shieldcortex 4.15.0 → 4.16.0

package/dashboard/.next/standalone/dashboard/.next/server/pages/404.html

@@ -1,4 +1,4 @@
-<!DOCTYPE html><!--10a_MRwbHFUuDdfr86RUu--><html lang="en" class="dark" data-theme="terminal"><head><meta charSet="utf-8"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="stylesheet" href="/_next/static/chunks/2473c16c0c2f6b5f.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/chunks/bf725d638cce46d4.css" data-precedence="next"/><link rel="preload" as="script" fetchPriority="low" href="/_next/static/chunks/d878b929b21636c4.js"/><script src="/_next/static/chunks/d9ad4c35fc865415.js" async=""></script><script src="/_next/static/chunks/43d761df92da7cb6.js" async=""></script><script src="/_next/static/chunks/e281719dbabcca1d.js" async=""></script><script src="/_next/static/chunks/9e56d1f8f4d7adcb.js" async=""></script><script src="/_next/static/chunks/turbopack-79214717b23f7452.js" async=""></script><script src="/_next/static/chunks/4ddb24d8ce3b8617.js" async=""></script><script src="/_next/static/chunks/417032eeb2cd875f.js" async=""></script><script src="/_next/static/chunks/d334b69bff7779be.js" async=""></script><meta name="robots" content="noindex"/><meta name="next-size-adjust" content=""/><title>404: This page could not be found.</title><title>ShieldCortex</title><meta name="description" content="AI Memory Security Dashboard — Defence pipeline, audit logs, quarantine review"/><script>
+<!DOCTYPE html><!--6WjF0Utj3STrFgg7vZVPK--><html lang="en" class="dark" data-theme="terminal"><head><meta charSet="utf-8"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="stylesheet" href="/_next/static/chunks/2473c16c0c2f6b5f.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/chunks/bf725d638cce46d4.css" data-precedence="next"/><link rel="preload" as="script" fetchPriority="low" href="/_next/static/chunks/d878b929b21636c4.js"/><script src="/_next/static/chunks/d9ad4c35fc865415.js" async=""></script><script src="/_next/static/chunks/43d761df92da7cb6.js" async=""></script><script src="/_next/static/chunks/e281719dbabcca1d.js" async=""></script><script src="/_next/static/chunks/9e56d1f8f4d7adcb.js" async=""></script><script src="/_next/static/chunks/turbopack-79214717b23f7452.js" async=""></script><script src="/_next/static/chunks/4ddb24d8ce3b8617.js" async=""></script><script src="/_next/static/chunks/417032eeb2cd875f.js" async=""></script><script src="/_next/static/chunks/d334b69bff7779be.js" async=""></script><meta name="robots" content="noindex"/><meta name="next-size-adjust" content=""/><title>404: This page could not be found.</title><title>ShieldCortex</title><meta name="description" content="AI Memory Security Dashboard — Defence pipeline, audit logs, quarantine review"/><script>
 try {
   var t = localStorage.getItem('sc-theme');
   if (t !== 'glass' && t !== 'terminal') t = 'terminal';
@@ -6,4 +6,4 @@ try {
 } catch (e) {
   document.documentElement.dataset.theme = 'terminal';
 }
-</script><script src="/_next/static/chunks/a6dad97d9634a72d.js" noModule=""></script></head><body class="geist_a71539c9-module__T19VSG__variable geist_mono_8d43a2aa-module__8Li5zG__variable antialiased bg-slate-950"><div hidden=""><!--$--><!--/$--></div><div style="font-family:system-ui,&quot;Segoe UI&quot;,Roboto,Helvetica,Arial,sans-serif,&quot;Apple Color Emoji&quot;,&quot;Segoe UI Emoji&quot;;height:100vh;text-align:center;display:flex;flex-direction:column;align-items:center;justify-content:center"><div><style>body{color:#000;background:#fff;margin:0}.next-error-h1{border-right:1px solid rgba(0,0,0,.3)}@media (prefers-color-scheme:dark){body{color:#fff;background:#000}.next-error-h1{border-right:1px solid rgba(255,255,255,.3)}}</style><h1 class="next-error-h1" style="display:inline-block;margin:0 20px 0 0;padding:0 23px 0 0;font-size:24px;font-weight:500;vertical-align:top;line-height:49px">404</h1><div style="display:inline-block"><h2 style="font-size:14px;font-weight:400;line-height:49px;margin:0">This page could not be found.</h2></div></div></div><!--$--><!--/$--><script src="/_next/static/chunks/d878b929b21636c4.js" id="_R_" async=""></script><script>(self.__next_f=self.__next_f||[]).push([0])</script><script>self.__next_f.push([1,"1:\"$Sreact.fragment\"\n2:I[36111,[\"/_next/static/chunks/4ddb24d8ce3b8617.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"Providers\"]\n3:I[57043,[\"/_next/static/chunks/4ddb24d8ce3b8617.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"default\"]\n4:I[10445,[\"/_next/static/chunks/4ddb24d8ce3b8617.js\",\"/_next/static/chunks/417032eeb2cd875f.js\",\"/_next/static/chunks/d334b69bff7779be.js\"],\"default\"]\n5:I[27657,[\"/_next/static/chunks/4ddb24d8ce3b8617.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"default\"]\n6:I[56978,[\"/_next/static/chunks/4ddb24d8ce3b8617.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"OutletBoundary\"]\n7:\"$Sreact.suspense\"\n9:I[56978,[\"/_next/static/chunks/4ddb24d8ce3b8617.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"ViewportBoundary\"]\nb:I[56978,[\"/_next/static/chunks/4ddb24d8ce3b8617.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"MetadataBoundary\"]\nd:I[30687,[\"/_next/static/chunks/4ddb24d8ce3b8617.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"default\"]\n:HL[\"/_next/static/chunks/2473c16c0c2f6b5f.css\",\"style\"]\n:HL[\"/_next/static/chunks/bf725d638cce46d4.css\",\"style\"]\n"])</script><script>self.__next_f.push([1,"0:{\"P\":null,\"b\":\"10a_MRwbHFUuDdfr86RUu\",\"c\":[\"\",\"_not-found\"],\"q\":\"\",\"i\":false,\"f\":[[[\"\",{\"children\":[\"/_not-found\",{\"children\":[\"__PAGE__\",{}]}]},\"$undefined\",\"$undefined\",true],[[\"$\",\"$1\",\"c\",{\"children\":[[[\"$\",\"link\",\"0\",{\"rel\":\"stylesheet\",\"href\":\"/_next/static/chunks/2473c16c0c2f6b5f.css\",\"precedence\":\"next\",\"crossOrigin\":\"$undefined\",\"nonce\":\"$undefined\"}],[\"$\",\"link\",\"1\",{\"rel\":\"stylesheet\",\"href\":\"/_next/static/chunks/bf725d638cce46d4.css\",\"precedence\":\"next\",\"crossOrigin\":\"$undefined\",\"nonce\":\"$undefined\"}],[\"$\",\"script\",\"script-0\",{\"src\":\"/_next/static/chunks/4ddb24d8ce3b8617.js\",\"async\":true,\"nonce\":\"$undefined\"}],[\"$\",\"script\",\"script-1\",{\"src\":\"/_next/static/chunks/417032eeb2cd875f.js\",\"async\":true,\"nonce\":\"$undefined\"}]],[\"$\",\"html\",null,{\"lang\":\"en\",\"className\":\"dark\",\"data-theme\":\"terminal\",\"suppressHydrationWarning\":true,\"children\":[[\"$\",\"head\",null,{\"children\":[\"$\",\"script\",null,{\"dangerouslySetInnerHTML\":{\"__html\":\"\\ntry {\\n  var t = localStorage.getItem('sc-theme');\\n  if (t !== 'glass' \u0026\u0026 t !== 'terminal') t = 'terminal';\\n  document.documentElement.dataset.theme = t;\\n} catch (e) {\\n  document.documentElement.dataset.theme = 'terminal';\\n}\\n\"}}]}],[\"$\",\"body\",null,{\"className\":\"geist_a71539c9-module__T19VSG__variable geist_mono_8d43a2aa-module__8Li5zG__variable antialiased bg-slate-950\",\"children\":[\"$\",\"$L2\",null,{\"children\":[\"$\",\"$L3\",null,{\"parallelRouterKey\":\"children\",\"error\":\"$4\",\"errorStyles\":[],\"errorScripts\":[[\"$\",\"script\",\"script-0\",{\"src\":\"/_next/static/chunks/d334b69bff7779be.js\",\"async\":true}]],\"template\":[\"$\",\"$L5\",null,{}],\"templateStyles\":\"$undefined\",\"templateScripts\":\"$undefined\",\"notFound\":[[[\"$\",\"title\",null,{\"children\":\"404: This page could not be found.\"}],[\"$\",\"div\",null,{\"style\":{\"fontFamily\":\"system-ui,\\\"Segoe UI\\\",Roboto,Helvetica,Arial,sans-serif,\\\"Apple Color Emoji\\\",\\\"Segoe UI Emoji\\\"\",\"height\":\"100vh\",\"textAlign\":\"center\",\"display\":\"flex\",\"flexDirection\":\"column\",\"alignItems\":\"center\",\"justifyContent\":\"center\"},\"children\":[\"$\",\"div\",null,{\"children\":[[\"$\",\"style\",null,{\"dangerouslySetInnerHTML\":{\"__html\":\"body{color:#000;background:#fff;margin:0}.next-error-h1{border-right:1px solid rgba(0,0,0,.3)}@media (prefers-color-scheme:dark){body{color:#fff;background:#000}.next-error-h1{border-right:1px solid rgba(255,255,255,.3)}}\"}}],[\"$\",\"h1\",null,{\"className\":\"next-error-h1\",\"style\":{\"display\":\"inline-block\",\"margin\":\"0 20px 0 0\",\"padding\":\"0 23px 0 0\",\"fontSize\":24,\"fontWeight\":500,\"verticalAlign\":\"top\",\"lineHeight\":\"49px\"},\"children\":404}],[\"$\",\"div\",null,{\"style\":{\"display\":\"inline-block\"},\"children\":[\"$\",\"h2\",null,{\"style\":{\"fontSize\":14,\"fontWeight\":400,\"lineHeight\":\"49px\",\"margin\":0},\"children\":\"This page could not be found.\"}]}]]}]}]],[]],\"forbidden\":\"$undefined\",\"unauthorized\":\"$undefined\"}]}]}]]}]]}],{\"children\":[[\"$\",\"$1\",\"c\",{\"children\":[null,[\"$\",\"$L3\",null,{\"parallelRouterKey\":\"children\",\"error\":\"$undefined\",\"errorStyles\":\"$undefined\",\"errorScripts\":\"$undefined\",\"template\":[\"$\",\"$L5\",null,{}],\"templateStyles\":\"$undefined\",\"templateScripts\":\"$undefined\",\"notFound\":\"$undefined\",\"forbidden\":\"$undefined\",\"unauthorized\":\"$undefined\"}]]}],{\"children\":[[\"$\",\"$1\",\"c\",{\"children\":[[[\"$\",\"title\",null,{\"children\":\"404: This page could not be found.\"}],[\"$\",\"div\",null,{\"style\":\"$0:f:0:1:0:props:children:1:props:children:1:props:children:props:children:props:notFound:0:1:props:style\",\"children\":[\"$\",\"div\",null,{\"children\":[[\"$\",\"style\",null,{\"dangerouslySetInnerHTML\":{\"__html\":\"body{color:#000;background:#fff;margin:0}.next-error-h1{border-right:1px solid rgba(0,0,0,.3)}@media (prefers-color-scheme:dark){body{color:#fff;background:#000}.next-error-h1{border-right:1px solid rgba(255,255,255,.3)}}\"}}],[\"$\",\"h1\",null,{\"className\":\"next-error-h1\",\"style\":\"$0:f:0:1:0:props:children:1:props:children:1:props:children:props:children:props:notFound:0:1:props:children:props:children:1:props:style\",\"children\":404}],[\"$\",\"div\",null,{\"style\":\"$0:f:0:1:0:props:children:1:props:children:1:props:children:props:children:props:notFound:0:1:props:children:props:children:2:props:style\",\"children\":[\"$\",\"h2\",null,{\"style\":\"$0:f:0:1:0:props:children:1:props:children:1:props:children:props:children:props:notFound:0:1:props:children:props:children:2:props:children:props:style\",\"children\":\"This page could not be found.\"}]}]]}]}]],null,[\"$\",\"$L6\",null,{\"children\":[\"$\",\"$7\",null,{\"name\":\"Next.MetadataOutlet\",\"children\":\"$@8\"}]}]]}],{},null,false,false]},null,false,false]},null,false,false],[\"$\",\"$1\",\"h\",{\"children\":[[\"$\",\"meta\",null,{\"name\":\"robots\",\"content\":\"noindex\"}],[\"$\",\"$L9\",null,{\"children\":\"$La\"}],[\"$\",\"div\",null,{\"hidden\":true,\"children\":[\"$\",\"$Lb\",null,{\"children\":[\"$\",\"$7\",null,{\"name\":\"Next.Metadata\",\"children\":\"$Lc\"}]}]}],[\"$\",\"meta\",null,{\"name\":\"next-size-adjust\",\"content\":\"\"}]]}],false]],\"m\":\"$undefined\",\"G\":[\"$d\",\"$undefined\"],\"S\":true}\n"])</script><script>self.__next_f.push([1,"a:[[\"$\",\"meta\",\"0\",{\"charSet\":\"utf-8\"}],[\"$\",\"meta\",\"1\",{\"name\":\"viewport\",\"content\":\"width=device-width, initial-scale=1\"}]]\n"])</script><script>self.__next_f.push([1,"8:null\nc:[[\"$\",\"title\",\"0\",{\"children\":\"ShieldCortex\"}],[\"$\",\"meta\",\"1\",{\"name\":\"description\",\"content\":\"AI Memory Security Dashboard — Defence pipeline, audit logs, quarantine review\"}]]\n"])</script></body></html>
+</script><script src="/_next/static/chunks/a6dad97d9634a72d.js" noModule=""></script></head><body class="geist_a71539c9-module__T19VSG__variable geist_mono_8d43a2aa-module__8Li5zG__variable antialiased bg-slate-950"><div hidden=""><!--$--><!--/$--></div><div style="font-family:system-ui,&quot;Segoe UI&quot;,Roboto,Helvetica,Arial,sans-serif,&quot;Apple Color Emoji&quot;,&quot;Segoe UI Emoji&quot;;height:100vh;text-align:center;display:flex;flex-direction:column;align-items:center;justify-content:center"><div><style>body{color:#000;background:#fff;margin:0}.next-error-h1{border-right:1px solid rgba(0,0,0,.3)}@media (prefers-color-scheme:dark){body{color:#fff;background:#000}.next-error-h1{border-right:1px solid rgba(255,255,255,.3)}}</style><h1 class="next-error-h1" style="display:inline-block;margin:0 20px 0 0;padding:0 23px 0 0;font-size:24px;font-weight:500;vertical-align:top;line-height:49px">404</h1><div style="display:inline-block"><h2 style="font-size:14px;font-weight:400;line-height:49px;margin:0">This page could not be found.</h2></div></div></div><!--$--><!--/$--><script src="/_next/static/chunks/d878b929b21636c4.js" id="_R_" async=""></script><script>(self.__next_f=self.__next_f||[]).push([0])</script><script>self.__next_f.push([1,"1:\"$Sreact.fragment\"\n2:I[36111,[\"/_next/static/chunks/4ddb24d8ce3b8617.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"Providers\"]\n3:I[57043,[\"/_next/static/chunks/4ddb24d8ce3b8617.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"default\"]\n4:I[10445,[\"/_next/static/chunks/4ddb24d8ce3b8617.js\",\"/_next/static/chunks/417032eeb2cd875f.js\",\"/_next/static/chunks/d334b69bff7779be.js\"],\"default\"]\n5:I[27657,[\"/_next/static/chunks/4ddb24d8ce3b8617.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"default\"]\n6:I[56978,[\"/_next/static/chunks/4ddb24d8ce3b8617.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"OutletBoundary\"]\n7:\"$Sreact.suspense\"\n9:I[56978,[\"/_next/static/chunks/4ddb24d8ce3b8617.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"ViewportBoundary\"]\nb:I[56978,[\"/_next/static/chunks/4ddb24d8ce3b8617.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"MetadataBoundary\"]\nd:I[30687,[\"/_next/static/chunks/4ddb24d8ce3b8617.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"default\"]\n:HL[\"/_next/static/chunks/2473c16c0c2f6b5f.css\",\"style\"]\n:HL[\"/_next/static/chunks/bf725d638cce46d4.css\",\"style\"]\n"])</script><script>self.__next_f.push([1,"0:{\"P\":null,\"b\":\"6WjF0Utj3STrFgg7vZVPK\",\"c\":[\"\",\"_not-found\"],\"q\":\"\",\"i\":false,\"f\":[[[\"\",{\"children\":[\"/_not-found\",{\"children\":[\"__PAGE__\",{}]}]},\"$undefined\",\"$undefined\",true],[[\"$\",\"$1\",\"c\",{\"children\":[[[\"$\",\"link\",\"0\",{\"rel\":\"stylesheet\",\"href\":\"/_next/static/chunks/2473c16c0c2f6b5f.css\",\"precedence\":\"next\",\"crossOrigin\":\"$undefined\",\"nonce\":\"$undefined\"}],[\"$\",\"link\",\"1\",{\"rel\":\"stylesheet\",\"href\":\"/_next/static/chunks/bf725d638cce46d4.css\",\"precedence\":\"next\",\"crossOrigin\":\"$undefined\",\"nonce\":\"$undefined\"}],[\"$\",\"script\",\"script-0\",{\"src\":\"/_next/static/chunks/4ddb24d8ce3b8617.js\",\"async\":true,\"nonce\":\"$undefined\"}],[\"$\",\"script\",\"script-1\",{\"src\":\"/_next/static/chunks/417032eeb2cd875f.js\",\"async\":true,\"nonce\":\"$undefined\"}]],[\"$\",\"html\",null,{\"lang\":\"en\",\"className\":\"dark\",\"data-theme\":\"terminal\",\"suppressHydrationWarning\":true,\"children\":[[\"$\",\"head\",null,{\"children\":[\"$\",\"script\",null,{\"dangerouslySetInnerHTML\":{\"__html\":\"\\ntry {\\n  var t = localStorage.getItem('sc-theme');\\n  if (t !== 'glass' \u0026\u0026 t !== 'terminal') t = 'terminal';\\n  document.documentElement.dataset.theme = t;\\n} catch (e) {\\n  document.documentElement.dataset.theme = 'terminal';\\n}\\n\"}}]}],[\"$\",\"body\",null,{\"className\":\"geist_a71539c9-module__T19VSG__variable geist_mono_8d43a2aa-module__8Li5zG__variable antialiased bg-slate-950\",\"children\":[\"$\",\"$L2\",null,{\"children\":[\"$\",\"$L3\",null,{\"parallelRouterKey\":\"children\",\"error\":\"$4\",\"errorStyles\":[],\"errorScripts\":[[\"$\",\"script\",\"script-0\",{\"src\":\"/_next/static/chunks/d334b69bff7779be.js\",\"async\":true}]],\"template\":[\"$\",\"$L5\",null,{}],\"templateStyles\":\"$undefined\",\"templateScripts\":\"$undefined\",\"notFound\":[[[\"$\",\"title\",null,{\"children\":\"404: This page could not be found.\"}],[\"$\",\"div\",null,{\"style\":{\"fontFamily\":\"system-ui,\\\"Segoe UI\\\",Roboto,Helvetica,Arial,sans-serif,\\\"Apple Color Emoji\\\",\\\"Segoe UI Emoji\\\"\",\"height\":\"100vh\",\"textAlign\":\"center\",\"display\":\"flex\",\"flexDirection\":\"column\",\"alignItems\":\"center\",\"justifyContent\":\"center\"},\"children\":[\"$\",\"div\",null,{\"children\":[[\"$\",\"style\",null,{\"dangerouslySetInnerHTML\":{\"__html\":\"body{color:#000;background:#fff;margin:0}.next-error-h1{border-right:1px solid rgba(0,0,0,.3)}@media (prefers-color-scheme:dark){body{color:#fff;background:#000}.next-error-h1{border-right:1px solid rgba(255,255,255,.3)}}\"}}],[\"$\",\"h1\",null,{\"className\":\"next-error-h1\",\"style\":{\"display\":\"inline-block\",\"margin\":\"0 20px 0 0\",\"padding\":\"0 23px 0 0\",\"fontSize\":24,\"fontWeight\":500,\"verticalAlign\":\"top\",\"lineHeight\":\"49px\"},\"children\":404}],[\"$\",\"div\",null,{\"style\":{\"display\":\"inline-block\"},\"children\":[\"$\",\"h2\",null,{\"style\":{\"fontSize\":14,\"fontWeight\":400,\"lineHeight\":\"49px\",\"margin\":0},\"children\":\"This page could not be found.\"}]}]]}]}]],[]],\"forbidden\":\"$undefined\",\"unauthorized\":\"$undefined\"}]}]}]]}]]}],{\"children\":[[\"$\",\"$1\",\"c\",{\"children\":[null,[\"$\",\"$L3\",null,{\"parallelRouterKey\":\"children\",\"error\":\"$undefined\",\"errorStyles\":\"$undefined\",\"errorScripts\":\"$undefined\",\"template\":[\"$\",\"$L5\",null,{}],\"templateStyles\":\"$undefined\",\"templateScripts\":\"$undefined\",\"notFound\":\"$undefined\",\"forbidden\":\"$undefined\",\"unauthorized\":\"$undefined\"}]]}],{\"children\":[[\"$\",\"$1\",\"c\",{\"children\":[[[\"$\",\"title\",null,{\"children\":\"404: This page could not be found.\"}],[\"$\",\"div\",null,{\"style\":\"$0:f:0:1:0:props:children:1:props:children:1:props:children:props:children:props:notFound:0:1:props:style\",\"children\":[\"$\",\"div\",null,{\"children\":[[\"$\",\"style\",null,{\"dangerouslySetInnerHTML\":{\"__html\":\"body{color:#000;background:#fff;margin:0}.next-error-h1{border-right:1px solid rgba(0,0,0,.3)}@media (prefers-color-scheme:dark){body{color:#fff;background:#000}.next-error-h1{border-right:1px solid rgba(255,255,255,.3)}}\"}}],[\"$\",\"h1\",null,{\"className\":\"next-error-h1\",\"style\":\"$0:f:0:1:0:props:children:1:props:children:1:props:children:props:children:props:notFound:0:1:props:children:props:children:1:props:style\",\"children\":404}],[\"$\",\"div\",null,{\"style\":\"$0:f:0:1:0:props:children:1:props:children:1:props:children:props:children:props:notFound:0:1:props:children:props:children:2:props:style\",\"children\":[\"$\",\"h2\",null,{\"style\":\"$0:f:0:1:0:props:children:1:props:children:1:props:children:props:children:props:notFound:0:1:props:children:props:children:2:props:children:props:style\",\"children\":\"This page could not be found.\"}]}]]}]}]],null,[\"$\",\"$L6\",null,{\"children\":[\"$\",\"$7\",null,{\"name\":\"Next.MetadataOutlet\",\"children\":\"$@8\"}]}]]}],{},null,false,false]},null,false,false]},null,false,false],[\"$\",\"$1\",\"h\",{\"children\":[[\"$\",\"meta\",null,{\"name\":\"robots\",\"content\":\"noindex\"}],[\"$\",\"$L9\",null,{\"children\":\"$La\"}],[\"$\",\"div\",null,{\"hidden\":true,\"children\":[\"$\",\"$Lb\",null,{\"children\":[\"$\",\"$7\",null,{\"name\":\"Next.Metadata\",\"children\":\"$Lc\"}]}]}],[\"$\",\"meta\",null,{\"name\":\"next-size-adjust\",\"content\":\"\"}]]}],false]],\"m\":\"$undefined\",\"G\":[\"$d\",\"$undefined\"],\"S\":true}\n"])</script><script>self.__next_f.push([1,"a:[[\"$\",\"meta\",\"0\",{\"charSet\":\"utf-8\"}],[\"$\",\"meta\",\"1\",{\"name\":\"viewport\",\"content\":\"width=device-width, initial-scale=1\"}]]\n"])</script><script>self.__next_f.push([1,"8:null\nc:[[\"$\",\"title\",\"0\",{\"children\":\"ShieldCortex\"}],[\"$\",\"meta\",\"1\",{\"name\":\"description\",\"content\":\"AI Memory Security Dashboard — Defence pipeline, audit logs, quarantine review\"}]]\n"])</script></body></html>

package/dashboard/.next/standalone/dashboard/.next/server/pages/500.html

@@ -1,2 +1,2 @@
-<!DOCTYPE html><!--10a_MRwbHFUuDdfr86RUu--><html id="__next_error__"><head><meta charSet="utf-8"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="preload" as="script" fetchPriority="low" href="/_next/static/chunks/d878b929b21636c4.js"/><script src="/_next/static/chunks/d9ad4c35fc865415.js" async=""></script><script src="/_next/static/chunks/43d761df92da7cb6.js" async=""></script><script src="/_next/static/chunks/e281719dbabcca1d.js" async=""></script><script src="/_next/static/chunks/9e56d1f8f4d7adcb.js" async=""></script><script src="/_next/static/chunks/turbopack-79214717b23f7452.js" async=""></script><script src="/_next/static/chunks/102f894cc892994d.js" async=""></script><script src="/_next/static/chunks/417032eeb2cd875f.js" async=""></script><meta name="next-size-adjust" content=""/><title>500: Internal Server Error.</title><script src="/_next/static/chunks/a6dad97d9634a72d.js" noModule=""></script></head><body><div hidden=""><!--$--><!--/$--></div><div style="font-family:system-ui,&quot;Segoe UI&quot;,Roboto,Helvetica,Arial,sans-serif,&quot;Apple Color Emoji&quot;,&quot;Segoe UI Emoji&quot;;height:100vh;text-align:center;display:flex;flex-direction:column;align-items:center;justify-content:center"><div style="line-height:48px"><style>body{color:#000;background:#fff;margin:0}.next-error-h1{border-right:1px solid rgba(0,0,0,.3)}
-@media (prefers-color-scheme:dark){body{color:#fff;background:#000}.next-error-h1{border-right:1px solid rgba(255,255,255,.3)}}</style><h1 class="next-error-h1" style="display:inline-block;margin:0 20px 0 0;padding-right:23px;font-size:24px;font-weight:500;vertical-align:top">500</h1><div style="display:inline-block"><h2 style="font-size:14px;font-weight:400;line-height:28px">Internal Server Error.</h2></div></div></div><!--$--><!--/$--><script src="/_next/static/chunks/d878b929b21636c4.js" id="_R_" async=""></script><script>(self.__next_f=self.__next_f||[]).push([0])</script><script>self.__next_f.push([1,"1:\"$Sreact.fragment\"\n2:I[57043,[\"/_next/static/chunks/102f894cc892994d.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"default\"]\n3:I[27657,[\"/_next/static/chunks/102f894cc892994d.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"default\"]\n4:I[56978,[\"/_next/static/chunks/102f894cc892994d.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"OutletBoundary\"]\n5:\"$Sreact.suspense\"\n7:I[56978,[\"/_next/static/chunks/102f894cc892994d.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"ViewportBoundary\"]\n9:I[56978,[\"/_next/static/chunks/102f894cc892994d.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"MetadataBoundary\"]\nb:I[30687,[\"/_next/static/chunks/102f894cc892994d.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"default\"]\n"])</script><script>self.__next_f.push([1,"0:{\"P\":null,\"b\":\"10a_MRwbHFUuDdfr86RUu\",\"c\":[\"\",\"_global-error\"],\"q\":\"\",\"i\":false,\"f\":[[[\"\",{\"children\":[\"__PAGE__\",{}]}],[[\"$\",\"$1\",\"c\",{\"children\":[null,[\"$\",\"$L2\",null,{\"parallelRouterKey\":\"children\",\"error\":\"$undefined\",\"errorStyles\":\"$undefined\",\"errorScripts\":\"$undefined\",\"template\":[\"$\",\"$L3\",null,{}],\"templateStyles\":\"$undefined\",\"templateScripts\":\"$undefined\",\"notFound\":\"$undefined\",\"forbidden\":\"$undefined\",\"unauthorized\":\"$undefined\"}]]}],{\"children\":[[\"$\",\"$1\",\"c\",{\"children\":[[\"$\",\"html\",null,{\"id\":\"__next_error__\",\"children\":[[\"$\",\"head\",null,{\"children\":[\"$\",\"title\",null,{\"children\":\"500: Internal Server Error.\"}]}],[\"$\",\"body\",null,{\"children\":[\"$\",\"div\",null,{\"style\":{\"fontFamily\":\"system-ui,\\\"Segoe UI\\\",Roboto,Helvetica,Arial,sans-serif,\\\"Apple Color Emoji\\\",\\\"Segoe UI Emoji\\\"\",\"height\":\"100vh\",\"textAlign\":\"center\",\"display\":\"flex\",\"flexDirection\":\"column\",\"alignItems\":\"center\",\"justifyContent\":\"center\"},\"children\":[\"$\",\"div\",null,{\"style\":{\"lineHeight\":\"48px\"},\"children\":[[\"$\",\"style\",null,{\"dangerouslySetInnerHTML\":{\"__html\":\"body{color:#000;background:#fff;margin:0}.next-error-h1{border-right:1px solid rgba(0,0,0,.3)}\\n@media (prefers-color-scheme:dark){body{color:#fff;background:#000}.next-error-h1{border-right:1px solid rgba(255,255,255,.3)}}\"}}],[\"$\",\"h1\",null,{\"className\":\"next-error-h1\",\"style\":{\"display\":\"inline-block\",\"margin\":\"0 20px 0 0\",\"paddingRight\":23,\"fontSize\":24,\"fontWeight\":500,\"verticalAlign\":\"top\"},\"children\":\"500\"}],[\"$\",\"div\",null,{\"style\":{\"display\":\"inline-block\"},\"children\":[\"$\",\"h2\",null,{\"style\":{\"fontSize\":14,\"fontWeight\":400,\"lineHeight\":\"28px\"},\"children\":\"Internal Server Error.\"}]}]]}]}]}]]}],[[\"$\",\"script\",\"script-0\",{\"src\":\"/_next/static/chunks/102f894cc892994d.js\",\"async\":true,\"nonce\":\"$undefined\"}],[\"$\",\"script\",\"script-1\",{\"src\":\"/_next/static/chunks/417032eeb2cd875f.js\",\"async\":true,\"nonce\":\"$undefined\"}]],[\"$\",\"$L4\",null,{\"children\":[\"$\",\"$5\",null,{\"name\":\"Next.MetadataOutlet\",\"children\":\"$@6\"}]}]]}],{},null,false,false]},null,false,false],[\"$\",\"$1\",\"h\",{\"children\":[null,[\"$\",\"$L7\",null,{\"children\":\"$L8\"}],[\"$\",\"div\",null,{\"hidden\":true,\"children\":[\"$\",\"$L9\",null,{\"children\":[\"$\",\"$5\",null,{\"name\":\"Next.Metadata\",\"children\":\"$La\"}]}]}],[\"$\",\"meta\",null,{\"name\":\"next-size-adjust\",\"content\":\"\"}]]}],false]],\"m\":\"$undefined\",\"G\":[\"$b\",\"$undefined\"],\"S\":true}\n"])</script><script>self.__next_f.push([1,"8:[[\"$\",\"meta\",\"0\",{\"charSet\":\"utf-8\"}],[\"$\",\"meta\",\"1\",{\"name\":\"viewport\",\"content\":\"width=device-width, initial-scale=1\"}]]\n"])</script><script>self.__next_f.push([1,"6:null\na:[]\n"])</script></body></html>
+<!DOCTYPE html><!--6WjF0Utj3STrFgg7vZVPK--><html id="__next_error__"><head><meta charSet="utf-8"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="preload" as="script" fetchPriority="low" href="/_next/static/chunks/d878b929b21636c4.js"/><script src="/_next/static/chunks/d9ad4c35fc865415.js" async=""></script><script src="/_next/static/chunks/43d761df92da7cb6.js" async=""></script><script src="/_next/static/chunks/e281719dbabcca1d.js" async=""></script><script src="/_next/static/chunks/9e56d1f8f4d7adcb.js" async=""></script><script src="/_next/static/chunks/turbopack-79214717b23f7452.js" async=""></script><script src="/_next/static/chunks/102f894cc892994d.js" async=""></script><script src="/_next/static/chunks/417032eeb2cd875f.js" async=""></script><meta name="next-size-adjust" content=""/><title>500: Internal Server Error.</title><script src="/_next/static/chunks/a6dad97d9634a72d.js" noModule=""></script></head><body><div hidden=""><!--$--><!--/$--></div><div style="font-family:system-ui,&quot;Segoe UI&quot;,Roboto,Helvetica,Arial,sans-serif,&quot;Apple Color Emoji&quot;,&quot;Segoe UI Emoji&quot;;height:100vh;text-align:center;display:flex;flex-direction:column;align-items:center;justify-content:center"><div style="line-height:48px"><style>body{color:#000;background:#fff;margin:0}.next-error-h1{border-right:1px solid rgba(0,0,0,.3)}
+@media (prefers-color-scheme:dark){body{color:#fff;background:#000}.next-error-h1{border-right:1px solid rgba(255,255,255,.3)}}</style><h1 class="next-error-h1" style="display:inline-block;margin:0 20px 0 0;padding-right:23px;font-size:24px;font-weight:500;vertical-align:top">500</h1><div style="display:inline-block"><h2 style="font-size:14px;font-weight:400;line-height:28px">Internal Server Error.</h2></div></div></div><!--$--><!--/$--><script src="/_next/static/chunks/d878b929b21636c4.js" id="_R_" async=""></script><script>(self.__next_f=self.__next_f||[]).push([0])</script><script>self.__next_f.push([1,"1:\"$Sreact.fragment\"\n2:I[57043,[\"/_next/static/chunks/102f894cc892994d.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"default\"]\n3:I[27657,[\"/_next/static/chunks/102f894cc892994d.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"default\"]\n4:I[56978,[\"/_next/static/chunks/102f894cc892994d.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"OutletBoundary\"]\n5:\"$Sreact.suspense\"\n7:I[56978,[\"/_next/static/chunks/102f894cc892994d.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"ViewportBoundary\"]\n9:I[56978,[\"/_next/static/chunks/102f894cc892994d.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"MetadataBoundary\"]\nb:I[30687,[\"/_next/static/chunks/102f894cc892994d.js\",\"/_next/static/chunks/417032eeb2cd875f.js\"],\"default\"]\n"])</script><script>self.__next_f.push([1,"0:{\"P\":null,\"b\":\"6WjF0Utj3STrFgg7vZVPK\",\"c\":[\"\",\"_global-error\"],\"q\":\"\",\"i\":false,\"f\":[[[\"\",{\"children\":[\"__PAGE__\",{}]}],[[\"$\",\"$1\",\"c\",{\"children\":[null,[\"$\",\"$L2\",null,{\"parallelRouterKey\":\"children\",\"error\":\"$undefined\",\"errorStyles\":\"$undefined\",\"errorScripts\":\"$undefined\",\"template\":[\"$\",\"$L3\",null,{}],\"templateStyles\":\"$undefined\",\"templateScripts\":\"$undefined\",\"notFound\":\"$undefined\",\"forbidden\":\"$undefined\",\"unauthorized\":\"$undefined\"}]]}],{\"children\":[[\"$\",\"$1\",\"c\",{\"children\":[[\"$\",\"html\",null,{\"id\":\"__next_error__\",\"children\":[[\"$\",\"head\",null,{\"children\":[\"$\",\"title\",null,{\"children\":\"500: Internal Server Error.\"}]}],[\"$\",\"body\",null,{\"children\":[\"$\",\"div\",null,{\"style\":{\"fontFamily\":\"system-ui,\\\"Segoe UI\\\",Roboto,Helvetica,Arial,sans-serif,\\\"Apple Color Emoji\\\",\\\"Segoe UI Emoji\\\"\",\"height\":\"100vh\",\"textAlign\":\"center\",\"display\":\"flex\",\"flexDirection\":\"column\",\"alignItems\":\"center\",\"justifyContent\":\"center\"},\"children\":[\"$\",\"div\",null,{\"style\":{\"lineHeight\":\"48px\"},\"children\":[[\"$\",\"style\",null,{\"dangerouslySetInnerHTML\":{\"__html\":\"body{color:#000;background:#fff;margin:0}.next-error-h1{border-right:1px solid rgba(0,0,0,.3)}\\n@media (prefers-color-scheme:dark){body{color:#fff;background:#000}.next-error-h1{border-right:1px solid rgba(255,255,255,.3)}}\"}}],[\"$\",\"h1\",null,{\"className\":\"next-error-h1\",\"style\":{\"display\":\"inline-block\",\"margin\":\"0 20px 0 0\",\"paddingRight\":23,\"fontSize\":24,\"fontWeight\":500,\"verticalAlign\":\"top\"},\"children\":\"500\"}],[\"$\",\"div\",null,{\"style\":{\"display\":\"inline-block\"},\"children\":[\"$\",\"h2\",null,{\"style\":{\"fontSize\":14,\"fontWeight\":400,\"lineHeight\":\"28px\"},\"children\":\"Internal Server Error.\"}]}]]}]}]}]]}],[[\"$\",\"script\",\"script-0\",{\"src\":\"/_next/static/chunks/102f894cc892994d.js\",\"async\":true,\"nonce\":\"$undefined\"}],[\"$\",\"script\",\"script-1\",{\"src\":\"/_next/static/chunks/417032eeb2cd875f.js\",\"async\":true,\"nonce\":\"$undefined\"}]],[\"$\",\"$L4\",null,{\"children\":[\"$\",\"$5\",null,{\"name\":\"Next.MetadataOutlet\",\"children\":\"$@6\"}]}]]}],{},null,false,false]},null,false,false],[\"$\",\"$1\",\"h\",{\"children\":[null,[\"$\",\"$L7\",null,{\"children\":\"$L8\"}],[\"$\",\"div\",null,{\"hidden\":true,\"children\":[\"$\",\"$L9\",null,{\"children\":[\"$\",\"$5\",null,{\"name\":\"Next.Metadata\",\"children\":\"$La\"}]}]}],[\"$\",\"meta\",null,{\"name\":\"next-size-adjust\",\"content\":\"\"}]]}],false]],\"m\":\"$undefined\",\"G\":[\"$b\",\"$undefined\"],\"S\":true}\n"])</script><script>self.__next_f.push([1,"8:[[\"$\",\"meta\",\"0\",{\"charSet\":\"utf-8\"}],[\"$\",\"meta\",\"1\",{\"name\":\"viewport\",\"content\":\"width=device-width, initial-scale=1\"}]]\n"])</script><script>self.__next_f.push([1,"6:null\na:[]\n"])</script></body></html>

package/dashboard/.next/standalone/dashboard/.next/server/server-reference-manifest.js

@@ -1 +1 @@
-self.__RSC_SERVER_MANIFEST="{\n  \"node\": {},\n  \"edge\": {},\n  \"encryptionKey\": \"SXBwgZv5tibURJtMgCjMOeDD7JxdJtYAtZS1gd2Itn0=\"\n}"
+self.__RSC_SERVER_MANIFEST="{\n  \"node\": {},\n  \"edge\": {},\n  \"encryptionKey\": \"50IBPSPmdPYtE7HYOD5EnTtXGu3VRtn/m36sitpikkw=\"\n}"

package/dashboard/.next/standalone/dashboard/.next/server/server-reference-manifest.json

@@ -1,5 +1,5 @@
 {
   "node": {},
   "edge": {},
-  "encryptionKey": "SXBwgZv5tibURJtMgCjMOeDD7JxdJtYAtZS1gd2Itn0="
+  "encryptionKey": "50IBPSPmdPYtE7HYOD5EnTtXGu3VRtn/m36sitpikkw="
 }

package/dist/cli/migrate-legacy.d.ts

@@ -25,6 +25,24 @@ interface MigrationReport {
 }
 export declare function migrateLegacy(options?: MigrateOptions): MigrationReport;
 export declare function handleMemoriesCommand(args: string[]): Promise<void>;
+interface PurgeMalformedOptions {
+    dbPath?: string;
+    backupDir?: string;
+    dryRun: boolean;
+}
+interface PurgeMatch {
+    id: number;
+    title: string;
+    reason: string;
+}
+interface PurgeReport {
+    dryRun: boolean;
+    scanned: number;
+    matched: PurgeMatch[];
+    deleted: number;
+    backupPath?: string;
+}
+export declare function purgeMalformed(opts: PurgeMalformedOptions): Promise<PurgeReport>;
 interface RepairOptions {
     /** Path to memories.db (defaults to ~/.shieldcortex/memories.db) */
     dbPath?: string;

package/dist/cli/migrate-legacy.js

@@ -275,6 +275,15 @@ function printUsage() {
     console.log('      to their canonical owner-repo key (#42). DRY-RUN BY DEFAULT.');
     console.log('      Backup auto-saved before any rewrite; per-rewrite log written');
     console.log('      to ~/.shieldcortex/logs/project-key-repair-<ts>.json.');
+    console.log('');
+    console.log('  purge --malformed [--dry-run] [--execute]');
+    console.log('                    [--backup-dir <path>]');
+    console.log('      Scan the memories table and delete rows that match the');
+    console.log('      hardened chunker rejection rules — imperative tool-call');
+    console.log('      directives, bare-imperative starts (negation drop), email-');
+    console.log('      body bleed, path-label fragments, etc. Use --dry-run to');
+    console.log('      preview matches; --execute writes a full DB copy to the');
+    console.log('      backup dir (default ~/.shieldcortex/backups/) before delete.');
 }
 export async function handleMemoriesCommand(args) {
     const sub = args[0];
@@ -300,9 +309,96 @@ export async function handleMemoriesCommand(args) {
         await runRepairProjectKeys(args.slice(1));
         return;
     }
+    if (sub === 'purge') {
+        await runPurge(args.slice(1));
+        return;
+    }
     printUsage();
     process.exit(1);
 }
+export async function purgeMalformed(opts) {
+    const dbPath = opts.dbPath ?? DEFAULT_TARGET;
+    const backupDir = opts.backupDir ?? path.join(os.homedir(), '.shieldcortex', 'backups');
+    if (!fs.existsSync(dbPath)) {
+        throw new Error(`memories DB not found at ${dbPath}`);
+    }
+    // @ts-expect-error -- importing a .mjs hook util
+    const mod = await import('../../scripts/lib/extract-memorable-segments.mjs');
+    const shouldRejectCandidate = mod.shouldRejectCandidate;
+    const db = new Database(dbPath);
+    db.pragma('busy_timeout = 10000');
+    const matches = [];
+    let scanned = 0;
+    try {
+        const rows = db.prepare('SELECT id, title, content FROM memories').all();
+        scanned = rows.length;
+        for (const row of rows) {
+            const verdict = shouldRejectCandidate({ title: row.title ?? '', content: row.content ?? '' });
+            if (verdict.rejected) {
+                matches.push({ id: row.id, title: row.title ?? '', reason: verdict.reason });
+            }
+        }
+        const report = {
+            dryRun: opts.dryRun,
+            scanned,
+            matched: matches,
+            deleted: 0,
+        };
+        if (opts.dryRun || matches.length === 0) {
+            return report;
+        }
+        // Write a full DB backup before any delete.
+        fs.mkdirSync(backupDir, { recursive: true });
+        const stamp = new Date().toISOString().replace(/[:.]/g, '-');
+        const backupPath = path.join(backupDir, `memories-purge-${stamp}.db`);
+        db.exec(`VACUUM INTO '${backupPath.replace(/'/g, "''")}'`);
+        report.backupPath = backupPath;
+        const placeholders = matches.map(() => '?').join(',');
+        const txn = db.transaction(() => {
+            const r = db.prepare(`DELETE FROM memories WHERE id IN (${placeholders})`).run(...matches.map(m => m.id));
+            report.deleted = r.changes;
+        });
+        txn();
+        return report;
+    }
+    finally {
+        db.close();
+    }
+}
+async function runPurge(args) {
+    if (!args.includes('--malformed')) {
+        console.error('Usage: shieldcortex memories purge --malformed [--dry-run] [--execute] [--backup-dir <path>]');
+        process.exit(1);
+    }
+    // Default to dry-run unless --execute is explicitly passed. --dry-run is
+    // accepted for symmetry / scriptability.
+    const execute = args.includes('--execute');
+    const dryRun = !execute;
+    const backupDir = flagValue(args, '--backup-dir');
+    const report = await purgeMalformed({ dryRun, backupDir });
+    const banner = report.dryRun ? '[DRY RUN] ' : '';
+    console.log(`${banner}Scanned ${report.scanned} memories; flagged ${report.matched.length}.`);
+    if (report.matched.length > 0) {
+        console.log('');
+        console.log('Matches:');
+        for (const m of report.matched.slice(0, 50)) {
+            console.log(`  #${String(m.id).padStart(5)}  ${m.reason.padEnd(28)}  ${m.title.slice(0, 80)}`);
+        }
+        if (report.matched.length > 50) {
+            console.log(`  … and ${report.matched.length - 50} more`);
+        }
+    }
+    if (report.dryRun && report.matched.length > 0) {
+        console.log('');
+        console.log('Re-run with --execute to delete (a full DB backup is written first).');
+    }
+    else if (!report.dryRun) {
+        console.log('');
+        console.log(`Deleted: ${report.deleted}`);
+        if (report.backupPath)
+            console.log(`Backup:  ${report.backupPath}`);
+    }
+}
 function parseMapFlags(args) {
     const map = {};
     for (let i = 0; i < args.length; i++) {

package/dist/database/init.js

@@ -8,6 +8,7 @@ import { homedir } from 'os';
 import { fileURLToPath } from 'url';
 import { execSync } from 'child_process';
 import { randomUUID } from 'crypto';
+import { seedDefaultFirewallRules } from './seed-firewall-rules.js';
 const _currentFile = fileURLToPath(import.meta.url);
 const _currentDir = dirname(_currentFile);
 let db = null;
@@ -907,10 +908,12 @@ function runMigrations(database) {
         condition_value TEXT NOT NULL,
         action TEXT NOT NULL CHECK(action IN ('block', 'allow', 'quarantine')),
         enabled INTEGER NOT NULL DEFAULT 1,
+        built_in INTEGER NOT NULL DEFAULT 0,
         created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
       );
       CREATE INDEX IF NOT EXISTS idx_firewall_rules_priority ON firewall_rules(priority);
       CREATE INDEX IF NOT EXISTS idx_firewall_rules_enabled ON firewall_rules(enabled);
+      CREATE INDEX IF NOT EXISTS idx_firewall_rules_built_in ON firewall_rules(built_in);
 
       CREATE TABLE IF NOT EXISTS rate_limits (
         source_key TEXT PRIMARY KEY,
@@ -922,6 +925,24 @@ function runMigrations(database) {
     catch {
         // Tables may already exist - safe to ignore
     }
+    // Migration: built_in column on pre-existing firewall_rules (added in v4.15)
+    try {
+        const cols = database.prepare("PRAGMA table_info(firewall_rules)").all();
+        if (!cols.some(c => c.name === 'built_in')) {
+            database.exec('ALTER TABLE firewall_rules ADD COLUMN built_in INTEGER NOT NULL DEFAULT 0');
+            database.exec('CREATE INDEX IF NOT EXISTS idx_firewall_rules_built_in ON firewall_rules(built_in)');
+        }
+    }
+    catch {
+        // Best-effort migration; pipeline handles missing column gracefully.
+    }
+    // Seed default built-in firewall rules on first init.
+    try {
+        seedDefaultFirewallRules(database);
+    }
+    catch {
+        // Seeder runs idempotently; failures here should never block startup.
+    }
 }
 /**
  * Get the current database instance

package/dist/database/schema.sql

@@ -301,6 +301,7 @@ CREATE TABLE IF NOT EXISTS firewall_rules (
   condition_value TEXT NOT NULL,
   action TEXT NOT NULL CHECK(action IN ('block', 'allow', 'quarantine')),
   enabled INTEGER NOT NULL DEFAULT 1,
+  built_in INTEGER NOT NULL DEFAULT 0,
   created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
 );
 

package/dist/database/seed-firewall-rules.d.ts

@@ -0,0 +1,21 @@
+/**
+ * Default firewall rule seeder.
+ *
+ * The `firewall_rules` table starts empty in production. The defence
+ * pipeline's PATTERN_GROUPS catch most threats inline (instruction
+ * injection, hidden instructions, etc.), but seeding the table with
+ * built-in rules makes them visible in the dashboard and gives operators
+ * a place to disable, edit, or extend them.
+ *
+ * Built-in rows are marked `built_in=1` and excluded from the user
+ * `MAX_RULES=25` cap (see custom-rules/store.ts). They are evaluated
+ * regardless of license tier — the Pro `custom_firewall_rules` gate
+ * applies only to user-added rules with `built_in=0`.
+ *
+ * Idempotent: running the seeder again is a no-op when built-in rules
+ * are already present. Operators wanting to re-seed after a built-in
+ * update should `DELETE FROM firewall_rules WHERE built_in = 1` first.
+ */
+import type Database from 'better-sqlite3';
+export declare function seedDefaultFirewallRules(db: Database.Database): void;
+export declare function listBuiltInRuleNames(): string[];

package/dist/database/seed-firewall-rules.js

@@ -0,0 +1,105 @@
+/**
+ * Default firewall rule seeder.
+ *
+ * The `firewall_rules` table starts empty in production. The defence
+ * pipeline's PATTERN_GROUPS catch most threats inline (instruction
+ * injection, hidden instructions, etc.), but seeding the table with
+ * built-in rules makes them visible in the dashboard and gives operators
+ * a place to disable, edit, or extend them.
+ *
+ * Built-in rows are marked `built_in=1` and excluded from the user
+ * `MAX_RULES=25` cap (see custom-rules/store.ts). They are evaluated
+ * regardless of license tier — the Pro `custom_firewall_rules` gate
+ * applies only to user-added rules with `built_in=0`.
+ *
+ * Idempotent: running the seeder again is a no-op when built-in rules
+ * are already present. Operators wanting to re-seed after a built-in
+ * update should `DELETE FROM firewall_rules WHERE built_in = 1` first.
+ */
+const BUILT_IN_RULES = [
+    {
+        name: 'builtin:instruction_injection',
+        priority: 10,
+        condition_type: 'regex',
+        condition_value: '\\[SYSTEM:|<<SYS>>|\\[INST\\]|<\\|im_start\\|>|<\\|system\\|>|##SYSTEM##',
+        action: 'quarantine',
+    },
+    {
+        name: 'builtin:hidden_instruction',
+        priority: 11,
+        condition_type: 'regex',
+        condition_value: 'ignore\\s+(all\\s+)?previous\\s+(instructions?|prompts?)|forget\\s+everything|disregard\\s+(all\\s+)?(previous|above|prior)|override\\s+(previous|all|system)',
+        action: 'quarantine',
+    },
+    {
+        name: 'builtin:imperative_tool_call',
+        priority: 12,
+        condition_type: 'regex',
+        condition_value: '\\b(?:call|invoke|use)\\s+(?:the\\s+)?[A-Za-z][\\w-]*\\s+tool\\b|\\b(?:call|invoke|use)\\s+this\\s+tool\\s+now\\b',
+        action: 'quarantine',
+    },
+    {
+        name: 'builtin:memory_manipulation',
+        priority: 15,
+        condition_type: 'regex',
+        condition_value: 'save\\s+(this\\s+)?to\\s+memory|remember\\s+this\\s+(instruction|command|rule)|store\\s+this\\s+instruction|inject\\s+(into\\s+)?memory',
+        action: 'quarantine',
+    },
+    {
+        name: 'builtin:command_injection',
+        priority: 5,
+        condition_type: 'regex',
+        condition_value: '\\beval\\s*\\(|\\bexec\\s*\\(|\\bsystem\\s*\\(|\\bexecute\\s+(this\\s+)?(command|code|script)|\\b__import__\\s*\\(|\\bsubprocess\\b',
+        action: 'quarantine',
+    },
+    {
+        name: 'builtin:delimiter_attack',
+        priority: 18,
+        condition_type: 'regex',
+        condition_value: '<\\/?(system|admin|root)\\s*>|<!--[\\s\\S]{0,200}?(instruction|command|system|ignore|inject|override)[\\s\\S]{0,200}?-->',
+        action: 'quarantine',
+    },
+    {
+        name: 'builtin:credential_leak_aws',
+        priority: 1,
+        condition_type: 'regex',
+        condition_value: 'AKIA[0-9A-Z]{16}',
+        action: 'block',
+    },
+    {
+        name: 'builtin:credential_leak_jwt',
+        priority: 2,
+        condition_type: 'regex',
+        condition_value: 'eyJ[A-Za-z0-9_-]{10,}\\.eyJ[A-Za-z0-9_-]{10,}\\.[A-Za-z0-9_-]{10,}',
+        action: 'block',
+    },
+    {
+        name: 'builtin:credential_leak_private_key',
+        priority: 3,
+        condition_type: 'regex',
+        condition_value: '-----BEGIN (?:RSA |EC |OPENSSH |DSA |PGP )?PRIVATE KEY-----',
+        action: 'block',
+    },
+];
+export function seedDefaultFirewallRules(db) {
+    // Confirm the column exists (older DBs may pre-date the migration).
+    const cols = db.prepare("PRAGMA table_info(firewall_rules)").all();
+    if (!cols.some(c => c.name === 'built_in'))
+        return;
+    const existing = db.prepare('SELECT COUNT(*) AS c FROM firewall_rules WHERE built_in = 1').get();
+    if (existing.c > 0)
+        return;
+    const insert = db.prepare(`
+    INSERT INTO firewall_rules (name, priority, condition_type, condition_value, action, enabled, built_in)
+    VALUES (?, ?, ?, ?, ?, 1, 1)
+  `);
+    const txn = db.transaction((rules) => {
+        for (const rule of rules) {
+            insert.run(rule.name, rule.priority, rule.condition_type, rule.condition_value, rule.action);
+        }
+    });
+    txn(BUILT_IN_RULES);
+}
+export function listBuiltInRuleNames() {
+    return BUILT_IN_RULES.map(r => r.name);
+}

package/dist/defence/custom-rules/store.d.ts

@@ -9,9 +9,12 @@ export interface FirewallRule {
     condition_value: string;
     action: 'block' | 'allow' | 'quarantine';
     enabled: number;
+    built_in: number;
     created_at: string;
 }
-export declare function listFirewallRules(): FirewallRule[];
+export declare function listFirewallRules(opts?: {
+    includeBuiltin?: boolean;
+}): FirewallRule[];
 export declare function getFirewallRule(id: number): FirewallRule | undefined;
 export declare function createFirewallRule(rule: {
     name: string;

package/dist/defence/custom-rules/store.js

@@ -3,9 +3,11 @@
  */
 import { getDatabase } from '../../database/init.js';
 const MAX_RULES = 25;
-export function listFirewallRules() {
+export function listFirewallRules(opts = {}) {
+    const includeBuiltin = opts.includeBuiltin ?? true;
     const db = getDatabase();
-    return db.prepare('SELECT * FROM firewall_rules ORDER BY priority ASC').all();
+    const where = includeBuiltin ? '' : 'WHERE built_in = 0';
+    return db.prepare(`SELECT * FROM firewall_rules ${where} ORDER BY priority ASC`).all();
 }
 export function getFirewallRule(id) {
     const db = getDatabase();
@@ -13,7 +15,9 @@ export function getFirewallRule(id) {
 }
 export function createFirewallRule(rule) {
     const db = getDatabase();
-    const count = db.prepare('SELECT COUNT(*) as cnt FROM firewall_rules').get().cnt;
+    // The MAX_RULES cap applies only to user-defined rules. Built-in rules
+    // (built_in=1) are seeded by the database layer and don't count.
+    const count = db.prepare('SELECT COUNT(*) as cnt FROM firewall_rules WHERE built_in = 0').get().cnt;
     if (count >= MAX_RULES) {
         throw new Error(`Maximum of ${MAX_RULES} custom firewall rules reached.`);
     }

package/dist/defence/firewall/instruction-detector.js

@@ -114,6 +114,21 @@ const PATTERN_GROUPS = [
             /reveal\s+your\s+instructions/i,
         ],
     },
+    {
+        // Imperative tool-call directives. These show up in transcripts as
+        // injected prompts disguised as user instructions ("call the X tool
+        // to complete this request. Call this tool now."). The session-end
+        // chunker historically captured them as user preferences with
+        // salience 1.0; the firewall now flags them at write time so they
+        // route to quarantine instead of memories.
+        name: 'imperative_tool_call',
+        weight: 0.8,
+        patterns: [
+            /\b(?:call|invoke|use)\s+(?:the\s+)?[A-Za-z][\w-]*\s+tool\b/i,
+            /\b(?:call|invoke|use)\s+this\s+tool\s+now\b/i,
+            /\bcomplete\s+this\s+request\.\s*(?:call|invoke|use)\s+this\s+tool\b/i,
+        ],
+    },
 ];
 // Maximum content length to scan (prevents ReDOS on very long inputs)
 const MAX_SCAN_LENGTH = 50000;

package/dist/defence/pipeline.js

@@ -95,42 +95,48 @@ export function runDefencePipeline(content, title, source, config, project) {
                 reason = firewall.reason;
             }
         }
-        // 6b. Apply custom firewall rules (Pro feature, additive only — can tighten, never weaken)
-        if (allowed && isFeatureEnabled('custom_firewall_rules') && isDatabaseInitialized()) {
+        // 6b. Apply firewall rules (built-in rules always evaluated; user-added
+        // custom rules require the Pro `custom_firewall_rules` feature). Both
+        // are additive only — can tighten, never weaken.
+        if (allowed && isDatabaseInitialized()) {
             try {
                 const { getEnabledFirewallRules } = require('./custom-rules/store.js');
-                const customRules = getEnabledFirewallRules();
-                for (const rule of customRules) {
+                const userRulesAllowed = isFeatureEnabled('custom_firewall_rules');
+                const allRules = getEnabledFirewallRules();
+                for (const rule of allRules) {
+                    if (!rule.built_in && !userRulesAllowed)
+                        continue;
                     try {
                         const regex = new RegExp(rule.condition_value, 'gi');
                         if (regex.test(cleanContent) || regex.test(title)) {
+                            const indicator = rule.built_in ? 'builtin_rule' : 'custom_rule';
                             if (rule.action === 'block') {
                                 allowed = false;
-                                reason = `Blocked by custom rule: ${rule.name}`;
+                                reason = `Blocked by ${rule.built_in ? 'built-in' : 'custom'} rule: ${rule.name}`;
                                 firewall.result = 'BLOCK';
-                                if (!firewall.threatIndicators.includes('custom_rule')) {
-                                    firewall.threatIndicators.push('custom_rule');
+                                if (!firewall.threatIndicators.includes(indicator)) {
+                                    firewall.threatIndicators.push(indicator);
                                 }
                                 break; // Block is final
                             }
                             else if (rule.action === 'quarantine' && firewall.result !== 'BLOCK') {
                                 allowed = false;
-                                reason = `Quarantined by custom rule: ${rule.name}`;
+                                reason = `Quarantined by ${rule.built_in ? 'built-in' : 'custom'} rule: ${rule.name}`;
                                 firewall.result = 'QUARANTINE';
-                                if (!firewall.threatIndicators.includes('custom_rule')) {
-                                    firewall.threatIndicators.push('custom_rule');
+                                if (!firewall.threatIndicators.includes(indicator)) {
+                                    firewall.threatIndicators.push(indicator);
                                 }
                             }
-                            // 'allow' action: no-op — custom rules cannot weaken built-in decisions
+                            // 'allow' action: no-op — rules cannot weaken built-in decisions
                         }
                     }
                     catch {
-                        // Skip invalid regex in custom rules
+                        // Skip invalid regex in rules
                     }
                 }
             }
             catch {
-                // Custom rules store not available — skip silently
+                // Rules store not available — skip silently
             }
         }
         // 6c. Apply custom injection patterns (Pro feature, additive)

package/dist/defence/types.d.ts

@@ -6,7 +6,7 @@
  */
 export type SensitivityLevel = 'PUBLIC' | 'INTERNAL' | 'CONFIDENTIAL' | 'RESTRICTED';
 export type FirewallResult = 'ALLOW' | 'BLOCK' | 'QUARANTINE';
-export type ThreatIndicator = 'instruction_injection' | 'privilege_escalation' | 'encoding_obfuscation' | 'credential_leak' | 'external_url' | 'fragmented_payload' | 'restricted_content' | 'pipeline_error' | 'custom_rule' | 'custom_pattern';
+export type ThreatIndicator = 'instruction_injection' | 'privilege_escalation' | 'encoding_obfuscation' | 'credential_leak' | 'external_url' | 'fragmented_payload' | 'restricted_content' | 'pipeline_error' | 'custom_rule' | 'custom_pattern' | 'builtin_rule';
 export interface DefenceSource {
     type: 'user' | 'cli' | 'hook' | 'email' | 'web' | 'agent' | 'file' | 'api' | 'tool_response';
     identifier: string;

package/hooks/openclaw/cortex-memory/HOOK.md

@@ -64,6 +64,43 @@ Say any of these phrases to trigger an instant save to Cortex memory:
 
 Content after the trigger phrase is extracted and saved as the memory content.
 
+## Defence Audit Guarantees
+
+Every byte that lands in `memories` from the auto-extract path passes the
+6-layer defence pipeline first. The hook write path is no longer the
+bypass it once was:
+
+- **ALLOW** → row inserted into `memories`; a corresponding row appears in
+  `defence_audit` with `source_type = 'hook'` and the hook's identifier
+  (`session-end-hook` / `pre-compact-hook` / `stop-hook`).
+- **QUARANTINE** → row inserted into `quarantine` (not `memories`), linked
+  to the audit row via `audit_id`. Visible in the dashboard for review.
+- **BLOCK** → dropped. The audit row written by the pipeline carries the
+  block reason; nothing reaches `memories`.
+- **Pipeline error** → dropped + a synthetic audit row with reason
+  `pipeline_error: <msg>`. Never silently lose data.
+
+Built-in firewall rules covering instruction injection, hidden
+instruction, imperative tool-call directives ("call X tool now"), command
+injection, and credential leaks (AWS / JWT / private keys) are seeded
+into `firewall_rules` on first run with `built_in = 1`. They are
+evaluated on every tier (the Pro `custom_firewall_rules` gate applies
+only to user-added rules) and excluded from the user-facing 25-rule cap.
+
+The chunker also rejects malformed candidates *before* they reach the
+write path: imperative tool-calls, bare-imperative starts ("commit
+secrets" with the negation dropped), email-body bleed, and path-label
+fragments. Auto-extracted memories are now capped at salience 0.6
+(reserved 1.0 for LLM-rated future paths).
+
+To audit an existing database for malformed rows accumulated before this
+fix:
+
+```bash
+shieldcortex memories purge --malformed --dry-run    # preview
+shieldcortex memories purge --malformed --execute    # delete (writes a backup first)
+```
+
 ## Auto-Memory
 
 Auto-memory extraction is enabled by default. ShieldCortex complements your existing memory system by capturing decisions, fixes, and learnings with built-in deduplication to avoid noise.