unbrowse 2.10.2 → 2.12.0

package/dist/cli.js

@@ -116,6 +116,19 @@ function attributeLifecycle(events) {
   return totals;
 }
 
+// ../../src/runtime/browser-host.ts
+function detectHostEnvironment() {
+  if (process.env.OPENCLAW_RUNTIME)
+    return "openclaw";
+  if (process.env.OPENAI_TOOL_RUNTIME)
+    return "openai";
+  if (process.env.MCP_SERVER_MODE)
+    return "mcp";
+  if (process.env.UNBROWSE_NATIVE)
+    return "native";
+  return "unknown";
+}
+
 // ../../src/runtime/paths.ts
 import { existsSync as existsSync2, mkdirSync as mkdirSync2, realpathSync } from "node:fs";
 import os from "node:os";
@@ -241,8 +254,85 @@ var init_logger = __esm(() => {
 });
 
 // ../../src/kuri/client.ts
+var exports_client = {};
+__export(exports_client, {
+  waitForSelector: () => waitForSelector,
+  waitForLoad: () => waitForLoad,
+  waitForCloudflare: () => waitForCloudflare,
+  stop: () => stop,
+  start: () => start,
+  snapshot: () => snapshot,
+  setViewport: () => setViewport,
+  setUserAgent: () => setUserAgent,
+  setHeaders: () => setHeaders,
+  setCredentials: () => setCredentials,
+  setCookies: () => setCookies,
+  setCookie: () => setCookie,
+  sessionSave: () => sessionSave,
+  sessionLoad: () => sessionLoad,
+  sessionList: () => sessionList,
+  select: () => select,
+  scrollIntoView: () => scrollIntoView,
+  scroll: () => scroll,
+  scriptInject: () => scriptInject,
+  screenshot: () => screenshot,
+  resolveKuriPort: () => resolveKuriPort,
+  reload: () => reload,
+  press: () => press,
+  newTab: () => newTab,
+  networkEnable: () => networkEnable,
+  navigate: () => navigate,
+  keyboardType: () => keyboardType,
+  keyboardInsertText: () => keyboardInsertText,
+  keyUp: () => keyUp,
+  keyDown: () => keyDown,
+  isReady: () => isReady,
+  interceptStart: () => interceptStart,
+  health: () => health,
+  hasCloudflareChallenge: () => hasCloudflareChallenge,
+  harStop: () => harStop,
+  harStart: () => harStart,
+  goForward: () => goForward,
+  goBack: () => goBack,
+  getText: () => getText,
+  getPort: () => getPort,
+  getPerfLcp: () => getPerfLcp,
+  getPageHtml: () => getPageHtml,
+  getNetworkEvents: () => getNetworkEvents,
+  getMarkdown: () => getMarkdown,
+  getLinks: () => getLinks,
+  getKuriSourceCandidates: () => getKuriSourceCandidates,
+  getKuriErrorMessage: () => getKuriErrorMessage,
+  getKuriBinaryCandidates: () => getKuriBinaryCandidates,
+  getErrors: () => getErrors,
+  getDefaultTab: () => getDefaultTab,
+  getCurrentUrl: () => getCurrentUrl,
+  getCookies: () => getCookies,
+  getConsole: () => getConsole,
+  findText: () => findText,
+  findKuriBinary: () => findKuriBinary,
+  fill: () => fill,
+  extractLoadPluginsFromHtml: () => extractLoadPluginsFromHtml,
+  extractLoadPlugins: () => extractLoadPlugins,
+  executeInPageFetch: () => executeInPageFetch,
+  evaluate: () => evaluate,
+  drag: () => drag,
+  domQuery: () => domQuery,
+  domHtml: () => domHtml,
+  domAttributes: () => domAttributes,
+  discoverTabs: () => discoverTabs,
+  closeTab: () => closeTab,
+  click: () => click,
+  bestEffortRehydratePlugins: () => bestEffortRehydratePlugins,
+  authProfileSave: () => authProfileSave,
+  authProfileLoad: () => authProfileLoad,
+  authProfileList: () => authProfileList,
+  authProfileDelete: () => authProfileDelete,
+  action: () => action
+});
 import { execFileSync, spawn } from "node:child_process";
 import { existsSync as existsSync3 } from "node:fs";
+import net from "node:net";
 import path3 from "node:path";
 function kuriBinaryName() {
   return process.platform === "win32" ? "kuri.exe" : "kuri";
@@ -316,6 +406,46 @@ async function discoverCdpPort() {
   }
   log("kuri", "could not discover CDP port — tab discovery may fail");
 }
+async function isKuriHealthyOnPort(port) {
+  try {
+    const health = await fetch(`http://127.0.0.1:${port}/health`, {
+      signal: AbortSignal.timeout(1000)
+    });
+    return health.ok;
+  } catch {
+    return false;
+  }
+}
+async function isTcpPortOpen(port, timeoutMs = 400) {
+  return await new Promise((resolve) => {
+    const socket = net.createConnection({ host: "127.0.0.1", port });
+    const finish = (open) => {
+      socket.removeAllListeners();
+      socket.destroy();
+      resolve(open);
+    };
+    socket.setTimeout(timeoutMs);
+    socket.once("connect", () => finish(true));
+    socket.once("timeout", () => finish(false));
+    socket.once("error", () => finish(false));
+  });
+}
+async function resolveKuriPort(preferredPort, deps = {}) {
+  const isHealthyPort = deps.isHealthyPort ?? isKuriHealthyOnPort;
+  const isPortOpen = deps.isPortOpen ?? isTcpPortOpen;
+  const searchLimit = deps.searchLimit ?? KURI_PORT_SEARCH_LIMIT;
+  if (await isHealthyPort(preferredPort))
+    return preferredPort;
+  if (!await isPortOpen(preferredPort))
+    return preferredPort;
+  for (let candidate = preferredPort + 1;candidate <= preferredPort + searchLimit; candidate++) {
+    if (await isHealthyPort(candidate))
+      return candidate;
+    if (!await isPortOpen(candidate))
+      return candidate;
+  }
+  return preferredPort;
+}
 function kuriUrl(path4, params) {
   const base = `http://127.0.0.1:${kuriPort}${path4}`;
   if (!params || Object.keys(params).length === 0)
@@ -382,105 +512,118 @@ async function waitForChildExit(child, timeoutMs = 2000) {
 async function start(port) {
   if (kuriReady)
     return;
-  kuriPort = port ?? KURI_DEFAULT_PORT;
-  try {
-    const health = await fetch(`http://127.0.0.1:${kuriPort}/health`, {
-      signal: AbortSignal.timeout(1000)
-    });
-    if (health.ok) {
+  if (kuriStartPromise)
+    return kuriStartPromise;
+  const startPromise = (async () => {
+    const requestedPort = port ?? Number(process.env.KURI_PORT || KURI_DEFAULT_PORT);
+    kuriPort = await resolveKuriPort(requestedPort);
+    if (kuriPort !== requestedPort) {
+      log("kuri", `preferred port ${requestedPort} is occupied but unhealthy; falling back to ${kuriPort}`);
+    }
+    if (await isKuriHealthyOnPort(kuriPort)) {
       log("kuri", `already running on port ${kuriPort}`);
       kuriReady = true;
       await discoverCdpPort();
       await ensureTabsDiscovered();
       return;
     }
-  } catch {}
-  const binary = findKuriBinary();
-  log("kuri", `starting: ${binary} on port ${kuriPort}`);
-  if (!existsSync3(binary)) {
-    throw new Error(`Kuri binary not found at ${binary}`);
-  }
-  await discoverCdpPort();
-  const env = {
-    ...process.env,
-    PORT: String(kuriPort),
-    HOST: "127.0.0.1",
-    HEADLESS: "false"
-  };
-  if (kuriCdpPort) {
-    env.CDP_URL = `ws://127.0.0.1:${kuriCdpPort}`;
-    log("kuri", `connecting to existing Chrome on port ${kuriCdpPort}`);
-  } else {
-    log("kuri", "no existing Chrome found — Kuri will launch managed Chrome");
-  }
-  const maxAttempts = KURI_SPAWN_RETRIES + 1;
-  for (let attempt = 1;attempt <= maxAttempts; attempt++) {
-    if (attempt > 1) {
-      log("kuri", `spawn retry ${attempt}/${maxAttempts} after ${KURI_SPAWN_RETRY_DELAY_MS}ms`);
-      await new Promise((r) => setTimeout(r, KURI_SPAWN_RETRY_DELAY_MS));
-    }
-    let exitedBeforeReady = false;
-    kuriProcess = spawn(binary, [], {
-      env,
-      stdio: ["ignore", "pipe", "pipe"]
-    });
-    kuriProcess.stderr?.on("data", (chunk) => {
-      const line = chunk.toString().trim();
-      if (line)
-        log("kuri", `[stderr] ${line}`);
-      const cdpMatch = line.match(/CDP port:\s*(\d+)/);
-      if (cdpMatch) {
-        kuriCdpPort = parseInt(cdpMatch[1], 10);
-        log("kuri", `discovered CDP port: ${kuriCdpPort}`);
+    const binary = findKuriBinary();
+    log("kuri", `starting: ${binary} on port ${kuriPort}`);
+    if (!existsSync3(binary)) {
+      throw new Error(`Kuri binary not found at ${binary}`);
+    }
+    await discoverCdpPort();
+    const env = {
+      ...process.env,
+      PORT: String(kuriPort),
+      HOST: "127.0.0.1",
+      HEADLESS: "false"
+    };
+    if (kuriCdpPort) {
+      env.CDP_URL = `ws://127.0.0.1:${kuriCdpPort}`;
+      log("kuri", `connecting to existing Chrome on port ${kuriCdpPort}`);
+    } else {
+      log("kuri", "no existing Chrome found — Kuri will launch managed Chrome");
+    }
+    const maxAttempts = KURI_SPAWN_RETRIES + 1;
+    for (let attempt = 1;attempt <= maxAttempts; attempt++) {
+      if (attempt > 1) {
+        log("kuri", `spawn retry ${attempt}/${maxAttempts} after ${KURI_SPAWN_RETRY_DELAY_MS}ms`);
+        await new Promise((r) => setTimeout(r, KURI_SPAWN_RETRY_DELAY_MS));
       }
-    });
-    kuriProcess.on("exit", (code) => {
-      if (!kuriReady)
-        exitedBeforeReady = true;
-      log("kuri", `process exited with code ${code}`);
-      kuriReady = false;
-      kuriProcess = null;
-    });
-    const deadline = Date.now() + KURI_STARTUP_TIMEOUT_MS;
-    while (Date.now() < deadline) {
-      if (exitedBeforeReady)
-        break;
-      try {
-        const res = await fetch(`http://127.0.0.1:${kuriPort}/health`, {
-          signal: AbortSignal.timeout(500)
-        });
-        if (res.ok) {
-          kuriReady = true;
-          log("kuri", `ready on port ${kuriPort}`);
-          await new Promise((r) => setTimeout(r, 300));
-          if (!kuriCdpPort)
-            await discoverCdpPort();
-          await ensureTabsDiscovered();
-          return;
+      let exitedBeforeReady = false;
+      kuriProcess = spawn(binary, [], {
+        env,
+        stdio: ["ignore", "pipe", "pipe"]
+      });
+      kuriProcess.stderr?.on("data", (chunk) => {
+        const line = chunk.toString().trim();
+        if (line)
+          log("kuri", `[stderr] ${line}`);
+        const cdpMatch = line.match(/CDP port:\s*(\d+)/);
+        if (cdpMatch) {
+          kuriCdpPort = parseInt(cdpMatch[1], 10);
+          log("kuri", `discovered CDP port: ${kuriCdpPort}`);
         }
+      });
+      kuriProcess.on("exit", (code) => {
+        if (!kuriReady)
+          exitedBeforeReady = true;
+        log("kuri", `process exited with code ${code}`);
+        kuriReady = false;
+        kuriProcess = null;
+      });
+      const deadline = Date.now() + KURI_STARTUP_TIMEOUT_MS;
+      while (Date.now() < deadline) {
+        if (exitedBeforeReady)
+          break;
+        try {
+          const res = await fetch(`http://127.0.0.1:${kuriPort}/health`, {
+            signal: AbortSignal.timeout(500)
+          });
+          if (res.ok) {
+            kuriReady = true;
+            log("kuri", `ready on port ${kuriPort}`);
+            await new Promise((r) => setTimeout(r, 300));
+            if (!kuriCdpPort)
+              await discoverCdpPort();
+            await ensureTabsDiscovered();
+            return;
+          }
+        } catch {}
+        await new Promise((r) => setTimeout(r, 200));
+      }
+      if (kuriReady)
+        return;
+      if (kuriProcess) {
+        kuriProcess.kill();
+        await waitForChildExit(kuriProcess);
+      }
+      try {
+        execFileSync("pkill", ["-f", `remote-debugging-port=${kuriCdpPort ?? 9222}`], { stdio: "ignore" });
+        await new Promise((r) => setTimeout(r, 1000));
       } catch {}
-      await new Promise((r) => setTimeout(r, 200));
     }
-    if (kuriReady)
-      return;
-    if (kuriProcess) {
-      kuriProcess.kill();
-      await waitForChildExit(kuriProcess);
+    throw new Error(`Kuri failed to start after ${maxAttempts} attempts`);
+  })();
+  kuriStartPromise = startPromise.finally(() => {
+    if (kuriStartPromise === startPromise) {
+      kuriStartPromise = null;
     }
-    try {
-      execFileSync("pkill", ["-f", `remote-debugging-port=${kuriCdpPort ?? 9222}`], { stdio: "ignore" });
-      await new Promise((r) => setTimeout(r, 1000));
-    } catch {}
-  }
-  throw new Error(`Kuri failed to start after ${maxAttempts} attempts`);
+  });
+  return kuriStartPromise;
 }
 async function stop() {
+  if (kuriStartPromise) {
+    await kuriStartPromise.catch(() => {});
+  }
   if (kuriProcess) {
     kuriProcess.kill("SIGTERM");
     kuriProcess = null;
   }
   kuriReady = false;
   kuriCdpPort = null;
+  kuriStartPromise = null;
 }
 async function discoverTabs() {
   await ensureTabsDiscovered();
@@ -574,6 +717,25 @@ async function evaluate(tabId, expression) {
     return inner.value;
   return inner.description ?? raw;
 }
+function getKuriErrorMessage(value) {
+  if (typeof value === "string")
+    return null;
+  if (!value || typeof value !== "object")
+    return null;
+  const record = value;
+  if (typeof record.error === "string")
+    return record.error;
+  if (typeof record.message === "string")
+    return record.message;
+  if (record.result && typeof record.result === "object") {
+    const nested = record.result;
+    if (typeof nested.error === "string")
+      return nested.error;
+    if (typeof nested.message === "string")
+      return nested.message;
+  }
+  return null;
+}
 async function getCookies(tabId) {
   const raw = await kuriGet("/cookies", { tab_id: tabId });
   return raw?.result?.cookies ?? [];
@@ -672,6 +834,9 @@ async function harStop(tabId) {
 async function networkEnable(tabId) {
   await kuriGet("/network", { tab_id: tabId, mode: "enable" });
 }
+async function interceptStart(tabId) {
+  await kuriGet("/intercept/start", { tab_id: tabId });
+}
 async function getText(tabId) {
   const result = await kuriGet("/text", { tab_id: tabId });
   return result?.text ?? "";
@@ -713,12 +878,106 @@ async function newTab(url) {
 }
 async function getCurrentUrl(tabId) {
   const result = await evaluate(tabId, "window.location.href");
-  return String(result ?? "");
+  return typeof result === "string" ? result : "";
 }
 async function getPageHtml(tabId) {
   const result = await evaluate(tabId, "document.documentElement.outerHTML");
   return String(result ?? "");
 }
+function extractLoadPlugins(value) {
+  if (typeof value !== "string")
+    return [];
+  return Array.from(new Set(value.split(/[\s,;]+/).map((part) => part.trim()).filter(Boolean)));
+}
+function extractLoadPluginsFromHtml(html) {
+  const modules = [];
+  const pattern = /data-load-plugins=(["'])(.*?)\1/gi;
+  for (const match of html.matchAll(pattern)) {
+    modules.push(...extractLoadPlugins(match[2]));
+  }
+  return Array.from(new Set(modules));
+}
+async function bestEffortRehydratePlugins(tabId) {
+  const result = await evaluate(tabId, `(async function() {
+    function splitPlugins(value) {
+      return String(value || "")
+        .split(/[\\s,;]+/)
+        .map(function(part) { return part.trim(); })
+        .filter(Boolean);
+    }
+    function pluginPath(name) {
+      if (/^https?:\\/\\//i.test(name) || name.startsWith("/")) return name;
+      return "/etc/designs/wrs/footLibs/js/plugins/" + (name.endsWith(".js") ? name : name + ".js");
+    }
+    var modules = Array.from(new Set(
+      Array.from(document.querySelectorAll("[data-load-plugins]"))
+        .flatMap(function(node) { return splitPlugins(node.getAttribute("data-load-plugins")); })
+    ));
+    if (modules.length === 0) {
+      return JSON.stringify({ attempted: false, loaded: false, nooped: true, reason: "no_plugins", modules: [] });
+    }
+    if (!window.WRS || typeof window.WRS.require !== "function") {
+      return JSON.stringify({ attempted: false, loaded: false, nooped: true, reason: "missing_wrs_require", modules: modules });
+    }
+    var requireWrs = window.WRS.require.bind(window.WRS);
+    async function loadModules(paths) {
+      return await new Promise(function(resolve) {
+        var done = false;
+        var timer = setTimeout(function() {
+          if (done) return;
+          done = true;
+          resolve({ ok: false, reason: "timeout" });
+        }, 1500);
+        try {
+          requireWrs(paths, function() {
+            if (done) return;
+            done = true;
+            clearTimeout(timer);
+            resolve({ ok: true });
+          });
+        } catch (error) {
+          if (done) return;
+          done = true;
+          clearTimeout(timer);
+          resolve({ ok: false, reason: error && error.message ? error.message : String(error) });
+        }
+      });
+    }
+    var configResult = await loadModules(["/etc/designs/wrs/footLibs/js/config.js"]);
+    var pluginResult = await loadModules(modules.map(pluginPath));
+    for (var i = 0; i < 6; i++) {
+      await new Promise(function(resolve) { return setTimeout(resolve, 100); });
+    }
+    return JSON.stringify({
+      attempted: true,
+      loaded: !!pluginResult.ok,
+      nooped: false,
+      reason: pluginResult.ok ? undefined : pluginResult.reason,
+      config_loaded: !!configResult.ok,
+      modules: modules,
+    });
+  })()`);
+  if (typeof result !== "string") {
+    return {
+      attempted: false,
+      loaded: false,
+      nooped: true,
+      reason: "invalid_rehydrate_result",
+      modules: []
+    };
+  }
+  try {
+    return JSON.parse(result);
+  } catch {
+    return {
+      attempted: false,
+      loaded: false,
+      nooped: true,
+      reason: "invalid_rehydrate_result",
+      modules: []
+    };
+  }
+}
 async function hasCloudflareChallenge(tabId) {
   const result = await evaluate(tabId, `(function() {
     var html = document.documentElement.innerHTML;
@@ -765,6 +1024,20 @@ async function executeInPageFetch(tabId, url, method, headers, body) {
     return { status: 0, data: result };
   }
 }
+async function health() {
+  try {
+    const result = await kuriGet("/health");
+    return { ok: result?.ok === true || result?.status === "ok", tabs: result?.tabs };
+  } catch {
+    return { ok: false };
+  }
+}
+function getPort() {
+  return kuriPort;
+}
+function isReady() {
+  return kuriReady;
+}
 async function action(tabId, actionType, ref, value) {
   const params = { tab_id: tabId, action: actionType, ref };
   if (value !== undefined)
@@ -836,25 +1109,99 @@ async function waitForLoad(tabId, timeoutMs) {
 async function keyboardType(tabId, text) {
   return kuriGet("/keyboard/type", { tab_id: tabId, text });
 }
+async function keyboardInsertText(tabId, text) {
+  return kuriGet("/keyboard/inserttext", { tab_id: tabId, text });
+}
+async function keyDown(tabId, key) {
+  return kuriGet("/keydown", { tab_id: tabId, key });
+}
+async function keyUp(tabId, key) {
+  return kuriGet("/keyup", { tab_id: tabId, key });
+}
 async function scrollIntoView(tabId, ref) {
   return kuriGet("/scrollintoview", { tab_id: tabId, ref });
 }
+async function drag(tabId, sourceRef, targetRef) {
+  return kuriGet("/drag", { tab_id: tabId, source: sourceRef, target: targetRef });
+}
+async function domQuery(tabId, selector, all = false) {
+  const params = { tab_id: tabId, selector };
+  if (all)
+    params.all = "true";
+  return await kuriGet("/dom/query", params);
+}
+async function domHtml(tabId, nodeId) {
+  return kuriGet("/dom/html", { tab_id: tabId, node_id: String(nodeId) });
+}
+async function domAttributes(tabId, opts) {
+  const params = { tab_id: tabId };
+  if (opts.ref)
+    params.ref = opts.ref;
+  if (opts.selector)
+    params.selector = opts.selector;
+  return kuriGet("/dom/attributes", params);
+}
 async function scriptInject(tabId, source) {
   return kuriPost("/script/inject", { tab_id: tabId }, { source });
 }
+async function setCredentials(tabId, username, password) {
+  return kuriGet("/set/credentials", { tab_id: tabId, username, password });
+}
+async function setViewport(tabId, width, height) {
+  return kuriGet("/set/viewport", { tab_id: tabId, width: String(width), height: String(height) });
+}
+async function setUserAgent(tabId, ua) {
+  return kuriGet("/set/useragent", { tab_id: tabId, ua });
+}
+async function sessionSave() {
+  return kuriGet("/session/save");
+}
+async function sessionLoad(state) {
+  return kuriPost("/session/load", {}, state);
+}
+async function sessionList() {
+  return kuriGet("/session/list");
+}
 async function goBack(tabId) {
   return kuriGet("/back", { tab_id: tabId });
 }
 async function goForward(tabId) {
   return kuriGet("/forward", { tab_id: tabId });
 }
+async function reload(tabId) {
+  return kuriGet("/reload", { tab_id: tabId });
+}
+async function getNetworkEvents(tabId) {
+  return kuriGet("/network", { tab_id: tabId });
+}
+async function getPerfLcp(tabId) {
+  return kuriGet("/perf/lcp", { tab_id: tabId });
+}
+async function findText(tabId, query) {
+  return kuriGet("/find", { tab_id: tabId, query });
+}
+async function getLinks(tabId) {
+  return kuriGet("/links", { tab_id: tabId });
+}
+async function getConsole(tabId) {
+  return kuriGet("/console", { tab_id: tabId });
+}
+async function getErrors(tabId) {
+  return kuriGet("/errors", { tab_id: tabId });
+}
 async function authProfileSave(tabId, name) {
   return kuriGet("/auth/profile/save", { tab_id: tabId, name });
 }
 async function authProfileLoad(tabId, name) {
   return kuriGet("/auth/profile/load", { tab_id: tabId, name });
 }
-var KURI_DEFAULT_PORT = 7700, KURI_STARTUP_TIMEOUT_MS = 1e4, KURI_REQUEST_TIMEOUT_MS = 30000, KURI_SPAWN_RETRIES = 3, KURI_SPAWN_RETRY_DELAY_MS = 1000, kuriProcess = null, kuriPort, kuriCdpPort = null, kuriReady = false;
+async function authProfileList(tabId) {
+  return kuriGet("/auth/profile/list", { tab_id: tabId });
+}
+async function authProfileDelete(name) {
+  return kuriGet("/auth/profile/delete", { name });
+}
+var KURI_DEFAULT_PORT = 7700, KURI_STARTUP_TIMEOUT_MS = 1e4, KURI_REQUEST_TIMEOUT_MS = 30000, KURI_SPAWN_RETRIES = 3, KURI_SPAWN_RETRY_DELAY_MS = 1000, KURI_PORT_SEARCH_LIMIT = 10, kuriProcess = null, kuriPort, kuriCdpPort = null, kuriReady = false, kuriStartPromise = null;
 var init_client = __esm(() => {
   init_logger();
   init_paths();
@@ -1277,20 +1624,6 @@ function mergeContextTemplateParams(params, urlTemplate, contextUrl) {
 }
 
 // ../../src/graph/index.ts
-var exports_graph = {};
-__export(exports_graph, {
-  toAgentSkillChunkView: () => toAgentSkillChunkView,
-  resolveEndpointSemantic: () => resolveEndpointSemantic,
-  operationSoftPenalty: () => operationSoftPenalty,
-  knownBindingsFromInputs: () => knownBindingsFromInputs,
-  isRunnable: () => isRunnable,
-  isOperationHardExcluded: () => isOperationHardExcluded,
-  inferEndpointSemantic: () => inferEndpointSemantic,
-  getSkillChunk: () => getSkillChunk,
-  ensureSkillOperationGraph: () => ensureSkillOperationGraph,
-  computeReachableEndpoints: () => computeReachableEndpoints,
-  buildSkillOperationGraph: () => buildSkillOperationGraph
-});
 function normalizeTokenText(text) {
   return text.replace(/([a-z0-9])([A-Z])/g, "$1 $2").replace(/([A-Z]+)([A-Z][a-z])/g, "$1 $2").replace(/([a-zA-Z])(\d)/g, "$1 $2").replace(/(\d)([a-zA-Z])/g, "$1 $2");
 }
@@ -2654,8 +2987,8 @@ function templatizeBodyObject(value, context, path4 = "", bodyParams = {}) {
 function inferCsrfPlan(req, parsedBody) {
   const headers = Object.fromEntries(Object.entries(req.request_headers).map(([key, value]) => [key.toLowerCase(), value]));
   const cookies = parseCookieHeader(headers["cookie"]);
-  const csrfCookieNames = Object.keys(cookies).filter((name) => /^(ct0|csrf_token|_csrf|csrftoken|xsrf-token|_xsrf)$/i.test(name));
-  const headerName = ["x-csrf-token", "x-xsrf-token", "x-csrftoken"].find((name) => typeof headers[name] === "string" && headers[name].length > 0);
+  const csrfCookieNames = Object.keys(cookies).filter((name) => /^(ct0|csrf_token|_csrf|csrftoken|xsrf-token|_xsrf|jsessionid)$/i.test(name));
+  const headerName = ["x-csrf-token", "x-xsrf-token", "x-csrftoken", "csrf-token"].find((name) => typeof headers[name] === "string" && headers[name].length > 0);
   if (headerName && csrfCookieNames.length > 0) {
     return {
       source: "cookie",
@@ -3165,6 +3498,15 @@ function isSensitiveHeader(name) {
     return true;
   return false;
 }
+function isReplayCriticalHeader(name, value) {
+  const lower = name.toLowerCase();
+  if (REPLAY_HEADER_EXACT.has(lower)) {
+    if (lower !== "accept")
+      return true;
+    return /application\/vnd\./i.test(value);
+  }
+  return REPLAY_HEADER_PREFIXES.some((prefix) => lower.startsWith(prefix));
+}
 function sanitizeHeaders(headers) {
   return Object.fromEntries(Object.entries(headers ?? {}).filter(([k]) => {
     const lower = k.toLowerCase();
@@ -3180,7 +3522,7 @@ function extractAuthHeaders(requests) {
       const lower = k.toLowerCase();
       if (lower === "cookie" || lower === "content-length" || lower === "host")
         continue;
-      if (isSensitiveHeader(k) && !authHeaders[lower]) {
+      if ((isSensitiveHeader(k) || isReplayCriticalHeader(k, v)) && !authHeaders[lower]) {
         authHeaders[lower] = v;
       }
     }
@@ -3283,7 +3625,12 @@ function templatizePathSegments(templateUrl, originalUrl, context) {
         try {
           const contextSegments = new URL(context.pageUrl).pathname.split("/");
           const contextSeg = contextSegments[i];
-          if (contextSeg && contextSeg !== tSeg && !contextSeg.includes(".") && contextSeg.length >= 2 && contextSeg.length <= 40 && !/^(api|v\d+|www|en|es|fr|de|latest|search|i)$/i.test(contextSeg)) {
+          const prevSeg = tSegments[i - 1] ?? "";
+          const prevContextSeg = contextSegments[i - 1] ?? "";
+          const nextSeg = tSegments[i + 1] ?? "";
+          const nextContextSeg = contextSegments[i + 1] ?? "";
+          const hasStructuralNeighborMatch = !!prevSeg && !!prevContextSeg && prevSeg === prevContextSeg || !!nextSeg && !!nextContextSeg && nextSeg === nextContextSeg;
+          if (contextSeg && contextSeg !== tSeg && hasStructuralNeighborMatch && !contextSeg.includes(".") && contextSeg.length >= 2 && contextSeg.length <= 40 && !/^(api|v\d+|www|en|es|fr|de|latest|search|i)$/i.test(contextSeg)) {
             const paramName = inferParamName(tSegments, i, "slug", usedNames);
             tSegments[i] = `{${paramName}}`;
             pathParams[paramName] = contextSeg;
@@ -3481,7 +3828,7 @@ function isCloudflareChallenge(responseBody) {
   const bodyLower = responseBody.toLowerCase();
   return CF_MARKERS.some((marker) => bodyLower.includes(marker.toLowerCase()));
 }
-var SKIP_EXTENSIONS, SKIP_JS_BUNDLES, SKIP_PATHS, SKIP_HOSTS, SKIP_TELEMETRY_HOSTS, SKIP_TELEMETRY_PATHS, RPC_HINTS, ALLOWED_METHODS, STRIP_HEADERS, STRIP_HEADER_PREFIXES, SAFE_HEADERS, SENSITIVE_HEADER_PATTERN, SENSITIVE_QUERY_PARAMS, FRAMEWORK_QUERY_PARAMS, AD_HOSTS, AD_SCHEMA_KEYS, AD_SCHEMA_THRESHOLD = 3, ON_DOMAIN_NOISE;
+var SKIP_EXTENSIONS, SKIP_JS_BUNDLES, SKIP_PATHS, SKIP_HOSTS, SKIP_TELEMETRY_HOSTS, SKIP_TELEMETRY_PATHS, RPC_HINTS, ALLOWED_METHODS, STRIP_HEADERS, STRIP_HEADER_PREFIXES, REPLAY_HEADER_PREFIXES, REPLAY_HEADER_EXACT, SAFE_HEADERS, SENSITIVE_HEADER_PATTERN, SENSITIVE_QUERY_PARAMS, FRAMEWORK_QUERY_PARAMS, AD_HOSTS, AD_SCHEMA_KEYS, AD_SCHEMA_THRESHOLD = 3, ON_DOMAIN_NOISE;
 var init_reverse_engineer = __esm(() => {
   init_transform();
   init_domain();
@@ -3520,6 +3867,16 @@ var init_reverse_engineer = __esm(() => {
     "x-stripe-",
     "x-firebase-"
   ];
+  REPLAY_HEADER_PREFIXES = [
+    "x-li-"
+  ];
+  REPLAY_HEADER_EXACT = new Set([
+    "accept",
+    "csrf-token",
+    "origin",
+    "x-requested-with",
+    "x-restli-protocol-version"
+  ]);
   SAFE_HEADERS = new Set([
     "accept",
     "accept-encoding",
@@ -4732,6 +5089,8 @@ __export(exports_client2, {
   registerAgent: () => registerAgent,
   recordTransaction: () => recordTransaction,
   recordOrchestrationPerf: () => recordOrchestrationPerf,
+  recordInstallTelemetryEvent: () => recordInstallTelemetryEvent2,
+  recordFunnelTelemetryEvent: () => recordFunnelTelemetryEvent2,
   recordFeedback: () => recordFeedback,
   recordExecution: () => recordExecution,
   recordDiagnostics: () => recordDiagnostics,
@@ -4749,14 +5108,18 @@ __export(exports_client2, {
   getSkill: () => getSkill,
   getRecentLocalSkill: () => getRecentLocalSkill,
   getMyProfile: () => getMyProfile2,
+  getLocalWalletContext: () => getLocalWalletContext2,
+  getInstallId: () => getInstallId2,
   getEndpointSchema: () => getEndpointSchema,
   getCreatorEarnings: () => getCreatorEarnings,
   getApiKey: () => getApiKey2,
   getAgentId: () => getAgentId,
   getAgent: () => getAgent,
-  getActiveProfile: () => getActiveProfile,
+  getActiveProfile: () => getActiveProfile2,
   findExistingSkillForDomain: () => findExistingSkillForDomain,
   ensureRegistered: () => ensureRegistered2,
+  ensureCliInstallTracked: () => ensureCliInstallTracked2,
+  detectTelemetryHostType: () => detectTelemetryHostType2,
   deprecateSkill: () => deprecateSkill,
   cachePublishedSkill: () => cachePublishedSkill,
   buildExecutionPayload: () => buildExecutionPayload,
@@ -4800,10 +5163,13 @@ function getConfigDir2() {
 function getConfigPath2() {
   return join3(getConfigDir2(), "config.json");
 }
+function getInstallTelemetryPath2() {
+  return join3(getConfigDir2(), "install-state.json");
+}
 function sanitizeProfileName2(value) {
   return value.trim().replace(/[^a-zA-Z0-9._-]+/g, "-").replace(/^-+|-+$/g, "");
 }
-function getActiveProfile() {
+function getActiveProfile2() {
   return PROFILE_NAME2 || "default";
 }
 function isLocalOnlyMode() {
@@ -4825,6 +5191,120 @@ function saveConfig2(config) {
     mkdirSync4(configDir, { recursive: true });
   writeFileSync3(configPath, JSON.stringify(config, null, 2), { mode: 384 });
 }
+function loadInstallTelemetryState2() {
+  try {
+    const statePath = getInstallTelemetryPath2();
+    if (existsSync4(statePath)) {
+      return JSON.parse(readFileSync2(statePath, "utf-8"));
+    }
+  } catch {}
+  return null;
+}
+function saveInstallTelemetryState2(state) {
+  const configDir = getConfigDir2();
+  const statePath = getInstallTelemetryPath2();
+  if (!existsSync4(configDir))
+    mkdirSync4(configDir, { recursive: true });
+  writeFileSync3(statePath, JSON.stringify(state, null, 2), { mode: 384 });
+}
+function createInstallTelemetryState2() {
+  return {
+    install_id: `install_${randomBytes2(8).toString("hex")}`,
+    first_seen_at: new Date().toISOString()
+  };
+}
+function getOrCreateInstallTelemetryState2() {
+  const existing = loadInstallTelemetryState2();
+  if (existing?.install_id)
+    return existing;
+  const created = createInstallTelemetryState2();
+  saveInstallTelemetryState2(created);
+  return created;
+}
+function getInstallId2() {
+  return getOrCreateInstallTelemetryState2().install_id;
+}
+function detectTelemetryHostType2() {
+  switch (detectHostEnvironment()) {
+    case "openai":
+      return "codex";
+    case "openclaw":
+      return "openclaw";
+    case "mcp":
+      return "mcp";
+    case "native":
+      return "native";
+    case "unknown":
+    default:
+      return "cli";
+  }
+}
+async function postTelemetry2(path4, body) {
+  if (LOCAL_ONLY2)
+    return false;
+  try {
+    const key = getApiKey2();
+    const res = await fetch(`${API_URL2}${path4}`, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        "Accept-Encoding": "gzip, deflate",
+        ...key ? { Authorization: `Bearer ${key}` } : {}
+      },
+      body: JSON.stringify(body)
+    });
+    return res.ok;
+  } catch {
+    return false;
+  }
+}
+async function ensureCliInstallTracked2(hostType = detectTelemetryHostType2()) {
+  const state = getOrCreateInstallTelemetryState2();
+  if (state.cli_first_seen_reported_at)
+    return;
+  const createdAt = new Date().toISOString();
+  const ok = await postTelemetry2("/v1/telemetry/install", {
+    install_id: state.install_id,
+    source: "cli-first-seen",
+    host_type: hostType,
+    skill: "unbrowse",
+    status: "installed",
+    created_at: createdAt,
+    properties: {
+      profile: getActiveProfile2(),
+      first_seen_at: state.first_seen_at
+    }
+  });
+  if (!ok)
+    return;
+  state.cli_first_seen_reported_at = createdAt;
+  saveInstallTelemetryState2(state);
+}
+async function recordInstallTelemetryEvent2(source, options) {
+  const createdAt = options?.createdAt ?? new Date().toISOString();
+  await postTelemetry2("/v1/telemetry/install", {
+    install_id: getInstallId2(),
+    source,
+    host_type: options?.hostType ?? detectTelemetryHostType2(),
+    skill: options?.skill ?? "unbrowse",
+    skill_version: options?.skillVersion,
+    status: options?.status ?? "installed",
+    created_at: createdAt,
+    properties: options?.properties
+  });
+}
+async function recordFunnelTelemetryEvent2(name, options) {
+  const createdAt = options?.createdAt ?? new Date().toISOString();
+  await postTelemetry2("/v1/telemetry/events", {
+    install_id: getInstallId2(),
+    session_id: options?.sessionId,
+    name,
+    source: options?.source ?? "cli",
+    host_type: options?.hostType ?? detectTelemetryHostType2(),
+    created_at: createdAt,
+    properties: options?.properties
+  });
+}
 function normalizeAgentEmail2(value) {
   return value.trim().toLowerCase();
 }
@@ -5115,6 +5595,12 @@ async function ensureRegistered2(options) {
       tos_accepted_at: new Date().toISOString(),
       ...wallet
     });
+    await recordFunnelTelemetryEvent2("registration_succeeded", {
+      source: "cli",
+      properties: {
+        prompt_for_email: options?.promptForEmail === true
+      }
+    });
     console.log(`Registered as ${name}. API key saved to ~/.unbrowse/config.json`);
   } catch (err) {
     console.warn(`Registration failed: ${err.message}`);
@@ -5376,6 +5862,11 @@ async function recordExecution(skillId, endpointId, trace, skill) {
   const payload = buildExecutionPayload(skillId, endpointId, trace, skill);
   await api2("POST", "/v1/stats/execution", payload);
 }
+async function recordAnalyticsSession(payload) {
+  if (LOCAL_ONLY2)
+    return;
+  await api2("POST", "/v1/analytics/sessions", payload);
+}
 async function recordTransaction(params) {
   if (LOCAL_ONLY2)
     return;
@@ -5418,11 +5909,6 @@ async function recordOrchestrationPerf(timing) {
   const phaseTotals = Object.fromEntries(attributeLifecycle(events));
   await api2("POST", "/v1/stats/perf", { ...timing, phase_totals_ms: phaseTotals });
 }
-async function recordAnalyticsSession(session) {
-  if (LOCAL_ONLY2)
-    return;
-  await api2("POST", "/v1/analytics/sessions", session);
-}
 async function validateManifest(manifest) {
   if (LOCAL_ONLY2)
     return { valid: true, hardErrors: [], softWarnings: [] };
@@ -6338,6 +6824,32 @@ import fs2 from "node:fs";
 function getProfilePath(domain) {
   return path4.join(os3.homedir(), ".unbrowse", "profiles", getRegistrableDomain(domain));
 }
+function assessInteractiveLoginState(input) {
+  let parsed;
+  try {
+    parsed = new URL(input.currentUrl);
+  } catch {
+    return { status: "pending", reason: "invalid_url" };
+  }
+  const currentDomain = parsed.hostname.toLowerCase();
+  const targetNorm = input.targetDomain.toLowerCase();
+  const isOnTarget = currentDomain === targetNorm || currentDomain.endsWith(`.${targetNorm}`);
+  if (!isOnTarget)
+    return { status: "pending", reason: "off_target_domain" };
+  if (input.hasCloudflareChallenge)
+    return { status: "blocked", reason: "cloudflare_challenge" };
+  if (input.pageText && CLOUDFLARE_TEXT.test(input.pageText))
+    return { status: "blocked", reason: "cloudflare_text" };
+  if (LOGIN_PATHS.test(parsed.pathname))
+    return { status: "pending", reason: "still_on_login_path" };
+  if (input.currentCookieCount > input.initialCookieCount) {
+    return { status: "authenticated", reason: "new_cookies_on_target" };
+  }
+  if (input.currentCookieCount > 0) {
+    return { status: "authenticated", reason: "cookies_present_on_target" };
+  }
+  return { status: "pending", reason: "no_session_cookies" };
+}
 async function interactiveLogin(url, domain) {
   const targetDomain = domain ?? new URL(url).hostname;
   const profileDir = getProfilePath(targetDomain);
@@ -6360,6 +6872,7 @@ async function interactiveLogin(url, domain) {
     const initialCookieCount = initialCookies.filter((c) => isDomainMatch(c.domain, targetDomain)).length;
     log("auth", `initial cookies for ${targetDomain}: ${initialCookieCount}`);
     let loggedIn = false;
+    let blockedReason = null;
     let lastLoggedUrl = "";
     const effectiveTimeout = loginConfig.interactive ? LOGIN_TIMEOUT_MS : loginConfig.timeout_ms;
     while (Date.now() - startTime < effectiveTimeout) {
@@ -6367,37 +6880,40 @@ async function interactiveLogin(url, domain) {
       const elapsed = Date.now() - startTime;
       try {
         const currentUrl = await getCurrentUrl(tabId);
-        const currentDomain = new URL(currentUrl).hostname.toLowerCase();
-        const targetNorm = targetDomain.toLowerCase();
         if (currentUrl !== lastLoggedUrl) {
           log("auth", `navigated to: ${currentUrl}`);
           lastLoggedUrl = currentUrl;
         }
         if (elapsed < MIN_WAIT_MS)
           continue;
-        const isOnTarget = currentDomain === targetNorm || currentDomain.endsWith("." + targetNorm);
-        if (isOnTarget) {
-          const isStillLogin = /\/(login|signin|sign-in|sso|auth|oauth|uas\/login|checkpoint)/.test(new URL(currentUrl).pathname);
-          const currentCookies = await getCookies(tabId);
-          const currentCookieCount = currentCookies.filter((c) => isDomainMatch(c.domain, targetDomain)).length;
-          const gotNewCookies = currentCookieCount > initialCookieCount;
-          if (!isStillLogin && gotNewCookies) {
-            loggedIn = true;
-            log("auth", `login complete — ${currentUrl} (cookies: ${initialCookieCount} → ${currentCookieCount})`);
-            break;
-          }
-          if (!isStillLogin && currentCookieCount > 0) {
-            loggedIn = true;
-            log("auth", `already logged in — ${currentUrl} (${currentCookieCount} cookies present)`);
-            break;
-          }
+        const currentCookies = await getCookies(tabId);
+        const currentCookieCount = currentCookies.filter((c) => isDomainMatch(c.domain, targetDomain)).length;
+        const hasCloudflareChallenge2 = await hasCloudflareChallenge(tabId).catch(() => false);
+        const pageText = hasCloudflareChallenge2 ? await getText(tabId).catch(() => "") : "";
+        const assessment = assessInteractiveLoginState({
+          currentUrl,
+          targetDomain,
+          initialCookieCount,
+          currentCookieCount,
+          hasCloudflareChallenge: hasCloudflareChallenge2,
+          pageText
+        });
+        if (assessment.status === "authenticated") {
+          loggedIn = true;
+          log("auth", `login complete — ${currentUrl} (cookies: ${initialCookieCount} → ${currentCookieCount}; ${assessment.reason})`);
+          break;
+        }
+        if (assessment.status === "blocked") {
+          blockedReason = assessment.reason;
+          log("auth", `login blocked — ${currentUrl} (${assessment.reason})`);
         }
       } catch {}
     }
     if (!loggedIn) {
       log("auth", `login wait ended after ${Math.round((Date.now() - startTime) / 1000)}s — fallback: ${loginConfig.fallback_strategy}`);
       if (loginConfig.fallback_strategy === "fail") {
-        return { success: false, domain: targetDomain, cookies_stored: 0, error: "Login timed out (fallback: fail)" };
+        const error = blockedReason ? `Login blocked (${blockedReason})` : "Login timed out (fallback: fail)";
+        return { success: false, domain: targetDomain, cookies_stored: 0, error };
       }
       if (loginConfig.fallback_strategy === "skip") {
         log("auth", `skipping cookie capture per fallback_strategy`);
@@ -6533,13 +7049,15 @@ async function refreshAuthFromBrowser(domain) {
   }
   return false;
 }
-var LOGIN_TIMEOUT_MS = 300000, POLL_INTERVAL_MS = 2000, MIN_WAIT_MS = 15000;
+var LOGIN_TIMEOUT_MS = 300000, POLL_INTERVAL_MS = 2000, MIN_WAIT_MS = 15000, LOGIN_PATHS, CLOUDFLARE_TEXT;
 var init_auth = __esm(async () => {
   init_client();
   init_domain();
   init_logger();
   init_supervisor();
   await init_vault();
+  LOGIN_PATHS = /\/(login|signin|sign-in|sso|auth|oauth|uas\/login|checkpoint)/i;
+  CLOUDFLARE_TEXT = /just a moment|attention required|verify you are human|cloudflare/i;
 });
 
 // ../../src/auth/runtime.ts
@@ -9708,6 +10226,116 @@ var init_payments = __esm(() => {
   PRICING_API_URL = process.env.UNBROWSE_BACKEND_URL ?? "https://beta-api.unbrowse.ai";
 });
 
+// ../../src/execution/robots.ts
+function parseRobotsTxt(text) {
+  const groups = [];
+  let current = null;
+  for (const rawLine of text.split(/\r?\n/)) {
+    const line = rawLine.replace(/#.*$/, "").trim();
+    if (!line) {
+      current = null;
+      continue;
+    }
+    const colon = line.indexOf(":");
+    if (colon === -1)
+      continue;
+    const field = line.slice(0, colon).trim().toLowerCase();
+    const value = line.slice(colon + 1).trim();
+    if (field === "user-agent") {
+      if (!current) {
+        current = { agents: [], disallow: [], allow: [] };
+        groups.push(current);
+      }
+      current.agents.push(value.toLowerCase());
+    } else if (field === "disallow") {
+      if (current && value)
+        current.disallow.push(value);
+    } else if (field === "allow") {
+      if (current && value)
+        current.allow.push(value);
+    } else if (field === "crawl-delay") {
+      if (current)
+        current.crawlDelay = parseFloat(value);
+    } else {
+      current = null;
+    }
+  }
+  return groups;
+}
+function selectRules(groups, agent) {
+  const lower = agent.toLowerCase();
+  const exact = groups.find((g) => g.agents.some((a) => a === lower));
+  if (exact)
+    return exact;
+  return groups.find((g) => g.agents.includes("*")) ?? null;
+}
+function pathMatches(path5, prefix) {
+  if (prefix.endsWith("$")) {
+    return path5 === prefix.slice(0, -1);
+  }
+  return path5.startsWith(prefix);
+}
+function longestMatch(path5, patterns) {
+  let best = -1;
+  for (const p of patterns) {
+    const base = p.endsWith("$") ? p.slice(0, -1) : p;
+    if (pathMatches(path5, p) && base.length > best)
+      best = base.length;
+  }
+  return best;
+}
+async function fetchRules(origin) {
+  const now = Date.now();
+  const cached = cache.get(origin);
+  if (cached && now - cached.fetchedAt < TTL_MS)
+    return cached.rules;
+  try {
+    const res = await fetch(`${origin}/robots.txt`, {
+      headers: { "user-agent": USER_AGENT },
+      redirect: "follow",
+      signal: AbortSignal.timeout(5000)
+    });
+    if (!res.ok) {
+      cache.set(origin, { rules: [], fetchedAt: now });
+      return [];
+    }
+    const text = await res.text();
+    const rules = parseRobotsTxt(text);
+    cache.set(origin, { rules, fetchedAt: now });
+    return rules;
+  } catch {
+    cache.set(origin, { rules: [], fetchedAt: now });
+    return [];
+  }
+}
+async function isAllowedByRobots(url) {
+  let origin;
+  let pathname;
+  try {
+    const parsed = new URL(url);
+    origin = parsed.origin;
+    pathname = parsed.pathname || "/";
+  } catch {
+    return true;
+  }
+  const groups = await fetchRules(origin);
+  const rules = selectRules(groups, USER_AGENT);
+  if (!rules)
+    return true;
+  const allowLen = longestMatch(pathname, rules.allow);
+  const disallowLen = longestMatch(pathname, rules.disallow);
+  if (disallowLen < 0)
+    return true;
+  if (allowLen >= disallowLen)
+    return true;
+  return false;
+}
+var USER_AGENT = "unbrowse", TTL_MS, cache;
+var init_robots = __esm(() => {
+  TTL_MS = 24 * 60 * 60 * 1000;
+  cache = new Map;
+});
+
 // ../../src/execution/index.ts
 var exports_execution = {};
 __export(exports_execution, {
@@ -10144,6 +10772,20 @@ function buildStructuredReplayHeaders(originalUrl, replayUrl, baseHeaders) {
   }
   return headers;
 }
+function normalizeReplayHeaders(...bags) {
+  const normalized = {};
+  for (const bag of bags) {
+    for (const [key, value] of Object.entries(bag ?? {})) {
+      if (typeof value !== "string")
+        continue;
+      const trimmed = value.trim();
+      if (!trimmed)
+        continue;
+      normalized[key.toLowerCase()] = trimmed;
+    }
+  }
+  return normalized;
+}
 function shouldFallbackToBrowserReplay(data, endpoint, intent, contextUrl) {
   const replayUrl = resolveExecutionUrlTemplate(endpoint, contextUrl);
   if (!isDocumentLikeUrl(replayUrl))
@@ -10540,11 +11182,11 @@ async function executeBrowserCapture(skill, params, options) {
     }
   })();
   const AUTH_PROVIDERS = /accounts\.google\.com|login\.microsoftonline\.com|auth0\.com|cognito-idp\.|appleid\.apple\.com|github\.com|facebook\.com/i;
-  const LOGIN_PATHS = /\/(login|signin|sign-in|sso|auth|uas\/login|checkpoint|oauth)/i;
+  const LOGIN_PATHS2 = /\/(login|signin|sign-in|sso|auth|uas\/login|checkpoint|oauth)/i;
   const redirectedToAuth = finalDomain !== targetDomain && AUTH_PROVIDERS.test(finalDomain);
   const redirectedToLogin = captured.final_url !== url && (() => {
     try {
-      return LOGIN_PATHS.test(new URL(String(captured.final_url)).pathname);
+      return LOGIN_PATHS2.test(new URL(String(captured.final_url)).pathname);
     } catch {
       return false;
     }
@@ -10651,7 +11293,7 @@ async function executeBrowserCapture(skill, params, options) {
   const cleanEndpoints = endpoints.filter((ep) => {
     try {
       const host = new URL(ep.url_template).hostname;
-      return !AUTH_PROVIDERS.test(host) && !LOGIN_PATHS.test(new URL(ep.url_template).pathname);
+      return !AUTH_PROVIDERS.test(host) && !LOGIN_PATHS2.test(new URL(ep.url_template).pathname);
     } catch {
       return true;
     }
@@ -11067,9 +11709,9 @@ async function executeEndpoint(skill, endpoint, params = {}, projection, options
     }
   }
   if (!skill.skill_id.startsWith("local:") && skill.execution_type === "http" && skill.owner_type !== "agent") {
-    const walletAddr = process.env.LOBSTER_WALLET_ADDRESS;
+    const wallet = getLocalWalletContext2();
     const gate = await checkPaymentRequirement(skill.skill_id, endpoint.endpoint_id, {
-      wallet_configured: !!walletAddr
+      wallet_configured: !!wallet.wallet_address
     });
     if (gate.status === "payment_required" || gate.status === "wallet_not_configured" || gate.status === "insufficient_balance") {
       const trace2 = stampTrace({
@@ -11089,7 +11731,8 @@ async function executeEndpoint(skill, endpoint, params = {}, projection, options
           price_usd: gate.requirement?.amount,
           payment_status: gate.status,
           message: gate.message,
-          wallet_provider: "lobster.cash",
+          wallet_provider: wallet.wallet_provider ?? "lobster.cash",
+          wallet_address: wallet.wallet_address,
           indexing_fallback_available: true
         }
       };
@@ -11258,14 +11901,39 @@ async function executeEndpoint(skill, endpoint, params = {}, projection, options
       } catch {}
     }
   }
+  const hasAuthContext = cookies.length > 0 || Object.keys(authHeaders).length > 0 || !!skill.auth_profile_ref || endpoint.semantic?.auth_required === true;
+  if (!options?.skip_robots_check && !hasAuthContext) {
+    const allowed = await isAllowedByRobots(url);
+    if (!allowed) {
+      const traceId = nanoid5();
+      log("exec", `robots.txt blocked ${url}`);
+      return {
+        trace: stampTrace({
+          trace_id: traceId,
+          skill_id: skill.skill_id,
+          endpoint_id: endpoint.endpoint_id,
+          started_at: startedAt,
+          completed_at: new Date().toISOString(),
+          success: false,
+          error: "robots_txt_disallowed"
+        }),
+        result: {
+          error: "robots_txt_disallowed",
+          message: `robots.txt disallows access to ${url} for the Unbrowse user-agent.`
+        }
+      };
+    }
+  }
   const structuredReplayUrl = isSafe ? deriveStructuredDataReplayUrl(url) : url;
   const hasStructuredReplay = structuredReplayUrl !== url;
   const serverFetch = async () => {
-    const defaultAccept = !endpoint.dom_extraction && !endpoint.headers_template?.["accept"] ? { accept: "application/json" } : {};
+    const endpointHeaders = normalizeReplayHeaders(endpoint.headers_template);
+    const sessionHeaders = normalizeReplayHeaders(authHeaders);
+    const defaultAccept = !endpoint.dom_extraction && !endpointHeaders["accept"] && !sessionHeaders["accept"] ? { accept: "application/json" } : {};
     const headers = {
       ...defaultAccept,
-      ...endpoint.headers_template,
-      ...authHeaders
+      ...endpointHeaders,
+      ...sessionHeaders
     };
     delete headers["sec-ch-ua"];
     delete headers["sec-ch-ua-mobile"];
@@ -11279,7 +11947,7 @@ async function executeEndpoint(skill, endpoint, params = {}, projection, options
       headers["cookie"] = cookieStr;
       const csrfCookie = cookies.find((c) => /^(ct0|csrf_token|_csrf|csrftoken|XSRF-TOKEN|_xsrf)$/i.test(c.name));
       if (csrfCookie) {
-        const v = csrfCookie.value.startsWith(") && csrfCookie.value.endsWith(") ? csrfCookie.value.slice(1, -1) : csrfCookie.value;
+        const v = csrfCookie.value.startsWith('"') && csrfCookie.value.endsWith('"') ? csrfCookie.value.slice(1, -1) : csrfCookie.value;
         headers["x-csrf-token"] = v;
         headers["x-xsrf-token"] = v;
       }
@@ -11289,7 +11957,7 @@ async function executeEndpoint(skill, endpoint, params = {}, projection, options
       if (csrfCookie) {
         const v = csrfCookie.value.startsWith('"') && csrfCookie.value.endsWith('"') ? csrfCookie.value.slice(1, -1) : csrfCookie.value;
         if (endpoint.csrf_plan.source === "cookie" || endpoint.csrf_plan.source === "header") {
-          headers[endpoint.csrf_plan.param_name.toLowerCase()] ??= v;
+          headers[endpoint.csrf_plan.param_name.toLowerCase()] = v;
         } else if (endpoint.csrf_plan.source === "form" && body && typeof body === "object" && !Array.isArray(body)) {
           body[endpoint.csrf_plan.param_name] ??= v;
         }
@@ -11588,6 +12256,7 @@ async function executeEndpoint(skill, endpoint, params = {}, projection, options
       }
     })();
     if (consumerConfig.agent_id) {
+      const wallet = getLocalWalletContext2();
       recordTransaction({
         transaction_id: trace.trace_id,
         consumer_id: consumerConfig.agent_id,
@@ -11595,7 +12264,7 @@ async function executeEndpoint(skill, endpoint, params = {}, projection, options
         skill_id: skill.skill_id,
         endpoint_id: endpoint.endpoint_id,
         price_usd: skill.base_price_usd,
-        payment_proof: process.env.LOBSTER_WALLET_ADDRESS ? `wallet:${process.env.LOBSTER_WALLET_ADDRESS}` : undefined
+        payment_proof: wallet.wallet_address ? `wallet:${wallet.wallet_address}` : undefined
       }).catch(() => {});
     }
   }
@@ -12195,6 +12864,7 @@ var init_execution = __esm(async () => {
   init_version();
   init_search_forms();
   init_payments();
+  init_robots();
   await __promiseAll([
     init_vault(),
     init_auth(),
@@ -13145,8 +13815,56 @@ var init_first_pass_action = __esm(() => {
   init_client();
 });
 
-// ../../src/payments/wallet.ts
-function checkWalletConfigured() {
+// ../../src/orchestrator/timing-economics.ts
+function computeTimingEconomics({
+  source,
+  totalMs,
+  result,
+  skill,
+  paidSearchUc = 0,
+  paidExecutionUc = 0
+}) {
+  const resultStr = typeof result === "string" ? result : JSON.stringify(result ?? "");
+  const responseBytes = resultStr.length;
+  const responseTokens = Math.ceil(responseBytes / CHARS_PER_TOKEN);
+  const actualCostUc = responseTokens * TOKEN_COST_UC + paidSearchUc + paidExecutionUc;
+  const economics = {
+    response_bytes: responseBytes,
+    response_tokens: responseTokens,
+    tokens_saved: 0,
+    tokens_saved_pct: 0,
+    time_saved_pct: 0,
+    actual_cost_uc: actualCostUc
+  };
+  if (!SAVINGS_SOURCES.has(source))
+    return economics;
+  const baselineTokens = skill?.discovery_cost?.capture_tokens ?? DEFAULT_CAPTURE_TOKENS;
+  const baselineMs = skill?.discovery_cost?.capture_ms ?? DEFAULT_CAPTURE_MS;
+  const baselineCostUc = baselineTokens * TOKEN_COST_UC;
+  economics.tokens_saved = Math.max(0, baselineTokens - responseTokens);
+  economics.tokens_saved_pct = baselineTokens > 0 ? Math.round(economics.tokens_saved / baselineTokens * 100) : 0;
+  economics.time_saved_pct = baselineMs > 0 ? Math.round(Math.max(0, baselineMs - totalMs) / baselineMs * 100) : 0;
+  economics.baseline_total_ms = baselineMs;
+  economics.time_saved_ms = Math.max(0, baselineMs - totalMs);
+  economics.baseline_cost_uc = baselineCostUc;
+  economics.cost_saved_uc = Math.max(0, baselineCostUc - actualCostUc);
+  economics.baseline_source = skill?.discovery_cost ? "real" : "estimated";
+  return economics;
+}
+var DEFAULT_CAPTURE_MS = 22000, DEFAULT_CAPTURE_TOKENS = 30000, CHARS_PER_TOKEN = 4, TOKEN_COST_PER_MILLION_USD = 3, TOKEN_COST_UC, SAVINGS_SOURCES;
+var init_timing_economics = __esm(() => {
+  TOKEN_COST_UC = Math.round(TOKEN_COST_PER_MILLION_USD);
+  SAVINGS_SOURCES = new Set([
+    "marketplace",
+    "route-cache",
+    "first-pass",
+    "direct-fetch",
+    "browser-action"
+  ]);
+});
+
+// ../../src/payments/wallet.ts
+function checkWalletConfigured() {
   if (process.env.LOBSTER_WALLET_ADDRESS) {
     return { configured: true, provider: "lobster.cash" };
   }
@@ -13581,6 +14299,31 @@ function isSearchLikeIntent(intent, contextUrl) {
     return false;
   }
 }
+function buildLocalCanonicalReplaySkill(intent, contextUrl) {
+  const endpoint = buildCanonicalDocumentEndpoint(contextUrl, intent, false);
+  if (!endpoint)
+    return;
+  const domain = new URL(contextUrl).hostname.replace(/^www\./, "");
+  const now = new Date().toISOString();
+  const skill = {
+    skill_id: `canonical-${createHash7("sha1").update(contextUrl).digest("hex").slice(0, 12)}`,
+    version: "1.0.0",
+    schema_version: "1",
+    name: `Canonical replay for ${domain}`,
+    intent_signature: intent,
+    intents: [intent],
+    domain,
+    description: `Deterministic structured replay for ${contextUrl}`,
+    owner_type: "agent",
+    execution_type: "http",
+    endpoints: [endpoint],
+    lifecycle: "active",
+    created_at: now,
+    updated_at: now
+  };
+  cachePublishedSkill(skill);
+  return skill;
+}
 function isCachedSkillRelevantForIntent(skill, intent, contextUrl) {
   if (!hasUsableEndpoints(skill))
     return false;
@@ -14392,9 +15135,6 @@ async function resolveAndExecute(intent, params = {}, context, projection, optio
   const queryIntent = selectSearchTermsForExecution(intent) ?? extractSearchTermsFromIntent(intent) ?? intent;
   if (queryIntent !== intent)
     decisionTrace.query_intent = queryIntent;
-  const DEFAULT_CAPTURE_MS = 22000;
-  const DEFAULT_CAPTURE_TOKENS = 30000;
-  const CHARS_PER_TOKEN = 4;
   const agentChoseEndpoint = !!params.endpoint_id;
   const forceCapture = !!options?.force_capture;
   const clientScope = options?.client_scope ?? "global";
@@ -14418,32 +15158,33 @@ async function resolveAndExecute(intent, params = {}, context, projection, optio
     timing.actual_total_ms = timing.total_ms;
     timing.source = source;
     timing.skill_id = skillId;
-    const resultStr = typeof result2 === "string" ? result2 : JSON.stringify(result2 ?? "");
-    timing.response_bytes = resultStr.length;
-    const responseTokens = Math.ceil(resultStr.length / CHARS_PER_TOKEN);
-    const cost = skill?.discovery_cost;
-    const baselineTokens = cost?.capture_tokens ?? DEFAULT_CAPTURE_TOKENS;
-    const baselineMs = cost?.capture_ms ?? DEFAULT_CAPTURE_MS;
-    const paidSearchUc = timing.paid_search_uc ?? 0;
-    const paidExecutionUc = timing.paid_execution_uc ?? 0;
-    const totalActualCostUc = paidSearchUc + paidExecutionUc;
-    if (totalActualCostUc > 0)
-      timing.actual_cost_uc = totalActualCostUc;
-    if (source === "marketplace" || source === "route-cache" || source === "first-pass") {
-      timing.tokens_saved = Math.max(0, baselineTokens - responseTokens);
-      timing.tokens_saved_pct = baselineTokens > 0 ? Math.round(timing.tokens_saved / baselineTokens * 100) : 0;
-      timing.time_saved_pct = baselineMs > 0 ? Math.round(Math.max(0, baselineMs - timing.total_ms) / baselineMs * 100) : 0;
-    }
-    if (cost?.capture_ms != null) {
-      timing.baseline_total_ms = cost.capture_ms;
-      timing.time_saved_ms = Math.max(0, cost.capture_ms - timing.total_ms);
-    }
+    const economics = computeTimingEconomics({
+      source,
+      totalMs: timing.total_ms,
+      result: result2,
+      skill,
+      paidSearchUc: timing.paid_search_uc ?? 0,
+      paidExecutionUc: timing.paid_execution_uc ?? 0
+    });
+    timing.response_bytes = economics.response_bytes;
+    timing.tokens_saved = economics.tokens_saved;
+    timing.tokens_saved_pct = economics.tokens_saved_pct;
+    timing.time_saved_pct = economics.time_saved_pct;
+    timing.actual_cost_uc = economics.actual_cost_uc;
+    if (economics.baseline_total_ms != null)
+      timing.baseline_total_ms = economics.baseline_total_ms;
+    if (economics.time_saved_ms != null)
+      timing.time_saved_ms = economics.time_saved_ms;
+    if (economics.baseline_cost_uc != null)
+      timing.baseline_cost_uc = economics.baseline_cost_uc;
+    if (economics.cost_saved_uc != null)
+      timing.cost_saved_uc = economics.cost_saved_uc;
     if (trace2) {
-      trace2.tokens_used = responseTokens;
+      trace2.tokens_used = economics.response_tokens;
       trace2.tokens_saved = timing.tokens_saved;
       trace2.tokens_saved_pct = timing.tokens_saved_pct;
     }
-    console.log(`[perf] ${source}: ${timing.total_ms}ms (time_saved=${timing.time_saved_pct}% tokens_saved=${timing.tokens_saved_pct}%${cost ? " [real baseline]" : " [estimated]"})`);
+    console.log(`[perf] ${source}: ${timing.total_ms}ms (time_saved=${timing.time_saved_pct}% tokens_saved=${timing.tokens_saved_pct}%${economics.baseline_source === "real" ? " [real baseline]" : economics.baseline_source === "estimated" ? " [estimated]" : ""})`);
     const lifecycleSource = source === "marketplace" ? "marketplace" : source === "route-cache" ? "cache" : "live-capture";
     const skillIdForLifecycle = skillId ?? "unknown";
     const now = new Date().toISOString();
@@ -14553,6 +15294,7 @@ async function resolveAndExecute(intent, params = {}, context, projection, optio
       result: {
         message: `Found ${epRanked.length} endpoint(s). Pick one and call POST /v1/skills/${resolvedSkill.skill_id}/execute with params.endpoint_id.`,
         skill_id: resolvedSkill.skill_id,
+        suggested_next_operation_id: chunk.available_operation_ids[0],
         available_operations: chunk.operations.map((operation) => ({
           operation_id: operation.operation_id,
           endpoint_id: operation.endpoint_id,
@@ -14953,6 +15695,7 @@ async function resolveAndExecute(intent, params = {}, context, projection, optio
           if (source === "marketplace" && skill.base_price_usd && skill.base_price_usd > 0) {
             try {
               const walletCheck = checkWalletConfigured();
+              const wallet = getLocalWalletContext2();
               const paymentResult = await checkPaymentRequirement(skill.skill_id, candidate.endpoint.endpoint_id, {
                 price_usd: String(skill.base_price_usd),
                 wallet_configured: walletCheck.configured
@@ -14970,7 +15713,8 @@ async function resolveAndExecute(intent, params = {}, context, projection, optio
                       payment_status: paymentResult.status,
                       message: paymentResult.message,
                       next_step: paymentResult.next_step,
-                      wallet_provider: "lobster.cash",
+                      wallet_provider: wallet.wallet_provider ?? "lobster.cash",
+                      wallet_address: wallet.wallet_address,
                       indexing_fallback_available: true
                     },
                     trace: execOut.trace,
@@ -15308,6 +16052,14 @@ async function resolveAndExecute(intent, params = {}, context, projection, optio
       ]);
     } catch (err) {
       if (isX402Error(err)) {
+        const localCanonicalSkill = context?.url && !isSearchLikeIntent(queryIntent, context.url) ? buildLocalCanonicalReplaySkill(queryIntent, context.url) : undefined;
+        if (localCanonicalSkill) {
+          const deferred2 = await buildDeferralWithAutoExec(localCanonicalSkill, "marketplace", {
+            local_canonical_replay: true,
+            payment_bypass: "canonical-detail-page"
+          });
+          return deferred2.orchestratorResult;
+        }
         const trace2 = {
           trace_id: nanoid7(),
           skill_id: "marketplace-search",
@@ -15322,7 +16074,8 @@ async function resolveAndExecute(intent, params = {}, context, projection, optio
           result: {
             error: "payment_required",
             payment_status: "payment_required",
-            wallet_provider: "lobster.cash",
+            wallet_provider: getLocalWalletContext2().wallet_provider ?? "lobster.cash",
+            wallet_address: getLocalWalletContext2().wallet_address,
             message: "Marketplace search requires payment before shared graph results are returned.",
             next_step: "Pay the Tier 3 search fee, or re-run with force capture for free local discovery.",
             indexing_fallback_available: true,
@@ -15964,6 +16717,7 @@ var init_orchestrator = __esm(async () => {
   init_trace_store();
   init_passive_publish();
   init_first_pass_action();
+  init_timing_economics();
   init_payments();
   init_version();
   init_runtime();
@@ -16557,189 +17311,1024 @@ var init_session_logs = __esm(() => {
   init_domain();
 });
 
-// ../../src/verification/matrix.ts
-function computeVerificationCoverage(matrix) {
-  if (matrix.length === 0)
-    return 0;
-  const tested = matrix.filter((c) => c.status !== "untested").length;
-  return tested / matrix.length;
+// ../../src/agent-outcome.ts
+function edgePriority(kind) {
+  switch (kind) {
+    case "parent_child":
+      return 4;
+    case "pagination":
+      return 3;
+    case "dependency":
+      return 2;
+    case "hint":
+      return 1;
+    case "auth":
+      return 0;
+    default:
+      return -1;
+  }
 }
-var INITIAL_MATRIX;
-var init_matrix = __esm(() => {
-  INITIAL_MATRIX = [
-    { host: "openclaw", capability: "capture", status: "pass", last_verified: "2026-03-31" },
-    { host: "openclaw", capability: "execute", status: "pass", last_verified: "2026-03-31" },
-    { host: "openclaw", capability: "search", status: "pass", last_verified: "2026-03-31" },
-    { host: "mcp", capability: "execute", status: "pass", last_verified: "2026-03-31" },
-    { host: "mcp", capability: "search", status: "pass", last_verified: "2026-03-31" },
-    { host: "cli", capability: "capture", status: "pass", last_verified: "2026-03-31" },
-    { host: "cli", capability: "execute", status: "pass", last_verified: "2026-03-31" },
-    { host: "cli", capability: "search", status: "pass", last_verified: "2026-03-31" },
-    { host: "cli", capability: "publish", status: "pass", last_verified: "2026-03-31" },
-    { host: "hermes", capability: "execute", status: "untested" },
-    { host: "elizaos", capability: "execute", status: "untested" },
-    { host: "langchain", capability: "execute", status: "untested" },
-    { host: "langchain", capability: "search", status: "untested" }
-  ];
+function nextActionWhy(kind, bindingKey, title) {
+  switch (kind) {
+    case "parent_child":
+      return `Likely next detail step after this result. Exposes ${title}.`;
+    case "pagination":
+      return `Likely next page or continuation step. Carries ${bindingKey || "cursor"} forward.`;
+    case "dependency":
+      return `Unlocks the next dependent call using ${bindingKey || "known bindings"}.`;
+    case "auth":
+      return "Useful once authentication is in place.";
+    case "hint":
+      return "Common follow-up action from the current result.";
+    default:
+      return "Likely follow-up action.";
+  }
+}
+function operationTitle(operation) {
+  const semantic = [operation.action_kind, operation.resource_kind].filter(Boolean).join(" ").replace(/_/g, " ").trim();
+  return operation.description_out || semantic || operation.endpoint_id;
+}
+function buildAgentImpact(timing) {
+  if (!timing?.source)
+    return;
+  return {
+    source: timing.source,
+    cache_hit: timing.cache_hit === true,
+    browser_avoided: !BROWSER_SOURCES.has(timing.source),
+    baseline_total_ms: timing.baseline_total_ms,
+    actual_total_ms: timing.actual_total_ms,
+    time_saved_ms: timing.time_saved_ms,
+    time_saved_pct: timing.time_saved_pct ?? 0,
+    tokens_saved: timing.tokens_saved ?? 0,
+    tokens_saved_pct: timing.tokens_saved_pct ?? 0,
+    baseline_cost_uc: timing.baseline_cost_uc,
+    actual_cost_uc: timing.actual_cost_uc,
+    cost_saved_uc: timing.cost_saved_uc
+  };
+}
+function buildNextActions(skill, endpointId, maxActions = 3) {
+  if (!skill?.operation_graph || !endpointId)
+    return [];
+  const graph = skill.operation_graph;
+  const current = graph.operations.find((operation) => operation.endpoint_id === endpointId);
+  if (!current)
+    return [];
+  const byOperationId = new Map(graph.operations.map((operation) => [operation.operation_id, operation]));
+  const scored = new Map;
+  for (const edge of graph.edges) {
+    if (edge.from_operation_id !== current.operation_id)
+      continue;
+    const target = byOperationId.get(edge.to_operation_id);
+    if (!target)
+      continue;
+    const candidate = {
+      operation_id: target.operation_id,
+      endpoint_id: target.endpoint_id,
+      title: operationTitle(target),
+      why: nextActionWhy(edge.kind, edge.binding_key, operationTitle(target)),
+      score: edgePriority(edge.kind) * 10 + Math.round(edge.confidence * 10)
+    };
+    const existing = scored.get(target.operation_id);
+    if (!existing || candidate.score > existing.score) {
+      scored.set(target.operation_id, candidate);
+    }
+  }
+  return [...scored.values()].sort((a, b) => b.score - a.score || a.title.localeCompare(b.title)).slice(0, maxActions).map((candidate) => ({
+    endpoint_id: candidate.endpoint_id,
+    operation_id: candidate.operation_id,
+    title: candidate.title,
+    why: candidate.why,
+    command: `unbrowse execute --skill ${skill.skill_id} --endpoint ${candidate.endpoint_id}`
+  }));
+}
+function attachAgentOutcomeHints(payload, opts) {
+  const target = payload;
+  const impact = buildAgentImpact(opts?.timing);
+  if (impact) {
+    target.impact = impact;
+  }
+  const nextActions = buildNextActions(opts?.skill, opts?.endpointId);
+  if (nextActions.length > 0) {
+    target.next_actions = nextActions;
+  }
+  return target;
+}
+var BROWSER_SOURCES;
+var init_agent_outcome = __esm(() => {
+  BROWSER_SOURCES = new Set(["live-capture", "first-pass", "browser-action"]);
 });
 
-// ../../src/verification/index.ts
-var exports_verification = {};
-__export(exports_verification, {
-  verifySkillWithCoverage: () => verifySkillWithCoverage,
-  verifySkill: () => verifySkill,
-  verifyEndpoint: () => verifyEndpoint,
-  schedulePeriodicVerification: () => schedulePeriodicVerification
-});
-async function verifyEndpoint(skill, endpoint) {
-  if (endpoint.method !== "GET")
-    return endpoint.verification_status;
+// ../../src/api/browse-session.ts
+function extractBrowseFailureMessage(value) {
+  return typeof value === "string" ? value : getKuriErrorMessage(value);
+}
+function isRecoverableBrowseFailure(value) {
+  const message = extractBrowseFailureMessage(value);
+  if (!message)
+    return false;
+  const normalized = message.toLowerCase();
+  return RECOVERABLE_BROWSE_FAILURES.some((needle) => normalized.includes(needle));
+}
+async function createBrowseSession(sessions, client, injectInterceptor2) {
+  await client.start().catch(() => {});
+  const tabId = await client.newTab();
+  await client.harStart(tabId).catch(() => {});
+  await injectInterceptor2(tabId);
+  const session = { tabId, url: "about:blank", harActive: true, domain: "" };
+  sessions.set("default", session);
+  return session;
+}
+function extractDomain2(url) {
+  if (!url)
+    return "";
   try {
-    const { status, data } = await executeInBrowser(endpoint.url_template, endpoint.method, endpoint.headers_template ?? {}, undefined, undefined, undefined);
-    if (status < 200 || status >= 300) {
-      await updateEndpointScore2(skill.skill_id, endpoint.endpoint_id, endpoint.reliability_score, "failed");
-      return "failed";
-    }
-    let hasCriticalDrift = false;
-    if (endpoint.response_schema && data != null) {
-      const drift = detectSchemaDrift(endpoint.response_schema, data);
-      if (drift.drifted && (drift.removed_fields.length > 0 || drift.type_changes.length > 0)) {
-        hasCriticalDrift = true;
-      }
-    }
-    const newStatus = hasCriticalDrift ? "pending" : "verified";
-    const newScore = endpoint.verification_status === "disabled" && newStatus === "verified" ? 0.5 : endpoint.reliability_score;
-    await updateEndpointScore2(skill.skill_id, endpoint.endpoint_id, newScore, newStatus);
-    const fullSkill = await getSkill2(skill.skill_id);
-    if (fullSkill) {
-      const ep = fullSkill.endpoints.find((e) => e.endpoint_id === endpoint.endpoint_id);
-      if (ep)
-        ep.last_verified_at = new Date().toISOString();
-    }
-    return newStatus;
+    return new URL(url).hostname.replace(/^www\./, "");
   } catch {
-    await updateEndpointScore2(skill.skill_id, endpoint.endpoint_id, endpoint.reliability_score, "failed");
-    return "failed";
+    return "";
   }
 }
-async function verifySkill(skill) {
-  const results = {};
-  for (const endpoint of skill.endpoints) {
-    results[endpoint.endpoint_id] = await verifyEndpoint(skill, endpoint);
+async function adoptExistingBrowseTab(sessions, client, injectInterceptor2, preferredDomain) {
+  try {
+    const tabs = await client.discoverTabs();
+    const normalizedPreferred = preferredDomain?.replace(/^www\./, "") ?? "";
+    const candidate = tabs.find((tab) => {
+      const domain = extractDomain2(tab.url);
+      return !!domain && !!normalizedPreferred && domain === normalizedPreferred;
+    }) ?? tabs.find((tab) => /^https?:\/\//.test(tab.url ?? ""));
+    if (!candidate?.id)
+      return null;
+    await client.harStart(candidate.id).catch(() => {});
+    await injectInterceptor2(candidate.id);
+    const session = {
+      tabId: candidate.id,
+      url: candidate.url ?? "about:blank",
+      harActive: true,
+      domain: extractDomain2(candidate.url)
+    };
+    sessions.set("default", session);
+    return session;
+  } catch {
+    return null;
   }
-  return results;
 }
-async function verifySkillWithCoverage(skill, matrix = INITIAL_MATRIX) {
-  const results = await verifySkill(skill);
-  const coverage = computeVerificationCoverage(matrix);
-  return { results, coverage };
+async function dropBrowseSession(sessions, client, session) {
+  if (!session)
+    return;
+  await client.closeTab(session.tabId).catch(() => {});
+  if (sessions.get("default")?.tabId === session.tabId) {
+    sessions.delete("default");
+  }
 }
-function schedulePeriodicVerification() {
-  return setInterval(async () => {
-    const skills = await listSkills2();
-    const now = Date.now();
-    for (const skill of skills) {
-      if (skill.lifecycle !== "active")
-        continue;
-      for (const endpoint of skill.endpoints) {
-        if (endpoint.method !== "GET")
-          continue;
-        const isDisabled = endpoint.verification_status === "disabled";
-        const lastVerified = endpoint.last_verified_at ? new Date(endpoint.last_verified_at).getTime() : 0;
-        if (isDisabled || now - lastVerified > STALE_THRESHOLD_MS) {
-          await verifyEndpoint(skill, endpoint).catch(() => {});
-        }
-      }
+async function isBrowseSessionLive(session, client) {
+  if (!session.tabId)
+    return false;
+  try {
+    const tabs = await client.discoverTabs();
+    if (!tabs.some((tab) => tab.id === session.tabId))
+      return false;
+    const currentUrl = await client.getCurrentUrl(session.tabId);
+    return typeof currentUrl === "string" && currentUrl.length > 0;
+  } catch {
+    return false;
+  }
+}
+async function resetBrowseSession(sessions, client, injectInterceptor2) {
+  const existing = sessions.get("default");
+  const preferredDomain = existing?.domain || extractDomain2(existing?.url);
+  await dropBrowseSession(sessions, client, existing);
+  const adopted = await adoptExistingBrowseTab(sessions, client, injectInterceptor2, preferredDomain);
+  if (adopted)
+    return adopted;
+  return createBrowseSession(sessions, client, injectInterceptor2);
+}
+async function getOrCreateBrowseSession(sessions, client, injectInterceptor2) {
+  const existing = sessions.get("default");
+  if (existing && await isBrowseSessionLive(existing, client))
+    return existing;
+  const preferredDomain = existing?.domain || extractDomain2(existing?.url);
+  if (existing)
+    await dropBrowseSession(sessions, client, existing);
+  const adopted = await adoptExistingBrowseTab(sessions, client, injectInterceptor2, preferredDomain);
+  if (adopted)
+    return adopted;
+  return createBrowseSession(sessions, client, injectInterceptor2);
+}
+async function withRecoveredBrowseSession(sessions, client, injectInterceptor2, run, shouldReset) {
+  let session = await getOrCreateBrowseSession(sessions, client, injectInterceptor2);
+  try {
+    const result2 = await run(session);
+    if (!shouldReset || !shouldReset(result2)) {
+      return { session, result: result2, recovered: false };
     }
-  }, VERIFICATION_INTERVAL_MS);
+  } catch (error) {
+    if (!isRecoverableBrowseFailure(error))
+      throw error;
+  }
+  session = await resetBrowseSession(sessions, client, injectInterceptor2);
+  const result = await run(session);
+  return { session, result, recovered: true };
 }
-var VERIFICATION_INTERVAL_MS, STALE_THRESHOLD_MS;
-var init_verification = __esm(() => {
-  init_capture();
-  init_marketplace();
-  init_marketplace();
-  init_drift();
-  init_matrix();
-  VERIFICATION_INTERVAL_MS = 6 * 60 * 60 * 1000;
-  STALE_THRESHOLD_MS = 24 * 60 * 60 * 1000;
+var RECOVERABLE_BROWSE_FAILURES;
+var init_browse_session = __esm(() => {
+  init_client();
+  RECOVERABLE_BROWSE_FAILURES = [
+    "cdp command failed",
+    "transport closed",
+    "target closed",
+    "tab not found",
+    "session closed",
+    "execution context was destroyed",
+    "cannot find context with specified id",
+    "no such target"
+  ];
 });
 
-// ../../src/api/routes.ts
-var exports_routes = {};
-__export(exports_routes, {
-  registerRoutes: () => registerRoutes,
-  registerBrowseSession: () => registerBrowseSession,
-  buildAnalyticsSessionPayload: () => buildAnalyticsSessionPayload
-});
+// ../../src/api/browse-index.ts
 import { nanoid as nanoid8 } from "nanoid";
-import { writeFileSync as writeFileSync8, existsSync as existsSync12, mkdirSync as mkdirSync9 } from "fs";
-import { join as join12 } from "path";
-function buildAnalyticsSessionPayload(result, opts) {
-  const source = result.timing?.source ?? result.source;
-  const apiCalls = result.trace.endpoint_id ? 1 : 0;
-  const cachedSkillCalls = opts.cached_skill_calls ?? (apiCalls > 0 && source !== "live-capture" && source !== "first-pass" ? 1 : 0);
-  const freshIndexCalls = opts.fresh_index_calls ?? (apiCalls > 0 && (source === "live-capture" || source === "first-pass") ? 1 : 0);
-  return {
-    session_id: result.trace.trace_id,
-    started_at: result.trace.started_at,
-    completed_at: result.trace.completed_at,
-    trace_version: result.trace.trace_version ?? TRACE_VERSION,
-    api_calls: apiCalls,
-    discovery_queries: opts.discovery_queries,
-    cached_skill_calls: cachedSkillCalls,
-    fresh_index_calls: freshIndexCalls,
-    browser_mode: opts.browser_mode ?? "unknown"
-  };
+import { readFileSync as readFileSync9 } from "node:fs";
+function normalizeBrowseUrl(url, baseUrl) {
+  if (!url)
+    return url;
+  try {
+    return new URL(url).toString();
+  } catch {
+    if (!baseUrl)
+      return url;
+    try {
+      return new URL(url, baseUrl).toString();
+    } catch {
+      return url;
+    }
+  }
 }
-function harEntriesToRawRequests(entries) {
-  return entries.filter((e) => e.request && e.response).map((e) => ({
-    url: e.request.url,
-    method: e.request.method,
-    request_headers: Object.fromEntries((e.request.headers ?? []).map((h) => [h.name.toLowerCase(), h.value])),
-    request_body: e.request.postData?.text,
-    response_status: e.response.status,
-    response_headers: Object.fromEntries((e.response.headers ?? []).map((h) => [h.name.toLowerCase(), h.value])),
-    response_body: e.response.content?.text,
-    timestamp: e.startedDateTime ?? new Date().toISOString()
+function harEntriesToRawRequests(entries, baseUrl) {
+  return entries.filter((entry) => entry.request && entry.response).map((entry) => ({
+    url: normalizeBrowseUrl(entry.request.url, baseUrl),
+    method: entry.request.method,
+    request_headers: Object.fromEntries((entry.request.headers ?? []).map((header) => [header.name.toLowerCase(), header.value])),
+    request_body: entry.request.postData?.text,
+    response_status: entry.response.status,
+    response_headers: Object.fromEntries((entry.response.headers ?? []).map((header) => [header.name.toLowerCase(), header.value])),
+    response_body: entry.response.content?.text,
+    timestamp: entry.startedDateTime ?? new Date().toISOString()
   }));
 }
-function passiveIndexFromRequests(requests, pageUrl) {
-  if (requests.length === 0)
-    return;
+function buildBrowseRequestKey(request) {
+  return [
+    request.method,
+    request.url,
+    typeof request.request_body === "string" ? request.request_body : JSON.stringify(request.request_body ?? null)
+  ].join(":");
+}
+function mergeBrowseRequests(intercepted, harEntries, baseUrl) {
+  const normalizedIntercepted = intercepted.map((request) => ({
+    ...request,
+    url: normalizeBrowseUrl(request.url, baseUrl)
+  }));
+  const harRequests = harEntriesToRawRequests(harEntries, baseUrl);
+  const seen = new Set;
+  const allRequests = [];
+  for (const request of normalizedIntercepted) {
+    const key = buildBrowseRequestKey(request);
+    if (!seen.has(key)) {
+      seen.add(key);
+      allRequests.push(request);
+    }
+  }
+  for (const request of harRequests) {
+    const key = buildBrowseRequestKey(request);
+    if (!seen.has(key)) {
+      seen.add(key);
+      allRequests.push(request);
+    }
+  }
+  return allRequests;
+}
+async function cacheBrowseRequests(params) {
+  const { sessionUrl, sessionDomain, requests, getPageHtml: getPageHtml2 } = params;
   let domain;
   try {
-    domain = new URL(pageUrl).hostname;
+    domain = new URL(sessionUrl).hostname;
   } catch {
-    return;
-  }
-  const intent = `browse ${domain}`;
-  (async () => {
-    try {
-      const rawEndpoints = extractEndpoints(requests, undefined, { pageUrl, finalUrl: pageUrl });
-      if (rawEndpoints.length === 0) {
-        console.log(`[passive-index] ${domain}: 0 endpoints from ${requests.length} requests`);
-        return;
-      }
-      const capturedAuthHeaders = extractAuthHeaders(requests);
-      if (Object.keys(capturedAuthHeaders).length > 0) {
-        const authKey = `${domain}-session`;
-        await storeCredential(authKey, JSON.stringify({ headers: capturedAuthHeaders }));
-      }
-      const existingSkill = findExistingSkillForDomain(domain, intent);
-      const mergedEndpoints = existingSkill ? mergeEndpoints(existingSkill.endpoints, rawEndpoints) : rawEndpoints;
-      if (existingSkill && mergedEndpoints.length < existingSkill.endpoints.length) {
-        console.log(`[passive-index] ${domain}: skipping — would reduce ${existingSkill.endpoints.length} → ${mergedEndpoints.length} endpoints`);
-        return;
+    domain = sessionDomain;
+  }
+  const rawEndpoints = extractEndpoints(requests, undefined, { pageUrl: sessionUrl, finalUrl: sessionUrl });
+  if (rawEndpoints.length > 0) {
+    const existingSkill = findExistingSkillForDomain(domain);
+    let allExisting = existingSkill?.endpoints ?? [];
+    const domainKey = getDomainReuseKey(sessionUrl ?? domain);
+    if (domainKey) {
+      const cached = domainSkillCache.get(domainKey);
+      if (cached?.localSkillPath) {
+        try {
+          const snapshot2 = JSON.parse(readFileSync9(cached.localSkillPath, "utf-8"));
+          if (snapshot2?.endpoints?.length > 0) {
+            allExisting = mergeEndpoints(allExisting, snapshot2.endpoints);
+          }
+        } catch {}
       }
-      for (const ep of mergedEndpoints) {
-        if (!ep.description) {
-          ep.description = generateLocalDescription(ep);
-        }
+    }
+    const mergedEndpoints = allExisting.length > 0 ? mergeEndpoints(allExisting, rawEndpoints) : rawEndpoints;
+    if (!existingSkill || mergedEndpoints.length >= existingSkill.endpoints.length) {
+      for (const endpoint of mergedEndpoints) {
+        if (!endpoint.description)
+          endpoint.description = generateLocalDescription(endpoint);
+      }
+      const quickSkill = {
+        skill_id: existingSkill?.skill_id ?? nanoid8(),
+        version: "1.0.0",
+        schema_version: "1",
+        lifecycle: "active",
+        execution_type: "http",
+        created_at: existingSkill?.created_at ?? new Date().toISOString(),
+        updated_at: new Date().toISOString(),
+        name: domain,
+        intent_signature: `browse ${domain}`,
+        domain,
+        description: `API skill for ${domain}`,
+        owner_type: "agent",
+        endpoints: mergedEndpoints,
+        operation_graph: buildSkillOperationGraph(mergedEndpoints),
+        intents: Array.from(new Set([...existingSkill?.intents ?? [], `browse ${domain}`]))
+      };
+      const cacheKey = buildResolveCacheKey(domain, `browse ${domain}`, sessionUrl);
+      const scopedKey = scopedCacheKey("global", cacheKey);
+      writeSkillSnapshot(scopedKey, quickSkill);
+      if (domainKey) {
+        domainSkillCache.set(domainKey, {
+          skillId: quickSkill.skill_id,
+          localSkillPath: snapshotPathForCacheKey(scopedKey),
+          ts: Date.now()
+        });
+        persistDomainCache();
+      }
+      try {
+        cachePublishedSkill(quickSkill);
+      } catch {}
+      upsertDagEdgesFromOperationGraph(quickSkill);
+      invalidateRouteCacheForDomain(domain);
+      return { domain, indexed: true, mode: "http", skill: quickSkill };
+    }
+    return { domain, indexed: false, mode: "http", skill: existingSkill ?? null };
+  }
+  if (!getPageHtml2)
+    return { domain, indexed: false, mode: "none", skill: null };
+  try {
+    const html = await getPageHtml2();
+    if (!html || !html.startsWith("<"))
+      return { domain, indexed: false, mode: "none", skill: null };
+    const { extractFromDOM: extractFromDOM2 } = await Promise.resolve().then(() => (init_extraction(), exports_extraction));
+    const { detectSearchForms: detectSearchForms2, isStructuredSearchForm: isStructuredSearchForm2 } = await Promise.resolve().then(() => (init_search_forms(), exports_search_forms));
+    const { inferSchema: inferSchema2 } = await Promise.resolve().then(() => (init_transform(), exports_transform));
+    const { templatizeQueryParams: templatizeQueryParams2 } = await init_execution().then(() => exports_execution);
+    const extracted = extractFromDOM2(html, `browse ${domain}`);
+    const searchForms = detectSearchForms2(html);
+    const validForm = searchForms.find((form) => isStructuredSearchForm2(form));
+    if (!extracted.data && !validForm)
+      return { domain, indexed: false, mode: "none", skill: null };
+    const urlTemplate = templatizeQueryParams2(sessionUrl);
+    const endpoint = {
+      endpoint_id: nanoid8(),
+      method: "GET",
+      url_template: urlTemplate,
+      idempotency: "safe",
+      verification_status: "verified",
+      reliability_score: extracted.confidence ?? 0.7,
+      description: validForm ? `Search form for ${domain}` : `Page content from ${domain}`,
+      response_schema: extracted.data ? inferSchema2([extracted.data]) : undefined,
+      dom_extraction: {
+        extraction_method: extracted.extraction_method ?? "repeated-elements",
+        confidence: extracted.confidence ?? 0.7,
+        ...extracted.selector ? { selector: extracted.selector } : {}
+      },
+      trigger_url: sessionUrl,
+      ...validForm ? { search_form: validForm } : {}
+    };
+    endpoint.semantic = inferEndpointSemantic(endpoint, {
+      sampleResponse: extracted.data,
+      observedAt: new Date().toISOString(),
+      sampleRequestUrl: sessionUrl
+    });
+    const existing = findExistingSkillForDomain(domain);
+    const allEndpoints = existing ? mergeEndpoints(existing.endpoints, [endpoint]) : [endpoint];
+    for (const candidate of allEndpoints) {
+      if (!candidate.description)
+        candidate.description = generateLocalDescription(candidate);
+    }
+    const skill = {
+      skill_id: existing?.skill_id ?? nanoid8(),
+      version: "1.0.0",
+      schema_version: "1",
+      lifecycle: "active",
+      execution_type: "http",
+      created_at: existing?.created_at ?? new Date().toISOString(),
+      updated_at: new Date().toISOString(),
+      name: domain,
+      intent_signature: `browse ${domain}`,
+      domain,
+      description: `DOM skill for ${domain}`,
+      owner_type: "agent",
+      endpoints: allEndpoints,
+      operation_graph: buildSkillOperationGraph(allEndpoints),
+      intents: [...new Set([...existing?.intents ?? [], `browse ${domain}`])]
+    };
+    const cacheKey = buildResolveCacheKey(domain, `browse ${domain}`, sessionUrl);
+    const scopedKey = scopedCacheKey("global", cacheKey);
+    writeSkillSnapshot(scopedKey, skill);
+    const domainReuseKey = getDomainReuseKey(sessionUrl ?? domain);
+    if (domainReuseKey) {
+      domainSkillCache.set(domainReuseKey, {
+        skillId: skill.skill_id,
+        localSkillPath: snapshotPathForCacheKey(scopedKey),
+        ts: Date.now()
+      });
+      persistDomainCache();
+    }
+    try {
+      cachePublishedSkill(skill);
+    } catch {}
+    upsertDagEdgesFromOperationGraph(skill);
+    invalidateRouteCacheForDomain(domain);
+    return { domain, indexed: true, mode: "dom", skill };
+  } catch {
+    return { domain, indexed: false, mode: "none", skill: null };
+  }
+}
+var init_browse_index = __esm(async () => {
+  init_reverse_engineer();
+  init_graph();
+  init_client2();
+  init_marketplace();
+  init_dag_feedback();
+  await init_orchestrator();
+});
+
+// ../../src/api/browse-submit.ts
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+function asRecord(value) {
+  return value && typeof value === "object" ? value : null;
+}
+function isUrlWaitHint(value) {
+  if (!value)
+    return false;
+  return /^https?:\/\//i.test(value) || value.startsWith("/");
+}
+function hasMeaningfulPageChange(beforeHtml, afterHtml) {
+  const before = beforeHtml.trim();
+  const after = afterHtml.trim();
+  if (!after)
+    return false;
+  if (!before)
+    return after.length > 64;
+  if (before === after)
+    return false;
+  if (Math.abs(before.length - after.length) > 48)
+    return true;
+  const beforeBody = before.match(/<body[\s\S]*?>([\s\S]*?)<\/body>/i)?.[1] ?? before;
+  const afterBody = after.match(/<body[\s\S]*?>([\s\S]*?)<\/body>/i)?.[1] ?? after;
+  return beforeBody.trim() !== afterBody.trim();
+}
+function buildDomSubmitExpression(options) {
+  return `(function() {
+    function findForm(selector) {
+      if (selector) return document.querySelector(selector);
+      var active = document.activeElement;
+      if (active && active.closest) {
+        var fromActive = active.closest("form");
+        if (fromActive) return fromActive;
+      }
+      return document.querySelector("form");
+    }
+    function findSubmitter(form, selector) {
+      if (!form) return null;
+      if (selector) return document.querySelector(selector);
+      var active = document.activeElement;
+      if (active && form.contains(active) && /^(submit|image)$/i.test(active.getAttribute("type") || "")) return active;
+      return form.querySelector('button[type="submit"], input[type="submit"], input[type="image"], button:not([type])');
+    }
+
+    var form = findForm(${JSON.stringify(options.formSelector ?? "")});
+    if (!form) {
+      return JSON.stringify({ ok: false, reason: "form_not_found" });
+    }
+
+    var submitter = findSubmitter(form, ${JSON.stringify(options.submitSelector ?? "")});
+    var meta = {
+      ok: true,
+      form_action: form.getAttribute("action") || "",
+      form_method: (form.getAttribute("method") || "GET").toUpperCase(),
+      submitter: submitter ? (submitter.getAttribute("name") || submitter.id || submitter.textContent || submitter.tagName || "").trim() : null,
+      submit_selector_used: ${JSON.stringify(options.submitSelector ?? null)},
+      form_selector_used: ${JSON.stringify(options.formSelector ?? null)},
+    };
+
+    if (submitter && typeof submitter.click === "function") {
+      submitter.click();
+      return JSON.stringify({ ...meta, submit_kind: "click" });
+    }
+    if (typeof form.requestSubmit === "function") {
+      form.requestSubmit();
+      return JSON.stringify({ ...meta, submit_kind: "requestSubmit" });
+    }
+    if (typeof form.submit === "function") {
+      form.submit();
+      return JSON.stringify({ ...meta, submit_kind: "submit" });
+    }
+    return JSON.stringify({ ok: false, reason: "submit_unavailable" });
+  })()`;
+}
+function buildSameOriginFetchExpression(options) {
+  return `(async function() {
+    function splitPlugins(value) {
+      return String(value || "")
+        .split(/[\\s,;]+/)
+        .map(function(part) { return part.trim(); })
+        .filter(Boolean);
+    }
+    function pluginPath(name) {
+      if (/^https?:\\/\\//i.test(name) || name.startsWith("/")) return name;
+      return "/etc/designs/wrs/footLibs/js/plugins/" + (name.endsWith(".js") ? name : name + ".js");
+    }
+    async function bestEffortRehydrate() {
+      var modules = Array.from(new Set(
+        Array.from(document.querySelectorAll("[data-load-plugins]"))
+          .flatMap(function(node) { return splitPlugins(node.getAttribute("data-load-plugins")); })
+      ));
+      if (modules.length === 0) {
+        return { attempted: false, loaded: false, nooped: true, reason: "no_plugins", modules: [] };
+      }
+      if (!window.WRS || typeof window.WRS.require !== "function") {
+        return { attempted: false, loaded: false, nooped: true, reason: "missing_wrs_require", modules: modules };
+      }
+      var requireWrs = window.WRS.require.bind(window.WRS);
+      async function loadModules(paths) {
+        return await new Promise(function(resolve) {
+          var done = false;
+          var timer = setTimeout(function() {
+            if (done) return;
+            done = true;
+            resolve({ ok: false, reason: "timeout" });
+          }, 1500);
+          try {
+            requireWrs(paths, function() {
+              if (done) return;
+              done = true;
+              clearTimeout(timer);
+              resolve({ ok: true });
+            });
+          } catch (error) {
+            if (done) return;
+            done = true;
+            clearTimeout(timer);
+            resolve({ ok: false, reason: error && error.message ? error.message : String(error) });
+          }
+        });
+      }
+
+      var configResult = await loadModules(["/etc/designs/wrs/footLibs/js/config.js"]);
+      var pluginResult = await loadModules(modules.map(pluginPath));
+      for (var i = 0; i < 6; i++) {
+        await new Promise(function(resolve) { return setTimeout(resolve, 100); });
+      }
+      return {
+        attempted: true,
+        loaded: !!pluginResult.ok,
+        nooped: false,
+        reason: pluginResult.ok ? undefined : pluginResult.reason,
+        config_loaded: !!configResult.ok,
+        modules: modules,
+      };
+    }
+    function findForm(selector) {
+      if (selector) return document.querySelector(selector);
+      var active = document.activeElement;
+      if (active && active.closest) {
+        var fromActive = active.closest("form");
+        if (fromActive) return fromActive;
+      }
+      return document.querySelector("form");
+    }
+    function findSubmitter(form, selector) {
+      if (!form) return null;
+      if (selector) return document.querySelector(selector);
+      var active = document.activeElement;
+      if (active && form.contains(active) && /^(submit|image)$/i.test(active.getAttribute("type") || "")) return active;
+      return form.querySelector('button[type="submit"], input[type="submit"], input[type="image"], button:not([type])');
+    }
+
+    var form = findForm(${JSON.stringify(options.formSelector ?? "")});
+    if (!form) return JSON.stringify({ ok: false, reason: "form_not_found" });
+
+    var submitter = findSubmitter(form, ${JSON.stringify(options.submitSelector ?? "")});
+    var method = (form.getAttribute("method") || "GET").toUpperCase();
+    var action = form.getAttribute("action") || window.location.href;
+    var targetUrl = new URL(action, window.location.href);
+    if (targetUrl.origin !== window.location.origin) {
+      return JSON.stringify({ ok: false, reason: "cross_origin", url: targetUrl.href });
+    }
+
+    var formData = new FormData(form);
+    if (submitter && submitter.name) {
+      var submitValue = submitter.value != null ? submitter.value : "";
+      if (!formData.has(submitter.name)) formData.append(submitter.name, submitValue);
+    }
+
+    var headers = {};
+    var requestUrl = targetUrl.href;
+    var body;
+    if (method === "GET") {
+      var params = new URLSearchParams();
+      Array.from(formData.entries()).forEach(function(entry) {
+        var value = entry[1];
+        if (typeof value === "string") params.append(entry[0], value);
+      });
+      var query = params.toString();
+      if (query) requestUrl += (requestUrl.includes("?") ? "&" : "?") + query;
+    } else if ((form.enctype || "").includes("application/x-www-form-urlencoded")) {
+      var encoded = new URLSearchParams();
+      Array.from(formData.entries()).forEach(function(entry) {
+        var value = entry[1];
+        if (typeof value === "string") encoded.append(entry[0], value);
+      });
+      body = encoded.toString();
+      headers["Content-Type"] = "application/x-www-form-urlencoded; charset=UTF-8";
+    } else {
+      body = formData;
+    }
+
+    try {
+      var response = await fetch(requestUrl, {
+        method: method,
+        body: method === "GET" ? undefined : body,
+        headers: headers,
+        credentials: "include",
+        redirect: "follow",
+      });
+      var contentType = response.headers.get("content-type") || "";
+      var text = await response.text();
+      var finalUrl = response.url || requestUrl;
+      if (!/text\\/html|application\\/xhtml\\+xml/i.test(contentType)) {
+        return JSON.stringify({
+          ok: false,
+          reason: "non_html_response",
+          status: response.status,
+          url: finalUrl,
+          content_type: contentType,
+        });
+      }
+
+      document.open();
+      document.write(text);
+      document.close();
+      if (finalUrl && finalUrl !== window.location.href) {
+        history.replaceState({}, "", finalUrl);
+      }
+      await new Promise(function(resolve) { return setTimeout(resolve, 50); });
+      var rehydrate = await bestEffortRehydrate();
+      return JSON.stringify({
+        ok: true,
+        status: response.status,
+        url: finalUrl,
+        same_origin_html_rehydrated: true,
+        rehydrate: rehydrate,
+      });
+    } catch (error) {
+      return JSON.stringify({
+        ok: false,
+        reason: error && error.message ? error.message : String(error),
+      });
+    }
+  })()`;
+}
+function parseJsonString(value) {
+  if (typeof value !== "string")
+    return asRecord(value);
+  try {
+    return asRecord(JSON.parse(value));
+  } catch {
+    return null;
+  }
+}
+async function waitForSubmitOutcome(client, tabId, beforeUrl, beforeHtml, options) {
+  const timeoutMs = options.timeoutMs ?? DEFAULT_SUBMIT_TIMEOUT_MS;
+  const deadline = Date.now() + timeoutMs;
+  const waitFor = options.waitFor?.trim();
+  if (waitFor && !isUrlWaitHint(waitFor)) {
+    try {
+      const waitResult = await client.waitForSelector(tabId, waitFor, timeoutMs);
+      if (waitResult?.status === "found" || waitResult?.status === "ready") {
+        const url = await client.getCurrentUrl(tabId).catch(() => beforeUrl);
+        const html = await client.getPageHtml(tabId).catch(() => beforeHtml);
+        return { ok: true, url, html };
+      }
+    } catch {}
+  }
+  while (Date.now() < deadline) {
+    const url = await client.getCurrentUrl(tabId).catch(() => "");
+    const html = await client.getPageHtml(tabId).catch(() => "");
+    if (waitFor && isUrlWaitHint(waitFor) && url.includes(waitFor)) {
+      return { ok: true, url, html };
+    }
+    if (url && url !== beforeUrl && !url.startsWith("about:blank")) {
+      return { ok: true, url, html };
+    }
+    if (hasMeaningfulPageChange(beforeHtml, html)) {
+      return { ok: true, url: url || beforeUrl, html };
+    }
+    await sleep(SUBMIT_POLL_INTERVAL_MS);
+  }
+  return { ok: false, url: beforeUrl, html: beforeHtml };
+}
+async function submitBrowseForm(deps, options = {}) {
+  const { client, session, flushCapture, restartCapture, rehydratePlugins } = deps;
+  const sameOriginFetchFallback = options.sameOriginFetchFallback !== false;
+  const beforeUrl = await client.getCurrentUrl(session.tabId).catch(() => session.url);
+  const beforeHtml = await client.getPageHtml(session.tabId).catch(() => "");
+  let submitMeta = null;
+  let submitError = null;
+  try {
+    submitMeta = parseJsonString(await client.evaluate(session.tabId, buildDomSubmitExpression(options)));
+  } catch (error) {
+    submitError = error;
+  }
+  if (!submitMeta?.ok && submitMeta?.reason === "form_not_found") {
+    return {
+      ok: false,
+      url: beforeUrl || session.url,
+      mode: "noop",
+      fallback_used: false,
+      same_origin_html_rehydrated: false,
+      recoverable: false,
+      reason: "form_not_found",
+      submit_meta: submitMeta
+    };
+  }
+  const domOutcome = await waitForSubmitOutcome(client, session.tabId, beforeUrl, beforeHtml, options);
+  if (domOutcome.ok) {
+    session.url = domOutcome.url || beforeUrl || session.url;
+    let captureSync2 = null;
+    if (flushCapture) {
+      try {
+        captureSync2 = await flushCapture(session);
+      } catch {
+        captureSync2 = null;
+      }
+    }
+    await restartCapture(session);
+    return {
+      ok: true,
+      url: session.url,
+      mode: "dom",
+      fallback_used: false,
+      same_origin_html_rehydrated: false,
+      wait_for: options.waitFor,
+      submit_meta: submitMeta,
+      capture_sync: captureSync2
+    };
+  }
+  if (submitError && !isRecoverableBrowseFailure(submitError) && !sameOriginFetchFallback) {
+    throw submitError;
+  }
+  if (!sameOriginFetchFallback) {
+    return {
+      ok: false,
+      url: beforeUrl || session.url,
+      mode: "noop",
+      fallback_used: false,
+      same_origin_html_rehydrated: false,
+      recoverable: !!submitError && isRecoverableBrowseFailure(submitError),
+      reason: submitError instanceof Error ? submitError.message : "submit_failed",
+      submit_meta: submitMeta
+    };
+  }
+  const fallbackPayload = parseJsonString(await client.evaluate(session.tabId, buildSameOriginFetchExpression(options)));
+  if (!fallbackPayload?.ok) {
+    return {
+      ok: false,
+      url: String(fallbackPayload?.url ?? beforeUrl ?? session.url),
+      mode: "same_origin_fetch",
+      fallback_used: true,
+      same_origin_html_rehydrated: false,
+      recoverable: !!submitError && isRecoverableBrowseFailure(submitError),
+      reason: String(fallbackPayload?.reason ?? "same_origin_fetch_failed"),
+      status: typeof fallbackPayload?.status === "number" ? fallbackPayload.status : undefined,
+      submit_meta: submitMeta
+    };
+  }
+  const finalUrl = String(fallbackPayload.url ?? await client.getCurrentUrl(session.tabId).catch(() => beforeUrl));
+  session.url = finalUrl || beforeUrl || session.url;
+  let rehydrate = fallbackPayload.rehydrate;
+  if (!rehydrate) {
+    rehydrate = await rehydratePlugins(session.tabId).catch(() => null);
+  }
+  let captureSync = null;
+  if (flushCapture) {
+    try {
+      captureSync = await flushCapture(session);
+    } catch {
+      captureSync = null;
+    }
+  }
+  await restartCapture(session);
+  return {
+    ok: true,
+    url: session.url,
+    mode: "same_origin_fetch",
+    fallback_used: true,
+    same_origin_html_rehydrated: fallbackPayload.same_origin_html_rehydrated === true,
+    status: typeof fallbackPayload.status === "number" ? fallbackPayload.status : undefined,
+    wait_for: options.waitFor,
+    submit_meta: submitMeta,
+    capture_sync: captureSync,
+    rehydrate
+  };
+}
+var DEFAULT_SUBMIT_TIMEOUT_MS = 8000, SUBMIT_POLL_INTERVAL_MS = 250;
+var init_browse_submit = __esm(() => {
+  init_browse_session();
+});
+
+// ../../src/verification/matrix.ts
+function computeVerificationCoverage(matrix) {
+  if (matrix.length === 0)
+    return 0;
+  const tested = matrix.filter((c) => c.status !== "untested").length;
+  return tested / matrix.length;
+}
+var INITIAL_MATRIX;
+var init_matrix = __esm(() => {
+  INITIAL_MATRIX = [
+    { host: "openclaw", capability: "capture", status: "pass", last_verified: "2026-03-31" },
+    { host: "openclaw", capability: "execute", status: "pass", last_verified: "2026-03-31" },
+    { host: "openclaw", capability: "search", status: "pass", last_verified: "2026-03-31" },
+    { host: "mcp", capability: "execute", status: "pass", last_verified: "2026-03-31" },
+    { host: "mcp", capability: "search", status: "pass", last_verified: "2026-03-31" },
+    { host: "cli", capability: "capture", status: "pass", last_verified: "2026-03-31" },
+    { host: "cli", capability: "execute", status: "pass", last_verified: "2026-03-31" },
+    { host: "cli", capability: "search", status: "pass", last_verified: "2026-03-31" },
+    { host: "cli", capability: "publish", status: "pass", last_verified: "2026-03-31" },
+    { host: "hermes", capability: "execute", status: "untested" },
+    { host: "elizaos", capability: "execute", status: "untested" },
+    { host: "langchain", capability: "execute", status: "untested" },
+    { host: "langchain", capability: "search", status: "untested" }
+  ];
+});
+
+// ../../src/verification/index.ts
+var exports_verification = {};
+__export(exports_verification, {
+  verifySkillWithCoverage: () => verifySkillWithCoverage,
+  verifySkill: () => verifySkill,
+  verifyEndpoint: () => verifyEndpoint,
+  schedulePeriodicVerification: () => schedulePeriodicVerification
+});
+async function verifyEndpoint(skill, endpoint) {
+  if (endpoint.method !== "GET")
+    return endpoint.verification_status;
+  try {
+    const { status, data } = await executeInBrowser(endpoint.url_template, endpoint.method, endpoint.headers_template ?? {}, undefined, undefined, undefined);
+    if (status < 200 || status >= 300) {
+      await updateEndpointScore2(skill.skill_id, endpoint.endpoint_id, endpoint.reliability_score, "failed");
+      return "failed";
+    }
+    let hasCriticalDrift = false;
+    if (endpoint.response_schema && data != null) {
+      const drift = detectSchemaDrift(endpoint.response_schema, data);
+      if (drift.drifted && (drift.removed_fields.length > 0 || drift.type_changes.length > 0)) {
+        hasCriticalDrift = true;
+      }
+    }
+    const newStatus = hasCriticalDrift ? "pending" : "verified";
+    const newScore = endpoint.verification_status === "disabled" && newStatus === "verified" ? 0.5 : endpoint.reliability_score;
+    await updateEndpointScore2(skill.skill_id, endpoint.endpoint_id, newScore, newStatus);
+    const fullSkill = await getSkill2(skill.skill_id);
+    if (fullSkill) {
+      const ep = fullSkill.endpoints.find((e) => e.endpoint_id === endpoint.endpoint_id);
+      if (ep)
+        ep.last_verified_at = new Date().toISOString();
+    }
+    return newStatus;
+  } catch {
+    await updateEndpointScore2(skill.skill_id, endpoint.endpoint_id, endpoint.reliability_score, "failed");
+    return "failed";
+  }
+}
+async function verifySkill(skill) {
+  const results = {};
+  for (const endpoint of skill.endpoints) {
+    results[endpoint.endpoint_id] = await verifyEndpoint(skill, endpoint);
+  }
+  return results;
+}
+async function verifySkillWithCoverage(skill, matrix = INITIAL_MATRIX) {
+  const results = await verifySkill(skill);
+  const coverage = computeVerificationCoverage(matrix);
+  return { results, coverage };
+}
+function schedulePeriodicVerification() {
+  return setInterval(async () => {
+    const skills = await listSkills2();
+    const now = Date.now();
+    for (const skill of skills) {
+      if (skill.lifecycle !== "active")
+        continue;
+      for (const endpoint of skill.endpoints) {
+        if (endpoint.method !== "GET")
+          continue;
+        const isDisabled = endpoint.verification_status === "disabled";
+        const lastVerified = endpoint.last_verified_at ? new Date(endpoint.last_verified_at).getTime() : 0;
+        if (isDisabled || now - lastVerified > STALE_THRESHOLD_MS) {
+          await verifyEndpoint(skill, endpoint).catch(() => {});
+        }
+      }
+    }
+  }, VERIFICATION_INTERVAL_MS);
+}
+var VERIFICATION_INTERVAL_MS, STALE_THRESHOLD_MS;
+var init_verification = __esm(() => {
+  init_capture();
+  init_marketplace();
+  init_marketplace();
+  init_drift();
+  init_matrix();
+  VERIFICATION_INTERVAL_MS = 6 * 60 * 60 * 1000;
+  STALE_THRESHOLD_MS = 24 * 60 * 60 * 1000;
+});
+
+// ../../src/api/routes.ts
+var exports_routes = {};
+__export(exports_routes, {
+  registerRoutes: () => registerRoutes,
+  registerBrowseSession: () => registerBrowseSession,
+  buildAnalyticsSessionPayload: () => buildAnalyticsSessionPayload
+});
+import { nanoid as nanoid9 } from "nanoid";
+import { writeFileSync as writeFileSync8, existsSync as existsSync12, mkdirSync as mkdirSync9 } from "fs";
+import { join as join12 } from "path";
+function buildAnalyticsSessionPayload(result, opts) {
+  const source = result.timing?.source ?? result.source;
+  const apiCalls = result.trace.endpoint_id ? 1 : 0;
+  const browserMode = opts.browser_mode ?? (source === "live-capture" || source === "first-pass" || source === "browser-action" ? "default" : "replaced");
+  const cachedSkillCalls = opts.cached_skill_calls ?? (apiCalls > 0 && source !== "live-capture" && source !== "first-pass" ? 1 : 0);
+  const freshIndexCalls = opts.fresh_index_calls ?? (apiCalls > 0 && (source === "live-capture" || source === "first-pass") ? 1 : 0);
+  return {
+    session_id: result.trace.trace_id,
+    started_at: result.trace.started_at,
+    completed_at: result.trace.completed_at,
+    trace_version: result.trace.trace_version ?? TRACE_VERSION,
+    api_calls: apiCalls,
+    discovery_queries: opts.discovery_queries,
+    cached_skill_calls: cachedSkillCalls,
+    fresh_index_calls: freshIndexCalls,
+    browser_mode: browserMode,
+    success: result.trace.success ?? true,
+    source,
+    time_saved_ms: result.timing?.time_saved_ms,
+    time_saved_pct: result.timing?.time_saved_pct,
+    tokens_saved: result.trace.tokens_saved ?? result.timing?.tokens_saved,
+    tokens_saved_pct: result.trace.tokens_saved_pct ?? result.timing?.tokens_saved_pct,
+    cost_saved_uc: result.timing?.cost_saved_uc
+  };
+}
+function passiveIndexFromRequests(requests, pageUrl) {
+  if (requests.length === 0)
+    return;
+  let domain;
+  try {
+    domain = new URL(pageUrl).hostname;
+  } catch {
+    return;
+  }
+  const intent = `browse ${domain}`;
+  (async () => {
+    try {
+      const rawEndpoints = extractEndpoints(requests, undefined, { pageUrl, finalUrl: pageUrl });
+      if (rawEndpoints.length === 0) {
+        console.log(`[passive-index] ${domain}: 0 endpoints from ${requests.length} requests`);
+        return;
+      }
+      const capturedAuthHeaders = extractAuthHeaders(requests);
+      if (Object.keys(capturedAuthHeaders).length > 0) {
+        const authKey = `${domain}-session`;
+        await storeCredential(authKey, JSON.stringify({ headers: capturedAuthHeaders }));
+      }
+      const existingSkill = findExistingSkillForDomain(domain, intent);
+      const mergedEndpoints = existingSkill ? mergeEndpoints(existingSkill.endpoints, rawEndpoints) : rawEndpoints;
+      if (existingSkill && mergedEndpoints.length < existingSkill.endpoints.length) {
+        console.log(`[passive-index] ${domain}: skipping — would reduce ${existingSkill.endpoints.length} → ${mergedEndpoints.length} endpoints`);
+        return;
+      }
+      for (const ep of mergedEndpoints) {
+        if (!ep.description) {
+          ep.description = generateLocalDescription(ep);
+        }
       }
       const enrichedEndpoints = mergedEndpoints;
       const operationGraph = buildSkillOperationGraph(enrichedEndpoints);
       const skill = {
-        skill_id: existingSkill?.skill_id ?? nanoid8(),
+        skill_id: existingSkill?.skill_id ?? nanoid9(),
         version: "1.0.0",
         schema_version: "1",
         lifecycle: "active",
@@ -16897,7 +18486,11 @@ async function registerRoutes(app) {
       return reply.code(400).send({ error: "intent required" });
     try {
       const result = await resolveAndExecute(intent, params ?? {}, context, projection, { confirm_unsafe, dry_run, force_capture, client_scope: clientScope });
-      const res = result;
+      const res = attachAgentOutcomeHints({ ...result }, {
+        skill: result.skill,
+        endpointId: result.trace.endpoint_id,
+        timing: result.timing
+      });
       if (result.timing) {
         res.timing = result.timing;
       }
@@ -16906,10 +18499,9 @@ async function registerRoutes(app) {
         res.available_endpoints = innerResult.available_endpoints;
       }
       await recordAnalyticsSession(buildAnalyticsSessionPayload(result, {
-        browser_mode: "replaced",
         discovery_queries: 1
       })).catch(() => {});
-      return reply.send(result);
+      return reply.send(res);
     } catch (err) {
       return reply.code(500).send({ error: err.message });
     }
@@ -17119,26 +18711,33 @@ async function registerRoutes(app) {
             recordExecution(freshResult.trace.skill_id, freshResult.trace.endpoint_id, freshResult.trace, skill).catch(() => {});
           }
           await recordAnalyticsSession(buildAnalyticsSessionPayload(freshResult, {
-            browser_mode: "manual",
             discovery_queries: 1
           })).catch(() => {});
-          return reply.send({
+          const recovered = attachAgentOutcomeHints({
             ...freshResult,
             _recovery: {
               reason: "stale_endpoint_404",
               original_skill_id: skill_id,
               message: "Original endpoint returned 404. Auto-recovered with fresh capture."
             }
+          }, {
+            skill: freshResult.skill ?? skill,
+            endpointId: freshResult.trace.endpoint_id,
+            timing: freshResult.timing
+          });
+          return reply.send({
+            ...recovered
           });
         } catch {}
       }
       await recordAnalyticsSession(buildAnalyticsSessionPayload(execResult, {
-        browser_mode: "manual",
-        discovery_queries: 0,
-        cached_skill_calls: execResult.trace.endpoint_id ? 1 : 0,
-        fresh_index_calls: 0
+        discovery_queries: 0
       })).catch(() => {});
-      return reply.send(execResult);
+      const response = attachAgentOutcomeHints({ ...execResult }, {
+        skill,
+        endpointId: execResult.trace.endpoint_id
+      });
+      return reply.send(response);
     } catch (err) {
       return reply.code(500).send({ error: err.message });
     }
@@ -17280,344 +18879,293 @@ async function registerRoutes(app) {
       return "unknown";
     }
   }
-  async function getOrCreateBrowseSession() {
-    const existing = browseSessions.get("default");
-    if (existing)
-      return existing;
-    await start().catch(() => {});
-    const tabId = await newTab();
-    await harStart(tabId).catch(() => {});
-    await injectInterceptor(tabId);
-    const session = { tabId, url: "about:blank", harActive: true, domain: "" };
-    browseSessions.set("default", session);
-    return session;
+  async function restartBrowseCapture(session) {
+    await networkEnable(session.tabId).catch(() => {});
+    await harStart(session.tabId).catch(() => {});
+    await scriptInject(session.tabId, INTERCEPTOR_SCRIPT).catch(() => {});
+    session.harActive = true;
+    await injectInterceptor(session.tabId).catch(() => {});
   }
-  app.post("/v1/browse/go", async (req, reply) => {
-    const { url } = req.body;
-    if (!url)
-      return reply.code(400).send({ error: "url required" });
-    const session = await getOrCreateBrowseSession();
-    const newDomain = profileName(url);
-    if (session.harActive && session.url !== "about:blank") {
+  async function flushBrowseCapture(session, options = {}) {
+    let intercepted = [];
+    try {
+      const raw = await collectInterceptedRequests(session.tabId);
+      intercepted = raw.map((request) => ({
+        url: request.url,
+        method: request.method,
+        request_headers: request.request_headers ?? {},
+        request_body: request.request_body,
+        response_status: request.response_status,
+        response_headers: request.response_headers ?? {},
+        response_body: request.response_body,
+        timestamp: request.timestamp
+      }));
+    } catch {}
+    let harEntries = [];
+    if (session.harActive) {
       try {
         const { entries } = await harStop(session.tabId);
-        passiveIndexHar(entries, session.url);
+        harEntries = entries;
       } catch {}
-      session.harActive = false;
     }
-    if (session.domain && session.domain !== newDomain) {
-      await authProfileSave(session.tabId, session.domain).catch(() => {});
+    session.harActive = false;
+    const allRequests = mergeBrowseRequests(intercepted, harEntries, session.url);
+    const syncResult = await cacheBrowseRequests({
+      sessionUrl: session.url,
+      sessionDomain: session.domain,
+      requests: allRequests,
+      getPageHtml: () => getPageHtml(session.tabId)
+    });
+    let backgroundPublishQueued = false;
+    if (options.queueBackgroundPublish) {
+      if (allRequests.length > 0) {
+        passiveIndexFromRequests(allRequests, session.url);
+        backgroundPublishQueued = true;
+      } else if (syncResult.skill) {
+        queueBackgroundIndex({
+          skill: { ...syncResult.skill },
+          domain: syncResult.domain,
+          intent: syncResult.skill.intent_signature || `browse ${syncResult.domain}`,
+          contextUrl: session.url,
+          cacheKey: `browse-submit:${syncResult.domain}:${Date.now()}`
+        });
+        backgroundPublishQueued = true;
+      }
     }
-    let cookiesInjected = 0;
-    if (newDomain && newDomain !== session.domain) {
-      await authProfileLoad(session.tabId, newDomain).catch(() => {});
-      try {
-        const { cookies: browserCookies } = extractBrowserCookies(newDomain);
-        if (browserCookies.length > 0) {
-          for (const c of browserCookies) {
-            await setCookie(session.tabId, c).catch(() => {});
+    return {
+      indexed: syncResult.indexed,
+      mode: syncResult.mode,
+      domain: syncResult.domain,
+      skill_id: syncResult.skill?.skill_id ?? null,
+      endpoint_count: syncResult.skill?.endpoints.length ?? 0,
+      endpoints: (syncResult.skill?.endpoints ?? []).map((endpoint) => ({
+        endpoint_id: endpoint.endpoint_id,
+        method: endpoint.method,
+        url_template: endpoint.url_template,
+        description: endpoint.description,
+        trigger_url: endpoint.trigger_url,
+        action_kind: endpoint.semantic?.action_kind,
+        resource_kind: endpoint.semantic?.resource_kind
+      })),
+      request_count: allRequests.length,
+      background_publish_queued: backgroundPublishQueued
+    };
+  }
+  app.post("/v1/browse/go", async (req, reply) => {
+    const { url } = req.body;
+    if (!url)
+      return reply.code(400).send({ error: "url required" });
+    const { session, result } = await withRecoveredBrowseSession(browseSessions, exports_client, injectInterceptor, async (session2) => {
+      const newDomain = profileName(url);
+      if (session2.harActive && session2.url !== "about:blank") {
+        try {
+          const { entries } = await harStop(session2.tabId);
+          passiveIndexHar(entries, session2.url);
+        } catch {}
+        session2.harActive = false;
+      }
+      if (session2.domain && session2.domain !== newDomain) {
+        await authProfileSave(session2.tabId, session2.domain).catch(() => {});
+      }
+      let cookiesInjected = 0;
+      if (newDomain && newDomain !== session2.domain) {
+        await authProfileLoad(session2.tabId, newDomain).catch(() => {});
+        try {
+          const { cookies: browserCookies } = extractBrowserCookies(newDomain);
+          if (browserCookies.length > 0) {
+            for (const c of browserCookies) {
+              await setCookie(session2.tabId, c).catch(() => {});
+            }
+            cookiesInjected = browserCookies.length;
           }
-          cookiesInjected = browserCookies.length;
-        }
-      } catch {}
-    }
-    await networkEnable(session.tabId).catch(() => {});
-    await harStart(session.tabId).catch(() => {});
-    await scriptInject(session.tabId, INTERCEPTOR_SCRIPT).catch(() => {});
-    session.harActive = true;
-    await navigate(session.tabId, url);
-    const finalUrl = await getCurrentUrl(session.tabId).catch(() => url);
-    session.url = typeof finalUrl === "string" && finalUrl.startsWith("http") ? finalUrl : url;
+        } catch {}
+      }
+      await restartBrowseCapture(session2);
+      await navigate(session2.tabId, url);
+      const finalUrl = await getCurrentUrl(session2.tabId).catch(() => url);
+      session2.url = typeof finalUrl === "string" && finalUrl.startsWith("http") ? finalUrl : url;
+      session2.domain = profileName(session2.url);
+      await injectInterceptor(session2.tabId);
+      return { cookiesInjected };
+    }, (result2) => isRecoverableBrowseFailure(result2));
+    return reply.send({
+      ok: true,
+      url: session.url,
+      tab_id: session.tabId,
+      auth_profile: session.domain,
+      ...result.cookiesInjected > 0 ? { cookies_injected: result.cookiesInjected } : {}
+    });
+  });
+  app.post("/v1/browse/submit", async (req, reply) => {
+    const {
+      form_selector: formSelector,
+      submit_selector: submitSelector,
+      wait_for: waitFor,
+      same_origin_fetch_fallback: sameOriginFetchFallback,
+      timeout_ms: timeoutMs
+    } = req.body ?? {};
+    const { session, result, recovered } = await withRecoveredBrowseSession(browseSessions, exports_client, injectInterceptor, async (session2) => submitBrowseForm({
+      client: exports_client,
+      session: session2,
+      flushCapture: async (session3) => await flushBrowseCapture(session3, { queueBackgroundPublish: true }),
+      restartCapture: restartBrowseCapture,
+      rehydratePlugins: bestEffortRehydratePlugins
+    }, {
+      formSelector,
+      submitSelector,
+      waitFor,
+      sameOriginFetchFallback,
+      timeoutMs
+    }), (result2) => !result2.ok && result2.recoverable === true);
+    session.url = result.url || await getCurrentUrl(session.tabId).catch(() => session.url);
     session.domain = profileName(session.url);
-    await injectInterceptor(session.tabId);
-    return reply.send({ ok: true, url: session.url, tab_id: session.tabId, auth_profile: session.domain, ...cookiesInjected > 0 ? { cookies_injected: cookiesInjected } : {} });
+    const statusCode = result.ok ? 200 : result.recoverable ? 502 : 400;
+    const nextStep = result.ok ? result.capture_sync?.background_publish_queued ? "Background publish queued for this step. Continue the flow, then run `unbrowse close` when you're done to save auth and finalize any remaining capture." : "If more UI steps remain, continue the flow. Run `unbrowse close` when you're done to save auth and finalize capture." : "Inspect the page state with `unbrowse snap --filter interactive`, then retry submit with selectors or a wait hint if needed.";
+    return reply.code(statusCode).send({
+      ...result,
+      next_step: nextStep,
+      recovered,
+      tab_id: session.tabId,
+      url: session.url
+    });
   });
   app.post("/v1/browse/snap", async (req, reply) => {
     const { filter } = req.body ?? {};
-    const session = await getOrCreateBrowseSession();
-    const snapshot2 = await snapshot(session.tabId, filter);
+    const { session, result: snapshot2 } = await withRecoveredBrowseSession(browseSessions, exports_client, injectInterceptor, async (session2) => snapshot(session2.tabId, filter), (snapshot3) => typeof snapshot3 !== "string" || snapshot3.trim().length === 0);
     return reply.send({ snapshot: snapshot2, tab_id: session.tabId });
   });
   app.post("/v1/browse/click", async (req, reply) => {
     const { ref } = req.body;
     if (!ref)
       return reply.code(400).send({ error: "ref required" });
-    const session = await getOrCreateBrowseSession();
-    await click(session.tabId, ref);
+    await withRecoveredBrowseSession(browseSessions, exports_client, injectInterceptor, async (session) => {
+      await click(session.tabId, ref);
+      return true;
+    });
     return reply.send({ ok: true });
   });
   app.post("/v1/browse/fill", async (req, reply) => {
     const { ref, value } = req.body;
     if (!ref || value === undefined)
       return reply.code(400).send({ error: "ref and value required" });
-    const session = await getOrCreateBrowseSession();
-    await fill(session.tabId, ref, value);
+    await withRecoveredBrowseSession(browseSessions, exports_client, injectInterceptor, async (session) => {
+      await fill(session.tabId, ref, value);
+      return true;
+    });
     return reply.send({ ok: true });
   });
   app.post("/v1/browse/type", async (req, reply) => {
     const { text } = req.body;
     if (!text)
       return reply.code(400).send({ error: "text required" });
-    const session = await getOrCreateBrowseSession();
-    await keyboardType(session.tabId, text);
+    await withRecoveredBrowseSession(browseSessions, exports_client, injectInterceptor, async (session) => {
+      await keyboardType(session.tabId, text);
+      return true;
+    });
     return reply.send({ ok: true });
   });
   app.post("/v1/browse/press", async (req, reply) => {
     const { key } = req.body;
     if (!key)
       return reply.code(400).send({ error: "key required" });
-    const session = await getOrCreateBrowseSession();
-    await press(session.tabId, key);
+    await withRecoveredBrowseSession(browseSessions, exports_client, injectInterceptor, async (session) => {
+      await press(session.tabId, key);
+      return true;
+    });
     return reply.send({ ok: true });
   });
   app.post("/v1/browse/select", async (req, reply) => {
     const { ref, value } = req.body;
     if (!ref || value === undefined)
       return reply.code(400).send({ error: "ref and value required" });
-    const session = await getOrCreateBrowseSession();
-    await select(session.tabId, ref, value);
+    await withRecoveredBrowseSession(browseSessions, exports_client, injectInterceptor, async (session) => {
+      await select(session.tabId, ref, value);
+      return true;
+    });
     return reply.send({ ok: true });
   });
   app.post("/v1/browse/scroll", async (req, reply) => {
     const { direction, amount } = req.body ?? {};
-    const session = await getOrCreateBrowseSession();
-    await scroll(session.tabId, direction ?? "down", amount);
+    await withRecoveredBrowseSession(browseSessions, exports_client, injectInterceptor, async (session) => {
+      await scroll(session.tabId, direction ?? "down", amount);
+      return true;
+    });
     return reply.send({ ok: true });
   });
   app.get("/v1/browse/screenshot", async (_req, reply) => {
-    const session = await getOrCreateBrowseSession();
-    const data = await screenshot(session.tabId);
+    const { session, result: data } = await withRecoveredBrowseSession(browseSessions, exports_client, injectInterceptor, async (session2) => screenshot(session2.tabId), (data2) => typeof data2 !== "string" || data2.trim().length === 0);
     return reply.send({ screenshot: data, tab_id: session.tabId });
   });
   app.get("/v1/browse/text", async (_req, reply) => {
-    const session = await getOrCreateBrowseSession();
-    const text = await getText(session.tabId);
+    const { result: text } = await withRecoveredBrowseSession(browseSessions, exports_client, injectInterceptor, async (session) => getText(session.tabId), (text2) => typeof text2 !== "string");
     return reply.send({ text });
   });
   app.get("/v1/browse/markdown", async (_req, reply) => {
-    const session = await getOrCreateBrowseSession();
-    const markdown = await getMarkdown(session.tabId);
+    const { result: markdown } = await withRecoveredBrowseSession(browseSessions, exports_client, injectInterceptor, async (session) => getMarkdown(session.tabId), (markdown2) => typeof markdown2 !== "string");
     return reply.send({ markdown });
   });
   app.get("/v1/browse/cookies", async (_req, reply) => {
-    const session = await getOrCreateBrowseSession();
-    const cookies = await getCookies(session.tabId);
+    const { result: cookies } = await withRecoveredBrowseSession(browseSessions, exports_client, injectInterceptor, async (session) => getCookies(session.tabId));
     return reply.send({ cookies });
   });
   app.post("/v1/browse/eval", async (req, reply) => {
-    const { expression } = req.body;
-    if (!expression)
-      return reply.code(400).send({ error: "expression required" });
-    const session = await getOrCreateBrowseSession();
-    const result = await evaluate(session.tabId, expression);
-    return reply.send({ result });
-  });
-  app.post("/v1/browse/back", async (_req, reply) => {
-    const session = await getOrCreateBrowseSession();
-    await goBack(session.tabId);
-    return reply.send({ ok: true });
-  });
-  app.post("/v1/browse/forward", async (_req, reply) => {
-    const session = await getOrCreateBrowseSession();
-    await goForward(session.tabId);
-    return reply.send({ ok: true });
-  });
-  app.post("/v1/browse/close", async (_req, reply) => {
-    const session = browseSessions.get("default");
-    if (!session)
-      return reply.send({ ok: true, message: "no active session" });
-    if (session.domain) {
-      await authProfileSave(session.tabId, session.domain).catch(() => {});
-    }
-    let intercepted = [];
-    try {
-      const raw = await collectInterceptedRequests(session.tabId);
-      intercepted = raw.map((r) => ({
-        url: r.url,
-        method: r.method,
-        request_headers: r.request_headers ?? {},
-        request_body: r.request_body,
-        response_status: r.response_status,
-        response_headers: r.response_headers ?? {},
-        response_body: r.response_body,
-        timestamp: r.timestamp
-      }));
-    } catch {}
-    let harEntries = [];
-    if (session.harActive) {
-      try {
-        const { entries } = await harStop(session.tabId);
-        harEntries = entries;
-      } catch {}
-    }
-    const harRequests = harEntriesToRawRequests(harEntries);
-    const seen = new Set;
-    const allRequests = [];
-    for (const r of intercepted) {
-      const key = `${r.method}:${r.url}`;
-      if (!seen.has(key)) {
-        seen.add(key);
-        allRequests.push(r);
-      }
-    }
-    for (const r of harRequests) {
-      const key = `${r.method}:${r.url}`;
-      if (!seen.has(key)) {
-        seen.add(key);
-        allRequests.push(r);
-      }
-    }
-    {
-      let domain;
-      try {
-        domain = new URL(session.url).hostname;
-      } catch {
-        domain = session.domain;
-      }
-      const rawEndpoints = extractEndpoints(allRequests, undefined, { pageUrl: session.url, finalUrl: session.url });
-      if (rawEndpoints.length > 0) {
-        const existingSkill = findExistingSkillForDomain(domain);
-        let allExisting = existingSkill?.endpoints ?? [];
-        const domainKey = getDomainReuseKey(session.url ?? domain);
-        if (domainKey) {
-          const cached = domainSkillCache.get(domainKey);
-          if (cached?.localSkillPath) {
-            try {
-              const snapshot2 = JSON.parse(__require("fs").readFileSync(cached.localSkillPath, "utf-8"));
-              if (snapshot2?.endpoints?.length > 0) {
-                allExisting = mergeEndpoints(allExisting, snapshot2.endpoints);
-              }
-            } catch {}
-          }
-        }
-        const mergedEps = allExisting.length > 0 ? mergeEndpoints(allExisting, rawEndpoints) : rawEndpoints;
-        if (!existingSkill || mergedEps.length >= existingSkill.endpoints.length) {
-          for (const ep of mergedEps) {
-            if (!ep.description)
-              ep.description = generateLocalDescription(ep);
-          }
-          const quickSkill = {
-            skill_id: existingSkill?.skill_id ?? nanoid8(),
-            version: "1.0.0",
-            schema_version: "1",
-            lifecycle: "active",
-            execution_type: "http",
-            created_at: existingSkill?.created_at ?? new Date().toISOString(),
-            updated_at: new Date().toISOString(),
-            name: domain,
-            intent_signature: `browse ${domain}`,
-            domain,
-            description: `API skill for ${domain}`,
-            owner_type: "agent",
-            endpoints: mergedEps,
-            intents: Array.from(new Set([...existingSkill?.intents ?? [], `browse ${domain}`]))
-          };
-          const cacheKey = buildResolveCacheKey(domain, `browse ${domain}`, session.url);
-          const scopedKey = scopedCacheKey("global", cacheKey);
-          writeSkillSnapshot(scopedKey, quickSkill);
-          const domainKey2 = getDomainReuseKey(session.url ?? domain);
-          if (domainKey2) {
-            domainSkillCache.set(domainKey2, {
-              skillId: quickSkill.skill_id,
-              localSkillPath: snapshotPathForCacheKey(scopedKey),
-              ts: Date.now()
-            });
-            persistDomainCache();
-          }
-          try {
-            cachePublishedSkill(quickSkill);
-          } catch {}
-          invalidateRouteCacheForDomain(domain);
-          console.log(`[passive-index] ${domain}: ${mergedEps.length} endpoints cached synchronously`);
-        }
-      } else {
-        let domain2;
-        try {
-          domain2 = new URL(session.url).hostname;
-        } catch {
-          domain2 = session.domain;
-        }
-        try {
-          const html = await getPageHtml(session.tabId);
-          if (html && typeof html === "string" && html.startsWith("<")) {
-            const { extractFromDOM: extractFromDOM2 } = await Promise.resolve().then(() => (init_extraction(), exports_extraction));
-            const { detectSearchForms: detectSearchForms2, isStructuredSearchForm: isStructuredSearchForm2 } = await Promise.resolve().then(() => (init_search_forms(), exports_search_forms));
-            const { inferSchema: inferSchema2 } = await Promise.resolve().then(() => (init_transform(), exports_transform));
-            const { inferEndpointSemantic: inferEndpointSemantic2 } = await Promise.resolve().then(() => (init_graph(), exports_graph));
-            const { templatizeQueryParams: templatizeQueryParams2 } = await init_execution().then(() => exports_execution);
-            const extracted = extractFromDOM2(html, `browse ${domain2}`);
-            const searchForms = detectSearchForms2(html);
-            const validForm = searchForms.find((s) => isStructuredSearchForm2(s));
-            if (extracted.data || validForm) {
-              const urlTemplate = templatizeQueryParams2(session.url);
-              const ep = {
-                endpoint_id: nanoid8(),
-                method: "GET",
-                url_template: urlTemplate,
-                idempotency: "safe",
-                verification_status: "verified",
-                reliability_score: extracted.confidence ?? 0.7,
-                description: validForm ? `Search form for ${domain2}` : `Page content from ${domain2}`,
-                response_schema: extracted.data ? inferSchema2([extracted.data]) : undefined,
-                dom_extraction: {
-                  extraction_method: extracted.extraction_method ?? "repeated-elements",
-                  confidence: extracted.confidence ?? 0.7,
-                  ...extracted.selector ? { selector: extracted.selector } : {},
-                  ...validForm ? { search_form: validForm } : {}
-                },
-                trigger_url: session.url
-              };
-              ep.semantic = inferEndpointSemantic2(ep, {
-                sampleResponse: extracted.data,
-                observedAt: new Date().toISOString(),
-                sampleRequestUrl: session.url
-              });
-              const existing = findExistingSkillForDomain(domain2);
-              const allEps = existing ? mergeEndpoints(existing.endpoints, [ep]) : [ep];
-              for (const e of allEps) {
-                if (!e.description)
-                  e.description = generateLocalDescription(e);
-              }
-              const skill = {
-                skill_id: existing?.skill_id ?? nanoid8(),
-                version: "1.0.0",
-                schema_version: "1",
-                lifecycle: "active",
-                execution_type: "http",
-                created_at: existing?.created_at ?? new Date().toISOString(),
-                updated_at: new Date().toISOString(),
-                name: domain2,
-                intent_signature: `browse ${domain2}`,
-                domain: domain2,
-                description: `DOM skill for ${domain2}`,
-                owner_type: "agent",
-                endpoints: allEps,
-                intents: [...new Set([...existing?.intents ?? [], `browse ${domain2}`])]
-              };
-              const ck = buildResolveCacheKey(domain2, `browse ${domain2}`, session.url);
-              const sk = scopedCacheKey("global", ck);
-              writeSkillSnapshot(sk, skill);
-              const dk = getDomainReuseKey(session.url ?? domain2);
-              if (dk) {
-                domainSkillCache.set(dk, { skillId: skill.skill_id, localSkillPath: snapshotPathForCacheKey(sk), ts: Date.now() });
-                persistDomainCache();
-              }
-              try {
-                cachePublishedSkill(skill);
-              } catch {}
-              invalidateRouteCacheForDomain(domain2);
-              console.log(`[close] ${domain2}: DOM endpoint created (form=${!!validForm})`);
-            }
-          }
-        } catch (err) {
-          console.log(`[close] DOM fallback failed: ${err instanceof Error ? err.message : err}`);
-        }
-      }
+    const { expression } = req.body;
+    if (!expression)
+      return reply.code(400).send({ error: "expression required" });
+    const { result } = await withRecoveredBrowseSession(browseSessions, exports_client, injectInterceptor, async (session) => evaluate(session.tabId, expression), (result2) => isRecoverableBrowseFailure(result2));
+    return reply.send({ result });
+  });
+  app.post("/v1/browse/back", async (_req, reply) => {
+    await withRecoveredBrowseSession(browseSessions, exports_client, injectInterceptor, async (session) => {
+      await goBack(session.tabId);
+      return true;
+    });
+    return reply.send({ ok: true });
+  });
+  app.post("/v1/browse/forward", async (_req, reply) => {
+    await withRecoveredBrowseSession(browseSessions, exports_client, injectInterceptor, async (session) => {
+      await goForward(session.tabId);
+      return true;
+    });
+    return reply.send({ ok: true });
+  });
+  app.post("/v1/browse/sync", async (_req, reply) => {
+    const session = browseSessions.get("default");
+    if (!session)
+      return reply.send({ ok: false, error: "no active session" });
+    const syncResult = await flushBrowseCapture(session);
+    await restartBrowseCapture(session);
+    return reply.send({
+      ok: true,
+      tab_id: session.tabId,
+      indexed: syncResult.indexed,
+      mode: syncResult.mode,
+      domain: syncResult.domain,
+      skill_id: syncResult.skill_id,
+      endpoint_count: syncResult.endpoint_count,
+      endpoints: syncResult.endpoints,
+      request_count: syncResult.request_count
+    });
+  });
+  app.post("/v1/browse/close", async (_req, reply) => {
+    const session = browseSessions.get("default");
+    if (!session)
+      return reply.send({ ok: true, message: "no active session" });
+    if (session.domain) {
+      await authProfileSave(session.tabId, session.domain).catch(() => {});
     }
-    passiveIndexFromRequests(allRequests, session.url);
+    const syncResult = await flushBrowseCapture(session, { queueBackgroundPublish: true });
     await closeTab(session.tabId).catch(() => {});
     browseSessions.delete("default");
-    return reply.send({ ok: true, indexed: true, auth_saved: session.domain || null });
+    return reply.send({
+      ok: true,
+      indexed: syncResult.indexed,
+      mode: syncResult.mode,
+      endpoint_count: syncResult.endpoint_count,
+      request_count: syncResult.request_count,
+      background_publish_queued: syncResult.background_publish_queued,
+      auth_saved: session.domain || null
+    });
   });
 }
 function saveTrace(trace) {
@@ -17642,6 +19190,9 @@ var init_routes = __esm(async () => {
   init_ratelimit();
   init_graph();
   init_session_logs();
+  init_agent_outcome();
+  init_browse_session();
+  init_browse_submit();
   await __promiseAll([
     init_indexer(),
     init_vault(),
@@ -17649,7 +19200,8 @@ var init_routes = __esm(async () => {
     init_orchestrator(),
     init_execution(),
     init_auth(),
-    init_indexer()
+    init_indexer(),
+    init_browse_index()
   ]);
   BETA_API_URL = process.env.UNBROWSE_BACKEND_URL || "https://beta-api.unbrowse.ai";
   TRACES_DIR = process.env.TRACES_DIR ?? join12(process.cwd(), "traces");
@@ -17730,6 +19282,7 @@ var init_server = __esm(async () => {
 
 // ../../src/cli.ts
 import { config as loadEnv } from "dotenv";
+import { spawn as spawn3 } from "child_process";
 
 // ../../src/client/index.ts
 init_cascade();
@@ -17765,9 +19318,15 @@ function getConfigDir() {
 function getConfigPath() {
   return join(getConfigDir(), "config.json");
 }
+function getInstallTelemetryPath() {
+  return join(getConfigDir(), "install-state.json");
+}
 function sanitizeProfileName(value) {
   return value.trim().replace(/[^a-zA-Z0-9._-]+/g, "-").replace(/^-+|-+$/g, "");
 }
+function getActiveProfile() {
+  return PROFILE_NAME || "default";
+}
 function loadConfig() {
   try {
     const configPath = getConfigPath();
@@ -17784,6 +19343,120 @@ function saveConfig(config) {
     mkdirSync(configDir, { recursive: true });
   writeFileSync(configPath, JSON.stringify(config, null, 2), { mode: 384 });
 }
+function loadInstallTelemetryState() {
+  try {
+    const statePath = getInstallTelemetryPath();
+    if (existsSync(statePath)) {
+      return JSON.parse(readFileSync(statePath, "utf-8"));
+    }
+  } catch {}
+  return null;
+}
+function saveInstallTelemetryState(state) {
+  const configDir = getConfigDir();
+  const statePath = getInstallTelemetryPath();
+  if (!existsSync(configDir))
+    mkdirSync(configDir, { recursive: true });
+  writeFileSync(statePath, JSON.stringify(state, null, 2), { mode: 384 });
+}
+function createInstallTelemetryState() {
+  return {
+    install_id: `install_${randomBytes(8).toString("hex")}`,
+    first_seen_at: new Date().toISOString()
+  };
+}
+function getOrCreateInstallTelemetryState() {
+  const existing = loadInstallTelemetryState();
+  if (existing?.install_id)
+    return existing;
+  const created = createInstallTelemetryState();
+  saveInstallTelemetryState(created);
+  return created;
+}
+function getInstallId() {
+  return getOrCreateInstallTelemetryState().install_id;
+}
+function detectTelemetryHostType() {
+  switch (detectHostEnvironment()) {
+    case "openai":
+      return "codex";
+    case "openclaw":
+      return "openclaw";
+    case "mcp":
+      return "mcp";
+    case "native":
+      return "native";
+    case "unknown":
+    default:
+      return "cli";
+  }
+}
+async function postTelemetry(path, body) {
+  if (LOCAL_ONLY)
+    return false;
+  try {
+    const key = getApiKey();
+    const res = await fetch(`${API_URL}${path}`, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        "Accept-Encoding": "gzip, deflate",
+        ...key ? { Authorization: `Bearer ${key}` } : {}
+      },
+      body: JSON.stringify(body)
+    });
+    return res.ok;
+  } catch {
+    return false;
+  }
+}
+async function ensureCliInstallTracked(hostType = detectTelemetryHostType()) {
+  const state = getOrCreateInstallTelemetryState();
+  if (state.cli_first_seen_reported_at)
+    return;
+  const createdAt = new Date().toISOString();
+  const ok = await postTelemetry("/v1/telemetry/install", {
+    install_id: state.install_id,
+    source: "cli-first-seen",
+    host_type: hostType,
+    skill: "unbrowse",
+    status: "installed",
+    created_at: createdAt,
+    properties: {
+      profile: getActiveProfile(),
+      first_seen_at: state.first_seen_at
+    }
+  });
+  if (!ok)
+    return;
+  state.cli_first_seen_reported_at = createdAt;
+  saveInstallTelemetryState(state);
+}
+async function recordInstallTelemetryEvent(source, options) {
+  const createdAt = options?.createdAt ?? new Date().toISOString();
+  await postTelemetry("/v1/telemetry/install", {
+    install_id: getInstallId(),
+    source,
+    host_type: options?.hostType ?? detectTelemetryHostType(),
+    skill: options?.skill ?? "unbrowse",
+    skill_version: options?.skillVersion,
+    status: options?.status ?? "installed",
+    created_at: createdAt,
+    properties: options?.properties
+  });
+}
+async function recordFunnelTelemetryEvent(name, options) {
+  const createdAt = options?.createdAt ?? new Date().toISOString();
+  await postTelemetry("/v1/telemetry/events", {
+    install_id: getInstallId(),
+    session_id: options?.sessionId,
+    name,
+    source: options?.source ?? "cli",
+    host_type: options?.hostType ?? detectTelemetryHostType(),
+    created_at: createdAt,
+    properties: options?.properties
+  });
+}
 var EMAIL_RE = /^[^\s@]+@[^\s@]+\.[^\s@]+$/i;
 function normalizeAgentEmail(value) {
   return value.trim().toLowerCase();
@@ -18068,6 +19741,12 @@ async function ensureRegistered(options) {
       tos_accepted_at: new Date().toISOString(),
       ...wallet
     });
+    await recordFunnelTelemetryEvent("registration_succeeded", {
+      source: "cli",
+      properties: {
+        prompt_for_email: options?.promptForEmail === true
+      }
+    });
     console.log(`Registered as ${name}. API key saved to ~/.unbrowse/config.json`);
   } catch (err) {
     console.warn(`Registration failed: ${err.message}`);
@@ -18286,7 +19965,7 @@ function buildDepsMetadata(pack, taskName) {
 // ../../src/runtime/local-server.ts
 init_paths();
 init_supervisor();
-import { openSync, readFileSync as readFileSync9, unlinkSync as unlinkSync2, writeFileSync as writeFileSync10 } from "node:fs";
+import { openSync, readFileSync as readFileSync10, unlinkSync as unlinkSync2, writeFileSync as writeFileSync10 } from "node:fs";
 import path6 from "node:path";
 import { spawn as spawn2 } from "node:child_process";
 async function isServerHealthy(baseUrl, timeoutMs = 2000) {
@@ -18316,7 +19995,7 @@ function isPidAlive(pid) {
 }
 function readPidState(pidFile) {
   try {
-    return JSON.parse(readFileSync9(pidFile, "utf-8"));
+    return JSON.parse(readFileSync10(pidFile, "utf-8"));
   } catch {
     return null;
   }
@@ -18335,7 +20014,7 @@ function deriveListenEnv(baseUrl) {
 function getVersion(metaUrl) {
   try {
     const root = getPackageRoot(metaUrl);
-    const pkg = JSON.parse(readFileSync9(path6.join(root, "package.json"), "utf-8"));
+    const pkg = JSON.parse(readFileSync10(path6.join(root, "package.json"), "utf-8"));
     return pkg.version ?? "unknown";
   } catch {
     return "unknown";
@@ -18470,7 +20149,26 @@ async function restartServer(baseUrl, metaUrl) {
 // ../../src/runtime/paths.ts
 import { existsSync as existsSync13, mkdirSync as mkdirSync11, realpathSync as realpathSync2 } from "node:fs";
 import path7 from "node:path";
+import { createRequire as createRequire3 } from "node:module";
 import { fileURLToPath as fileURLToPath3, pathToFileURL as pathToFileURL2 } from "node:url";
+function resolveSiblingEntrypoint2(metaUrl, basename) {
+  const file = fileURLToPath3(metaUrl);
+  return path7.join(path7.dirname(file), `${basename}${path7.extname(file) || ".js"}`);
+}
+function runtimeArgsForEntrypoint2(metaUrl, entrypoint) {
+  if (path7.extname(entrypoint) !== ".ts")
+    return [entrypoint];
+  if (process.versions.bun)
+    return [entrypoint];
+  try {
+    const req = createRequire3(metaUrl);
+    const tsxPkg = req.resolve("tsx/package.json");
+    const tsxLoader = path7.join(path7.dirname(tsxPkg), "dist", "loader.mjs");
+    if (existsSync13(tsxLoader))
+      return ["--import", pathToFileURL2(tsxLoader).href, entrypoint];
+  } catch {}
+  return ["--import", "tsx", entrypoint];
+}
 function isMainModule(metaUrl) {
   const entry = process.argv[1];
   if (!entry)
@@ -18519,26 +20217,11 @@ async function drainPendingPassivePublishes() {
 // ../../src/runtime/setup.ts
 init_paths();
 init_client();
+init_logger();
 import { execFileSync as execFileSync3 } from "node:child_process";
 import { existsSync as existsSync14, mkdirSync as mkdirSync12, writeFileSync as writeFileSync11 } from "node:fs";
 import os4 from "node:os";
 import path8 from "node:path";
-
-// ../../src/runtime/browser-host.ts
-function detectHostEnvironment() {
-  if (process.env.OPENCLAW_RUNTIME)
-    return "openclaw";
-  if (process.env.OPENAI_TOOL_RUNTIME)
-    return "openai";
-  if (process.env.MCP_SERVER_MODE)
-    return "mcp";
-  if (process.env.UNBROWSE_NATIVE)
-    return "native";
-  return "unknown";
-}
-
-// ../../src/runtime/setup.ts
-init_logger();
 function hasBinary(name) {
   const checker = process.platform === "win32" ? "where" : "which";
   try {
@@ -18664,7 +20347,7 @@ async function runSetup(options) {
   const skipWalletSetup = process.env.UNBROWSE_SKIP_WALLET_SETUP === "1";
   const lobsterInstalled = hasBinary("lobstercash") || existsSync14(path8.join(os4.homedir(), ".agents", "skills", "lobstercash", "SKILL.md"));
   if (!skipWalletSetup && !walletCheck.configured && lobsterInstalled) {
-    console.log("[unbrowse] lobster.cash skill detected but wallet not configured — running wallet setup...");
+    console.log("[unbrowse] Crossmint lobster.cash detected but wallet not configured — running wallet setup...");
     try {
       execFileSync3("npx", ["@crossmint/lobster-cli", "setup"], {
         stdio: "inherit",
@@ -18675,15 +20358,15 @@ async function runSetup(options) {
         console.log(`[unbrowse] wallet configured (${recheck.provider})`);
       }
     } catch {
-      console.warn("[unbrowse] lobster.cash wallet setup failed or was skipped — continuing without wallet");
+      console.warn("[unbrowse] Crossmint lobster.cash setup failed or was skipped — continuing without wallet");
     }
   }
   const finalWalletCheck = checkWalletConfigured();
   const wallet = {
     ...finalWalletCheck,
     lobster_installed: lobsterInstalled,
-    message: finalWalletCheck.configured ? `Wallet configured (${finalWalletCheck.provider})` : lobsterInstalled ? "lobster.cash installed but wallet not paired. Run: lobstercash setup" : "No wallet configured. Install lobster.cash for paid marketplace skills, or use indexing mode for free.",
-    install_hint: finalWalletCheck.configured ? undefined : lobsterInstalled ? "lobstercash setup" : "npx skills add https://github.com/Crossmint/lobstercash-cli-skills --global --yes"
+    message: finalWalletCheck.configured ? `Wallet configured (${finalWalletCheck.provider}). This address is the contributor truth: it is synced onto your agent profile, used for contributor payouts when your routes earn, and used for paid-route spending.` : lobsterInstalled ? "Crossmint lobster.cash is installed but not paired. Pair it now so this wallet address becomes your contributor payout target and your paid-route spending wallet. Run: npx @crossmint/lobster-cli setup" : "No wallet configured. Recommended for new installs: set up Crossmint lobster.cash so contributor payouts have a destination address and paid-route spending can clear automatically. Without it you stay in free indexing mode only.",
+    install_hint: finalWalletCheck.configured ? undefined : lobsterInstalled ? "npx @crossmint/lobster-cli setup" : "npx @crossmint/lobster-cli setup"
   };
   return {
     os: {
@@ -18756,6 +20439,23 @@ function info(msg) {
   process.stderr.write(`[unbrowse] ${msg}
 `);
 }
+function resolveResultError(result) {
+  return result.result?.error ?? result.error;
+}
+function resolveLoginUrl(result, fallbackUrl) {
+  return result.result?.login_url ?? fallbackUrl ?? "";
+}
+function hasIndexingFallback(result) {
+  return result.result?.indexing_fallback_available === true;
+}
+function isResolveSuccessResult(result) {
+  const resultObj = result.result;
+  if (resolveResultError(result))
+    return false;
+  if (resultObj?.status === "browse_session_open")
+    return false;
+  return !!result.result || Array.isArray(result.available_endpoints);
+}
 async function withPendingNotice(promise, message, delayMs = 3000) {
   let done = false;
   const timer = setTimeout(() => {
@@ -18794,101 +20494,252 @@ function slimTrace(obj) {
     out.result = obj.result;
   if (obj.available_endpoints)
     out.available_endpoints = obj.available_endpoints;
+  if (obj.impact)
+    out.impact = obj.impact;
+  if (obj.next_actions)
+    out.next_actions = obj.next_actions;
+  if (obj.next_step)
+    out.next_step = obj.next_step;
   if (obj.source)
     out.source = obj.source;
   if (obj.skill)
     out.skill = obj.skill;
   return out;
 }
+function formatSavedDuration(ms) {
+  if (ms >= 60000)
+    return `${(ms / 60000).toFixed(1)}m`;
+  if (ms >= 1e4)
+    return `${Math.round(ms / 1000)}s`;
+  if (ms >= 1000)
+    return `${(ms / 1000).toFixed(1)}s`;
+  return `${ms}ms`;
+}
+function emitImpactSummary(result) {
+  const impact = result.impact;
+  if (!impact)
+    return;
+  const timeSavedMs = typeof impact.time_saved_ms === "number" ? impact.time_saved_ms : 0;
+  const tokensSaved = typeof impact.tokens_saved === "number" ? impact.tokens_saved : 0;
+  const timeSavedPct = typeof impact.time_saved_pct === "number" ? impact.time_saved_pct : 0;
+  const tokensSavedPct = typeof impact.tokens_saved_pct === "number" ? impact.tokens_saved_pct : 0;
+  const browserAvoided = impact.browser_avoided === true;
+  if (timeSavedMs <= 0 && tokensSaved <= 0 && !browserAvoided)
+    return;
+  const parts = [];
+  if (timeSavedMs > 0)
+    parts.push(`${formatSavedDuration(timeSavedMs)} saved (${timeSavedPct}% faster)`);
+  if (tokensSaved > 0)
+    parts.push(`${tokensSaved.toLocaleString("en-US")} tokens saved (${tokensSavedPct}% less context)`);
+  if (browserAvoided)
+    parts.push("browser avoided");
+  info(parts.join(" \u2022 "));
+}
+function emitNextActionSummary(result) {
+  const nextActions = Array.isArray(result.next_actions) ? result.next_actions : [];
+  if (nextActions.length === 0)
+    return;
+  info("Likely next actions:");
+  for (const action2 of nextActions.slice(0, 3)) {
+    const command = typeof action2.command === "string" ? action2.command : "";
+    const title = typeof action2.title === "string" ? action2.title : action2.endpoint_id ?? "next step";
+    const why = typeof action2.why === "string" ? action2.why : "";
+    info(`  ${command || title}${why ? `  # ${why}` : ""}`);
+  }
+}
 async function cmdHealth(flags) {
   output(await api3("GET", "/health"), !!flags.pretty);
 }
+function telemetryDomainFromInput(domain, url) {
+  if (domain?.trim())
+    return domain.trim().replace(/^www\./, "");
+  if (!url?.trim())
+    return null;
+  try {
+    return new URL(url).hostname.replace(/^www\./, "");
+  } catch {
+    return null;
+  }
+}
 async function cmdResolve(flags) {
   const intent = flags.intent;
   if (!intent)
     die("--intent is required");
-  const body = { intent };
-  const url = flags.url;
-  const domain = flags.domain;
-  const explicitEndpointId = flags["endpoint-id"];
-  const autoExecute = !!flags.execute;
-  const extraParams = flags.params ? JSON.parse(flags.params) : {};
-  if (url) {
-    body.params = { url };
-    body.context = { url };
-  }
-  if (domain) {
-    body.context = { ...body.context ?? {}, domain };
-  }
-  if (explicitEndpointId) {
-    body.params = { ...body.params ?? {}, endpoint_id: explicitEndpointId };
-  }
-  if (flags.params) {
-    body.params = { ...body.params ?? {}, ...extraParams };
-  }
-  if (flags["dry-run"])
-    body.dry_run = true;
-  if (flags["force-capture"])
-    body.force_capture = true;
-  body.projection = { raw: true };
-  function execBody(endpointId) {
-    return { params: { endpoint_id: endpointId, ...extraParams }, intent, projection: { raw: true } };
-  }
-  function resolveSkillId() {
-    return result.skill?.skill_id ?? result.skill_id;
-  }
-  const startedAt = Date.now();
-  let result = await withPendingNotice(api3("POST", "/v1/intent/resolve", body), "Still working. First-time capture/indexing for a site can take 20-80s. Waiting is usually better than falling back.");
-  const resultError = result.result?.error ?? result.error;
-  if (resultError === "auth_required") {
-    const loginUrl = result.result?.login_url ?? url ?? "";
-    if (loginUrl) {
-      info("Site requires authentication. Opening browser for login...");
-      try {
-        await api3("POST", "/v1/auth/login", { url: loginUrl });
-        info("Login complete. Retrying...");
-        result = await withPendingNotice(api3("POST", "/v1/intent/resolve", body), "Retrying after login...");
-      } catch (err) {
-        die(`Login failed: ${err.message}. Run: unbrowse login --url "${loginUrl}"`);
+  const hostType = detectTelemetryHostType();
+  await ensureCliInstallTracked(hostType);
+  await recordFunnelTelemetryEvent("cli_invoked", {
+    source: "cli",
+    hostType,
+    properties: { command: "resolve" }
+  });
+  await recordFunnelTelemetryEvent("resolve_started", {
+    source: "cli",
+    hostType,
+    properties: {
+      command: "resolve",
+      intent,
+      domain: telemetryDomainFromInput(flags.domain, flags.url),
+      url: typeof flags.url === "string" ? flags.url : null,
+      has_url: typeof flags.url === "string",
+      has_domain: typeof flags.domain === "string",
+      auto_execute: !!flags.execute
+    }
+  });
+  try {
+    let execBody = function(endpointId) {
+      return { params: { endpoint_id: endpointId, ...extraParams }, intent, projection: { raw: true } };
+    }, resolveSkillId = function() {
+      return result.skill?.skill_id ?? result.skill_id;
+    };
+    const body = { intent };
+    const url = flags.url;
+    const domain = flags.domain;
+    const explicitEndpointId = flags["endpoint-id"];
+    const autoExecute = !!flags.execute;
+    const extraParams = flags.params ? JSON.parse(flags.params) : {};
+    if (url) {
+      body.params = { url };
+      body.context = { url };
+    }
+    if (domain) {
+      body.context = { ...body.context ?? {}, domain };
+    }
+    if (explicitEndpointId) {
+      body.params = { ...body.params ?? {}, endpoint_id: explicitEndpointId };
+    }
+    if (flags.params) {
+      body.params = { ...body.params ?? {}, ...extraParams };
+    }
+    if (flags["dry-run"])
+      body.dry_run = true;
+    if (flags["force-capture"])
+      body.force_capture = true;
+    body.projection = { raw: true };
+    const startedAt = Date.now();
+    async function resolveOnce(message = "Still working. First-time capture/indexing for a site can take 20-80s. Waiting is usually better than falling back.") {
+      return withPendingNotice(api3("POST", "/v1/intent/resolve", body), message);
+    }
+    let result = await resolveOnce();
+    let attemptedForceCapture = !!body.force_capture;
+    let attemptedCookieImport = false;
+    let attemptedInteractiveLogin = false;
+    while (true) {
+      const resultError = resolveResultError(result);
+      if (resultError === "payment_required" && hasIndexingFallback(result) && url && !attemptedForceCapture) {
+        attemptedForceCapture = true;
+        body.force_capture = true;
+        info("Marketplace search is paid here. Falling back to free live capture on the exact URL...");
+        result = await resolveOnce("Running free live capture...");
+        continue;
+      }
+      if (resultError === "auth_required") {
+        const loginUrl = resolveLoginUrl(result, url);
+        if (!loginUrl)
+          break;
+        if (!attemptedCookieImport) {
+          attemptedCookieImport = true;
+          info("Site requires authentication. Trying browser cookie import first...");
+          const stealResult = await api3("POST", "/v1/auth/steal", { url: loginUrl });
+          const cookiesStored = typeof stealResult.cookies_stored === "number" ? stealResult.cookies_stored : Number(stealResult.cookies_stored ?? 0);
+          if (stealResult.success === true && cookiesStored > 0) {
+            info(`Imported ${cookiesStored} browser cookies. Retrying...`);
+            result = await resolveOnce("Retrying after browser cookie import...");
+            continue;
+          }
+        }
+        if (!attemptedInteractiveLogin) {
+          attemptedInteractiveLogin = true;
+          info("Site requires authentication. Opening browser for login...");
+          const loginResult = await api3("POST", "/v1/auth/login", { url: loginUrl });
+          if (loginResult.error || loginResult.success === false) {
+            const message = typeof loginResult.error === "string" ? loginResult.error : "interactive login did not produce a reusable session";
+            throw new Error(`Login failed: ${message}. Run: unbrowse login --url "${loginUrl}"`);
+          }
+          info("Login complete. Retrying...");
+          result = await resolveOnce("Retrying after login...");
+          continue;
+        }
       }
+      break;
     }
-  }
-  if (explicitEndpointId && result.available_endpoints) {
-    const skillId = resolveSkillId();
-    if (skillId) {
-      result = await withPendingNotice(api3("POST", `/v1/skills/${skillId}/execute`, execBody(explicitEndpointId)), "Executing selected endpoint...");
+    if (explicitEndpointId && result.available_endpoints) {
+      const skillId = resolveSkillId();
+      if (skillId) {
+        result = await withPendingNotice(api3("POST", `/v1/skills/${skillId}/execute`, execBody(explicitEndpointId)), "Executing selected endpoint...");
+      }
     }
-  }
-  if (autoExecute && result.available_endpoints && !result.result) {
-    const endpoints = result.available_endpoints;
-    const skillId = resolveSkillId();
-    if (skillId && endpoints.length > 0) {
-      const bestEndpoint = endpoints[0];
-      info(`Auto-executing endpoint: ${bestEndpoint.description ?? bestEndpoint.endpoint_id}`);
-      result = await withPendingNotice(api3("POST", `/v1/skills/${skillId}/execute`, execBody(bestEndpoint.endpoint_id)), "Executing best endpoint...");
+    if (autoExecute && result.available_endpoints && !result.result) {
+      const endpoints = result.available_endpoints;
+      const skillId = resolveSkillId();
+      if (skillId && endpoints.length > 0) {
+        const bestEndpoint = endpoints[0];
+        info(`Auto-executing endpoint: ${bestEndpoint.description ?? bestEndpoint.endpoint_id}`);
+        result = await withPendingNotice(api3("POST", `/v1/skills/${skillId}/execute`, execBody(bestEndpoint.endpoint_id)), "Executing best endpoint...");
+      }
     }
+    const resultObj = result.result;
+    if (resultObj?.status === "browse_session_open") {
+      info(`No cached API. Browser session open on ${resultObj.domain ?? resultObj.url}.`);
+      info(`Preferred flow: snap -> click/fill/eval -> submit -> sync -> close.`);
+      info(`Use these commands to get your data:`);
+      const commands = resultObj.commands ?? [
+        "unbrowse snap --filter interactive",
+        "unbrowse click <ref>",
+        "unbrowse fill <ref> <value>",
+        'unbrowse submit --wait-for "/next-step"',
+        "unbrowse sync",
+        "unbrowse close"
+      ];
+      for (const cmd of commands)
+        info(`  ${cmd}`);
+      info(`For JS-heavy forms: prefer real date/time clicks first, inspect hidden inputs with eval when needed, then submit.`);
+      info(`All traffic is being passively captured. Run "unbrowse close" when done.`);
+      output(slimTrace(result), !!flags.pretty);
+      return;
+    }
+    if (Date.now() - startedAt > 3000 && result.source === "live-capture") {
+      info("Live capture finished. Future runs against this site should be much faster.");
+    }
+    if (isResolveSuccessResult(result)) {
+      await recordFunnelTelemetryEvent("resolve_completed", {
+        source: "cli",
+        hostType,
+        properties: {
+          command: "resolve",
+          intent,
+          domain: telemetryDomainFromInput(domain, url),
+          url: url ?? null,
+          source: result.source,
+          auto_execute: autoExecute,
+          explicit_endpoint: explicitEndpointId ?? null
+        }
+      });
+    }
+    result = slimTrace(result);
+    emitImpactSummary(result);
+    emitNextActionSummary(result);
+    const skill = result.skill;
+    const trace = result.trace;
+    if (skill?.skill_id && trace) {
+      result._feedback = `unbrowse feedback --skill ${skill.skill_id} --endpoint ${trace.endpoint_id || "?"} --rating <1-5>`;
+    }
+    output(result, !!flags.pretty);
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error);
+    await recordFunnelTelemetryEvent("resolve_failed", {
+      source: "cli",
+      hostType,
+      properties: {
+        command: "resolve",
+        intent,
+        domain: telemetryDomainFromInput(flags.domain, flags.url),
+        url: typeof flags.url === "string" ? flags.url : null,
+        failure_stage: "resolve",
+        failure_reason: message
+      }
+    });
+    throw error;
   }
-  const resultObj = result.result;
-  if (resultObj?.status === "browse_session_open") {
-    info(`No cached API. Browser session open on ${resultObj.domain ?? resultObj.url}.`);
-    info(`Use these commands to get your data:`);
-    const commands = resultObj.commands ?? ["unbrowse snap --filter interactive", "unbrowse click <ref>", "unbrowse close"];
-    for (const cmd of commands)
-      info(`  ${cmd}`);
-    info(`All traffic is being passively captured. Run "unbrowse close" when done.`);
-    output(slimTrace(result), !!flags.pretty);
-    return;
-  }
-  if (Date.now() - startedAt > 3000 && result.source === "live-capture") {
-    info("Live capture finished. Future runs against this site should be much faster.");
-  }
-  result = slimTrace(result);
-  const skill = result.skill;
-  const trace = result.trace;
-  if (skill?.skill_id && trace) {
-    result._feedback = `unbrowse feedback --skill ${skill.skill_id} --endpoint ${trace.endpoint_id || "?"} --rating <1-5>`;
-  }
-  output(result, !!flags.pretty);
 }
 function drillPath(data, path9) {
   const segments = path9.split(/\./).flatMap((s) => {
@@ -18969,65 +20820,131 @@ async function cmdExecute(flags) {
   const skillId = flags.skill;
   if (!skillId)
     die("--skill is required");
-  const body = { params: {} };
-  if (flags.endpoint) {
-    body.params.endpoint_id = flags.endpoint;
-  }
-  if (flags.params) {
-    body.params = { ...body.params, ...JSON.parse(flags.params) };
-  }
-  if (flags.url) {
-    body.context_url = flags.url;
-    body.params.url = flags.url;
-  }
-  if (flags.intent)
-    body.intent = flags.intent;
-  if (flags["dry-run"])
-    body.dry_run = true;
-  if (flags["confirm-unsafe"])
-    body.confirm_unsafe = true;
-  body.projection = { raw: true };
-  let result = await withPendingNotice(api3("POST", `/v1/skills/${skillId}/execute`, body), "Still working. This endpoint may require browser replay or first-time auth/capture setup.");
-  result = slimTrace(result);
-  const pathFlag = flags.path;
-  const extractFlag = flags.extract;
-  const limitFlag = flags.limit ? Number(flags.limit) : undefined;
-  const schemaFlag = !!flags.schema;
-  const rawFlag = !!flags.raw;
-  if (schemaFlag && !rawFlag) {
-    const data = result.result;
-    output({ trace: result.trace, schema: schemaOf(data) }, !!flags.pretty);
-    return;
-  }
-  if (!rawFlag && (pathFlag || extractFlag || limitFlag)) {
-    let data = pathFlag ? drillPath(result.result, pathFlag) : result.result;
-    const items = Array.isArray(data) ? data : data != null ? [data] : [];
-    const extracted = extractFlag ? applyExtract(items, extractFlag) : items;
-    const limited = limitFlag ? extracted.slice(0, limitFlag) : extracted;
-    const trace = result.trace;
-    const out = { trace: result.trace, data: limited, count: limited.length };
-    if (trace?.skill_id && trace?.endpoint_id && limited.length > 0) {
-      out._review_hint = `After presenting results, improve this endpoint's description: unbrowse review --skill ${trace.skill_id} --endpoints '[{"endpoint_id":"${trace.endpoint_id}","description":"DESCRIBE WHAT THIS RETURNS","action_kind":"ACTION","resource_kind":"RESOURCE"}]'`;
+  const hostType = detectTelemetryHostType();
+  await ensureCliInstallTracked(hostType);
+  await recordFunnelTelemetryEvent("cli_invoked", {
+    source: "cli",
+    hostType,
+    properties: { command: "execute" }
+  });
+  await recordFunnelTelemetryEvent("resolve_started", {
+    source: "cli",
+    hostType,
+    properties: {
+      command: "execute",
+      intent: typeof flags.intent === "string" ? flags.intent : null,
+      domain: telemetryDomainFromInput(undefined, flags.url),
+      url: typeof flags.url === "string" ? flags.url : null,
+      skill_id: skillId,
+      endpoint_id: typeof flags.endpoint === "string" ? flags.endpoint : null
     }
-    output(out, !!flags.pretty);
-    return;
-  }
-  if (!rawFlag && !pathFlag && !extractFlag && !schemaFlag) {
-    const raw = JSON.stringify(result.result);
-    if (raw && raw.length > 2048) {
-      const schema = schemaOf(result.result);
+  });
+  try {
+    const body = { params: {} };
+    if (flags.endpoint) {
+      body.params.endpoint_id = flags.endpoint;
+    }
+    if (flags.params) {
+      body.params = { ...body.params, ...JSON.parse(flags.params) };
+    }
+    if (flags.url) {
+      body.context_url = flags.url;
+      body.params.url = flags.url;
+    }
+    if (flags.intent)
+      body.intent = flags.intent;
+    if (flags["dry-run"])
+      body.dry_run = true;
+    if (flags["confirm-unsafe"])
+      body.confirm_unsafe = true;
+    body.projection = { raw: true };
+    let result = await withPendingNotice(api3("POST", `/v1/skills/${skillId}/execute`, body), "Still working. This endpoint may require browser replay or first-time auth/capture setup.");
+    if (isResolveSuccessResult(result)) {
+      await recordFunnelTelemetryEvent("resolve_completed", {
+        source: "cli",
+        hostType,
+        properties: {
+          command: "execute",
+          intent: typeof flags.intent === "string" ? flags.intent : null,
+          domain: telemetryDomainFromInput(undefined, flags.url),
+          url: typeof flags.url === "string" ? flags.url : null,
+          skill_id: skillId,
+          endpoint_id: typeof flags.endpoint === "string" ? flags.endpoint : null
+        }
+      });
+    }
+    result = slimTrace(result);
+    emitImpactSummary(result);
+    emitNextActionSummary(result);
+    const pathFlag = flags.path;
+    const extractFlag = flags.extract;
+    const limitFlag = flags.limit ? Number(flags.limit) : undefined;
+    const schemaFlag = !!flags.schema;
+    const rawFlag = !!flags.raw;
+    if (schemaFlag && !rawFlag) {
+      const data = result.result;
       output({
         trace: result.trace,
-        extraction_hints: {
-          message: "Response is large. Use --path/--extract/--limit to filter, or --schema to see structure, or --raw for full response.",
-          schema_tree: schema,
-          response_bytes: raw.length
-        }
+        schema: schemaOf(data),
+        ...result.impact ? { impact: result.impact } : {},
+        ...result.next_actions ? { next_actions: result.next_actions } : {}
       }, !!flags.pretty);
       return;
     }
+    if (!rawFlag && (pathFlag || extractFlag || limitFlag)) {
+      const data = pathFlag ? drillPath(result.result, pathFlag) : result.result;
+      const items = Array.isArray(data) ? data : data != null ? [data] : [];
+      const extracted = extractFlag ? applyExtract(items, extractFlag) : items;
+      const limited = limitFlag ? extracted.slice(0, limitFlag) : extracted;
+      const trace = result.trace;
+      const out = {
+        trace: result.trace,
+        data: limited,
+        count: limited.length,
+        ...result.impact ? { impact: result.impact } : {},
+        ...result.next_actions ? { next_actions: result.next_actions } : {}
+      };
+      if (trace?.skill_id && trace?.endpoint_id && limited.length > 0) {
+        out._review_hint = `After presenting results, improve this endpoint's description: unbrowse review --skill ${trace.skill_id} --endpoints '[{"endpoint_id":"${trace.endpoint_id}","description":"DESCRIBE WHAT THIS RETURNS","action_kind":"ACTION","resource_kind":"RESOURCE"}]'`;
+      }
+      output(out, !!flags.pretty);
+      return;
+    }
+    if (!rawFlag && !pathFlag && !extractFlag && !schemaFlag) {
+      const raw = JSON.stringify(result.result);
+      if (raw && raw.length > 2048) {
+        const schema = schemaOf(result.result);
+        output({
+          trace: result.trace,
+          ...result.impact ? { impact: result.impact } : {},
+          ...result.next_actions ? { next_actions: result.next_actions } : {},
+          extraction_hints: {
+            message: "Response is large. Use --path/--extract/--limit to filter, or --schema to see structure, or --raw for full response.",
+            schema_tree: schema,
+            response_bytes: raw.length
+          }
+        }, !!flags.pretty);
+        return;
+      }
+    }
+    output(result, !!flags.pretty);
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error);
+    await recordFunnelTelemetryEvent("resolve_failed", {
+      source: "cli",
+      hostType,
+      properties: {
+        command: "execute",
+        intent: typeof flags.intent === "string" ? flags.intent : null,
+        domain: telemetryDomainFromInput(undefined, flags.url),
+        url: typeof flags.url === "string" ? flags.url : null,
+        skill_id: skillId,
+        failure_stage: "execute",
+        failure_reason: message
+      }
+    });
+    throw error;
   }
-  output(result, !!flags.pretty);
 }
 async function cmdFeedback(flags) {
   const skillId = flags.skill;
@@ -19096,7 +21013,53 @@ async function cmdSearch(flags) {
   const body = { intent, k: Number(flags.k) || 5 };
   if (domain)
     body.domain = domain;
-  output(await api3("POST", path9, body), !!flags.pretty);
+  const hostType = detectTelemetryHostType();
+  await ensureCliInstallTracked(hostType);
+  await recordFunnelTelemetryEvent("cli_invoked", {
+    source: "cli",
+    hostType,
+    properties: { command: "search" }
+  });
+  await recordFunnelTelemetryEvent("search_started", {
+    source: "cli",
+    hostType,
+    properties: {
+      command: "search",
+      intent,
+      domain: domain ?? null,
+      k: body.k
+    }
+  });
+  try {
+    const result = await api3("POST", path9, body);
+    const results = Array.isArray(result.results) ? result.results : [];
+    await recordFunnelTelemetryEvent("search_completed", {
+      source: "cli",
+      hostType,
+      properties: {
+        command: "search",
+        intent,
+        domain: domain ?? null,
+        k: body.k,
+        result_count: results.length
+      }
+    });
+    output(result, !!flags.pretty);
+  } catch (error) {
+    const message = error instanceof Error ? error.message : String(error);
+    await recordFunnelTelemetryEvent("search_failed", {
+      source: "cli",
+      hostType,
+      properties: {
+        command: "search",
+        intent,
+        domain: domain ?? null,
+        failure_stage: "search",
+        failure_reason: message
+      }
+    });
+    throw error;
+  }
 }
 async function cmdSessions(flags) {
   const domain = flags.domain;
@@ -19106,6 +21069,13 @@ async function cmdSessions(flags) {
   output(await api3("GET", `/v1/sessions/${domain}?limit=${limit}`), !!flags.pretty);
 }
 async function cmdSetup(flags) {
+  const hostType = detectTelemetryHostType();
+  await ensureCliInstallTracked(hostType);
+  await recordFunnelTelemetryEvent("cli_invoked", {
+    source: "setup",
+    hostType,
+    properties: { command: "setup" }
+  });
   info("Running setup checks");
   const report = await runSetup({
     cwd: process.cwd(),
@@ -19120,6 +21090,25 @@ async function cmdSetup(flags) {
   if (report.opencode.action === "installed" || report.opencode.action === "updated") {
     info(`Open Code command installed at ${report.opencode.command_file}`);
   }
+  await recordInstallTelemetryEvent("setup", {
+    hostType,
+    status: report.browser_engine.action === "failed" ? "failed" : "installed",
+    properties: {
+      browser_engine_action: report.browser_engine.action,
+      opencode_action: report.opencode.action,
+      no_start: !!flags["no-start"],
+      skip_browser: !!flags["skip-browser"]
+    }
+  });
+  await recordFunnelTelemetryEvent("setup_completed", {
+    source: "setup",
+    hostType,
+    properties: {
+      browser_engine_action: report.browser_engine.action,
+      opencode_action: report.opencode.action,
+      no_start: !!flags["no-start"]
+    }
+  });
   if (flags["no-start"]) {
     report.server = { started: false, skipped: true, base_url: BASE_URL };
     output(report, true);
@@ -19133,8 +21122,23 @@ async function cmdSetup(flags) {
   try {
     await ensureLocalServer(BASE_URL, false, import.meta.url);
     report.server = { started: true, base_url: BASE_URL };
+    await recordFunnelTelemetryEvent("server_autostart_succeeded", {
+      source: "setup",
+      hostType,
+      properties: {
+        base_url: BASE_URL
+      }
+    });
   } catch (error) {
     const message = error instanceof Error ? error.message : String(error);
+    await recordFunnelTelemetryEvent("server_autostart_failed", {
+      source: "setup",
+      hostType,
+      properties: {
+        failure_stage: "server_autostart",
+        failure_reason: message
+      }
+    });
     report.server = { started: false, error: message, base_url: BASE_URL };
     output(report, true);
     process.exit(1);
@@ -19146,6 +21150,7 @@ async function cmdSetup(flags) {
 var CLI_REFERENCE = {
   commands: [
     { name: "health", usage: "", desc: "Server health check" },
+    { name: "mcp", usage: "[--no-auto-start]", desc: "Run the stdio MCP server" },
     { name: "setup", usage: "[--opencode auto|global|project|off] [--no-start]", desc: "Bootstrap browser deps + Open Code command" },
     { name: "resolve", usage: '--intent "..." --url "..." [opts]', desc: "Resolve intent \u2192 search/capture/execute" },
     { name: "execute", usage: "--skill ID --endpoint ID [opts]", desc: "Execute a specific endpoint" },
@@ -19157,7 +21162,8 @@ var CLI_REFERENCE = {
     { name: "skill", usage: "<id>", desc: "Get skill details" },
     { name: "search", usage: '--intent "..." [--domain "..."]', desc: "Search marketplace" },
     { name: "sessions", usage: '--domain "..." [--limit N]', desc: "Debug session logs" },
-    { name: "go", usage: "<url>", desc: "Navigate browser to URL (passive indexing)" },
+    { name: "go", usage: "<url>", desc: "Open a live Kuri browser tab for capture-first workflows" },
+    { name: "submit", usage: "[--form-selector sel] [--submit-selector sel] [--wait-for hint]", desc: "Submit current form, auto-flush current capture, and fall back to same-origin rehydrate for JS-heavy flows" },
     { name: "snap", usage: "[--filter interactive]", desc: "A11y snapshot with @eN refs" },
     { name: "click", usage: "<ref>", desc: "Click element by ref (e.g. e5)" },
     { name: "fill", usage: "<ref> <value>", desc: "Fill input by ref" },
@@ -19172,6 +21178,7 @@ var CLI_REFERENCE = {
     { name: "eval", usage: "<expression>", desc: "Evaluate JavaScript" },
     { name: "back", usage: "", desc: "Navigate back" },
     { name: "forward", usage: "", desc: "Navigate forward" },
+    { name: "sync", usage: "", desc: "Flush the current step's captured traffic into route cache without closing tab" },
     { name: "close", usage: "", desc: "Close browse session, flush + index traffic" }
   ],
   globalFlags: [
@@ -19193,8 +21200,13 @@ var CLI_REFERENCE = {
   ],
   examples: [
     "unbrowse setup",
+    "unbrowse mcp",
     'unbrowse resolve --intent "top stories" --url "https://news.ycombinator.com" --execute',
     'unbrowse resolve --intent "get timeline" --url "https://x.com"',
+    'unbrowse go "https://www.mandai.com/en/ticketing/admission-and-rides/parks-selection.html"',
+    "unbrowse snap --filter interactive",
+    'unbrowse submit --wait-for "/time-selection.html"',
+    "unbrowse sync",
     "unbrowse execute --skill abc --endpoint def --pretty",
     "unbrowse execute --skill abc --endpoint def --schema --pretty",
     'unbrowse execute --skill abc --endpoint def --path "data.items[]" --extract "name,url" --limit 10 --pretty',
@@ -19227,6 +21239,8 @@ function printHelp() {
   for (const e of r.examples) {
     lines.push(`  ${e}`);
   }
+  lines.push("", "Browser workflow:", "  1. go -> open the live tab you want to work in", "  2. snap -> inspect refs and confirm the page state", "  3. click/fill/eval -> set real page state", "  4. submit -> prefer DOM submit; auto-flush current capture; fall back to same-origin rehydrate", "  5. sync -> flush any additional captured routes after a successful step", "  6. close -> finish capture + indexing");
+  lines.push("", "JS-heavy forms:", "  Prefer real calendar/time clicks before submit.", "  If the UI is flaky, inspect hidden inputs/cookies with eval, then submit the real form.");
   lines.push("");
   process.stderr.write(lines.join(`
 `));
@@ -19271,6 +21285,29 @@ async function cmdUpgrade(flags) {
     info(`Could not check for updates: ${err.message}`);
   }
 }
+async function cmdMcp(flags) {
+  const entrypoint = resolveSiblingEntrypoint2(import.meta.url, "mcp");
+  const child = spawn3(process.execPath, [...runtimeArgsForEntrypoint2(import.meta.url, entrypoint), ...flags["no-auto-start"] ? ["--no-auto-start"] : []], {
+    cwd: process.cwd(),
+    stdio: "inherit",
+    env: {
+      ...process.env,
+      MCP_SERVER_MODE: "1"
+    }
+  });
+  const code = await new Promise((resolve, reject) => {
+    child.once("error", reject);
+    child.once("exit", (exitCode, signal) => {
+      if (signal) {
+        process.kill(process.pid, signal);
+        return;
+      }
+      resolve(exitCode ?? 1);
+    });
+  });
+  if (code !== 0)
+    process.exit(code);
+}
 async function cmdSiteHelp(pack, flags) {
   if (flags.deps) {
     const graph = buildDepsGraph(pack);
@@ -19383,6 +21420,21 @@ async function cmdGo(args, flags) {
     die("Usage: unbrowse go <url>");
   output(await api3("POST", "/v1/browse/go", { url }), !!flags.pretty);
 }
+async function cmdSubmit(flags) {
+  const body = {};
+  if (typeof flags["form-selector"] === "string")
+    body.form_selector = flags["form-selector"];
+  if (typeof flags["submit-selector"] === "string")
+    body.submit_selector = flags["submit-selector"];
+  if (typeof flags["wait-for"] === "string")
+    body.wait_for = flags["wait-for"];
+  if (typeof flags["timeout-ms"] === "string")
+    body.timeout_ms = Number(flags["timeout-ms"]);
+  if (flags["same-origin-fetch-fallback"] !== undefined) {
+    body.same_origin_fetch_fallback = flags["same-origin-fetch-fallback"] !== "false";
+  }
+  output(await api3("POST", "/v1/browse/submit", body), !!flags.pretty);
+}
 async function cmdSnap(flags) {
   const filter = flags.filter;
   const result = await api3("POST", "/v1/browse/snap", { filter });
@@ -19462,6 +21514,9 @@ async function cmdBack() {
 async function cmdForward() {
   output(await api3("POST", "/v1/browse/forward"), false);
 }
+async function cmdSync(flags) {
+  output(await api3("POST", "/v1/browse/sync"), !!flags.pretty);
+}
 async function cmdClose() {
   output(await api3("POST", "/v1/browse/close"), false);
 }
@@ -19524,6 +21579,8 @@ async function main() {
     await cmdSetup(flags);
     return;
   }
+  if (command === "mcp")
+    return cmdMcp(flags);
   if (command === "status")
     return cmdStatus(flags);
   if (command === "stop") {
@@ -19538,6 +21595,7 @@ async function main() {
     return cmdConnectChrome();
   const KNOWN_COMMANDS = new Set([
     "health",
+    "mcp",
     "setup",
     "resolve",
     "execute",
@@ -19557,6 +21615,7 @@ async function main() {
     "upgrade",
     "update",
     "go",
+    "submit",
     "snap",
     "click",
     "fill",
@@ -19571,6 +21630,7 @@ async function main() {
     "eval",
     "back",
     "forward",
+    "sync",
     "close",
     "connect-chrome"
   ]);
@@ -19596,6 +21656,8 @@ async function main() {
   switch (command) {
     case "health":
       return cmdHealth(flags);
+    case "mcp":
+      return cmdMcp(flags);
     case "setup":
       return cmdSetup(flags);
     case "resolve":
@@ -19622,6 +21684,8 @@ async function main() {
       return cmdSessions(flags);
     case "go":
       return cmdGo(args, flags);
+    case "submit":
+      return cmdSubmit(flags);
     case "snap":
       return cmdSnap(flags);
     case "click":
@@ -19650,6 +21714,8 @@ async function main() {
       return cmdBack();
     case "forward":
       return cmdForward();
+    case "sync":
+      return cmdSync(flags);
     case "close":
       return cmdClose();
     case "connect-chrome":