npm - vibe-forge - Versions diffs - 0.4.0 → 0.8.1 - Mend

vibe-forge 0.4.0 → 0.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (129) hide show

package/.claude/commands/clear-attention.md +63 -63
package/.claude/commands/compact-context.md +52 -0
package/.claude/commands/configure-vcs.md +102 -102
package/.claude/commands/forge.md +218 -171
package/.claude/commands/need-help.md +77 -77
package/.claude/commands/update-status.md +64 -64
package/.claude/commands/worker-loop.md +106 -106
package/.claude/hooks/worker-loop.js +217 -187
package/.claude/scripts/setup-worker-loop.sh +45 -45
package/.claude/settings.json +89 -0
package/LICENSE +21 -21
package/README.md +253 -232
package/agents/aegis/personality.md +303 -269
package/agents/anvil/personality.md +278 -240
package/agents/architect/personality.md +260 -234
package/agents/crucible/personality.md +362 -309
package/agents/crucible-x/personality.md +210 -0
package/agents/ember/personality.md +293 -265
package/agents/flux/personality.md +248 -0
package/agents/furnace/personality.md +342 -291
package/agents/herald/personality.md +249 -247
package/agents/loki/personality.md +108 -0
package/agents/oracle/personality.md +284 -0
package/agents/pixel/personality.md +140 -0
package/agents/planning-hub/personality.md +473 -251
package/agents/scribe/personality.md +253 -251
package/agents/slag/personality.md +268 -0
package/agents/temper/personality.md +270 -0
package/bin/cli.js +372 -325
package/bin/dashboard/api/agents.js +333 -0
package/bin/dashboard/api/dispatch.js +507 -0
package/bin/dashboard/api/tasks.js +416 -0
package/bin/dashboard/public/assets/index-BpHfsx1r.js +2 -0
package/bin/dashboard/public/assets/index-QODv4Zn9.css +1 -0
package/bin/dashboard/public/index.html +14 -0
package/bin/dashboard/server.js +645 -0
package/bin/forge-daemon.sh +477 -851
package/bin/forge-setup.sh +661 -645
package/bin/forge-spawn.sh +164 -164
package/bin/forge.cmd +83 -83
package/bin/forge.sh +566 -387
package/bin/lib/agents.sh +177 -177
package/bin/lib/check-aliases.js +50 -0
package/bin/lib/colors.sh +44 -44
package/bin/lib/config.sh +347 -313
package/bin/lib/constants.sh +241 -206
package/bin/lib/daemon/budgets.sh +107 -0
package/bin/lib/daemon/dependencies.sh +146 -0
package/bin/lib/daemon/display.sh +128 -0
package/bin/lib/daemon/notifications.sh +273 -0
package/bin/lib/daemon/routing.sh +93 -0
package/bin/lib/daemon/state.sh +163 -0
package/bin/lib/daemon/sync.sh +103 -0
package/bin/lib/database.sh +357 -305
package/bin/lib/frontmatter.js +106 -0
package/bin/lib/heimdall-setup.js +113 -0
package/bin/lib/heimdall.js +265 -0
package/bin/lib/json.sh +264 -258
package/bin/lib/terminal.js +452 -446
package/bin/lib/util.sh +126 -126
package/bin/lib/vcs.js +349 -349
package/config/agent-manifest.yaml +237 -243
package/config/agents.json +207 -132
package/config/task-template.md +159 -87
package/config/task-types.yaml +111 -106
package/config/templates/handoff-template.md +40 -0
package/context/agent-overrides/README.md +41 -0
package/context/architecture.md +42 -0
package/context/modern-conventions.md +129 -129
package/context/project-context-template.md +122 -122
package/docs/agents.md +473 -409
package/docs/architecture.md +194 -162
package/docs/commands.md +451 -388
package/docs/security.md +195 -144
package/package.json +77 -50
package/.claude/settings.local.json +0 -33
package/agents/forge-master/capabilities.md +0 -144
package/agents/forge-master/context-template.md +0 -128
package/agents/forge-master/personality.md +0 -138
package/agents/sentinel/personality.md +0 -194
package/context/forge-state.yaml +0 -19
package/docs/TODO.md +0 -150
package/docs/getting-started.md +0 -243
package/docs/npm-publishing.md +0 -95
package/docs/workflows/README.md +0 -32
package/docs/workflows/azure-devops.md +0 -108
package/docs/workflows/bitbucket.md +0 -104
package/docs/workflows/git-only.md +0 -130
package/docs/workflows/gitea.md +0 -168
package/docs/workflows/github.md +0 -103
package/docs/workflows/gitlab.md +0 -105
package/docs/workflows.md +0 -454
package/tasks/completed/ARCH-001-duplicate-agent-config.md +0 -121
package/tasks/completed/ARCH-002-mixed-bash-node-implementation.md +0 -88
package/tasks/completed/ARCH-003-worker-loop-hook-duplication.md +0 -77
package/tasks/completed/ARCH-009-test-organization.md +0 -78
package/tasks/completed/ARCH-011-jq-vs-nodejs-json.md +0 -94
package/tasks/completed/ARCH-012-tmp-files-in-root.md +0 -71
package/tasks/completed/ARCH-013-exit-code-constants.md +0 -65
package/tasks/completed/ARCH-014-sed-incompatibility.md +0 -96
package/tasks/completed/ARCH-015-docs-todo-tracking.md +0 -83
package/tasks/completed/CLEAN-001.md +0 -38
package/tasks/completed/CLEAN-003.md +0 -47
package/tasks/completed/CLEAN-004.md +0 -56
package/tasks/completed/CLEAN-005.md +0 -75
package/tasks/completed/CLEAN-006.md +0 -47
package/tasks/completed/CLEAN-007.md +0 -34
package/tasks/completed/CLEAN-008.md +0 -49
package/tasks/completed/CLEAN-012.md +0 -58
package/tasks/completed/CLEAN-013.md +0 -45
package/tasks/completed/SEC-001-sql-injection-fix.md +0 -58
package/tasks/completed/SEC-002-notification-injection-fix.md +0 -45
package/tasks/completed/SEC-003-eval-injection-fix.md +0 -54
package/tasks/completed/SEC-004-pid-race-condition-fix.md +0 -49
package/tasks/completed/SEC-005-worker-loop-path-fix.md +0 -51
package/tasks/completed/SEC-006-eval-agent-names.md +0 -55
package/tasks/completed/SEC-007-spawn-escaping.md +0 -67
package/tasks/pending/ARCH-004-git-bash-detection-duplication.md +0 -72
package/tasks/pending/ARCH-005-missing-src-directory.md +0 -95
package/tasks/pending/ARCH-006-task-template-location.md +0 -64
package/tasks/pending/ARCH-007-daemon-monolith.md +0 -91
package/tasks/pending/ARCH-008-forge-master-vs-hub.md +0 -81
package/tasks/pending/ARCH-010-missing-index-files.md +0 -84
package/tasks/pending/CLEAN-002.md +0 -29
package/tasks/pending/CLEAN-009.md +0 -31
package/tasks/pending/CLEAN-010.md +0 -30
package/tasks/pending/CLEAN-011.md +0 -30
package/tasks/pending/CLEAN-014.md +0 -32
package/tasks/review/task-001.md +0 -78

package/bin/lib/database.sh CHANGED Viewed

@@ -1,305 +1,357 @@
-#!/usr/bin/env bash
-#
-# Vibe Forge - SQLite Database Operations
-# Handles daemon state persistence and agent status aggregation
-#
-# Database file location (set after FORGE_ROOT is known)
-FORGE_DB=""
-# =============================================================================
-# Security Functions
-# =============================================================================
-# Escape a string for safe use in SQLite queries
-# Escapes single quotes by doubling them (SQL standard)
-# Also removes null bytes and other dangerous characters
-db_escape() {
-    local input="$1"
-    # Remove null bytes
-    input="${input//$'\0'/}"
-    # Escape single quotes by doubling them
-    input="${input//\'/\'\'}"
-    # Remove backslashes that could escape quotes
-    input="${input//\\/}"
-    echo "$input"
-}
-# Validate that input contains only safe characters for identifiers
-# Returns 0 if safe, 1 if unsafe
-db_validate_identifier() {
-    local input="$1"
-    # Allow only alphanumeric, underscore, hyphen
-    if [[ "$input" =~ ^[a-zA-Z0-9_-]+$ ]]; then
-        return 0
-    fi
-    return 1
-}
-# =============================================================================
-# Database Initialization
-# =============================================================================
-# Require FORGE_DB to be set before database operations
-# Call this at the start of database functions that need the path
-# Usage: db_require_init || return 1
-db_require_init() {
-    if [[ -z "$FORGE_DB" ]]; then
-        echo "Error: FORGE_DB not set. Set FORGE_DB path before calling database functions." >&2
-        return 1
-    fi
-    return 0
-}
-# Initialize the database with schema
-# Requires: FORGE_DB must be set before calling
-db_init() {
-    db_require_init || return 1
-    local db_dir
-    db_dir=$(dirname "$FORGE_DB")
-    # Create directory if needed
-    mkdir -p "$db_dir"
-    chmod 700 "$db_dir"
-    # Create tables if they don't exist
-    sqlite3 "$FORGE_DB" <<'SQL'
--- Daemon configuration (single row)
-CREATE TABLE IF NOT EXISTS daemon_config (
-    id INTEGER PRIMARY KEY CHECK (id = 1),
-    state TEXT DEFAULT 'idle',
-    poll_interval_ms INTEGER DEFAULT 5000,
-    last_activity_at TEXT,
-    updated_at TEXT DEFAULT CURRENT_TIMESTAMP
-);
--- Polling presets
-CREATE TABLE IF NOT EXISTS poll_presets (
-    state TEXT PRIMARY KEY,
-    interval_ms INTEGER NOT NULL
-);
--- Insert default presets if not exist
-INSERT OR IGNORE INTO poll_presets (state, interval_ms) VALUES
-    ('active', 5000),
-    ('idle', 30000),
-    ('stopped', 60000);
--- Initialize daemon_config if empty
-INSERT OR IGNORE INTO daemon_config (id, state, poll_interval_ms)
-VALUES (1, 'idle', 30000);
--- Agent status (aggregated from JSON files)
-CREATE TABLE IF NOT EXISTS agent_status (
-    agent TEXT PRIMARY KEY,
-    status TEXT DEFAULT 'unknown',
-    task TEXT,
-    message TEXT,
-    updated_at TEXT,
-    file_mtime INTEGER DEFAULT 0
-);
--- Status history for metrics (optional, pruned periodically)
-CREATE TABLE IF NOT EXISTS status_history (
-    id INTEGER PRIMARY KEY AUTOINCREMENT,
-    agent TEXT NOT NULL,
-    status TEXT NOT NULL,
-    task TEXT,
-    recorded_at TEXT DEFAULT CURRENT_TIMESTAMP
-);
--- Index for history queries
-CREATE INDEX IF NOT EXISTS idx_history_agent ON status_history(agent);
-CREATE INDEX IF NOT EXISTS idx_history_recorded ON status_history(recorded_at);
-SQL
-    # Set secure permissions on database file
-    chmod 600 "$FORGE_DB" 2>/dev/null || true
-}
-# =============================================================================
-# Daemon State Operations
-# =============================================================================
-# Get current daemon state (active/idle/stopped)
-db_get_daemon_state() {
-    db_require_init || return 1
-    sqlite3 "$FORGE_DB" "SELECT state FROM daemon_config WHERE id = 1;"
-}
-# Set daemon state and update poll interval accordingly
-db_set_daemon_state() {
-    db_require_init || return 1
-    local new_state="$1"
-    local interval
-    # SECURITY: Validate state is a known value
-    case "$new_state" in
-        active|idle|stopped) ;;
-        *)
-            echo "Invalid daemon state: $new_state" >&2
-            return 1
-            ;;
-    esac
-    # Get interval for this state from presets (safe - validated above)
-    interval=$(sqlite3 "$FORGE_DB" "SELECT interval_ms FROM poll_presets WHERE state = '$new_state';")
-    interval="${interval:-30000}"
-    sqlite3 "$FORGE_DB" <<SQL
-UPDATE daemon_config
-SET state = '$new_state',
-    poll_interval_ms = $interval,
-    updated_at = datetime('now')
-WHERE id = 1;
-SQL
-}
-# Get current poll interval in milliseconds
-db_get_poll_interval_ms() {
-    sqlite3 "$FORGE_DB" "SELECT poll_interval_ms FROM daemon_config WHERE id = 1;"
-}
-# Update last activity timestamp
-db_touch_activity() {
-    sqlite3 "$FORGE_DB" <<SQL
-UPDATE daemon_config
-SET last_activity_at = datetime('now'),
-    updated_at = datetime('now')
-WHERE id = 1;
-SQL
-}
-# =============================================================================
-# Agent Status Operations
-# =============================================================================
-# Upsert agent status (from JSON file data)
-db_upsert_agent_status() {
-    db_require_init || return 1
-    local agent="$1"
-    local status="$2"
-    local task="$3"
-    local message="$4"
-    local updated_at="$5"
-    local file_mtime="$6"
-    # SECURITY: Escape all string inputs to prevent SQL injection
-    agent=$(db_escape "$agent")
-    status=$(db_escape "$status")
-    task=$(db_escape "$task")
-    message=$(db_escape "$message")
-    updated_at=$(db_escape "$updated_at")
-    # Validate file_mtime is numeric
-    if ! [[ "$file_mtime" =~ ^[0-9]+$ ]]; then
-        file_mtime=0
-    fi
-    sqlite3 "$FORGE_DB" <<SQL
-INSERT INTO agent_status (agent, status, task, message, updated_at, file_mtime)
-VALUES ('$agent', '$status', '$task', '$message', '$updated_at', $file_mtime)
-ON CONFLICT(agent) DO UPDATE SET
-    status = excluded.status,
-    task = excluded.task,
-    message = excluded.message,
-    updated_at = excluded.updated_at,
-    file_mtime = excluded.file_mtime;
-SQL
-}
-# Get stored mtime for an agent's status file
-db_get_agent_mtime() {
-    local agent="$1"
-    # SECURITY: Escape agent name to prevent SQL injection
-    agent=$(db_escape "$agent")
-    sqlite3 "$FORGE_DB" "SELECT file_mtime FROM agent_status WHERE agent = '$agent';" 2>/dev/null || echo "0"
-}
-# Get all agent statuses
-db_get_all_agent_statuses() {
-    sqlite3 -separator '|' "$FORGE_DB" <<SQL
-SELECT agent, status, task, message, updated_at
-FROM agent_status
-ORDER BY agent;
-SQL
-}
-# Get agents with specific status
-db_get_agents_by_status() {
-    local status="$1"
-    # SECURITY: Escape status to prevent SQL injection
-    status=$(db_escape "$status")
-    sqlite3 "$FORGE_DB" "SELECT agent FROM agent_status WHERE status = '$status';"
-}
-# Count active workers (status = 'working')
-db_count_active_workers() {
-    sqlite3 "$FORGE_DB" "SELECT COUNT(*) FROM agent_status WHERE status = 'working';"
-}
-# Delete stale agent status entries
-db_cleanup_stale_agents() {
-    local minutes="${1:-30}"
-    # SECURITY: Validate minutes is numeric to prevent SQL injection
-    if ! [[ "$minutes" =~ ^[0-9]+$ ]]; then
-        minutes=30
-    fi
-    sqlite3 "$FORGE_DB" <<SQL
-DELETE FROM agent_status
-WHERE updated_at < datetime('now', '-$minutes minutes');
-SQL
-}
-# =============================================================================
-# History Operations (for future metrics)
-# =============================================================================
-# Record status change in history
-db_record_status_history() {
-    local agent="$1"
-    local status="$2"
-    local task="$3"
-    # SECURITY: Escape all inputs to prevent SQL injection
-    agent=$(db_escape "$agent")
-    status=$(db_escape "$status")
-    task=$(db_escape "$task")
-    sqlite3 "$FORGE_DB" <<SQL
-INSERT INTO status_history (agent, status, task)
-VALUES ('$agent', '$status', '$task');
-SQL
-}
-# Prune old history entries (keep last N days)
-db_prune_history() {
-    local days="${1:-7}"
-    # SECURITY: Validate days is numeric to prevent SQL injection
-    if ! [[ "$days" =~ ^[0-9]+$ ]]; then
-        days=7
-    fi
-    sqlite3 "$FORGE_DB" <<SQL
-DELETE FROM status_history
-WHERE recorded_at < datetime('now', '-$days days');
-SQL
-}
-# =============================================================================
-# Utility Functions
-# =============================================================================
-# Check if database exists and is valid
-db_exists() {
-    [[ -n "$FORGE_DB" ]] && [[ -f "$FORGE_DB" ]] && sqlite3 "$FORGE_DB" "SELECT 1 FROM daemon_config LIMIT 1;" &>/dev/null
-}
-# Get database stats for debugging
-db_stats() {
-    db_require_init || return 1
-    echo "Database: $FORGE_DB"
-    echo "Agent count: $(sqlite3 "$FORGE_DB" "SELECT COUNT(*) FROM agent_status;")"
-    echo "History entries: $(sqlite3 "$FORGE_DB" "SELECT COUNT(*) FROM status_history;")"
-    echo "Current state: $(db_get_daemon_state)"
-    echo "Poll interval: $(db_get_poll_interval_ms)ms"
-}
+#!/usr/bin/env bash
+#
+# Vibe Forge - SQLite Database Operations
+# Handles daemon state persistence and agent status aggregation
+#
+# Database file location (set after FORGE_ROOT is known)
+FORGE_DB=""
+# =============================================================================
+# Security Functions
+# =============================================================================
+# Escape a string for safe use in SQLite queries
+# Escapes single quotes by doubling them (SQL standard)
+# Also removes null bytes and other dangerous characters
+db_escape() {
+    local input="$1"
+    # Remove null bytes
+    input="${input//$'\0'/}"
+    # Escape single quotes by doubling them
+    input="${input//\'/\'\'}"
+    # Remove backslashes that could escape quotes
+    input="${input//\\/}"
+    echo "$input"
+}
+# Validate that input contains only safe characters for identifiers
+# Returns 0 if safe, 1 if unsafe
+db_validate_identifier() {
+    local input="$1"
+    # Allow only alphanumeric, underscore, hyphen
+    if [[ "$input" =~ ^[a-zA-Z0-9_-]+$ ]]; then
+        return 0
+    fi
+    return 1
+}
+# =============================================================================
+# Database Initialization
+# =============================================================================
+# Require FORGE_DB to be set before database operations
+# Call this at the start of database functions that need the path
+# Usage: db_require_init || return 1
+db_require_init() {
+    if [[ -z "$FORGE_DB" ]]; then
+        echo "Error: FORGE_DB not set. Set FORGE_DB path before calling database functions." >&2
+        return 1
+    fi
+    return 0
+}
+# Check if sqlite3 is available; attempt install if missing
+db_require_sqlite3() {
+    if command -v sqlite3 &>/dev/null; then
+        return 0
+    fi
+    echo "sqlite3 not found. Attempting to install..." >&2
+    # Try platform-appropriate package manager
+    if command -v apt-get &>/dev/null; then
+        echo "Installing sqlite3 via apt (may require sudo password)..." >&2
+        sudo apt-get install -y sqlite3 2>/dev/null && command -v sqlite3 &>/dev/null && return 0
+    elif command -v brew &>/dev/null; then
+        echo "Installing sqlite3 via Homebrew..." >&2
+        brew install sqlite3 2>/dev/null && command -v sqlite3 &>/dev/null && return 0
+    elif command -v pacman &>/dev/null; then
+        echo "Installing sqlite via pacman (may require sudo password)..." >&2
+        sudo pacman -S --noconfirm sqlite 2>/dev/null && command -v sqlite3 &>/dev/null && return 0
+    elif command -v dnf &>/dev/null; then
+        echo "Installing sqlite via dnf (may require sudo password)..." >&2
+        sudo dnf install -y sqlite 2>/dev/null && command -v sqlite3 &>/dev/null && return 0
+    elif command -v winget &>/dev/null; then
+        echo "Installing SQLite via winget. You may see a UAC prompt; please approve it." >&2
+        winget install --id SQLite.SQLite -e --silent 2>/dev/null
+        # winget installs to Program Files but doesn't add to Git Bash PATH
+        local winget_sqlite="/c/Program Files/SQLite/sqlite3.exe"
+        if [[ -f "$winget_sqlite" ]]; then
+            export PATH="$PATH:/c/Program Files/SQLite"
+            command -v sqlite3 &>/dev/null && return 0
+        fi
+    elif command -v choco &>/dev/null; then
+        echo "Installing sqlite via Chocolatey. You may see a UAC prompt; please approve it." >&2
+        choco install sqlite -y 2>/dev/null && command -v sqlite3 &>/dev/null && return 0
+    fi
+    echo "ERROR: sqlite3 is required but could not be installed automatically." >&2
+    echo "Please install sqlite3 manually:" >&2
+    echo "  macOS:   brew install sqlite3" >&2
+    echo "  Ubuntu:  sudo apt-get install sqlite3" >&2
+    echo "  Fedora:  sudo dnf install sqlite" >&2
+    echo "  Windows: choco install sqlite" >&2
+    echo "           or: winget install SQLite.SQLite" >&2
+    echo "           (then add the install folder to your PATH)" >&2
+    return 1
+}
+# Initialize the database with schema
+# Requires: FORGE_DB must be set before calling
+db_init() {
+    db_require_init || return 1
+    db_require_sqlite3 || return 1
+    local db_dir
+    db_dir=$(dirname "$FORGE_DB")
+    # Create directory if needed
+    mkdir -p "$db_dir"
+    chmod 700 "$db_dir"
+    # Enable WAL mode for concurrent reads without blocking writes.
+    # WAL + NORMAL synchronous is the recommended pairing for local tooling:
+    # faster than DELETE+FULL while still durable against OS crashes.
+    sqlite3 "$FORGE_DB" "PRAGMA journal_mode=WAL; PRAGMA synchronous=NORMAL;"
+    # Create tables if they don't exist
+    sqlite3 "$FORGE_DB" <<'SQL'
+-- Daemon configuration (single row)
+CREATE TABLE IF NOT EXISTS daemon_config (
+    id INTEGER PRIMARY KEY CHECK (id = 1),
+    state TEXT DEFAULT 'idle',
+    poll_interval_ms INTEGER DEFAULT 5000,
+    last_activity_at TEXT,
+    updated_at TEXT DEFAULT CURRENT_TIMESTAMP
+);
+-- Polling presets
+CREATE TABLE IF NOT EXISTS poll_presets (
+    state TEXT PRIMARY KEY,
+    interval_ms INTEGER NOT NULL
+);
+-- Insert default presets if not exist
+INSERT OR IGNORE INTO poll_presets (state, interval_ms) VALUES
+    ('active', 5000),
+    ('idle', 30000),
+    ('stopped', 60000);
+-- Initialize daemon_config if empty
+INSERT OR IGNORE INTO daemon_config (id, state, poll_interval_ms)
+VALUES (1, 'idle', 30000);
+-- Agent status (aggregated from JSON files)
+CREATE TABLE IF NOT EXISTS agent_status (
+    agent TEXT PRIMARY KEY,
+    status TEXT DEFAULT 'unknown',
+    task TEXT,
+    message TEXT,
+    updated_at TEXT,
+    file_mtime INTEGER DEFAULT 0
+);
+-- Status history for metrics (optional, pruned periodically)
+CREATE TABLE IF NOT EXISTS status_history (
+    id INTEGER PRIMARY KEY AUTOINCREMENT,
+    agent TEXT NOT NULL,
+    status TEXT NOT NULL,
+    task TEXT,
+    recorded_at TEXT DEFAULT CURRENT_TIMESTAMP
+);
+-- Index for history queries
+CREATE INDEX IF NOT EXISTS idx_history_agent ON status_history(agent);
+CREATE INDEX IF NOT EXISTS idx_history_recorded ON status_history(recorded_at);
+SQL
+    # Set secure permissions on database file
+    chmod 600 "$FORGE_DB" 2>/dev/null || true
+}
+# =============================================================================
+# Daemon State Operations
+# =============================================================================
+# Get current daemon state (active/idle/stopped)
+db_get_daemon_state() {
+    db_require_init || return 1
+    sqlite3 "$FORGE_DB" "SELECT state FROM daemon_config WHERE id = 1;"
+}
+# Set daemon state and update poll interval accordingly
+db_set_daemon_state() {
+    db_require_init || return 1
+    local new_state="$1"
+    local interval
+    # SECURITY: Validate state is a known value
+    case "$new_state" in
+        active|idle|stopped) ;;
+        *)
+            echo "Invalid daemon state: $new_state" >&2
+            return 1
+            ;;
+    esac
+    # Get interval for this state from presets (safe - validated above)
+    interval=$(sqlite3 "$FORGE_DB" "SELECT interval_ms FROM poll_presets WHERE state = '$new_state';")
+    interval="${interval:-30000}"
+    sqlite3 "$FORGE_DB" <<SQL
+UPDATE daemon_config
+SET state = '$new_state',
+    poll_interval_ms = $interval,
+    updated_at = datetime('now')
+WHERE id = 1;
+SQL
+}
+# Get current poll interval in milliseconds
+db_get_poll_interval_ms() {
+    sqlite3 "$FORGE_DB" "SELECT poll_interval_ms FROM daemon_config WHERE id = 1;"
+}
+# Update last activity timestamp
+db_touch_activity() {
+    sqlite3 "$FORGE_DB" <<SQL
+UPDATE daemon_config
+SET last_activity_at = datetime('now'),
+    updated_at = datetime('now')
+WHERE id = 1;
+SQL
+}
+# =============================================================================
+# Agent Status Operations
+# =============================================================================
+# Upsert agent status (from JSON file data)
+db_upsert_agent_status() {
+    db_require_init || return 1
+    local agent="$1"
+    local status="$2"
+    local task="$3"
+    local message="$4"
+    local updated_at="$5"
+    local file_mtime="$6"
+    # SECURITY: Escape all string inputs to prevent SQL injection
+    agent=$(db_escape "$agent")
+    status=$(db_escape "$status")
+    task=$(db_escape "$task")
+    message=$(db_escape "$message")
+    updated_at=$(db_escape "$updated_at")
+    # Validate file_mtime is numeric
+    if ! [[ "$file_mtime" =~ ^[0-9]+$ ]]; then
+        file_mtime=0
+    fi
+    sqlite3 "$FORGE_DB" <<SQL
+INSERT INTO agent_status (agent, status, task, message, updated_at, file_mtime)
+VALUES ('$agent', '$status', '$task', '$message', '$updated_at', $file_mtime)
+ON CONFLICT(agent) DO UPDATE SET
+    status = excluded.status,
+    task = excluded.task,
+    message = excluded.message,
+    updated_at = excluded.updated_at,
+    file_mtime = excluded.file_mtime;
+SQL
+}
+# Get stored mtime for an agent's status file
+db_get_agent_mtime() {
+    local agent="$1"
+    # SECURITY: Escape agent name to prevent SQL injection
+    agent=$(db_escape "$agent")
+    sqlite3 "$FORGE_DB" "SELECT file_mtime FROM agent_status WHERE agent = '$agent';" 2>/dev/null || echo "0"
+}
+# Get all agent statuses
+db_get_all_agent_statuses() {
+    sqlite3 -separator '|' "$FORGE_DB" <<SQL
+SELECT agent, status, task, message, updated_at
+FROM agent_status
+ORDER BY agent;
+SQL
+}
+# Get agents with specific status
+db_get_agents_by_status() {
+    local status="$1"
+    # SECURITY: Escape status to prevent SQL injection
+    status=$(db_escape "$status")
+    sqlite3 "$FORGE_DB" "SELECT agent FROM agent_status WHERE status = '$status';"
+}
+# Count active workers (status = 'working')
+db_count_active_workers() {
+    sqlite3 "$FORGE_DB" "SELECT COUNT(*) FROM agent_status WHERE status = 'working';"
+}
+# Delete stale agent status entries
+db_cleanup_stale_agents() {
+    local minutes="${1:-30}"
+    # SECURITY: Validate minutes is numeric to prevent SQL injection
+    if ! [[ "$minutes" =~ ^[0-9]+$ ]]; then
+        minutes=30
+    fi
+    sqlite3 "$FORGE_DB" <<SQL
+DELETE FROM agent_status
+WHERE updated_at < datetime('now', '-$minutes minutes');
+SQL
+}
+# =============================================================================
+# History Operations (for future metrics)
+# =============================================================================
+# Record status change in history
+db_record_status_history() {
+    local agent="$1"
+    local status="$2"
+    local task="$3"
+    # SECURITY: Escape all inputs to prevent SQL injection
+    agent=$(db_escape "$agent")
+    status=$(db_escape "$status")
+    task=$(db_escape "$task")
+    sqlite3 "$FORGE_DB" <<SQL
+INSERT INTO status_history (agent, status, task)
+VALUES ('$agent', '$status', '$task');
+SQL
+}
+# Prune old history entries (keep last N days)
+db_prune_history() {
+    local days="${1:-7}"
+    # SECURITY: Validate days is numeric to prevent SQL injection
+    if ! [[ "$days" =~ ^[0-9]+$ ]]; then
+        days=7
+    fi
+    sqlite3 "$FORGE_DB" <<SQL
+DELETE FROM status_history
+WHERE recorded_at < datetime('now', '-$days days');
+SQL
+}
+# =============================================================================
+# Utility Functions
+# =============================================================================
+# Check if database exists and is valid
+db_exists() {
+    [[ -n "$FORGE_DB" ]] && [[ -f "$FORGE_DB" ]] && sqlite3 "$FORGE_DB" "SELECT 1 FROM daemon_config LIMIT 1;" &>/dev/null
+}
+# Get database stats for debugging
+db_stats() {
+    db_require_init || return 1
+    echo "Database: $FORGE_DB"
+    echo "Agent count: $(sqlite3 "$FORGE_DB" "SELECT COUNT(*) FROM agent_status;")"
+    echo "History entries: $(sqlite3 "$FORGE_DB" "SELECT COUNT(*) FROM status_history;")"
+    echo "Current state: $(db_get_daemon_state)"
+    echo "Poll interval: $(db_get_poll_interval_ms)ms"
+}