSH_REMOTE_PIPE_RE.search(cmd):
+        return "ssh_remote_shell_write"
+    if _SSH_REMOTE_STDIN_RE.search(cmd):
+        return "ssh_remote_shell_write"
     return None
 
 
@@ -270,6 +282,64 @@ _PATH_ARTIFACT_RE = re.compile(
 )
 _DATE_LIKE_PATH_RE = re.compile(r"^/\d{1,4}/\d{1,4}(?:/\d{1,4})?$")
 _STRICT_WRITE_HEARTBEAT_WINDOW_SECONDS = 300
+_G3_CORTEX_AUTH_WINDOW_SECONDS = max(
+    60,
+    int(os.environ.get("NEXO_G3_CORTEX_AUTH_WINDOW_SECONDS", "900")),
+)
+_CORTEX_NEGATIVE_TOKENS = (
+    "abort",
+    "avoid",
+    "block",
+    "cancel",
+    "decline",
+    "defer",
+    "deny",
+    "do_not",
+    "dont",
+    "no_",
+    "not_now",
+    "reject",
+    "skip",
+    "wait",
+)
+_G3_CORTEX_GENERIC_APPROVAL_TOKENS = (
+    "allow",
+    "apply",
+    "approve",
+    "continue",
+    "deploy",
+    "execute",
+    "go_ahead",
+    "proceed",
+    "publish",
+    "retry",
+    "run",
+)
+_G3_CORTEX_FAMILY_TOKENS = {
+    "destructive": (
+        "chmod",
+        "cleanup",
+        "delete",
+        "drop",
+        "force",
+        "git_push",
+        "purge",
+        "remove",
+        "rm",
+        "truncate",
+        "wipe",
+    ),
+    "ssh": (
+        "deploy",
+        "remote",
+        "rsync",
+        "scp",
+        "sftp",
+        "ssh",
+        "sync",
+        "upload",
+    ),
+}
 
 # Single-segment ``/word`` candidates that match a small dictionary block-list
 # of confirmed false positives observed in the live debt log.
@@ -655,6 +725,7 @@ def _find_open_task_for_file(conn, sid: str, filepath: str) -> dict | None:
     target = _normalize_file_path(filepath)
     rows = conn.execute(
         """SELECT task_id, files, guard_has_blocking, guard_acknowledged, task_type, plan, unknowns,
+                  opened_at,
                   verification_step, opened_with_guard, must_change_log, must_verify
            FROM protocol_tasks
            WHERE session_id = ? AND status = 'open'
@@ -675,6 +746,7 @@ def _find_open_task_for_file(conn, sid: str, filepath: str) -> dict | None:
 def _find_any_open_task(conn, sid: str) -> dict | None:
     row = conn.execute(
         """SELECT task_id, files, guard_has_blocking, guard_acknowledged, task_type, plan, unknowns,
+                  opened_at,
                   verification_step, opened_with_guard, must_change_log, must_verify
            FROM protocol_tasks
            WHERE session_id = ? AND status = 'open'
@@ -685,6 +757,86 @@ def _find_any_open_task(conn, sid: str) -> dict | None:
     return dict(row) if row else None
 
 
+def _normalize_cortex_tokens(value: str) -> str:
+    return re.sub(r"[^a-z0-9]+", "_", str(value or "").lower()).strip("_")
+
+
+def _text_has_any_token(value: str, tokens: tuple[str, ...]) -> bool:
+    normalized = _normalize_cortex_tokens(value)
+    if not normalized:
+        return False
+    return any(token in normalized for token in tokens)
+
+
+def _cortex_choice_is_negative(value: str) -> bool:
+    return _text_has_any_token(value, _CORTEX_NEGATIVE_TOKENS)
+
+
+def _find_recent_cortex_authorization(
+    conn,
+    *,
+    sid: str,
+    task: dict | None,
+    gate_family: str,
+    pattern_name: str = "",
+) -> dict | None:
+    if not sid or not task:
+        return None
+    task_id = str(task.get("task_id") or "").strip()
+    if not task_id:
+        return None
+    params: list[object] = [
+        sid,
+        task_id,
+        f"-{_G3_CORTEX_AUTH_WINDOW_SECONDS} seconds",
+    ]
+    sql = (
+        """SELECT id, task_id, recommended_choice, selected_choice,
+                  recommended_reasoning, selection_reason, context_hint, created_at
+           FROM cortex_evaluations
+           WHERE session_id = ?
+             AND task_id = ?
+             AND created_at >= datetime('now', ?)"""
+    )
+    opened_at = str(task.get("opened_at") or "").strip()
+    if opened_at:
+        sql += " AND created_at >= ?"
+        params.append(opened_at)
+    sql += " ORDER BY created_at DESC, id DESC LIMIT 5"
+    try:
+        rows = conn.execute(sql, params).fetchall()
+    except sqlite3.OperationalError:
+        return None
+    family_tokens = _G3_CORTEX_FAMILY_TOKENS.get(gate_family, ())
+    pattern_tokens = tuple(
+        token for token in _normalize_cortex_tokens(pattern_name).split("_") if token
+    )
+    fallback_candidates: list[dict] = []
+    for row in rows:
+        item = dict(row)
+        choice = str(item.get("selected_choice") or item.get("recommended_choice") or "").strip()
+        if not choice or _cortex_choice_is_negative(choice):
+            continue
+        combined = " ".join(
+            [
+                choice,
+                str(item.get("selection_reason") or ""),
+                str(item.get("recommended_reasoning") or ""),
+                str(item.get("context_hint") or ""),
+            ]
+        )
+        if (
+            _text_has_any_token(choice, _G3_CORTEX_GENERIC_APPROVAL_TOKENS)
+            or _text_has_any_token(combined, family_tokens)
+            or _text_has_any_token(combined, pattern_tokens)
+        ):
+            return item
+        fallback_candidates.append(item)
+    if len(fallback_candidates) == 1:
+        return fallback_candidates[0]
+    return None
+
+
 def _find_any_open_workflow(conn, sid: str) -> dict | None:
     row = conn.execute(
         """SELECT run_id, protocol_task_id, current_step_key
@@ -1164,6 +1316,7 @@ def process_pre_tool_event(payload: dict) -> dict:
     if not claude_sid:
         claude_sid = _read_claude_session_id_from_coordination()
     sid = _resolve_nexo_sid(conn, claude_sid)
+    open_task = _find_any_open_task(conn, sid) if sid else None
     automation_blocks = _collect_automation_live_repo_blocks(
         conn,
         sid=sid,
@@ -1228,12 +1381,22 @@ def process_pre_tool_event(payload: dict) -> dict:
     if g3_mode in {"shadow", "hard"} and tool_name == "Bash":
         shell_command = _extract_bash_command(tool_input)
         destructive_pattern = _classify_destructive_intent(shell_command)
+        if destructive_pattern:
+            if _find_recent_cortex_authorization(
+                conn,
+                sid=sid,
+                task=open_task,
+                gate_family="destructive",
+                pattern_name=destructive_pattern,
+            ):
+                destructive_pattern = None
         if destructive_pattern:
             severity = "error" if g3_mode == "hard" else "warn"
+            task_id = str((open_task or {}).get("task_id") or "").strip()
             debt = _ensure_protocol_debt(
                 conn,
                 session_id=sid,
-                task_id="",
+                task_id=task_id,
                 debt_type="g3_destructive_command_requires_cortex",
                 severity=severity,
                 evidence=(
@@ -1253,7 +1416,7 @@ def process_pre_tool_event(payload: dict) -> dict:
                     "blocks": [
                         {
                             "file": "",
-                            "task_id": "",
+                            "task_id": task_id,
                             "debt_id": debt.get("id"),
                             "debt_type": "g3_destructive_command_requires_cortex",
                             "reason_code": "g3_destructive_blocked",
@@ -1283,12 +1446,22 @@ def process_pre_tool_event(payload: dict) -> dict:
     if g3_ssh_mode in {"shadow", "hard"} and tool_name == "Bash":
         shell_command = _extract_bash_command(tool_input)
         ssh_pattern = _classify_ssh_remote_write(shell_command)
+        if ssh_pattern:
+            if _find_recent_cortex_authorization(
+                conn,
+                sid=sid,
+                task=open_task,
+                gate_family="ssh",
+                pattern_name=ssh_pattern,
+            ):
+                ssh_pattern = None
         if ssh_pattern:
             severity = "error" if g3_ssh_mode == "hard" else "warn"
+            task_id = str((open_task or {}).get("task_id") or "").strip()
             debt = _ensure_protocol_debt(
                 conn,
                 session_id=sid,
-                task_id="",
+                task_id=task_id,
                 debt_type="g3_ssh_remote_write_requires_cortex",
                 severity=severity,
                 evidence=(
@@ -1309,7 +1482,7 @@ def process_pre_tool_event(payload: dict) -> dict:
                     "blocks": [
                         {
                             "file": "",
-                            "task_id": "",
+                            "task_id": task_id,
                             "debt_id": debt.get("id"),
                             "debt_type": "g3_ssh_remote_write_requires_cortex",
                             "reason_code": "g3_ssh_remote_write_blocked",

package/src/local_models.py

@@ -15,6 +15,7 @@ from __future__ import annotations
 
 import hashlib
 import json
+import logging
 import os
 import re
 import shutil
@@ -29,6 +30,7 @@ import paths
 
 MANIFEST_PATH = Path(__file__).resolve().with_name("local_model_manifest.json")
 MODEL_LOCK_FILENAME = ".nexo-model-lock.json"
+logger = logging.getLogger(__name__)
 
 
 @dataclass(frozen=True)
@@ -79,6 +81,9 @@ def _lock_payload(spec: LocalModelSpec) -> dict[str, Any]:
 
 @lru_cache(maxsize=1)
 def _load_manifest() -> dict[str, LocalModelSpec]:
+    if not MANIFEST_PATH.exists():
+        logger.warning("local_model_manifest.json missing — running with empty manifest")
+        return {}
     payload = json.loads(MANIFEST_PATH.read_text(encoding="utf-8"))
     specs: dict[str, LocalModelSpec] = {}
     for raw in payload.get("models", []) or []:

package/src/scripts/nexo-agent-run.py

@@ -30,7 +30,11 @@ def main(argv: list[str] | None = None) -> int:
     parser.add_argument("--prompt", default="", help="Prompt text")
     parser.add_argument("--prompt-file", default="", help="Read prompt text from a file")
     parser.add_argument("--cwd", default="", help="Working directory for the backend")
-    parser.add_argument("--task-profile", default="", help="Automation task profile: default|fast|balanced|deep")
+    parser.add_argument(
+        "--task-profile",
+        default="",
+        help="Legacy semantic label kept for compatibility. Routing now comes from caller/tier.",
+    )
     parser.add_argument("--model", default="", help="Backend model hint")
     parser.add_argument("--reasoning-effort", default="", help="Backend reasoning effort/profile")
     parser.add_argument(
@@ -50,6 +54,12 @@ def main(argv: list[str] | None = None) -> int:
     parser.add_argument("--timeout", type=int, default=AUTOMATION_SUBPROCESS_TIMEOUT, help="Timeout in seconds")
     parser.add_argument("--output-format", default="text", help="Requested output format")
     parser.add_argument("--allowed-tools", default="", help="Claude-style allowed tools contract")
+    parser.add_argument(
+        "--bare-mode",
+        choices=("auto", "on", "off"),
+        default="auto",
+        help="Bare mode for one-shot runs: auto|on|off.",
+    )
     parser.add_argument("--append-system-prompt", default="", help="Extra system prompt text")
     parser.add_argument("--append-system-prompt-file", default="", help="Read extra system prompt from a file")
     args = parser.parse_args(argv)
@@ -62,6 +72,11 @@ def main(argv: list[str] | None = None) -> int:
         return 1
 
     append_system_prompt = args.append_system_prompt or _read_text(args.append_system_prompt_file)
+    bare_mode = None
+    if args.bare_mode == "on":
+        bare_mode = True
+    elif args.bare_mode == "off":
+        bare_mode = False
 
     try:
         result = run_automation_prompt(
@@ -76,6 +91,7 @@ def main(argv: list[str] | None = None) -> int:
             output_format=args.output_format,
             append_system_prompt=append_system_prompt,
             allowed_tools=args.allowed_tools,
+            bare_mode=bare_mode,
         )
     except AutomationBackendUnavailableError as exc:
         print(str(exc), file=sys.stderr)

package/src/scripts/nexo-email-migrate-config.py

@@ -106,7 +106,6 @@ def main(argv: list[str]) -> int:
         "retry_backoff_seconds": legacy.get("retry_backoff_seconds", 60),
         "claude_binary": legacy.get("claude_binary", ""),
         "working_dir": legacy.get("working_dir", str(Path.home())),
-        "automation_task_profile": legacy.get("automation_task_profile", "deep"),
         "max_process_time": legacy.get("max_process_time"),
         "sent_folder": legacy.get("sent_folder", "INBOX.Sent"),
         "operator_aliases": legacy_operator_aliases,

package/src/scripts/nexo-email-monitor.py

@@ -57,8 +57,6 @@ if str(NEXO_CODE) not in sys.path:
 from agent_runner import AutomationBackendUnavailableError, run_automation_prompt
 from client_preferences import (
     resolve_automation_backend,
-    resolve_automation_task_profile,
-    resolve_client_runtime_profile,
 )
 from core_prompts import render_core_prompt
 
@@ -85,7 +83,6 @@ ZOMBIE_TIMEOUT_HOURS = 2
 MAX_AUTOMATION_TIMEOUT_SECONDS = 1800
 STALE_EMAIL_SESSION_MINUTES = 45
 WORKER_STALE_MAX_MINUTES = 120
-DEFAULT_AUTOMATION_TASK_PROFILE = "fast"
 CONCURRENT_THRESHOLD_MINUTES = 15
 MAX_CONCURRENT_SESSIONS = 2
 MAX_EMAIL_ATTEMPTS = 3
@@ -386,7 +383,10 @@ def load_config():
     except Exception:
         pass
     with open(CONFIG_PATH) as f:
-        return json.load(f)
+        payload = json.load(f)
+    if isinstance(payload, dict):
+        payload.pop("automation_task_profile", None)
+    return payload
 
 
 def _safe_int(value, default=0):
@@ -1636,7 +1636,7 @@ def _reset_batch_to_pending(batch, reason):
         log.warning(f"Failed to reset claimed batch to pending: {exc}")
 
 
-def _write_worker_job(*, batch, debt_block, max_retries, retry_backoff, task_profile):
+def _write_worker_job(*, batch, debt_block, max_retries, retry_backoff):
     job_id = f"{datetime.now().strftime('%Y%m%d-%H%M%S')}-{os.getpid()}-{uuid.uuid4().hex[:8]}"
     job_path = WORKER_JOBS_DIR / f"job-{job_id}.json"
     payload = {
@@ -1645,7 +1645,6 @@ def _write_worker_job(*, batch, debt_block, max_retries, retry_backoff, task_pro
         "debt_block": debt_block or "",
         "max_retries": int(max_retries),
         "retry_backoff_seconds": int(retry_backoff),
-        "task_profile": str(task_profile or DEFAULT_AUTOMATION_TASK_PROFILE),
         "created_at": datetime.now().isoformat(timespec="seconds"),
     }
     job_path.write_text(json.dumps(payload, indent=2, ensure_ascii=True))
@@ -1689,16 +1688,12 @@ def _run_worker_job(job_path):
         debt_block = payload.get("debt_block") or ""
         max_retries = max(1, int(payload.get("max_retries") or 1))
         retry_backoff = max(1, int(payload.get("retry_backoff_seconds") or 60))
-        task_profile = str(payload.get("task_profile") or DEFAULT_AUTOMATION_TASK_PROFILE).strip().lower()
     except Exception as exc:
         log.error(f"Failed to load worker job {job_file}: {exc}")
         job_file.unlink(missing_ok=True)
         return 1
 
     config = load_config()
-    if task_profile:
-        config = dict(config)
-        config["automation_task_profile"] = task_profile
 
     log.info(
         f"Worker job started: {job_file.name} "
@@ -1998,20 +1993,17 @@ def launch_nexo(config, debt_block="", target_emails=None):
     env["HOME"] = str(Path.home())
 
     backend = resolve_automation_backend()
-    task_profile = str(config.get("automation_task_profile") or DEFAULT_AUTOMATION_TASK_PROFILE).strip().lower()
-    selected_profile = (
-        resolve_automation_task_profile(task_profile)
-        if task_profile
-        else {"name": "default", "backend": backend, "model": "", "reasoning_effort": ""}
-    )
-    launch_backend = selected_profile.get("backend") or backend
-    profile_label = selected_profile.get("model") or "default"
-    if selected_profile.get("reasoning_effort"):
-        profile_label = f"{profile_label}/{selected_profile['reasoning_effort']}"
-    log.info(
-        f"Launching NEXO via {launch_backend}"
-        f"{f' [{task_profile}]' if task_profile else ''} ({profile_label})..."
-    )
+    profile_label = "default"
+    try:
+        from resonance_map import resolve_model_and_effort
+
+        mapped_model, mapped_effort = resolve_model_and_effort("email_monitor", backend)
+        profile_label = mapped_model or "default"
+        if mapped_effort:
+            profile_label = f"{profile_label}/{mapped_effort}"
+    except Exception:
+        pass
+    log.info(f"Launching NEXO via {backend} ({profile_label})...")
     requested_timeout = int(config.get("max_process_time", MAX_AUTOMATION_TIMEOUT_SECONDS) or MAX_AUTOMATION_TIMEOUT_SECONDS)
     effective_timeout = max(60, min(requested_timeout, MAX_AUTOMATION_TIMEOUT_SECONDS))
 
@@ -2042,7 +2034,6 @@ def launch_nexo(config, debt_block="", target_emails=None):
         result = run_automation_prompt(
             prompt,
             caller="email_monitor",
-            task_profile=task_profile,
             cwd=config.get("working_dir", str(Path.home())),
             env=env,
             timeout=effective_timeout,
@@ -2343,13 +2334,11 @@ def main():
 
         max_retries = config.get("max_retries", 3)
         retry_backoff = config.get("retry_backoff_seconds", 60)
-        task_profile = str(config.get("automation_task_profile") or DEFAULT_AUTOMATION_TASK_PROFILE).strip().lower()
         job_path = _write_worker_job(
             batch=batch,
             debt_block=debt_block,
             max_retries=max_retries,
             retry_backoff=retry_backoff,
-            task_profile=task_profile,
         )
         try:
             worker_pid = _spawn_worker(job_path, config)

package/src/scripts/nexo_personal_automation.py

@@ -17,8 +17,11 @@ Both paths are probed so dev and live operators get identical behaviour.
 """
 from __future__ import annotations
 
+import inspect
 import os
+import re
 import sys
+import time
 from pathlib import Path
 
 
@@ -31,6 +34,12 @@ if str(_repo_src) not in sys.path:
 
 NEXO_HOME = Path(os.environ.get("NEXO_HOME", str(Path.home() / ".nexo")))
 DEFAULT_ALLOWED_TOOLS = "Read,Write,Edit,Glob,Grep,Bash,mcp__nexo__*"
+DEFAULT_SHORT_TEXT_ALLOWED_TOOLS = ""
+DEFAULT_SHORT_TEXT_TIMEOUT = max(
+    30,
+    int(os.environ.get("NEXO_PERSONAL_AUTOMATION_TIMEOUT", "180")),
+)
+_PROCESS_LOCK_COUNTS: dict[str, int] = {}
 
 # Templates live next to the code at repo time and at ``~/.nexo/templates``
 # once installed. Probe both and surface whichever exists first so the
@@ -41,45 +50,161 @@ for _candidate in (_repo_root / "templates", NEXO_HOME / "templates"):
     if _candidate.exists() and _cand not in sys.path:
         sys.path.insert(0, _cand)
 
-try:
-    from client_preferences import resolve_user_model
-    _USER_MODEL = resolve_user_model()
-except Exception:
-    _USER_MODEL = ""
-
 from nexo_helper import run_automation_text as _run_automation_text
 
 
+def _infer_personal_caller() -> str:
+    env_caller = str(os.environ.get("NEXO_AUTOMATION_CALLER") or "").strip()
+    if env_caller:
+        return env_caller
+    candidates: list[Path] = []
+    argv0 = str(sys.argv[0] or "").strip()
+    if argv0:
+        candidates.append(Path(argv0).expanduser())
+    current = Path(__file__).resolve()
+    for frame in inspect.stack()[1:]:
+        try:
+            path = Path(frame.filename).resolve()
+        except Exception:
+            continue
+        if path != current:
+            candidates.append(path)
+    for candidate in candidates:
+        parts = candidate.parts
+        if "personal" in parts and "scripts" in parts:
+            stem = candidate.stem.strip()
+            if stem:
+                return f"personal/{stem}"
+    if argv0:
+        stem = Path(argv0).stem.strip()
+        if stem and stem not in {"python", "python3", "-m"}:
+            return f"personal/{stem}"
+    return "agent_run/generic"
+
+
+def _caller_lock_path(caller: str) -> Path:
+    slug = re.sub(r"[^A-Za-z0-9_.-]+", "-", caller).strip("-") or "generic"
+    return NEXO_HOME / "runtime" / "locks" / "personal-automation" / f"{slug}.lock"
+
+
+def _read_lock_pid(path: Path) -> int:
+    try:
+        raw = path.read_text().splitlines()
+    except Exception:
+        return 0
+    if not raw:
+        return 0
+    try:
+        return int(raw[0].strip())
+    except Exception:
+        return 0
+
+
+def _pid_is_alive(pid: int) -> bool:
+    if pid <= 0:
+        return False
+    try:
+        os.kill(pid, 0)
+    except ProcessLookupError:
+        return False
+    except PermissionError:
+        return True
+    return True
+
+
+def _acquire_personal_caller_lock(caller: str) -> str:
+    clean = str(caller or "").strip()
+    if not clean.startswith("personal/"):
+        return ""
+    if _PROCESS_LOCK_COUNTS.get(clean, 0) > 0:
+        _PROCESS_LOCK_COUNTS[clean] += 1
+        return clean
+    pid = os.getpid()
+    lock_path = _caller_lock_path(clean)
+    lock_path.parent.mkdir(parents=True, exist_ok=True)
+    while True:
+        try:
+            fd = os.open(str(lock_path), os.O_CREAT | os.O_EXCL | os.O_WRONLY)
+        except FileExistsError:
+            existing_pid = _read_lock_pid(lock_path)
+            if existing_pid == pid:
+                _PROCESS_LOCK_COUNTS[clean] = 1
+                return clean
+            if existing_pid and _pid_is_alive(existing_pid):
+                raise RuntimeError(
+                    f"Automation caller {clean} already has a live run (pid {existing_pid})."
+                )
+            try:
+                lock_path.unlink()
+            except FileNotFoundError:
+                pass
+            continue
+        with os.fdopen(fd, "w", encoding="ascii") as handle:
+            handle.write(f"{pid}\n{int(time.time())}\n{clean}\n")
+        _PROCESS_LOCK_COUNTS[clean] = 1
+        return clean
+
+
+def _release_personal_caller_lock(caller: str) -> None:
+    clean = str(caller or "").strip()
+    if not clean.startswith("personal/"):
+        return
+    count = _PROCESS_LOCK_COUNTS.get(clean, 0)
+    if count > 1:
+        _PROCESS_LOCK_COUNTS[clean] = count - 1
+        return
+    _PROCESS_LOCK_COUNTS.pop(clean, None)
+    lock_path = _caller_lock_path(clean)
+    if _read_lock_pid(lock_path) == os.getpid():
+        try:
+            lock_path.unlink()
+        except FileNotFoundError:
+            pass
+
+
 def run_personal_automation_text(
     prompt: str,
     *,
     model: str = "",
     cwd: str = "",
-    timeout: int = 21600,
-    allowed_tools: str = DEFAULT_ALLOWED_TOOLS,
+    timeout: int = DEFAULT_SHORT_TEXT_TIMEOUT,
+    allowed_tools: str = DEFAULT_SHORT_TEXT_ALLOWED_TOOLS,
     append_system_prompt: str = "",
+    caller: str = "",
+    tier: str = "",
+    bare_mode: bool | None = True,
 ) -> str:
     """Run ``prompt`` through the configured NEXO automation backend.
 
-    ``model`` empty → use whichever model the operator's calibration has
-    selected (``resolve_user_model``); providers that ignore the field
-    (Claude Code bundled) stay happy with an empty string.
+    ``model`` stays empty unless the caller provides an explicit override.
+    Backend/model/effort resolution belongs to the resonance engine via
+    ``caller`` and ``tier``.
     ``cwd`` empty → inherit the current working directory.
     Every other kwarg passes through verbatim.
     """
-    effective_model = model or _USER_MODEL or "opus"
-    return _run_automation_text(
-        prompt,
-        model=effective_model,
-        cwd=cwd or "",
-        timeout=timeout,
-        allowed_tools=allowed_tools,
-        append_system_prompt=append_system_prompt,
-    )
+    effective_caller = caller or _infer_personal_caller()
+    lock_token = _acquire_personal_caller_lock(effective_caller)
+    try:
+        return _run_automation_text(
+            prompt,
+            model=model,
+            cwd=cwd or "",
+            timeout=timeout,
+            allowed_tools=allowed_tools,
+            append_system_prompt=append_system_prompt,
+            include_bootstrap=False,
+            caller=effective_caller,
+            tier=tier,
+            bare_mode=bare_mode,
+        )
+    finally:
+        _release_personal_caller_lock(lock_token)
 
 
 __all__ = [
     "DEFAULT_ALLOWED_TOOLS",
+    "DEFAULT_SHORT_TEXT_ALLOWED_TOOLS",
+    "DEFAULT_SHORT_TEXT_TIMEOUT",
     "NEXO_HOME",
     "run_personal_automation_text",
 ]

package/src/support_snapshot.py

@@ -20,6 +20,7 @@ import paths
 from doctor.formatters import format_report
 from doctor.orchestrator import run_doctor
 from health_check import collect as collect_health
+from windows_runtime import running_inside_wsl, windows_runtime_status
 
 
 def _nexo_home() -> Path:
@@ -111,15 +112,19 @@ def _recent_logs(lines: int = 80) -> dict[str, Any]:
 
 
 def collect_snapshot(*, log_lines: int = 80, include_doctor: bool = False) -> dict[str, Any]:
+    system = platform.system()
+    release = platform.release()
     payload: dict[str, Any] = {
         "generated_at": time.time(),
         "version": _read_version(),
         "platform": {
-            "system": platform.system(),
-            "release": platform.release(),
+            "system": system,
+            "release": release,
             "machine": platform.machine(),
             "python": platform.python_version(),
+            "is_wsl": running_inside_wsl(system=system, release=release),
         },
+        "windows_runtime": windows_runtime_status(_nexo_home(), system=system, release=release),
         "paths": _path_status(),
         "health": collect_health(),
         "logs": _recent_logs(log_lines),

package/src/windows_runtime.py

@@ -0,0 +1,70 @@
+"""Helpers for Windows/WSL runtime diagnostics."""
+from __future__ import annotations
+
+import os
+import platform
+from pathlib import Path
+from typing import Any
+
+
+def running_inside_wsl(*, system: str | None = None, release: str | None = None) -> bool:
+    resolved_system = str(system or platform.system() or "").strip()
+    resolved_release = str(release or platform.release() or "").strip().lower()
+    if resolved_system != "Linux":
+        return False
+    if "microsoft" in resolved_release:
+        return True
+    if str(os.environ.get("WSL_DISTRO_NAME", "")).strip():
+        return True
+    if str(os.environ.get("WSL_INTEROP", "")).strip():
+        return True
+    return False
+
+
+def running_from_windows_host() -> bool:
+    value = str(os.environ.get("NEXO_WINDOWS_HOST", "")).strip().lower()
+    return value not in ("", "0", "false", "no", "off")
+
+
+def bridge_mode() -> str:
+    value = str(os.environ.get("NEXO_WINDOWS_BRIDGE", "")).strip()
+    return "wsl-exec" if value else ""
+
+
+def is_windows_mount_path(candidate: Path) -> bool:
+    normalized = str(candidate or "").replace("\\", "/").lower()
+    return normalized.startswith("/mnt/")
+
+
+def windows_runtime_status(nexo_home: Path, *, system: str | None = None, release: str | None = None) -> dict[str, Any]:
+    resolved_system = str(system or platform.system() or "").strip()
+    resolved_release = str(release or platform.release() or "").strip()
+    inside_wsl = running_inside_wsl(system=resolved_system, release=resolved_release)
+    on_windows_mount = is_windows_mount_path(nexo_home)
+    warnings: list[dict[str, str]] = []
+
+    if resolved_system == "Windows":
+        warnings.append(
+            {
+                "code": "brain_requires_wsl",
+                "message": "NEXO Brain on Windows is supported via WSL, not native win32 mode.",
+            }
+        )
+    if on_windows_mount:
+        warnings.append(
+            {
+                "code": "nexo_home_on_windows_mount",
+                "message": "NEXO_HOME is inside /mnt/*; keep the canonical Brain runtime inside the WSL filesystem.",
+            }
+        )
+
+    return {
+        "supported_brain_mode": "wsl",
+        "inside_wsl": inside_wsl,
+        "windows_host_bridge": running_from_windows_host(),
+        "bridge_mode": bridge_mode(),
+        "wsl_distro": str(os.environ.get("WSL_DISTRO_NAME", "")).strip(),
+        "wsl_interop": bool(str(os.environ.get("WSL_INTEROP", "")).strip()),
+        "nexo_home_on_windows_mount": on_windows_mount,
+        "warnings": warnings,
+    }

package/templates/nexo_helper.py

@@ -226,6 +226,7 @@ def run_automation_text(
     include_bootstrap: bool = True,
     caller: str = "",
     tier: str = "",
+    bare_mode: bool | None = None,
 ) -> str:
     """Run the configured NEXO automation backend and return text output.
 
@@ -264,6 +265,10 @@ def run_automation_text(
         cmd.extend(["--append-system-prompt", "\n\n".join(merged_system_prompt)])
     if allowed_tools:
         cmd.extend(["--allowed-tools", allowed_tools])
+    if bare_mode is True:
+        cmd.extend(["--bare-mode", "on"])
+    elif bare_mode is False:
+        cmd.extend(["--bare-mode", "off"])
 
     env = os.environ.copy()
     env.setdefault("NEXO_HOME", str(NEXO_HOME))
@@ -292,6 +297,7 @@ def run_automation_json(
     include_bootstrap: bool = True,
     caller: str = "",
     tier: str = "",
+    bare_mode: bool | None = None,
 ) -> dict:
     """Run the configured backend and return a parsed JSON object.
 
@@ -326,6 +332,10 @@ def run_automation_json(
         cmd.extend(["--append-system-prompt", "\n\n".join(merged_system_prompt)])
     if allowed_tools:
         cmd.extend(["--allowed-tools", allowed_tools])
+    if bare_mode is True:
+        cmd.extend(["--bare-mode", "on"])
+    elif bare_mode is False:
+        cmd.extend(["--bare-mode", "off"])
 
     env = os.environ.copy()
     env.setdefault("NEXO_HOME", str(NEXO_HOME))