Merge remote-tracking branch 'origin/codex/production-intelligence-terminal' into codex/issue-17-sse-heartbeat

# Conflicts:
#	.env.example
#	README.md
#	crucix.config.mjs
#	test/fetch-utils.test.mjs

.env.example

@@ -1,4 +1,4 @@
-# Intelligence Terminal / Crucix configuration
+# Intelligence Terminal configuration
 # Copy to .env. Keep comments on separate lines; Docker env_file treats inline comments as values.
 
 # Server
@@ -6,8 +6,13 @@ PORT=3117
 REFRESH_INTERVAL_MINUTES=15
 AUTO_OPEN_BROWSER=false
 STALE_DATA_MAX_AGE_MINUTES=60
+STALE_ALERT_COOLDOWN_MINUTES=60
+DASHBOARD_URL=
 TERMINAL_ACTIONS_ENABLED=true
 SWEEP_TOKEN=
+SSE_HEARTBEAT_INTERVAL_MS=25000
+TERMINAL_ACTION_RATE_LIMIT_WINDOW_MS=60000
+TERMINAL_ACTION_RATE_LIMIT_MAX=10
 BRIEF_VERBOSITY=standard
 
 # LLM layer

README.md

@@ -1,8 +1,11 @@
 <div align="center">
 
-# Crucix
+# Intelligence Terminal
 
-**Your own intelligence terminal. 27 sources. One command. Zero cloud.**
+**Self-hosted intelligence dashboard. 27 open sources. Docker-first. No telemetry.**
+
+[![Gitea Repository](https://img.shields.io/badge/source-Gitea-609926?style=for-the-badge&logo=gitea&logoColor=white)](https://git.wilkensxl.de/MrSphay/intelligence-terminal)
+[![Docker Image](https://img.shields.io/badge/image-Gitea%20Registry-0b1220?style=for-the-badge&logo=docker&logoColor=white)](https://git.wilkensxl.de/MrSphay/-/packages/container/intelligence-terminal/latest)
 
 [![Node.js 22+](https://img.shields.io/badge/node-22%2B-brightgreen)](#quick-start)
 [![License: AGPL v3](https://img.shields.io/badge/license-AGPLv3-blue.svg)](LICENSE)
@@ -10,7 +13,7 @@
 [![Sources](https://img.shields.io/badge/OSINT%20sources-27-cyan)](#data-sources-27)
 [![Docker](https://img.shields.io/badge/docker-ready-blue?logo=docker)](#docker)
 
-![Crucix Dashboard](docs/dashboard.png)
+![Intelligence Terminal Dashboard](docs/dashboard.png)
 
 <details>
 <summary>More screenshots</summary>
@@ -29,18 +32,22 @@
 
 > **Supported deployment:** private home-server or lab deployment through Docker, Dockge, Pangolin, or local Node.js.
 > Runtime data stays in your configured `runs/` volume and API keys are operator-owned.
+> **Source:** [git.wilkensxl.de/MrSphay/intelligence-terminal](https://git.wilkensxl.de/MrSphay/intelligence-terminal)
+> Pull the image or clone the repository to run Intelligence Terminal on your own infrastructure.
 
-Crucix pulls satellite fire detection, flight tracking, radiation monitoring, satellite constellation tracking, economic indicators, live market prices, conflict data, sanctions lists, and social sentiment from 27 open-source intelligence feeds — in parallel, every 15 minutes — and renders everything on a single self-contained Jarvis-style dashboard.
+Intelligence Terminal pulls satellite fire detection, flight tracking, radiation monitoring, satellite constellation tracking, economic indicators, live market prices, conflict data, sanctions lists, and social sentiment from 27 open-source intelligence feeds in parallel, every 15 minutes, and renders everything on a single self-contained dashboard.
 
-Hook it up to an LLM and it becomes a **two-way intelligence assistant** — pushing multi-tier alerts to Telegram and Discord when something meaningful changes, responding to commands like `/brief` and `/sweep` from your phone, and generating actionable trade ideas grounded in real cross-domain data. Your own analyst that watches the world while you sleep.
+Hook it up to an LLM and it becomes a **two-way intelligence assistant**: pushing multi-tier alerts to Telegram and Discord when something meaningful changes, responding to commands like `/brief` and `/sweep` from your phone, and generating trade ideas grounded in real cross-domain data.
+
+Run it locally with Node.js or pull the published Docker image for a home-server deployment.
 
 No cloud. No telemetry. No subscriptions. Just `node server.mjs` and you're running.
 
 ## Token / Asset Warning
 
 > [!WARNING]
-> **Crucix has not launched any official token, coin, NFT, airdrop, presale, or other blockchain-based asset.**
-> Any token or digital asset using the Crucix name, logo, or branding is not affiliated with or endorsed by Crucix.
+> **Intelligence Terminal has not launched any official token, coin, NFT, airdrop, presale, or other blockchain-based asset.**
+> Any token or digital asset using the Intelligence Terminal or Crucix name, logo, or branding is not affiliated with or endorsed by this project.
 > Do not buy it, promote it, connect a wallet to claim it, sign transactions, or send funds based on third-party posts, DMs, or websites.
 
 ---
@@ -49,7 +56,7 @@ No cloud. No telemetry. No subscriptions. Just `node server.mjs` and you're runn
 
 Most of the world's real-time intelligence — satellite imagery, radiation levels, conflict events, economic indicators, flight tracking, maritime activity — is publicly available. It's just scattered across dozens of government APIs, research institutions, and open data feeds that nobody has time to check individually.
 
-Crucix brings it all into one place. Not behind a paywall, not locked in an enterprise platform, not requiring a security clearance. Just open data, aggregated and cross-correlated on your own machine, updated every 15 minutes.
+Intelligence Terminal brings it all into one place. Not behind a paywall, not locked in an enterprise platform, not requiring a security clearance. Just open data, aggregated and cross-correlated on your own machine, updated every 15 minutes.
 
 It was built for anyone who wants to understand what's actually happening in the world right now — researchers, journalists, traders, OSINT analysts, or just curious people who believe access to information shouldn't depend on your budget.
 
@@ -59,7 +66,7 @@ It was built for anyone who wants to understand what's actually happening in the
 
 ```bash
 # 1. Clone the repo
-git clone ssh://git@git.wilkensxl.de:2222/MrSphay/intelligence-terminal.git
+git clone https://git.wilkensxl.de/MrSphay/intelligence-terminal.git
 cd intelligence-terminal
 
 # 2. Install dependencies (just Express)
@@ -123,8 +130,13 @@ PORT=3117
 REFRESH_INTERVAL_MINUTES=15
 AUTO_OPEN_BROWSER=false
 STALE_DATA_MAX_AGE_MINUTES=60
+STALE_ALERT_COOLDOWN_MINUTES=60
+DASHBOARD_URL=https://intelligence.example.internal
 TERMINAL_ACTIONS_ENABLED=true
 SWEEP_TOKEN=
+SSE_HEARTBEAT_INTERVAL_MS=25000
+TERMINAL_ACTION_RATE_LIMIT_WINDOW_MS=60000
+TERMINAL_ACTION_RATE_LIMIT_MAX=10
 BRIEF_VERBOSITY=standard
 
 LLM_PROVIDER=openrouter
@@ -176,11 +188,70 @@ LLM_MODEL=your-model
 
 For Pangolin or another reverse proxy, forward HTTP traffic to `intelligence-terminal:3117` (or the `PORT` you set). Missing API keys do not crash sweeps; affected sources are reported as degraded in `/api/health`.
 
-The dashboard Terminal Actions panel can trigger `status`, `sweep`, and `brief` through `/api/action`. Leave `TERMINAL_ACTIONS_ENABLED=true` for a private home-server deployment. For an internet-exposed deployment, set `SWEEP_TOKEN` and pass it through trusted automation, or set `TERMINAL_ACTIONS_ENABLED=false` to disable browser-triggered actions. If you protect actions with `SWEEP_TOKEN`, the browser can send it from `localStorage.crucix_sweep_token`.
+#### Terminal Action Exposure
+
+`POST /api/action` and `POST /api/sweep` can trigger operational actions such as manual sweeps. The dashboard has a **SET TOKEN** control that stores your `SWEEP_TOKEN` in browser local storage and sends it as the `x-crucix-token` header; do not put action tokens in URLs.
+
+Recommended settings:
+
+| Deployment | Settings |
+| --- | --- |
+| Private local machine | `NODE_ENV=development`, optional `SWEEP_TOKEN`, optional `TERMINAL_ACTIONS_ENABLED=true`. Localhost can run actions without a token for development. |
+| Private LAN / Dockge | Set a strong `SWEEP_TOKEN`, keep `TERMINAL_ACTIONS_ENABLED=true`, expose only to trusted clients. |
+| Pangolin-authenticated reverse proxy | Set a strong `SWEEP_TOKEN`, keep Pangolin auth in front, use the dashboard **SET TOKEN** flow once per browser. |
+| Public internet | Do not expose Terminal Actions directly. If exposure is unavoidable, require `SWEEP_TOKEN`, keep proxy authentication enabled, lower `TERMINAL_ACTION_RATE_LIMIT_MAX`, and monitor server audit logs. |
+
+Action endpoints reject cross-origin POST origins, apply a small in-memory per-IP rate limit, and write sanitized audit lines without logging the token.
+
+When data remains stale past `STALE_DATA_MAX_AGE_MINUTES`, the server sends an operator alert through configured Telegram/Discord channels after failed or degraded sweep attempts. `STALE_ALERT_COOLDOWN_MINUTES` prevents repeated stale alerts from spamming every refresh interval. Set `DASHBOARD_URL` to the Pangolin/public URL you want included in those alerts.
+
+#### Memory And Prediction Loop
+
+Crucix stores longitudinal memory in `runs/intelligence.db` when the current Node.js build exposes `node:sqlite`. If SQLite is unavailable, the file is created as a harmless placeholder and `/api/health` reports the memory store as unavailable instead of failing the sweep.
+
+The memory layer persists:
+
+| Table | Purpose |
+| --- | --- |
+| `runs` | Sweep timestamps, source health counts, and delta direction summaries. |
+| `entities` | Stable entity IDs for recurring countries, regions, and locations. |
+| `events` | Stable event IDs for conflict, OSINT, urgent news, and new delta signals across sweeps. |
+| `predictions` | Trade/intelligence hypotheses with evidence, confidence, horizon, outcome state, and latest grading. |
+
+Query endpoints:
+
+```text
+GET /api/memory/search?q=iran&limit=25
+GET /api/memory/predictions?state=open&limit=25
+```
+
+Memory endpoints use the same operator authorization gate as Terminal Actions. The dashboard Terminal Actions panel includes a `Memory` action for a quick operator-facing view of recent events and prediction states.
+
+Retention, backup, and privacy expectations:
+
+- Treat `runs/intelligence.db` as operator data. It can contain source excerpts, headlines, generated hypotheses, and URLs from your configured feeds.
+- Back up `runs/` with the rest of your Dockge volume if you want longitudinal learning to survive container replacement.
+- Delete `runs/intelligence.db` to reset SQLite memory; the next sweep recreates the schema.
+- Do not commit `runs/` or `.env`. API credentials stay in `.env`; memory stores derived observations, not secrets.
+- If you expose the dashboard through a reverse proxy, protect Terminal Actions and memory queries behind your normal authentication boundary.
+
+#### Reverse Proxy SSE
+
+The dashboard receives live sweep updates from `GET /events` using Server-Sent Events. The server sends `retry: 10000` reconnect guidance and lightweight heartbeat comments every `SSE_HEARTBEAT_INTERVAL_MS` milliseconds so reverse proxies do not close an otherwise idle stream between 15-minute sweeps.
+
+Recommended proxy settings:
+
+| Proxy | Setting |
+| --- | --- |
+| Pangolin / Traefik-style frontends | Keep response streaming enabled and set idle timeouts above `SSE_HEARTBEAT_INTERVAL_MS`. |
+| Nginx | Disable proxy buffering for `/events`, keep `proxy_read_timeout` above the heartbeat interval, and preserve `Connection: keep-alive`. |
+| Cloudflare-style proxies | Keep the heartbeat below common idle cutoffs; the default 25s is intentionally conservative. |
+
+If you raise the heartbeat interval, keep it shorter than the lowest idle timeout in the proxy chain.
 
 #### Scenario Watchlist
 
-Crucix can track operator hypotheses across sweeps with a runtime scenario file at `runs/scenarios.json`. On first run, the server creates three disabled starter examples:
+Intelligence Terminal can track operator hypotheses across sweeps with a runtime scenario file at `runs/scenarios.json`. On first run, the server creates three disabled starter examples:
 
 - Middle East energy shock
 - Macro stress spillover
@@ -269,7 +340,7 @@ The server runs a sweep cycle every 15 minutes (configurable). Each cycle:
 6. Pushes update to all connected browsers via SSE
 
 ### Telegram Bot (Two-Way)
-Crucix doubles as an interactive Telegram bot. Beyond sending alerts, it responds to commands directly from your chat:
+Intelligence Terminal doubles as an interactive Telegram bot. Beyond sending alerts, it responds to commands directly from your chat:
 
 | Command | What It Does |
 |---------|-------------|
@@ -286,7 +357,7 @@ This requires `TELEGRAM_BOT_TOKEN` and `TELEGRAM_CHAT_ID` in `.env`. The bot pol
 
 ### Discord Bot (Two-Way)
 
-Crucix also supports Discord as a full-featured bot with slash commands and rich embed alerts. It mirrors the Telegram bot's capabilities with Discord-native formatting.
+Intelligence Terminal also supports Discord as a full-featured bot with slash commands and rich embed alerts. It mirrors the Telegram bot's capabilities with Discord-native formatting.
 
 | Command | What It Does |
 |---------|-------------|
@@ -301,7 +372,7 @@ Alerts are delivered as rich embeds with color-coded sidebars: red for FLASH, ye
 
 **Webhook fallback:** If you don't want to run a full bot, set `DISCORD_WEBHOOK_URL` instead. This enables one-way alerts (no slash commands) with zero dependencies — no `discord.js` needed.
 
-**Optional dependency:** The full bot requires `discord.js`. Install it with `npm install discord.js`. If it's not installed, Crucix automatically falls back to webhook-only mode.
+**Optional dependency:** The full bot requires `discord.js`. Install it with `npm install discord.js`. If it's not installed, Intelligence Terminal automatically falls back to webhook-only mode.
 
 ### Optional LLM Layer
 Connect cloud or local OpenAI-compatible LLM providers for enhanced analysis:
@@ -402,14 +473,14 @@ Alerts work with or without an LLM on both Telegram and Discord. With an LLM con
 
 ### Without Any Keys
 
-Crucix still works with zero API keys. 18+ sources require no authentication at all. Sources that need keys return structured errors and the rest of the sweep continues normally.
+Intelligence Terminal still works with zero API keys. 18+ sources require no authentication at all. Sources that need keys return structured errors and the rest of the sweep continues normally.
 
 ---
 
 ## Architecture
 
 ```
-crucix/
+intelligence-terminal/
 ├── server.mjs                 # Express dev server (SSE, auto-refresh, LLM, bot commands)
 ├── crucix.config.mjs          # Configuration with env var overrides + delta thresholds
 ├── diag.mjs                   # Diagnostic script — run if server fails to start
@@ -549,6 +620,9 @@ All settings are in `.env` with sensible defaults:
 |----------|---------|-------------|
 | `PORT` | `3117` | Dashboard server port |
 | `REFRESH_INTERVAL_MINUTES` | `15` | Auto-refresh interval |
+| `STALE_DATA_MAX_AGE_MINUTES` | `60` | Data age threshold for stale health state |
+| `STALE_ALERT_COOLDOWN_MINUTES` | `60` | Minimum time between repeated operator stale-data alerts |
+| `DASHBOARD_URL` | local URL | Dashboard URL included in operator alerts |
 | `LLM_PROVIDER` | disabled | `anthropic`, `openai`, `gemini`, `codex`, `openrouter`, `minimax`, `mistral`, or `grok` |
 | `LLM_API_KEY` | — | API key (not needed for codex) |
 | `LLM_MODEL` | per-provider default | Override model selection |
@@ -598,7 +672,7 @@ This tests every import one by one, checks your Node.js version, and verifies po
 
 **3. Check if port 3117 is already in use:**
 
-A previous Crucix instance may still be running in the background.
+A previous Intelligence Terminal instance may still be running in the background.
 
 ```powershell
 # Windows PowerShell
@@ -620,7 +694,7 @@ Then try starting again. You can also change the port by setting `PORT=3118` in
 ```bash
 node --version
 ```
-Crucix requires Node.js 22 or later. If you have an older version, download the latest LTS from [nodejs.org](https://nodejs.org/).
+Intelligence Terminal requires Node.js 22 or later. If you have an older version, download the latest LTS from [nodejs.org](https://nodejs.org/).
 
 ### Dashboard shows empty panels after first start
 
@@ -630,11 +704,11 @@ This is normal — the first sweep takes 30–60 seconds to query all 27 sources
 
 Expected behavior. Sources that require API keys will return structured errors if the key isn't set. The rest of the sweep continues normally. Check the Source Integrity section in the dashboard (or the server logs) to see which sources failed and why. The 3 most impactful free keys to add are `FRED_API_KEY`, `FIRMS_MAP_KEY`, and `EIA_API_KEY`.
 
-OpenSky can also return `HTTP 429` when its public hotspots are queried too aggressively. Crucix does not try to evade that limit. Instead, it surfaces the throttle/error in source health and preserves the most recent non-empty air traffic snapshot from `runs/` so the dashboard flight layer does not suddenly go blank on a throttled sweep.
+OpenSky can also return `HTTP 429` when its public hotspots are queried too aggressively. Intelligence Terminal does not try to evade that limit. Instead, it surfaces the throttle/error in source health and preserves the most recent non-empty air traffic snapshot from `runs/` so the dashboard flight layer does not suddenly go blank on a throttled sweep.
 
 ### Telegram bot not responding to commands
 
-Make sure both `TELEGRAM_BOT_TOKEN` and `TELEGRAM_CHAT_ID` are set in `.env`. The bot only responds to messages from the configured chat ID (security measure). You should see `[Crucix] Telegram alerts enabled` and `[Crucix] Bot command polling started` in the server logs on startup. If not, double-check your token with `curl https://api.telegram.org/bot<YOUR_TOKEN>/getMe`.
+Make sure both `TELEGRAM_BOT_TOKEN` and `TELEGRAM_CHAT_ID` are set in `.env`. The bot only responds to messages from the configured chat ID (security measure). You should see Telegram alert and bot polling startup lines in the server logs. If not, double-check your token with `curl https://api.telegram.org/bot<YOUR_TOKEN>/getMe`.
 
 ### Discord bot not responding to slash commands
 
@@ -665,15 +739,21 @@ To update them: run the dashboard, wait for a sweep to complete, then use your b
 
 ## Contributing
 
-Found a bug? Want to add a 28th source? PRs welcome. Each source is a standalone module in `apis/sources/` — just export a `briefing()` function that returns structured data and add it to the orchestrator in `apis/briefing.mjs`.
+Found a bug? Want to add a 28th source? PRs welcome. Each source is a standalone module in `apis/sources/` - just export a `briefing()` function that returns structured data and add it to the orchestrator in `apis/briefing.mjs`.
+
+If you find this useful, a star on the Gitea repository helps other operators find it too.
 
 For contribution guidelines, review expectations, and source-add rules, see `CONTRIBUTING.md`. For security reports, see `SECURITY.md`.
 
 ## Contact
 
-For bugs and feature requests, use the Gitea issues in this repository so discussion stays visible and actionable.
+For bugs, feature requests, and integration ideas, use the Gitea issue tracker so discussion stays visible and actionable:
 
-This fork keeps upstream Crucix attribution through the AGPL-3.0 license and commit history while documenting the supported private Gitea/Docker deployment path here.
+https://git.wilkensxl.de/MrSphay/intelligence-terminal/issues
+
+## Upstream And License
+
+Intelligence Terminal is an AGPL-3.0-only Crucix fork focused on Docker-first home-server operation, source health transparency, Gitea Registry delivery, and operator-owned deployments. Upstream project credit remains with the original Crucix project.
 
 ---
 

apis/briefing.mjs

@@ -59,7 +59,8 @@ export async function runSource(name, fn, ...args) {
     });
     const data = await Promise.race([dataPromise, timeoutPromise]);
     const hasError = Boolean(data?.error);
-    const isDegraded = hasError || ['no_credentials', 'degraded', 'failed'].includes(data?.status);
+    const degradedStatuses = ['no_credentials', 'no_key', 'disabled', 'degraded', 'failed', 'error'];
+    const isDegraded = hasError || degradedStatuses.includes(data?.status);
     return {
       name,
       status: isDegraded ? 'degraded' : 'ok',

apis/sources/adsb.mjs

@@ -1,7 +1,8 @@
 // ADS-B Exchange — Unfiltered Flight Tracking (including Military)
 // Unlike FlightRadar24/FlightAware, ADS-B Exchange does NOT filter military aircraft.
 // Public feed access varies; RapidAPI tier available for programmatic use.
-// This module attempts the public endpoints and falls back to a documented stub.
+// This module reports explicit disabled/degraded state instead of making
+// unavailable aircraft data look live.
 
 import { safeFetch } from '../utils/fetch.mjs';
 
@@ -140,6 +141,7 @@ async function fetchViaRapidApi(apiKey) {
   // Get all military aircraft
   const data = await safeFetch(`${ENDPOINTS.rapidApi}/mil`, {
     timeout: 20000,
+    source: 'adsb-rapidapi',
     headers: {
       'X-RapidAPI-Key': apiKey,
       'X-RapidAPI-Host': 'adsbexchange-com1.p.rapidapi.com',
@@ -151,21 +153,26 @@ async function fetchViaRapidApi(apiKey) {
 
 // Attempt to fetch from public feed
 async function fetchPublicFeed() {
-  const data = await safeFetch(ENDPOINTS.publicFeed, { timeout: 15000 });
+  const data = await safeFetch(ENDPOINTS.publicFeed, { timeout: 15000, source: 'adsb-public' });
   return data;
 }
 
-// Get military aircraft from available sources
-export async function getMilitaryAircraft(apiKey) {
+async function getMilitaryAircraftResult(apiKey) {
+  const failures = [];
+
   // Try RapidAPI first if key available
   if (apiKey) {
     const data = await fetchViaRapidApi(apiKey);
     if (data && !data.error) {
       const aircraft = data.ac || data.aircraft || [];
       if (Array.isArray(aircraft)) {
-        return aircraft.map(classifyAircraft).filter(a => a.isMilitary);
+        return {
+          provider: 'rapidapi',
+          aircraft: aircraft.map(classifyAircraft).filter(a => a.isMilitary),
+        };
       }
     }
+    failures.push({ provider: 'rapidapi', error: data?.error || 'RapidAPI returned an unsupported payload' });
   }
 
   // Try public feed
@@ -173,11 +180,21 @@ export async function getMilitaryAircraft(apiKey) {
   if (pubData && !pubData.error) {
     const aircraft = pubData.ac || pubData.aircraft || pubData.states || [];
     if (Array.isArray(aircraft)) {
-      return aircraft.map(classifyAircraft).filter(a => a.isMilitary);
+      return {
+        provider: 'public-feed',
+        aircraft: aircraft.map(classifyAircraft).filter(a => a.isMilitary),
+      };
     }
   }
+  failures.push({ provider: 'public-feed', error: pubData?.error || 'Public feed returned an unsupported payload' });
 
-  return null; // all sources failed
+  return { provider: null, aircraft: null, failures };
+}
+
+// Get military aircraft from available sources
+export async function getMilitaryAircraft(apiKey) {
+  const result = await getMilitaryAircraftResult(apiKey);
+  return result.aircraft;
 }
 
 // Get all aircraft in a geographic bounding box via RapidAPI
@@ -208,7 +225,8 @@ export async function getAircraftInArea(lat, lon, radiusNm = 250, apiKey) {
 // Briefing — attempt to get military flight data, document what's available
 export async function briefing() {
   const apiKey = process.env.ADSB_API_KEY || process.env.RAPIDAPI_KEY || null;
-  const militaryAircraft = await getMilitaryAircraft(apiKey);
+  const result = await getMilitaryAircraftResult(apiKey);
+  const militaryAircraft = result.aircraft;
 
   // If we got data, analyze it
   if (militaryAircraft && militaryAircraft.length > 0) {
@@ -255,6 +273,7 @@ export async function briefing() {
       source: 'ADS-B Exchange',
       timestamp: new Date().toISOString(),
       status: 'live',
+      provider: result.provider,
       totalMilitary: militaryAircraft.length,
       byCountry,
       categories: {
@@ -269,10 +288,18 @@ export async function briefing() {
   }
 
   // No data available — return stub with integration documentation
+  const status = apiKey ? 'degraded' : 'disabled';
+  const error = apiKey
+    ? 'ADS-B providers returned no usable aircraft data'
+    : 'ADSB_API_KEY or RAPIDAPI_KEY is not configured';
+
   return {
     source: 'ADS-B Exchange',
     timestamp: new Date().toISOString(),
-    status: apiKey ? 'error' : 'no_key',
+    status,
+    provider: result.provider,
+    error,
+    failures: result.failures,
     militaryAircraft: [],
     message: apiKey
       ? 'ADS-B Exchange API returned no data. The endpoint may be temporarily unavailable.'

apis/utils/fetch.mjs

@@ -42,6 +42,7 @@ export async function safeFetch(url, opts = {}) {
   let lastError;
   for (let i = 0; i <= retries; i++) {
     const started = Date.now();
+    let metricRecorded = false;
     try {
       const controller = new AbortController();
       const timer = setTimeout(() => controller.abort(), timeout);
@@ -51,22 +52,29 @@ export async function safeFetch(url, opts = {}) {
       });
       clearTimeout(timer);
       const status = res.status;
-      if (!res.ok) {
-        const body = await res.text().catch(() => '');
-        recordFetchMetric({ url, source, ok: false, status, bytes: body.length, durationMs: Date.now() - started, error: `HTTP ${res.status}` });
-        throw new Error(`HTTP ${res.status}: ${body.slice(0, 200)}`);
-      }
       const text = await res.text();
-      recordFetchMetric({ url, source, ok: true, status, bytes: text.length, durationMs: Date.now() - started });
+      if (!res.ok) {
+        const error = `HTTP ${res.status}`;
+        recordFetchMetric({ url, source, ok: false, status, bytes: text.length, durationMs: Date.now() - started, error });
+        metricRecorded = true;
+        throw new Error(`${error}: ${text.slice(0, 200)}`);
+      }
       const trimmed = text.trim();
       const contentType = res.headers.get('content-type') || '';
       if (contentType.includes('text/html') || trimmed.startsWith('<!DOCTYPE html') || trimmed.startsWith('<html')) {
-        throw new Error(`Expected JSON but received HTML from ${new URL(url).host}`);
+        const error = `Expected JSON but received HTML from ${new URL(url).host}`;
+        recordFetchMetric({ url, source, ok: false, status, bytes: text.length, durationMs: Date.now() - started, error });
+        metricRecorded = true;
+        throw new Error(error);
       }
+      recordFetchMetric({ url, source, ok: true, status, bytes: text.length, durationMs: Date.now() - started });
+      metricRecorded = true;
       try { return JSON.parse(text); } catch { return { rawText: text.slice(0, 500) }; }
     } catch (e) {
       lastError = e;
-      recordFetchMetric({ url, source, ok: false, status: null, bytes: 0, durationMs: Date.now() - started, error: e.message });
+      if (!metricRecorded) {
+        recordFetchMetric({ url, source, ok: false, status: null, bytes: 0, durationMs: Date.now() - started, error: e.message });
+      }
       // GDELT needs 5s between requests, others are fine with shorter delays
       if (i < retries) await new Promise(r => setTimeout(r, 2000 * (i + 1)));
     }
@@ -79,6 +87,7 @@ export async function safeFetchText(url, opts = {}) {
   let lastError;
   for (let i = 0; i <= retries; i++) {
     const started = Date.now();
+    let metricRecorded = false;
     try {
       const controller = new AbortController();
       const timer = setTimeout(() => controller.abort(), timeout);
@@ -89,11 +98,14 @@ export async function safeFetchText(url, opts = {}) {
       clearTimeout(timer);
       const text = await res.text();
       recordFetchMetric({ url, source, ok: res.ok, status: res.status, bytes: text.length, durationMs: Date.now() - started, error: res.ok ? null : `HTTP ${res.status}` });
+      metricRecorded = true;
       if (!res.ok) throw new Error(`HTTP ${res.status}: ${text.slice(0, 200)}`);
       return { text, status: res.status, bytes: text.length };
     } catch (e) {
       lastError = e;
-      recordFetchMetric({ url, source, ok: false, status: null, bytes: 0, durationMs: Date.now() - started, error: e.message });
+      if (!metricRecorded) {
+        recordFetchMetric({ url, source, ok: false, status: null, bytes: 0, durationMs: Date.now() - started, error: e.message });
+      }
       if (i < retries) await new Promise(r => setTimeout(r, 2000 * (i + 1)));
     }
   }

crucix.config.mjs

@@ -23,8 +23,13 @@ export default {
   refreshIntervalMinutes: intEnv('REFRESH_INTERVAL_MINUTES', 15),
   autoOpenBrowser: boolEnv('AUTO_OPEN_BROWSER', false),
   staleDataMaxAgeMinutes: intEnv('STALE_DATA_MAX_AGE_MINUTES', 60),
+  staleAlertCooldownMinutes: intEnv('STALE_ALERT_COOLDOWN_MINUTES', 60),
+  dashboardUrl: process.env.DASHBOARD_URL || null,
   sweepToken: process.env.SWEEP_TOKEN || null,
-  terminalActionsEnabled: boolEnv('TERMINAL_ACTIONS_ENABLED', true),
+  terminalActionsEnabled: boolEnv('TERMINAL_ACTIONS_ENABLED', !!process.env.SWEEP_TOKEN || process.env.NODE_ENV !== 'production'),
+  terminalActionRateLimitWindowMs: intEnv('TERMINAL_ACTION_RATE_LIMIT_WINDOW_MS', 60_000),
+  terminalActionRateLimitMax: intEnv('TERMINAL_ACTION_RATE_LIMIT_MAX', 10),
+  sseHeartbeatIntervalMs: intEnv('SSE_HEARTBEAT_INTERVAL_MS', 25000),
 
   llm: {
     provider: process.env.LLM_PROVIDER || null, // anthropic | openai | gemini | codex | openrouter | minimax | mistral | ollama | grok

dashboard/inject.mjs

@@ -83,16 +83,48 @@ const geoKeywords = {
   'IMF':[38.9,-77],'World Bank':[38.9,-77],'UN':[40.7,-74],
 };
 
-function geoTagText(text) {
+function escapeRegex(value) {
+  return value.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+}
+
+function geoKeywordRegex(keyword) {
+  const flags = keyword.length <= 3 && keyword === keyword.toUpperCase() ? 'u' : 'iu';
+  return new RegExp(`(^|[^\\p{L}\\p{N}])${escapeRegex(keyword)}(?=$|[^\\p{L}\\p{N}])`, flags);
+}
+
+const geoKeywordEntries = Object.entries(geoKeywords)
+  .sort((a, b) => b[0].length - a[0].length)
+  .map(([keyword, coords]) => ({ keyword, coords, pattern: geoKeywordRegex(keyword) }));
+
+export function geoTagText(text) {
   if (!text) return null;
-  for (const [keyword, [lat, lon]] of Object.entries(geoKeywords)) {
-    if (text.includes(keyword)) {
+  for (const { keyword, coords, pattern } of geoKeywordEntries) {
+    if (pattern.test(text)) {
+      const [lat, lon] = coords;
       return { lat, lon, region: keyword };
     }
   }
   return null;
 }
 
+function stableHash(value) {
+  let hash = 2166136261;
+  for (let i = 0; i < value.length; i++) {
+    hash ^= value.charCodeAt(i);
+    hash = Math.imul(hash, 16777619);
+  }
+  return hash >>> 0;
+}
+
+export function stableGeoJitter(key, axis) {
+  const bucket = stableHash(`${axis}:${key}`) / 0xffffffff;
+  return (bucket - 0.5) * 2;
+}
+
+function newsGeoKey(item) {
+  return `${item.source || ''}|${item.title || ''}|${item.date || ''}|${item.url || ''}`;
+}
+
 function sanitizeExternalUrl(raw) {
   if (!raw) return undefined;
   try {
@@ -235,8 +267,8 @@ export async function fetchAllNews() {
         source: item.source,
         date: item.date,
         url: item.url,
-        lat: geo.lat + (Math.random() - 0.5) * 2,
-        lon: geo.lon + (Math.random() - 0.5) * 2,
+        lat: geo.lat + stableGeoJitter(newsGeoKey(item), 'lat'),
+        lon: geo.lon + stableGeoJitter(newsGeoKey(item), 'lon'),
         region: geo.region
       });
     }

docs/sources/README.md

@@ -16,4 +16,5 @@ Source docs:
 - [Telegram](telegram.md)
 - [FIRMS](firms.md)
 - [Maritime](maritime.md)
+- [ADS-B](adsb.md)
 - [Reddit](reddit.md)

docs/sources/adsb.md

@@ -0,0 +1,24 @@
+# ADS-B Source
+
+ADS-B Exchange support is optional and intended for unfiltered aircraft and military-flight awareness.
+
+- Source module: `apis/sources/adsb.mjs`
+- Preferred provider: ADS-B Exchange via RapidAPI
+- Credentials: `ADSB_API_KEY` or `RAPIDAPI_KEY`
+- Runtime status without credentials: `disabled`
+- Runtime status when providers fail: `degraded`
+- Runtime status with usable aircraft payloads: `live`
+
+The source does not treat a missing key or unavailable public feed as normal live data. `/api/health` and `/api/metrics` surface the degraded source state through the sweep source summary.
+
+Known failure modes:
+
+- Missing `ADSB_API_KEY` / `RAPIDAPI_KEY`: source is disabled with operator guidance.
+- RapidAPI rejects or rate-limits the request: source is degraded and records provider failure detail.
+- Public feed is blocked, rate-limited, or changes shape: source remains degraded instead of returning stale-looking data.
+
+Register for the provider documented in the README, then set:
+
+```env
+ADSB_API_KEY=<rapidapi-key>
+```

docs/sources/opensky.md

@@ -6,4 +6,4 @@ Provides public aircraft state data for regional air-activity hotspots.
 - Failure modes: timeouts, `HTTP 429`, and empty regions.
 - Behavior: source health is marked degraded on API errors. The dashboard may use the most recent non-empty air snapshot from `runs/` and marks it in `airMeta.fallback`.
 - Test: start a sweep and inspect `/api/health` plus `airMeta` from `/api/data`.
-- Operator note: Crucix does not bypass OpenSky throttles. Increase `REFRESH_INTERVAL_MINUTES` if the source degrades repeatedly.
+- Operator note: Intelligence Terminal does not bypass OpenSky throttles. Increase `REFRESH_INTERVAL_MINUTES` if the source degrades repeatedly.

lib/intelligence-store.mjs

@@ -2,6 +2,9 @@
 
 import { existsSync, mkdirSync, writeFileSync } from 'fs';
 import { dirname, join } from 'path';
+import { createHash } from 'crypto';
+
+const PREDICTION_STATES = new Set(['open', 'monitoring', 'observed', 'expired_unverified', 'invalidated']);
 
 export class IntelligenceStore {
   constructor(dbPath) {
@@ -30,15 +33,24 @@ export class IntelligenceStore {
         );
         CREATE TABLE IF NOT EXISTS predictions (
           id INTEGER PRIMARY KEY AUTOINCREMENT,
+          stable_id TEXT UNIQUE,
           created_at TEXT NOT NULL,
+          updated_at TEXT,
           title TEXT NOT NULL,
           type TEXT,
+          hypothesis TEXT,
+          evidence_json TEXT,
           confidence TEXT,
+          horizon TEXT,
+          outcome_state TEXT DEFAULT 'open',
+          outcome_json TEXT,
+          last_evaluated_at TEXT,
           source TEXT,
           payload_json TEXT NOT NULL
         );
         CREATE TABLE IF NOT EXISTS entities (
           id INTEGER PRIMARY KEY AUTOINCREMENT,
+          stable_id TEXT UNIQUE,
           first_seen TEXT NOT NULL,
           last_seen TEXT NOT NULL,
           name TEXT NOT NULL,
@@ -46,7 +58,21 @@ export class IntelligenceStore {
           count INTEGER DEFAULT 1,
           UNIQUE(name, kind)
         );
+        CREATE TABLE IF NOT EXISTS events (
+          id INTEGER PRIMARY KEY AUTOINCREMENT,
+          stable_id TEXT NOT NULL UNIQUE,
+          first_seen TEXT NOT NULL,
+          last_seen TEXT NOT NULL,
+          kind TEXT NOT NULL,
+          name TEXT NOT NULL,
+          region TEXT,
+          severity TEXT,
+          source TEXT,
+          evidence_json TEXT NOT NULL,
+          count INTEGER DEFAULT 1
+        );
       `);
+      this._migrate();
       this.available = true;
     } catch (err) {
       this.available = false;
@@ -71,24 +97,141 @@ export class IntelligenceStore {
       delta?.summary?.direction || null,
       JSON.stringify({ meta, delta: delta?.summary || null }),
     );
-    for (const idea of data.ideas || []) {
-      this.db.prepare(`INSERT INTO predictions (created_at, title, type, confidence, source, payload_json)
-        VALUES (?, ?, ?, ?, ?, ?)`).run(
-        timestamp,
-        idea.title || 'Untitled idea',
-        idea.type || null,
-        idea.confidence || null,
-        idea.source || data.ideasSource || null,
-        JSON.stringify(idea),
-      );
-    }
     this._recordEntities(data, timestamp);
+    this._recordEvents(data, delta, timestamp);
+    this.evaluatePredictions(data, timestamp);
+    this._recordPredictions(data, timestamp);
   }
 
   status() {
     return { available: this.available, path: this.dbPath, reason: this.reason };
   }
 
+  queryMemory({ q = '', limit = 25 } = {}) {
+    if (!this.available || !this.db) return { available: false, reason: this.reason, results: [] };
+    const safeLimit = Math.max(1, Math.min(100, Number(limit) || 25));
+    const term = String(q || '').trim();
+    const like = `%${term}%`;
+    const where = term
+      ? 'WHERE name LIKE ? OR region LIKE ? OR source LIKE ? OR kind LIKE ?'
+      : '';
+    const params = term ? [like, like, like, like, safeLimit] : [safeLimit];
+    const events = this.db.prepare(`
+      SELECT stable_id, first_seen, last_seen, kind, name, region, severity, source, count, evidence_json
+      FROM events
+      ${where}
+      ORDER BY last_seen DESC
+      LIMIT ?
+    `).all(...params).map(row => ({ ...row, evidence: parseJson(row.evidence_json, {}) }));
+    return { available: true, q: term, results: events };
+  }
+
+  listPredictions({ state = null, limit = 25 } = {}) {
+    if (!this.available || !this.db) return { available: false, reason: this.reason, predictions: [] };
+    const safeLimit = Math.max(1, Math.min(100, Number(limit) || 25));
+    const normalizedState = state && PREDICTION_STATES.has(String(state)) ? String(state) : null;
+    const rows = normalizedState
+      ? this.db.prepare(`SELECT * FROM predictions WHERE outcome_state = ? ORDER BY created_at DESC LIMIT ?`).all(normalizedState, safeLimit)
+      : this.db.prepare(`SELECT * FROM predictions ORDER BY created_at DESC LIMIT ?`).all(safeLimit);
+    return {
+      available: true,
+      predictions: rows.map(row => ({
+        stable_id: row.stable_id,
+        created_at: row.created_at,
+        updated_at: row.updated_at,
+        title: row.title,
+        type: row.type,
+        hypothesis: row.hypothesis,
+        confidence: row.confidence,
+        horizon: row.horizon,
+        outcome_state: row.outcome_state,
+        last_evaluated_at: row.last_evaluated_at,
+        source: row.source,
+        evidence: parseJson(row.evidence_json, []),
+        outcome: parseJson(row.outcome_json, null),
+      })),
+    };
+  }
+
+  evaluatePredictions(data, timestamp = new Date().toISOString()) {
+    if (!this.available || !this.db) return;
+    const rows = this.db.prepare(`
+      SELECT id, created_at, title, type, horizon, outcome_state, payload_json
+      FROM predictions
+      WHERE outcome_state IN ('open', 'monitoring')
+      ORDER BY created_at ASC
+      LIMIT 200
+    `).all();
+    for (const row of rows) {
+      const payload = parseJson(row.payload_json, {});
+      const evaluation = evaluatePredictionAgainstSweep(row, payload, data, timestamp);
+      this.db.prepare(`UPDATE predictions
+        SET outcome_state = ?, outcome_json = ?, last_evaluated_at = ?, updated_at = ?
+        WHERE id = ?`).run(
+        evaluation.state,
+        JSON.stringify(evaluation),
+        timestamp,
+        timestamp,
+        row.id,
+      );
+    }
+  }
+
+  _migrate() {
+    const columns = {
+      predictions: [
+        ['stable_id', 'TEXT'],
+        ['updated_at', 'TEXT'],
+        ['hypothesis', 'TEXT'],
+        ['evidence_json', 'TEXT'],
+        ['horizon', 'TEXT'],
+        ['outcome_state', "TEXT DEFAULT 'open'"],
+        ['outcome_json', 'TEXT'],
+        ['last_evaluated_at', 'TEXT'],
+      ],
+      entities: [
+        ['stable_id', 'TEXT'],
+      ],
+    };
+    for (const [table, defs] of Object.entries(columns)) {
+      for (const [name, type] of defs) {
+        try { this.db.exec(`ALTER TABLE ${table} ADD COLUMN ${name} ${type}`); } catch { }
+      }
+    }
+    try { this.db.exec(`CREATE UNIQUE INDEX IF NOT EXISTS idx_predictions_stable_id ON predictions(stable_id)`); } catch { }
+    try { this.db.exec(`CREATE UNIQUE INDEX IF NOT EXISTS idx_entities_stable_id ON entities(stable_id)`); } catch { }
+  }
+
+  _recordPredictions(data, timestamp) {
+    for (const idea of data.ideas || []) {
+      const title = idea.title || 'Untitled idea';
+      const stableId = stableId('prediction', title, idea.type || '', idea.ticker || '', idea.horizon || '');
+      const evidence = Array.isArray(idea.signals) ? idea.signals : [];
+      this.db.prepare(`INSERT INTO predictions (
+          stable_id, created_at, updated_at, title, type, hypothesis, evidence_json, confidence,
+          horizon, outcome_state, source, payload_json
+        )
+        VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, 'open', ?, ?)
+        ON CONFLICT(stable_id) DO UPDATE SET
+          updated_at=excluded.updated_at,
+          confidence=excluded.confidence,
+          evidence_json=excluded.evidence_json,
+          payload_json=excluded.payload_json`).run(
+        stableId,
+        timestamp,
+        timestamp,
+        title,
+        idea.type || null,
+        idea.rationale || idea.text || title,
+        JSON.stringify(evidence),
+        idea.confidence || null,
+        idea.horizon || null,
+        idea.source || data.ideasSource || null,
+        JSON.stringify(idea),
+      );
+    }
+  }
+
   _recordEntities(data, timestamp) {
     const names = [];
     for (const item of data.acled?.deadliestEvents || []) {
@@ -99,14 +242,154 @@ export class IntelligenceStore {
       if (item.region) names.push([item.region, 'region']);
     }
     for (const [name, kind] of names.slice(0, 200)) {
-      this.db.prepare(`INSERT INTO entities (first_seen, last_seen, name, kind, count)
-        VALUES (?, ?, ?, ?, 1)
+      const cleanName = String(name).slice(0, 160);
+      this.db.prepare(`INSERT INTO entities (stable_id, first_seen, last_seen, name, kind, count)
+        VALUES (?, ?, ?, ?, ?, 1)
         ON CONFLICT(name, kind) DO UPDATE SET last_seen=excluded.last_seen, count=count+1`).run(
+        stableId('entity', kind, cleanName),
         timestamp,
         timestamp,
-        String(name).slice(0, 160),
+        cleanName,
         kind,
       );
     }
   }
+
+  _recordEvents(data, delta, timestamp) {
+    const events = extractEvents(data, delta);
+    for (const event of events.slice(0, 300)) {
+      this.db.prepare(`INSERT INTO events (
+          stable_id, first_seen, last_seen, kind, name, region, severity, source, evidence_json, count
+        )
+        VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, 1)
+        ON CONFLICT(stable_id) DO UPDATE SET
+          last_seen=excluded.last_seen,
+          severity=COALESCE(excluded.severity, severity),
+          evidence_json=excluded.evidence_json,
+          count=count+1`).run(
+        event.stable_id,
+        timestamp,
+        timestamp,
+        event.kind,
+        event.name,
+        event.region || null,
+        event.severity || null,
+        event.source || null,
+        JSON.stringify(event.evidence || {}),
+      );
+    }
+  }
+}
+
+function stableId(...parts) {
+  const input = parts.map(part => String(part || '').trim().toLowerCase()).join('|');
+  return createHash('sha256').update(input).digest('hex').slice(0, 24);
+}
+
+function parseJson(value, fallback) {
+  try { return value ? JSON.parse(value) : fallback; } catch { return fallback; }
+}
+
+function extractEvents(data, delta) {
+  const events = [];
+  const push = ({ kind, name, region, severity, source, evidence }) => {
+    if (!kind || !name) return;
+    events.push({
+      stable_id: stableId('event', kind, name, region || source || ''),
+      kind,
+      name: String(name).slice(0, 240),
+      region: region ? String(region).slice(0, 120) : null,
+      severity: severity || null,
+      source: source || null,
+      evidence: evidence || {},
+    });
+  };
+
+  for (const item of data.acled?.deadliestEvents || []) {
+    push({
+      kind: 'conflict',
+      name: item.event_type || item.sub_event_type || item.location || item.country,
+      region: item.country || item.location,
+      severity: Number(item.fatalities || 0) > 0 ? 'high' : 'medium',
+      source: 'ACLED',
+      evidence: item,
+    });
+  }
+  for (const item of data.tg?.urgent || []) {
+    push({
+      kind: 'osint',
+      name: (item.text || '').slice(0, 120),
+      region: item.region || 'OSINT',
+      severity: 'high',
+      source: item.channel || item.chat || 'telegram',
+      evidence: item,
+    });
+  }
+  for (const item of data.newsFeed || data.news || []) {
+    if (!item.urgent) continue;
+    push({
+      kind: 'news',
+      name: item.headline || item.title,
+      region: item.region,
+      severity: 'medium',
+      source: item.source,
+      evidence: item,
+    });
+  }
+  for (const signal of delta?.signals?.new || []) {
+    push({
+      kind: 'delta',
+      name: signal.label || signal.reason || signal.key,
+      region: signal.region,
+      severity: signal.severity || 'medium',
+      source: 'delta',
+      evidence: signal,
+    });
+  }
+  return events;
+}
+
+function evaluatePredictionAgainstSweep(row, payload, data, timestamp) {
+  const terms = [
+    row.title,
+    payload.ticker,
+    ...(Array.isArray(payload.signals) ? payload.signals : []),
+  ].filter(Boolean).map(v => String(v).toLowerCase());
+  const evidenceText = [
+    ...(data.tSignals || []),
+    ...(data.newsFeed || []).slice(0, 40).map(n => `${n.source || ''} ${n.headline || n.title || ''}`),
+    ...(data.tg?.urgent || []).slice(0, 20).map(p => p.text || ''),
+  ].join('\n').toLowerCase();
+  const matched = terms.filter(term => term.length >= 4 && evidenceText.includes(term.slice(0, 60)));
+  const expired = predictionExpired(row.created_at, row.horizon, timestamp);
+  const state = matched.length
+    ? 'observed'
+    : expired
+      ? 'expired_unverified'
+      : 'monitoring';
+  return {
+    state,
+    evaluated_at: timestamp,
+    matched_terms: matched.slice(0, 10),
+    expired,
+    reason: matched.length
+      ? 'Current sweep contains matching evidence terms.'
+      : expired
+        ? 'Prediction horizon elapsed without matching evidence.'
+        : 'Prediction remains open for future sweeps.',
+  };
+}
+
+function predictionExpired(createdAt, horizon, nowIso) {
+  const created = new Date(createdAt).getTime();
+  const now = new Date(nowIso).getTime();
+  if (!Number.isFinite(created) || !Number.isFinite(now)) return false;
+  const text = String(horizon || '').toLowerCase();
+  const days = text.includes('intraday') ? 1
+    : text.includes('day') ? 7
+      : text.includes('week') ? 45
+        : text.includes('month') ? 180
+          : text.includes('strategic') ? 365
+            : 30;
+  return now - created > days * 24 * 60 * 60 * 1000;
 }

lib/stale-alerts.mjs

@@ -0,0 +1,52 @@
+const DEFAULT_COOLDOWN_MS = 60 * 60 * 1000;
+
+export function shouldSendStaleAlert(health, state = {}, opts = {}) {
+  const now = opts.now ?? Date.now();
+  const cooldownMs = opts.cooldownMs ?? DEFAULT_COOLDOWN_MS;
+  if (!health?.stale) {
+    state.lastStaleAlertKey = null;
+    return { send: false, reason: 'not_stale' };
+  }
+
+  const key = [
+    health.lastSuccessfulSweep || 'never',
+    health.lastSweepError || 'no-error',
+    health.sourcesFailed || 0,
+    health.sourcesDegraded || 0,
+  ].join('|');
+
+  if (state.lastStaleAlertKey === key && now - (state.lastStaleAlertAt || 0) < cooldownMs) {
+    return { send: false, reason: 'cooldown', key };
+  }
+
+  state.lastStaleAlertKey = key;
+  state.lastStaleAlertAt = now;
+  return { send: true, reason: 'stale', key };
+}
+
+export function formatStaleAlert(health, opts = {}) {
+  const dashboardUrl = opts.dashboardUrl || 'http://localhost:3117';
+  const context = opts.context || 'scheduled sweep';
+  const ageMinutes = health.dataAgeSeconds == null ? 'unknown' : Math.floor(health.dataAgeSeconds / 60);
+  const affected = (health.sourceHealth || [])
+    .filter(s => (s.status && s.status !== 'ok') || s.error)
+    .slice(0, 6)
+    .map(s => `- ${s.name || s.n || 'source'}: ${s.status || 'degraded'}${s.error ? ` (${String(s.error).slice(0, 100)})` : ''}`);
+
+  return [
+    '*CRUCIX STALE DATA ALERT*',
+    '',
+    `Context: ${context}`,
+    `Status: ${health.status || 'unknown'}`,
+    `Data age: ${ageMinutes} minutes`,
+    `Last successful sweep: ${health.lastSuccessfulSweep || 'never'}`,
+    `Last attempted sweep: ${health.lastSweep || 'never'}`,
+    `Last error: ${health.lastSweepError || 'none'}`,
+    `Sources: ${health.sourcesOk || 0} OK / ${health.sourcesDegraded || 0} degraded / ${health.sourcesFailed || 0} failed`,
+    '',
+    '*Affected sources*',
+    affected.length ? affected.join('\n') : '- No per-source errors available',
+    '',
+    `Dashboard: ${dashboardUrl}`,
+  ].join('\n');
+}

package-lock.json

@@ -1,11 +1,11 @@
 {
-  "name": "crucix",
+  "name": "intelligence-terminal",
   "version": "2.0.0",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
-      "name": "crucix",
+      "name": "intelligence-terminal",
       "version": "2.0.0",
       "license": "AGPL-3.0-only",
       "dependencies": {

package.json

@@ -1,7 +1,7 @@
 {
-  "name": "crucix",
+  "name": "intelligence-terminal",
   "version": "2.0.0",
-  "description": "Local intelligence engine - 27 OSINT sources, live dashboard, public demo at crucix.live, auto-refresh, optional LLM layer.",
+  "description": "Docker-first local intelligence terminal with 27 OSINT sources, live dashboard, source health, auto-refresh, and optional LLM layer.",
   "type": "module",
   "scripts": {
     "start": "node server.mjs",
@@ -12,7 +12,7 @@
     "brief:save": "node apis/save-briefing.mjs",
     "diag": "node diag.mjs",
     "test": "npm run test:unit",
-    "test:unit": "node --test test/llm-openrouter.test.mjs test/llm-ollama.test.mjs test/llm-openai-compatible.test.mjs test/fetch-utils.test.mjs test/reddit-source.test.mjs",
+    "test:unit": "node --test test/llm-openrouter.test.mjs test/llm-ollama.test.mjs test/llm-openai-compatible.test.mjs test/fetch-utils.test.mjs test/reddit-source.test.mjs test/acled-source.test.mjs test/mojibake-text.test.mjs test/adsb.test.mjs test/dashboard-geotagging.test.mjs",
     "compose:config": "docker compose config",
     "clean": "node scripts/clean.mjs",
     "fresh-start": "npm run clean && npm start"
@@ -23,7 +23,7 @@
     "dashboard",
     "geopolitical"
   ],
-  "author": "Crucix",
+  "author": "Intelligence Terminal contributors",
   "license": "AGPL-3.0-only",
   "engines": {
     "node": ">=22",

server.mjs

@@ -18,6 +18,7 @@ import { TelegramAlerter } from './lib/alerts/telegram.mjs';
 import { DiscordAlerter } from './lib/alerts/discord.mjs';
 import { getFetchMetrics } from './apis/utils/fetch.mjs';
 import { IntelligenceStore } from './lib/intelligence-store.mjs';
+import { formatStaleAlert, shouldSendStaleAlert } from './lib/stale-alerts.mjs';
 import { evaluateScenarios } from './lib/scenarios.mjs';
 
 const __dirname = dirname(fileURLToPath(import.meta.url));
@@ -40,6 +41,8 @@ let sweepStartedAt = null; // Timestamp when current/last sweep started
 let sweepInProgress = false;
 const startTime = Date.now();
 const sseClients = new Set();
+const terminalActionBuckets = new Map();
+const staleAlertState = {};
 
 // === Delta/Memory ===
 const memory = new MemoryManager(RUNS_DIR);
@@ -289,29 +292,67 @@ app.get('/api/metrics', (req, res) => {
   });
 });
 
-app.post('/api/sweep', express.json(), (req, res) => {
-  if (!canRunTerminalAction(req)) return res.status(403).json({ error: 'Terminal actions disabled or unauthorized' });
-  triggerSweep(res);
+app.get('/api/memory/search', (req, res) => {
+  const guard = authorizeTerminalAction(req, res, 'memory:search');
+  if (!guard.ok) return;
+  auditTerminalAction(req, 'memory:search', 'ok');
+  res.json(intelligenceStore.queryMemory({
+    q: req.query.q || '',
+    limit: req.query.limit || 25,
+  }));
 });
 
-app.post('/api/action', express.json(), async (req, res) => {
-  if (!canRunTerminalAction(req)) return res.status(403).json({ error: 'Terminal actions disabled or unauthorized' });
-  const action = String(req.body?.action || req.query.action || '').toLowerCase();
+app.get('/api/memory/predictions', (req, res) => {
+  const guard = authorizeTerminalAction(req, res, 'memory:predictions');
+  if (!guard.ok) return;
+  auditTerminalAction(req, 'memory:predictions', 'ok');
+  res.json(intelligenceStore.listPredictions({
+    state: req.query.state || null,
+    limit: req.query.limit || 25,
+  }));
+});
+
+app.post('/api/sweep', express.json(), (req, res) => {
+  const guard = authorizeTerminalAction(req, res, 'sweep');
+  if (!guard.ok) return;
+  triggerSweepAction(req, res, 'sweep');
+});
+
+app.post('/api/action', express.json(), (req, res) => {
+  const action = String(req.body?.action || req.body?.command || '').trim().toLowerCase();
+  const guard = authorizeTerminalAction(req, res, action || 'unknown');
+  if (!guard.ok) return;
 
   if (action === 'status') {
-    return res.json({ ok: true, action, health: buildHealth() });
+    auditTerminalAction(req, 'status', 'ok');
+    return res.json({ ok: true, action, status: 'ok', health: buildHealth() });
   }
 
   if (action === 'brief') {
-    if (!currentData) return res.status(503).json({ ok: false, action, error: 'No data yet — first sweep in progress' });
-    return res.json({ ok: true, action, text: buildBrief(currentData) });
+    if (!currentData) {
+      auditTerminalAction(req, 'brief', 'rejected', 'no_data');
+      return res.status(503).json({ ok: false, action, error: 'No data yet - first sweep in progress' });
+    }
+    auditTerminalAction(req, 'brief', 'ok');
+    const brief = buildBrief(currentData);
+    return res.json({ ok: true, action, status: 'ok', brief, text: brief });
   }
 
-  if (action === 'sweep') {
-    return triggerSweep(res);
+  if (action === 'memory') {
+    auditTerminalAction(req, 'memory', 'ok');
+    return res.json({
+      ok: true,
+      action,
+      memory: intelligenceStore.status(),
+      recentEvents: intelligenceStore.queryMemory({ q: req.body?.q || '', limit: 8 }).results,
+      predictions: intelligenceStore.listPredictions({ limit: 8 }).predictions,
+    });
   }
 
-  res.status(400).json({ ok: false, error: 'Unknown action', actions: ['status', 'brief', 'sweep'] });
+  if (action === 'sweep') return triggerSweepAction(req, res, 'action:sweep');
+
+  auditTerminalAction(req, action || 'unknown', 'rejected', 'unknown_action');
+  return res.status(400).json({ ok: false, error: 'Unknown action', allowed: ['status', 'brief', 'memory', 'sweep'], actions: ['status', 'brief', 'memory', 'sweep'] });
 });
 
 // API: available locales
@@ -329,10 +370,24 @@ app.get('/events', (req, res) => {
     'Cache-Control': 'no-cache',
     'Connection': 'keep-alive',
     'Access-Control-Allow-Origin': '*',
+    'X-Accel-Buffering': 'no',
   });
+  res.write('retry: 10000\n');
   res.write('data: {"type":"connected"}\n\n');
+  const heartbeatMs = Math.max(5000, config.sseHeartbeatIntervalMs || 25000);
+  const heartbeat = setInterval(() => {
+    try {
+      res.write(`: heartbeat ${new Date().toISOString()}\n\n`);
+    } catch {
+      clearInterval(heartbeat);
+      sseClients.delete(res);
+    }
+  }, heartbeatMs);
   sseClients.add(res);
-  req.on('close', () => sseClients.delete(res));
+  req.on('close', () => {
+    clearInterval(heartbeat);
+    sseClients.delete(res);
+  });
 });
 
 function broadcast(data) {
@@ -342,26 +397,114 @@ function broadcast(data) {
   }
 }
 
+function requestIp(req) {
+  return req.ip || req.socket?.remoteAddress || 'unknown';
+}
+
+function isLocalRequest(req) {
+  const remote = requestIp(req);
+  return remote === '::1'
+    || remote === '127.0.0.1'
+    || remote === '::ffff:127.0.0.1'
+    || remote.startsWith('127.')
+    || remote === 'localhost';
+}
+
+function sameOriginPost(req) {
+  const origin = req.get('origin');
+  if (!origin) return true;
+  try {
+    const originUrl = new URL(origin);
+    const host = req.get('host');
+    return host && originUrl.host === host;
+  } catch {
+    return false;
+  }
+}
+
+function actionToken(req) {
+  return req.get('x-crucix-token') || req.body?.token || null;
+}
+
+function auditTerminalAction(req, action, outcome, detail = null) {
+  const suffix = detail ? ` detail=${detail}` : '';
+  console.log(`[Crucix][audit] terminal_action action=${action || 'unknown'} outcome=${outcome} ip=${requestIp(req)}${suffix}`);
+}
+
+function rateLimitTerminalAction(req, action) {
+  const now = Date.now();
+  const windowMs = Math.max(1000, config.terminalActionRateLimitWindowMs || 60_000);
+  const max = Math.max(1, config.terminalActionRateLimitMax || 10);
+  const key = `${requestIp(req)}:${action}`;
+  const bucket = terminalActionBuckets.get(key);
+  if (!bucket || now > bucket.resetAt) {
+    terminalActionBuckets.set(key, { count: 1, resetAt: now + windowMs });
+    return { ok: true };
+  }
+  bucket.count += 1;
+  if (bucket.count > max) {
+    return { ok: false, retryAfterSeconds: Math.ceil((bucket.resetAt - now) / 1000) };
+  }
+  return { ok: true };
+}
+
+function authorizeTerminalAction(req, res, action) {
+  const rate = rateLimitTerminalAction(req, action);
+  if (!rate.ok) {
+    auditTerminalAction(req, action, 'rejected', 'rate_limited');
+    res.set('Retry-After', String(rate.retryAfterSeconds));
+    res.status(429).json({ error: 'Too many terminal actions', retryAfterSeconds: rate.retryAfterSeconds });
+    return { ok: false };
+  }
+
+  if (!sameOriginPost(req)) {
+    auditTerminalAction(req, action, 'rejected', 'csrf_origin');
+    res.status(403).json({ error: 'Origin mismatch' });
+    return { ok: false };
+  }
+
+  const local = isLocalRequest(req);
+  const token = actionToken(req);
+  if (!config.terminalActionsEnabled) {
+    auditTerminalAction(req, action, 'rejected', 'disabled');
+    res.status(403).json({ error: 'Terminal actions are disabled' });
+    return { ok: false };
+  }
+
+  if (config.sweepToken) {
+    if (token !== config.sweepToken) {
+      auditTerminalAction(req, action, 'rejected', 'invalid_token');
+      res.status(401).json({ error: 'Invalid terminal action token' });
+      return { ok: false };
+    }
+    return { ok: true };
+  }
+
+  if (!local) {
+    auditTerminalAction(req, action, 'rejected', 'missing_token');
+    res.status(403).json({ error: 'Terminal actions are local-only unless SWEEP_TOKEN is set' });
+    return { ok: false };
+  }
+
+  return { ok: true };
+}
+
+function triggerSweepAction(req, res, auditAction) {
+  if (sweepInProgress) {
+    auditTerminalAction(req, auditAction, 'rejected', 'already_running');
+    return res.status(409).json({ ok: true, status: 'already_running', sweepStartedAt });
+  }
+  auditTerminalAction(req, auditAction, 'accepted');
+  runSweepCycle().catch(err => console.error('[Crucix] API-triggered sweep failed:', err.message));
+  return res.status(202).json({ ok: true, status: 'accepted' });
+}
+
 function dataAgeMs() {
   const ts = currentData?.meta?.timestamp || lastSuccessfulSweepTime || lastSweepTime;
   const ms = ts ? Date.now() - new Date(ts).getTime() : null;
   return Number.isFinite(ms) ? ms : null;
 }
 
-function canRunTerminalAction(req) {
-  const remote = req.ip || '';
-  const local = remote.includes('127.0.0.1') || remote === '::1' || remote === '::ffff:127.0.0.1';
-  const token = req.get('x-crucix-token') || req.query.token || req.body?.token;
-  if (config.sweepToken) return token === config.sweepToken;
-  return Boolean(config.terminalActionsEnabled || local);
-}
-
-function triggerSweep(res) {
-  if (sweepInProgress) return res.status(409).json({ ok: true, status: 'already_running', sweepStartedAt });
-  runSweepCycle().catch(err => console.error('[Crucix] API-triggered sweep failed:', err.message));
-  return res.status(202).json({ ok: true, status: 'accepted' });
-}
-
 function getLLMStatus() {
   if (!config.llm.provider) return { state: 'disabled' };
   if (!llmProvider) return { state: 'misconfigured', provider: config.llm.provider };
@@ -405,13 +548,39 @@ function buildHealth() {
     llm: getLLMStatus(),
     telegramEnabled: !!(config.telegram.botToken && config.telegram.chatId),
     discordEnabled: !!(config.discord?.botToken || config.discord?.webhookUrl),
-    terminalActionsEnabled: Boolean(config.terminalActionsEnabled || config.sweepToken),
+    terminalActionsEnabled: config.terminalActionsEnabled,
+    terminalActionsTokenRequired: !!config.sweepToken,
     refreshIntervalMinutes: config.refreshIntervalMinutes,
     language: currentLanguage,
     memory: intelligenceStore.status(),
   };
 }
 
+async function notifyIfDataStale(context = 'scheduled sweep') {
+  const health = buildHealth();
+  const decision = shouldSendStaleAlert(health, staleAlertState, {
+    cooldownMs: config.staleAlertCooldownMinutes * 60 * 1000,
+  });
+  if (!decision.send) return false;
+
+  const dashboardUrl = config.dashboardUrl || `http://localhost:${config.port}`;
+  const message = formatStaleAlert(health, { dashboardUrl, context });
+  const sends = [];
+  if (telegramAlerter.isConfigured) sends.push(telegramAlerter.sendMessage(message));
+  if (discordAlerter.isConfigured) sends.push(discordAlerter.sendAlert(message));
+
+  if (sends.length === 0) {
+    console.warn('[Crucix] Data is stale but no operator alert channel is configured');
+    return false;
+  }
+
+  const results = await Promise.allSettled(sends);
+  const sent = results.some(r => r.status === 'fulfilled' && (r.value === true || r.value?.ok === true));
+  if (sent) console.warn('[Crucix] Operator stale-data alert sent');
+  else console.warn('[Crucix] Operator stale-data alert attempted but no channel accepted it');
+  return sent;
+}
+
 function buildBrief(data) {
   const verbosity = config.telegram.briefVerbosity || 'standard';
   const delta = memory.getLastDelta();
@@ -562,6 +731,9 @@ async function runSweepCycle() {
     broadcast({ type: 'sweep_error', error: err.message });
   } finally {
     sweepInProgress = false;
+    await notifyIfDataStale(lastSweepError ? 'failed sweep' : 'completed sweep').catch(err => {
+      console.error('[Crucix] Stale-data operator alert failed:', err.message);
+    });
   }
 }
 

test/adsb.test.mjs

@@ -0,0 +1,82 @@
+import test from 'node:test';
+import assert from 'node:assert/strict';
+
+async function withFetch(mockFetch, fn) {
+  const originalFetch = globalThis.fetch;
+  const originalAdsbKey = process.env.ADSB_API_KEY;
+  const originalRapidKey = process.env.RAPIDAPI_KEY;
+  globalThis.fetch = mockFetch;
+  delete process.env.ADSB_API_KEY;
+  delete process.env.RAPIDAPI_KEY;
+  try {
+    return await fn();
+  } finally {
+    globalThis.fetch = originalFetch;
+    if (originalAdsbKey === undefined) delete process.env.ADSB_API_KEY;
+    else process.env.ADSB_API_KEY = originalAdsbKey;
+    if (originalRapidKey === undefined) delete process.env.RAPIDAPI_KEY;
+    else process.env.RAPIDAPI_KEY = originalRapidKey;
+  }
+}
+
+function jsonResponse(payload, ok = true, status = 200) {
+  return {
+    ok,
+    status,
+    headers: { get: () => 'application/json' },
+    text: async () => JSON.stringify(payload),
+  };
+}
+
+test('ADS-B reports disabled when no key is configured and public feed fails', async () => {
+  await withFetch(async () => jsonResponse({ error: 'blocked' }, false, 403), async () => {
+    const { briefing } = await import('../apis/sources/adsb.mjs');
+    const data = await briefing();
+
+    assert.equal(data.status, 'disabled');
+    assert.match(data.error, /ADSB_API_KEY|RAPIDAPI_KEY/);
+    assert.equal(data.militaryAircraft.length, 0);
+  });
+});
+
+test('ADS-B reports degraded when RapidAPI and public feed fail', async () => {
+  await withFetch(async () => jsonResponse({ error: 'unavailable' }, false, 503), async () => {
+    process.env.ADSB_API_KEY = 'test-key';
+    const { briefing } = await import('../apis/sources/adsb.mjs');
+    const data = await briefing();
+
+    assert.equal(data.status, 'degraded');
+    assert.match(data.error, /providers returned no usable/);
+    assert.equal(data.failures.length, 2);
+  });
+});
+
+test('ADS-B returns live RapidAPI military aircraft payloads', async () => {
+  await withFetch(async () => jsonResponse({
+    ac: [{
+      hex: 'AE1234',
+      flight: 'RCH123',
+      t: 'KC135',
+      lat: 50,
+      lon: 8,
+      mil: true,
+    }],
+  }), async () => {
+    process.env.ADSB_API_KEY = 'test-key';
+    const { briefing } = await import('../apis/sources/adsb.mjs');
+    const data = await briefing();
+
+    assert.equal(data.status, 'live');
+    assert.equal(data.provider, 'rapidapi');
+    assert.equal(data.totalMilitary, 1);
+    assert.equal(data.militaryAircraft[0].callsign, 'RCH123');
+  });
+});
+
+test('runSource treats disabled source status as degraded health', async () => {
+  const { runSource } = await import('../apis/briefing.mjs');
+  const result = await runSource('ADS-B', async () => ({ status: 'disabled', message: 'missing key' }));
+
+  assert.equal(result.status, 'degraded');
+  assert.equal(result.error, null);
+});

test/dashboard-geotagging.test.mjs

@@ -0,0 +1,47 @@
+import test from 'node:test';
+import assert from 'node:assert/strict';
+import { geoTagText, stableGeoJitter } from '../dashboard/inject.mjs';
+
+test('geoTagText matches headlines case-insensitively', () => {
+  assert.deepEqual(geoTagText('ukraine reports new air defense activity'), {
+    lat: 49,
+    lon: 32,
+    region: 'Ukraine',
+  });
+
+  assert.deepEqual(geoTagText('flooding disrupts são paulo transport'), {
+    lat: -23.5,
+    lon: -46.6,
+    region: 'São Paulo',
+  });
+});
+
+test('geoTagText prefers longer place names before broad countries', () => {
+  assert.deepEqual(geoTagText('New York markets react before wider US session'), {
+    lat: 40.7,
+    lon: -74,
+    region: 'New York',
+  });
+});
+
+test('geoTagText uses word boundaries to reduce false positives', () => {
+  assert.equal(geoTagText('A music festival announces its lineup'), null);
+  assert.equal(geoTagText('Officials discuss a new focus for aid'), null);
+  assert.deepEqual(geoTagText('US officials discuss a new aid package'), {
+    lat: 39,
+    lon: -98,
+    region: 'US',
+  });
+});
+
+test('stableGeoJitter is deterministic and bounded', () => {
+  const key = 'BBC|lower-case ukraine headline|Sun, 17 May 2026 12:00:00 GMT|https://example.test/a';
+  const latA = stableGeoJitter(key, 'lat');
+  const latB = stableGeoJitter(key, 'lat');
+  const lon = stableGeoJitter(key, 'lon');
+
+  assert.equal(latA, latB);
+  assert.notEqual(latA, lon);
+  assert.ok(latA >= -1 && latA <= 1);
+  assert.ok(lon >= -1 && lon <= 1);
+});

test/fetch-utils.test.mjs

@@ -2,9 +2,11 @@ import test from 'node:test';
 import assert from 'node:assert/strict';
 import { readFileSync } from 'node:fs';
 import { safeFetch, safeFetchText, getFetchMetrics } from '../apis/utils/fetch.mjs';
+import { formatStaleAlert, shouldSendStaleAlert } from '../lib/stale-alerts.mjs';
 
 test('safeFetch reports HTML as degraded JSON response', async () => {
   const originalFetch = globalThis.fetch;
+  const source = 'unit-html-once';
   globalThis.fetch = async () => ({
     ok: true,
     status: 200,
@@ -12,9 +14,72 @@ test('safeFetch reports HTML as degraded JSON response', async () => {
     text: async () => '<html>not json</html>',
   });
   try {
-    const data = await safeFetch('https://example.test/json', { retries: 0, source: 'unit' });
+    const data = await safeFetch('https://example.test/json', { retries: 0, source });
     assert.match(data.error, /Expected JSON/);
-    assert.ok(getFetchMetrics().bySource.unit.requests >= 1);
+    const bucket = getFetchMetrics().bySource[source];
+    assert.equal(bucket.requests, 1);
+    assert.equal(bucket.ok, 0);
+    assert.equal(bucket.failed, 1);
+    assert.equal(bucket.lastStatus, 200);
+  } finally {
+    globalThis.fetch = originalFetch;
+  }
+});
+
+test('safeFetch records HTTP failure once with status and bytes', async () => {
+  const originalFetch = globalThis.fetch;
+  const source = 'unit-http-failure-once';
+  globalThis.fetch = async () => ({
+    ok: false,
+    status: 503,
+    headers: { get: () => 'application/json' },
+    text: async () => 'service unavailable',
+  });
+  try {
+    const data = await safeFetch('https://example.test/fail', { retries: 0, source });
+    assert.match(data.error, /HTTP 503/);
+    const bucket = getFetchMetrics().bySource[source];
+    assert.equal(bucket.requests, 1);
+    assert.equal(bucket.ok, 0);
+    assert.equal(bucket.failed, 1);
+    assert.equal(bucket.lastStatus, 503);
+    assert.equal(bucket.bytes, 'service unavailable'.length);
+    assert.match(bucket.lastError, /HTTP 503/);
+  } finally {
+    globalThis.fetch = originalFetch;
+  }
+});
+
+test('safeFetch retry metrics count one record per attempt', async () => {
+  const originalFetch = globalThis.fetch;
+  const source = 'unit-retry-attempts';
+  let calls = 0;
+  globalThis.fetch = async () => {
+    calls += 1;
+    if (calls === 1) {
+      return {
+        ok: false,
+        status: 502,
+        headers: { get: () => 'application/json' },
+        text: async () => 'bad gateway',
+      };
+    }
+    return {
+      ok: true,
+      status: 200,
+      headers: { get: () => 'application/json' },
+      text: async () => '{"ok":true}',
+    };
+  };
+  try {
+    const data = await safeFetch('https://example.test/retry', { retries: 1, source });
+    assert.equal(data.ok, true);
+    assert.equal(calls, 2);
+    const bucket = getFetchMetrics().bySource[source];
+    assert.equal(bucket.requests, 2);
+    assert.equal(bucket.ok, 1);
+    assert.equal(bucket.failed, 1);
+    assert.equal(bucket.lastStatus, 200);
   } finally {
     globalThis.fetch = originalFetch;
   }
@@ -36,6 +101,132 @@ test('safeFetchText returns text and byte count', async () => {
   }
 });
 
+test('SSE endpoint sends reconnect guidance and clears heartbeat timer', () => {
+  const server = readFileSync(new URL('../server.mjs', import.meta.url), 'utf8');
+  const config = readFileSync(new URL('../crucix.config.mjs', import.meta.url), 'utf8');
+  assert.match(config, /sseHeartbeatIntervalMs/);
+  assert.match(server, /retry: 10000\\n/);
+  assert.match(server, /setInterval\(\(\) =>/);
+  assert.match(server, /: heartbeat/);
+  assert.match(server, /clearInterval\(heartbeat\)/);
+  assert.match(server, /X-Accel-Buffering/);
+});
+
+test('intelligence store defines durable memory and prediction lifecycle tables', () => {
+  const store = readFileSync(new URL('../lib/intelligence-store.mjs', import.meta.url), 'utf8');
+  assert.match(store, /CREATE TABLE IF NOT EXISTS events/);
+  assert.match(store, /stable_id TEXT NOT NULL UNIQUE/);
+  assert.match(store, /hypothesis TEXT/);
+  assert.match(store, /evidence_json TEXT/);
+  assert.match(store, /outcome_state TEXT DEFAULT 'open'/);
+  assert.match(store, /evaluatePredictions/);
+  assert.match(store, /queryMemory/);
+  assert.match(store, /listPredictions/);
+});
+
+test('server exposes memory-backed query APIs and dashboard memory action', () => {
+  const server = readFileSync(new URL('../server.mjs', import.meta.url), 'utf8');
+  const html = readFileSync(new URL('../dashboard/public/jarvis.html', import.meta.url), 'utf8');
+  assert.match(server, /\/api\/memory\/search/);
+  assert.match(server, /\/api\/memory\/predictions/);
+  assert.match(server, /action === 'memory'/);
+  assert.match(html, /runTerminalAction\('memory'\)/);
+});
+
+test('terminal action endpoints avoid URL tokens and include hardening gates', () => {
+  const server = readFileSync(new URL('../server.mjs', import.meta.url), 'utf8');
+  assert.match(server, /app\.post\('\/api\/action'/);
+  assert.match(server, /app\.post\('\/api\/sweep'/);
+  assert.match(server, /x-crucix-token/);
+  assert.match(server, /sameOriginPost/);
+  assert.match(server, /rateLimitTerminalAction/);
+  assert.match(server, /auditTerminalAction/);
+  assert.doesNotMatch(server, /req\.query\.token/);
+});
+
+test('dashboard exposes token configuration flow without devtools edits', () => {
+  const html = readFileSync(new URL('../dashboard/public/jarvis.html', import.meta.url), 'utf8');
+  assert.match(html, /configureTerminalActionToken/);
+  assert.match(html, /crucix_sweep_token/);
+  assert.match(html, /x-crucix-token/);
+  assert.match(html, /SET TOKEN/);
+});
+
+test('server dashboard shell does not embed an operational snapshot', () => {
+  const html = readFileSync(new URL('../dashboard/public/jarvis.html', import.meta.url), 'utf8');
+  assert.match(html, /let D = createDashboardShellData\(\);/);
+  assert.doesNotMatch(html, /2026-04-03T16:18:10\.188Z/);
+  assert.doesNotMatch(html, /Trump announced new strikes on Iran/);
+});
+
+test('server dashboard fetches api data before initialization', () => {
+  const html = readFileSync(new URL('../dashboard/public/jarvis.html', import.meta.url), 'utf8');
+  const serverMode = html.indexOf('if (canProbeApi)');
+  const apiFetch = html.indexOf("fetch('/api/data')");
+  const firstInitAfterServerMode = html.indexOf('init();', serverMode);
+
+  assert.ok(serverMode > -1);
+  assert.ok(apiFetch > serverMode);
+  assert.ok(firstInitAfterServerMode > apiFetch);
+});
+
+test('stale alert is skipped for fresh health and resets active key', () => {
+  const state = { lastStaleAlertKey: 'old', lastStaleAlertAt: 100 };
+  const decision = shouldSendStaleAlert({ stale: false }, state, { now: 200 });
+  assert.equal(decision.send, false);
+  assert.equal(decision.reason, 'not_stale');
+  assert.equal(state.lastStaleAlertKey, null);
+});
+
+test('stale alert sends once and deduplicates during cooldown', () => {
+  const state = {};
+  const health = {
+    stale: true,
+    lastSuccessfulSweep: '2026-05-17T08:00:00.000Z',
+    lastSweepError: 'network timeout',
+    sourcesFailed: 2,
+    sourcesDegraded: 1,
+  };
+
+  const first = shouldSendStaleAlert(health, state, { now: 1_000, cooldownMs: 60_000 });
+  const second = shouldSendStaleAlert(health, state, { now: 2_000, cooldownMs: 60_000 });
+
+  assert.equal(first.send, true);
+  assert.equal(second.send, false);
+  assert.equal(second.reason, 'cooldown');
+});
+
+test('stale alert repeats after cooldown', () => {
+  const state = {};
+  const health = { stale: true, lastSuccessfulSweep: 'a', lastSweepError: 'timeout', sourcesFailed: 1 };
+
+  assert.equal(shouldSendStaleAlert(health, state, { now: 1_000, cooldownMs: 60_000 }).send, true);
+  assert.equal(shouldSendStaleAlert(health, state, { now: 62_000, cooldownMs: 60_000 }).send, true);
+});
+
+test('stale alert message includes operator context and affected sources', () => {
+  const message = formatStaleAlert({
+    status: 'stale',
+    stale: true,
+    dataAgeSeconds: 7200,
+    lastSuccessfulSweep: '2026-05-17T08:00:00.000Z',
+    lastSweep: '2026-05-17T10:00:00.000Z',
+    lastSweepError: 'GDELT timeout',
+    sourcesOk: 20,
+    sourcesDegraded: 3,
+    sourcesFailed: 2,
+    sourceHealth: [
+      { name: 'GDELT', status: 'degraded', error: 'timeout' },
+      { name: 'Reddit', status: 'no_credentials' },
+    ],
+  }, { dashboardUrl: 'https://terminal.example.test', context: 'failed sweep' });
+
+  assert.match(message, /CRUCIX STALE DATA ALERT/);
+  assert.match(message, /Data age: 120 minutes/);
+  assert.match(message, /GDELT: degraded \(timeout\)/);
+  assert.match(message, /Dashboard: https:\/\/terminal\.example\.test/);
+});
+
 test('scenario watchlist feature is wired into sweep, briefing, and dashboard', () => {
   const scenarios = readFileSync(new URL('../lib/scenarios.mjs', import.meta.url), 'utf8');
   const server = readFileSync(new URL('../server.mjs', import.meta.url), 'utf8');

test/mojibake-text.test.mjs

@@ -0,0 +1,65 @@
+import test from 'node:test';
+import assert from 'node:assert/strict';
+import { readdirSync, readFileSync, statSync } from 'node:fs';
+import { join } from 'node:path';
+
+const TEXT_ROOTS = ['locales'];
+
+const TEXT_FILES = [];
+
+const EXTENSIONS = new Set(['.json', '.html', '.mjs']);
+
+const MOJIBAKE_PATTERNS = [
+  { name: 'latin1-accent', pattern: /\u00c3./g },
+  { name: 'stray-cp1252-prefix', pattern: /\u00c2./g },
+  { name: 'emoji-mojibake', pattern: /\u00f0\u0178/g },
+  {
+    name: 'punctuation-mojibake',
+    pattern: /\u00e2[\u0080-\u009f\u20ac\u0153\u2018\u2019\u201c\u201d\u2013\u2014\u2022\u2026\u201e\u2021\u02c6\u2030\u2039\u203a\u0152\u017d]/g,
+  },
+  { name: 'variation-selector-mojibake', pattern: /\u00ef\u00b8/g },
+  { name: 'ligature-mojibake', pattern: /\u00c5[\u0080-\u017f]/g },
+  { name: 'replacement-character', pattern: /\ufffd/g },
+];
+
+function collectFiles(root) {
+  const out = [];
+  for (const entry of readdirSync(root, { withFileTypes: true })) {
+    const path = join(root, entry.name);
+    if (entry.isDirectory()) {
+      out.push(...collectFiles(path));
+    } else if (EXTENSIONS.has(path.slice(path.lastIndexOf('.')))) {
+      out.push(path);
+    }
+  }
+  return out;
+}
+
+function textFiles() {
+  const discovered = TEXT_ROOTS.flatMap(root => collectFiles(root));
+  const explicit = TEXT_FILES.filter(path => statSync(path, { throwIfNoEntry: false })?.isFile());
+  return [...new Set([...discovered, ...explicit])].sort();
+}
+
+test('locale JSON files are valid UTF-8 JSON', () => {
+  for (const file of collectFiles('locales')) {
+    assert.doesNotThrow(() => JSON.parse(readFileSync(file, 'utf8')), `${file} must parse as JSON`);
+  }
+});
+
+test('locale text does not contain known mojibake sequences', () => {
+  const failures = [];
+
+  for (const file of textFiles()) {
+    const text = readFileSync(file, 'utf8');
+    for (const { name, pattern } of MOJIBAKE_PATTERNS) {
+      for (const match of text.matchAll(pattern)) {
+        const start = Math.max(0, match.index - 30);
+        const end = Math.min(text.length, match.index + 50);
+        failures.push(`${file}: ${name}: ${JSON.stringify(text.slice(start, end))}`);
+      }
+    }
+  }
+
+  assert.deepEqual(failures, []);
+});