thumbgate 1.27.12 → 1.27.14

package/scripts/aws-blocks-guardrails.js

@@ -0,0 +1,228 @@
+#!/usr/bin/env node
+'use strict';
+
+const fs = require('node:fs');
+const path = require('node:path');
+
+const AWS_BLOCKS_DEPENDENCY_PATTERN = /(^|\/)@aws-blocks\/(?:blocks|[^/\s"']+)/;
+
+function toList(value) {
+  if (Array.isArray(value)) return value.map(String).map((entry) => entry.trim()).filter(Boolean);
+  if (typeof value === 'string') return value.split(',').map((entry) => entry.trim()).filter(Boolean);
+  return [];
+}
+
+function normalizeText(value) {
+  if (value == null) return '';
+  if (typeof value === 'string') return value;
+  try {
+    return JSON.stringify(value);
+  } catch {
+    return String(value);
+  }
+}
+
+function readPackageJson(projectDir) {
+  try {
+    return JSON.parse(fs.readFileSync(path.join(projectDir, 'package.json'), 'utf8'));
+  } catch {
+    return null;
+  }
+}
+
+function packageUsesAwsBlocks(pkg) {
+  if (!pkg || typeof pkg !== 'object') return false;
+  const dependencyText = JSON.stringify({
+    dependencies: pkg.dependencies || {},
+    devDependencies: pkg.devDependencies || {},
+    peerDependencies: pkg.peerDependencies || {},
+    optionalDependencies: pkg.optionalDependencies || {},
+  });
+  const scriptsText = JSON.stringify(pkg.scripts || {});
+  return AWS_BLOCKS_DEPENDENCY_PATTERN.test(dependencyText) || /aws-blocks|blocks-app|cdk|sandbox/i.test(scriptsText);
+}
+
+function detectAwsBlocksProject(projectDir = process.cwd()) {
+  const pkg = readPackageJson(projectDir);
+  if (packageUsesAwsBlocks(pkg)) return true;
+  return fs.existsSync(path.join(projectDir, 'aws-blocks', 'index.ts'))
+    || fs.existsSync(path.join(projectDir, 'aws-blocks', 'index.js'))
+    || fs.existsSync(path.join(projectDir, 'blocks.spec.json'));
+}
+
+function detectAction(input = {}) {
+  const command = normalizeText(input.command || input.args || input.shell || input.toolInput);
+  const toolName = normalizeText(input.toolName || input.tool || input.name);
+  const code = normalizeText(input.code || input.file || input.diff || input.body);
+  const combined = `${toolName}\n${command}\n${code}`;
+  const lower = combined.toLowerCase();
+
+  const signals = [];
+  const add = (id, label, severity = 'medium') => signals.push({ id, label, severity });
+
+  if (/\b(cdk\s+deploy|npm\s+run\s+deploy|pnpm\s+deploy|yarn\s+deploy|sst\s+deploy|blocks?\s+deploy)\b/i.test(combined)) {
+    add('aws-blocks-production-deploy', 'production deploy from an AWS Blocks workflow', 'high');
+  }
+
+  if (/\b(cdk\s+destroy|npm\s+run\s+destroy|pnpm\s+destroy|yarn\s+destroy|sandbox\b.*--destroy|--destroy\b|aws\s+cloudformation\s+delete-stack)\b/i.test(combined)) {
+    add('aws-blocks-destroy', 'destroy command can remove AWS resources created from local Blocks code', 'critical');
+  }
+
+  if (/\b(drop\s+(table|database|schema|index|column)|truncate\s+table|delete\s+from\s+[\w".-]+(?:\s*;|\s*$)|update\s+[\w".-]+\s+set\b(?![\s\S]{0,160}\bwhere\b))/i.test(combined)) {
+    add('destructive-sql-or-ddl', 'destructive or unscoped SQL mutation', 'critical');
+  }
+
+  if (/\b(aws\s+dynamodb\s+delete-table|aws\s+rds\s+delete-db-instance|aws\s+s3\s+rm\b[\s\S]*--recursive|aws\s+lambda\s+delete-function|aws\s+bedrock-agent\s+delete-|aws\s+bedrock-agent-runtime\b)/i.test(combined)) {
+    add('destructive-aws-cli', 'destructive AWS CLI or Bedrock agent action', 'critical');
+  }
+
+  if (/\b(gcloud|aws)\b[\s\S]{0,220}\b(add-iam-policy-binding|put-role-policy|attach-role-policy|create-policy-version)\b/i.test(combined)
+      || /\b(AdministratorAccess|roles\/owner|iam:PassRole|serviceAccountTokenCreator)\b/i.test(combined)) {
+    add('iam-escalation', 'agent session attempts to grant broad IAM authority', 'critical');
+  }
+
+  if (/\b(new\s+Agent\s*\(|@aws-blocks\/(?:agent|blocks)|\bAgent\b[\s\S]{0,120}\btools?\b)/.test(combined)) {
+    add('blocks-agent-tool-call', 'AWS Blocks Agent or Bedrock-style tool action needs a tool boundary', 'medium');
+  }
+
+  if (/\b(npm\s+run\s+dev|npm\s+start|pnpm\s+dev|yarn\s+dev|create-blocks-app)\b/i.test(combined)) {
+    add('local-dev', 'local AWS Blocks development loop', 'low');
+  }
+
+  return {
+    command,
+    toolName,
+    code,
+    signals,
+    highRisk: signals.some((signal) => ['high', 'critical'].includes(signal.severity)),
+    localOnly: signals.some((signal) => signal.id === 'local-dev') && signals.every((signal) => signal.severity === 'low'),
+    lower,
+  };
+}
+
+function evaluateAwsBlocksAction(input = {}) {
+  const projectDir = input.projectDir || input.cwd || process.cwd();
+  const projectUsesAwsBlocks = Boolean(
+    input.projectUsesAwsBlocks
+    || input.awsBlocks
+    || input.blocksProject
+    || detectAwsBlocksProject(projectDir)
+  );
+  const evidence = new Set(toList(input.evidence || input.proof || input.receipts));
+  const action = detectAction(input);
+  const requiredEvidence = [];
+
+  const requireEvidence = (id, label) => {
+    if (!evidence.has(id)) requiredEvidence.push({ id, label });
+  };
+
+  if (projectUsesAwsBlocks && action.signals.some((signal) => signal.id === 'aws-blocks-production-deploy')) {
+    requireEvidence('local-tests-pass', 'local AWS Blocks tests pass against local implementations');
+    requireEvidence('cdk-diff-reviewed', 'CDK diff or synthesized CloudFormation change set reviewed');
+    requireEvidence('cost-blast-radius-reviewed', 'AWS cost and resource blast radius reviewed');
+  }
+
+  if (action.signals.some((signal) => signal.id === 'aws-blocks-destroy')) {
+    requireEvidence('resource-inventory-exported', 'resource inventory exported before destroy');
+    requireEvidence('human-destroy-approval', 'named human approval for destroy');
+  }
+
+  if (action.signals.some((signal) => signal.id === 'destructive-sql-or-ddl')) {
+    requireEvidence('backup-or-rollback-ready', 'backup, rollback, or restore point exists');
+    requireEvidence('bounded-row-count-reviewed', 'row/table impact was previewed before mutation');
+  }
+
+  if (action.signals.some((signal) => signal.id === 'destructive-aws-cli')) {
+    requireEvidence('aws-account-and-region-confirmed', 'target AWS account and region confirmed');
+    requireEvidence('rollback-plan-attached', 'rollback or recovery plan attached');
+  }
+
+  if (action.signals.some((signal) => signal.id === 'iam-escalation')) {
+    requireEvidence('least-privilege-review', 'least-privilege review completed');
+    requireEvidence('security-owner-approval', 'security owner approval captured');
+  }
+
+  if (action.signals.some((signal) => signal.id === 'blocks-agent-tool-call')) {
+    requireEvidence('agent-tool-allowlist', 'agent tool allowlist and data boundary declared');
+  }
+
+  const shouldBlock = projectUsesAwsBlocks && requiredEvidence.length > 0;
+  const status = shouldBlock ? 'blocked' : (action.highRisk ? 'needs-review' : 'allowed');
+
+  return {
+    name: 'thumbgate-aws-blocks-guardrails',
+    status,
+    projectUsesAwsBlocks,
+    signals: action.signals,
+    requiredEvidence,
+    enforcementBoundary: 'local AWS Blocks confidence must not automatically become production AWS authority',
+    gates: [
+      'allow local AWS Blocks dev loops without AWS credentials',
+      'require local test proof plus CDK diff before production deploy',
+      'block destroy and destructive data mutations until backup, blast-radius, and human approval evidence exists',
+      'block IAM escalation and Bedrock/Agent tool expansion until an owner approves the tool boundary',
+      'write a ThumbGate receipt for every allowed high-risk cloud action',
+    ],
+    nextActions: shouldBlock
+      ? requiredEvidence.map((item) => `Provide ${item.id}: ${item.label}`)
+      : ['Record an allow receipt when this action touches real AWS resources'],
+  };
+}
+
+function buildAwsBlocksHardeningOffer(input = {}) {
+  const workflow = String(input.workflow || input.name || 'AWS Blocks backend').trim();
+  const buyer = String(input.buyer || input.owner || 'platform owner').trim();
+  return {
+    name: 'thumbgate-aws-blocks-hardening-offer',
+    status: 'ready-for-positioning',
+    buyer,
+    workflow,
+    headline: 'AWS Blocks helps agents build the backend. ThumbGate stops them before unsafe cloud actions run.',
+    offer: 'AWS Blocks Agent Safety Review',
+    diagnosticPrice: '$499',
+    proofPlan: [
+      'map one AWS Blocks local-to-cloud workflow',
+      'install ThumbGate against the agent running that workflow',
+      'add gates for deploy, destroy, data mutation, IAM, Bedrock Agent, and cost-blast-radius actions',
+      'produce a receipt showing the first blocked repeat and the evidence required to allow it',
+    ],
+    cta: 'Send one AWS Blocks workflow that is about to deploy, mutate data, or call Bedrock tools.',
+  };
+}
+
+function parseArgs(argv = process.argv.slice(2)) {
+  const args = {};
+  for (const arg of argv) {
+    if (arg === '--json') args.json = true;
+    else if (arg === '--aws-blocks' || arg === '--project-uses-aws-blocks') args.projectUsesAwsBlocks = true;
+    else if (arg.startsWith('--command=')) args.command = arg.slice('--command='.length);
+    else if (arg.startsWith('--tool=')) args.toolName = arg.slice('--tool='.length);
+    else if (arg.startsWith('--code=')) args.code = arg.slice('--code='.length);
+    else if (arg.startsWith('--cwd=')) args.projectDir = arg.slice('--cwd='.length);
+    else if (arg.startsWith('--evidence=')) args.evidence = arg.slice('--evidence='.length);
+    else if (arg.startsWith('--workflow=')) args.workflow = arg.slice('--workflow='.length);
+    else if (arg.startsWith('--buyer=')) args.buyer = arg.slice('--buyer='.length);
+    else if (arg === 'offer') args.commandName = 'offer';
+  }
+  return args;
+}
+
+function runCli(args = parseArgs()) {
+  const report = args.commandName === 'offer'
+    ? buildAwsBlocksHardeningOffer(args)
+    : evaluateAwsBlocksAction(args);
+  if (args.json) console.log(JSON.stringify(report, null, 2));
+  else {
+    console.log(`${report.name}: ${report.status}`);
+    for (const action of report.nextActions || report.proofPlan || []) console.log(`- ${action}`);
+  }
+}
+
+if (require.main === module) runCli();
+
+module.exports = {
+  detectAwsBlocksProject,
+  detectAction,
+  evaluateAwsBlocksAction,
+  buildAwsBlocksHardeningOffer,
+};

package/scripts/cli-schema.js

@@ -123,16 +123,6 @@ const CLI_COMMANDS = [
       { name: 'remote', type: 'boolean', description: 'Fetch from hosted Railway instance' },
     ],
   },
-  {
-    name: 'community',
-    aliases: ['registry'],
-    description: 'Query or share verified prevention rules with the community knowledge registry',
-    group: 'discovery',
-    flags: [
-      { name: 'json',   type: 'boolean', description: 'Output as JSON' },
-      { name: 'remote', type: 'boolean', description: 'Fetch from community remote API' },
-    ],
-  },
   {
     name: 'gate-stats',
     description: 'Check engine statistics — active checks, blocks, warns, time saved',
@@ -515,6 +505,12 @@ const CLI_COMMANDS = [
     group: 'gates',
     flags: [],
   },
+  {
+    name: 'hermes-gate',
+    description: 'Hermes Agent pre_tool_call hook: gate runtime tool calls (incl. skill_manage) before they run',
+    group: 'gates',
+    flags: [],
+  },
   {
     name: 'force-gate',
     description: 'Immediately create a blocking gate from a pattern string',
@@ -660,6 +656,22 @@ const CLI_COMMANDS = [
       { name: 'json',        type: 'boolean', description: 'Output results as JSON' },
     ],
   },
+  {
+    name: 'check-update',
+    aliases: ['upgrade-check'],
+    description: 'Check for newer versions of ThumbGate from npm or GitHub',
+    group: 'ops',
+    flags: [
+      { name: 'json', type: 'boolean', description: 'Output results as JSON' },
+    ],
+  },
+  {
+    name: 'self-update',
+    aliases: ['upgrade-cli'],
+    description: 'Automatically install the latest version of ThumbGate globally',
+    group: 'ops',
+    flags: [],
+  },
 ];
 
 /**

package/scripts/dashboard-chat.js

@@ -317,7 +317,8 @@ async function answerDataQuestion(question, opts = {}) {
     if (isPerplexity) return await callPerplexityEndpoint({ apiKey, prompt, fetchImpl, sources });
     return await callGeminiEndpoint({ apiKey, model, prompt, fetchImpl, sources });
   } catch (err) {
-    return { ok: false, error: 'network', message: err?.message || String(err), sources };
+    const safeMessage = (err && err.message) ? String(err.message).split('\n')[0].slice(0, 100) : 'An unexpected error occurred.';
+    return { ok: false, error: 'network', message: safeMessage, sources };
   }
 }
 

package/scripts/document-intake.js

@@ -708,7 +708,6 @@ function buildDocumentSummary(document) {
     sourcePath: document.sourcePath || null,
     sourceName: document.sourceName || null,
     sourceFormat: document.sourceFormat,
-    sourceUrl: document.sourceUrl || null,
     importedAt: document.importedAt,
     tags: normalizeTags(document.tags),
     excerpt: document.excerpt,
@@ -769,11 +768,7 @@ function persistDocument(document, options = {}) {
   const summaries = listImportedDocuments({
     ...options,
     limit: MAX_SEARCH_SCAN,
-  }).documents.filter((entry) => {
-    if (entry.documentId === document.documentId) return false;
-    if (document.sourceUrl && entry.sourceUrl === document.sourceUrl) return false;
-    return true;
-  });
+  }).documents.filter((entry) => entry.documentId !== document.documentId);
   const nextSummaries = [
     buildDocumentSummary(document),
     ...summaries,
@@ -887,48 +882,6 @@ function importDocument(options = {}) {
     sourceFormat,
   });
   const fingerprint = sha256(`${title}\n${normalizedContent}`);
-  
-  // -- deduplication and RAG drift tracking ----------------------------------
-  const paths = getDocumentStorePaths(options);
-  let duplicate = null;
-  if (fs.existsSync(paths.catalogPath)) {
-    try {
-      const catalog = readJsonl(paths.catalogPath);
-      const urlMatch = options.sourceUrl ? String(options.sourceUrl).trim() : null;
-      const matchedSummary = catalog.find((summary) =>
-        (urlMatch && summary.sourceUrl === urlMatch) ||
-        (summary.fingerprint === fingerprint)
-      );
-      if (matchedSummary) {
-        const fullDoc = readImportedDocument(matchedSummary.documentId, options);
-        if (fullDoc) {
-          if (fullDoc.fingerprint === fingerprint) {
-            // Case A: Content is identical
-            const dedupReason = urlMatch && fullDoc.sourceUrl === urlMatch
-              ? 'url-and-content-unchanged'
-              : 'content-identical';
-            return {
-              ...fullDoc,
-              duplicate: true,
-              updated: false,
-              dedupReason,
-            };
-          } else {
-            // Case B: URL matches but content changed (RAG Drift!)
-            duplicate = {
-              previousDocumentId: fullDoc.documentId,
-              previousFingerprint: fullDoc.fingerprint,
-              updated: true,
-              dedupReason: 'url-content-updated',
-            };
-          }
-        }
-      }
-    } catch (err) {
-      // best-effort
-    }
-  }
-
   const importedAt = nowIso();
   const sourceName = sourcePath ? path.basename(sourcePath) : null;
   const documentId = `doc_${slugify(title || sourceName || 'document').slice(0, 24) || 'document'}_${fingerprint.slice(0, 12)}`;
@@ -948,7 +901,6 @@ function importDocument(options = {}) {
     contentBytes: Buffer.byteLength(normalizedContent, 'utf8'),
     lineCount: normalizedContent.split('\n').filter(Boolean).length,
     headings: extractHeadings(normalizedContent),
-    ...(duplicate || {}),
   };
   document.proposals = options.proposeGates === false
     ? []

package/scripts/durability/step.js

@@ -7,11 +7,11 @@
  * the full durable-execution runtime. Gives each external call (HTTP,
  * LanceDB, LLM) a uniform retry + idempotency wrapper:
  *
- *   const result = await runStep('zernio.publishPost', {
+ *   const result = await runStep('directSocial.publishPost', {
  *     retries: 3,
  *     idempotencyKey: idempotencyKey(content, platforms),
  *   }, async ({ attempt }) => {
- *     return zernioFetch('POST', '/posts', body, { idempotencyKey: ... });
+ *     return directSocialFetch('POST', '/posts', body, { idempotencyKey: ... });
  *   });
  *
  * Why a custom helper instead of Vercel Workflows / Temporal / Inngest?
@@ -98,7 +98,7 @@ function idempotencyKey(...parts) {
  * `fn` resolves to, or throws the last error after exhausting retries /
  * hitting a non-retryable verdict.
  *
- * @param {string} name          Step name, used in logs. e.g. 'zernio.publishPost'.
+ * @param {string} name          Step name, used in logs. e.g. 'directSocial.publishPost'.
  * @param {object|function} options  { retries, backoffMs, classify, onRetry, onFail, logger }
  *                                   (may be passed directly as the callback shorthand)
  * @param {function({attempt:number}):Promise} fn  The actual work.

package/scripts/gate-stats.js

@@ -11,11 +11,6 @@ const PROJECT_ROOT = path.join(__dirname, '..');
 const MANUAL_GATES_PATH = path.join(PROJECT_ROOT, 'config', 'gates', 'default.json');
 const STATS_PATH = path.join(process.env.HOME || '/tmp', '.thumbgate', 'gate-stats.json');
 
-function safeOccurrenceCount(value) {
-  const n = Number(value);
-  return Number.isFinite(n) && n > 0 ? n : 0;
-}
-
 function loadGatesFile(filePath) {
   if (!fs.existsSync(filePath)) return [];
   try {
@@ -44,16 +39,16 @@ function calculateStats() {
   // Count total blocks/warns from occurrences in auto-promoted gates
   const totalBlocked = autoGates
     .filter((g) => g.action === 'block')
-    .reduce((sum, g) => sum + safeOccurrenceCount(g.occurrences), 0);
+    .reduce((sum, g) => sum + (g.occurrences || 0), 0);
   const totalWarned = autoGates
     .filter((g) => g.action === 'warn')
-    .reduce((sum, g) => sum + safeOccurrenceCount(g.occurrences), 0);
+    .reduce((sum, g) => sum + (g.occurrences || 0), 0);
 
   // Top blocked gate. A configured block rule with zero occurrences is not a
   // "top blocker"; only recorded block events should appear here.
   const topBlocked = [...allGates]
-    .filter((g) => g.action === 'block' && safeOccurrenceCount(g.occurrences) > 0)
-    .sort((a, b) => safeOccurrenceCount(b.occurrences) - safeOccurrenceCount(a.occurrences))
+    .filter((g) => g.action === 'block' && Number(g.occurrences || 0) > 0)
+    .sort((a, b) => (b.occurrences || 0) - (a.occurrences || 0))
     .at(0) || null;
 
   // Last promotion event
@@ -110,7 +105,7 @@ function computeCalibration(gates) {
   const calibration = [];
   for (const gate of gates || []) {
     if (!gate || !gate.id) continue;
-    const occurrences = safeOccurrenceCount(gate.occurrences);
+    const occurrences = Number(gate.occurrences || 0);
     const action = gate.action || 'unknown';
     // Only annotate gates with recorded occurrence data
     if (occurrences === 0) continue;
@@ -263,7 +258,6 @@ module.exports = {
   loadGatesFile,
   tryComputeBayesErrorRate,
   computeCalibration,
-  safeOccurrenceCount,
   MANUAL_GATES_PATH,
   STATS_PATH,
 };

package/scripts/gates-engine.js

@@ -16,13 +16,6 @@ const {
 const {
   evaluateWorkflowSentinel,
 } = require('./workflow-sentinel');
-const {
-  extractPayloadText,
-  extractPayloadPreviousUserText,
-  hasPositiveFeedback,
-  isLowValueCloseout,
-  buildResponseQualityReason,
-} = require('./hook-stop-anti-claim');
 const {
   recordDecisionEvaluation,
   recordDecisionOutcome,
@@ -2592,39 +2585,6 @@ function buildReminderOutput(context) {
   });
 }
 
-function inferHookEventName(input = {}) {
-  const explicit = input.hook_event_name || input.hookEventName || input.event || input.lifecycle;
-  if (explicit) return String(explicit);
-  return extractPayloadText(input) ? 'Stop' : 'PreToolUse';
-}
-
-function buildResponseQualityBlockOutput(reason, input = {}) {
-  return JSON.stringify({
-    decision: 'block',
-    reason,
-    hookSpecificOutput: {
-      hookEventName: inferHookEventName(input),
-      permissionDecision: 'deny',
-      permissionDecisionReason: reason,
-    },
-  });
-}
-
-function evaluateFinalResponseQualityGate(input = {}) {
-  const finalText = extractPayloadText(input) || process.env.CLAUDE_RESPONSE || '';
-  const previousUserText = extractPayloadPreviousUserText(input)
-    || process.env.CLAUDE_PREVIOUS_USER_TEXT
-    || process.env.CLAUDE_PREVIOUS_USER
-    || '';
-
-  if (!finalText || !hasPositiveFeedback(previousUserText)) return null;
-  if (!isLowValueCloseout(finalText, '')) return null;
-  recordStat('response-quality-shallow-closeout', 'block', null, {
-    hookEventName: inferHookEventName(input),
-  });
-  return buildResponseQualityBlockOutput(buildResponseQualityReason(), input);
-}
-
 // ---------------------------------------------------------------------------
 // Upgrade nudge: surfaces Pro value at usage milestones and trial expiry.
 // Block-action Pro CTA: brief upgrade mention after a deny/warn decision.
@@ -2955,9 +2915,6 @@ function mergeContextStrings(...ctxs) {
 }
 
 async function runAsync(input) {
-  const responseQualityGate = evaluateFinalResponseQualityGate(input);
-  if (responseQualityGate) return responseQualityGate;
-
   const secretGuard = evaluateSecretGuard(input);
   if (secretGuard) {
     return formatOutput(secretGuard);
@@ -3005,9 +2962,6 @@ async function runAsync(input) {
 }
 
 function run(input) {
-  const responseQualityGate = evaluateFinalResponseQualityGate(input);
-  if (responseQualityGate) return responseQualityGate;
-
   const secretGuard = evaluateSecretGuard(input);
   if (secretGuard) {
     return formatOutput(secretGuard);
@@ -3342,9 +3296,6 @@ module.exports = {
   evaluateGatesAsync,
   computeExecutableHash,
   formatOutput,
-  inferHookEventName,
-  buildResponseQualityBlockOutput,
-  evaluateFinalResponseQualityGate,
   isApprovalGatesEnabled,
   run,
   runAsync,

package/scripts/gemini-embedding-policy.js

@@ -122,7 +122,7 @@ function resolveGeminiEmbeddingConfig(env = process.env) {
 
   return {
     enabled,
-    provider: enabled ? 'gemini' : 'local',
+    provider: provider === 'coreai' ? 'coreai' : (enabled ? 'gemini' : 'local'),
     model: String(env.THUMBGATE_GEMINI_EMBED_MODEL || GEMINI_EMBEDDING_2_MODEL).trim() || GEMINI_EMBEDDING_2_MODEL,
     apiKey,
     apiBaseUrl: trimTrailingSlashes(env.THUMBGATE_GEMINI_API_BASE_URL || 'https://generativelanguage.googleapis.com/v1beta'),
@@ -171,6 +171,7 @@ function buildGeminiEmbeddingRolloutPlan(args = {}) {
     },
     rolloutSteps: [
       'Keep local embeddings as the default offline path.',
+      'For Apple Silicon developers, route local queries through Core AI (AOT compiled models) to bypass CPU overhead.',
       'Enable Gemini Embedding 2 only when a Gemini API key is present.',
       'Use task-specific query/document prefixes at index and retrieval time.',
       'Start at 768 dimensions, then benchmark 1536 only if recall misses show up.',