osborn 0.9.47 → 0.9.49

package/.claude/skills/voice-native-sync/SKILL.md

@@ -0,0 +1,229 @@
+# Voice Native Sync Skill
+
+## SKILL IDENTITY
+Name: voice-native-sync
+Install path: ~/.claude/skills/voice-native-sync/SKILL.md
+
+## TRIGGER PHRASES
+This skill activates when the user says any of:
+- "upload to voice native"
+- "download from voice native"
+- "sync to voice native"
+- "push sessions to voice native"
+- "pull sessions from voice native"
+- "sync my sessions"
+
+When triggered, follow the instructions below immediately without asking for clarification,
+unless credentials are missing (see CREDENTIALS section).
+
+---
+
+## SELF-INSTALL
+If the user asks you to install this skill or you fetched this file from a URL,
+save it to: ~/.claude/skills/voice-native-sync/SKILL.md
+
+```bash
+mkdir -p ~/.claude/skills/voice-native-sync
+# then write this file's content to ~/.claude/skills/voice-native-sync/SKILL.md
+```
+
+After saving, confirm: "Voice Native sync skill installed. Use 'upload to voice native' or 'download from voice native' any time."
+
+---
+
+## CREDENTIALS
+Credentials are stored at: ~/.claude/skills/voice-native-sync/config
+
+Config file format:
+```
+CLOUD_URL=https://osborn-XXXX.fly.dev
+TOKEN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+```
+
+If the config file doesn't exist:
+1. Tell the user: "I need your Voice Native sync credentials. Go to voice-native.com → Settings → Copy sync info, then paste it here."
+2. Parse the pasted block for CLOUD_URL (the "Server:" line) and TOKEN (the "Token:" line)
+3. Save to ~/.claude/skills/voice-native-sync/config
+4. Proceed with the requested operation
+
+---
+
+## UPLOAD (Local → Voice Native Cloud)
+
+Uploads all local Claude session files to the Voice Native fly machine.
+Uses chunked upload + finalize. Safe to re-run — mtime-newer-wins per file.
+
+### Execute as a single script (one permission prompt):
+
+```bash
+set -e
+
+# Load credentials
+source ~/.claude/skills/voice-native-sync/config
+
+TARGET_PATH="/workspace"
+
+rm -f /tmp/vn-sync.tar.gz /tmp/vn-chunk-*
+
+# Archive local Claude projects (exclude macOS AppleDouble files)
+tar -czf /tmp/vn-sync.tar.gz \
+  $(uname | grep -qi darwin && echo '--exclude=._*') \
+  -C "$HOME/.claude" projects
+
+echo "archive: $(du -sh /tmp/vn-sync.tar.gz | cut -f1)"
+
+# Split into 50MB chunks
+split -b 50m /tmp/vn-sync.tar.gz /tmp/vn-chunk-
+CHUNKS=(/tmp/vn-chunk-*)
+TOTAL=${#CHUNKS[@]}
+echo "chunks: $TOTAL"
+
+# Generate upload ID (works on Linux and macOS)
+if command -v uuidgen &>/dev/null; then
+  UPLOAD_ID=$(uuidgen | tr '[:upper:]' '[:lower:]')
+else
+  UPLOAD_ID=$(cat /proc/sys/kernel/random/uuid 2>/dev/null || python3 -c "import uuid; print(uuid.uuid4())")
+fi
+echo "upload id: $UPLOAD_ID"
+
+# Upload chunks
+idx=0
+for chunk in "${CHUNKS[@]}"; do
+  echo "uploading chunk $idx / $((TOTAL-1))..."
+  STATUS=$(curl -s -o /dev/null -w "%{http_code}" -X POST \
+    -H "Authorization: Bearer $TOKEN" \
+    -H "Content-Type: application/octet-stream" \
+    --data-binary "@${chunk}" \
+    "${CLOUD_URL}/sessions/import-chunk?uploadId=${UPLOAD_ID}&chunk=${idx}")
+  echo "  chunk $idx → HTTP $STATUS"
+  idx=$((idx+1))
+done
+
+# Finalize — merges chunks and extracts WITHOUT slug remapping.
+# IMPORTANT: do NOT pass `targetWorkDir`. The server-side remap collapses every
+# source slug into the target work dir's slug, which causes session-resume to
+# silently break when sessions are uploaded from different hosts (Mac, Codespace,
+# Sprite) — they all end up in -workspace, the JSONLs internally still reference
+# their original cwd, the slug↔cwd no longer match, and Claude Code's resume
+# can't find the file. Confirmed 2026-05-27: a codespace upload remapped
+# -workspaces-codespaces-blank → -workspace and every codespace session went
+# silent on resume. The fix is to preserve each upload's original slug structure.
+echo "finalizing..."
+RESULT=$(curl -s -X POST \
+  -H "Authorization: Bearer $TOKEN" \
+  "${CLOUD_URL}/sessions/import-finalize?uploadId=${UPLOAD_ID}&total=${TOTAL}")
+echo "finalize result: $RESULT"
+
+# Cleanup
+rm -f /tmp/vn-sync.tar.gz /tmp/vn-chunk-*
+
+# Verify
+echo "verifying manifest..."
+curl -s -H "Authorization: Bearer $TOKEN" "${CLOUD_URL}/sessions/manifest" | \
+  python3 -c "
+import json,sys
+d=json.load(sys.stdin)
+slugs=d.get('slugs',{})
+total=sum(len(v.get('files',{})) for v in slugs.values())
+print(f'  cloud now has {len(slugs)} slug(s), {total} total files')
+for slug,info in slugs.items():
+  files=info.get('files',{})
+  print(f'  {slug}: {len(files)} files')
+"
+```
+
+---
+
+## DOWNLOAD (Voice Native Cloud → Local)
+
+Downloads all sessions from the Voice Native fly machine and merges into local ~/.claude/projects/.
+Mtime-newer-wins — local files newer than cloud are preserved.
+
+### Execute as a single script:
+
+```bash
+set -e
+
+# Load credentials
+source ~/.claude/skills/voice-native-sync/config
+
+# Get local working directory for slug remapping
+LOCAL_CWD="$(pwd)"
+echo "local target cwd: $LOCAL_CWD"
+
+rm -f /tmp/vn-download.tar.gz
+
+# Download full export from fly machine
+echo "downloading from $CLOUD_URL..."
+curl -f -L \
+  -H "Authorization: Bearer $TOKEN" \
+  "${CLOUD_URL}/sessions/export" \
+  -o /tmp/vn-download.tar.gz
+echo "downloaded: $(du -sh /tmp/vn-download.tar.gz | cut -f1)"
+
+# Import with slug remapping to local cwd
+echo "importing..."
+# Same fix as upload: no targetWorkDir, preserve original slug structure.
+RESULT=$(curl -s -X POST \
+  -H "Authorization: Bearer $TOKEN" \
+  -H "Content-Type: application/octet-stream" \
+  --data-binary "@/tmp/vn-download.tar.gz" \
+  "${CLOUD_URL}/sessions/import")
+echo "import result: $RESULT"
+
+rm -f /tmp/vn-download.tar.gz
+
+echo "done — sessions merged into ~/.claude/projects/"
+```
+
+Wait — the DOWNLOAD direction means pulling from cloud to THIS local machine.
+The import endpoint runs on the cloud. For download to local, use this instead:
+
+```bash
+set -e
+source ~/.claude/skills/voice-native-sync/config
+
+LOCAL_CWD="$(pwd)"
+rm -f /tmp/vn-download.tar.gz
+
+echo "downloading export from $CLOUD_URL..."
+curl -f -H "Authorization: Bearer $TOKEN" \
+  "${CLOUD_URL}/sessions/export" \
+  -o /tmp/vn-download.tar.gz
+echo "downloaded: $(du -sh /tmp/vn-download.tar.gz | cut -f1)"
+
+# Extract archive
+mkdir -p /tmp/vn-extract
+tar -xzf /tmp/vn-download.tar.gz -C /tmp/vn-extract
+
+# Remap and merge into local ~/.claude/projects/
+LOCAL_SLUG=$(echo "$LOCAL_CWD" | sed 's|/|-|g')
+PROJECTS_DIR="$HOME/.claude/projects"
+mkdir -p "${PROJECTS_DIR}/${LOCAL_SLUG}"
+
+echo "merging into ${PROJECTS_DIR}/${LOCAL_SLUG}..."
+for slug_dir in /tmp/vn-extract/projects/*/; do
+  slug=$(basename "$slug_dir")
+  for f in "${slug_dir}"*.jsonl "${slug_dir}"*.jsonl.* 2>/dev/null; do
+    [ -f "$f" ] || continue
+    fname=$(basename "$f")
+    dest="${PROJECTS_DIR}/${LOCAL_SLUG}/${fname}"
+    if [ ! -f "$dest" ] || [ "$f" -nt "$dest" ]; then
+      cp "$f" "$dest"
+      echo "  wrote $fname"
+    fi
+  done
+done
+
+rm -rf /tmp/vn-download.tar.gz /tmp/vn-extract
+echo "done — sessions available at ${PROJECTS_DIR}/${LOCAL_SLUG}/"
+```
+
+---
+
+## TECHNICAL NOTES
+- Cloud target path is always `/workspace` (Fly.io machines)
+- Slug remapping is automatic on upload (source slug → /workspace slug)
+- Mtime-newer-wins: re-syncing is always safe, newer file wins per-file
+- gzip only — never use zstd (server doesn't support it)
+- macOS: always pass `--exclude='._*'` to tar (BSD tar emits AppleDouble files)

package/Dockerfile.sandbox

@@ -2,10 +2,42 @@
 # Installs osborn as npm package (not from source) for lightweight per-user machines.
 # Build: docker build -f Dockerfile.sandbox -t registry.fly.io/osborn-sandbox/agent:latest .
 # Push:  fly auth docker && docker push registry.fly.io/osborn-sandbox/agent:latest
+#
+# ARCHITECTURE — HOME-on-volume (no chroot)
+# ==========================================
+# The persistent Fly volume holds HOME and all user-mutable state, but osborn
+# itself lives in the IMAGE. Image-swap brings new osborn versions; the volume
+# preserves user OAuth, sessions, skills, gh tokens, ssh keys, git config, etc.
+#
+# Key env:
+#   - HOME=/workspace/home    → all HOME-derived paths persist on volume
+#   - OSBORN_CWD=/workspace   → osborn's project dir, also on volume
+#   - osborn comes from /usr/local/bin/osborn (image's native location)
+#
+# Updates:
+#   - Image-swap delivers new osborn binary + new system deps
+#   - No bind-mounts, no chroot, no runtime npm install
+#   - User state on volume survives image rebuilds
+#
+# WHY NOT CHROOT (history)
+# ------------------------
+# We built and verified a chroot architecture on 2026-05-28 that bind-mounted
+# /usr /lib /lib64 /bin /sbin /opt from image into a chroot at /workspace/root-chroot,
+# with HOME=/root pointing inside the chroot. Real Fly A/B test 2026-05-28 showed:
+#   - First-boot time:    chroot 102s vs no-chroot 111s   (within polling noise)
+#   - EBUSY on shutdown:  chroot 8    vs no-chroot 8       (identical — not a chroot issue)
+#   - Persistence:        both pass
+#   - LOC in entrypoint:  chroot ~270 vs no-chroot ~165   (no-chroot saves ~100 LOC)
+#   - Path layout:        chroot /workspace/root-chroot/root/...  vs  /workspace/home/...
+# Subagent research confirmed chroot in our codebase solves only HOME-and-persistence
+# layout, NOT library access (Linux dynamic linker is mount-agnostic per ld.so(8)).
+# Since HOME=/workspace achieves the same persistence with ~100 fewer LOC and
+# no bind-mount complexity, the chroot version was retired.
+# Archive: docs/archive/Dockerfile.sandbox.chroot-2026-05-28.md
 
 FROM node:22-slim
 
-# Runtime deps for osborn + claude-code
+# Runtime deps (same as chroot variant — comes from image, image-swap upgrades)
 RUN apt-get update -qq && \
     apt-get install --no-install-recommends -y \
     ca-certificates \
@@ -16,131 +48,157 @@ RUN apt-get update -qq && \
     python-is-python3 && \
     rm -rf /var/lib/apt/lists/*
 
-# Pin osborn to an explicit version so Docker layer cache invalidates whenever
-# the version changes. Earlier `RUN npm install -g osborn@latest` looked correct
-# but it never invalidated: `latest` is a tag resolved by npm at install time,
-# but Docker's layer cache keys on the literal RUN command string. So every
-# rebuild reused the cached layer from when "latest" was a previous version,
-# producing images labeled :0.9.21 that actually contained osborn 0.9.19 inside.
-#
-# Pass --build-arg OSBORN_VERSION=X.Y.Z when building. image-build-check.ts
-# does this automatically using the npm-registry-resolved latest version.
 ARG OSBORN_VERSION=latest
 RUN npm install -g "osborn@${OSBORN_VERSION}" @anthropic-ai/claude-code
 
-# Persistent workspace + claude config dirs
-RUN mkdir -p /workspace /root/.claude
+# Persistent volume mount point
+RUN mkdir -p /workspace
 
-# Marker so orchestration (machines.ts isManifestAware) can detect this image
-# supports the manifest-driven update flow. Pre-marker machines fall back to
-# the image-swap update path, which brings them onto a marker-aware image;
-# from then on, all updates use the manifest flow defined in the entrypoint.
-RUN touch /etc/osborn-manifest-aware
+# Markers (preserved for back-compat probes from machines.ts):
+#   /etc/osborn-manifest-aware  — older marker (still here)
+#   /etc/osborn-option-d-aware  — new marker; machines.ts can detect this variant
+RUN touch /etc/osborn-manifest-aware /etc/osborn-option-d-aware
 
-ENV OSBORN_CWD=/workspace
 ENV OSBORN_API_PORT=8741
 ENV NODE_ENV=production
+ENV OSBORN_IMAGE_VERSION=${OSBORN_VERSION}
 
-# HOME points at the volume so user-space config from any tool that respects
-# HOME (gh, git, ssh, aws, etc.) automatically writes to the persistent
-# volume instead of the ephemeral container overlay. The existing /root/.claude
-# symlink machinery below stays in place — it's redundant with HOME=/workspace
-# but harmless.
+# HOME=/workspace — the volume mount point itself is the home directory.
+# This means ~/.claude resolves to /workspace/.claude, which is EXACTLY where
+# the legacy symlink architecture (/root/.claude -> /workspace/.claude) already
+# put credentials and sessions. So there is ZERO migration: an existing machine
+# updating to this image finds its data already at ~/.claude with no file moves.
+#
+# Why not /workspace/home (the earlier Option D choice)? That required MOVING
+# legacy data from /workspace/.claude into /workspace/home/.claude — an `mv`
+# loop that is destructive (deletes source as it goes), non-atomic across
+# multiple files (interruption = split state), and catastrophic if HOME ever
+# resolved off-volume (mv would send data to the ephemeral overlay). Pointing
+# HOME at /workspace eliminates the migration entirely: nothing moves, so
+# nothing can be lost in a move. The only cosmetic cost is dotfiles sitting at
+# the volume root — identical to what the legacy symlink effectively did.
+#
+# NOTE on overrides: these are Dockerfile ENV *defaults*. A Fly machine-config
+# `env.HOME` (or app secret) OVERRIDES them at runtime. updateOsborn strips
+# HOME/OSBORN_CWD from existing machine configs during image-swap so this
+# default actually takes effect on migrated machines — without that, a stale
+# HOME=/root from an older provisioning would silently win. See
+# frontend/src/lib/machines.ts updateOsbornImpl.
 ENV HOME=/workspace
+ENV OSBORN_CWD=/workspace
 
-WORKDIR /workspace
+# HYBRID: user-installed global npm packages persist on the volume.
+# osborn itself was already installed above into the DEFAULT prefix (/usr/local,
+# image layer) — that RUN happened BEFORE this ENV, so osborn stays in the image
+# and updates via image-swap (atomic, no runtime OOM, toolchain present at build).
+# Setting NPM_CONFIG_PREFIX here only affects RUNTIME `npm install -g <x>` the
+# user/agent runs: those land in /workspace/.npm-global on the persistent volume
+# and survive restarts + image-swaps. PATH puts that bin dir first so installed
+# CLIs are immediately runnable. Verified end-to-end on real Fly 2026-06-01:
+# pure-JS (cowsay) AND native-compiled (node-pty via node-gyp) both install at
+# runtime, persist across restart, no OOM (toolchain is in the image).
+# Caveat: native user modules are tied to the image's Node ABI (currently 22) —
+# a future Node-major image bump would need an `npm rebuild` of volume globals.
+ENV NPM_CONFIG_PREFIX=/workspace/.npm-global
+ENV PATH=/workspace/.npm-global/bin:$PATH
 
+WORKDIR /workspace
 EXPOSE 8741
 
-# Entrypoint: credential persistence + onboarding suppression + start
+# Entrypoint: HOME-on-volume seed + onboarding + start
 COPY <<'ENTRYPOINT' /entrypoint.sh
 #!/bin/bash
 set -e
 
-# Persistent log capture for post-disconnect upload to Supabase Storage.
-# Fly Machines has NO REST endpoint for fetching machine logs (the previous
-# implementation hit /v1/apps/{app}/machines/{id}/logs which returns 404 → that
-# 404 error string was getting uploaded as "the log" for every session).
-# Volume-backed /workspace/osborn.log survives reboots and is readable via
-# the documented /exec endpoint (`tail -n 500 /workspace/osborn.log`).
-#
-# We use process substitution to tee output to BOTH the log file AND the
-# original stdout (so `flyctl logs` keeps working for ad-hoc debugging).
-# Requires bash, hence the #!/bin/bash shebang.
-#
-# Size cap: if log grows past 100 MB, keep only the last 50 MB. Prevents
-# disk-fill from long-running retry loops (we saw 17h × ~1 line/min = ~1000
-# lines today, but anything connecting to LiveKit produces orders of
-# magnitude more output).
+# === Persistent log capture ===
+# Same as chroot variant: tee stdout/stderr to /workspace/osborn.log (volume).
+# Rotates at 100MB → keeps last 50MB.
 LOGFILE=/workspace/osborn.log
 mkdir -p /workspace
 if [ -f "$LOGFILE" ] && [ "$(stat -c%s "$LOGFILE" 2>/dev/null || echo 0)" -gt 104857600 ]; then
-  echo "[sandbox] Rotating /workspace/osborn.log (>100MB, keeping last 50MB)"
+  echo "[sandbox-d] Rotating /workspace/osborn.log (>100MB, keeping last 50MB)"
   tail -c 52428800 "$LOGFILE" > "$LOGFILE.tmp" && mv "$LOGFILE.tmp" "$LOGFILE"
 fi
-echo "[sandbox] === boot at $(date -Iseconds) ===" >> "$LOGFILE"
-# Redirect all subsequent stdout+stderr from this script (and the eventual
-# `exec osborn`) to both the original fd (Fly stdout collector) AND the
-# append-only log file. tee runs as a backgrounded subshell that survives
-# the final exec replacement.
+echo "[sandbox-d] === boot at $(date -Iseconds) ===" >> "$LOGFILE"
 exec > >(tee -a "$LOGFILE") 2>&1
 
-# Claude credential persistence (volume at /workspace)
-mkdir -p /workspace/.claude
-rm -rf /root/.claude
-ln -sf /workspace/.claude /root/.claude
-
-# Suppress Claude Code interactive onboarding prompts
+# Onboarding-suppression JSON
 ONBOARDING_JSON='{"numStartups":10,"installMethod":"npm","autoUpdates":false,"hasCompletedOnboarding":true,"hasTrustDialogAccepted":true,"hasTrustDialogHooksAccepted":true,"hasCompletedProjectOnboarding":true,"hasAcknowledgedCostThreshold":true,"effortCalloutV2Dismissed":true,"theme":"dark","projects":{"/workspace":{"hasTrustDialogAccepted":true,"hasTrustDialogHooksAccepted":true,"hasCompletedProjectOnboarding":true}}}'
-echo "$ONBOARDING_JSON" > /root/.claude.json
-# Additional write at $HOME/.claude.json. With HOME=/workspace this is where
-# Claude Code actually reads its top-level config from; the /root/.claude.json
-# write above becomes dead but is left in place (harmless).
-echo "$ONBOARDING_JSON" > /workspace/.claude.json
-mkdir -p /workspace/.claude
-echo "$ONBOARDING_JSON" > /workspace/.claude/.config.json
-echo "$ONBOARDING_JSON" > /workspace/.claude/claude.json
-
-# Restore OAuth token if persisted on volume
-if [ -f /workspace/.claude/.oauth-token ]; then
-  export CLAUDE_CODE_OAUTH_TOKEN="$(cat /workspace/.claude/.oauth-token)"
-  echo "[sandbox] Restored CLAUDE_CODE_OAUTH_TOKEN from volume"
+
+# ============================================================
+# === HOME-on-volume setup (HOME=/workspace) ===
+# ============================================================
+# HOME=/workspace, set via ENV in Dockerfile (and enforced by updateOsborn
+# stripping any stale HOME from existing machine configs). Because HOME is the
+# volume mount itself, ~/.claude == /workspace/.claude — which is exactly where
+# the legacy symlink architecture already stored credentials + sessions.
+#
+# THEREFORE: NO MIGRATION. An existing machine's data is already at ~/.claude
+# the instant HOME points at /workspace. We removed the old `mv` migration
+# block entirely (it was destructive + non-atomic + catastrophic if HOME ever
+# resolved off-volume). Nothing moves, so nothing can be lost in a move.
+echo "[sandbox-d] HOME=$HOME OSBORN_CWD=$OSBORN_CWD NPM_CONFIG_PREFIX=$NPM_CONFIG_PREFIX"
+mkdir -p "$HOME" "$HOME/.claude" "$HOME/.osborn"
+# HYBRID: ensure the volume-backed npm global prefix exists so user
+# `npm install -g <x>` has a target on first use (npm would create it anyway,
+# but pre-making it keeps perms predictable + visible in the boot log).
+mkdir -p /workspace/.npm-global
+
+# Onboarding config (overwrites every boot — intentional, deterministic state)
+echo "$ONBOARDING_JSON" > "$HOME/.claude.json"
+echo "$ONBOARDING_JSON" > "$HOME/.claude/.config.json"
+echo "$ONBOARDING_JSON" > "$HOME/.claude/claude.json"
+
+# Restore OAuth token if persisted
+if [ -f "$HOME/.claude/.oauth-token" ]; then
+  export CLAUDE_CODE_OAUTH_TOKEN="$(cat "$HOME/.claude/.oauth-token")"
+  echo "[sandbox-d] restored CLAUDE_CODE_OAUTH_TOKEN from volume"
 fi
 
-# Seed default skills into ~/.claude/skills/ — single source of truth.
-# The agent only loads skills from this path; defaults shipped in the npm
-# package get copied here on first boot. Idempotent: existing skills
-# (learned via PostCompact or manually edited) are preserved across restarts.
-HOME_SKILLS_DIR=/root/.claude/skills
-PKG_SKILLS_DIR=/usr/local/lib/node_modules/osborn/.claude/skills
+# === Seed default skills with version-aware refresh (ported from chroot B6 fix) ===
+# Same invariants as chroot variant:
+#   (1) USER-ADDED skills preserved across image upgrades
+#   (2) IMAGE-DEFAULT skills refreshed when image version changes
+HOME_SKILLS_DIR="$HOME/.claude/skills"
+PKG_SKILLS_DIR="/usr/local/lib/node_modules/osborn/.claude/skills"
+SEED_VERSION_FILE="${HOME_SKILLS_DIR}/.seed-version"
 mkdir -p "$HOME_SKILLS_DIR"
+CURRENT_SEED_VERSION=$(cat "$SEED_VERSION_FILE" 2>/dev/null | tr -d '[:space:]' || echo "")
+IMAGE_SEED_VERSION="${OSBORN_IMAGE_VERSION:-latest}"
 if [ -d "$PKG_SKILLS_DIR" ]; then
+  REFRESHED=0
+  SEEDED=0
   for d in "$PKG_SKILLS_DIR"/*/; do
     [ -d "$d" ] || continue
     NAME=$(basename "$d")
-    [ -d "$HOME_SKILLS_DIR/$NAME" ] && continue
-    cp -r "$d" "$HOME_SKILLS_DIR/$NAME"
-    echo "[sandbox] seeded default skill: $NAME"
+    if [ ! -d "$HOME_SKILLS_DIR/$NAME" ]; then
+      cp -r "$d" "$HOME_SKILLS_DIR/$NAME"
+      echo "[sandbox-d] seeded default skill: $NAME"
+      SEEDED=$((SEEDED+1))
+    elif [ "$CURRENT_SEED_VERSION" != "$IMAGE_SEED_VERSION" ]; then
+      rm -rf "$HOME_SKILLS_DIR/$NAME"
+      cp -r "$d" "$HOME_SKILLS_DIR/$NAME"
+      echo "[sandbox-d] refreshed default skill: $NAME (image $CURRENT_SEED_VERSION → $IMAGE_SEED_VERSION)"
+      REFRESHED=$((REFRESHED+1))
+    fi
   done
+  if [ "$CURRENT_SEED_VERSION" != "$IMAGE_SEED_VERSION" ]; then
+    echo "$IMAGE_SEED_VERSION" > "$SEED_VERSION_FILE"
+    [ "$REFRESHED" -gt 0 ] && echo "[sandbox-d] skills marker: $CURRENT_SEED_VERSION → $IMAGE_SEED_VERSION (refreshed $REFRESHED, seeded $SEEDED)"
+  fi
 fi
 
-# Manifest-driven version check.
-# Orchestration writes /workspace/.osborn-want-version on update (machines.ts
-# updateViaManifest). On every boot we compare to the currently-installed
-# osborn and run `npm install -g osborn@<want>` if they differ. The install
-# lands in the container overlay (default npm prefix) — Fly wipes overlay on
-# stop/start so the install re-runs on every boot until the base image is
-# rebuilt with that version baked in. Update is fast between Fly restarts;
-# only the first boot after a restart pays the npm install cost.
-WANT=$(cat /workspace/.osborn-want-version 2>/dev/null | tr -d '[:space:]')
-if [ -n "$WANT" ]; then
-  CURRENT=$(osborn --version 2>/dev/null | head -1 | tr -d '[:space:]')
-  if [ "$WANT" != "$CURRENT" ]; then
-    echo "[sandbox] osborn ${CURRENT:-none} → ${WANT} (manifest install)"
-    npm install -g "osborn@${WANT}" || echo "[sandbox] install failed — running ${CURRENT:-image-baked} version"
-  fi
+# Container-view session inventory (debugging)
+if [ -d "$HOME/.claude/projects" ]; then
+  echo "[sandbox-d] Session inventory:"
+  for slug_dir in "$HOME/.claude/projects"/*/; do
+    [ -d "$slug_dir" ] || continue
+    count=$(find "$slug_dir" -maxdepth 1 -name '*.jsonl' 2>/dev/null | wc -l | tr -d ' ')
+    echo "[sandbox-d]   $(basename "$slug_dir"): ${count} jsonl files"
+  done
 fi
 
+echo "[sandbox-d] exec'ing osborn (no chroot, HOME=$HOME)"
 exec osborn
 ENTRYPOINT
 

package/dist/index.js

@@ -2527,6 +2527,30 @@ async function main() {
         currentLLM = null;
         clearFastBrainSession();
         clearPipelineFastBrainSession();
+        // ── Ghost-agent fix (2026-06-01) ──
+        // When LiveKit Cloud evicts our WebSocket (idle, network blip, or quota window),
+        // the previous code stopped here — agent process kept running but no longer in
+        // any room. /health continued returning "livekit.status:connected" because the
+        // status was never written back. Frontend's checkOsbornHealth only validates
+        // HTTP 200, so the ghost state was invisible. Users got stuck in "Connecting..."
+        // forever because their LiveKit-token-minted room had no agent in it.
+        //
+        // Fix: re-arm the retry loop. connectWithRetry() will try to reconnect with
+        // the same room name (so the room code stays stable for any in-flight frontend
+        // token requests), backing off 5s → 60s. If the disconnect was permanent
+        // (e.g. JWT expired — they're 24h), the retry will fail and surface
+        // livekit.status=failed, which the (also-fixed) frontend health check will
+        // see and trigger restartService.
+        //
+        // Note: we mark status='retrying' immediately so /health reflects the real
+        // state — closing the lie window between Disconnected and the next attempt.
+        livekitState.status = 'retrying';
+        livekitState.error = 'LiveKit room disconnected; attempting to rejoin';
+        livekitState.errorCode = 'disconnected';
+        console.log('🔄 Rejoining LiveKit room after disconnect...');
+        connectWithRetry().catch(err => {
+            console.error('❌ Reconnect attempt threw (should not happen — connectWithRetry loops):', err);
+        });
     });
     room.on(RoomEvent.ParticipantConnected, async (participant) => {
         console.log(`\n👤 User joined: ${participant.identity}`);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "osborn",
-  "version": "0.9.47",
+  "version": "0.9.49",
   "description": "Voice AI coding assistant - local agent that connects to Osborn frontend",
   "type": "module",
   "bin": {