prism-mcp-server 8.0.2 → 9.0.4

package/dist/memory/valenceEngine.js

@@ -0,0 +1,234 @@
+/**
+ * Valence Engine — Affect-Tagged Memory (v9.0)
+ *
+ * ═══════════════════════════════════════════════════════════════════
+ * PURPOSE:
+ *   Implements Affective Cognitive Routing — every memory gets a
+ *   "gut feeling" score from -1.0 (trauma) to +1.0 (success).
+ *   Agents get warned when approaching historically problematic
+ *   topics, and get green-light signals for proven-successful paths.
+ *
+ * AFFECTIVE SALIENCE PRINCIPLE:
+ *   In human psychology, highly emotional memories — both extreme
+ *   joy and extreme trauma — are retrieved MORE easily, not less.
+ *   Therefore, the retrieval score uses |valence| (absolute magnitude)
+ *   to BOOST salience, while the SIGN (±) is used purely for
+ *   prompt injection / UX warnings.
+ *
+ *   This prevents the Valence Retrieval Paradox where a failure
+ *   memory gets pushed below the retrieval threshold, causing the
+ *   agent to repeat the exact same mistake.
+ *
+ * DESIGN:
+ *   All functions are PURE — zero I/O, zero imports from storage.
+ *   Valence propagation through the Synapse graph uses energy-weighted
+ *   transfer with fan-dampened flow and strict [-1, 1] clamping.
+ *
+ * FILES THAT IMPORT THIS:
+ *   - src/storage/sqlite.ts (auto-derive valence on save)
+ *   - src/tools/graphHandlers.ts (hybrid scoring + UX warnings)
+ *   - src/memory/synapseEngine.ts (valence propagation)
+ * ═══════════════════════════════════════════════════════════════════
+ */
+// ─── Valence Derivation ───────────────────────────────────────
+/**
+ * Deterministic mapping from experience event type to valence score.
+ *
+ * | Event Type          | Valence | Rationale                          |
+ * |---------------------|---------|------------------------------------|
+ * | success             | +0.8    | Positive reinforcement             |
+ * | failure             | -0.8    | Strong negative signal             |
+ * | correction          | -0.6    | User had to fix agent              |
+ * | learning            | +0.4    | New knowledge acquired             |
+ * | validation_result   | ±0.6    | Pass → +0.6, Fail → -0.6          |
+ * | session / default   | 0.0     | Neutral — no sentiment signal      |
+ *
+ * @param eventType - The experience event type from session_ledger
+ * @param notes - Optional notes field (for validation_result pass/fail)
+ * @returns Valence score in [-1.0, +1.0]
+ */
+export function deriveValence(eventType, notes) {
+    if (!eventType || eventType === 'session')
+        return 0.0;
+    switch (eventType) {
+        case 'success':
+            return 0.8;
+        case 'failure':
+            return -0.8;
+        case 'correction':
+            return -0.6;
+        case 'learning':
+            return 0.4;
+        case 'validation_result':
+            // Check notes for pass/fail indication
+            if (notes) {
+                const lower = notes.toLowerCase();
+                if (lower.includes('pass') || lower.includes('success') || lower.includes('green')) {
+                    return 0.6;
+                }
+                if (lower.includes('fail') || lower.includes('error') || lower.includes('blocked')) {
+                    return -0.6;
+                }
+            }
+            // Ambiguous validation result → slightly negative (cautious)
+            return -0.2;
+        default:
+            return 0.0;
+    }
+}
+// ─── Retrieval Salience (Magnitude-Based) ─────────────────────
+/**
+ * Compute the retrieval salience boost from valence.
+ *
+ * Uses ABSOLUTE MAGNITUDE — both extreme positive and extreme negative
+ * memories are more salient (more retrievable). The sign is preserved
+ * separately for UX warnings.
+ *
+ * @param valence - Raw valence score in [-1.0, +1.0]
+ * @returns Salience boost in [0.0, 1.0]
+ */
+export function valenceSalience(valence) {
+    if (valence == null || !Number.isFinite(valence))
+        return 0.0;
+    return Math.min(1.0, Math.abs(valence));
+}
+// ─── UX Warning / Signal Tags ─────────────────────────────────
+/**
+ * Format a valence score into a human-readable emoji tag for display
+ * in search results and context output.
+ *
+ * @param valence - Raw valence score in [-1.0, +1.0]
+ * @returns Emoji tag string, or empty string for neutral
+ */
+export function formatValenceTag(valence) {
+    if (valence == null || !Number.isFinite(valence))
+        return '';
+    if (valence <= -0.5)
+        return '🔴';
+    if (valence <= -0.2)
+        return '🟠';
+    if (valence >= 0.5)
+        return '🟢';
+    if (valence >= 0.2)
+        return '🔵';
+    return '🟡'; // Neutral zone (-0.2 to +0.2)
+}
+/**
+ * Determine if a set of retrieved memories should trigger a
+ * negative valence warning in the response.
+ *
+ * @param avgValence - Average valence across top results
+ * @param threshold - Warning threshold (default: -0.3)
+ * @returns true if the agent should be warned about historical friction
+ */
+export function shouldWarnNegativeValence(avgValence, threshold = -0.3) {
+    return Number.isFinite(avgValence) && avgValence < threshold;
+}
+/**
+ * Generate a contextual warning message based on average valence.
+ *
+ * @param avgValence - Average valence across top results
+ * @returns Warning/signal string to inject into MCP response, or null
+ */
+export function generateValenceWarning(avgValence) {
+    if (!Number.isFinite(avgValence))
+        return null;
+    if (avgValence < -0.5) {
+        return '⚠️ **Caution:** This topic is strongly correlated with historical failures and corrections. Consider reviewing past decisions before proceeding.';
+    }
+    if (avgValence < -0.3) {
+        return '⚠️ **Warning:** This area has mixed historical outcomes. Approach with awareness of prior friction.';
+    }
+    if (avgValence > 0.5) {
+        return '🟢 **High Signal:** This path has historically led to successful outcomes.';
+    }
+    return null;
+}
+/**
+ * Propagate valence through Synapse activation results.
+ *
+ * Each node's propagated valence is computed as the energy-weighted
+ * average of its sources' valence, with fan-dampening to prevent
+ * hub explosion. The final value is strictly clamped to [-1.0, +1.0].
+ *
+ * IMPORTANT — Fan-Dampening:
+ *   If 50 neutral nodes point to 1 negative node, the negative valence
+ *   must NOT multiply to -50.0. The incoming valence is averaged over
+ *   the fan-in count, then clamped.
+ *
+ * Algorithm:
+ *   For each non-anchor node with incoming energy flows:
+ *     propagatedValence = Σ(flow_weight × source_valence) / Σ(flow_weight)
+ *   Clamped to [-1.0, +1.0].
+ *
+ *   Anchor nodes retain their original valence unchanged.
+ *
+ * @param synapseResults - Node IDs with their activation energy from Synapse
+ * @param valenceLookup - Map from entry ID → raw valence (from DB)
+ * @param flowWeights - Map from `targetId` → Array<{ sourceId, weight }> representing
+ *                      the energy flows that contributed to each node's activation
+ * @returns Map from entry ID → propagated valence
+ */
+export function propagateValence(synapseResults, valenceLookup, flowWeights) {
+    const result = new Map();
+    for (const node of synapseResults) {
+        // Anchor nodes: use their direct valence
+        if (!node.isDiscovered) {
+            const directValence = valenceLookup.get(node.id) ?? 0.0;
+            result.set(node.id, clampValence(directValence));
+            continue;
+        }
+        // Discovered nodes: compute energy-weighted average from source flows
+        const flows = flowWeights?.get(node.id);
+        if (!flows || flows.length === 0) {
+            // No flow data → use direct valence if available, else neutral
+            result.set(node.id, clampValence(valenceLookup.get(node.id) ?? 0.0));
+            continue;
+        }
+        let weightedValenceSum = 0;
+        let totalWeight = 0;
+        for (const flow of flows) {
+            const sourceValence = valenceLookup.get(flow.sourceId) ?? result.get(flow.sourceId) ?? 0.0;
+            const absWeight = Math.abs(flow.weight);
+            weightedValenceSum += absWeight * sourceValence;
+            totalWeight += absWeight;
+        }
+        const propagated = totalWeight > 0 ? weightedValenceSum / totalWeight : 0.0;
+        result.set(node.id, clampValence(propagated));
+    }
+    return result;
+}
+/**
+ * Clamp a valence value to the valid range [-1.0, +1.0].
+ * Returns 0.0 for non-finite values.
+ */
+export function clampValence(v) {
+    if (!Number.isFinite(v))
+        return 0.0;
+    return Math.max(-1.0, Math.min(1.0, v));
+}
+// ─── Hybrid Score Component ───────────────────────────────────
+/**
+ * Compute the hybrid retrieval score incorporating valence salience.
+ *
+ * Formula: 0.65 × similarity + 0.25 × normalizedActivation + 0.1 × |valence|
+ *
+ * The valence component uses ABSOLUTE MAGNITUDE — both extreme positive
+ * and extreme negative memories get a retrieval boost. Only the sign
+ * matters for UX warnings, not for ranking.
+ *
+ * @param similarity - Semantic similarity score [0, 1]
+ * @param normalizedActivation - Sigmoid-normalized activation energy [0, 1]
+ * @param valence - Raw valence score [-1, +1]
+ * @param weights - Optional weight overrides
+ * @returns Hybrid score in [0, 1]
+ */
+export function computeHybridScoreWithValence(similarity, normalizedActivation, valence, weights = {}) {
+    const wSim = weights.similarity ?? 0.65;
+    const wAct = weights.activation ?? 0.25;
+    const wVal = weights.valence ?? 0.10;
+    const safeSim = Number.isFinite(similarity) ? Math.max(0, Math.min(1, similarity)) : 0;
+    const safeAct = Number.isFinite(normalizedActivation) ? Math.max(0, Math.min(1, normalizedActivation)) : 0;
+    const safeVal = valenceSalience(valence); // Already returns [0, 1] magnitude
+    return wSim * safeSim + wAct * safeAct + wVal * safeVal;
+}

package/dist/scholar/webScholar.js

@@ -1,4 +1,5 @@
-import { BRAVE_API_KEY, FIRECRAWL_API_KEY, TAVILY_API_KEY, PRISM_SCHOLAR_MAX_ARTICLES_PER_RUN, PRISM_USER_ID, PRISM_SCHOLAR_TOPICS, PRISM_ENABLE_HIVEMIND } from "../config.js";
+import { BRAVE_API_KEY, FIRECRAWL_API_KEY, TAVILY_API_KEY, PRISM_SCHOLAR_MAX_ARTICLES_PER_RUN, PRISM_USER_ID, PRISM_SCHOLAR_TOPICS, PRISM_ENABLE_HIVEMIND_ENV } from "../config.js";
+import { getSettingSync } from "../storage/configStorage.js";
 import { getStorage } from "../storage/index.js";
 import { debugLog } from "../utils/logger.js";
 import { getLLMProvider } from "../utils/llm/factory.js";
@@ -16,7 +17,7 @@ const SCHOLAR_ROLE = "scholar";
  * Gracefully no-ops when Hivemind is disabled.
  */
 async function hivemindRegister(topic) {
-    if (!PRISM_ENABLE_HIVEMIND)
+    if (getSettingSync("hivemind_enabled", String(PRISM_ENABLE_HIVEMIND_ENV)) !== "true")
         return;
     try {
         const storage = await getStorage();
@@ -35,7 +36,7 @@ async function hivemindRegister(topic) {
     }
 }
 async function hivemindHeartbeat(task) {
-    if (!PRISM_ENABLE_HIVEMIND)
+    if (getSettingSync("hivemind_enabled", String(PRISM_ENABLE_HIVEMIND_ENV)) !== "true")
         return;
     try {
         const storage = await getStorage();
@@ -44,7 +45,7 @@ async function hivemindHeartbeat(task) {
     catch { /* non-fatal */ }
 }
 async function hivemindIdle() {
-    if (!PRISM_ENABLE_HIVEMIND)
+    if (getSettingSync("hivemind_enabled", String(PRISM_ENABLE_HIVEMIND_ENV)) !== "true")
         return;
     try {
         const storage = await getStorage();
@@ -59,7 +60,7 @@ async function hivemindIdle() {
  * the Scholar's state change and generate alerts for active agents.
  */
 async function hivemindBroadcast(topic, articleCount) {
-    if (!PRISM_ENABLE_HIVEMIND)
+    if (getSettingSync("hivemind_enabled", String(PRISM_ENABLE_HIVEMIND_ENV)) !== "true")
         return;
     try {
         const storage = await getStorage();
@@ -85,7 +86,7 @@ async function selectTopic() {
         return "";
     // Default: random pick
     const randomPick = topics[Math.floor(Math.random() * topics.length)];
-    if (!PRISM_ENABLE_HIVEMIND)
+    if (getSettingSync("hivemind_enabled", String(PRISM_ENABLE_HIVEMIND_ENV)) !== "true")
         return randomPick;
     try {
         const storage = await getStorage();

package/dist/server.js

@@ -58,7 +58,7 @@ ListResourcesRequestSchema, ListResourceTemplatesRequestSchema, ReadResourceRequ
 // Claude Desktop that the attached resource has changed.
 // Without this, the paperclipped context becomes stale.
 SubscribeRequestSchema, UnsubscribeRequestSchema, } from "@modelcontextprotocol/sdk/types.js";
-import { SERVER_CONFIG, SESSION_MEMORY_ENABLED, PRISM_USER_ID, PRISM_ENABLE_HIVEMIND, WATCHDOG_INTERVAL_MS, WATCHDOG_STALE_MIN, WATCHDOG_FROZEN_MIN, WATCHDOG_OFFLINE_MIN, WATCHDOG_LOOP_THRESHOLD, PRISM_SCHEDULER_ENABLED, PRISM_SCHEDULER_INTERVAL_MS, PRISM_SCHOLAR_ENABLED, PRISM_HDC_ENABLED, PRISM_TASK_ROUTER_ENABLED_ENV, PRISM_DARK_FACTORY_ENABLED, } from "./config.js";
+import { SERVER_CONFIG, SESSION_MEMORY_ENABLED, PRISM_USER_ID, PRISM_ENABLE_HIVEMIND_ENV, WATCHDOG_INTERVAL_MS, WATCHDOG_STALE_MIN, WATCHDOG_FROZEN_MIN, WATCHDOG_OFFLINE_MIN, WATCHDOG_LOOP_THRESHOLD, PRISM_SCHEDULER_ENABLED, PRISM_SCHEDULER_INTERVAL_MS, PRISM_SCHOLAR_ENABLED, PRISM_HDC_ENABLED, PRISM_TASK_ROUTER_ENABLED_ENV, PRISM_DARK_FACTORY_ENABLED_ENV, } from "./config.js";
 import { startWatchdog, drainAlerts } from "./hivemindWatchdog.js";
 import { startScheduler, startScholarScheduler } from "./backgroundScheduler.js";
 import { startDarkFactoryRunner } from "./darkfactory/runner.js";
@@ -72,7 +72,7 @@ import { acquireLock, registerShutdownHandlers } from "./lifecycle.js";
 // error wrapper. Now uses getStorage() which routes through the
 // correct backend (Supabase or SQLite) with proper error handling.
 import { getStorage } from "./storage/index.js";
-import { getSettingSync, initConfigStorage } from "./storage/configStorage.js";
+import { getSettingSync, initConfigStorage, setSetting } from "./storage/configStorage.js";
 import { getTracer, initTelemetry } from "./utils/telemetry.js";
 import { context as otelContext, trace, SpanStatusCode } from "@opentelemetry/api";
 // ─── Import Tool Definitions (schemas) and Handlers (implementations) ─────
@@ -288,9 +288,9 @@ export function getAvailableTools() {
     return [
         ...BASE_TOOLS,
         ...SESSION_MEMORY_TOOLS,
-        ...(PRISM_ENABLE_HIVEMIND ? AGENT_REGISTRY_TOOLS : []),
+        ...(getSettingSync("hivemind_enabled", String(PRISM_ENABLE_HIVEMIND_ENV)) === "true" ? AGENT_REGISTRY_TOOLS : []),
         ...(getSettingSync("task_router_enabled", String(PRISM_TASK_ROUTER_ENABLED_ENV)) === "true" ? [SESSION_TASK_ROUTE_TOOL] : []),
-        ...(PRISM_DARK_FACTORY_ENABLED ? [SESSION_START_PIPELINE_TOOL, SESSION_CHECK_PIPELINE_STATUS_TOOL, SESSION_ABORT_PIPELINE_TOOL] : []),
+        ...(getSettingSync("dark_factory_enabled", String(PRISM_DARK_FACTORY_ENABLED_ENV)) === "true" ? [SESSION_START_PIPELINE_TOOL, SESSION_CHECK_PIPELINE_STATUS_TOOL, SESSION_ABORT_PIPELINE_TOOL] : []),
     ];
 }
 export function createServer() {
@@ -797,22 +797,22 @@ export function createServer() {
                     case "agent_register":
                         if (!SESSION_MEMORY_ENABLED)
                             throw new Error("Session memory not configured.");
-                        if (!PRISM_ENABLE_HIVEMIND)
-                            throw new Error("Hivemind not enabled. Set PRISM_ENABLE_HIVEMIND=true.");
+                        if (getSettingSync("hivemind_enabled", String(PRISM_ENABLE_HIVEMIND_ENV)) !== "true")
+                            throw new Error("Hivemind not enabled. Enable it in the dashboard or set PRISM_ENABLE_HIVEMIND=true.");
                         result = await agentRegisterHandler(args);
                         break;
                     case "agent_heartbeat":
                         if (!SESSION_MEMORY_ENABLED)
                             throw new Error("Session memory not configured.");
-                        if (!PRISM_ENABLE_HIVEMIND)
-                            throw new Error("Hivemind not enabled. Set PRISM_ENABLE_HIVEMIND=true.");
+                        if (getSettingSync("hivemind_enabled", String(PRISM_ENABLE_HIVEMIND_ENV)) !== "true")
+                            throw new Error("Hivemind not enabled. Enable it in the dashboard or set PRISM_ENABLE_HIVEMIND=true.");
                         result = await agentHeartbeatHandler(args);
                         break;
                     case "agent_list_team":
                         if (!SESSION_MEMORY_ENABLED)
                             throw new Error("Session memory not configured.");
-                        if (!PRISM_ENABLE_HIVEMIND)
-                            throw new Error("Hivemind not enabled. Set PRISM_ENABLE_HIVEMIND=true.");
+                        if (getSettingSync("hivemind_enabled", String(PRISM_ENABLE_HIVEMIND_ENV)) !== "true")
+                            throw new Error("Hivemind not enabled. Enable it in the dashboard or set PRISM_ENABLE_HIVEMIND=true.");
                         result = await agentListTeamHandler(args);
                         break;
                     // ─── v7.1: Task Router ───
@@ -827,22 +827,22 @@ export function createServer() {
                     case "session_start_pipeline":
                         if (!SESSION_MEMORY_ENABLED)
                             throw new Error("Session memory not configured.");
-                        if (!PRISM_DARK_FACTORY_ENABLED)
-                            throw new Error("Dark Factory not enabled. Set PRISM_DARK_FACTORY_ENABLED=true.");
+                        if (getSettingSync("dark_factory_enabled", String(PRISM_DARK_FACTORY_ENABLED_ENV)) !== "true")
+                            throw new Error("Dark Factory not enabled. Enable it in the dashboard or set PRISM_DARK_FACTORY_ENABLED=true.");
                         result = await sessionStartPipelineHandler(args);
                         break;
                     case "session_check_pipeline_status":
                         if (!SESSION_MEMORY_ENABLED)
                             throw new Error("Session memory not configured.");
-                        if (!PRISM_DARK_FACTORY_ENABLED)
-                            throw new Error("Dark Factory not enabled. Set PRISM_DARK_FACTORY_ENABLED=true.");
+                        if (getSettingSync("dark_factory_enabled", String(PRISM_DARK_FACTORY_ENABLED_ENV)) !== "true")
+                            throw new Error("Dark Factory not enabled. Enable it in the dashboard or set PRISM_DARK_FACTORY_ENABLED=true.");
                         result = await sessionCheckPipelineStatusHandler(args);
                         break;
                     case "session_abort_pipeline":
                         if (!SESSION_MEMORY_ENABLED)
                             throw new Error("Session memory not configured.");
-                        if (!PRISM_DARK_FACTORY_ENABLED)
-                            throw new Error("Dark Factory not enabled. Set PRISM_DARK_FACTORY_ENABLED=true.");
+                        if (getSettingSync("dark_factory_enabled", String(PRISM_DARK_FACTORY_ENABLED_ENV)) !== "true")
+                            throw new Error("Dark Factory not enabled. Enable it in the dashboard or set PRISM_DARK_FACTORY_ENABLED=true.");
                         result = await sessionAbortPipelineHandler(args);
                         break;
                     default:
@@ -856,7 +856,7 @@ export function createServer() {
                 // CRITICAL: Append alerts DIRECTLY to tool response content
                 // so the LLM actually reads them. sendLoggingMessage goes to
                 // debug logs which the LLM never sees.
-                if (PRISM_ENABLE_HIVEMIND && result && !result.isError) {
+                if (getSettingSync("hivemind_enabled", String(PRISM_ENABLE_HIVEMIND_ENV)) === "true" && result && !result.isError) {
                     const project = args?.project;
                     if (typeof project === "string") {
                         const alerts = drainAlerts(project);
@@ -974,6 +974,41 @@ export function createSandboxServer() {
  * is standard for MCP — it reads JSON-RPC from stdin and writes
  * responses to stdout. Log messages go to stderr.
  */
+/**
+ * v9.2: One-time env-to-configStorage migration.
+ *
+ * Seeds prism-config.db with values from env vars using "setIfAbsent" semantics:
+ * - If the key already has a value in configStorage (e.g., set via the dashboard),
+ *   it is NEVER overwritten.
+ * - If the key has no value yet AND the env var is set, we seed the db with the
+ *   env-var value so the dashboard UI correctly reflects the existing configuration.
+ *
+ * This is idempotent — safe to call on every startup. After the first run it becomes
+ * a no-op since all keys will already have values in configStorage.
+ *
+ * Covers: feature flags (Hivemind, Task Router, Dark Factory) and Supabase credentials.
+ */
+async function migrateEnvToConfigStorage() {
+    const migrations = [
+        // Feature flags
+        { dbKey: "hivemind_enabled", envValue: process.env.PRISM_ENABLE_HIVEMIND ? (process.env.PRISM_ENABLE_HIVEMIND === "true" ? "true" : "false") : undefined },
+        { dbKey: "task_router_enabled", envValue: process.env.PRISM_TASK_ROUTER_ENABLED ? (process.env.PRISM_TASK_ROUTER_ENABLED === "true" ? "true" : "false") : undefined },
+        { dbKey: "dark_factory_enabled", envValue: process.env.PRISM_DARK_FACTORY_ENABLED ? (process.env.PRISM_DARK_FACTORY_ENABLED === "true" ? "true" : "false") : undefined },
+        // Supabase credentials — only migrate if present and non-empty
+        { dbKey: "SUPABASE_URL", envValue: process.env.SUPABASE_URL || undefined },
+        { dbKey: "SUPABASE_KEY", envValue: process.env.SUPABASE_KEY || undefined },
+        { dbKey: "PRISM_STORAGE", envValue: process.env.PRISM_STORAGE || undefined },
+    ];
+    for (const { dbKey, envValue } of migrations) {
+        if (!envValue)
+            continue; // env var not set — nothing to migrate
+        const existing = getSettingSync(dbKey, "");
+        if (existing !== "")
+            continue; // already has a value — never overwrite
+        await setSetting(dbKey, envValue);
+        console.error(`[Prism] Migrated env var → configStorage: ${dbKey} = ${dbKey.toLowerCase().includes("key") ? "***" : envValue}`);
+    }
+}
 export async function startServer() {
     // MUST BE FIRST: Kill any zombie processes and acquire the singleton PID lock
     // before touching SQLite. This prevents lock contention on prism-config.db.
@@ -983,6 +1018,12 @@ export async function startServer() {
     // during the Initialize handshake — zero extra latency for resource reads.
     // initConfigStorage() is local SQLite only (~5ms), safe to await.
     await initConfigStorage();
+    // v9.2: One-time env-to-configStorage migration.
+    // For users who previously set feature flags/Supabase credentials via env
+    // vars, seed configStorage with those values IF the key doesn't exist yet.
+    // This is "setIfAbsent" logic — it never overwrites a dashboard-set value.
+    // After this runs, the dashboard toggles reflect the actual runtime state.
+    await migrateEnvToConfigStorage();
     // v4.6.0: Initialize OTel AFTER the settings cache is warm so that
     // initTelemetry() can read otel_enabled/otel_endpoint from getSettingSync()
     // synchronously. This is a synchronous call — no await needed.
@@ -1144,7 +1185,7 @@ export async function startServer() {
     // Start the server-side health monitor after storage is warm.
     // Runs every WATCHDOG_INTERVAL_MS (default 60s) to detect
     // frozen agents, infinite loops, and task overruns.
-    if (PRISM_ENABLE_HIVEMIND && SESSION_MEMORY_ENABLED) {
+    if (getSettingSync("hivemind_enabled", String(PRISM_ENABLE_HIVEMIND_ENV)) === "true" && SESSION_MEMORY_ENABLED) {
         storageReady?.then(() => {
             startWatchdog({
                 intervalMs: WATCHDOG_INTERVAL_MS,
@@ -1184,7 +1225,7 @@ export async function startServer() {
     // Autonomous pipeline orchestration engine. Picks up RUNNING
     // pipelines and advances them through PLAN → EXECUTE → VERIFY
     // cycles. Non-blocking — uses setInterval to yield between ticks.
-    if (PRISM_DARK_FACTORY_ENABLED && SESSION_MEMORY_ENABLED) {
+    if (getSettingSync("dark_factory_enabled", String(PRISM_DARK_FACTORY_ENABLED_ENV)) === "true" && SESSION_MEMORY_ENABLED) {
         storageReady?.then(() => {
             startDarkFactoryRunner();
         }).catch(err => {

package/dist/storage/index.js

@@ -1,26 +1,70 @@
-import { PRISM_STORAGE as ENV_PRISM_STORAGE, SUPABASE_CONFIGURED } from "../config.js";
 import { debugLog } from "../utils/logger.js";
 import { SupabaseStorage } from "./supabase.js";
 import { getSetting } from "./configStorage.js";
 let storageInstance = null;
 export let activeStorageBackend = "local";
+/** Validate that a string is an http(s) URL (mirrors logic in config.ts). */
+function isHttpUrl(value) {
+    try {
+        const parsed = new URL(value);
+        return parsed.protocol === "http:" || parsed.protocol === "https:";
+    }
+    catch {
+        return false;
+    }
+}
 /**
  * Returns the singleton storage backend.
  *
  * On first call: creates and initializes the appropriate backend.
  * On subsequent calls: returns the cached instance.
+ *
+ * SUPABASE CREDENTIAL RESOLUTION ORDER (v9.2):
+ *   1. configStorage (prism-config.db)           (set via Mind Palace dashboard)
+ *   2. process.env.SUPABASE_URL / SUPABASE_KEY  (env var fallback)
+ *
+ * If credentials are found only in configStorage, they are injected into
+ * process.env so that supabaseApi.ts (which reads module-level constants
+ * from config.ts) picks them up on the same startup cycle.
  */
 export async function getStorage() {
     if (storageInstance)
         return storageInstance;
-    // Use environment variable if explicitly set, otherwise fall back to db config
-    const envStorage = process.env.PRISM_STORAGE;
-    const requestedBackend = (envStorage || await getSetting("PRISM_STORAGE", ENV_PRISM_STORAGE));
-    // Guardrail: if Supabase is requested but credentials are unresolved/invalid,
-    // transparently fall back to local mode to keep dashboard + core tools usable.
-    if (requestedBackend === "supabase" && !SUPABASE_CONFIGURED) {
-        activeStorageBackend = "local";
-        console.error("[Prism Storage] Supabase backend requested but SUPABASE_URL/SUPABASE_KEY are invalid or unresolved. Falling back to local storage.");
+    // SOURCE OF TRUTH: prism-config.db (dashboard) → env fallback → "local" default
+    // DB wins because the dashboard is the authoritative source post-migration.
+    const dbStorage = await getSetting("PRISM_STORAGE", "");
+    const requestedBackend = (dbStorage || process.env.PRISM_STORAGE || "local");
+    if (requestedBackend === "supabase") {
+        // ─── Resolve credentials: configStorage → env var fallback ──────────
+        // v9.2: DB (dashboard) is the source of truth for Supabase credentials,
+        // consistent with PRISM_STORAGE resolution above. If the user configured
+        // Supabase via the dashboard, the values live in configStorage. Env vars
+        // are only used as a fallback for users who haven't migrated yet.
+        const resolvedUrl = await getSetting("SUPABASE_URL", "") ||
+            process.env.SUPABASE_URL ||
+            "";
+        const resolvedKey = await getSetting("SUPABASE_KEY", "") ||
+            await getSetting("SUPABASE_SERVICE_ROLE_KEY", "") ||
+            process.env.SUPABASE_KEY ||
+            "";
+        const isConfigured = !!resolvedUrl && !!resolvedKey && isHttpUrl(resolvedUrl);
+        if (!isConfigured) {
+            activeStorageBackend = "local";
+            console.error("[Prism Storage] Supabase backend requested but credentials are missing or invalid " +
+                "(checked both process.env and prism-config.db). Falling back to local storage.\n" +
+                "  → Configure via Mind Palace dashboard (Settings → Storage Backend → Supabase) or set SUPABASE_URL / SUPABASE_KEY env vars.");
+        }
+        else {
+            // Inject resolved credentials into process.env so supabaseApi.ts
+            // (which reads config.ts module-level constants) can use them.
+            // This is safe: process.env injection only affects in-process lookups;
+            // it doesn't mutate the shell environment of the parent process.
+            // Always overwrite — DB is the source of truth post-v9.2.
+            process.env.SUPABASE_URL = resolvedUrl;
+            process.env.SUPABASE_KEY = resolvedKey;
+            activeStorageBackend = "supabase";
+            debugLog(`[Prism Storage] Supabase credentials resolved (source: ${await getSetting("SUPABASE_URL", "") ? "configStorage" : "env"})`);
+        }
     }
     else {
         activeStorageBackend = requestedBackend;