prism-mcp-server 7.4.0 → 7.5.0

package/README.md

@@ -8,6 +8,8 @@
 [![TypeScript](https://img.shields.io/badge/TypeScript-5.0+-3178C6?logo=typescript&logoColor=white)](https://www.typescriptlang.org/)
 [![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg)](CONTRIBUTING.md)
 
+![Prism Mind Palace Demo](docs/mind-palace-demo.webp)
+
 **Your AI agent forgets everything between sessions. Prism fixes that.**
 
 One command. Persistent memory. Local-first by default. Optional cloud power-ups.
@@ -26,6 +28,7 @@ Works with **Claude Desktop · Claude Code · Cursor · Windsurf · Cline · Gem
 - [Setup Guides](#-setup-guides)
 - [Universal Import](#-universal-import-bring-your-history)
 - [What Makes Prism Different](#-what-makes-prism-different)
+- [Data Privacy & Egress](#-data-privacy--egress)
 - [Use Cases](#-use-cases)
 - [What's New](#-whats-new)
 - [How Prism Compares](#-how-prism-compares)
@@ -33,7 +36,7 @@ Works with **Claude Desktop · Claude Code · Cursor · Windsurf · Cline · Gem
 - [Environment Variables](#environment-variables)
 - [Architecture](#architecture)
 - [Scientific Foundation](#-scientific-foundation)
-- [Product Roadmap](#-product-roadmap)
+- [Milestones & Roadmap](#-milestones--roadmap)
 - [Troubleshooting FAQ](#-troubleshooting-faq)
 
 ---
@@ -46,12 +49,23 @@ Every time you start a new conversation with an AI coding assistant, it starts f
 
 > 📌 **Terminology:** Throughout this doc, **"Prism"** refers to the MCP server and storage engine. **"Mind Palace"** refers to the visual dashboard UI at `localhost:3000` — your window into the agent's brain. They work together; the dashboard is optional.
 
-**Starting in v7.0**, Prism doesn't just *store* memories — it **ranks them like a human brain.** The ACT-R activation model (from cognitive science) means memories that were accessed recently and frequently surface first, while stale context fades naturally. Combine that with candidate-scoped spreading activation and you get retrieval quality that no flat vector search can match.
+Prism has two pillars:
+
+1. **🧠 Persistent Memory** — Memories are ranked like a human brain: recently and frequently accessed context surfaces first, while stale context fades naturally. The result is retrieval quality that no flat vector search can match. *(See [Scientific Foundation](#-scientific-foundation) for the ACT-R math.)*
+
+2. **🏭 Autonomous Execution (Dark Factory)** — When you're ready, Prism can run coding tasks end-to-end with a fail-closed pipeline where an adversarial evaluator catches bugs the generator missed — before you ever see the PR. *(See [Dark Factory](#-dark-factory--adversarial-autonomous-pipelines).)*
 
 ---
 
 ## 🚀 Quick Start
 
+### Prerequisites
+
+- **Node.js v18+** (v20 LTS recommended; v23.x has [known `npx` quirk](#common-installation-pitfalls))
+- Any MCP-compatible client (Claude Desktop, Cursor, Windsurf, Cline, etc.)
+- No API keys required for core features (see [Capability Matrix](#capability-matrix))
+
+### Install
 
 Add to your MCP client config (`claude_desktop_config.json`, `.cursor/mcp.json`, etc.):
 
@@ -70,6 +84,8 @@ Add to your MCP client config (`claude_desktop_config.json`, `.cursor/mcp.json`,
 
 **That's it.** Restart your client. All tools are available. The **Mind Palace Dashboard** (the visual UI for your agent's brain) starts automatically at `http://localhost:3000`. You don't need to keep a tab open — the dashboard runs in the background and the MCP tools work with or without it.
 
+> 🔄 **Updating Prism:** `npx -y` caches the package locally. To force an update to the latest version, restart your MCP client — `npx -y` will fetch the newest release automatically. If you're stuck on a stale version, run `npx clear-npx-cache` (or `npm cache clean --force`) before restarting.
+
 <details>
 <summary>Port 3000 already in use? (Next.js / Vite / etc.)</summary>
 
@@ -109,6 +125,8 @@ Then open `http://localhost:3001` instead.
 
 > 🔑 The core Mind Palace works **100% offline** with zero API keys. Cloud keys unlock intelligence features. See [Environment Variables](#environment-variables).
 
+> 💰 **API Cost Note:** `GOOGLE_API_KEY` (Gemini) has a generous free tier that covers most individual use. `BRAVE_API_KEY` offers 2,000 free searches/month. `FIRECRAWL_API_KEY` has a free plan with 500 credits. For typical solo development, expect **$0/month** on the free tiers. Only high-volume teams or heavy autonomous pipeline usage will incur meaningful costs.
+
 ---
 
 ## ✨ The Magic Moment
@@ -321,6 +339,12 @@ Then add to your MCP config:
 > **❓ Seeing warnings about missing API keys on startup?**
 > That's expected and not an error. `BRAVE_API_KEY` / `GOOGLE_API_KEY` warnings are informational only — core session memory works with zero keys. See [Environment Variables](#environment-variables) for what each key unlocks.
 
+> 💡 **Do agents auto-load Prism?** Agents using Cursor, Windsurf, or other MCP clients will see the `session_load_context` tool automatically, but may not call it unprompted. Add this to your project's `.cursorrules` (or equivalent system prompt) to guarantee auto-load:
+> ```
+> At the start of every conversation, call session_load_context with project "my-project" before doing any work.
+> ```
+> Claude Code users can use the `.clauderules` auto-load hook shown in the [Setup Guides](#-setup-guides). Prism also has a **server-side fallback** (v5.2.1+) that auto-pushes context after 10 seconds if no load is detected.
+
 ---
 
 ## 📥 Universal Import — Bring Your History
@@ -369,6 +393,7 @@ Every save creates a versioned snapshot. Made a mistake? `memory_checkout` rever
 A gorgeous glassmorphism UI at `localhost:3000` that lets you see exactly what your agent is thinking:
 
 - **Current State & TODOs** — the exact context injected into the LLM's prompt
+- **Intent Health Gauges** — per-project 0–100 health score with staleness decay, TODO load, and decision signals
 - **Interactive Knowledge Graph** — force-directed neural graph with click-to-filter, node renaming, and surgical keyword deletion
 - **Deep Storage Manager** — preview and execute vector purge operations with dry-run safety
 - **Session Ledger** — full audit trail of every decision your agent has made
@@ -387,7 +412,7 @@ Powered by a pure TypeScript port of Google's TurboQuant (inspired by Google's I
 Multiple agents (dev, QA, PM) can work on the same project with **role-isolated memory**. Agents discover each other automatically, share context in real-time via Telepathy sync, and see a team roster during context loading. → [Multi-agent setup example](examples/multi-agent-hivemind/)
 
 ### 🚦 Task Router
-Prism can score coding tasks and recommend whether to keep execution on the host model or delegate to local Claw. This enables faster handling of small, local-safe edits while preserving host execution for non-delegable or higher-complexity work. In client startup/skill flows, use defensive delegation: route only coding tasks, call `session_task_route` only when available, delegate to `claw` only when executor tooling exists and task is non-destructive, and fallback to host when router/executor is unavailable. → [Task router real-life example](examples/router_real_life_test.ts)
+Prism can score coding tasks and recommend whether to keep execution on the host model or delegate to a **local Claw agent** (a lightweight sub-agent powered by Ollama/vLLM for fast, local-safe edits). This enables faster handling of small edits while preserving host execution for complex work. In client startup/skill flows, use defensive delegation: route only coding tasks, call `session_task_route` only when available, delegate to `claw` only when executor tooling exists and task is non-destructive, and fallback to host when router/executor is unavailable. → [Task router real-life example](examples/router_real_life_test.ts)
 
 ### 🖼️ Visual Memory
 Save UI screenshots, architecture diagrams, and bug states to a searchable vault. Images are auto-captioned by a VLM (Claude Vision / GPT-4V / Gemini) and become semantically searchable across sessions.
@@ -398,11 +423,36 @@ OpenTelemetry spans for every MCP tool call, LLM hop, and background worker. Rou
 ### 🌐 Autonomous Web Scholar
 Prism researches while you sleep. A background pipeline searches the web, scrapes articles, synthesizes findings via LLM, and injects results directly into your semantic memory — fully searchable on your next session. Brave Search → Firecrawl scrape → LLM synthesis → Prism ledger. Task-aware, Hivemind-integrated, and zero-config when API keys are missing (falls back to Yahoo + Readability).
 
-### 🔒 GDPR Compliant
-Soft/hard delete (Art. 17), full export in JSON, Markdown, or Obsidian vault `.zip` (Art. 20), API key redaction, per-project TTL retention, and audit trail. Enterprise-ready out of the box.
+### 🔒 Data Privacy & Egress
+
+**Where is my data stored?**
+
+All data lives under `~/.prism-mcp/` on your machine:
+
+| File | Contents |
+|------|----------|
+| `~/.prism-mcp/data.db` | All sessions, handoffs, embeddings, knowledge graph (SQLite + WAL) |
+| `~/.prism-mcp/prism-config.db` | Dashboard settings, system config, API keys |
+| `~/.prism-mcp/media/<project>/` | Visual memory vault (screenshots, HTML captures) |
+| `~/.prism-mcp/dashboard.port` | Ephemeral port lock file |
+| `~/.prism-mcp/sync.lock` | Sync coordination lock |
+
+**Hard reset:** To completely erase your agent's brain, stop Prism and delete the directory:
+```bash
+rm -rf ~/.prism-mcp
+```
+Prism will recreate the directory with empty databases on next startup.
+
+**What leaves your machine?**
+- **Local mode (default):** Nothing. Zero network calls. All data is on-disk SQLite.
+- **With `GOOGLE_API_KEY`:** Text snippets are sent to Gemini for embedding generation, summaries, and Morning Briefings. No session data is stored on Google's servers beyond the API call.
+- **With `BRAVE_API_KEY` / `FIRECRAWL_API_KEY`:** Web Scholar queries are sent to Brave/Firecrawl for search and scraping.
+- **With Supabase:** Session data syncs to your own Supabase instance (you control the Postgres database).
+
+**GDPR compliance:** Soft/hard delete (Art. 17), full export in JSON, Markdown, or Obsidian vault `.zip` (Art. 20), API key redaction in exports, per-project TTL retention policies, and immutable audit trail. Enterprise-ready out of the box.
 
 ### 🏭 Dark Factory — Adversarial Autonomous Pipelines
-When you trigger a Dark Factory pipeline, Prism doesn't just run your task — it fights itself to produce high-quality output. A `PLAN_CONTRACT` step locks a machine-parseable rubric before any code is written. After execution, an **Adversarial Evaluator** (in a fully isolated context) scores the output against the rubric. It cannot pass the Generator without providing exact file and line evidence for every failing criterion. Failed evaluations inject the critique directly into the Generator's retry prompt so it's never flying blind. The result: security issues, regressions, and lazy debug logs caught autonomously — before you ever see the PR.
+When you trigger a Dark Factory pipeline, Prism doesn't just run your task — it fights itself to produce high-quality output. A `PLAN_CONTRACT` step locks a machine-parseable rubric before any code is written. After execution, an **Adversarial Evaluator** (in a fully isolated context) scores the output against the rubric. It cannot pass the Generator without providing exact file and line evidence for every failing criterion. Failed evaluations inject the critique directly into the Generator's retry prompt so it's never flying blind. The result: security issues, regressions, and lazy debug logs caught autonomously — before you ever see the PR. → [See it in action](examples/adversarial-eval-demo/README.md)
 
 ---
 
@@ -412,6 +462,7 @@ When you trigger a Dark Factory pipeline, Prism doesn't just run your task — i
 - **Multi-agent collaboration** — Dev, QA, and PM agents share real-time context without stepping on each other's memory.
 - **Consulting / multi-project** — Switch between client projects with progressive loading: `quick` (~50 tokens), `standard` (~200), or `deep` (~1000+).
   - **Autonomous execution (v7.4)** — Dark Factory pipeline: `plan → plan_contract → execute → evaluate → verify → finalize`. Generator and evaluator run in isolated roles — the evaluator cannot approve without evidence-bound findings scored against a pre-committed rubric.
+  - **Project health monitoring (v7.5)** — Intent Health Dashboard scores each project 0–100 based on staleness, TODO load, and decision quality — turning silent drift into an actionable signal.
 - **Team onboarding** — New team member's agent loads the full project history instantly.
 - **Behavior enforcement** — Agent corrections auto-graduate into permanent `.cursorrules` / `.clauderules` rules.
 - **Offline / air-gapped** — Full SQLite local mode + Ollama LLM adapter. Zero internet dependency.
@@ -543,18 +594,13 @@ The Generator strips the `console.log`, resubmits, and the next `EVALUATE` retur
 
 ## 🆕 What's New
 
+> **Current release: v7.5.0**
 
-> **Current release: v7.4.0**
+- 🩺 **v7.5.0 — Intent Health Dashboard + Security Hardening:** Real-time 0–100 project health scoring (staleness × TODO load × decisions). 10 XSS injection vectors patched. Algorithm hardened with NaN guards and score ceiling.
+- ⚔️ **v7.4.0 — Adversarial Evaluation:** Split-brain anti-sycophancy pipeline. Generator and evaluator in isolated roles with evidence-bound findings.
+- 🏭 **v7.3.x — Dark Factory + Stability:** Fail-closed 3-gate execution pipeline. Dashboard stability and verification diagnostics.
 
-- ⚔️ **v7.4.0 — Adversarial Evaluation (Anti-Sycophancy):** The Dark Factory pipeline now separates generator and evaluator into isolated roles. `PLAN_CONTRACT` locks a machine-parseable rubric before any code runs. `EVALUATE` scores the output with evidence-bound findings (`file`, `line`, `description`). Failed evaluations retry with `plan_viable` routing — conservatively escalating to full PLAN re-planning on parse failures instead of burning revision budget.
-- 🔧 **v7.3.3 — Dashboard Stability Hotfix:** Fixed a multi-layer quote-escaping trap in the `abortPipeline` onclick handler that silently killed the dashboard IIFE and froze the project selector at "Loading projects..." forever. Fixed via `data-id` attribute pattern + ES5 lint guard (`npm run lint:dashboard`).
-- 🏭 **v7.3.1 — Dark Factory (Fail-Closed Execution):** The LLM can no longer touch the filesystem directly. Every autonomous `EXECUTE` step passes 3 gates — Parse → Type → Scope — before any side effect occurs. Scope violations terminate the entire pipeline.
-- 📊 **v7.3.2 — Verification Diagnostics v2:** `verify status --json` now emits per-layer `diff_counts` + `changed_keys`. JSON schema is contract-enforced in CI (`schema_version: 1`).
-- 🔭 **v7.2.0 — Verification Harness:** Spec-frozen contracts (`verification_harness.json` hash-locked before execution), multi-layer assertions across Data / Agent / Pipeline, and finalization gate policies (`warn` / `gate` / `abort`).
-- 🚦 **v7.1.0 — Task Router:** Heuristic + ML-experience routing delegates cloud vs. local model in under 2ms, cold-start safe, per-project experience-corrected.
-- 🧠 **v7.0.0 — ACT-R Activation Memory:** `B_i = ln(Σ t_j^{-d})` recency × frequency re-ranking. Stale memories fade naturally. Active context surfaces automatically.
-
-👉 **[Full release history → CHANGELOG.md](CHANGELOG.md)** · [ROADMAP →](ROADMAP.md)
+👉 **[Full release history → CHANGELOG.md](CHANGELOG.md)** · **[ROADMAP →](ROADMAP.md)**
 
 ---
 
@@ -793,6 +839,10 @@ Requires `PRISM_DARK_FACTORY_ENABLED=true`.
 
 </details>
 
+### System Settings (Dashboard)
+Some configurations are stored dynamically in SQLite (`system_settings` table) and can be edited through the Dashboard UI at `http://localhost:3000`:
+- **`intent_health_stale_threshold_days`** (default: `30`): Number of days before a project is considered fully stale for Intent Health scoring.
+
 ---
 
 ## Architecture
@@ -888,6 +938,7 @@ Prism is evolving from smart session logging toward a **cognitive memory archite
 | **v7.3** | Dark Factory — 3-gate fail-closed EXECUTE pipeline (parse → type → scope) with structured JSON action contract | Industrial safety systems (defense-in-depth, fail-closed valves) | ✅ Shipped |
 | **v7.2** | Verification-first harness — spec-freeze contract, rubric hash lock, multi-layer assertions, CLI `verify` commands | Programmatic verification systems + adversarial validation loops | ✅ Shipped |
 | **v7.4** | Adversarial Evaluation — PLAN_CONTRACT + EVALUATE with isolated generator/evaluator roles, pre-committed rubrics, and evidence-bound findings | Anti-sycophancy research, adversarial ML evaluation frameworks | ✅ Shipped |
+| **v7.5** | Intent Health Dashboard — 3-signal scoring algorithm (staleness, TODO load, decisions), comprehensive XSS hardening (10 vectors), NaN/`Infinity` guards | Proactive monitoring, defense-in-depth security | ✅ Shipped |
 | **v7.x** | Affect-Tagged Memory — sentiment shapes what gets recalled | Affect-modulated retrieval (neuroscience) | 🔭 Horizon |
 | **v8+** | Zero-Search Retrieval — no index, no ANN, just ask the vector | Holographic Reduced Representations | 🔭 Horizon |
 
@@ -895,34 +946,26 @@ Prism is evolving from smart session logging toward a **cognitive memory archite
 
 ---
 
-## 📦 Recent Milestones & Roadmap
-
-> **[Full ROADMAP.md →](ROADMAP.md)**
+## 📦 Milestones & Roadmap
 
-### v6.2: The "Synthesize & Prune" Phase ✅
-Shipped in v6.2.0. Edge synthesis, graph pruning with SLO observability, temporal decay heatmaps, active recall prompt generation, and full dashboard metrics integration.
+> **Current: v7.5.0** — Intent Health Dashboard + XSS Hardening ([CHANGELOG](CHANGELOG.md))
 
-### v6.5: Cognitive Architecture ✅
-Shipped. Full Superposed Memory (SDM) + Hyperdimensional Computing (HDC/VSA) cognitive routing pipeline. Compositional memory states via XOR binding, Hamming resolution, and policy-gated routing (direct / clarify / fallback). 705 tests passing.
-
-### v7.4: Adversarial Evaluation ✅
-Shipped. `PLAN_CONTRACT` + `EVALUATE` steps added to the Dark Factory pipeline. Generator and evaluator operate in isolated roles with pre-committed rubrics. Evidence-bound findings with `criterion_id`, `severity`, `file`, and `line` (number). Conservative `plan_viable=false` default on parse failure escalates to full PLAN re-plan. 78 new tests, 978 total.
-
-### v7.3: Dark Factory — Fail-Closed Execution ✅
-Shipped. Structured JSON action contract for autonomous `EXECUTE` steps. 3-gate validation pipeline (parse → type → scope) terminates pipelines on any violation before filesystem side effects. 67 edge-case tests covering adversarial LLM output, path traversal, and type coercion.
-
-### v7.1: Prism Task Router ✅
-Shipped. Deterministic task routing (`session_task_route`) with optional experience-based confidence adjustment for host vs. local Claw delegation.
-
-### v7.0: ACT-R Activation Memory ✅
-Shipped. Scientifically-grounded retrieval re-ranking via ACT-R base-level activation (`B_i = ln(Σ t_j^(-d))`), candidate-scoped spreading activation, parameterized sigmoid normalization, composite scoring, and zero-cold-start access log infrastructure. 49 dedicated unit tests, 705 total passing.
-
-### v7.2: Verification Harness ✅
-Shipped. Spec-frozen verification contract (`implementation_plan.md` + `verification_harness.json` + immutable `validation_result`), multi-layer machine checks (`data`, `agent`, `pipeline`), finalization gate policies (`warn` / `gate` / `abort`), and CLI `verify generate` / `verify status --json` with schema-versioned output.
+| Release | Headline |
+|---------|----------|
+| **v7.5** | Intent Health scoring + 10 XSS patches |
+| **v7.4** | Adversarial Evaluation (anti-sycophancy) |
+| **v7.3** | Dark Factory fail-closed execution |
+| **v7.2** | Verification Harness |
+| **v7.1** | Task Router |
+| **v7.0** | ACT-R Activation Memory |
+| **v6.5** | HDC Cognitive Routing |
+| **v6.2** | Synthesize & Prune |
 
 ### Future Tracks
-- **v7.x: Affect-Tagged Memory** — Recall prioritization improves by weighting memories with affective/contextual valence, making surfaced context more behaviorally useful.
-- **v8+: Zero-Search Retrieval** — Direct vector-addressed recall (“just ask the vector”) reduces retrieval indirection and moves Prism toward truly native associative memory.
+- **v7.x: Affect-Tagged Memory** — Recall prioritization improves by weighting memories with affective/contextual valence.
+- **v8+: Zero-Search Retrieval** — Direct vector-addressed recall reduces retrieval indirection.
+
+👉 **[Full ROADMAP.md →](ROADMAP.md)**
 
 
 ## ❓ Troubleshooting FAQ

package/dist/dashboard/intentHealth.js

@@ -0,0 +1,62 @@
+export function computeIntentHealth(ctx, staleThresholdDays = 30, nowMs = Date.now()) {
+    if (!Number.isFinite(staleThresholdDays) || staleThresholdDays <= 0)
+        staleThresholdDays = 30; // Guard against NaN / zero / negative
+    // 2. Compute staleness (Days since last session)
+    let stalenessDays = 0;
+    if (ctx.recent_sessions && ctx.recent_sessions.length > 0) {
+        const lastTimestamp = ctx.recent_sessions[0].created_at ? new Date(ctx.recent_sessions[0].created_at).getTime() : NaN;
+        stalenessDays = isNaN(lastTimestamp) ? 0 : Math.max(0, (nowMs - lastTimestamp) / (1000 * 60 * 60 * 24));
+    }
+    // 3. Count TODOs and Decisions
+    const todoCount = ctx.pending_todo?.length || 0;
+    const hasDecisions = ctx.recent_sessions?.some((s) => Array.isArray(s.decisions) && s.decisions.length > 0) ?? false;
+    // 4. Execute Intent Debt Scoring Algorithm
+    // Staleness (50 points): Linear decay until threshold
+    const stalenessScore = Math.max(0, 50 - (stalenessDays / staleThresholdDays) * 50);
+    // Open TODOs (30 points)
+    let todoScore = 30;
+    if (todoCount >= 10)
+        todoScore = 0;
+    else if (todoCount >= 7)
+        todoScore = 5;
+    else if (todoCount >= 4)
+        todoScore = 15;
+    else if (todoCount >= 1)
+        todoScore = 25;
+    // Decisions (20 points): 70% of max if missing
+    const decisionScore = hasDecisions ? 20 : 14;
+    const totalScore = Math.min(100, Math.round(stalenessScore + todoScore + decisionScore));
+    // 5. Generate Actionable Signals
+    const signals = [];
+    if (stalenessDays > staleThresholdDays) {
+        signals.push({ type: "staleness", message: `Stale: Last updated ${Math.round(stalenessDays)} days ago`, severity: "critical" });
+    }
+    else if (stalenessDays > staleThresholdDays / 2) {
+        signals.push({ type: "staleness", message: `Aging: Last updated ${Math.round(stalenessDays)} days ago`, severity: "warn" });
+    }
+    else {
+        signals.push({ type: "staleness", message: `Fresh: Last updated ${Math.round(stalenessDays)} days ago`, severity: "ok" });
+    }
+    if (todoCount >= 10) {
+        signals.push({ type: "todos", message: `${todoCount} TODOs pending (Overwhelming)`, severity: "critical" });
+    }
+    else if (todoCount >= 4) {
+        signals.push({ type: "todos", message: `${todoCount} TODOs pending`, severity: "warn" });
+    }
+    else {
+        signals.push({ type: "todos", message: `${todoCount} TODOs pending`, severity: "ok" });
+    }
+    if (hasDecisions) {
+        signals.push({ type: "decisions", message: "Active decisions captured", severity: "ok" });
+    }
+    else {
+        signals.push({ type: "decisions", message: "No active decisions documented", severity: "warn" });
+    }
+    return {
+        score: totalScore,
+        staleness_days: Math.round(stalenessDays),
+        open_todo_count: todoCount,
+        has_active_decisions: hasDecisions,
+        signals: signals
+    };
+}

package/dist/dashboard/server.js

@@ -23,7 +23,8 @@ import * as fs from "fs";
 import { getStorage } from "../storage/index.js";
 import { PRISM_USER_ID, SERVER_CONFIG } from "../config.js";
 import { renderDashboardHTML } from "./ui.js";
-import { getAllSettings, setSetting, getSetting } from "../storage/configStorage.js";
+import { computeIntentHealth } from "./intentHealth.js";
+import { getAllSettings, setSetting, getSetting, getSettingSync } from "../storage/configStorage.js";
 import { compactLedgerHandler } from "../tools/compactionHandler.js";
 import { getLLMProvider } from "../utils/llm/factory.js";
 import { buildVaultDirectory } from "../utils/vaultExporter.js";
@@ -1095,6 +1096,39 @@ self.addEventListener('message', (e) => {
                 });
                 return res.end(Buffer.from(pngBase64, "base64"));
             }
+            // ─── API: Intent Health (Feature A) ───
+            // GET /api/intent-health?project=xxx
+            if (url.pathname === "/api/intent-health" && req.method === "GET") {
+                const project = url.searchParams.get("project");
+                if (!project) {
+                    res.writeHead(400, { "Content-Type": "application/json" });
+                    return res.end(JSON.stringify({ error: "project is required" }));
+                }
+                try {
+                    const storage = await getStorageSafe();
+                    if (!storage) {
+                        res.writeHead(503, { "Content-Type": "application/json" });
+                        return res.end(JSON.stringify({ error: "Storage initializing..." }));
+                    }
+                    // Load 'standard' context to get active_decisions and recent_sessions
+                    // Note: API MUST use "standard" level (deep skips recent_sessions, which breaks staleness).
+                    const ctx = await storage.loadContext(project, "standard", PRISM_USER_ID);
+                    if (!ctx) {
+                        res.writeHead(404, { "Content-Type": "application/json" });
+                        return res.end(JSON.stringify({ error: "Project not found" }));
+                    }
+                    // 1. Fetch configurable threshold (default 30 days, avoiding 7-day panic)
+                    const staleThresholdDays = parseInt(getSettingSync("intent_health_stale_threshold_days", "30"), 10) || 30;
+                    const healthResult = computeIntentHealth(ctx, staleThresholdDays);
+                    res.writeHead(200, { "Content-Type": "application/json" });
+                    return res.end(JSON.stringify(healthResult));
+                }
+                catch (err) {
+                    console.error("[intent-health] Error computing intent health:", err);
+                    res.writeHead(500, { "Content-Type": "application/json" });
+                    return res.end(JSON.stringify({ error: "Failed to compute intent health" }));
+                }
+            }
             // ─── 404 ───
             res.writeHead(404, { "Content-Type": "text/plain" });
             res.end("Not found");

package/dist/dashboard/ui.js

@@ -625,6 +625,15 @@ export function renderDashboardHTML(version) {
           <ul class="todo-list" id="todos"></ul>
         </div>
 
+        <!-- Intent Health (Feature A) -->
+        <div class="card" id="intentHealthCard" style="display: none;">
+          <div class="card-title" style="display: flex; justify-content: space-between; align-items: center;">
+            <div><span class="dot" style="background:var(--accent-purple)"></span> Intent Health</div>
+            <span style="font-size: 11px; color: var(--text-muted); cursor: help; border-bottom: 1px dotted var(--text-muted); letter-spacing: normal; text-transform: none;" title="Intent debt limits how AI agents can evolve the system (Storey / Fowler)">What is this?</span>
+          </div>
+          <div id="intentHealthCardContent"></div>
+        </div>
+
         <!-- Git Metadata -->
         <div class="card">
           <div class="card-title"><span class="dot" style="background:var(--accent-green)"></span> Git Metadata</div>
@@ -1465,15 +1474,15 @@ function loadPipelines() {
             html += '<span style="font-weight:600;color:var(--text-primary)">' + emoji + ' ' + p.status + '</span>';
             html += '<span style="font-size:0.7rem;font-family:var(--font-mono);color:var(--text-muted)">' + p.id.slice(0, 8) + '…</span>';
             html += '</div>';
-            html += '<div style="font-size:0.82rem;color:var(--text-secondary);margin-bottom:0.35rem">' + objective + '</div>';
+            html += '<div style="font-size:0.82rem;color:var(--text-secondary);margin-bottom:0.35rem">' + escapeHtml(objective) + '</div>';
             html += '<div style="display:flex;gap:1rem;font-size:0.72rem;color:var(--text-muted);flex-wrap:wrap">';
-            html += '<span>📁 ' + (p.project || '?') + '</span>';
+            html += '<span>📁 ' + escapeHtml(p.project || '?') + '</span>';
             html += '<span>🔄 ' + p.iteration + ' / ' + maxIter + '</span>';
-            html += '<span>📍 ' + (p.current_step || '?') + '</span>';
+            html += '<span>📍 ' + escapeHtml(p.current_step || '?') + '</span>';
             html += '<span>🕐 ' + new Date(p.updated_at).toLocaleString() + '</span>';
             html += '</div>';
             if (p.error) {
-                html += '<div style="font-size:0.72rem;color:var(--accent-rose);margin-top:0.35rem;padding:0.3rem 0.5rem;background:rgba(244,63,94,0.08);border-radius:4px">⚠ ' + p.error.slice(0, 200) + '</div>';
+                html += '<div style="font-size:0.72rem;color:var(--accent-rose);margin-top:0.35rem;padding:0.3rem 0.5rem;background:rgba(244,63,94,0.08);border-radius:4px">⚠ ' + escapeHtml(p.error.slice(0, 200)) + '</div>';
             }
             if (isActive) {
                 html += '<div style="margin-top:0.5rem"><button onclick="abortPipeline(this.dataset.id)" data-id="' + p.id + '" class="cleanup-btn" style="font-size:0.72rem">🛑 Abort Pipeline</button></div>';
@@ -1495,7 +1504,7 @@ function loadPipelines() {
         }
     })
         .catch(function (err) {
-        document.getElementById('factoryList').innerHTML = '<div style="color:var(--accent-rose);padding:1rem">Failed to load pipelines: ' + err.message + '</div>';
+        document.getElementById('factoryList').innerHTML = '<div style="color:var(--accent-rose);padding:1rem">Failed to load pipelines: ' + escapeHtml(err.message) + '</div>';
     });
 }
 function abortPipeline(id) {
@@ -1672,11 +1681,36 @@ function loadIdentityChip() {
                     select = document.getElementById('projectSelect');
                     if (data.projects && data.projects.length > 0) {
                         select.innerHTML = '<option value="">— Select a project —</option>' +
-                            data.projects.map(function (p) { return '<option value="' + p + '">' + p + '</option>'; }).join('');
+                            data.projects.map(function (p) { return '<option value="' + escapeHtml(p) + '">' + escapeHtml(p) + '</option>'; }).join('');
+                        
+                        // v7.5.0: Background fetch intent health to add global traffic-light dots
+                        // Fetch sequentially to prevent SQLite WAL saturation with N concurrent loadContext calls
+                        var pIndex = 0;
+                        function fetchNextHealth() {
+                            if (pIndex >= data.projects.length) return;
+                            var p = data.projects[pIndex++];
+                            fetch('/api/intent-health?project=' + encodeURIComponent(p))
+                                .then(function (res) { return res.json(); })
+                                .then(function (hData) {
+                                    if (hData && typeof hData.score === 'number') {
+                                        var icon = hData.score >= 80 ? "🟢" : (hData.score >= 50 ? "🟡" : "🔴");
+                                        var opt = null;
+                                        for (var oi = 0; oi < select.options.length; oi++) {
+                                            if (select.options[oi].value === p) { opt = select.options[oi]; break; }
+                                        }
+                                        if (opt) opt.textContent = icon + " " + p;
+                                    }
+                                    fetchNextHealth();
+                                }).catch(function () { fetchNextHealth(); });
+                        }
+                        if (data.projects && data.projects.length > 0) {
+                            fetchNextHealth();
+                        }
+
                         gp = document.getElementById('graphProjectFilter');
                         if (gp) {
                             gp.innerHTML = '<option value="">All Projects</option>' +
-                                data.projects.map(function (p) { return '<option value="' + p + '">' + p + '</option>'; }).join('');
+                                data.projects.map(function (p) { return '<option value="' + escapeHtml(p) + '">' + escapeHtml(p) + '</option>'; }).join('');
                         }
                         // Restore last selected project from localStorage
                         var lastProject = localStorage.getItem('prism_last_project');
@@ -1708,8 +1742,15 @@ function loadProject() {
             switch (_a.label) {
                 case 0:
                     project = document.getElementById('projectSelect').value;
-                    if (!project)
+                    if (!project) {
+                        var hc = document.getElementById('intentHealthCard');
+                        if (hc) hc.style.display = 'none';
+                        var welcomeEl = document.getElementById('welcome');
+                        var contentEl = document.getElementById('content');
+                        if (contentEl) contentEl.style.display = 'none';
+                        if (welcomeEl) welcomeEl.style.display = 'flex';
                         return [2 /*return*/];
+                    }
                     // Persist last selected project
                     try { localStorage.setItem('prism_last_project', project); } catch(e) {}
                     document.getElementById('welcome').style.display = 'none';
@@ -1767,7 +1808,7 @@ function loadProject() {
                             var snap = h.snapshot || {};
                             var summary = snap.last_summary || snap.summary || 'Snapshot';
                             return '<div class="timeline-item history">' +
-                                '<div class="meta"><span class="badge badge-purple">v' + h.version + '</span>' +
+                                '<div class="meta"><span class="badge badge-purple">v' + escapeHtml(h.version) + '</span>' +
                                 '<span>' + formatDate(h.created_at) + '</span></div>' +
                                 escapeHtml(summary) + '</div>';
                         }).join('');
@@ -1785,7 +1826,7 @@ function loadProject() {
                                 try {
                                     var parsed = typeof decisions === 'string' ? JSON.parse(decisions) : decisions;
                                     if (Array.isArray(parsed) && parsed.length > 0) {
-                                        extra = '<div style="margin-top:0.3rem;font-size:0.75rem;color:var(--accent-cyan)">Decisions: ' + parsed.join(', ') + '</div>';
+                                        extra = '<div style="margin-top:0.3rem;font-size:0.75rem;color:var(--accent-cyan)">Decisions: ' + parsed.map(function(d) { return escapeHtml(d); }).join(', ') + '</div>';
                                     }
                                 }
                                 catch (e) { }
@@ -1851,6 +1892,10 @@ function loadProject() {
                     document.getElementById('content').className = 'grid grid-main fade-in';
                     document.getElementById('content').style.display = 'grid';
                     projectLoaded = true; // Fix 3: mark project as loaded for tab-switch restore
+                    
+                    // Feature A: Run Intent Health Fetch
+                    fetchIntentHealth(project);
+                    
                     // v3.1: Analytics + Lifecycle Controls + Import
                     document.getElementById('analyticsCard').style.display = 'block';
                     document.getElementById('lifecycleCard').style.display = 'block';
@@ -2393,7 +2438,7 @@ function showToast(msg, isErr) {
 function escapeHtml(str) {
     if (!str)
         return '';
-    return String(str).replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
+    return String(str).replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;').replace(/"/g, '&quot;').replace(/'/g, '&#039;');
 }
 function formatDate(isoStr) {
     if (!isoStr)
@@ -4060,6 +4105,67 @@ if ('serviceWorker' in navigator) {
     });
 }
 
+/* --- INTENT HEALTH COMPONENT (ES5 Safe) --- */
+
+function fetchIntentHealth(project) {
+    var container = document.getElementById('intentHealthCardContent');
+    var card = document.getElementById('intentHealthCard');
+    if (!container || !card) return;
+
+    card.style.display = 'block';
+    container.innerHTML = '<div style="color: #8b949e; padding: 16px;">Computing intent debt...</div>';
+
+    fetch('/api/intent-health?project=' + encodeURIComponent(project))
+        .then(function(res) { return res.json(); })
+        .then(function(data) {
+            if (data.error) {
+                container.innerHTML = '<div style="color: #ff7b72; padding: 16px;">Error: ' + escapeHtml(data.error) + '</div>';
+                return;
+            }
+            renderIntentHealthCard(data);
+        })
+        .catch(function(err) {
+            container.innerHTML = '<div style="color: #ff7b72; padding: 16px;">Failed to load intent health.</div>';
+        });
+}
+
+function renderIntentHealthCard(data) {
+    var container = document.getElementById('intentHealthCardContent');
+    if (!container) return;
+
+    // Determine Gauge Color
+    var scoreColor = '#2ea043'; // Green
+    if (data.score < 50) {
+        scoreColor = '#ff7b72'; // Red
+    } else if (data.score < 80) {
+        scoreColor = '#d29922'; // Yellow
+    }
+
+    // Render Signals
+    var signalsHtml = '';
+    for (var i = 0; i < data.signals.length; i++) {
+        var sig = data.signals[i];
+        var icon = '🟢';
+        if (sig.severity === 'warn') icon = '🟡';
+        if (sig.severity === 'critical') icon = '🔴';
+        signalsHtml += '<div style="margin-bottom: 8px; font-size: 13px;">' + icon + ' ' + escapeHtml(sig.message) + '</div>';
+    }
+
+    // Render Layout
+    var html = '' +
+        '<div style="display: flex; gap: 24px; align-items: center; padding: 16px;">' +
+            '<div style="text-align: center; flex-shrink: 0; min-width: 80px;">' +
+                '<div style="font-size: 42px; font-weight: bold; color: ' + scoreColor + '; line-height: 1;">' + (typeof data.score === 'number' ? data.score : '—') + '</div>' +
+                '<div style="font-size: 10px; color: #8b949e; text-transform: uppercase; letter-spacing: 1px; margin-top: 8px;">Health Score</div>' +
+            '</div>' +
+            '<div style="flex-grow: 1; border-left: 1px solid var(--border-glass); padding-left: 24px;">' +
+                signalsHtml +
+            '</div>' +
+        '</div>';
+
+    container.innerHTML = html;
+}
+
 </script>
 </body>
 </html>`;

package/dist/storage/sqlite.js

@@ -1184,6 +1184,30 @@ export class SqliteStorage {
                 importance: r.importance,
             }));
         }
+        // ─── v7.5.0: Validation Pulse (Standard & Deep) ─────────────
+        context.recent_validations = []; // Default empty
+        try {
+            const validationResult = await this.db.execute({
+                sql: `SELECT run_at, passed, pass_rate, gate_action, critical_failures
+              FROM verification_runs
+              WHERE project = ? AND user_id = ?
+              ORDER BY run_at DESC
+              LIMIT 3`,
+                args: [project, userId],
+            });
+            if (validationResult.rows.length > 0) {
+                context.recent_validations = validationResult.rows.map(r => ({
+                    run_at: r.run_at,
+                    passed: Boolean(r.passed),
+                    pass_rate: r.pass_rate,
+                    gate_action: r.gate_action,
+                    critical_failures: Number(r.critical_failures) || 0,
+                }));
+            }
+        }
+        catch (e) {
+            // Graceful degradation if verification_runs table hasn't been migrated yet
+        }
         if (level === "standard") {
             // Add recent ledger entries (role-scoped)
             const recentLedger = await this.db.execute({

package/dist/storage/supabase.js

@@ -170,7 +170,36 @@ export class SupabaseStorage {
                 p_role: role || "global", // v3.0: pass role to RPC
             });
             const data = Array.isArray(result) ? result[0] : result;
-            return data ?? null;
+            const context = data ?? null;
+            if (!context)
+                return null;
+            // ─── v7.5.0: Validation Pulse (Standard & Deep) ─────────────
+            if (level === "standard" || level === "deep") {
+                context.recent_validations = [];
+                try {
+                    const valData = await supabaseGet("verification_runs", {
+                        project: `eq.${project}`,
+                        user_id: `eq.${userId}`,
+                        select: "run_at,passed,pass_rate,gate_action,critical_failures",
+                        order: "run_at.desc",
+                        limit: "3"
+                    });
+                    const validations = Array.isArray(valData) ? valData : [];
+                    if (validations.length > 0) {
+                        context.recent_validations = validations.map((r) => ({
+                            run_at: r.run_at,
+                            passed: Boolean(r.passed),
+                            pass_rate: r.pass_rate,
+                            gate_action: r.gate_action,
+                            critical_failures: Number(r.critical_failures) || 0,
+                        }));
+                    }
+                }
+                catch (e) {
+                    // Graceful degradation if table doesn't exist yet
+                }
+            }
+            return context;
         }
         catch (e) {
             debugLog("[SupabaseStorage] loadContext RPC failed: " + (e instanceof Error ? e.message : String(e)));

package/dist/tools/ledgerHandlers.js

@@ -657,6 +657,19 @@ export async function sessionLoadContextHandler(args) {
     if (d.session_history?.length) {
         formattedContext += `\n📂 Session History (${d.session_history.length} entries):\n` + d.session_history.map((s) => `  [${s.session_date?.split("T")[0]}] ${s.summary}`).join("\n") + `\n`;
     }
+    if (d.recent_validations?.length) {
+        formattedContext += `\n🔬 Recent Validations:\n` + d.recent_validations.map((v) => {
+            const passStr = v.passed ? "✅ PASS" : "❌ FAIL";
+            const icon = v.gate_action ? (v.passed ? "🚀" : "🛑") : "ℹ️";
+            const dateStr = (v.run_at || "unknown").split("T")[0];
+            const rateStr = Math.round((Number(v.pass_rate) || 0) * 100);
+            let out = `  ${icon} [${dateStr}] ${passStr} (${rateStr}%)`;
+            if (v.critical_failures > 0) {
+                out += ` -> Critical Blockers: ${v.critical_failures}`;
+            }
+            return out;
+        }).join("\n") + `\n`;
+    }
     // ─── Role-Scoped Skill Injection ─────────────────────────────
     // If the active role has a skill document stored, append it so the
     // agent loads its rules/conventions automatically at session start.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "prism-mcp-server",
-  "version": "7.4.0",
+  "version": "7.5.0",
   "mcpName": "io.github.dcostenco/prism-mcp",
   "description": "The Mind Palace for AI Agents — adversarial evaluation (PLAN_CONTRACT→EVALUATE anti-sycophancy), fail-closed Dark Factory autonomous pipelines (3-gate parse→type→scope), persistent memory (SQLite/Supabase), ACT-R cognitive retrieval, behavioral learning & IDE rules sync, multi-agent Hivemind, time travel, visual dashboard. Zero-config local mode.",
   "module": "index.ts",