docs: update CLAUDE.md with persistent route catalog conventions

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

.claude/rules/app-classes.md

@@ -0,0 +1,110 @@
+---
+paths:
+  - "cameleer-server-app/**"
+---
+
+# App Module Key Classes
+
+`cameleer-server-app/src/main/java/com/cameleer/server/app/`
+
+## controller/ — REST endpoints
+
+- `AgentRegistrationController` — POST /register, POST /heartbeat, GET / (list), POST /refresh-token
+- `AgentSseController` — GET /sse (Server-Sent Events connection)
+- `AgentCommandController` — POST /broadcast, POST /{agentId}, POST /{agentId}/ack
+- `AppController` — CRUD /api/v1/apps, POST /{appId}/upload-jar, GET /{appId}/versions
+- `DeploymentController` — GET/POST /api/v1/apps/{appId}/deployments, POST /{id}/stop, POST /{id}/promote, GET /{id}/logs
+- `EnvironmentAdminController` — CRUD /api/v1/admin/environments, PUT /{id}/jar-retention
+- `ExecutionController` — GET /api/v1/executions (search + detail)
+- `SearchController` — POST /api/v1/search, GET /routes, GET /top-errors, GET /punchcard
+- `LogQueryController` — GET /api/v1/logs (filters: source, application, agentId, exchangeId, level, logger, q, environment, time range)
+- `LogIngestionController` — POST /api/v1/data/logs (accepts `List<LogEntry>` JSON array, each entry has `source`: app/agent). Logs WARN for: missing agent identity, unregistered agents, empty payloads, buffer-full drops, deserialization failures. Normal acceptance at DEBUG.
+- `CatalogController` — GET /api/v1/catalog (unified app catalog merging PG managed apps + in-memory agents + CH stats), DELETE /api/v1/catalog/{applicationId} (ADMIN: dismiss app, purge all CH data + PG record). Auto-filters discovered apps older than `discoveryttldays` with no live agents.
+- `ChunkIngestionController` — POST /api/v1/ingestion/chunk/{executions|metrics|diagrams}
+- `UserAdminController` — CRUD /api/v1/admin/users, POST /{id}/roles, POST /{id}/set-password
+- `RoleAdminController` — CRUD /api/v1/admin/roles
+- `GroupAdminController` — CRUD /api/v1/admin/groups
+- `OidcConfigAdminController` — GET/POST /api/v1/admin/oidc, POST /test
+- `SensitiveKeysAdminController` — GET/PUT /api/v1/admin/sensitive-keys. GET returns 200 with config or 204 if not configured. PUT accepts `{ keys: [...] }` with optional `?pushToAgents=true` to fan out merged keys to all LIVE agents. Stored in `server_config` table (key `sensitive_keys`).
+- `AuditLogController` — GET /api/v1/admin/audit
+- `MetricsController` — GET /api/v1/metrics, GET /timeseries
+- `DiagramController` — GET /api/v1/diagrams/{id}, POST /
+- `DiagramRenderController` — POST /api/v1/diagrams/render (ELK layout)
+- `ClaimMappingAdminController` — CRUD /api/v1/admin/claim-mappings, POST /test (accepts inline rules + claims for preview without saving)
+- `LicenseAdminController` — GET/POST /api/v1/admin/license
+- `AgentEventsController` — GET /api/v1/agent-events (agent state change history)
+- `AgentMetricsController` — GET /api/v1/agent-metrics (JVM/Camel metrics per agent instance)
+- `AppSettingsController` — GET/PUT /api/v1/apps/{appId}/settings
+- `ApplicationConfigController` — GET/PUT /api/v1/apps/{appId}/config (traced processors, route recording, sensitive keys per app)
+- `ClickHouseAdminController` — GET /api/v1/admin/clickhouse (ClickHouse admin, conditional on infrastructure endpoints)
+- `DatabaseAdminController` — GET /api/v1/admin/database (PG admin, conditional on infrastructure endpoints)
+- `DetailController` — GET /api/v1/detail (execution detail with processor tree)
+- `EventIngestionController` — POST /api/v1/data/events (agent event ingestion)
+- `RbacStatsController` — GET /api/v1/admin/rbac/stats
+- `RouteCatalogController` — GET /api/v1/routes/catalog (merged route catalog from registry + ClickHouse)
+- `RouteMetricsController` — GET /api/v1/route-metrics (per-route Camel metrics)
+- `ThresholdAdminController` — CRUD /api/v1/admin/thresholds
+- `UsageAnalyticsController` — GET /api/v1/admin/usage (ClickHouse usage_events)
+
+## runtime/ — Docker orchestration
+
+- `DockerRuntimeOrchestrator` — implements RuntimeOrchestrator; Docker Java client (zerodep transport), container lifecycle
+- `DeploymentExecutor` — @Async staged deploy: PRE_FLIGHT -> PULL_IMAGE -> CREATE_NETWORK -> START_REPLICAS -> HEALTH_CHECK -> SWAP_TRAFFIC -> COMPLETE. Container names are `{tenantId}-{envSlug}-{appSlug}-{replicaIndex}` (globally unique on Docker daemon). Sets per-replica `CAMELEER_AGENT_INSTANCEID` env var to `{envSlug}-{appSlug}-{replicaIndex}`.
+- `DockerNetworkManager` — ensures bridge networks (cameleer-traefik, cameleer-env-{slug}), connects containers
+- `DockerEventMonitor` — persistent Docker event stream listener (die, oom, start, stop), updates deployment status
+- `TraefikLabelBuilder` — generates Traefik Docker labels for path-based or subdomain routing. Also emits `cameleer.replica` and `cameleer.instance-id` labels per container for labels-first identity.
+- `PrometheusLabelBuilder` — generates Prometheus Docker labels (`prometheus.scrape/path/port`) per runtime type for `docker_sd_configs` auto-discovery
+- `ContainerLogForwarder` — streams Docker container stdout/stderr to ClickHouse with `source='container'`. One follow-stream thread per container, batches lines every 2s/50 lines via `ClickHouseLogStore.insertBufferedBatch()`. 60-second max capture timeout.
+- `DisabledRuntimeOrchestrator` — no-op when runtime not enabled
+
+## metrics/ — Prometheus observability
+
+- `ServerMetrics` — centralized business metrics: gauges (agents by state, SSE connections, buffer depths), counters (ingestion drops, agent transitions, deployment outcomes, auth failures), timers (flush duration, deployment duration). Exposed via `/api/v1/prometheus`.
+
+## storage/ — PostgreSQL repositories (JdbcTemplate)
+
+- `PostgresAppRepository`, `PostgresAppVersionRepository`, `PostgresEnvironmentRepository`
+- `PostgresDeploymentRepository` — includes JSONB replica_states, deploy_stage, findByContainerId
+- `PostgresUserRepository`, `PostgresRoleRepository`, `PostgresGroupRepository`
+- `PostgresAuditRepository`, `PostgresOidcConfigRepository`, `PostgresClaimMappingRepository`, `PostgresSensitiveKeysRepository`
+- `PostgresAppSettingsRepository`, `PostgresApplicationConfigRepository`, `PostgresThresholdRepository`
+
+## storage/ — ClickHouse stores
+
+- `ClickHouseExecutionStore`, `ClickHouseMetricsStore`, `ClickHouseMetricsQueryStore`
+- `ClickHouseStatsStore` — pre-aggregated stats, punchcard
+- `ClickHouseDiagramStore`, `ClickHouseAgentEventRepository`
+- `ClickHouseUsageTracker` — usage_events for billing
+- `ClickHouseRouteCatalogStore` — persistent route catalog with first_seen cache, warm-loaded on startup
+
+## search/ — ClickHouse search and log stores
+
+- `ClickHouseLogStore` — log storage and query, MDC-based exchange/processor correlation
+- `ClickHouseSearchIndex` — full-text search
+
+## security/ — Spring Security
+
+- `SecurityConfig` — WebSecurityFilterChain, JWT filter, CORS, OIDC conditional
+- `JwtAuthenticationFilter` — OncePerRequestFilter, validates Bearer tokens
+- `JwtServiceImpl` — HMAC-SHA256 JWT (Nimbus JOSE)
+- `OidcAuthController` — /api/v1/auth/oidc (login-uri, token-exchange, logout)
+- `OidcTokenExchanger` — code -> tokens, role extraction from access_token then id_token
+- `OidcProviderHelper` — OIDC discovery, JWK source cache
+
+## agent/ — Agent lifecycle
+
+- `SseConnectionManager` — manages per-agent SSE connections, delivers commands
+- `AgentLifecycleMonitor` — @Scheduled 10s, LIVE->STALE->DEAD transitions
+- `SsePayloadSigner` — Ed25519 signs SSE payloads for agent verification
+
+## retention/ — JAR cleanup
+
+- `JarRetentionJob` — @Scheduled 03:00 daily, per-environment retention, skips deployed versions
+
+## config/ — Spring beans
+
+- `RuntimeOrchestratorAutoConfig` — conditional Docker/Disabled orchestrator + NetworkManager + EventMonitor
+- `RuntimeBeanConfig` — DeploymentExecutor, AppService, EnvironmentService
+- `SecurityBeanConfig` — JwtService, Ed25519, BootstrapTokenValidator
+- `StorageBeanConfig` — all repositories
+- `ClickHouseConfig` — ClickHouse JdbcTemplate, schema initializer

.claude/rules/cicd.md

@@ -0,0 +1,24 @@
+---
+paths:
+  - ".gitea/**"
+  - "deploy/**"
+  - "Dockerfile"
+  - "docker-entrypoint.sh"
+---
+
+# CI/CD & Deployment
+
+- CI workflow: `.gitea/workflows/ci.yml` — build -> docker -> deploy on push to main or feature branches
+- Build step skips integration tests (`-DskipITs`) — Testcontainers needs Docker daemon
+- Docker: multi-stage build (`Dockerfile`), `$BUILDPLATFORM` for native Maven on ARM64 runner, amd64 runtime. `docker-entrypoint.sh` imports `/certs/ca.pem` into JVM truststore before starting the app (supports custom CAs for OIDC discovery without `CAMELEER_SERVER_SECURITY_OIDCTLSSKIPVERIFY`).
+- `REGISTRY_TOKEN` build arg required for `cameleer-common` dependency resolution
+- Registry: `gitea.siegeln.net/cameleer/cameleer-server` (container images)
+- K8s manifests in `deploy/` — Kustomize base + overlays (main/feature), shared infra (PostgreSQL, ClickHouse, Logto) as top-level manifests
+- Deployment target: k3s at 192.168.50.86, namespace `cameleer` (main), `cam-<slug>` (feature branches)
+- Feature branches: isolated namespace, PG schema; Traefik Ingress at `<slug>-api.cameleer.siegeln.net`
+- Secrets managed in CI deploy step (idempotent `--dry-run=client | kubectl apply`): `cameleer-auth`, `cameleer-postgres-credentials`, `cameleer-clickhouse-credentials`
+- K8s probes: server uses `/api/v1/health`, PostgreSQL uses `pg_isready -U "$POSTGRES_USER"` (env var, not hardcoded)
+- K8s security: server and database pods run with `securityContext.runAsNonRoot`. UI (nginx) runs without securityContext (needs root for entrypoint setup).
+- Docker: server Dockerfile has no default credentials — all DB config comes from env vars at runtime
+- Docker build uses buildx registry cache + `--provenance=false` for Gitea compatibility
+- CI: branch slug sanitization extracted to `.gitea/sanitize-branch.sh`, sourced by docker and deploy-feature jobs

.claude/rules/core-classes.md

@@ -0,0 +1,98 @@
+---
+paths:
+  - "cameleer-server-core/**"
+---
+
+# Core Module Key Classes
+
+`cameleer-server-core/src/main/java/com/cameleer/server/core/`
+
+## agent/ — Agent lifecycle and commands
+
+- `AgentRegistryService` — in-memory registry (ConcurrentHashMap), register/heartbeat/lifecycle
+- `AgentInfo` — record: id, name, application, environmentId, version, routeIds, capabilities, state
+- `AgentCommand` — record: id, type, targetAgent, payload, createdAt, expiresAt
+- `AgentEventService` — records agent state changes, heartbeats
+- `AgentState` — enum: LIVE, STALE, DEAD, SHUTDOWN
+- `CommandType` — enum for command types (config-update, deep-trace, replay, route-control, etc.)
+- `CommandStatus` — enum for command acknowledgement states
+- `CommandReply` — record: command execution result from agent
+- `AgentEventRecord`, `AgentEventRepository` — event persistence
+- `AgentEventListener` — callback interface for agent events
+- `RouteStateRegistry` — tracks per-agent route states
+
+## runtime/ — App/Environment/Deployment domain
+
+- `App` — record: id, environmentId, slug, displayName, containerConfig (JSONB)
+- `AppVersion` — record: id, appId, version, jarPath, detectedRuntimeType, detectedMainClass
+- `Environment` — record: id, slug, jarRetentionCount
+- `Deployment` — record: id, appId, appVersionId, environmentId, status, targetState, deploymentStrategy, replicaStates (JSONB), deployStage, containerId, containerName
+- `DeploymentStatus` — enum: STOPPED, STARTING, RUNNING, DEGRADED, STOPPING, FAILED
+- `DeployStage` — enum: PRE_FLIGHT, PULL_IMAGE, CREATE_NETWORK, START_REPLICAS, HEALTH_CHECK, SWAP_TRAFFIC, COMPLETE
+- `DeploymentService` — createDeployment (deletes terminal deployments first), markRunning, markFailed, markStopped
+- `RuntimeType` — enum: AUTO, SPRING_BOOT, QUARKUS, PLAIN_JAVA, NATIVE
+- `RuntimeDetector` — probes JAR files at upload time: detects runtime from manifest Main-Class (Spring Boot loader, Quarkus entry point, plain Java) or native binary (non-ZIP magic bytes)
+- `ContainerRequest` — record: 20 fields for Docker container creation (includes runtimeType, customArgs, mainClass)
+- `ContainerStatus` — record: state, running, exitCode, error
+- `ResolvedContainerConfig` — record: typed config with memoryLimitMb, memoryReserveMb, cpuRequest, cpuLimit, appPort, exposedPorts, customEnvVars, stripPathPrefix, sslOffloading, routingMode, routingDomain, serverUrl, replicas, deploymentStrategy, routeControlEnabled, replayEnabled, runtimeType, customArgs, extraNetworks
+- `RoutingMode` — enum for routing strategies
+- `ConfigMerger` — pure function: resolve(globalDefaults, envConfig, appConfig) -> ResolvedContainerConfig
+- `RuntimeOrchestrator` — interface: startContainer, stopContainer, getContainerStatus, getLogs, startLogCapture, stopLogCapture
+- `AppRepository`, `AppVersionRepository`, `EnvironmentRepository`, `DeploymentRepository` — repository interfaces
+- `AppService`, `EnvironmentService` — domain services
+
+## search/ — Execution search and stats
+
+- `SearchService` — search, count, stats, statsForApp, timeseries, timeseriesForApp, timeseriesForRoute, timeseriesGroupedByApp, timeseriesGroupedByRoute, slaCompliance, slaCountsByApp, slaCountsByRoute, topErrors, activeErrorTypes, punchcard, distinctAttributeKeys
+- `SearchRequest` / `SearchResult` — search DTOs
+- `ExecutionStats`, `ExecutionSummary` — stats aggregation records
+- `StatsTimeseries`, `TopError` — timeseries and error DTOs
+- `LogSearchRequest` / `LogSearchResponse` — log search DTOs
+
+## storage/ — Storage abstractions
+
+- `ExecutionStore`, `MetricsStore`, `MetricsQueryStore`, `StatsStore`, `DiagramStore`, `RouteCatalogStore`, `SearchIndex`, `LogIndex` — interfaces
+- `RouteCatalogEntry` — record: applicationId, routeId, environment, firstSeen, lastSeen
+- `LogEntryResult` — log query result record
+- `model/` — `ExecutionDocument`, `MetricTimeSeries`, `MetricsSnapshot`
+
+## rbac/ — Role-based access control
+
+- `RbacService` — interface: role/group CRUD, assignRoleToUser, removeRoleFromUser, addUserToGroup, removeUserFromGroup, getDirectRolesForUser, getEffectiveRolesForUser, clearManagedAssignments, assignManagedRole, addUserToManagedGroup, getStats, listUsers
+- `SystemRole` — enum: AGENT, VIEWER, OPERATOR, ADMIN; `normalizeScope()` maps scopes
+- `UserDetail`, `RoleDetail`, `GroupDetail` — records
+- `UserSummary`, `RoleSummary`, `GroupSummary` — lightweight list records
+- `RbacStats` — aggregate stats record
+- `AssignmentOrigin` — enum: DIRECT, CLAIM_MAPPING (tracks how roles were assigned)
+- `ClaimMappingRule` — record: OIDC claim-to-role mapping rule
+- `ClaimMappingService` — interface: CRUD for claim mapping rules
+- `ClaimMappingRepository` — persistence interface
+- `RoleRepository`, `GroupRepository` — persistence interfaces
+
+## admin/ — Server-wide admin config
+
+- `SensitiveKeysConfig` — record: keys (List<String>, immutable)
+- `SensitiveKeysRepository` — interface: find(), save()
+- `SensitiveKeysMerger` — pure function: merge(global, perApp) -> union with case-insensitive dedup, preserves first-seen casing. Returns null when both inputs null.
+- `AppSettings`, `AppSettingsRepository` — per-app settings config and persistence
+- `ThresholdConfig`, `ThresholdRepository` — alerting threshold config and persistence
+- `AuditService` — audit logging facade
+- `AuditRecord`, `AuditResult`, `AuditCategory`, `AuditRepository` — audit trail records and persistence
+
+## security/ — Auth
+
+- `JwtService` — interface: createAccessToken, createRefreshToken, validateAccessToken, validateRefreshToken
+- `Ed25519SigningService` — interface: sign, getPublicKeyBase64 (config signing)
+- `OidcConfig` — record: enabled, issuerUri, clientId, clientSecret, rolesClaim, defaultRoles, autoSignup, displayNameClaim, userIdClaim, audience, additionalScopes
+- `OidcConfigRepository` — persistence interface
+- `PasswordPolicyValidator` — min 12 chars, 3-of-4 character classes, no username match
+- `UserInfo`, `UserRepository` — user identity records and persistence
+- `InvalidTokenException` — thrown on revoked/expired tokens
+
+## ingestion/ — Buffered data pipeline
+
+- `IngestionService` — ingestExecution, ingestMetric, ingestLog, ingestDiagram
+- `ChunkAccumulator` — batches data for efficient flush
+- `WriteBuffer` — bounded ring buffer for async flush
+- `BufferedLogEntry` — log entry wrapper with metadata
+- `MergedExecution`, `TaggedExecution`, `TaggedDiagram` — tagged ingestion records

.claude/rules/docker-orchestration.md

@@ -0,0 +1,76 @@
+---
+paths:
+  - "cameleer-server-app/**/runtime/**"
+  - "cameleer-server-core/**/runtime/**"
+  - "deploy/**"
+  - "docker-compose*.yml"
+  - "Dockerfile"
+  - "docker-entrypoint.sh"
+---
+
+# Docker Orchestration
+
+When deployed via the cameleer-saas platform, this server orchestrates customer app containers using Docker. Key components:
+
+- **ConfigMerger** (`core/runtime/ConfigMerger.java`) — pure function: resolve(globalDefaults, envConfig, appConfig) -> ResolvedContainerConfig. Three-layer merge: global (application.yml) -> environment (defaultContainerConfig JSONB) -> app (containerConfig JSONB). Includes `runtimeType` (default `"auto"`) and `customArgs` (default `""`).
+- **TraefikLabelBuilder** (`app/runtime/TraefikLabelBuilder.java`) — generates Traefik Docker labels for path-based (`/{envSlug}/{appSlug}/`) or subdomain-based (`{appSlug}-{envSlug}.{domain}`) routing. Supports strip-prefix and SSL offloading toggles. Also sets per-replica identity labels: `cameleer.replica` (index) and `cameleer.instance-id` (`{envSlug}-{appSlug}-{replicaIndex}`). Internal processing uses labels (not container name parsing) for extensibility.
+- **PrometheusLabelBuilder** (`app/runtime/PrometheusLabelBuilder.java`) — generates Prometheus `docker_sd_configs` labels per resolved runtime type: Spring Boot `/actuator/prometheus:8081`, Quarkus/native `/q/metrics:9000`, plain Java `/metrics:9464`. Labels merged into container metadata alongside Traefik labels at deploy time.
+- **DockerNetworkManager** (`app/runtime/DockerNetworkManager.java`) — manages two Docker network tiers:
+  - `cameleer-traefik` — shared network; Traefik, server, and all app containers attach here. Server joined via docker-compose with `cameleer-server` DNS alias.
+  - `cameleer-env-{slug}` — per-environment isolated network; containers in the same environment discover each other via Docker DNS. In SaaS mode, env networks are tenant-scoped: `cameleer-env-{tenantId}-{envSlug}` (overloaded `envNetworkName(tenantId, envSlug)` method) to prevent cross-tenant collisions when multiple tenants have identically-named environments.
+- **DockerEventMonitor** (`app/runtime/DockerEventMonitor.java`) — persistent Docker event stream listener for containers with `managed-by=cameleer-server` label. Detects die/oom/start/stop events and updates deployment replica states. Periodic reconciliation (@Scheduled every 30s) inspects actual container state and corrects deployment status mismatches (fixes stale DEGRADED with all replicas healthy).
+- **DeploymentProgress** (`ui/src/components/DeploymentProgress.tsx`) — UI step indicator showing 7 deploy stages with amber active/green completed styling.
+- **ContainerLogForwarder** (`app/runtime/ContainerLogForwarder.java`) — streams Docker container stdout/stderr to ClickHouse `logs` table with `source='container'`. Uses `docker logs --follow` per container, batches lines every 2s or 50 lines. Parses Docker timestamp prefix, infers log level via regex. `DeploymentExecutor` starts capture after each replica launches with the replica's `instanceId` (`{envSlug}-{appSlug}-{replicaIndex}`); `DockerEventMonitor` stops capture on die/oom. 60-second max capture timeout with 30s cleanup scheduler. Thread pool of 10 daemon threads. Container logs use the same `instanceId` as the agent (set via `CAMELEER_AGENT_INSTANCEID` env var) for unified log correlation at the instance level.
+- **StartupLogPanel** (`ui/src/components/StartupLogPanel.tsx`) — collapsible log panel rendered below `DeploymentProgress`. Queries `/api/v1/logs?source=container&application={appSlug}&environment={envSlug}`. Auto-polls every 3s while deployment is STARTING; shows green "live" badge during polling, red "stopped" badge on FAILED. Uses `useStartupLogs` hook and `LogViewer` (design system).
+
+## DeploymentExecutor Details
+
+Primary network for app containers is set via `CAMELEER_SERVER_RUNTIME_DOCKERNETWORK` env var (in SaaS mode: `cameleer-tenant-{slug}`); apps also connect to `cameleer-traefik` (routing) and `cameleer-env-{tenantId}-{envSlug}` (per-environment discovery) as additional networks. Resolves `runtimeType: auto` to concrete type from `AppVersion.detectedRuntimeType` at PRE_FLIGHT (fails deployment if unresolvable). Builds Docker entrypoint per runtime type (all JVM types use `-javaagent:/app/agent.jar -jar`, plain Java uses `-cp` with main class, native runs binary directly). Sets per-replica `CAMELEER_AGENT_INSTANCEID` env var to `{envSlug}-{appSlug}-{replicaIndex}` so container logs and agent logs share the same instance identity. Sets `CAMELEER_AGENT_*` env vars from `ResolvedContainerConfig` (routeControlEnabled, replayEnabled, health port). These are startup-only agent properties — changing them requires redeployment.
+
+## Deployment Status Model
+
+| Status | Meaning |
+|--------|---------|
+| `STOPPED` | Intentionally stopped or initial state |
+| `STARTING` | Deploy in progress |
+| `RUNNING` | All replicas healthy and serving |
+| `DEGRADED` | Some replicas healthy, some dead |
+| `STOPPING` | Graceful shutdown in progress |
+| `FAILED` | Terminal failure (pre-flight, health check, or crash) |
+
+**Replica support**: deployments can specify a replica count. `DEGRADED` is used when at least one but not all replicas are healthy.
+
+**Deploy stages** (`DeployStage`): PRE_FLIGHT -> PULL_IMAGE -> CREATE_NETWORK -> START_REPLICAS -> HEALTH_CHECK -> SWAP_TRAFFIC -> COMPLETE (or FAILED at any stage).
+
+**Blue/green strategy**: when re-deploying, new replicas are started and health-checked before old ones are stopped, minimising downtime.
+
+**Deployment uniqueness**: `DeploymentService.createDeployment()` deletes any STOPPED/FAILED deployments for the same app+environment before creating a new one, preventing duplicate rows.
+
+## JAR Management
+
+- **Retention policy** per environment: configurable maximum number of JAR versions to keep. Older JARs are deleted automatically.
+- **Nightly cleanup job** (`JarRetentionJob`, Spring `@Scheduled` 03:00): purges JARs exceeding the retention limit and removes orphaned files not referenced by any app version. Skips versions currently deployed.
+- **Volume-based JAR mounting** for Docker-in-Docker setups: set `CAMELEER_SERVER_RUNTIME_JARDOCKERVOLUME` to the Docker volume name that contains the JAR storage directory. When set, the orchestrator mounts this volume into the container instead of bind-mounting the host path (required when the SaaS container itself runs inside Docker and the host path is not accessible from sibling containers).
+
+## Runtime Type Detection
+
+The server detects the app framework from uploaded JARs and builds Docker entrypoints. The agent shaded JAR bundles the log appender, so no separate `cameleer-log-appender.jar` or `PropertiesLauncher` is needed:
+
+- **Detection** (`RuntimeDetector`): runs at JAR upload time. Checks ZIP magic bytes (non-ZIP = native binary), then probes `META-INF/MANIFEST.MF` Main-Class: Spring Boot loader prefix -> `spring-boot`, Quarkus entry point -> `quarkus`, other Main-Class -> `plain-java` (extracts class name). Results stored on `AppVersion` (`detected_runtime_type`, `detected_main_class`).
+- **Runtime types** (`RuntimeType` enum): `AUTO`, `SPRING_BOOT`, `QUARKUS`, `PLAIN_JAVA`, `NATIVE`. Configurable per app/environment via `containerConfig.runtimeType` (default `"auto"`).
+- **Entrypoint per type**: All JVM types use `java -javaagent:/app/agent.jar -jar app.jar`. Plain Java uses `-cp` with explicit main class instead of `-jar`. Native runs the binary directly.
+- **Custom arguments** (`containerConfig.customArgs`): freeform string appended to the start command. Validated against a strict pattern to prevent shell injection (entrypoint uses `sh -c`).
+- **AUTO resolution**: at deploy time (PRE_FLIGHT), `"auto"` resolves to the detected type from `AppVersion`. Fails deployment if detection was unsuccessful — user must set type explicitly.
+- **UI**: Resources tab shows Runtime Type dropdown (with detection hint from latest uploaded version) and Custom Arguments text field.
+
+## SaaS Multi-Tenant Network Isolation
+
+In SaaS mode, each tenant's server and its deployed apps are isolated at the Docker network level:
+
+- **Tenant network** (`cameleer-tenant-{slug}`) — primary internal bridge for all of a tenant's containers. Set as `CAMELEER_SERVER_RUNTIME_DOCKERNETWORK` for the tenant's server instance. Tenant A's apps cannot reach tenant B's apps.
+- **Shared services network** — server also connects to the shared infrastructure network (PostgreSQL, ClickHouse, Logto) and `cameleer-traefik` for HTTP routing.
+- **Tenant-scoped environment networks** (`cameleer-env-{tenantId}-{envSlug}`) — per-environment discovery is scoped per tenant, so `alpha-corp`'s "dev" environment network is separate from `beta-corp`'s "dev" environment network.
+
+## nginx / Reverse Proxy
+
+- `client_max_body_size 200m` is required in the nginx config to allow JAR uploads up to 200 MB. Without this, large JAR uploads return 413.

.claude/rules/gitnexus.md

@@ -0,0 +1,98 @@
+# GitNexus — Code Intelligence
+
+This project is indexed by GitNexus as **cameleer-server** (6306 symbols, 15892 relationships, 300 execution flows). Use the GitNexus MCP tools to understand code, assess impact, and navigate safely.
+
+> If any GitNexus tool warns the index is stale, run `npx gitnexus analyze` in terminal first.
+
+## Always Do
+
+- **MUST run impact analysis before editing any symbol.** Before modifying a function, class, or method, run `gitnexus_impact({target: "symbolName", direction: "upstream"})` and report the blast radius (direct callers, affected processes, risk level) to the user.
+- **MUST run `gitnexus_detect_changes()` before committing** to verify your changes only affect expected symbols and execution flows.
+- **MUST warn the user** if impact analysis returns HIGH or CRITICAL risk before proceeding with edits.
+- When exploring unfamiliar code, use `gitnexus_query({query: "concept"})` to find execution flows instead of grepping. It returns process-grouped results ranked by relevance.
+- When you need full context on a specific symbol — callers, callees, which execution flows it participates in — use `gitnexus_context({name: "symbolName"})`.
+
+## When Debugging
+
+1. `gitnexus_query({query: "<error or symptom>"})` — find execution flows related to the issue
+2. `gitnexus_context({name: "<suspect function>"})` — see all callers, callees, and process participation
+3. `READ gitnexus://repo/cameleer-server/process/{processName}` — trace the full execution flow step by step
+4. For regressions: `gitnexus_detect_changes({scope: "compare", base_ref: "main"})` — see what your branch changed
+
+## When Refactoring
+
+- **Renaming**: MUST use `gitnexus_rename({symbol_name: "old", new_name: "new", dry_run: true})` first. Review the preview — graph edits are safe, text_search edits need manual review. Then run with `dry_run: false`.
+- **Extracting/Splitting**: MUST run `gitnexus_context({name: "target"})` to see all incoming/outgoing refs, then `gitnexus_impact({target: "target", direction: "upstream"})` to find all external callers before moving code.
+- After any refactor: run `gitnexus_detect_changes({scope: "all"})` to verify only expected files changed.
+
+## Never Do
+
+- NEVER edit a function, class, or method without first running `gitnexus_impact` on it.
+- NEVER ignore HIGH or CRITICAL risk warnings from impact analysis.
+- NEVER rename symbols with find-and-replace — use `gitnexus_rename` which understands the call graph.
+- NEVER commit changes without running `gitnexus_detect_changes()` to check affected scope.
+
+## Tools Quick Reference
+
+| Tool | When to use | Command |
+|------|-------------|---------|
+| `query` | Find code by concept | `gitnexus_query({query: "auth validation"})` |
+| `context` | 360-degree view of one symbol | `gitnexus_context({name: "validateUser"})` |
+| `impact` | Blast radius before editing | `gitnexus_impact({target: "X", direction: "upstream"})` |
+| `detect_changes` | Pre-commit scope check | `gitnexus_detect_changes({scope: "staged"})` |
+| `rename` | Safe multi-file rename | `gitnexus_rename({symbol_name: "old", new_name: "new", dry_run: true})` |
+| `cypher` | Custom graph queries | `gitnexus_cypher({query: "MATCH ..."})` |
+
+## Impact Risk Levels
+
+| Depth | Meaning | Action |
+|-------|---------|--------|
+| d=1 | WILL BREAK — direct callers/importers | MUST update these |
+| d=2 | LIKELY AFFECTED — indirect deps | Should test |
+| d=3 | MAY NEED TESTING — transitive | Test if critical path |
+
+## Resources
+
+| Resource | Use for |
+|----------|---------|
+| `gitnexus://repo/cameleer-server/context` | Codebase overview, check index freshness |
+| `gitnexus://repo/cameleer-server/clusters` | All functional areas |
+| `gitnexus://repo/cameleer-server/processes` | All execution flows |
+| `gitnexus://repo/cameleer-server/process/{name}` | Step-by-step execution trace |
+
+## Self-Check Before Finishing
+
+Before completing any code modification task, verify:
+1. `gitnexus_impact` was run for all modified symbols
+2. No HIGH/CRITICAL risk warnings were ignored
+3. `gitnexus_detect_changes()` confirms changes match expected scope
+4. All d=1 (WILL BREAK) dependents were updated
+
+## Keeping the Index Fresh
+
+After committing code changes, the GitNexus index becomes stale. Re-run analyze to update it:
+
+```bash
+npx gitnexus analyze
+```
+
+If the index previously included embeddings, preserve them by adding `--embeddings`:
+
+```bash
+npx gitnexus analyze --embeddings
+```
+
+To check whether embeddings exist, inspect `.gitnexus/meta.json` — the `stats.embeddings` field shows the count (0 means no embeddings). **Running analyze without `--embeddings` will delete any previously generated embeddings.**
+
+> Claude Code users: A PostToolUse hook handles this automatically after `git commit` and `git merge`.
+
+## CLI
+
+| Task | Read this skill file |
+|------|---------------------|
+| Understand architecture / "How does X work?" | `.claude/skills/gitnexus/gitnexus-exploring/SKILL.md` |
+| Blast radius / "What breaks if I change X?" | `.claude/skills/gitnexus/gitnexus-impact-analysis/SKILL.md` |
+| Trace bugs / "Why is X failing?" | `.claude/skills/gitnexus/gitnexus-debugging/SKILL.md` |
+| Rename / extract / split / refactor | `.claude/skills/gitnexus/gitnexus-refactoring/SKILL.md` |
+| Tools, resources, schema reference | `.claude/skills/gitnexus/gitnexus-guide/SKILL.md` |
+| Index, status, clean, wiki CLI commands | `.claude/skills/gitnexus/gitnexus-cli/SKILL.md` |

.claude/rules/metrics.md

@@ -0,0 +1,85 @@
+---
+paths:
+  - "cameleer-server-app/**/metrics/**"
+  - "cameleer-server-app/**/ServerMetrics*"
+  - "ui/src/pages/RuntimeTab/**"
+  - "ui/src/pages/DashboardTab/**"
+---
+
+# Prometheus Metrics
+
+Server exposes `/api/v1/prometheus` (unauthenticated, Prometheus text format). Spring Boot Actuator provides JVM, GC, thread pool, and `http.server.requests` metrics automatically. Business metrics via `ServerMetrics` component:
+
+## Gauges (auto-polled)
+
+| Metric | Tags | Source |
+|--------|------|--------|
+| `cameleer.agents.connected` | `state` (live, stale, dead, shutdown) | `AgentRegistryService.findByState()` |
+| `cameleer.agents.sse.active` | — | `SseConnectionManager.getConnectionCount()` |
+| `cameleer.ingestion.buffer.size` | `type` (execution, processor, log, metrics) | `WriteBuffer.size()` |
+| `cameleer.ingestion.accumulator.pending` | — | `ChunkAccumulator.getPendingCount()` |
+
+## Counters
+
+| Metric | Tags | Instrumented in |
+|--------|------|-----------------|
+| `cameleer.ingestion.drops` | `reason` (buffer_full, no_agent, no_identity) | `LogIngestionController` |
+| `cameleer.agents.transitions` | `transition` (went_stale, went_dead, recovered) | `AgentLifecycleMonitor` |
+| `cameleer.deployments.outcome` | `status` (running, failed, degraded) | `DeploymentExecutor` |
+| `cameleer.auth.failures` | `reason` (invalid_token, revoked, oidc_rejected) | `JwtAuthenticationFilter` |
+
+## Timers
+
+| Metric | Tags | Instrumented in |
+|--------|------|-----------------|
+| `cameleer.ingestion.flush.duration` | `type` (execution, processor, log) | `ExecutionFlushScheduler` |
+| `cameleer.deployments.duration` | — | `DeploymentExecutor` |
+
+## Agent container Prometheus labels (set by PrometheusLabelBuilder at deploy time)
+
+| Runtime Type | `prometheus.path` | `prometheus.port` |
+|---|---|---|
+| `spring-boot` | `/actuator/prometheus` | `8081` |
+| `quarkus` / `native` | `/q/metrics` | `9000` |
+| `plain-java` | `/metrics` | `9464` |
+
+All containers also get `prometheus.scrape=true`. These labels enable Prometheus `docker_sd_configs` auto-discovery.
+
+## Agent Metric Names (Micrometer)
+
+Agents send `MetricsSnapshot` records with Micrometer-convention metric names. The server stores them generically (ClickHouse `agent_metrics.metric_name`). The UI references specific names in `AgentInstance.tsx` for JVM charts.
+
+### JVM metrics (used by UI)
+
+| Metric name | UI usage |
+|---|---|
+| `process.cpu.usage.value` | CPU % stat card + chart |
+| `jvm.memory.used.value` | Heap MB stat card + chart (tags: `area=heap`) |
+| `jvm.memory.max.value` | Heap max for % calculation (tags: `area=heap`) |
+| `jvm.threads.live.value` | Thread count chart |
+| `jvm.gc.pause.total_time` | GC time chart |
+
+### Camel route metrics (stored, queried by dashboard)
+
+| Metric name | Type | Tags |
+|---|---|---|
+| `camel.exchanges.succeeded.count` | counter | `routeId`, `camelContext` |
+| `camel.exchanges.failed.count` | counter | `routeId`, `camelContext` |
+| `camel.exchanges.total.count` | counter | `routeId`, `camelContext` |
+| `camel.exchanges.failures.handled.count` | counter | `routeId`, `camelContext` |
+| `camel.route.policy.count` | count | `routeId`, `camelContext` |
+| `camel.route.policy.total_time` | total | `routeId`, `camelContext` |
+| `camel.route.policy.max` | gauge | `routeId`, `camelContext` |
+| `camel.routes.running.value` | gauge | — |
+
+Mean processing time = `camel.route.policy.total_time / camel.route.policy.count`. Min processing time is not available (Micrometer does not track minimums).
+
+### Cameleer agent metrics
+
+| Metric name | Type | Tags |
+|---|---|---|
+| `cameleer.chunks.exported.count` | counter | `instanceId` |
+| `cameleer.chunks.dropped.count` | counter | `instanceId`, `reason` |
+| `cameleer.sse.reconnects.count` | counter | `instanceId` |
+| `cameleer.taps.evaluated.count` | counter | `instanceId` |
+| `cameleer.metrics.exported.count` | counter | `instanceId` |

.claude/rules/ui.md

@@ -0,0 +1,43 @@
+---
+paths:
+  - "ui/**"
+---
+
+# UI Structure
+
+The UI has 4 main tabs: **Exchanges**, **Dashboard**, **Runtime**, **Deployments**.
+
+- **Exchanges** — route execution search and detail (`ui/src/pages/Exchanges/`)
+- **Dashboard** — metrics and stats with L1/L2/L3 drill-down (`ui/src/pages/DashboardTab/`)
+- **Runtime** — live agent status, logs, commands (`ui/src/pages/RuntimeTab/`). AgentHealth supports compact view (dense health-tinted cards) and expanded view (full GroupCard+DataTable per app). View mode persisted to localStorage.
+- **Deployments** — app management, JAR upload, deployment lifecycle (`ui/src/pages/AppsTab/`)
+  - Config sub-tabs: **Monitoring | Resources | Variables | Traces & Taps | Route Recording**
+  - Create app: full page at `/apps/new` (not a modal)
+  - Deployment progress: `ui/src/components/DeploymentProgress.tsx` (7-stage step indicator)
+
+**Admin pages** (ADMIN-only, under `/admin/`):
+- **Sensitive Keys** (`ui/src/pages/Admin/SensitiveKeysPage.tsx`) — global sensitive key masking config. Shows agent built-in defaults as outlined Badge reference, editable Tag pills for custom keys, amber-highlighted push-to-agents toggle. Keys add to (not replace) agent defaults. Per-app sensitive key additions managed via `ApplicationConfigController` API. Note: `AppConfigDetailPage.tsx` exists but is not routed in `router.tsx`.
+
+## Key UI Files
+
+- `ui/src/router.tsx` — React Router v6 routes
+- `ui/src/config.ts` — apiBaseUrl, basePath
+- `ui/src/auth/auth-store.ts` — Zustand: accessToken, user, roles, login/logout
+- `ui/src/api/environment-store.ts` — Zustand: selected environment (localStorage)
+- `ui/src/components/ContentTabs.tsx` — main tab switcher
+- `ui/src/components/ExecutionDiagram/` — interactive trace view (canvas)
+- `ui/src/components/ProcessDiagram/` — ELK-rendered route diagram
+- `ui/src/hooks/useScope.ts` — TabKey type, scope inference
+- `ui/src/components/StartupLogPanel.tsx` — deployment startup log viewer (container logs from ClickHouse, polls 3s while STARTING)
+- `ui/src/api/queries/logs.ts` — `useStartupLogs` hook for container startup log polling, `useLogs`/`useApplicationLogs` for general log search
+
+## UI Styling
+
+- Always use `@cameleer/design-system` CSS variables for colors (`var(--amber)`, `var(--error)`, `var(--success)`, etc.) — never hardcode hex values. This applies to CSS modules, inline styles, and SVG `fill`/`stroke` attributes. SVG presentation attributes resolve `var()` correctly. All colors use CSS variables (no hardcoded hex).
+- Shared CSS modules in `ui/src/styles/` (table-section, log-panel, rate-colors, refresh-indicator, chart-card, section-card) — import these instead of duplicating patterns.
+- Shared `PageLoader` component replaces copy-pasted spinner patterns.
+- Design system components used consistently: `Select`, `Tabs`, `Toggle`, `Button`, `LogViewer`, `Label` — prefer DS components over raw HTML elements. `LogViewer` renders optional source badges (`container`, `app`, `agent`) via `LogEntry.source` field (DS v0.1.49+).
+- Environment slugs are auto-computed from display name (read-only in UI).
+- Brand assets: `@cameleer/design-system/assets/` provides `camel-logo.svg` (currentColor), `cameleer-{16,32,48,192,512}.png`, and `cameleer-logo.png`. Copied to `ui/public/` for use as favicon (`favicon-16.png`, `favicon-32.png`) and logo (`camel-logo.svg` — login dialog 36px, sidebar 28x24px).
+- Sidebar generates `/exchanges/` paths directly (no legacy `/apps/` redirects). basePath is centralized in `ui/src/config.ts`; router.tsx imports it instead of re-reading `<base>` tag.
+- Global user preferences (environment selection) use Zustand stores with localStorage persistence — never URL search params. URL params are for page-specific state only (e.g. `?text=` search query). Switching environment resets all filters and remounts pages.

.gitea/sanitize-branch.sh

@@ -0,0 +1,11 @@
+#!/bin/sh
+# Shared branch slug sanitization for CI jobs.
+# Strips prefix (feature/, fix/, etc.), lowercases, replaces non-alphanum, truncates to 20 chars.
+sanitize_branch() {
+    echo "$1" | sed -E 's#^(feature|fix|feat|hotfix)/##' \
+      | tr '[:upper:]' '[:lower:]' \
+      | sed 's/[^a-z0-9-]/-/g' \
+      | sed 's/--*/-/g; s/^-//; s/-$//' \
+      | cut -c1-20 \
+      | sed 's/-$//'
+}

.gitea/workflows/ci.yml

@@ -14,16 +14,11 @@ jobs:
     runs-on: ubuntu-latest
     if: github.event_name != 'delete'
     container:
-      image: maven:3.9-eclipse-temurin-17
+      image: gitea.siegeln.net/cameleer/cameleer-build:1
+      credentials:
+        username: cameleer
+        password: ${{ secrets.REGISTRY_TOKEN }}
     steps:
-      - name: Install Node.js 22
-        run: |
-          apt-get update && apt-get install -y ca-certificates curl gnupg
-          mkdir -p /etc/apt/keyrings
-          curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg
-          echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_22.x nodistro main" > /etc/apt/sources.list.d/nodesource.list
-          apt-get update && apt-get install -y nodejs
-
       - uses: actions/checkout@v4
 
       - name: Configure Gitea Maven Registry
@@ -53,22 +48,28 @@ jobs:
       - name: Build UI
         working-directory: ui
         run: |
+          echo '//gitea.siegeln.net/api/packages/cameleer/npm/:_authToken=${REGISTRY_TOKEN}' >> .npmrc
           npm ci
           npm run build
+        env:
+          REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
+          VITE_APP_VERSION: ${{ github.sha }}
 
       - name: Build and Test
-        run: mvn clean verify -DskipITs --batch-mode
+        run: mvn clean verify -DskipITs -U --batch-mode
 
   docker:
     needs: build
     runs-on: ubuntu-latest
     if: github.event_name == 'push'
     container:
-      image: docker:27
+      image: gitea.siegeln.net/cameleer/cameleer-docker-builder:1
+      credentials:
+        username: cameleer
+        password: ${{ secrets.REGISTRY_TOKEN }}
     steps:
       - name: Checkout
         run: |
-          apk add --no-cache git
           git clone --depth=1 --branch=${GITHUB_REF_NAME} https://cameleer:${REGISTRY_TOKEN}@gitea.siegeln.net/${GITHUB_REPOSITORY}.git .
         env:
           REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
@@ -78,14 +79,7 @@ jobs:
           REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
       - name: Compute branch slug
         run: |
-          sanitize_branch() {
-            echo "$1" | sed -E 's#^(feature|fix|feat|hotfix)/##' \
-              | tr '[:upper:]' '[:lower:]' \
-              | sed 's/[^a-z0-9-]/-/g' \
-              | sed 's/--*/-/g; s/^-//; s/-$//' \
-              | cut -c1-20 \
-              | sed 's/-$//'
-          }
+          . .gitea/sanitize-branch.sh
           if [ "$GITHUB_REF_NAME" = "main" ]; then
             echo "BRANCH_SLUG=main" >> "$GITHUB_ENV"
             echo "IMAGE_TAGS=latest" >> "$GITHUB_ENV"
@@ -95,35 +89,37 @@ jobs:
             echo "IMAGE_TAGS=branch-$SLUG" >> "$GITHUB_ENV"
           fi
       - name: Set up QEMU for cross-platform builds
-        run: docker run --rm --privileged tonistiigi/binfmt --install all
+        run: docker run --rm --privileged gitea.siegeln.net/cameleer/binfmt:1 --install all
       - name: Build and push server
         run: |
           docker buildx create --use --name cibuilder
-          TAGS="-t gitea.siegeln.net/cameleer/cameleer3-server:${{ github.sha }}"
+          TAGS="-t gitea.siegeln.net/cameleer/cameleer-server:${{ github.sha }}"
           for TAG in $IMAGE_TAGS; do
-            TAGS="$TAGS -t gitea.siegeln.net/cameleer/cameleer3-server:$TAG"
+            TAGS="$TAGS -t gitea.siegeln.net/cameleer/cameleer-server:$TAG"
           done
           docker buildx build --platform linux/amd64 \
             --build-arg REGISTRY_TOKEN="$REGISTRY_TOKEN" \
             $TAGS \
-            --cache-from type=registry,ref=gitea.siegeln.net/cameleer/cameleer3-server:buildcache \
-            --cache-to type=registry,ref=gitea.siegeln.net/cameleer/cameleer3-server:buildcache,mode=max \
+            --cache-from type=registry,ref=gitea.siegeln.net/cameleer/cameleer-server:buildcache \
+            --cache-to type=registry,ref=gitea.siegeln.net/cameleer/cameleer-server:buildcache,mode=max \
             --provenance=false \
             --push .
         env:
           REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
       - name: Build and push UI
         run: |
-          TAGS="-t gitea.siegeln.net/cameleer/cameleer3-server-ui:${{ github.sha }}"
+          TAGS="-t gitea.siegeln.net/cameleer/cameleer-server-ui:${{ github.sha }}"
           for TAG in $IMAGE_TAGS; do
-            TAGS="$TAGS -t gitea.siegeln.net/cameleer/cameleer3-server-ui:$TAG"
+            TAGS="$TAGS -t gitea.siegeln.net/cameleer/cameleer-server-ui:$TAG"
           done
+          SHORT_SHA=$(echo "${{ github.sha }}" | cut -c1-7)
           docker buildx build --platform linux/amd64 \
             -f ui/Dockerfile \
             --build-arg REGISTRY_TOKEN="$REGISTRY_TOKEN" \
+            --build-arg VITE_APP_VERSION="$SHORT_SHA" \
             $TAGS \
-            --cache-from type=registry,ref=gitea.siegeln.net/cameleer/cameleer3-server-ui:buildcache \
-            --cache-to type=registry,ref=gitea.siegeln.net/cameleer/cameleer3-server-ui:buildcache,mode=max \
+            --cache-from type=registry,ref=gitea.siegeln.net/cameleer/cameleer-server-ui:buildcache \
+            --cache-to type=registry,ref=gitea.siegeln.net/cameleer/cameleer-server-ui:buildcache,mode=max \
             --provenance=false \
             --push ui/
         env:
@@ -133,7 +129,6 @@ jobs:
         if: always()
       - name: Cleanup old container images
         run: |
-          apk add --no-cache curl jq
           API="https://gitea.siegeln.net/api/v1"
           AUTH="Authorization: token ${REGISTRY_TOKEN}"
           CURRENT_SHA="${{ github.sha }}"
@@ -142,7 +137,7 @@ jobs:
           if [ "$BRANCH_SLUG" != "main" ]; then
             KEEP_TAGS="$KEEP_TAGS branch-$BRANCH_SLUG"
           fi
-          for PKG in cameleer3-server cameleer3-server-ui; do
+          for PKG in cameleer-server cameleer-server-ui; do
             curl -sf -H "$AUTH" "$API/packages/cameleer/container/$PKG" | \
               jq -r '.[] | "\(.id) \(.version)"' | \
               while read id version; do
@@ -197,49 +192,50 @@ jobs:
 
           kubectl create secret generic cameleer-auth \
             --namespace=cameleer \
-            --from-literal=CAMELEER_AUTH_TOKEN="$CAMELEER_AUTH_TOKEN" \
-            --from-literal=CAMELEER_UI_USER="${CAMELEER_UI_USER:-admin}" \
-            --from-literal=CAMELEER_UI_PASSWORD="${CAMELEER_UI_PASSWORD:-admin}" \
-            --from-literal=CAMELEER_JWT_SECRET="${CAMELEER_JWT_SECRET}" \
+            --from-literal=CAMELEER_SERVER_SECURITY_BOOTSTRAPTOKEN="$CAMELEER_AUTH_TOKEN" \
+            --from-literal=CAMELEER_SERVER_SECURITY_UIUSER="${CAMELEER_UI_USER:-admin}" \
+            --from-literal=CAMELEER_SERVER_SECURITY_UIPASSWORD="${CAMELEER_UI_PASSWORD:-admin}" \
+            --from-literal=CAMELEER_SERVER_SECURITY_JWTSECRET="${CAMELEER_JWT_SECRET}" \
             --dry-run=client -o yaml | kubectl apply -f -
 
-          kubectl create secret generic postgres-credentials \
+          kubectl create secret generic cameleer-postgres-credentials \
             --namespace=cameleer \
             --from-literal=POSTGRES_USER="$POSTGRES_USER" \
             --from-literal=POSTGRES_PASSWORD="$POSTGRES_PASSWORD" \
             --from-literal=POSTGRES_DB="${POSTGRES_DB:-cameleer}" \
             --dry-run=client -o yaml | kubectl apply -f -
 
-          kubectl create secret generic opensearch-credentials \
+          kubectl create secret generic cameleer-logto-credentials \
             --namespace=cameleer \
-            --from-literal=OPENSEARCH_USER="${OPENSEARCH_USER:-admin}" \
-            --from-literal=OPENSEARCH_PASSWORD="$OPENSEARCH_PASSWORD" \
+            --from-literal=PG_USER="${LOGTO_PG_USER:-logto}" \
+            --from-literal=PG_PASSWORD="${LOGTO_PG_PASSWORD}" \
+            --from-literal=ENDPOINT="${LOGTO_ENDPOINT}" \
+            --from-literal=ADMIN_ENDPOINT="${LOGTO_ADMIN_ENDPOINT}" \
             --dry-run=client -o yaml | kubectl apply -f -
 
-          kubectl create secret generic authentik-credentials \
+          kubectl create secret generic cameleer-clickhouse-credentials \
             --namespace=cameleer \
-            --from-literal=PG_USER="${AUTHENTIK_PG_USER:-authentik}" \
-            --from-literal=PG_PASSWORD="${AUTHENTIK_PG_PASSWORD}" \
-            --from-literal=AUTHENTIK_SECRET_KEY="${AUTHENTIK_SECRET_KEY}" \
+            --from-literal=CLICKHOUSE_USER="${CLICKHOUSE_USER:-default}" \
+            --from-literal=CLICKHOUSE_PASSWORD="$CLICKHOUSE_PASSWORD" \
             --dry-run=client -o yaml | kubectl apply -f -
 
-          kubectl apply -f deploy/postgres.yaml
-          kubectl -n cameleer rollout status statefulset/postgres --timeout=120s
+          kubectl apply -f deploy/cameleer-postgres.yaml
+          kubectl -n cameleer rollout status statefulset/cameleer-postgres --timeout=120s
 
-          kubectl apply -f deploy/opensearch.yaml
-          kubectl -n cameleer rollout status statefulset/opensearch --timeout=180s
+          kubectl apply -f deploy/cameleer-clickhouse.yaml
+          kubectl -n cameleer rollout status statefulset/cameleer-clickhouse --timeout=180s
 
-          kubectl apply -f deploy/authentik.yaml
-          kubectl -n cameleer rollout status deployment/authentik-server --timeout=180s
+          kubectl apply -f deploy/cameleer-logto.yaml
+          kubectl -n cameleer rollout status deployment/cameleer-logto --timeout=180s
 
           kubectl apply -k deploy/overlays/main
-          kubectl -n cameleer set image deployment/cameleer3-server \
-            server=gitea.siegeln.net/cameleer/cameleer3-server:${{ github.sha }}
-          kubectl -n cameleer rollout status deployment/cameleer3-server --timeout=120s
+          kubectl -n cameleer set image deployment/cameleer-server \
+            server=gitea.siegeln.net/cameleer/cameleer-server:${{ github.sha }}
+          kubectl -n cameleer rollout status deployment/cameleer-server --timeout=120s
 
-          kubectl -n cameleer set image deployment/cameleer3-ui \
-            ui=gitea.siegeln.net/cameleer/cameleer3-server-ui:${{ github.sha }}
-          kubectl -n cameleer rollout status deployment/cameleer3-ui --timeout=120s
+          kubectl -n cameleer set image deployment/cameleer-ui \
+            ui=gitea.siegeln.net/cameleer/cameleer-server-ui:${{ github.sha }}
+          kubectl -n cameleer rollout status deployment/cameleer-ui --timeout=120s
         env:
           REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
           CAMELEER_AUTH_TOKEN: ${{ secrets.CAMELEER_AUTH_TOKEN }}
@@ -249,11 +245,12 @@ jobs:
           POSTGRES_USER: ${{ secrets.POSTGRES_USER }}
           POSTGRES_PASSWORD: ${{ secrets.POSTGRES_PASSWORD }}
           POSTGRES_DB: ${{ secrets.POSTGRES_DB }}
-          OPENSEARCH_USER: ${{ secrets.OPENSEARCH_USER }}
-          OPENSEARCH_PASSWORD: ${{ secrets.OPENSEARCH_PASSWORD }}
-          AUTHENTIK_PG_USER: ${{ secrets.AUTHENTIK_PG_USER }}
-          AUTHENTIK_PG_PASSWORD: ${{ secrets.AUTHENTIK_PG_PASSWORD }}
-          AUTHENTIK_SECRET_KEY: ${{ secrets.AUTHENTIK_SECRET_KEY }}
+          LOGTO_PG_USER: ${{ secrets.LOGTO_PG_USER }}
+          LOGTO_PG_PASSWORD: ${{ secrets.LOGTO_PG_PASSWORD }}
+          LOGTO_ENDPOINT: ${{ secrets.LOGTO_ENDPOINT }}
+          LOGTO_ADMIN_ENDPOINT: ${{ secrets.LOGTO_ADMIN_ENDPOINT }}
+          CLICKHOUSE_USER: ${{ secrets.CLICKHOUSE_USER }}
+          CLICKHOUSE_PASSWORD: ${{ secrets.CLICKHOUSE_PASSWORD }}
 
   deploy-feature:
     needs: docker
@@ -275,14 +272,7 @@ jobs:
           KUBECONFIG_B64: ${{ secrets.KUBECONFIG_BASE64 }}
       - name: Compute branch variables
         run: |
-          sanitize_branch() {
-            echo "$1" | sed -E 's#^(feature|fix|feat|hotfix)/##' \
-              | tr '[:upper:]' '[:lower:]' \
-              | sed 's/[^a-z0-9-]/-/g' \
-              | sed 's/--*/-/g; s/^-//; s/-$//' \
-              | cut -c1-20 \
-              | sed 's/-$//'
-          }
+          . .gitea/sanitize-branch.sh
           SLUG=$(sanitize_branch "$GITHUB_REF_NAME")
           NS="cam-${SLUG}"
           SCHEMA="cam_$(echo $SLUG | tr '-' '_')"
@@ -293,7 +283,7 @@ jobs:
         run: kubectl create namespace "$BRANCH_NS" --dry-run=client -o yaml | kubectl apply -f -
       - name: Copy secrets from cameleer namespace
         run: |
-          for SECRET in gitea-registry postgres-credentials opensearch-credentials cameleer-auth; do
+          for SECRET in gitea-registry cameleer-postgres-credentials cameleer-clickhouse-credentials cameleer-auth; do
             kubectl get secret "$SECRET" -n cameleer -o json \
               | jq 'del(.metadata.namespace, .metadata.resourceVersion, .metadata.uid, .metadata.creationTimestamp, .metadata.managedFields)' \
               | kubectl apply -n "$BRANCH_NS" -f -
@@ -319,9 +309,9 @@ jobs:
           kubectl -n "$BRANCH_NS" wait --for=condition=complete job/init-schema --timeout=60s || \
             echo "Warning: init-schema job did not complete in time"
       - name: Wait for server rollout
-        run: kubectl -n "$BRANCH_NS" rollout status deployment/cameleer3-server --timeout=120s
+        run: kubectl -n "$BRANCH_NS" rollout status deployment/cameleer-server --timeout=120s
       - name: Wait for UI rollout
-        run: kubectl -n "$BRANCH_NS" rollout status deployment/cameleer3-ui --timeout=60s
+        run: kubectl -n "$BRANCH_NS" rollout status deployment/cameleer-ui --timeout=60s
       - name: Print deployment URLs
         run: |
           echo "===================================="
@@ -368,25 +358,16 @@ jobs:
             --namespace=cameleer \
             --image=postgres:16 \
             --restart=Never \
-            --env="PGPASSWORD=$(kubectl get secret postgres-credentials -n cameleer -o jsonpath='{.data.POSTGRES_PASSWORD}' | base64 -d)" \
-            --command -- sh -c "psql -h postgres -U $(kubectl get secret postgres-credentials -n cameleer -o jsonpath='{.data.POSTGRES_USER}' | base64 -d) -d cameleer3 -c 'DROP SCHEMA IF EXISTS ${BRANCH_SCHEMA} CASCADE'"
+            --env="PGPASSWORD=$(kubectl get secret cameleer-postgres-credentials -n cameleer -o jsonpath='{.data.POSTGRES_PASSWORD}' | base64 -d)" \
+            --command -- sh -c "psql -h cameleer-postgres -U $(kubectl get secret cameleer-postgres-credentials -n cameleer -o jsonpath='{.data.POSTGRES_USER}' | base64 -d) -d cameleer -c 'DROP SCHEMA IF EXISTS ${BRANCH_SCHEMA} CASCADE'"
           kubectl wait --for=condition=Ready pod/cleanup-schema-${BRANCH_SLUG} -n cameleer --timeout=30s || true
           kubectl wait --for=jsonpath='{.status.phase}'=Succeeded pod/cleanup-schema-${BRANCH_SLUG} -n cameleer --timeout=60s || true
           kubectl delete pod cleanup-schema-${BRANCH_SLUG} -n cameleer --ignore-not-found
-      - name: Delete OpenSearch indices
-        run: |
-          kubectl run cleanup-indices-${BRANCH_SLUG} \
-            --namespace=cameleer \
-            --image=curlimages/curl:latest \
-            --restart=Never \
-            --command -- curl -sf -X DELETE "http://opensearch:9200/cam-${BRANCH_SLUG}-*"
-          kubectl wait --for=jsonpath='{.status.phase}'=Succeeded pod/cleanup-indices-${BRANCH_SLUG} -n cameleer --timeout=60s || true
-          kubectl delete pod cleanup-indices-${BRANCH_SLUG} -n cameleer --ignore-not-found
       - name: Cleanup Docker images
         run: |
           API="https://gitea.siegeln.net/api/v1"
           AUTH="Authorization: token ${REGISTRY_TOKEN}"
-          for PKG in cameleer3-server cameleer3-server-ui; do
+          for PKG in cameleer-server cameleer-server-ui; do
             # Delete branch-specific tag
             curl -sf -X DELETE -H "$AUTH" "$API/packages/cameleer/container/$PKG/branch-${BRANCH_SLUG}" || true
           done

.gitea/workflows/sonarqube.yml

@@ -0,0 +1,63 @@
+name: SonarQube
+
+on:
+  schedule:
+    - cron: '0 2 * * *'
+  workflow_dispatch:
+
+jobs:
+  sonarqube:
+    runs-on: ubuntu-latest
+    container:
+      image: gitea.siegeln.net/cameleer/cameleer-build:1
+      credentials:
+        username: cameleer
+        password: ${{ secrets.REGISTRY_TOKEN }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Configure Gitea Maven Registry
+        run: |
+          mkdir -p ~/.m2
+          cat > ~/.m2/settings.xml << 'SETTINGS'
+          <settings>
+            <servers>
+              <server>
+                <id>gitea</id>
+                <username>cameleer</username>
+                <password>${env.REGISTRY_TOKEN}</password>
+              </server>
+            </servers>
+          </settings>
+          SETTINGS
+        env:
+          REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
+
+      - name: Cache Maven dependencies
+        uses: actions/cache@v4
+        with:
+          path: ~/.m2/repository
+          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-maven-
+
+      - name: Install UI dependencies
+        working-directory: ui
+        run: |
+          echo '//gitea.siegeln.net/api/packages/cameleer/npm/:_authToken=${REGISTRY_TOKEN}' >> .npmrc
+          npm ci
+        env:
+          REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
+
+      - name: Lint UI
+        working-directory: ui
+        run: npm run lint -- --format json --output-file eslint-report.json || true
+
+      - name: Build, Test and Analyze
+        run: |
+          mvn clean verify sonar:sonar -DskipITs -U --batch-mode \
+            -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \
+            -Dsonar.token=${{ secrets.SONAR_TOKEN }} \
+            -Dsonar.projectKey=cameleer-server \
+            -Dsonar.projectName="Cameleer Server"

.gitignore

@@ -38,4 +38,9 @@ Thumbs.db
 logs/
 
 # Claude
-.claude/
+.claude/*
+!.claude/rules/
+.superpowers/
+.playwright-mcp/
+.worktrees/
+.gitnexus

.planning/PROJECT.md

@@ -1,8 +1,8 @@
-# Cameleer3 Server
+# Cameleer Server
 
 ## What This Is
 
-An observability server that receives, stores, and serves Apache Camel route execution data from distributed Cameleer3 agents. Think njams Server (by Integration Matters) — but built incrementally, API-first, with a modern stack. Users can search through millions of recorded transactions by state, time, duration, full text, and correlate executions across multiple Camel instances. The server also pushes configuration, tracing controls, and ad-hoc commands to agents via SSE.
+An observability server that receives, stores, and serves Apache Camel route execution data from distributed Cameleer agents. Think njams Server (by Integration Matters) — but built incrementally, API-first, with a modern stack. Users can search through millions of recorded transactions by state, time, duration, full text, and correlate executions across multiple Camel instances. The server also pushes configuration, tracing controls, and ad-hoc commands to agents via SSE.
 
 ## Core Value
 
@@ -16,7 +16,7 @@ Users can reliably search and find any transaction across all connected Camel in
 
 ### Active
 
-- [ ] Receive and ingest transaction/activity data from Cameleer3 agents via HTTP POST
+- [ ] Receive and ingest transaction/activity data from Cameleer agents via HTTP POST
 - [ ] Store transactions in a high-volume, horizontally scalable data store with 30-day retention
 - [ ] Search transactions by state, execution date/time, duration, and full-text content
 - [ ] Correlate activities across multiple routes and Camel instances within a single transaction
@@ -38,8 +38,8 @@ Users can reliably search and find any transaction across all connected Camel in
 
 ## Context
 
-- **Agent side**: cameleer3 agent (`https://gitea.siegeln.net/cameleer/cameleer3`) is under active development; already supports creating diagrams and capturing executions
-- **Shared library**: `com.cameleer3:cameleer3-common` contains shared models and the graph API; protocol defined in `cameleer3-common/PROTOCOL.md`
+- **Agent side**: cameleer agent (`https://gitea.siegeln.net/cameleer/cameleer`) is under active development; already supports creating diagrams and capturing executions
+- **Shared library**: `com.cameleer:cameleer-common` contains shared models and the graph API; protocol defined in `cameleer-common/PROTOCOL.md`
 - **Data model**: Hierarchical — a **transaction** represents a message's full journey, containing **activities** per route execution. Transactions can span multiple Camel instances (e.g., route A calls route B on another instance via endpoint)
 - **Scale target**: Millions of transactions per day, 50+ connected agents, 30-day data retention
 - **Query pattern**: Incident-driven — mostly recent data queries, with deep historical dives during incidents
@@ -49,7 +49,7 @@ Users can reliably search and find any transaction across all connected Camel in
 ## Constraints
 
 - **Tech stack**: Java 17+, Spring Boot 3.4.3, Maven multi-module — already established
-- **Dependency**: Must consume `com.cameleer3:cameleer3-common` from Gitea Maven registry
+- **Dependency**: Must consume `com.cameleer:cameleer-common` from Gitea Maven registry
 - **Protocol**: Agent protocol is still evolving — server must adapt as it stabilizes
 - **Incremental delivery**: Build step by step; storage and search first, then layer features on top
 

.planning/REQUIREMENTS.md

@@ -1,4 +1,4 @@
-# Requirements: Cameleer3 Server
+# Requirements: Cameleer Server
 
 **Defined:** 2026-03-11
 **Core Value:** Users can reliably search and find any transaction across all connected Camel instances — by any combination of state, time, duration, or content — even at millions of transactions per day with 30-day retention.

.planning/ROADMAP.md

@@ -1,4 +1,4 @@
-# Roadmap: Cameleer3 Server
+# Roadmap: Cameleer Server
 
 ## Overview
 

.planning/STATE.md

@@ -75,7 +75,7 @@ Recent decisions affecting current work:
 - [Roadmap]: Phases 2 and 3 can execute in parallel (both depend only on Phase 1)
 - [Roadmap]: Web UI deferred to v2
 - [Phase 01]: Used spring-boot-starter-jdbc for JdbcTemplate + HikariCP auto-config
-- [Phase 01]: Created MetricsSnapshot record in core module (cameleer3-common has no metrics model)
+- [Phase 01]: Created MetricsSnapshot record in core module (cameleer-common has no metrics model)
 - [Phase 01]: Upgraded testcontainers to 2.0.3 for Docker Desktop 29.x compatibility
 - [Phase 01]: Changed error_message/error_stacktrace to non-nullable String for tokenbf_v1 index compat
 - [Phase 01]: TTL expressions require toDateTime() cast for DateTime64 columns in ClickHouse 25.3
@@ -121,7 +121,7 @@ None yet.
 ### Blockers/Concerns
 
 - [Phase 1]: ClickHouse Java client API needs phase-specific research (library has undergone changes)
-- [Phase 1]: Must read cameleer3-common PROTOCOL.md before designing ClickHouse schema
+- [Phase 1]: Must read cameleer-common PROTOCOL.md before designing ClickHouse schema
 - [Phase 2]: Diagram rendering library selection is an open question (Batik, jsvg, JGraphX, or client-side)
 - [Phase 2]: ClickHouse skip indexes may not suffice for full-text; decision point during Phase 2
 

.planning/phases/01-ingestion-pipeline-api-foundation/01-01-PLAN.md

@@ -6,18 +6,18 @@ wave: 1
 depends_on: []
 files_modified:
   - pom.xml
-  - cameleer3-server-core/pom.xml
-  - cameleer3-server-app/pom.xml
+  - cameleer-server-core/pom.xml
+  - cameleer-server-app/pom.xml
   - docker-compose.yml
   - clickhouse/init/01-schema.sql
-  - cameleer3-server-app/src/main/resources/application.yml
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/ClickHouseConfig.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/IngestionConfig.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/ingestion/WriteBuffer.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/storage/ExecutionRepository.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/storage/DiagramRepository.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/storage/MetricsRepository.java
-  - cameleer3-server-core/src/test/java/com/cameleer3/server/core/ingestion/WriteBufferTest.java
+  - cameleer-server-app/src/main/resources/application.yml
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/config/ClickHouseConfig.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/config/IngestionConfig.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/ingestion/WriteBuffer.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/storage/ExecutionRepository.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/storage/DiagramRepository.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/storage/MetricsRepository.java
+  - cameleer-server-core/src/test/java/com/cameleer/server/core/ingestion/WriteBufferTest.java
 autonomous: true
 requirements:
   - INGST-04
@@ -32,7 +32,7 @@ must_haves:
     - "TTL clause on tables removes data older than configured days"
     - "Docker Compose starts ClickHouse and initializes the schema"
   artifacts:
-    - path: "cameleer3-server-core/src/main/java/com/cameleer3/server/core/ingestion/WriteBuffer.java"
+    - path: "cameleer-server-core/src/main/java/com/cameleer/server/core/ingestion/WriteBuffer.java"
       provides: "Generic bounded write buffer with offer/drain/isFull"
       min_lines: 30
     - path: "clickhouse/init/01-schema.sql"
@@ -41,15 +41,15 @@ must_haves:
     - path: "docker-compose.yml"
       provides: "Local ClickHouse service"
       contains: "clickhouse-server"
-    - path: "cameleer3-server-core/src/main/java/com/cameleer3/server/core/storage/ExecutionRepository.java"
+    - path: "cameleer-server-core/src/main/java/com/cameleer/server/core/storage/ExecutionRepository.java"
       provides: "Repository interface for execution batch inserts"
       exports: ["insertBatch"]
   key_links:
-    - from: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/ClickHouseConfig.java"
+    - from: "cameleer-server-app/src/main/java/com/cameleer/server/app/config/ClickHouseConfig.java"
       to: "application.yml"
       via: "spring.datasource properties"
       pattern: "spring\\.datasource"
-    - from: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/IngestionConfig.java"
+    - from: "cameleer-server-app/src/main/java/com/cameleer/server/app/config/IngestionConfig.java"
       to: "application.yml"
       via: "ingestion.* properties"
       pattern: "ingestion\\."
@@ -74,8 +74,8 @@ Output: Working ClickHouse via Docker Compose, DDL with TTL, WriteBuffer with un
 @.planning/phases/01-ingestion-pipeline-api-foundation/01-RESEARCH.md
 
 @pom.xml
-@cameleer3-server-core/pom.xml
-@cameleer3-server-app/pom.xml
+@cameleer-server-core/pom.xml
+@cameleer-server-app/pom.xml
 </context>
 
 <tasks>
@@ -84,11 +84,11 @@ Output: Working ClickHouse via Docker Compose, DDL with TTL, WriteBuffer with un
   <name>Task 1: Dependencies, Docker Compose, ClickHouse schema, and application config</name>
   <files>
     pom.xml,
-    cameleer3-server-core/pom.xml,
-    cameleer3-server-app/pom.xml,
+    cameleer-server-core/pom.xml,
+    cameleer-server-app/pom.xml,
     docker-compose.yml,
     clickhouse/init/01-schema.sql,
-    cameleer3-server-app/src/main/resources/application.yml
+    cameleer-server-app/src/main/resources/application.yml
   </files>
   <behavior>
     - docker compose up -d starts ClickHouse on ports 8123/9000
@@ -101,7 +101,7 @@ Output: Working ClickHouse via Docker Compose, DDL with TTL, WriteBuffer with un
     - Maven compile succeeds with new dependencies
   </behavior>
   <action>
-    1. Add dependencies to cameleer3-server-app/pom.xml per research:
+    1. Add dependencies to cameleer-server-app/pom.xml per research:
        - clickhouse-jdbc 0.9.7 (classifier: all)
        - spring-boot-starter-actuator
        - springdoc-openapi-starter-webmvc-ui 2.8.6
@@ -109,13 +109,13 @@ Output: Working ClickHouse via Docker Compose, DDL with TTL, WriteBuffer with un
        - junit-jupiter from testcontainers 2.0.2 (test scope)
        - awaitility (test scope)
 
-    2. Add slf4j-api dependency to cameleer3-server-core/pom.xml.
+    2. Add slf4j-api dependency to cameleer-server-core/pom.xml.
 
     3. Create docker-compose.yml at project root with ClickHouse service:
        - Image: clickhouse/clickhouse-server:25.3
        - Ports: 8123:8123, 9000:9000
        - Volume mount ./clickhouse/init to /docker-entrypoint-initdb.d
-       - Environment: CLICKHOUSE_USER=cameleer, CLICKHOUSE_PASSWORD=cameleer_dev, CLICKHOUSE_DB=cameleer3
+       - Environment: CLICKHOUSE_USER=cameleer, CLICKHOUSE_PASSWORD=cameleer_dev, CLICKHOUSE_DB=cameleer
        - ulimits nofile 262144
 
     4. Create clickhouse/init/01-schema.sql with the three tables from research:
@@ -124,9 +124,9 @@ Output: Working ClickHouse via Docker Compose, DDL with TTL, WriteBuffer with un
        - agent_metrics: MergeTree, daily partitioning on collected_at, ORDER BY (agent_id, metric_name, collected_at), TTL collected_at + INTERVAL 30 DAY, SETTINGS ttl_only_drop_parts=1.
        - All DateTime fields use DateTime64(3, 'UTC').
 
-    5. Create cameleer3-server-app/src/main/resources/application.yml with config from research:
+    5. Create cameleer-server-app/src/main/resources/application.yml with config from research:
        - server.port: 8081
-       - spring.datasource: url=jdbc:ch://localhost:8123/cameleer3, username/password, driver-class-name
+       - spring.datasource: url=jdbc:ch://localhost:8123/cameleer, username/password, driver-class-name
        - spring.jackson: write-dates-as-timestamps=false, fail-on-unknown-properties=false
        - ingestion: buffer-capacity=50000, batch-size=5000, flush-interval-ms=1000
        - clickhouse.ttl-days: 30
@@ -144,13 +144,13 @@ Output: Working ClickHouse via Docker Compose, DDL with TTL, WriteBuffer with un
 <task type="auto" tdd="true">
   <name>Task 2: WriteBuffer, repository interfaces, IngestionConfig, and ClickHouseConfig</name>
   <files>
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/ingestion/WriteBuffer.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/storage/ExecutionRepository.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/storage/DiagramRepository.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/storage/MetricsRepository.java,
-    cameleer3-server-core/src/test/java/com/cameleer3/server/core/ingestion/WriteBufferTest.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/ClickHouseConfig.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/IngestionConfig.java
+    cameleer-server-core/src/main/java/com/cameleer/server/core/ingestion/WriteBuffer.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/storage/ExecutionRepository.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/storage/DiagramRepository.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/storage/MetricsRepository.java,
+    cameleer-server-core/src/test/java/com/cameleer/server/core/ingestion/WriteBufferTest.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/config/ClickHouseConfig.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/config/IngestionConfig.java
   </files>
   <behavior>
     - WriteBuffer(capacity=10): offer() returns true for first 10 items, false on 11th
@@ -181,7 +181,7 @@ Output: Working ClickHouse via Docker Compose, DDL with TTL, WriteBuffer with un
     3. Create repository interfaces in core module:
        - ExecutionRepository: void insertBatch(List<RouteExecution> executions)
        - DiagramRepository: void store(RouteGraph graph), Optional<RouteGraph> findByContentHash(String hash), Optional<String> findContentHashForRoute(String routeId, String agentId)
-       - MetricsRepository: void insertBatch(List<MetricsSnapshot> metrics) -- use a generic type or the cameleer3-common metrics model if available; if not, create a simple MetricsData record in core module
+       - MetricsRepository: void insertBatch(List<MetricsSnapshot> metrics) -- use a generic type or the cameleer-common metrics model if available; if not, create a simple MetricsData record in core module
 
     4. Create IngestionConfig as @ConfigurationProperties("ingestion"):
        - bufferCapacity (int, default 50000)
@@ -193,7 +193,7 @@ Output: Working ClickHouse via Docker Compose, DDL with TTL, WriteBuffer with un
        - No custom bean needed if relying on auto-config; only create if explicit JdbcTemplate customization required
   </action>
   <verify>
-    <automated>mvn test -pl cameleer3-server-core -Dtest=WriteBufferTest -q 2>&1 | tail -10</automated>
+    <automated>mvn test -pl cameleer-server-core -Dtest=WriteBufferTest -q 2>&1 | tail -10</automated>
   </verify>
   <done>WriteBuffer passes all unit tests. Repository interfaces exist with correct method signatures. IngestionConfig reads from application.yml.</done>
 </task>
@@ -201,7 +201,7 @@ Output: Working ClickHouse via Docker Compose, DDL with TTL, WriteBuffer with un
 </tasks>
 
 <verification>
-- `mvn test -pl cameleer3-server-core -q` -- all WriteBuffer unit tests pass
+- `mvn test -pl cameleer-server-core -q` -- all WriteBuffer unit tests pass
 - `mvn clean compile -q` -- full project compiles with new dependencies
 - `docker compose config` -- validates Docker Compose file
 - clickhouse/init/01-schema.sql contains CREATE TABLE for all three tables with correct ENGINE, ORDER BY, PARTITION BY, and TTL

.planning/phases/01-ingestion-pipeline-api-foundation/01-01-SUMMARY.md

@@ -26,22 +26,22 @@ key-files:
   created:
     - docker-compose.yml
     - clickhouse/init/01-schema.sql
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/ingestion/WriteBuffer.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/storage/ExecutionRepository.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/storage/DiagramRepository.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/storage/MetricsRepository.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/storage/model/MetricsSnapshot.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/IngestionConfig.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/ClickHouseConfig.java
-    - cameleer3-server-core/src/test/java/com/cameleer3/server/core/ingestion/WriteBufferTest.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/ingestion/WriteBuffer.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/storage/ExecutionRepository.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/storage/DiagramRepository.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/storage/MetricsRepository.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/storage/model/MetricsSnapshot.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/config/IngestionConfig.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/config/ClickHouseConfig.java
+    - cameleer-server-core/src/test/java/com/cameleer/server/core/ingestion/WriteBufferTest.java
   modified:
-    - cameleer3-server-core/pom.xml
-    - cameleer3-server-app/pom.xml
-    - cameleer3-server-app/src/main/resources/application.yml
+    - cameleer-server-core/pom.xml
+    - cameleer-server-app/pom.xml
+    - cameleer-server-app/src/main/resources/application.yml
 
 key-decisions:
   - "Used spring-boot-starter-jdbc for JdbcTemplate + HikariCP auto-config rather than manual DataSource"
-  - "Created MetricsSnapshot record in core module since cameleer3-common has no metrics model"
+  - "Created MetricsSnapshot record in core module since cameleer-common has no metrics model"
   - "ClickHouseConfig exposes JdbcTemplate bean; relies on Spring Boot DataSource auto-config"
 
 patterns-established:
@@ -84,21 +84,21 @@ Each task was committed atomically:
 ## Files Created/Modified
 - `docker-compose.yml` - ClickHouse service with ports 8123/9000, init volume mount
 - `clickhouse/init/01-schema.sql` - DDL for route_executions, route_diagrams, agent_metrics
-- `cameleer3-server-core/src/main/java/.../ingestion/WriteBuffer.java` - Bounded queue with offer/offerBatch/drain
-- `cameleer3-server-core/src/main/java/.../storage/ExecutionRepository.java` - Batch insert interface for RouteExecution
-- `cameleer3-server-core/src/main/java/.../storage/DiagramRepository.java` - Store/find interface for RouteGraph
-- `cameleer3-server-core/src/main/java/.../storage/MetricsRepository.java` - Batch insert interface for MetricsSnapshot
-- `cameleer3-server-core/src/main/java/.../storage/model/MetricsSnapshot.java` - Metrics data record
-- `cameleer3-server-app/src/main/java/.../config/IngestionConfig.java` - Buffer capacity, batch size, flush interval
-- `cameleer3-server-app/src/main/java/.../config/ClickHouseConfig.java` - JdbcTemplate bean
-- `cameleer3-server-core/src/test/java/.../ingestion/WriteBufferTest.java` - 10 unit tests for WriteBuffer
-- `cameleer3-server-core/pom.xml` - Added slf4j-api
-- `cameleer3-server-app/pom.xml` - Added clickhouse-jdbc, springdoc, actuator, testcontainers, awaitility
-- `cameleer3-server-app/src/main/resources/application.yml` - Full config with datasource, ingestion, springdoc, actuator
+- `cameleer-server-core/src/main/java/.../ingestion/WriteBuffer.java` - Bounded queue with offer/offerBatch/drain
+- `cameleer-server-core/src/main/java/.../storage/ExecutionRepository.java` - Batch insert interface for RouteExecution
+- `cameleer-server-core/src/main/java/.../storage/DiagramRepository.java` - Store/find interface for RouteGraph
+- `cameleer-server-core/src/main/java/.../storage/MetricsRepository.java` - Batch insert interface for MetricsSnapshot
+- `cameleer-server-core/src/main/java/.../storage/model/MetricsSnapshot.java` - Metrics data record
+- `cameleer-server-app/src/main/java/.../config/IngestionConfig.java` - Buffer capacity, batch size, flush interval
+- `cameleer-server-app/src/main/java/.../config/ClickHouseConfig.java` - JdbcTemplate bean
+- `cameleer-server-core/src/test/java/.../ingestion/WriteBufferTest.java` - 10 unit tests for WriteBuffer
+- `cameleer-server-core/pom.xml` - Added slf4j-api
+- `cameleer-server-app/pom.xml` - Added clickhouse-jdbc, springdoc, actuator, testcontainers, awaitility
+- `cameleer-server-app/src/main/resources/application.yml` - Full config with datasource, ingestion, springdoc, actuator
 
 ## Decisions Made
 - Used spring-boot-starter-jdbc to get JdbcTemplate and HikariCP auto-configuration rather than manually wiring a DataSource
-- Created MetricsSnapshot record in core module since cameleer3-common does not include a metrics model
+- Created MetricsSnapshot record in core module since cameleer-common does not include a metrics model
 - ClickHouseConfig is minimal -- relies on Spring Boot auto-configuring DataSource from spring.datasource properties
 
 ## Deviations from Plan

.planning/phases/01-ingestion-pipeline-api-foundation/01-02-PLAN.md

@@ -5,18 +5,18 @@ type: execute
 wave: 3
 depends_on: ["01-01", "01-03"]
 files_modified:
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/ExecutionController.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/DiagramController.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/MetricsController.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseDiagramRepository.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseMetricsRepository.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/ingestion/ClickHouseFlushScheduler.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/ingestion/IngestionService.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/ExecutionControllerIT.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/DiagramControllerIT.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/MetricsControllerIT.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/BackpressureIT.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/ExecutionController.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/DiagramController.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/MetricsController.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseDiagramRepository.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseMetricsRepository.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/ingestion/ClickHouseFlushScheduler.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/ingestion/IngestionService.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/ExecutionControllerIT.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/DiagramControllerIT.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/MetricsControllerIT.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/BackpressureIT.java
 autonomous: true
 requirements:
   - INGST-01
@@ -32,16 +32,16 @@ must_haves:
     - "Data posted to endpoints appears in ClickHouse after flush interval"
     - "When buffer is full, endpoints return 503 with Retry-After header"
   artifacts:
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/ExecutionController.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/controller/ExecutionController.java"
       provides: "POST /api/v1/data/executions endpoint"
       min_lines: 20
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java"
       provides: "Batch insert to route_executions table via JdbcTemplate"
       min_lines: 30
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/ingestion/ClickHouseFlushScheduler.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/ingestion/ClickHouseFlushScheduler.java"
       provides: "Scheduled drain of WriteBuffer into ClickHouse"
       min_lines: 20
-    - path: "cameleer3-server-core/src/main/java/com/cameleer3/server/core/ingestion/IngestionService.java"
+    - path: "cameleer-server-core/src/main/java/com/cameleer/server/core/ingestion/IngestionService.java"
       provides: "Routes data to appropriate WriteBuffer instances"
       min_lines: 20
   key_links:
@@ -92,7 +92,7 @@ Output: Working ingestion flow verified by integration tests against Testcontain
 
 <!-- Interfaces from Plan 01 that this plan depends on -->
 <interfaces>
-From cameleer3-server-core WriteBuffer.java:
+From cameleer-server-core WriteBuffer.java:
 ```java
 public class WriteBuffer<T> {
     public WriteBuffer(int capacity);
@@ -106,7 +106,7 @@ public class WriteBuffer<T> {
 }
 ```
 
-From cameleer3-server-core repository interfaces:
+From cameleer-server-core repository interfaces:
 ```java
 public interface ExecutionRepository {
     void insertBatch(List<RouteExecution> executions);
@@ -138,11 +138,11 @@ public class IngestionConfig {
 <task type="auto" tdd="false">
   <name>Task 1: IngestionService, ClickHouse repositories, and flush scheduler</name>
   <files>
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/ingestion/IngestionService.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseDiagramRepository.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseMetricsRepository.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/ingestion/ClickHouseFlushScheduler.java
+    cameleer-server-core/src/main/java/com/cameleer/server/core/ingestion/IngestionService.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseDiagramRepository.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseMetricsRepository.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/ingestion/ClickHouseFlushScheduler.java
   </files>
   <action>
     1. Create IngestionService in core module (no Spring annotations -- it's a plain class):
@@ -188,13 +188,13 @@ public class IngestionConfig {
 <task type="auto" tdd="true">
   <name>Task 2: Ingestion REST controllers and integration tests</name>
   <files>
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/ExecutionController.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/DiagramController.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/MetricsController.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/ExecutionControllerIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/DiagramControllerIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/MetricsControllerIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/BackpressureIT.java
+    cameleer-server-app/src/main/java/com/cameleer/server/app/controller/ExecutionController.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/controller/DiagramController.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/controller/MetricsController.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/ExecutionControllerIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/DiagramControllerIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/MetricsControllerIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/BackpressureIT.java
   </files>
   <behavior>
     - POST /api/v1/data/executions with single RouteExecution JSON returns 202
@@ -245,7 +245,7 @@ public class IngestionConfig {
     Note: All integration tests must include X-Cameleer-Protocol-Version:1 header (API-04 will be enforced by Plan 03's interceptor, but include the header now for forward compatibility).
   </action>
   <verify>
-    <automated>mvn test -pl cameleer3-server-app -Dtest="ExecutionControllerIT,DiagramControllerIT,MetricsControllerIT,BackpressureIT" -q 2>&1 | tail -15</automated>
+    <automated>mvn test -pl cameleer-server-app -Dtest="ExecutionControllerIT,DiagramControllerIT,MetricsControllerIT,BackpressureIT" -q 2>&1 | tail -15</automated>
   </verify>
   <done>All three ingestion endpoints return 202 on valid data. Data arrives in ClickHouse after flush. Buffer-full returns 503 with Retry-After. Unknown JSON fields accepted. Integration tests green.</done>
 </task>
@@ -253,7 +253,7 @@ public class IngestionConfig {
 </tasks>
 
 <verification>
-- `mvn test -pl cameleer3-server-app -Dtest="ExecutionControllerIT,DiagramControllerIT,MetricsControllerIT,BackpressureIT" -q` -- all integration tests pass
+- `mvn test -pl cameleer-server-app -Dtest="ExecutionControllerIT,DiagramControllerIT,MetricsControllerIT,BackpressureIT" -q` -- all integration tests pass
 - POST to /api/v1/data/executions returns 202
 - POST to /api/v1/data/diagrams returns 202
 - POST to /api/v1/data/metrics returns 202

.planning/phases/01-ingestion-pipeline-api-foundation/01-02-SUMMARY.md

@@ -30,21 +30,21 @@ tech-stack:
 
 key-files:
   created:
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/ingestion/IngestionService.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseDiagramRepository.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseMetricsRepository.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/ingestion/ClickHouseFlushScheduler.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/IngestionBeanConfig.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/ExecutionController.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/DiagramController.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/MetricsController.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/ExecutionControllerIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/DiagramControllerIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/MetricsControllerIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/BackpressureIT.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/ingestion/IngestionService.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseDiagramRepository.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseMetricsRepository.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/ingestion/ClickHouseFlushScheduler.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/config/IngestionBeanConfig.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/ExecutionController.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/DiagramController.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/MetricsController.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/ExecutionControllerIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/DiagramControllerIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/MetricsControllerIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/BackpressureIT.java
   modified:
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/IngestionConfig.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/config/IngestionConfig.java
 
 key-decisions:
   - "Controllers accept raw String body and detect single vs array JSON to support both payload formats"
@@ -91,20 +91,20 @@ Each task was committed atomically:
 3. **Task 2 GREEN: Ingestion REST controllers with backpressure** - `8fe65f0` (feat)
 
 ## Files Created/Modified
-- `cameleer3-server-core/.../ingestion/IngestionService.java` - Routes data to WriteBuffer instances
-- `cameleer3-server-app/.../storage/ClickHouseExecutionRepository.java` - Batch insert with parallel processor arrays
-- `cameleer3-server-app/.../storage/ClickHouseDiagramRepository.java` - JSON storage with SHA-256 content-hash dedup
-- `cameleer3-server-app/.../storage/ClickHouseMetricsRepository.java` - Batch insert for agent_metrics
-- `cameleer3-server-app/.../ingestion/ClickHouseFlushScheduler.java` - Scheduled drain + SmartLifecycle shutdown
-- `cameleer3-server-app/.../config/IngestionBeanConfig.java` - WriteBuffer and IngestionService bean wiring
-- `cameleer3-server-app/.../controller/ExecutionController.java` - POST /api/v1/data/executions
-- `cameleer3-server-app/.../controller/DiagramController.java` - POST /api/v1/data/diagrams
-- `cameleer3-server-app/.../controller/MetricsController.java` - POST /api/v1/data/metrics
-- `cameleer3-server-app/.../config/IngestionConfig.java` - Removed @Configuration (fix duplicate bean)
-- `cameleer3-server-app/.../controller/ExecutionControllerIT.java` - 4 tests: single, array, flush, unknown fields
-- `cameleer3-server-app/.../controller/DiagramControllerIT.java` - 3 tests: single, array, flush
-- `cameleer3-server-app/.../controller/MetricsControllerIT.java` - 2 tests: POST, flush
-- `cameleer3-server-app/.../controller/BackpressureIT.java` - 2 tests: 503 response, data not lost
+- `cameleer-server-core/.../ingestion/IngestionService.java` - Routes data to WriteBuffer instances
+- `cameleer-server-app/.../storage/ClickHouseExecutionRepository.java` - Batch insert with parallel processor arrays
+- `cameleer-server-app/.../storage/ClickHouseDiagramRepository.java` - JSON storage with SHA-256 content-hash dedup
+- `cameleer-server-app/.../storage/ClickHouseMetricsRepository.java` - Batch insert for agent_metrics
+- `cameleer-server-app/.../ingestion/ClickHouseFlushScheduler.java` - Scheduled drain + SmartLifecycle shutdown
+- `cameleer-server-app/.../config/IngestionBeanConfig.java` - WriteBuffer and IngestionService bean wiring
+- `cameleer-server-app/.../controller/ExecutionController.java` - POST /api/v1/data/executions
+- `cameleer-server-app/.../controller/DiagramController.java` - POST /api/v1/data/diagrams
+- `cameleer-server-app/.../controller/MetricsController.java` - POST /api/v1/data/metrics
+- `cameleer-server-app/.../config/IngestionConfig.java` - Removed @Configuration (fix duplicate bean)
+- `cameleer-server-app/.../controller/ExecutionControllerIT.java` - 4 tests: single, array, flush, unknown fields
+- `cameleer-server-app/.../controller/DiagramControllerIT.java` - 3 tests: single, array, flush
+- `cameleer-server-app/.../controller/MetricsControllerIT.java` - 2 tests: POST, flush
+- `cameleer-server-app/.../controller/BackpressureIT.java` - 2 tests: 503 response, data not lost
 
 ## Decisions Made
 - Controllers accept raw String body and detect single vs array JSON (starts with `[`), supporting both payload formats per protocol spec
@@ -119,7 +119,7 @@ Each task was committed atomically:
 - **Found during:** Task 2 (integration test context startup)
 - **Issue:** IngestionConfig had both `@Configuration` and `@ConfigurationProperties`, while `@EnableConfigurationProperties(IngestionConfig.class)` on the app class created a second bean, causing "expected single matching bean but found 2"
 - **Fix:** Removed `@Configuration` from IngestionConfig, relying solely on `@EnableConfigurationProperties`
-- **Files modified:** cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/IngestionConfig.java
+- **Files modified:** cameleer-server-app/src/main/java/com/cameleer/server/app/config/IngestionConfig.java
 - **Verification:** Application context starts successfully, all tests pass
 - **Committed in:** 8fe65f0
 

.planning/phases/01-ingestion-pipeline-api-foundation/01-03-PLAN.md

@@ -5,15 +5,15 @@ type: execute
 wave: 2
 depends_on: ["01-01"]
 files_modified:
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/interceptor/ProtocolVersionInterceptor.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/WebConfig.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/Cameleer3ServerApplication.java
-  - cameleer3-server-app/src/test/resources/application-test.yml
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/AbstractClickHouseIT.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/interceptor/ProtocolVersionIT.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/HealthControllerIT.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/OpenApiIT.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/ForwardCompatIT.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/interceptor/ProtocolVersionInterceptor.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/config/WebConfig.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/CameleerServerApplication.java
+  - cameleer-server-app/src/test/resources/application-test.yml
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/AbstractClickHouseIT.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/interceptor/ProtocolVersionIT.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/HealthControllerIT.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/OpenApiIT.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/ForwardCompatIT.java
 autonomous: true
 requirements:
   - API-01
@@ -34,13 +34,13 @@ must_haves:
     - "Unknown JSON fields in request body do not cause deserialization errors"
     - "ClickHouse tables have TTL clause for 30-day retention"
   artifacts:
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/interceptor/ProtocolVersionInterceptor.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/interceptor/ProtocolVersionInterceptor.java"
       provides: "Validates X-Cameleer-Protocol-Version:1 header on data endpoints"
       min_lines: 20
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/WebConfig.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/config/WebConfig.java"
       provides: "Registers interceptor with path patterns"
       min_lines: 10
-    - path: "cameleer3-server-app/src/test/java/com/cameleer3/server/app/AbstractClickHouseIT.java"
+    - path: "cameleer-server-app/src/test/java/com/cameleer/server/app/AbstractClickHouseIT.java"
       provides: "Shared Testcontainers base class for integration tests"
       min_lines: 20
   key_links:
@@ -83,11 +83,11 @@ Output: AbstractClickHouseIT base class, working health, Swagger UI, protocol he
 <task type="auto">
   <name>Task 1: Test infrastructure, protocol version interceptor, WebConfig, and Spring Boot application class</name>
   <files>
-    cameleer3-server-app/src/test/resources/application-test.yml,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/AbstractClickHouseIT.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/interceptor/ProtocolVersionInterceptor.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/WebConfig.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/Cameleer3ServerApplication.java
+    cameleer-server-app/src/test/resources/application-test.yml,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/AbstractClickHouseIT.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/interceptor/ProtocolVersionInterceptor.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/config/WebConfig.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/CameleerServerApplication.java
   </files>
   <action>
     1. Create application-test.yml for test profile:
@@ -113,15 +113,15 @@ Output: AbstractClickHouseIT base class, working health, Swagger UI, protocol he
        - Override addInterceptors: register interceptor with pathPatterns "/api/v1/data/**" and "/api/v1/agents/**"
        - Explicitly EXCLUDE: "/api/v1/health", "/api/v1/api-docs/**", "/api/v1/swagger-ui/**", "/api/v1/swagger-ui.html"
 
-    5. Create or update Cameleer3ServerApplication:
-       - @SpringBootApplication in package com.cameleer3.server.app
+    5. Create or update CameleerServerApplication:
+       - @SpringBootApplication in package com.cameleer.server.app
        - @EnableScheduling (needed for ClickHouseFlushScheduler from Plan 02)
        - @EnableConfigurationProperties(IngestionConfig.class)
        - Main method with SpringApplication.run()
-       - Ensure package scanning covers com.cameleer3.server.app and com.cameleer3.server.core
+       - Ensure package scanning covers com.cameleer.server.app and com.cameleer.server.core
   </action>
   <verify>
-    <automated>mvn clean compile -pl cameleer3-server-app -q 2>&1 | tail -5</automated>
+    <automated>mvn clean compile -pl cameleer-server-app -q 2>&1 | tail -5</automated>
   </verify>
   <done>AbstractClickHouseIT base class ready for integration tests. ProtocolVersionInterceptor validates header on data/agent paths. Health, swagger, and api-docs paths excluded. Application class enables scheduling and config properties.</done>
 </task>
@@ -129,10 +129,10 @@ Output: AbstractClickHouseIT base class, working health, Swagger UI, protocol he
 <task type="auto" tdd="true">
   <name>Task 2: Health, OpenAPI, protocol version, forward compat, and TTL integration tests</name>
   <files>
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/HealthControllerIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/OpenApiIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/interceptor/ProtocolVersionIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/ForwardCompatIT.java
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/HealthControllerIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/OpenApiIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/interceptor/ProtocolVersionIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/ForwardCompatIT.java
   </files>
   <behavior>
     - GET /api/v1/health returns 200 with JSON containing status field
@@ -178,7 +178,7 @@ Output: AbstractClickHouseIT base class, working health, Swagger UI, protocol he
     Note: All tests that POST to data endpoints must include X-Cameleer-Protocol-Version:1 header.
   </action>
   <verify>
-    <automated>mvn test -pl cameleer3-server-app -Dtest="HealthControllerIT,OpenApiIT,ProtocolVersionIT,ForwardCompatIT" -q 2>&1 | tail -15</automated>
+    <automated>mvn test -pl cameleer-server-app -Dtest="HealthControllerIT,OpenApiIT,ProtocolVersionIT,ForwardCompatIT" -q 2>&1 | tail -15</automated>
   </verify>
   <done>Health returns 200. OpenAPI docs are available and list endpoints. Protocol version header enforced on data paths, not on health/docs. Unknown JSON fields accepted. TTL confirmed in ClickHouse DDL via HealthControllerIT test methods.</done>
 </task>
@@ -186,7 +186,7 @@ Output: AbstractClickHouseIT base class, working health, Swagger UI, protocol he
 </tasks>
 
 <verification>
-- `mvn test -pl cameleer3-server-app -Dtest="HealthControllerIT,OpenApiIT,ProtocolVersionIT,ForwardCompatIT" -q` -- all tests pass
+- `mvn test -pl cameleer-server-app -Dtest="HealthControllerIT,OpenApiIT,ProtocolVersionIT,ForwardCompatIT" -q` -- all tests pass
 - GET /api/v1/health returns 200
 - GET /api/v1/api-docs returns OpenAPI spec
 - Missing protocol header returns 400 on data endpoints

.planning/phases/01-ingestion-pipeline-api-foundation/01-03-SUMMARY.md

@@ -12,7 +12,7 @@ provides:
   - AbstractClickHouseIT base class for all integration tests
   - ProtocolVersionInterceptor enforcing X-Cameleer-Protocol-Version:1 on data/agent paths
   - WebConfig with interceptor registration and path exclusions
-  - Cameleer3ServerApplication with @EnableScheduling and component scanning
+  - CameleerServerApplication with @EnableScheduling and component scanning
   - 12 passing integration tests (health, OpenAPI, protocol version, forward compat, TTL)
 
 affects: [01-02, 02-search, 03-agent-registry]
@@ -23,17 +23,17 @@ tech-stack:
 
 key-files:
   created:
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/Cameleer3ServerApplication.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/interceptor/ProtocolVersionInterceptor.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/WebConfig.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/AbstractClickHouseIT.java
-    - cameleer3-server-app/src/test/resources/application-test.yml
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/HealthControllerIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/OpenApiIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/interceptor/ProtocolVersionIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/ForwardCompatIT.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/CameleerServerApplication.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/interceptor/ProtocolVersionInterceptor.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/config/WebConfig.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/AbstractClickHouseIT.java
+    - cameleer-server-app/src/test/resources/application-test.yml
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/HealthControllerIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/OpenApiIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/interceptor/ProtocolVersionIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/ForwardCompatIT.java
   modified:
-    - cameleer3-server-app/pom.xml
+    - cameleer-server-app/pom.xml
     - pom.xml
     - clickhouse/init/01-schema.sql
 
@@ -70,7 +70,7 @@ completed: 2026-03-11
 - ProtocolVersionInterceptor validates X-Cameleer-Protocol-Version:1 on /api/v1/data/** and /api/v1/agents/** paths, returning 400 JSON error for missing or wrong version
 - AbstractClickHouseIT base class with Testcontainers ClickHouse 25.3, shared static container, schema init from 01-schema.sql
 - 12 integration tests: health endpoint (2), OpenAPI docs (2), protocol version enforcement (5), forward compatibility (1), TTL verification (2)
-- Cameleer3ServerApplication with @EnableScheduling, @EnableConfigurationProperties, and dual package scanning
+- CameleerServerApplication with @EnableScheduling, @EnableConfigurationProperties, and dual package scanning
 
 ## Task Commits
 
@@ -80,17 +80,17 @@ Each task was committed atomically:
 2. **Task 2: Integration tests for health, OpenAPI, protocol version, forward compat, and TTL** - `2d3fde3` (test)
 
 ## Files Created/Modified
-- `cameleer3-server-app/src/main/java/.../Cameleer3ServerApplication.java` - Spring Boot entry point with scheduling and config properties
-- `cameleer3-server-app/src/main/java/.../interceptor/ProtocolVersionInterceptor.java` - Validates protocol version header on data/agent paths
-- `cameleer3-server-app/src/main/java/.../config/WebConfig.java` - Registers interceptor with path patterns and exclusions
-- `cameleer3-server-app/src/test/java/.../AbstractClickHouseIT.java` - Shared Testcontainers base class for ITs
-- `cameleer3-server-app/src/test/resources/application-test.yml` - Test profile with small buffer config
-- `cameleer3-server-app/src/test/java/.../controller/HealthControllerIT.java` - Health endpoint and TTL tests
-- `cameleer3-server-app/src/test/java/.../controller/OpenApiIT.java` - OpenAPI and Swagger UI tests
-- `cameleer3-server-app/src/test/java/.../interceptor/ProtocolVersionIT.java` - Protocol header enforcement tests
-- `cameleer3-server-app/src/test/java/.../controller/ForwardCompatIT.java` - Unknown JSON fields test
+- `cameleer-server-app/src/main/java/.../CameleerServerApplication.java` - Spring Boot entry point with scheduling and config properties
+- `cameleer-server-app/src/main/java/.../interceptor/ProtocolVersionInterceptor.java` - Validates protocol version header on data/agent paths
+- `cameleer-server-app/src/main/java/.../config/WebConfig.java` - Registers interceptor with path patterns and exclusions
+- `cameleer-server-app/src/test/java/.../AbstractClickHouseIT.java` - Shared Testcontainers base class for ITs
+- `cameleer-server-app/src/test/resources/application-test.yml` - Test profile with small buffer config
+- `cameleer-server-app/src/test/java/.../controller/HealthControllerIT.java` - Health endpoint and TTL tests
+- `cameleer-server-app/src/test/java/.../controller/OpenApiIT.java` - OpenAPI and Swagger UI tests
+- `cameleer-server-app/src/test/java/.../interceptor/ProtocolVersionIT.java` - Protocol header enforcement tests
+- `cameleer-server-app/src/test/java/.../controller/ForwardCompatIT.java` - Unknown JSON fields test
 - `pom.xml` - Override testcontainers.version to 2.0.3
-- `cameleer3-server-app/pom.xml` - Remove junit-jupiter, upgrade testcontainers-clickhouse to 2.0.3
+- `cameleer-server-app/pom.xml` - Remove junit-jupiter, upgrade testcontainers-clickhouse to 2.0.3
 - `clickhouse/init/01-schema.sql` - Fix TTL expressions and error column types
 
 ## Decisions Made
@@ -107,7 +107,7 @@ Each task was committed atomically:
 - **Found during:** Task 2 (compilation)
 - **Issue:** org.testcontainers:junit-jupiter:2.0.2 does not exist in Maven Central
 - **Fix:** Removed junit-jupiter dependency, upgraded to TC 2.0.3, managed container lifecycle manually via static initializer
-- **Files modified:** cameleer3-server-app/pom.xml, pom.xml, AbstractClickHouseIT.java
+- **Files modified:** cameleer-server-app/pom.xml, pom.xml, AbstractClickHouseIT.java
 - **Verification:** All tests compile and pass
 - **Committed in:** 2d3fde3
 

.planning/phases/01-ingestion-pipeline-api-foundation/01-RESEARCH.md

@@ -6,7 +6,7 @@
 
 ## Summary
 
-Phase 1 establishes the data pipeline and API skeleton for Cameleer3 Server. Agents POST execution data, diagrams, and metrics to REST endpoints; the server buffers these in memory and batch-flushes to ClickHouse. The ClickHouse schema design is the most critical and least reversible decision in this phase -- ORDER BY and partitioning cannot be changed without table recreation.
+Phase 1 establishes the data pipeline and API skeleton for Cameleer Server. Agents POST execution data, diagrams, and metrics to REST endpoints; the server buffers these in memory and batch-flushes to ClickHouse. The ClickHouse schema design is the most critical and least reversible decision in this phase -- ORDER BY and partitioning cannot be changed without table recreation.
 
 The ClickHouse Java ecosystem has undergone significant changes. The recommended approach is **clickhouse-jdbc v0.9.7** (JDBC V2 driver) with Spring Boot's JdbcTemplate for batch inserts. An alternative is the standalone **client-v2** artifact which offers a POJO-based insert API, but JDBC integration with Spring Boot is more conventional and better documented. ClickHouse now has a native full-text index (TYPE text, GA as of March 2026) that supersedes the older tokenbf_v1 bloom filter approach -- this is relevant for Phase 2 but should be accounted for in schema design now.
 
@@ -17,7 +17,7 @@ The ClickHouse Java ecosystem has undergone significant changes. The recommended
 
 | ID | Description | Research Support |
 |----|-------------|-----------------|
-| INGST-01 (#1) | Accept RouteExecution via POST /api/v1/data/executions, return 202 | REST controller + async write buffer pattern; Jackson deserialization of cameleer3-common models |
+| INGST-01 (#1) | Accept RouteExecution via POST /api/v1/data/executions, return 202 | REST controller + async write buffer pattern; Jackson deserialization of cameleer-common models |
 | INGST-02 (#2) | Accept RouteGraph via POST /api/v1/data/diagrams, return 202 | Same pattern; separate ClickHouse table for diagrams with content-hash dedup |
 | INGST-03 (#3) | Accept metrics via POST /api/v1/data/metrics, return 202 | Same pattern; separate ClickHouse table for metrics |
 | INGST-04 (#4) | In-memory batch buffer with configurable flush interval/size | ArrayBlockingQueue + @Scheduled flush; configurable via application.yml |
@@ -60,7 +60,7 @@ The ClickHouse Java ecosystem has undergone significant changes. The recommended
 | ArrayBlockingQueue | LMAX Disruptor | Disruptor is faster under extreme contention but adds complexity; ABQ is sufficient for this throughput |
 | Spring JdbcTemplate | Raw JDBC PreparedStatement | JdbcTemplate provides cleaner error handling and resource management; no meaningful overhead |
 
-**Installation (add to cameleer3-server-app/pom.xml):**
+**Installation (add to cameleer-server-app/pom.xml):**
 ```xml
 <!-- ClickHouse JDBC V2 -->
 <dependency>
@@ -103,7 +103,7 @@ The ClickHouse Java ecosystem has undergone significant changes. The recommended
 </dependency>
 ```
 
-**Add to cameleer3-server-core/pom.xml:**
+**Add to cameleer-server-core/pom.xml:**
 ```xml
 <!-- SLF4J for logging (no Spring dependency) -->
 <dependency>
@@ -117,7 +117,7 @@ The ClickHouse Java ecosystem has undergone significant changes. The recommended
 ### Recommended Project Structure
 
 ```
-cameleer3-server-core/src/main/java/com/cameleer3/server/core/
+cameleer-server-core/src/main/java/com/cameleer/server/core/
     ingestion/
         WriteBuffer.java              # Bounded queue + flush logic
         IngestionService.java         # Accepts data, routes to buffer
@@ -126,9 +126,9 @@ cameleer3-server-core/src/main/java/com/cameleer3/server/core/
         DiagramRepository.java        # Interface: store/retrieve diagrams
         MetricsRepository.java        # Interface: store metrics
     model/
-        (extend/complement cameleer3-common models as needed)
+        (extend/complement cameleer-common models as needed)
 
-cameleer3-server-app/src/main/java/com/cameleer3/server/app/
+cameleer-server-app/src/main/java/com/cameleer/server/app/
     config/
         ClickHouseConfig.java         # DataSource + JdbcTemplate bean
         IngestionConfig.java          # Buffer size, flush interval from YAML
@@ -424,7 +424,7 @@ services:
     environment:
       CLICKHOUSE_USER: cameleer
       CLICKHOUSE_PASSWORD: cameleer_dev
-      CLICKHOUSE_DB: cameleer3
+      CLICKHOUSE_DB: cameleer
     ulimits:
       nofile:
         soft: 262144
@@ -442,7 +442,7 @@ server:
 
 spring:
   datasource:
-    url: jdbc:ch://localhost:8123/cameleer3
+    url: jdbc:ch://localhost:8123/cameleer
     username: cameleer
     password: cameleer_dev
     driver-class-name: com.clickhouse.jdbc.ClickHouseDriver
@@ -493,10 +493,10 @@ management:
 
 ## Open Questions
 
-1. **Exact cameleer3-common model structure**
+1. **Exact cameleer-common model structure**
    - What we know: Models include RouteExecution, ProcessorExecution, ExchangeSnapshot, RouteGraph, RouteNode, RouteEdge
    - What's unclear: Exact field names, types, nesting structure -- needed to design ClickHouse schema precisely
-   - Recommendation: Read cameleer3-common source code before implementing schema. Schema must match the wire format.
+   - Recommendation: Read cameleer-common source code before implementing schema. Schema must match the wire format.
 
 2. **ClickHouse JDBC V2 + HikariCP compatibility**
    - What we know: clickhouse-jdbc 0.9.7 implements JDBC spec; HikariCP is Spring Boot default
@@ -515,36 +515,36 @@ management:
 | Property | Value |
 |----------|-------|
 | Framework | JUnit 5 (Spring Boot managed) + Testcontainers 2.0.2 |
-| Config file | cameleer3-server-app/src/test/resources/application-test.yml (Wave 0) |
-| Quick run command | `mvn test -pl cameleer3-server-core -Dtest=WriteBufferTest -q` |
+| Config file | cameleer-server-app/src/test/resources/application-test.yml (Wave 0) |
+| Quick run command | `mvn test -pl cameleer-server-core -Dtest=WriteBufferTest -q` |
 | Full suite command | `mvn verify` |
 
 ### Phase Requirements -> Test Map
 
 | Req ID | Behavior | Test Type | Automated Command | File Exists? |
 |--------|----------|-----------|-------------------|-------------|
-| INGST-01 | POST /api/v1/data/executions returns 202, data in ClickHouse | integration | `mvn test -pl cameleer3-server-app -Dtest=ExecutionControllerIT -q` | Wave 0 |
-| INGST-02 | POST /api/v1/data/diagrams returns 202 | integration | `mvn test -pl cameleer3-server-app -Dtest=DiagramControllerIT -q` | Wave 0 |
-| INGST-03 | POST /api/v1/data/metrics returns 202 | integration | `mvn test -pl cameleer3-server-app -Dtest=MetricsControllerIT -q` | Wave 0 |
-| INGST-04 | Buffer flushes at interval/size | unit | `mvn test -pl cameleer3-server-core -Dtest=WriteBufferTest -q` | Wave 0 |
-| INGST-05 | 503 when buffer full | unit+integration | `mvn test -pl cameleer3-server-app -Dtest=BackpressureIT -q` | Wave 0 |
-| INGST-06 | TTL removes old data | integration | `mvn test -pl cameleer3-server-app -Dtest=ClickHouseTtlIT -q` | Wave 0 |
+| INGST-01 | POST /api/v1/data/executions returns 202, data in ClickHouse | integration | `mvn test -pl cameleer-server-app -Dtest=ExecutionControllerIT -q` | Wave 0 |
+| INGST-02 | POST /api/v1/data/diagrams returns 202 | integration | `mvn test -pl cameleer-server-app -Dtest=DiagramControllerIT -q` | Wave 0 |
+| INGST-03 | POST /api/v1/data/metrics returns 202 | integration | `mvn test -pl cameleer-server-app -Dtest=MetricsControllerIT -q` | Wave 0 |
+| INGST-04 | Buffer flushes at interval/size | unit | `mvn test -pl cameleer-server-core -Dtest=WriteBufferTest -q` | Wave 0 |
+| INGST-05 | 503 when buffer full | unit+integration | `mvn test -pl cameleer-server-app -Dtest=BackpressureIT -q` | Wave 0 |
+| INGST-06 | TTL removes old data | integration | `mvn test -pl cameleer-server-app -Dtest=ClickHouseTtlIT -q` | Wave 0 |
 | API-01 | Endpoints under /api/v1/ | integration | Covered by controller ITs | Wave 0 |
-| API-02 | OpenAPI docs available | integration | `mvn test -pl cameleer3-server-app -Dtest=OpenApiIT -q` | Wave 0 |
-| API-03 | GET /api/v1/health responds | integration | `mvn test -pl cameleer3-server-app -Dtest=HealthControllerIT -q` | Wave 0 |
-| API-04 | Protocol version header validated | integration | `mvn test -pl cameleer3-server-app -Dtest=ProtocolVersionIT -q` | Wave 0 |
-| API-05 | Unknown JSON fields accepted | unit | `mvn test -pl cameleer3-server-app -Dtest=ForwardCompatIT -q` | Wave 0 |
+| API-02 | OpenAPI docs available | integration | `mvn test -pl cameleer-server-app -Dtest=OpenApiIT -q` | Wave 0 |
+| API-03 | GET /api/v1/health responds | integration | `mvn test -pl cameleer-server-app -Dtest=HealthControllerIT -q` | Wave 0 |
+| API-04 | Protocol version header validated | integration | `mvn test -pl cameleer-server-app -Dtest=ProtocolVersionIT -q` | Wave 0 |
+| API-05 | Unknown JSON fields accepted | unit | `mvn test -pl cameleer-server-app -Dtest=ForwardCompatIT -q` | Wave 0 |
 
 ### Sampling Rate
-- **Per task commit:** `mvn test -pl cameleer3-server-core -q` (unit tests, fast)
+- **Per task commit:** `mvn test -pl cameleer-server-core -q` (unit tests, fast)
 - **Per wave merge:** `mvn verify` (full suite with Testcontainers integration tests)
 - **Phase gate:** Full suite green before verification
 
 ### Wave 0 Gaps
-- [ ] `cameleer3-server-app/src/test/resources/application-test.yml` -- test ClickHouse config
-- [ ] `cameleer3-server-core/src/test/java/.../WriteBufferTest.java` -- buffer unit tests
-- [ ] `cameleer3-server-app/src/test/java/.../AbstractClickHouseIT.java` -- shared Testcontainers base class
-- [ ] `cameleer3-server-app/src/test/java/.../ExecutionControllerIT.java` -- ingestion integration test
+- [ ] `cameleer-server-app/src/test/resources/application-test.yml` -- test ClickHouse config
+- [ ] `cameleer-server-core/src/test/java/.../WriteBufferTest.java` -- buffer unit tests
+- [ ] `cameleer-server-app/src/test/java/.../AbstractClickHouseIT.java` -- shared Testcontainers base class
+- [ ] `cameleer-server-app/src/test/java/.../ExecutionControllerIT.java` -- ingestion integration test
 - [ ] Docker available on test machine for Testcontainers
 
 ## Sources

.planning/phases/01-ingestion-pipeline-api-foundation/01-VALIDATION.md

@@ -18,8 +18,8 @@ created: 2026-03-11
 | Property | Value |
 |----------|-------|
 | **Framework** | JUnit 5 (Spring Boot managed) + Testcontainers 2.0.2 |
-| **Config file** | cameleer3-server-app/src/test/resources/application-test.yml (Wave 0) |
-| **Quick run command** | `mvn test -pl cameleer3-server-core -Dtest=WriteBufferTest -q` |
+| **Config file** | cameleer-server-app/src/test/resources/application-test.yml (Wave 0) |
+| **Quick run command** | `mvn test -pl cameleer-server-core -Dtest=WriteBufferTest -q` |
 | **Full suite command** | `mvn verify` |
 | **Estimated runtime** | ~30 seconds |
 
@@ -27,7 +27,7 @@ created: 2026-03-11
 
 ## Sampling Rate
 
-- **After every task commit:** Run `mvn test -pl cameleer3-server-core -q`
+- **After every task commit:** Run `mvn test -pl cameleer-server-core -q`
 - **After every plan wave:** Run `mvn verify`
 - **Before `/gsd:verify-work`:** Full suite must be green
 - **Max feedback latency:** 30 seconds
@@ -38,17 +38,17 @@ created: 2026-03-11
 
 | Task ID | Plan | Wave | Requirement | Test Type | Automated Command | File Exists | Status |
 |---------|------|------|-------------|-----------|-------------------|-------------|--------|
-| 1-01-01 | 01 | 1 | INGST-04 | unit | `mvn test -pl cameleer3-server-core -Dtest=WriteBufferTest -q` | no W0 | pending |
-| 1-01-02 | 01 | 1 | INGST-01 | integration | `mvn test -pl cameleer3-server-app -Dtest=ExecutionControllerIT -q` | no W0 | pending |
-| 1-01-03 | 01 | 1 | INGST-05 | integration | `mvn test -pl cameleer3-server-app -Dtest=BackpressureIT -q` | no W0 | pending |
-| 1-01-04 | 01 | 1 | INGST-06 | integration | `mvn test -pl cameleer3-server-app -Dtest=HealthControllerIT#ttlConfigured* -q` | no W0 | pending |
-| 1-02-01 | 02 | 1 | INGST-01 | integration | `mvn test -pl cameleer3-server-app -Dtest=ExecutionControllerIT -q` | no W0 | pending |
-| 1-02-02 | 02 | 1 | INGST-02 | integration | `mvn test -pl cameleer3-server-app -Dtest=DiagramControllerIT -q` | no W0 | pending |
-| 1-02-03 | 02 | 1 | INGST-03 | integration | `mvn test -pl cameleer3-server-app -Dtest=MetricsControllerIT -q` | no W0 | pending |
-| 1-02-04 | 02 | 1 | API-02 | integration | `mvn test -pl cameleer3-server-app -Dtest=OpenApiIT -q` | no W0 | pending |
-| 1-02-05 | 02 | 1 | API-03 | integration | `mvn test -pl cameleer3-server-app -Dtest=HealthControllerIT -q` | no W0 | pending |
-| 1-02-06 | 02 | 1 | API-04 | integration | `mvn test -pl cameleer3-server-app -Dtest=ProtocolVersionIT -q` | no W0 | pending |
-| 1-02-07 | 02 | 1 | API-05 | unit | `mvn test -pl cameleer3-server-app -Dtest=ForwardCompatIT -q` | no W0 | pending |
+| 1-01-01 | 01 | 1 | INGST-04 | unit | `mvn test -pl cameleer-server-core -Dtest=WriteBufferTest -q` | no W0 | pending |
+| 1-01-02 | 01 | 1 | INGST-01 | integration | `mvn test -pl cameleer-server-app -Dtest=ExecutionControllerIT -q` | no W0 | pending |
+| 1-01-03 | 01 | 1 | INGST-05 | integration | `mvn test -pl cameleer-server-app -Dtest=BackpressureIT -q` | no W0 | pending |
+| 1-01-04 | 01 | 1 | INGST-06 | integration | `mvn test -pl cameleer-server-app -Dtest=HealthControllerIT#ttlConfigured* -q` | no W0 | pending |
+| 1-02-01 | 02 | 1 | INGST-01 | integration | `mvn test -pl cameleer-server-app -Dtest=ExecutionControllerIT -q` | no W0 | pending |
+| 1-02-02 | 02 | 1 | INGST-02 | integration | `mvn test -pl cameleer-server-app -Dtest=DiagramControllerIT -q` | no W0 | pending |
+| 1-02-03 | 02 | 1 | INGST-03 | integration | `mvn test -pl cameleer-server-app -Dtest=MetricsControllerIT -q` | no W0 | pending |
+| 1-02-04 | 02 | 1 | API-02 | integration | `mvn test -pl cameleer-server-app -Dtest=OpenApiIT -q` | no W0 | pending |
+| 1-02-05 | 02 | 1 | API-03 | integration | `mvn test -pl cameleer-server-app -Dtest=HealthControllerIT -q` | no W0 | pending |
+| 1-02-06 | 02 | 1 | API-04 | integration | `mvn test -pl cameleer-server-app -Dtest=ProtocolVersionIT -q` | no W0 | pending |
+| 1-02-07 | 02 | 1 | API-05 | unit | `mvn test -pl cameleer-server-app -Dtest=ForwardCompatIT -q` | no W0 | pending |
 
 *Status: pending / green / red / flaky*
 
@@ -56,10 +56,10 @@ created: 2026-03-11
 
 ## Wave 0 Requirements
 
-- [ ] `cameleer3-server-app/src/test/resources/application-test.yml` — test ClickHouse config
-- [ ] `cameleer3-server-core/src/test/java/.../WriteBufferTest.java` — buffer unit tests
-- [ ] `cameleer3-server-app/src/test/java/.../AbstractClickHouseIT.java` — shared Testcontainers base class
-- [ ] `cameleer3-server-app/src/test/java/.../ExecutionControllerIT.java` — ingestion integration test
+- [ ] `cameleer-server-app/src/test/resources/application-test.yml` — test ClickHouse config
+- [ ] `cameleer-server-core/src/test/java/.../WriteBufferTest.java` — buffer unit tests
+- [ ] `cameleer-server-app/src/test/java/.../AbstractClickHouseIT.java` — shared Testcontainers base class
+- [ ] `cameleer-server-app/src/test/java/.../ExecutionControllerIT.java` — ingestion integration test
 - [ ] Docker available on test machine for Testcontainers
 
 *If none: "Existing infrastructure covers all phase requirements."*

.planning/phases/01-ingestion-pipeline-api-foundation/01-VERIFICATION.md

@@ -35,27 +35,27 @@ re_verification: false
 
 | Artifact | Expected | Status | Details |
 |---|---|---|---|
-| `cameleer3-server-core/src/main/java/com/cameleer3/server/core/ingestion/WriteBuffer.java` | Generic bounded write buffer with offer/drain/isFull | VERIFIED | 80 lines; `ArrayBlockingQueue`-backed; implements `offer`, `offerBatch` (all-or-nothing), `drain`, `isFull`, `size`, `capacity`, `remainingCapacity` |
+| `cameleer-server-core/src/main/java/com/cameleer/server/core/ingestion/WriteBuffer.java` | Generic bounded write buffer with offer/drain/isFull | VERIFIED | 80 lines; `ArrayBlockingQueue`-backed; implements `offer`, `offerBatch` (all-or-nothing), `drain`, `isFull`, `size`, `capacity`, `remainingCapacity` |
 | `clickhouse/init/01-schema.sql` | ClickHouse DDL for all three tables | VERIFIED | Contains `CREATE TABLE route_executions`, `route_diagrams`, `agent_metrics`; correct ENGINE, ORDER BY, PARTITION BY, TTL with `toDateTime()` cast |
 | `docker-compose.yml` | Local ClickHouse service | VERIFIED | `clickhouse/clickhouse-server:25.3`; ports 8123/9000; init volume mount; credentials configured |
-| `cameleer3-server-core/src/main/java/com/cameleer3/server/core/storage/ExecutionRepository.java` | Repository interface for execution batch inserts | VERIFIED | Declares `void insertBatch(List<RouteExecution> executions)` |
+| `cameleer-server-core/src/main/java/com/cameleer/server/core/storage/ExecutionRepository.java` | Repository interface for execution batch inserts | VERIFIED | Declares `void insertBatch(List<RouteExecution> executions)` |
 
 #### Plan 01-02 Artifacts
 
 | Artifact | Expected | Status | Details |
 |---|---|---|---|
-| `cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/ExecutionController.java` | POST /api/v1/data/executions endpoint | VERIFIED | 79 lines; `@PostMapping("/executions")`; handles single/array via raw String parsing; returns 202 or 503 + Retry-After |
-| `cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java` | Batch insert to route_executions via JdbcTemplate | VERIFIED | 118 lines; `@Repository`; `BatchPreparedStatementSetter`; flattens processor tree to parallel arrays |
-| `cameleer3-server-app/src/main/java/com/cameleer3/server/app/ingestion/ClickHouseFlushScheduler.java` | Scheduled drain of WriteBuffer into ClickHouse | VERIFIED | 160 lines; `@Scheduled(fixedDelayString="${ingestion.flush-interval-ms:1000}")`; implements `SmartLifecycle` for shutdown drain |
-| `cameleer3-server-core/src/main/java/com/cameleer3/server/core/ingestion/IngestionService.java` | Routes data to appropriate WriteBuffer instances | VERIFIED | 115 lines; plain class; `acceptExecution`, `acceptExecutions`, `acceptDiagram`, `acceptDiagrams`, `acceptMetrics`; delegates to typed `WriteBuffer` instances |
+| `cameleer-server-app/src/main/java/com/cameleer/server/app/controller/ExecutionController.java` | POST /api/v1/data/executions endpoint | VERIFIED | 79 lines; `@PostMapping("/executions")`; handles single/array via raw String parsing; returns 202 or 503 + Retry-After |
+| `cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java` | Batch insert to route_executions via JdbcTemplate | VERIFIED | 118 lines; `@Repository`; `BatchPreparedStatementSetter`; flattens processor tree to parallel arrays |
+| `cameleer-server-app/src/main/java/com/cameleer/server/app/ingestion/ClickHouseFlushScheduler.java` | Scheduled drain of WriteBuffer into ClickHouse | VERIFIED | 160 lines; `@Scheduled(fixedDelayString="${ingestion.flush-interval-ms:1000}")`; implements `SmartLifecycle` for shutdown drain |
+| `cameleer-server-core/src/main/java/com/cameleer/server/core/ingestion/IngestionService.java` | Routes data to appropriate WriteBuffer instances | VERIFIED | 115 lines; plain class; `acceptExecution`, `acceptExecutions`, `acceptDiagram`, `acceptDiagrams`, `acceptMetrics`; delegates to typed `WriteBuffer` instances |
 
 #### Plan 01-03 Artifacts
 
 | Artifact | Expected | Status | Details |
 |---|---|---|---|
-| `cameleer3-server-app/src/main/java/com/cameleer3/server/app/interceptor/ProtocolVersionInterceptor.java` | Validates X-Cameleer-Protocol-Version:1 header on data endpoints | VERIFIED | 47 lines; implements `HandlerInterceptor.preHandle`; returns 400 JSON on missing/wrong version |
-| `cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/WebConfig.java` | Registers interceptor with path patterns | VERIFIED | 35 lines; `addInterceptors` registers interceptor on `/api/v1/data/**` and `/api/v1/agents/**`; excludes health, api-docs, swagger-ui |
-| `cameleer3-server-app/src/test/java/com/cameleer3/server/app/AbstractClickHouseIT.java` | Shared Testcontainers base class for integration tests | VERIFIED | 73 lines; static `ClickHouseContainer`; `@DynamicPropertySource`; `@BeforeAll` schema init from SQL file; `JdbcTemplate` exposed to subclasses |
+| `cameleer-server-app/src/main/java/com/cameleer/server/app/interceptor/ProtocolVersionInterceptor.java` | Validates X-Cameleer-Protocol-Version:1 header on data endpoints | VERIFIED | 47 lines; implements `HandlerInterceptor.preHandle`; returns 400 JSON on missing/wrong version |
+| `cameleer-server-app/src/main/java/com/cameleer/server/app/config/WebConfig.java` | Registers interceptor with path patterns | VERIFIED | 35 lines; `addInterceptors` registers interceptor on `/api/v1/data/**` and `/api/v1/agents/**`; excludes health, api-docs, swagger-ui |
+| `cameleer-server-app/src/test/java/com/cameleer/server/app/AbstractClickHouseIT.java` | Shared Testcontainers base class for integration tests | VERIFIED | 73 lines; static `ClickHouseContainer`; `@DynamicPropertySource`; `@BeforeAll` schema init from SQL file; `JdbcTemplate` exposed to subclasses |
 
 ---
 
@@ -113,7 +113,7 @@ No orphaned requirements — all 11 IDs declared in plan frontmatter match the R
 
 ### Anti-Patterns Found
 
-No anti-patterns detected. Scanned all source files in `cameleer3-server-app/src/main` and `cameleer3-server-core/src/main` for TODO/FIXME/PLACEHOLDER/stub return patterns. None found.
+No anti-patterns detected. Scanned all source files in `cameleer-server-app/src/main` and `cameleer-server-core/src/main` for TODO/FIXME/PLACEHOLDER/stub return patterns. None found.
 
 One minor observation (not a blocker):
 

.planning/phases/02-transaction-search-diagrams/02-01-PLAN.md

@@ -6,17 +6,17 @@ wave: 1
 depends_on: []
 files_modified:
   - clickhouse/init/02-search-columns.sql
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/search/SearchRequest.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/search/SearchResult.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/search/SearchEngine.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/search/SearchService.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/search/ExecutionSummary.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/detail/DetailService.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/detail/ExecutionDetail.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/detail/ProcessorNode.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/storage/ExecutionRepository.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/AbstractClickHouseIT.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/search/SearchRequest.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/search/SearchResult.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/search/SearchEngine.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/search/SearchService.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/search/ExecutionSummary.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/detail/DetailService.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/detail/ExecutionDetail.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/detail/ProcessorNode.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/storage/ExecutionRepository.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/AbstractClickHouseIT.java
 autonomous: true
 requirements:
   - SRCH-01
@@ -38,21 +38,21 @@ must_haves:
     - path: "clickhouse/init/02-search-columns.sql"
       provides: "Schema extension DDL for Phase 2 columns and skip indexes"
       contains: "exchange_bodies"
-    - path: "cameleer3-server-core/src/main/java/com/cameleer3/server/core/search/SearchEngine.java"
+    - path: "cameleer-server-core/src/main/java/com/cameleer/server/core/search/SearchEngine.java"
       provides: "Search backend abstraction interface"
       exports: ["SearchEngine"]
-    - path: "cameleer3-server-core/src/main/java/com/cameleer3/server/core/search/SearchRequest.java"
+    - path: "cameleer-server-core/src/main/java/com/cameleer/server/core/search/SearchRequest.java"
       provides: "Immutable search criteria record"
       exports: ["SearchRequest"]
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java"
       provides: "Extended with new columns in INSERT, plus query methods"
       min_lines: 100
   key_links:
-    - from: "cameleer3-server-core/src/main/java/com/cameleer3/server/core/search/SearchService.java"
+    - from: "cameleer-server-core/src/main/java/com/cameleer/server/core/search/SearchService.java"
       to: "SearchEngine"
       via: "constructor injection"
       pattern: "SearchEngine"
-    - from: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java"
+    - from: "cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java"
       to: "clickhouse/init/02-search-columns.sql"
       via: "INSERT and SELECT SQL matching schema"
       pattern: "exchange_bodies|processor_depths|diagram_content_hash"
@@ -79,22 +79,22 @@ Output: Schema migration SQL, updated ingestion INSERT with new columns, core se
 @.planning/phases/02-transaction-search-diagrams/02-RESEARCH.md
 
 @clickhouse/init/01-schema.sql
-@cameleer3-server-core/src/main/java/com/cameleer3/server/core/storage/ExecutionRepository.java
-@cameleer3-server-core/src/main/java/com/cameleer3/server/core/storage/DiagramRepository.java
-@cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java
-@cameleer3-server-app/src/test/java/com/cameleer3/server/app/AbstractClickHouseIT.java
+@cameleer-server-core/src/main/java/com/cameleer/server/core/storage/ExecutionRepository.java
+@cameleer-server-core/src/main/java/com/cameleer/server/core/storage/DiagramRepository.java
+@cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java
+@cameleer-server-app/src/test/java/com/cameleer/server/app/AbstractClickHouseIT.java
 
 <interfaces>
 <!-- Existing interfaces the executor needs -->
 
-From cameleer3-server-core/.../storage/ExecutionRepository.java:
+From cameleer-server-core/.../storage/ExecutionRepository.java:
 ```java
 public interface ExecutionRepository {
     void insertBatch(List<RouteExecution> executions);
 }
 ```
 
-From cameleer3-server-core/.../storage/DiagramRepository.java:
+From cameleer-server-core/.../storage/DiagramRepository.java:
 ```java
 public interface DiagramRepository {
     void store(RouteGraph graph);
@@ -103,7 +103,7 @@ public interface DiagramRepository {
 }
 ```
 
-From cameleer3-common (decompiled — key fields):
+From cameleer-common (decompiled — key fields):
 ```java
 // RouteExecution: routeId, status (ExecutionStatus enum: COMPLETED/FAILED/RUNNING),
 //   startTime (Instant), endTime (Instant), durationMs (long), correlationId, exchangeId,
@@ -145,15 +145,15 @@ Existing ClickHouse schema (01-schema.sql):
   <name>Task 1: Schema extension and core domain types</name>
   <files>
     clickhouse/init/02-search-columns.sql,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/search/SearchRequest.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/search/SearchResult.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/search/SearchEngine.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/search/SearchService.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/search/ExecutionSummary.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/detail/DetailService.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/detail/ExecutionDetail.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/detail/ProcessorNode.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/storage/ExecutionRepository.java
+    cameleer-server-core/src/main/java/com/cameleer/server/core/search/SearchRequest.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/search/SearchResult.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/search/SearchEngine.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/search/SearchService.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/search/ExecutionSummary.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/detail/DetailService.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/detail/ExecutionDetail.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/detail/ProcessorNode.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/storage/ExecutionRepository.java
   </files>
   <action>
     1. Create `clickhouse/init/02-search-columns.sql` with ALTER TABLE statements to add Phase 2 columns to route_executions:
@@ -172,14 +172,14 @@ Existing ClickHouse schema (01-schema.sql):
        - Add tokenbf_v1 skip indexes on exchange_bodies and exchange_headers (GRANULARITY 4, same as idx_error)
        - Add tokenbf_v1 skip index on error_stacktrace (it has no index yet, needed for SRCH-05 full-text search across stack traces)
 
-    2. Create core search domain types in `com.cameleer3.server.core.search`:
+    2. Create core search domain types in `com.cameleer.server.core.search`:
        - `SearchRequest` record: status (String, nullable), timeFrom (Instant), timeTo (Instant), durationMin (Long), durationMax (Long), correlationId (String), text (String — global full-text), textInBody (String), textInHeaders (String), textInErrors (String), offset (int), limit (int). Compact constructor validates: limit defaults to 50 if <= 0, capped at 500; offset defaults to 0 if < 0.
        - `SearchResult<T>` record: data (List<T>), total (long), offset (int), limit (int). Include static factory `empty(int offset, int limit)`.
        - `ExecutionSummary` record: executionId (String), routeId (String), agentId (String), status (String), startTime (Instant), endTime (Instant), durationMs (long), correlationId (String), errorMessage (String), diagramContentHash (String). This is the lightweight list-view DTO — NOT the full processor arrays.
        - `SearchEngine` interface with methods: `SearchResult<ExecutionSummary> search(SearchRequest request)` and `long count(SearchRequest request)`. This is the swappable backend (ClickHouse now, OpenSearch later per user decision).
        - `SearchService` class: plain class (no Spring annotations, same pattern as IngestionService). Constructor takes SearchEngine. `search(SearchRequest)` delegates to engine.search(). This thin orchestration layer allows adding cross-cutting concerns later.
 
-    3. Create core detail domain types in `com.cameleer3.server.core.detail`:
+    3. Create core detail domain types in `com.cameleer.server.core.detail`:
        - `ProcessorNode` record: processorId (String), processorType (String), status (String), startTime (Instant), endTime (Instant), durationMs (long), diagramNodeId (String), errorMessage (String), errorStackTrace (String), children (List<ProcessorNode>). This is the nested tree node.
        - `ExecutionDetail` record: executionId (String), routeId (String), agentId (String), status (String), startTime (Instant), endTime (Instant), durationMs (long), correlationId (String), exchangeId (String), errorMessage (String), errorStackTrace (String), diagramContentHash (String), processors (List<ProcessorNode>). This is the full detail response.
        - `DetailService` class: plain class (no Spring annotations). Constructor takes ExecutionRepository. Method `getDetail(String executionId)` returns `Optional<ExecutionDetail>`. Calls repository's new `findDetailById` method, then calls `reconstructTree()` to convert flat arrays into nested ProcessorNode tree. The `reconstructTree` method: takes parallel arrays (ids, types, statuses, starts, ends, durations, diagramNodeIds, errorMessages, errorStackTraces, depths, parentIndexes), creates ProcessorNode[] array, then wires children using parentIndexes (parentIndex == -1 means root).
@@ -190,7 +190,7 @@ Existing ClickHouse schema (01-schema.sql):
        Actually, use a different approach per the layering: add a `findRawById(String executionId)` method that returns `Optional<RawExecutionRow>` — a new record containing all parallel arrays. DetailService takes this and reconstructs. Create `RawExecutionRow` as a record in the detail package with all fields needed for reconstruction.
   </action>
   <verify>
-    <automated>cd C:/Users/Hendrik/Documents/projects/cameleer3-server && mvn compile -pl cameleer3-server-core</automated>
+    <automated>cd C:/Users/Hendrik/Documents/projects/cameleer-server && mvn compile -pl cameleer-server-core</automated>
   </verify>
   <done>Schema migration SQL exists, all core domain types compile, SearchEngine interface and SearchService defined, ExecutionRepository extended with query method, DetailService has tree reconstruction logic</done>
 </task>
@@ -198,9 +198,9 @@ Existing ClickHouse schema (01-schema.sql):
 <task type="auto" tdd="true">
   <name>Task 2: Update ingestion to populate new columns and verify with integration test</name>
   <files>
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/AbstractClickHouseIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/storage/IngestionSchemaIT.java
+    cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/AbstractClickHouseIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/storage/IngestionSchemaIT.java
   </files>
   <behavior>
     - Test: After inserting a RouteExecution with processors that have exchange snapshots and nested children, the route_executions row has non-empty exchange_bodies, exchange_headers, processor_depths (correct depth values), processor_parent_indexes (correct parent wiring), processor_input_bodies, processor_output_bodies, processor_input_headers, processor_output_headers, processor_diagram_node_ids, and diagram_content_hash columns
@@ -231,7 +231,7 @@ Existing ClickHouse schema (01-schema.sql):
        - Verifies a second insertion with null snapshots succeeds with empty defaults
   </action>
   <verify>
-    <automated>cd C:/Users/Hendrik/Documents/projects/cameleer3-server && mvn test -pl cameleer3-server-app -Dtest=IngestionSchemaIT</automated>
+    <automated>cd C:/Users/Hendrik/Documents/projects/cameleer-server && mvn test -pl cameleer-server-app -Dtest=IngestionSchemaIT</automated>
   </verify>
   <done>All new columns populated correctly during ingestion, tree metadata (depth/parent) correct for nested processors, exchange data concatenated for search, existing ingestion tests still pass</done>
 </task>
@@ -239,9 +239,9 @@ Existing ClickHouse schema (01-schema.sql):
 </tasks>
 
 <verification>
-- `mvn compile -pl cameleer3-server-core` succeeds (core domain types compile)
-- `mvn test -pl cameleer3-server-app -Dtest=IngestionSchemaIT` passes (new columns populated correctly)
-- `mvn test -pl cameleer3-server-app` passes (all existing tests still green with schema extension)
+- `mvn compile -pl cameleer-server-core` succeeds (core domain types compile)
+- `mvn test -pl cameleer-server-app -Dtest=IngestionSchemaIT` passes (new columns populated correctly)
+- `mvn test -pl cameleer-server-app` passes (all existing tests still green with schema extension)
 </verification>
 
 <success_criteria>

.planning/phases/02-transaction-search-diagrams/02-01-SUMMARY.md

@@ -22,22 +22,22 @@ tech-stack:
 key-files:
   created:
     - clickhouse/init/02-search-columns.sql
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/search/SearchRequest.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/search/SearchResult.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/search/ExecutionSummary.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/search/SearchEngine.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/search/SearchService.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/detail/DetailService.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/detail/ExecutionDetail.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/detail/ProcessorNode.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/detail/RawExecutionRow.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/diagram/DiagramRenderer.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/diagram/DiagramLayout.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/storage/IngestionSchemaIT.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/search/SearchRequest.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/search/SearchResult.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/search/ExecutionSummary.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/search/SearchEngine.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/search/SearchService.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/detail/DetailService.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/detail/ExecutionDetail.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/detail/ProcessorNode.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/detail/RawExecutionRow.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/diagram/DiagramRenderer.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/diagram/DiagramLayout.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/storage/IngestionSchemaIT.java
   modified:
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/storage/ExecutionRepository.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/AbstractClickHouseIT.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/storage/ExecutionRepository.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/AbstractClickHouseIT.java
 
 key-decisions:
   - "FlatProcessor record captures depth and parentIndex during DFS traversal"
@@ -86,21 +86,21 @@ Each task was committed atomically:
 
 ## Files Created/Modified
 - `clickhouse/init/02-search-columns.sql` - ALTER TABLE adding 12 columns + 3 skip indexes
-- `cameleer3-server-core/.../search/SearchRequest.java` - Immutable search criteria record with validation
-- `cameleer3-server-core/.../search/SearchResult.java` - Paginated result envelope
-- `cameleer3-server-core/.../search/ExecutionSummary.java` - Lightweight list-view DTO
-- `cameleer3-server-core/.../search/SearchEngine.java` - Swappable search backend interface
-- `cameleer3-server-core/.../search/SearchService.java` - Search orchestration layer
-- `cameleer3-server-core/.../detail/DetailService.java` - Tree reconstruction from flat arrays
-- `cameleer3-server-core/.../detail/ExecutionDetail.java` - Full execution detail record
-- `cameleer3-server-core/.../detail/ProcessorNode.java` - Nested tree node (mutable children)
-- `cameleer3-server-core/.../detail/RawExecutionRow.java` - DB-to-domain intermediate record
-- `cameleer3-server-core/.../diagram/DiagramRenderer.java` - Diagram rendering interface (stub)
-- `cameleer3-server-core/.../diagram/DiagramLayout.java` - JSON layout record (stub)
-- `cameleer3-server-core/.../storage/ExecutionRepository.java` - Extended with findRawById
-- `cameleer3-server-app/.../storage/ClickHouseExecutionRepository.java` - INSERT extended with 12 new columns
-- `cameleer3-server-app/src/test/.../AbstractClickHouseIT.java` - Loads 02-search-columns.sql
-- `cameleer3-server-app/src/test/.../storage/IngestionSchemaIT.java` - 3 integration tests
+- `cameleer-server-core/.../search/SearchRequest.java` - Immutable search criteria record with validation
+- `cameleer-server-core/.../search/SearchResult.java` - Paginated result envelope
+- `cameleer-server-core/.../search/ExecutionSummary.java` - Lightweight list-view DTO
+- `cameleer-server-core/.../search/SearchEngine.java` - Swappable search backend interface
+- `cameleer-server-core/.../search/SearchService.java` - Search orchestration layer
+- `cameleer-server-core/.../detail/DetailService.java` - Tree reconstruction from flat arrays
+- `cameleer-server-core/.../detail/ExecutionDetail.java` - Full execution detail record
+- `cameleer-server-core/.../detail/ProcessorNode.java` - Nested tree node (mutable children)
+- `cameleer-server-core/.../detail/RawExecutionRow.java` - DB-to-domain intermediate record
+- `cameleer-server-core/.../diagram/DiagramRenderer.java` - Diagram rendering interface (stub)
+- `cameleer-server-core/.../diagram/DiagramLayout.java` - JSON layout record (stub)
+- `cameleer-server-core/.../storage/ExecutionRepository.java` - Extended with findRawById
+- `cameleer-server-app/.../storage/ClickHouseExecutionRepository.java` - INSERT extended with 12 new columns
+- `cameleer-server-app/src/test/.../AbstractClickHouseIT.java` - Loads 02-search-columns.sql
+- `cameleer-server-app/src/test/.../storage/IngestionSchemaIT.java` - 3 integration tests
 
 ## Decisions Made
 - Used FlatProcessor record to carry depth and parentIndex alongside the ProcessorExecution during DFS flattening -- single pass, no separate traversal
@@ -116,9 +116,9 @@ Each task was committed atomically:
 **1. [Rule 3 - Blocking] Created DiagramRenderer and DiagramLayout stub interfaces**
 - **Found during:** Task 2 (compilation step)
 - **Issue:** Pre-existing `ElkDiagramRenderer` in app module referenced `DiagramRenderer` and `DiagramLayout` interfaces that did not exist in core module, causing compilation failure
-- **Fix:** Created minimal stub interfaces in `com.cameleer3.server.core.diagram` package
+- **Fix:** Created minimal stub interfaces in `com.cameleer.server.core.diagram` package
 - **Files created:** DiagramRenderer.java, DiagramLayout.java
-- **Verification:** `mvn compile -pl cameleer3-server-core` and `mvn compile -pl cameleer3-server-app` succeed
+- **Verification:** `mvn compile -pl cameleer-server-core` and `mvn compile -pl cameleer-server-app` succeed
 - **Committed in:** f6ff279 (Task 2 GREEN commit)
 
 **2. [Rule 1 - Bug] Fixed ClickHouse Array type handling in IngestionSchemaIT**

.planning/phases/02-transaction-search-diagrams/02-02-PLAN.md

@@ -5,16 +5,16 @@ type: execute
 wave: 1
 depends_on: []
 files_modified:
-  - cameleer3-server-app/pom.xml
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/diagram/DiagramRenderer.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/diagram/DiagramLayout.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/diagram/PositionedNode.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/diagram/PositionedEdge.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/diagram/ElkDiagramRenderer.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/DiagramRenderController.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/DiagramBeanConfig.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/DiagramRenderControllerIT.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/diagram/ElkDiagramRendererTest.java
+  - cameleer-server-app/pom.xml
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/diagram/DiagramRenderer.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/diagram/DiagramLayout.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/diagram/PositionedNode.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/diagram/PositionedEdge.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/diagram/ElkDiagramRenderer.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/DiagramRenderController.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/config/DiagramBeanConfig.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/DiagramRenderControllerIT.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/diagram/ElkDiagramRendererTest.java
 autonomous: true
 requirements:
   - DIAG-03
@@ -27,13 +27,13 @@ must_haves:
     - "Node colors match the route-diagram-example.html style: blue endpoints, green processors, red error handlers, purple EIPs"
     - "Nested processors (inside split, choice, try-catch) are rendered in compound/swimlane groups"
   artifacts:
-    - path: "cameleer3-server-core/src/main/java/com/cameleer3/server/core/diagram/DiagramRenderer.java"
+    - path: "cameleer-server-core/src/main/java/com/cameleer/server/core/diagram/DiagramRenderer.java"
       provides: "Renderer interface for SVG and JSON layout output"
       exports: ["DiagramRenderer"]
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/diagram/ElkDiagramRenderer.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/diagram/ElkDiagramRenderer.java"
       provides: "ELK + JFreeSVG implementation of DiagramRenderer"
       min_lines: 100
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/DiagramRenderController.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/controller/DiagramRenderController.java"
       provides: "GET /api/v1/diagrams/{hash} with content negotiation"
       exports: ["DiagramRenderController"]
   key_links:
@@ -70,14 +70,14 @@ Output: DiagramRenderer interface in core, ElkDiagramRenderer implementation in
 @.planning/phases/02-transaction-search-diagrams/02-CONTEXT.md
 @.planning/phases/02-transaction-search-diagrams/02-RESEARCH.md
 
-@cameleer3-server-core/src/main/java/com/cameleer3/server/core/storage/DiagramRepository.java
-@cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseDiagramRepository.java
-@cameleer3-server-app/pom.xml
+@cameleer-server-core/src/main/java/com/cameleer/server/core/storage/DiagramRepository.java
+@cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseDiagramRepository.java
+@cameleer-server-app/pom.xml
 
 <interfaces>
 <!-- Existing interfaces needed -->
 
-From cameleer3-server-core/.../storage/DiagramRepository.java:
+From cameleer-server-core/.../storage/DiagramRepository.java:
 ```java
 public interface DiagramRepository {
     void store(RouteGraph graph);
@@ -86,7 +86,7 @@ public interface DiagramRepository {
 }
 ```
 
-From cameleer3-common (decompiled — diagram models):
+From cameleer-common (decompiled — diagram models):
 ```java
 // RouteGraph: routeId (String), nodes (List<RouteNode>), edges (List<RouteEdge>),
 //   processorNodeMapping (Map<String,String>)
@@ -114,14 +114,14 @@ NodeType color mapping (from CONTEXT.md, matching route-diagram-example.html):
 <task type="auto">
   <name>Task 1: Add ELK/JFreeSVG dependencies and create core diagram rendering interfaces</name>
   <files>
-    cameleer3-server-app/pom.xml,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/diagram/DiagramRenderer.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/diagram/DiagramLayout.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/diagram/PositionedNode.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/diagram/PositionedEdge.java
+    cameleer-server-app/pom.xml,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/diagram/DiagramRenderer.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/diagram/DiagramLayout.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/diagram/PositionedNode.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/diagram/PositionedEdge.java
   </files>
   <action>
-    1. Add Maven dependencies to `cameleer3-server-app/pom.xml`:
+    1. Add Maven dependencies to `cameleer-server-app/pom.xml`:
        ```xml
        <dependency>
            <groupId>org.eclipse.elk</groupId>
@@ -140,7 +140,7 @@ NodeType color mapping (from CONTEXT.md, matching route-diagram-example.html):
        </dependency>
        ```
 
-    2. Create core diagram rendering interfaces in `com.cameleer3.server.core.diagram`:
+    2. Create core diagram rendering interfaces in `com.cameleer.server.core.diagram`:
 
        - `PositionedNode` record: id (String), label (String), type (String — NodeType name), x (double), y (double), width (double), height (double), children (List<PositionedNode> — for compound/swimlane groups). JSON-serializable for the JSON layout response.
 
@@ -154,7 +154,7 @@ NodeType color mapping (from CONTEXT.md, matching route-diagram-example.html):
          Both methods take a RouteGraph and produce output. The interface lives in core so it can be swapped (e.g., for a different renderer).
   </action>
   <verify>
-    <automated>cd C:/Users/Hendrik/Documents/projects/cameleer3-server && mvn compile -pl cameleer3-server-core && mvn dependency:resolve -pl cameleer3-server-app -q</automated>
+    <automated>cd C:/Users/Hendrik/Documents/projects/cameleer-server && mvn compile -pl cameleer-server-core && mvn dependency:resolve -pl cameleer-server-app -q</automated>
   </verify>
   <done>ELK and JFreeSVG dependencies resolve, DiagramRenderer interface and layout DTOs compile in core module</done>
 </task>
@@ -162,11 +162,11 @@ NodeType color mapping (from CONTEXT.md, matching route-diagram-example.html):
 <task type="auto" tdd="true">
   <name>Task 2: Implement ElkDiagramRenderer, DiagramRenderController, and integration tests</name>
   <files>
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/diagram/ElkDiagramRenderer.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/DiagramRenderController.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/DiagramBeanConfig.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/diagram/ElkDiagramRendererTest.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/DiagramRenderControllerIT.java
+    cameleer-server-app/src/main/java/com/cameleer/server/app/diagram/ElkDiagramRenderer.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/controller/DiagramRenderController.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/config/DiagramBeanConfig.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/diagram/ElkDiagramRendererTest.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/DiagramRenderControllerIT.java
   </files>
   <behavior>
     - Unit test: ElkDiagramRenderer.renderSvg with a simple 3-node graph (from->process->to) produces valid SVG containing svg element, rect elements for nodes, line/path elements for edges
@@ -179,7 +179,7 @@ NodeType color mapping (from CONTEXT.md, matching route-diagram-example.html):
     - Integration test: GET /api/v1/diagrams/{hash} with no Accept preference defaults to SVG
   </behavior>
   <action>
-    1. Create `ElkDiagramRenderer` implementing `DiagramRenderer` in `com.cameleer3.server.app.diagram`:
+    1. Create `ElkDiagramRenderer` implementing `DiagramRenderer` in `com.cameleer.server.app.diagram`:
 
        **Layout phase (shared by both SVG and JSON):**
        - Convert RouteGraph to ELK graph: create ElkNode root, set properties for LayeredOptions.ALGORITHM_ID, Direction.DOWN (top-to-bottom per user decision), spacing 40px node-node, 20px edge-node.
@@ -206,10 +206,10 @@ NodeType color mapping (from CONTEXT.md, matching route-diagram-example.html):
        **JSON layout (layoutJson):**
        - Run layout phase, return DiagramLayout directly. Jackson will serialize it to JSON.
 
-    2. Create `DiagramBeanConfig` in `com.cameleer3.server.app.config`:
+    2. Create `DiagramBeanConfig` in `com.cameleer.server.app.config`:
        - @Configuration class that creates DiagramRenderer bean (ElkDiagramRenderer) and SearchService bean wiring (prepare for Plan 03).
 
-    3. Create `DiagramRenderController` in `com.cameleer3.server.app.controller`:
+    3. Create `DiagramRenderController` in `com.cameleer.server.app.controller`:
        - `GET /api/v1/diagrams/{contentHash}/render` — renders the diagram
        - Inject DiagramRepository and DiagramRenderer.
        - Look up RouteGraph via `diagramRepository.findByContentHash(contentHash)`. If empty, return 404.
@@ -233,7 +233,7 @@ NodeType color mapping (from CONTEXT.md, matching route-diagram-example.html):
        - GET /api/v1/diagrams/{hash}/render with no Accept header -> assert SVG response (default).
   </action>
   <verify>
-    <automated>cd C:/Users/Hendrik/Documents/projects/cameleer3-server && mvn test -pl cameleer3-server-app -Dtest="ElkDiagramRendererTest,DiagramRenderControllerIT"</automated>
+    <automated>cd C:/Users/Hendrik/Documents/projects/cameleer-server && mvn test -pl cameleer-server-app -Dtest="ElkDiagramRendererTest,DiagramRenderControllerIT"</automated>
   </verify>
   <done>Diagram rendering produces color-coded top-to-bottom SVG and JSON layout, content negotiation works via Accept header, compound nodes group nested processors, all tests pass</done>
 </task>
@@ -241,8 +241,8 @@ NodeType color mapping (from CONTEXT.md, matching route-diagram-example.html):
 </tasks>
 
 <verification>
-- `mvn test -pl cameleer3-server-app -Dtest=ElkDiagramRendererTest` passes (unit tests for layout and SVG)
-- `mvn test -pl cameleer3-server-app -Dtest=DiagramRenderControllerIT` passes (integration tests for REST endpoint)
+- `mvn test -pl cameleer-server-app -Dtest=ElkDiagramRendererTest` passes (unit tests for layout and SVG)
+- `mvn test -pl cameleer-server-app -Dtest=DiagramRenderControllerIT` passes (integration tests for REST endpoint)
 - `mvn clean verify` passes (all existing tests still green)
 - SVG output contains color-coded nodes matching the NodeType color scheme
 </verification>

.planning/phases/02-transaction-search-diagrams/02-02-SUMMARY.md

@@ -21,17 +21,17 @@ tech-stack:
 
 key-files:
   created:
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/diagram/DiagramRenderer.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/diagram/DiagramLayout.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/diagram/PositionedNode.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/diagram/PositionedEdge.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/diagram/ElkDiagramRenderer.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/DiagramRenderController.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/DiagramBeanConfig.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/diagram/ElkDiagramRendererTest.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/DiagramRenderControllerIT.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/diagram/DiagramRenderer.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/diagram/DiagramLayout.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/diagram/PositionedNode.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/diagram/PositionedEdge.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/diagram/ElkDiagramRenderer.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/DiagramRenderController.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/config/DiagramBeanConfig.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/diagram/ElkDiagramRendererTest.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/DiagramRenderControllerIT.java
   modified:
-    - cameleer3-server-app/pom.xml
+    - cameleer-server-app/pom.xml
 
 key-decisions:
   - "Used ELK layered algorithm with top-to-bottom direction for route diagram layout"
@@ -78,16 +78,16 @@ Each task was committed atomically:
 2. **Task 2: Implement ElkDiagramRenderer, DiagramRenderController, and integration tests** - `c1bc32d` (feat, TDD)
 
 ## Files Created/Modified
-- `cameleer3-server-core/.../diagram/DiagramRenderer.java` - Renderer interface with renderSvg and layoutJson
-- `cameleer3-server-core/.../diagram/DiagramLayout.java` - Layout record (width, height, nodes, edges)
-- `cameleer3-server-core/.../diagram/PositionedNode.java` - Node record with position, dimensions, children
-- `cameleer3-server-core/.../diagram/PositionedEdge.java` - Edge record with waypoints
-- `cameleer3-server-app/.../diagram/ElkDiagramRenderer.java` - ELK + JFreeSVG implementation (~400 lines)
-- `cameleer3-server-app/.../controller/DiagramRenderController.java` - GET /api/v1/diagrams/{hash}/render
-- `cameleer3-server-app/.../config/DiagramBeanConfig.java` - Spring bean wiring for DiagramRenderer
-- `cameleer3-server-app/pom.xml` - Added ELK, JFreeSVG, xtext dependencies
-- `cameleer3-server-app/.../diagram/ElkDiagramRendererTest.java` - 11 unit tests
-- `cameleer3-server-app/.../controller/DiagramRenderControllerIT.java` - 4 integration tests
+- `cameleer-server-core/.../diagram/DiagramRenderer.java` - Renderer interface with renderSvg and layoutJson
+- `cameleer-server-core/.../diagram/DiagramLayout.java` - Layout record (width, height, nodes, edges)
+- `cameleer-server-core/.../diagram/PositionedNode.java` - Node record with position, dimensions, children
+- `cameleer-server-core/.../diagram/PositionedEdge.java` - Edge record with waypoints
+- `cameleer-server-app/.../diagram/ElkDiagramRenderer.java` - ELK + JFreeSVG implementation (~400 lines)
+- `cameleer-server-app/.../controller/DiagramRenderController.java` - GET /api/v1/diagrams/{hash}/render
+- `cameleer-server-app/.../config/DiagramBeanConfig.java` - Spring bean wiring for DiagramRenderer
+- `cameleer-server-app/pom.xml` - Added ELK, JFreeSVG, xtext dependencies
+- `cameleer-server-app/.../diagram/ElkDiagramRendererTest.java` - 11 unit tests
+- `cameleer-server-app/.../controller/DiagramRenderControllerIT.java` - 4 integration tests
 
 ## Decisions Made
 - Used ELK layered algorithm (org.eclipse.elk.alg.layered) -- well-maintained, supports compound nodes natively
@@ -104,7 +104,7 @@ Each task was committed atomically:
 - **Found during:** Task 2 (ElkDiagramRenderer implementation)
 - **Issue:** ELK 0.11.0 LayeredMetaDataProvider references org.eclipse.xtext.xbase.lib.CollectionLiterals at class initialization, causing NoClassDefFoundError
 - **Fix:** Added org.eclipse.xtext:org.eclipse.xtext.xbase.lib:2.37.0 dependency to app pom.xml
-- **Files modified:** cameleer3-server-app/pom.xml
+- **Files modified:** cameleer-server-app/pom.xml
 - **Verification:** All unit tests pass after adding dependency
 - **Committed in:** c1bc32d (Task 2 commit)
 
@@ -119,7 +119,7 @@ Each task was committed atomically:
 **3. [Rule 1 - Bug] Adapted to actual NodeType enum naming (EIP_ prefix)**
 - **Found during:** Task 2 (ElkDiagramRenderer implementation)
 - **Issue:** Plan referenced CHOICE, SPLIT etc. but actual enum values are EIP_CHOICE, EIP_SPLIT etc.
-- **Fix:** Used correct enum names from decompiled cameleer3-common jar in all color mapping sets
+- **Fix:** Used correct enum names from decompiled cameleer-common jar in all color mapping sets
 - **Files modified:** ElkDiagramRenderer.java
 - **Verification:** Unit tests verify correct colors for endpoint and processor nodes
 - **Committed in:** c1bc32d (Task 2 commit)

.planning/phases/02-transaction-search-diagrams/02-03-PLAN.md

@@ -6,14 +6,14 @@ wave: 2
 depends_on:
   - "02-01"
 files_modified:
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/search/ClickHouseSearchEngine.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/SearchController.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/DetailController.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/SearchBeanConfig.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/SearchControllerIT.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/DetailControllerIT.java
-  - cameleer3-server-core/src/test/java/com/cameleer3/server/core/detail/TreeReconstructionTest.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/search/ClickHouseSearchEngine.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/SearchController.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/DetailController.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/config/SearchBeanConfig.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/SearchControllerIT.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/DetailControllerIT.java
+  - cameleer-server-core/src/test/java/com/cameleer/server/core/detail/TreeReconstructionTest.java
 autonomous: true
 requirements:
   - SRCH-01
@@ -35,16 +35,16 @@ must_haves:
     - "Detail response includes diagramContentHash for linking to diagram endpoint"
     - "Search results are paginated with total count, offset, and limit"
   artifacts:
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/search/ClickHouseSearchEngine.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/search/ClickHouseSearchEngine.java"
       provides: "ClickHouse implementation of SearchEngine with dynamic WHERE building"
       min_lines: 80
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/SearchController.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/controller/SearchController.java"
       provides: "GET + POST /api/v1/search/executions endpoints"
       exports: ["SearchController"]
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/DetailController.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/controller/DetailController.java"
       provides: "GET /api/v1/executions/{id} endpoint returning nested tree"
       exports: ["DetailController"]
-    - path: "cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/SearchControllerIT.java"
+    - path: "cameleer-server-app/src/test/java/com/cameleer/server/app/controller/SearchControllerIT.java"
       provides: "Integration tests for all search filter combinations"
       min_lines: 100
   key_links:
@@ -92,13 +92,13 @@ Output: SearchController (GET + POST), DetailController, ClickHouseSearchEngine,
 
 @clickhouse/init/01-schema.sql
 @clickhouse/init/02-search-columns.sql
-@cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java
-@cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/ExecutionController.java
+@cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java
+@cameleer-server-app/src/main/java/com/cameleer/server/app/controller/ExecutionController.java
 
 <interfaces>
 <!-- Core types created by Plan 01 — executor reads these from plan 01 SUMMARY -->
 
-From cameleer3-server-core/.../search/SearchEngine.java:
+From cameleer-server-core/.../search/SearchEngine.java:
 ```java
 public interface SearchEngine {
     SearchResult<ExecutionSummary> search(SearchRequest request);
@@ -106,7 +106,7 @@ public interface SearchEngine {
 }
 ```
 
-From cameleer3-server-core/.../search/SearchRequest.java:
+From cameleer-server-core/.../search/SearchRequest.java:
 ```java
 public record SearchRequest(
     String status,          // nullable, filter by ExecutionStatus name
@@ -124,14 +124,14 @@ public record SearchRequest(
 ) { /* compact constructor with validation */ }
 ```
 
-From cameleer3-server-core/.../search/SearchResult.java:
+From cameleer-server-core/.../search/SearchResult.java:
 ```java
 public record SearchResult<T>(List<T> data, long total, int offset, int limit) {
     public static <T> SearchResult<T> empty(int offset, int limit);
 }
 ```
 
-From cameleer3-server-core/.../search/ExecutionSummary.java:
+From cameleer-server-core/.../search/ExecutionSummary.java:
 ```java
 public record ExecutionSummary(
     String executionId, String routeId, String agentId, String status,
@@ -140,7 +140,7 @@ public record ExecutionSummary(
 ) {}
 ```
 
-From cameleer3-server-core/.../detail/DetailService.java:
+From cameleer-server-core/.../detail/DetailService.java:
 ```java
 public class DetailService {
     // Constructor takes ExecutionRepository (or a query interface)
@@ -149,7 +149,7 @@ public class DetailService {
 }
 ```
 
-From cameleer3-server-core/.../detail/ExecutionDetail.java:
+From cameleer-server-core/.../detail/ExecutionDetail.java:
 ```java
 public record ExecutionDetail(
     String executionId, String routeId, String agentId, String status,
@@ -160,7 +160,7 @@ public record ExecutionDetail(
 ) {}
 ```
 
-From cameleer3-server-core/.../detail/ProcessorNode.java:
+From cameleer-server-core/.../detail/ProcessorNode.java:
 ```java
 public record ProcessorNode(
     String processorId, String processorType, String status,
@@ -201,10 +201,10 @@ Established controller pattern (from Phase 1):
 <task type="auto" tdd="true">
   <name>Task 1: ClickHouseSearchEngine, SearchController, and search integration tests</name>
   <files>
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/search/ClickHouseSearchEngine.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/SearchController.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/SearchBeanConfig.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/SearchControllerIT.java
+    cameleer-server-app/src/main/java/com/cameleer/server/app/search/ClickHouseSearchEngine.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/controller/SearchController.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/config/SearchBeanConfig.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/SearchControllerIT.java
   </files>
   <behavior>
     - Test searchByStatus: Insert 3 executions (COMPLETED, FAILED, RUNNING). GET /api/v1/search/executions?status=FAILED returns only the FAILED execution. Response has envelope: {"data":[...],"total":1,"offset":0,"limit":50}
@@ -221,7 +221,7 @@ Established controller pattern (from Phase 1):
     - Test emptyResults: Search with no matches returns {"data":[],"total":0,"offset":0,"limit":50}
   </behavior>
   <action>
-    1. Create `ClickHouseSearchEngine` in `com.cameleer3.server.app.search`:
+    1. Create `ClickHouseSearchEngine` in `com.cameleer.server.app.search`:
        - Implements SearchEngine interface from core module.
        - Constructor takes JdbcTemplate.
        - `search(SearchRequest)` method:
@@ -244,13 +244,13 @@ Established controller pattern (from Phase 1):
        - `escapeLike(String)` utility: escape `%`, `_`, `\` characters in user input to prevent LIKE injection. Replace `\` with `\\`, `%` with `\%`, `_` with `\_`.
        - `count(SearchRequest)` method: same WHERE building, just count query.
 
-    2. Create `SearchBeanConfig` in `com.cameleer3.server.app.config`:
+    2. Create `SearchBeanConfig` in `com.cameleer.server.app.config`:
        - @Configuration class that creates:
          - `ClickHouseSearchEngine` bean (takes JdbcTemplate)
          - `SearchService` bean (takes SearchEngine)
          - `DetailService` bean (takes the execution query interface from Plan 01)
 
-    3. Create `SearchController` in `com.cameleer3.server.app.controller`:
+    3. Create `SearchController` in `com.cameleer.server.app.controller`:
        - Inject SearchService.
        - `GET /api/v1/search/executions` with @RequestParam for basic filters:
          - status (optional String)
@@ -274,7 +274,7 @@ Established controller pattern (from Phase 1):
        - Assert response structure matches the envelope format.
   </action>
   <verify>
-    <automated>cd C:/Users/Hendrik/Documents/projects/cameleer3-server && mvn test -pl cameleer3-server-app -Dtest=SearchControllerIT</automated>
+    <automated>cd C:/Users/Hendrik/Documents/projects/cameleer-server && mvn test -pl cameleer-server-app -Dtest=SearchControllerIT</automated>
   </verify>
   <done>All search filter types work independently and in combination, response envelope has correct format, pagination works correctly, full-text search finds matches in all text fields, LIKE patterns are properly escaped</done>
 </task>
@@ -282,10 +282,10 @@ Established controller pattern (from Phase 1):
 <task type="auto" tdd="true">
   <name>Task 2: DetailController, tree reconstruction, exchange snapshot endpoint, and integration tests</name>
   <files>
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/DetailController.java,
-    cameleer3-server-core/src/test/java/com/cameleer3/server/core/detail/TreeReconstructionTest.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/DetailControllerIT.java
+    cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/controller/DetailController.java,
+    cameleer-server-core/src/test/java/com/cameleer/server/core/detail/TreeReconstructionTest.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/DetailControllerIT.java
   </files>
   <behavior>
     - Unit test: reconstructTree with [root, child, grandchild], depths=[0,1,2], parents=[-1,0,1] produces single root with one child that has one grandchild
@@ -308,7 +308,7 @@ Established controller pattern (from Phase 1):
        - Add `findRawById(String executionId)` method that queries all columns from route_executions WHERE execution_id = ?. Return Optional<RawExecutionRow> (use the record created in Plan 01 or create it here if needed). The RawExecutionRow should contain ALL columns including the parallel arrays for processors.
        - Add `findProcessorSnapshot(String executionId, int processorIndex)` method: queries processor_input_bodies[index+1], processor_output_bodies[index+1], processor_input_headers[index+1], processor_output_headers[index+1] for the given execution. Returns a DTO with inputBody, outputBody, inputHeaders, outputHeaders. ClickHouse arrays are 1-indexed in SQL, so add 1 to the Java 0-based index.
 
-    3. Create `DetailController` in `com.cameleer3.server.app.controller`:
+    3. Create `DetailController` in `com.cameleer.server.app.controller`:
        - Inject DetailService.
        - `GET /api/v1/executions/{executionId}`: call detailService.getDetail(executionId). If empty, return 404. Otherwise return 200 with ExecutionDetail JSON. The processors field is a nested tree of ProcessorNode objects.
        - `GET /api/v1/executions/{executionId}/processors/{index}/snapshot`: call repository's findProcessorSnapshot. If execution not found or index out of bounds, return 404. Return JSON with inputBody, outputBody, inputHeaders, outputHeaders. Per user decision: exchange snapshot data fetched separately per processor, not inlined in detail response.
@@ -323,7 +323,7 @@ Established controller pattern (from Phase 1):
        - Test GET /api/v1/executions/{id}/processors/999/snapshot: returns 404 for out-of-bounds index.
   </action>
   <verify>
-    <automated>cd C:/Users/Hendrik/Documents/projects/cameleer3-server && mvn test -pl cameleer3-server-core -Dtest=TreeReconstructionTest && mvn test -pl cameleer3-server-app -Dtest=DetailControllerIT</automated>
+    <automated>cd C:/Users/Hendrik/Documents/projects/cameleer-server && mvn test -pl cameleer-server-core -Dtest=TreeReconstructionTest && mvn test -pl cameleer-server-app -Dtest=DetailControllerIT</automated>
   </verify>
   <done>Tree reconstruction correctly rebuilds nested processor trees from flat arrays, detail endpoint returns nested tree with all fields, snapshot endpoint returns per-processor exchange data, diagram hash included in detail response, all tests pass</done>
 </task>
@@ -331,9 +331,9 @@ Established controller pattern (from Phase 1):
 </tasks>
 
 <verification>
-- `mvn test -pl cameleer3-server-core -Dtest=TreeReconstructionTest` passes (unit test for tree rebuild)
-- `mvn test -pl cameleer3-server-app -Dtest=SearchControllerIT` passes (all search filters)
-- `mvn test -pl cameleer3-server-app -Dtest=DetailControllerIT` passes (detail + snapshot)
+- `mvn test -pl cameleer-server-core -Dtest=TreeReconstructionTest` passes (unit test for tree rebuild)
+- `mvn test -pl cameleer-server-app -Dtest=SearchControllerIT` passes (all search filters)
+- `mvn test -pl cameleer-server-app -Dtest=DetailControllerIT` passes (detail + snapshot)
 - `mvn clean verify` passes (full suite green)
 </verification>
 

.planning/phases/02-transaction-search-diagrams/02-03-SUMMARY.md

@@ -21,16 +21,16 @@ tech-stack:
 
 key-files:
   created:
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/search/ClickHouseSearchEngine.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/SearchController.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/DetailController.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/SearchBeanConfig.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/SearchControllerIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/DetailControllerIT.java
-    - cameleer3-server-core/src/test/java/com/cameleer3/server/core/detail/TreeReconstructionTest.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/search/ClickHouseSearchEngine.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/SearchController.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/DetailController.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/config/SearchBeanConfig.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/SearchControllerIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/DetailControllerIT.java
+    - cameleer-server-core/src/test/java/com/cameleer/server/core/detail/TreeReconstructionTest.java
   modified:
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java
-    - cameleer3-server-core/pom.xml
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java
+    - cameleer-server-core/pom.xml
 
 key-decisions:
   - "Search tests use correlationId scoping and >= assertions for shared ClickHouse isolation"
@@ -77,15 +77,15 @@ Each task was committed atomically:
 3. **Task 2 fix: Test isolation for shared ClickHouse** - `079dce5` (fix)
 
 ## Files Created/Modified
-- `cameleer3-server-app/.../search/ClickHouseSearchEngine.java` - Dynamic SQL search with LIKE escape, implements SearchEngine
-- `cameleer3-server-app/.../controller/SearchController.java` - GET + POST /api/v1/search/executions endpoints
-- `cameleer3-server-app/.../controller/DetailController.java` - GET /api/v1/executions/{id} and processor snapshot endpoints
-- `cameleer3-server-app/.../config/SearchBeanConfig.java` - Wires SearchEngine, SearchService, DetailService beans
-- `cameleer3-server-app/.../storage/ClickHouseExecutionRepository.java` - Added findRawById, findProcessorSnapshot, array extraction helpers
-- `cameleer3-server-app/.../controller/SearchControllerIT.java` - 13 integration tests for search
-- `cameleer3-server-app/.../controller/DetailControllerIT.java` - 6 integration tests for detail/snapshot
-- `cameleer3-server-core/.../detail/TreeReconstructionTest.java` - 5 unit tests for tree reconstruction
-- `cameleer3-server-core/pom.xml` - Added assertj and mockito test dependencies
+- `cameleer-server-app/.../search/ClickHouseSearchEngine.java` - Dynamic SQL search with LIKE escape, implements SearchEngine
+- `cameleer-server-app/.../controller/SearchController.java` - GET + POST /api/v1/search/executions endpoints
+- `cameleer-server-app/.../controller/DetailController.java` - GET /api/v1/executions/{id} and processor snapshot endpoints
+- `cameleer-server-app/.../config/SearchBeanConfig.java` - Wires SearchEngine, SearchService, DetailService beans
+- `cameleer-server-app/.../storage/ClickHouseExecutionRepository.java` - Added findRawById, findProcessorSnapshot, array extraction helpers
+- `cameleer-server-app/.../controller/SearchControllerIT.java` - 13 integration tests for search
+- `cameleer-server-app/.../controller/DetailControllerIT.java` - 6 integration tests for detail/snapshot
+- `cameleer-server-core/.../detail/TreeReconstructionTest.java` - 5 unit tests for tree reconstruction
+- `cameleer-server-core/pom.xml` - Added assertj and mockito test dependencies
 
 ## Decisions Made
 - Search tests use correlationId scoping and >= assertions to remain stable when other test classes seed data in the shared ClickHouse container
@@ -99,8 +99,8 @@ Each task was committed atomically:
 **1. [Rule 3 - Blocking] Added assertj and mockito test dependencies to core module**
 - **Found during:** Task 2 (TreeReconstructionTest compilation)
 - **Issue:** Core module only had JUnit Jupiter as test dependency, TreeReconstructionTest needed assertj for assertions and mockito for mock(ExecutionRepository.class)
-- **Fix:** Added assertj-core and mockito-core test-scoped dependencies to cameleer3-server-core/pom.xml
-- **Files modified:** cameleer3-server-core/pom.xml
+- **Fix:** Added assertj-core and mockito-core test-scoped dependencies to cameleer-server-core/pom.xml
+- **Files modified:** cameleer-server-core/pom.xml
 - **Committed in:** 0615a98 (Task 2 commit)
 
 **2. [Rule 1 - Bug] Fixed search tests failing with shared ClickHouse data**

.planning/phases/02-transaction-search-diagrams/02-04-PLAN.md

@@ -5,9 +5,9 @@ type: execute
 wave: 1
 depends_on: ["02-01", "02-02", "02-03"]
 files_modified:
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java
-  - cameleer3-server-app/pom.xml
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/storage/DiagramLinkingIT.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java
+  - cameleer-server-app/pom.xml
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/storage/DiagramLinkingIT.java
 autonomous: true
 gap_closure: true
 requirements: ["DIAG-02"]
@@ -17,13 +17,13 @@ must_haves:
     - "Each transaction links to the RouteGraph version that was active at execution time"
     - "Full test suite passes with mvn clean verify (no classloader failures)"
   artifacts:
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java"
       provides: "Diagram hash lookup during batch insert"
       contains: "findContentHashForRoute"
-    - path: "cameleer3-server-app/pom.xml"
+    - path: "cameleer-server-app/pom.xml"
       provides: "Surefire fork configuration isolating ELK classloader"
       contains: "reuseForks"
-    - path: "cameleer3-server-app/src/test/java/com/cameleer3/server/app/storage/DiagramLinkingIT.java"
+    - path: "cameleer-server-app/src/test/java/com/cameleer/server/app/storage/DiagramLinkingIT.java"
       provides: "Integration test proving diagram hash is stored during ingestion"
   key_links:
     - from: "ClickHouseExecutionRepository"
@@ -57,18 +57,18 @@ Prior plan summaries (needed — touches same files):
 <interfaces>
 <!-- Key types and contracts the executor needs. -->
 
-From cameleer3-server-core/.../storage/DiagramRepository.java:
+From cameleer-server-core/.../storage/DiagramRepository.java:
 ```java
 Optional<String> findContentHashForRoute(String routeId, String agentId);
 ```
 
-From cameleer3-server-app/.../storage/ClickHouseExecutionRepository.java (line 141):
+From cameleer-server-app/.../storage/ClickHouseExecutionRepository.java (line 141):
 ```java
 ps.setString(col++, "");  // diagram_content_hash (wired later)
 ```
 The class is @Repository annotated, constructor takes JdbcTemplate only. It needs DiagramRepository injected to perform the lookup.
 
-From cameleer3-server-app/.../storage/ClickHouseDiagramRepository.java:
+From cameleer-server-app/.../storage/ClickHouseDiagramRepository.java:
 ```java
 @Repository
 public class ClickHouseDiagramRepository implements DiagramRepository {
@@ -83,9 +83,9 @@ public class ClickHouseDiagramRepository implements DiagramRepository {
 <task type="auto" tdd="true">
   <name>Task 1: Populate diagram_content_hash during ingestion and fix Surefire forks</name>
   <files>
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java,
-    cameleer3-server-app/pom.xml,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/storage/DiagramLinkingIT.java
+    cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java,
+    cameleer-server-app/pom.xml,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/storage/DiagramLinkingIT.java
   </files>
   <behavior>
     - Test 1: When a RouteGraph is ingested before a RouteExecution for the same routeId+agentId, the execution's diagram_content_hash column contains the SHA-256 hash of the diagram (not empty string)
@@ -117,7 +117,7 @@ public class ClickHouseDiagramRepository implements DiagramRepository {
 
     **Gap 2 — Surefire classloader isolation:**
 
-    5. In `cameleer3-server-app/pom.xml`, add a `<build><plugins>` section (after the existing `spring-boot-maven-plugin`) with `maven-surefire-plugin` configuration:
+    5. In `cameleer-server-app/pom.xml`, add a `<build><plugins>` section (after the existing `spring-boot-maven-plugin`) with `maven-surefire-plugin` configuration:
        ```xml
        <plugin>
            <groupId>org.apache.maven.plugins</groupId>
@@ -131,12 +131,12 @@ public class ClickHouseDiagramRepository implements DiagramRepository {
        This forces Surefire to fork a fresh JVM for each test class, isolating ELK's static initializer (LayeredMetaDataProvider + xtext CollectionLiterals) from Spring Boot's classloader. Trade-off: slightly slower test execution, but correct results.
   </action>
   <verify>
-    <automated>cd C:/Users/Hendrik/Documents/projects/cameleer3-server && mvn clean verify -pl cameleer3-server-app -am 2>&1 | tail -30</automated>
+    <automated>cd C:/Users/Hendrik/Documents/projects/cameleer-server && mvn clean verify -pl cameleer-server-app -am 2>&1 | tail -30</automated>
   </verify>
   <done>
     - diagram_content_hash is populated with the active diagram's SHA-256 hash during ingestion (not empty string)
     - DiagramLinkingIT passes with both positive and negative cases
-    - `mvn clean verify` passes for cameleer3-server-app (no classloader failures from ElkDiagramRendererTest)
+    - `mvn clean verify` passes for cameleer-server-app (no classloader failures from ElkDiagramRendererTest)
   </done>
 </task>
 

.planning/phases/02-transaction-search-diagrams/02-04-SUMMARY.md

@@ -20,12 +20,12 @@ tech-stack:
 
 key-files:
   created:
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/storage/DiagramLinkingIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/storage/DiagramLinkingIT.java
   modified:
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java
-    - cameleer3-server-app/pom.xml
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/storage/IngestionSchemaIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/SearchControllerIT.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java
+    - cameleer-server-app/pom.xml
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/storage/IngestionSchemaIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/SearchControllerIT.java
 
 key-decisions:
   - "DiagramRepository injected via constructor into ClickHouseExecutionRepository for diagram hash lookup during batch insert"
@@ -69,11 +69,11 @@ Each task was committed atomically:
 **Plan metadata:** (pending)
 
 ## Files Created/Modified
-- `cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java` - Added DiagramRepository injection, diagram hash lookup in insertBatch
-- `cameleer3-server-app/pom.xml` - Added maven-surefire-plugin and maven-failsafe-plugin with reuseForks=false
-- `cameleer3-server-app/src/test/java/com/cameleer3/server/app/storage/DiagramLinkingIT.java` - Integration test for diagram hash linking
-- `cameleer3-server-app/src/test/java/com/cameleer3/server/app/storage/IngestionSchemaIT.java` - Added ignoreExceptions + increased timeouts
-- `cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/SearchControllerIT.java` - Adjusted pagination assertion count
+- `cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java` - Added DiagramRepository injection, diagram hash lookup in insertBatch
+- `cameleer-server-app/pom.xml` - Added maven-surefire-plugin and maven-failsafe-plugin with reuseForks=false
+- `cameleer-server-app/src/test/java/com/cameleer/server/app/storage/DiagramLinkingIT.java` - Integration test for diagram hash linking
+- `cameleer-server-app/src/test/java/com/cameleer/server/app/storage/IngestionSchemaIT.java` - Added ignoreExceptions + increased timeouts
+- `cameleer-server-app/src/test/java/com/cameleer/server/app/controller/SearchControllerIT.java` - Adjusted pagination assertion count
 
 ## Decisions Made
 - DiagramRepository injected via constructor into ClickHouseExecutionRepository -- both are @Repository Spring beans, so constructor injection autowires cleanly

.planning/phases/02-transaction-search-diagrams/02-CONTEXT.md

@@ -44,7 +44,7 @@ Users can find any transaction by status, time, duration, correlation ID, or con
 - No execution overlay in server-rendered SVG — the UI handles overlay with theme support (dark/light)
 - Top-to-bottom node layout flow
 - Nested processors (inside for-each, split, try-catch) rendered in swimlanes to highlight nesting/scope
-- Reference: cameleer3 agent repo `examples/route-diagram-example.html` for visual style inspiration (color-coded node types, EIP icons)
+- Reference: cameleer agent repo `examples/route-diagram-example.html` for visual style inspiration (color-coded node types, EIP icons)
 
 ### Claude's Discretion
 - Pagination implementation details (offset/limit vs cursor)
@@ -58,7 +58,7 @@ Users can find any transaction by status, time, duration, correlation ID, or con
 <specifics>
 ## Specific Ideas
 
-- "We want a cmd+k type of search in the UI" — see `cameleer3/examples/cmd-k-search-example.html` for the target UX. Key features:
+- "We want a cmd+k type of search in the UI" — see `cameleer/examples/cmd-k-search-example.html` for the target UX. Key features:
   - Cross-entity search: single query hits Executions, Routes, Exchanges, Agents with scope tabs and counts
   - Filter chips in the input (e.g., `route:order` prefix filtering)
   - Inline preview pane with JSON syntax highlighting for selected result

.planning/phases/02-transaction-search-diagrams/02-RESEARCH.md

@@ -112,7 +112,7 @@ The existing Phase 1 code provides a solid foundation: `ClickHouseExecutionRepos
 
 ### Recommended Project Structure (additions for Phase 2)
 ```
-cameleer3-server-core/src/main/java/com/cameleer3/server/core/
+cameleer-server-core/src/main/java/com/cameleer/server/core/
 ├── search/
 │   ├── SearchService.java              # Orchestrates search, delegates to SearchEngine
 │   ├── SearchEngine.java               # Interface for search backends (ClickHouse now, OpenSearch later)
@@ -127,7 +127,7 @@ cameleer3-server-core/src/main/java/com/cameleer3/server/core/
     ├── ExecutionRepository.java         # Extended with query methods
     └── DiagramRepository.java           # Extended with lookup methods
 
-cameleer3-server-app/src/main/java/com/cameleer3/server/app/
+cameleer-server-app/src/main/java/com/cameleer/server/app/
 ├── controller/
 │   ├── SearchController.java           # GET + POST /api/v1/search/executions
 │   ├── DetailController.java           # GET /api/v1/executions/{id}
@@ -517,25 +517,25 @@ private void populateExchangeColumns(PreparedStatement ps, List<FlatProcessor> p
 | Property | Value |
 |----------|-------|
 | Framework | JUnit 5 + Spring Boot Test + Testcontainers ClickHouse 25.3 |
-| Config file | cameleer3-server-app/pom.xml (testcontainers dep), AbstractClickHouseIT base class |
-| Quick run command | `mvn test -pl cameleer3-server-app -Dtest=SearchControllerIT -Dfailsafe.skip=true` |
+| Config file | cameleer-server-app/pom.xml (testcontainers dep), AbstractClickHouseIT base class |
+| Quick run command | `mvn test -pl cameleer-server-app -Dtest=SearchControllerIT -Dfailsafe.skip=true` |
 | Full suite command | `mvn clean verify` |
 
 ### Phase Requirements -> Test Map
 | Req ID | Behavior | Test Type | Automated Command | File Exists? |
 |--------|----------|-----------|-------------------|-------------|
-| SRCH-01 | Filter by status returns matching executions | integration | `mvn test -pl cameleer3-server-app -Dtest=SearchControllerIT#searchByStatus` | No -- Wave 0 |
-| SRCH-02 | Filter by time range returns matching executions | integration | `mvn test -pl cameleer3-server-app -Dtest=SearchControllerIT#searchByTimeRange` | No -- Wave 0 |
-| SRCH-03 | Filter by duration range returns matching | integration | `mvn test -pl cameleer3-server-app -Dtest=SearchControllerIT#searchByDuration` | No -- Wave 0 |
-| SRCH-04 | Filter by correlationId returns correlated | integration | `mvn test -pl cameleer3-server-app -Dtest=SearchControllerIT#searchByCorrelationId` | No -- Wave 0 |
-| SRCH-05 | Full-text search across bodies/headers/errors | integration | `mvn test -pl cameleer3-server-app -Dtest=SearchControllerIT#fullTextSearch` | No -- Wave 0 |
-| SRCH-06 | Detail returns nested processor tree | integration | `mvn test -pl cameleer3-server-app -Dtest=DetailControllerIT#detailReturnsNestedTree` | No -- Wave 0 |
-| DIAG-01 | Content-hash dedup stores identical defs once | integration | `mvn test -pl cameleer3-server-app -Dtest=DiagramControllerIT#contentHashDedup` | Partial (ingestion test exists) |
-| DIAG-02 | Transaction links to active diagram version | integration | `mvn test -pl cameleer3-server-app -Dtest=DetailControllerIT#detailIncludesDiagramHash` | No -- Wave 0 |
-| DIAG-03 | Diagram rendered as SVG or JSON layout | integration | `mvn test -pl cameleer3-server-app -Dtest=DiagramRenderControllerIT#renderSvg` | No -- Wave 0 |
+| SRCH-01 | Filter by status returns matching executions | integration | `mvn test -pl cameleer-server-app -Dtest=SearchControllerIT#searchByStatus` | No -- Wave 0 |
+| SRCH-02 | Filter by time range returns matching executions | integration | `mvn test -pl cameleer-server-app -Dtest=SearchControllerIT#searchByTimeRange` | No -- Wave 0 |
+| SRCH-03 | Filter by duration range returns matching | integration | `mvn test -pl cameleer-server-app -Dtest=SearchControllerIT#searchByDuration` | No -- Wave 0 |
+| SRCH-04 | Filter by correlationId returns correlated | integration | `mvn test -pl cameleer-server-app -Dtest=SearchControllerIT#searchByCorrelationId` | No -- Wave 0 |
+| SRCH-05 | Full-text search across bodies/headers/errors | integration | `mvn test -pl cameleer-server-app -Dtest=SearchControllerIT#fullTextSearch` | No -- Wave 0 |
+| SRCH-06 | Detail returns nested processor tree | integration | `mvn test -pl cameleer-server-app -Dtest=DetailControllerIT#detailReturnsNestedTree` | No -- Wave 0 |
+| DIAG-01 | Content-hash dedup stores identical defs once | integration | `mvn test -pl cameleer-server-app -Dtest=DiagramControllerIT#contentHashDedup` | Partial (ingestion test exists) |
+| DIAG-02 | Transaction links to active diagram version | integration | `mvn test -pl cameleer-server-app -Dtest=DetailControllerIT#detailIncludesDiagramHash` | No -- Wave 0 |
+| DIAG-03 | Diagram rendered as SVG or JSON layout | integration | `mvn test -pl cameleer-server-app -Dtest=DiagramRenderControllerIT#renderSvg` | No -- Wave 0 |
 
 ### Sampling Rate
-- **Per task commit:** `mvn test -pl cameleer3-server-app -Dtest=<relevant>IT`
+- **Per task commit:** `mvn test -pl cameleer-server-app -Dtest=<relevant>IT`
 - **Per wave merge:** `mvn clean verify`
 - **Phase gate:** Full suite green before `/gsd:verify-work`
 
@@ -551,7 +551,7 @@ private void populateExchangeColumns(PreparedStatement ps, List<FlatProcessor> p
 
 ### Primary (HIGH confidence)
 - ClickHouse JDBC 0.9.7, ClickHouse 25.3 -- verified from project pom.xml and AbstractClickHouseIT
-- cameleer3-common 1.0-SNAPSHOT JAR -- decompiled to verify RouteGraph, RouteNode, RouteEdge, NodeType, ProcessorExecution, ExchangeSnapshot field structures
+- cameleer-common 1.0-SNAPSHOT JAR -- decompiled to verify RouteGraph, RouteNode, RouteEdge, NodeType, ProcessorExecution, ExchangeSnapshot field structures
 - Existing Phase 1 codebase -- ClickHouseExecutionRepository, ClickHouseDiagramRepository, schema, test patterns
 
 ### Secondary (MEDIUM confidence)

.planning/phases/02-transaction-search-diagrams/02-VALIDATION.md

@@ -18,8 +18,8 @@ created: 2026-03-11
 | Property | Value |
 |----------|-------|
 | **Framework** | JUnit 5 + Spring Boot Test + Testcontainers ClickHouse 25.3 |
-| **Config file** | cameleer3-server-app/pom.xml (testcontainers dep), AbstractClickHouseIT base class |
-| **Quick run command** | `mvn test -pl cameleer3-server-app -Dtest=SearchControllerIT` |
+| **Config file** | cameleer-server-app/pom.xml (testcontainers dep), AbstractClickHouseIT base class |
+| **Quick run command** | `mvn test -pl cameleer-server-app -Dtest=SearchControllerIT` |
 | **Full suite command** | `mvn clean verify` |
 | **Estimated runtime** | ~45 seconds |
 
@@ -27,7 +27,7 @@ created: 2026-03-11
 
 ## Sampling Rate
 
-- **After every task commit:** Run `mvn test -pl cameleer3-server-app -Dtest=<relevant>IT`
+- **After every task commit:** Run `mvn test -pl cameleer-server-app -Dtest=<relevant>IT`
 - **After every plan wave:** Run `mvn clean verify`
 - **Before `/gsd:verify-work`:** Full suite must be green
 - **Max feedback latency:** 45 seconds
@@ -38,15 +38,15 @@ created: 2026-03-11
 
 | Task ID | Plan | Wave | Requirement | Test Type | Automated Command | File Exists | Status |
 |---------|------|------|-------------|-----------|-------------------|-------------|--------|
-| 02-01-01 | 01 | 1 | SRCH-01 | integration | `mvn test -pl cameleer3-server-app -Dtest=SearchControllerIT#searchByStatus` | ❌ W0 | ⬜ pending |
-| 02-01-02 | 01 | 1 | SRCH-02 | integration | `mvn test -pl cameleer3-server-app -Dtest=SearchControllerIT#searchByTimeRange` | ❌ W0 | ⬜ pending |
-| 02-01-03 | 01 | 1 | SRCH-03 | integration | `mvn test -pl cameleer3-server-app -Dtest=SearchControllerIT#searchByDuration` | ❌ W0 | ⬜ pending |
-| 02-01-04 | 01 | 1 | SRCH-04 | integration | `mvn test -pl cameleer3-server-app -Dtest=SearchControllerIT#searchByCorrelationId` | ❌ W0 | ⬜ pending |
-| 02-01-05 | 01 | 1 | SRCH-05 | integration | `mvn test -pl cameleer3-server-app -Dtest=SearchControllerIT#fullTextSearch` | ❌ W0 | ⬜ pending |
-| 02-01-06 | 01 | 1 | SRCH-06 | integration | `mvn test -pl cameleer3-server-app -Dtest=DetailControllerIT#detailReturnsNestedTree` | ❌ W0 | ⬜ pending |
-| 02-02-01 | 02 | 1 | DIAG-01 | integration | `mvn test -pl cameleer3-server-app -Dtest=DiagramControllerIT#contentHashDedup` | Partial | ⬜ pending |
-| 02-02-02 | 02 | 1 | DIAG-02 | integration | `mvn test -pl cameleer3-server-app -Dtest=DetailControllerIT#detailIncludesDiagramHash` | ❌ W0 | ⬜ pending |
-| 02-02-03 | 02 | 1 | DIAG-03 | integration | `mvn test -pl cameleer3-server-app -Dtest=DiagramRenderControllerIT#renderSvg` | ❌ W0 | ⬜ pending |
+| 02-01-01 | 01 | 1 | SRCH-01 | integration | `mvn test -pl cameleer-server-app -Dtest=SearchControllerIT#searchByStatus` | ❌ W0 | ⬜ pending |
+| 02-01-02 | 01 | 1 | SRCH-02 | integration | `mvn test -pl cameleer-server-app -Dtest=SearchControllerIT#searchByTimeRange` | ❌ W0 | ⬜ pending |
+| 02-01-03 | 01 | 1 | SRCH-03 | integration | `mvn test -pl cameleer-server-app -Dtest=SearchControllerIT#searchByDuration` | ❌ W0 | ⬜ pending |
+| 02-01-04 | 01 | 1 | SRCH-04 | integration | `mvn test -pl cameleer-server-app -Dtest=SearchControllerIT#searchByCorrelationId` | ❌ W0 | ⬜ pending |
+| 02-01-05 | 01 | 1 | SRCH-05 | integration | `mvn test -pl cameleer-server-app -Dtest=SearchControllerIT#fullTextSearch` | ❌ W0 | ⬜ pending |
+| 02-01-06 | 01 | 1 | SRCH-06 | integration | `mvn test -pl cameleer-server-app -Dtest=DetailControllerIT#detailReturnsNestedTree` | ❌ W0 | ⬜ pending |
+| 02-02-01 | 02 | 1 | DIAG-01 | integration | `mvn test -pl cameleer-server-app -Dtest=DiagramControllerIT#contentHashDedup` | Partial | ⬜ pending |
+| 02-02-02 | 02 | 1 | DIAG-02 | integration | `mvn test -pl cameleer-server-app -Dtest=DetailControllerIT#detailIncludesDiagramHash` | ❌ W0 | ⬜ pending |
+| 02-02-03 | 02 | 1 | DIAG-03 | integration | `mvn test -pl cameleer-server-app -Dtest=DiagramRenderControllerIT#renderSvg` | ❌ W0 | ⬜ pending |
 
 *Status: ⬜ pending · ✅ green · ❌ red · ⚠️ flaky*
 

.planning/phases/02-transaction-search-diagrams/02-VERIFICATION.md

@@ -50,9 +50,9 @@ human_verification:
 
 | Artifact | Status | Notes |
 |----------|--------|-------|
-| `cameleer3-server-app/src/main/java/com/cameleer3/server/app/storage/ClickHouseExecutionRepository.java` | VERIFIED | DiagramRepository injected via constructor (line 59); `findContentHashForRoute` called in `setValues()` (lines 144–147); former `""` placeholder removed |
-| `cameleer3-server-app/pom.xml` | VERIFIED | `maven-surefire-plugin` with `forkCount=1` `reuseForks=false` at lines 95–100; `maven-failsafe-plugin` same config at lines 103–108 |
-| `cameleer3-server-app/src/test/java/com/cameleer3/server/app/storage/DiagramLinkingIT.java` | VERIFIED | 152 lines; 2 integration tests; positive case asserts 64-char hex hash; negative case asserts empty string; uses `ignoreExceptions()` for ClickHouse eventual consistency |
+| `cameleer-server-app/src/main/java/com/cameleer/server/app/storage/ClickHouseExecutionRepository.java` | VERIFIED | DiagramRepository injected via constructor (line 59); `findContentHashForRoute` called in `setValues()` (lines 144–147); former `""` placeholder removed |
+| `cameleer-server-app/pom.xml` | VERIFIED | `maven-surefire-plugin` with `forkCount=1` `reuseForks=false` at lines 95–100; `maven-failsafe-plugin` same config at lines 103–108 |
+| `cameleer-server-app/src/test/java/com/cameleer/server/app/storage/DiagramLinkingIT.java` | VERIFIED | 152 lines; 2 integration tests; positive case asserts 64-char hex hash; negative case asserts empty string; uses `ignoreExceptions()` for ClickHouse eventual consistency |
 
 ### Key Link Verification
 
@@ -62,7 +62,7 @@ human_verification:
 | `SearchController` | `SearchService` | constructor injection, `searchService.search()` | WIRED | Previously verified; no regression |
 | `DetailController` | `DetailService` | constructor injection, `detailService.getDetail()` | WIRED | Previously verified; no regression |
 | `DiagramRenderController` | `DiagramRepository` + `DiagramRenderer` | `findByContentHash()` + `renderSvg()`/`layoutJson()` | WIRED | Previously verified; no regression |
-| `Surefire/Failsafe` | ELK classloader isolation | `reuseForks=false` forces fresh JVM per test class | WIRED | Lines 95–116 in `cameleer3-server-app/pom.xml` |
+| `Surefire/Failsafe` | ELK classloader isolation | `reuseForks=false` forces fresh JVM per test class | WIRED | Lines 95–116 in `cameleer-server-app/pom.xml` |
 
 ### Requirements Coverage
 
@@ -108,7 +108,7 @@ Two blockers from the initial verification (2026-03-11T16:00:00Z) have been reso
 
 **Gap 1 resolved — DIAG-02 diagram hash linking:** `ClickHouseExecutionRepository` now injects `DiagramRepository` via constructor and calls `findContentHashForRoute(exec.getRouteId(), "")` in `insertBatch()`. Both the diagram store path and the execution ingest path use `agent_id=""` consistently, so the lookup is correct. `DiagramLinkingIT` provides integration test coverage for both the positive case (hash populated when diagram exists) and negative case (empty string when no diagram exists for the route).
 
-**Gap 2 resolved — Test suite stability:** Both `maven-surefire-plugin` and `maven-failsafe-plugin` in `cameleer3-server-app/pom.xml` are now configured with `forkCount=1` `reuseForks=false`. This forces a fresh JVM per test class, isolating ELK's `LayeredMetaDataProvider` static initializer from Spring Boot's classloader. The SUMMARY reports 51 tests, 0 failures. Test count across 16 test files totals 80 `@Test` methods; the difference from 51 reflects how Surefire/Failsafe counts parameterized and nested tests vs. raw annotation count.
+**Gap 2 resolved — Test suite stability:** Both `maven-surefire-plugin` and `maven-failsafe-plugin` in `cameleer-server-app/pom.xml` are now configured with `forkCount=1` `reuseForks=false`. This forces a fresh JVM per test class, isolating ELK's `LayeredMetaDataProvider` static initializer from Spring Boot's classloader. The SUMMARY reports 51 tests, 0 failures. Test count across 16 test files totals 80 `@Test` methods; the difference from 51 reflects how Surefire/Failsafe counts parameterized and nested tests vs. raw annotation count.
 
 No regressions were introduced. All 10 observable truths and all 9 phase requirements are now satisfied. Two items remain for human visual verification (SVG rendering correctness).
 

.planning/phases/03-agent-registry-sse-push/03-01-PLAN.md

@@ -5,21 +5,21 @@ type: execute
 wave: 1
 depends_on: []
 files_modified:
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/AgentInfo.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/AgentState.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/AgentCommand.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/CommandStatus.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/CommandType.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/AgentRegistryService.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/AgentEventListener.java
-  - cameleer3-server-core/src/test/java/com/cameleer3/server/core/agent/AgentRegistryServiceTest.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/AgentRegistryConfig.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/AgentRegistryBeanConfig.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/agent/AgentLifecycleMonitor.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentRegistrationController.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/Cameleer3ServerApplication.java
-  - cameleer3-server-app/src/main/resources/application.yml
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/AgentRegistrationControllerIT.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/agent/AgentInfo.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/agent/AgentState.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/agent/AgentCommand.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/agent/CommandStatus.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/agent/CommandType.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/agent/AgentRegistryService.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/agent/AgentEventListener.java
+  - cameleer-server-core/src/test/java/com/cameleer/server/core/agent/AgentRegistryServiceTest.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/config/AgentRegistryConfig.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/config/AgentRegistryBeanConfig.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/agent/AgentLifecycleMonitor.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentRegistrationController.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/CameleerServerApplication.java
+  - cameleer-server-app/src/main/resources/application.yml
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/AgentRegistrationControllerIT.java
 autonomous: true
 requirements:
   - AGNT-01
@@ -34,13 +34,13 @@ must_haves:
     - "Server transitions agents LIVE->STALE after 90s without heartbeat, STALE->DEAD 5 minutes after staleTransitionTime"
     - "Agent list endpoint GET /api/v1/agents returns all agents, filterable by ?status=LIVE|STALE|DEAD"
   artifacts:
-    - path: "cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/AgentRegistryService.java"
+    - path: "cameleer-server-core/src/main/java/com/cameleer/server/core/agent/AgentRegistryService.java"
       provides: "Agent registration, heartbeat, lifecycle transitions, find/filter"
-    - path: "cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/AgentInfo.java"
+    - path: "cameleer-server-core/src/main/java/com/cameleer/server/core/agent/AgentInfo.java"
       provides: "Agent record with id, name, group, version, routeIds, capabilities, state, timestamps"
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentRegistrationController.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentRegistrationController.java"
       provides: "POST /register, POST /{id}/heartbeat, GET /agents endpoints"
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/agent/AgentLifecycleMonitor.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/agent/AgentLifecycleMonitor.java"
       provides: "@Scheduled lifecycle transitions LIVE->STALE->DEAD"
   key_links:
     - from: "AgentRegistrationController"
@@ -76,14 +76,14 @@ Output: Core domain types (AgentInfo, AgentState, AgentCommand, CommandStatus, C
 @.planning/phases/03-agent-registry-sse-push/03-CONTEXT.md
 @.planning/phases/03-agent-registry-sse-push/03-RESEARCH.md
 
-@cameleer3-server-core/src/main/java/com/cameleer3/server/core/ingestion/IngestionService.java
-@cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/IngestionBeanConfig.java
-@cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/IngestionConfig.java
-@cameleer3-server-app/src/main/java/com/cameleer3/server/app/ingestion/ClickHouseFlushScheduler.java
-@cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/WebConfig.java
-@cameleer3-server-app/src/main/java/com/cameleer3/server/app/Cameleer3ServerApplication.java
-@cameleer3-server-app/src/main/resources/application.yml
-@cameleer3-server-app/src/test/java/com/cameleer3/server/app/AbstractClickHouseIT.java
+@cameleer-server-core/src/main/java/com/cameleer/server/core/ingestion/IngestionService.java
+@cameleer-server-app/src/main/java/com/cameleer/server/app/config/IngestionBeanConfig.java
+@cameleer-server-app/src/main/java/com/cameleer/server/app/config/IngestionConfig.java
+@cameleer-server-app/src/main/java/com/cameleer/server/app/ingestion/ClickHouseFlushScheduler.java
+@cameleer-server-app/src/main/java/com/cameleer/server/app/config/WebConfig.java
+@cameleer-server-app/src/main/java/com/cameleer/server/app/CameleerServerApplication.java
+@cameleer-server-app/src/main/resources/application.yml
+@cameleer-server-app/src/test/java/com/cameleer/server/app/AbstractClickHouseIT.java
 
 <interfaces>
 <!-- Established codebase patterns the executor must follow -->
@@ -99,10 +99,10 @@ Pattern: Controller accepts raw String body:
 
 Pattern: @Scheduled for periodic tasks:
 - ClickHouseFlushScheduler uses @Scheduled(fixedDelayString = "${ingestion.flush-interval-ms:1000}")
-- @EnableScheduling already on Cameleer3ServerApplication
+- @EnableScheduling already on CameleerServerApplication
 
 Pattern: @EnableConfigurationProperties registration:
-- Cameleer3ServerApplication has @EnableConfigurationProperties(IngestionConfig.class)
+- CameleerServerApplication has @EnableConfigurationProperties(IngestionConfig.class)
 - New config classes must be added to this annotation
 
 Pattern: ProtocolVersionInterceptor:
@@ -116,14 +116,14 @@ Pattern: ProtocolVersionInterceptor:
 <task type="auto" tdd="true">
   <name>Task 1: Core domain types and AgentRegistryService with unit tests</name>
   <files>
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/AgentInfo.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/AgentState.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/AgentCommand.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/CommandStatus.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/CommandType.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/AgentRegistryService.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/AgentEventListener.java,
-    cameleer3-server-core/src/test/java/com/cameleer3/server/core/agent/AgentRegistryServiceTest.java
+    cameleer-server-core/src/main/java/com/cameleer/server/core/agent/AgentInfo.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/agent/AgentState.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/agent/AgentCommand.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/agent/CommandStatus.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/agent/CommandType.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/agent/AgentRegistryService.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/agent/AgentEventListener.java,
+    cameleer-server-core/src/test/java/com/cameleer/server/core/agent/AgentRegistryServiceTest.java
   </files>
   <behavior>
     - register: new agent ID creates AgentInfo with state LIVE, returns AgentInfo
@@ -142,7 +142,7 @@ Pattern: ProtocolVersionInterceptor:
     - findPendingCommands: returns PENDING commands for given agentId
   </behavior>
   <action>
-    Create the agent domain model in the core module (package com.cameleer3.server.core.agent):
+    Create the agent domain model in the core module (package com.cameleer.server.core.agent):
 
     1. **AgentState enum**: LIVE, STALE, DEAD
 
@@ -182,7 +182,7 @@ Pattern: ProtocolVersionInterceptor:
     Write tests FIRST (RED), then implement (GREEN). Test class: AgentRegistryServiceTest.
   </action>
   <verify>
-    <automated>mvn test -pl cameleer3-server-core -Dtest=AgentRegistryServiceTest</automated>
+    <automated>mvn test -pl cameleer-server-core -Dtest=AgentRegistryServiceTest</automated>
   </verify>
   <done>All unit tests pass: registration (new + re-register), heartbeat (known + unknown), lifecycle transitions (LIVE->STALE->DEAD, heartbeat revives STALE), findAll/findByState/findById, command add/acknowledge/expire. AgentEventListener interface defined.</done>
 </task>
@@ -190,13 +190,13 @@ Pattern: ProtocolVersionInterceptor:
 <task type="auto">
   <name>Task 2: Registration/heartbeat/list controllers, config, lifecycle monitor, integration tests</name>
   <files>
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/AgentRegistryConfig.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/AgentRegistryBeanConfig.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/agent/AgentLifecycleMonitor.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentRegistrationController.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/Cameleer3ServerApplication.java,
-    cameleer3-server-app/src/main/resources/application.yml,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/AgentRegistrationControllerIT.java
+    cameleer-server-app/src/main/java/com/cameleer/server/app/config/AgentRegistryConfig.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/config/AgentRegistryBeanConfig.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/agent/AgentLifecycleMonitor.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentRegistrationController.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/CameleerServerApplication.java,
+    cameleer-server-app/src/main/resources/application.yml,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/AgentRegistrationControllerIT.java
   </files>
   <action>
     Wire the agent registry into the Spring Boot app and create REST endpoints:
@@ -214,7 +214,7 @@ Pattern: ProtocolVersionInterceptor:
        - @Bean AgentRegistryService: `new AgentRegistryService(config.getStaleThresholdMs(), config.getDeadThresholdMs(), config.getCommandExpiryMs())`
        Follow IngestionBeanConfig pattern.
 
-    3. **Update Cameleer3ServerApplication**: Add AgentRegistryConfig.class to @EnableConfigurationProperties.
+    3. **Update CameleerServerApplication**: Add AgentRegistryConfig.class to @EnableConfigurationProperties.
 
     4. **Update application.yml**: Add agent-registry section with all defaults (see RESEARCH.md code example). Also add `spring.mvc.async.request-timeout: -1` for SSE support (Plan 02 needs it, but set it now).
 
@@ -242,7 +242,7 @@ Pattern: ProtocolVersionInterceptor:
        - Use TestRestTemplate (already available from AbstractClickHouseIT's @SpringBootTest)
   </action>
   <verify>
-    <automated>mvn test -pl cameleer3-server-core,cameleer3-server-app -Dtest="Agent*"</automated>
+    <automated>mvn test -pl cameleer-server-core,cameleer-server-app -Dtest="Agent*"</automated>
   </verify>
   <done>POST /register returns 200 with agentId + sseEndpoint + heartbeatIntervalMs. POST /{id}/heartbeat returns 200 for known agents, 404 for unknown. GET /agents returns all agents with optional ?status= filter. AgentLifecycleMonitor runs on schedule. All integration tests pass. mvn clean verify passes.</done>
 </task>

.planning/phases/03-agent-registry-sse-push/03-01-SUMMARY.md

@@ -27,22 +27,22 @@ tech-stack:
 
 key-files:
   created:
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/AgentInfo.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/AgentState.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/AgentCommand.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/CommandStatus.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/CommandType.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/AgentRegistryService.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/AgentEventListener.java
-    - cameleer3-server-core/src/test/java/com/cameleer3/server/core/agent/AgentRegistryServiceTest.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/AgentRegistryConfig.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/AgentRegistryBeanConfig.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/agent/AgentLifecycleMonitor.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentRegistrationController.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/AgentRegistrationControllerIT.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/agent/AgentInfo.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/agent/AgentState.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/agent/AgentCommand.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/agent/CommandStatus.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/agent/CommandType.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/agent/AgentRegistryService.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/agent/AgentEventListener.java
+    - cameleer-server-core/src/test/java/com/cameleer/server/core/agent/AgentRegistryServiceTest.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/config/AgentRegistryConfig.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/config/AgentRegistryBeanConfig.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/agent/AgentLifecycleMonitor.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentRegistrationController.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/AgentRegistrationControllerIT.java
   modified:
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/Cameleer3ServerApplication.java
-    - cameleer3-server-app/src/main/resources/application.yml
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/CameleerServerApplication.java
+    - cameleer-server-app/src/main/resources/application.yml
 
 key-decisions:
   - "AgentInfo as Java record with wither-style methods for immutable ConcurrentHashMap swapping"
@@ -103,7 +103,7 @@ _Note: Task 1 used TDD with separate RED/GREEN commits_
 - `AgentRegistrationController.java` - REST endpoints for agents
 - `AgentRegistryServiceTest.java` - 23 unit tests
 - `AgentRegistrationControllerIT.java` - 7 integration tests
-- `Cameleer3ServerApplication.java` - Added AgentRegistryConfig to @EnableConfigurationProperties
+- `CameleerServerApplication.java` - Added AgentRegistryConfig to @EnableConfigurationProperties
 - `application.yml` - Added agent-registry config section and spring.mvc.async.request-timeout
 
 ## Decisions Made

.planning/phases/03-agent-registry-sse-push/03-02-PLAN.md

@@ -5,12 +5,12 @@ type: execute
 wave: 2
 depends_on: ["03-01"]
 files_modified:
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/agent/SseConnectionManager.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentSseController.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentCommandController.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/WebConfig.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/AgentSseControllerIT.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/AgentCommandControllerIT.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/agent/SseConnectionManager.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentSseController.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentCommandController.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/config/WebConfig.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/AgentSseControllerIT.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/AgentCommandControllerIT.java
 autonomous: true
 requirements:
   - AGNT-04
@@ -30,11 +30,11 @@ must_haves:
     - "SSE events include event ID for Last-Event-ID reconnection support (no replay of missed events)"
     - "Agent can acknowledge command receipt via POST /api/v1/agents/{id}/commands/{commandId}/ack"
   artifacts:
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/agent/SseConnectionManager.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/agent/SseConnectionManager.java"
       provides: "Per-agent SseEmitter management, event sending, ping keepalive"
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentSseController.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentSseController.java"
       provides: "GET /{id}/events SSE endpoint"
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentCommandController.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentCommandController.java"
       provides: "POST command endpoints (single, group, broadcast) + ack endpoint"
   key_links:
     - from: "AgentCommandController"
@@ -75,49 +75,49 @@ Output: SseConnectionManager, SSE endpoint, command controller (single/group/bro
 @.planning/phases/03-agent-registry-sse-push/03-RESEARCH.md
 @.planning/phases/03-agent-registry-sse-push/03-01-SUMMARY.md
 
-@cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/WebConfig.java
-@cameleer3-server-app/src/main/resources/application.yml
-@cameleer3-server-app/src/test/java/com/cameleer3/server/app/AbstractClickHouseIT.java
+@cameleer-server-app/src/main/java/com/cameleer/server/app/config/WebConfig.java
+@cameleer-server-app/src/main/resources/application.yml
+@cameleer-server-app/src/test/java/com/cameleer/server/app/AbstractClickHouseIT.java
 
 <interfaces>
 <!-- From Plan 01 (must exist before this plan executes) -->
 
-From cameleer3-server-core/.../agent/AgentInfo.java:
+From cameleer-server-core/.../agent/AgentInfo.java:
 ```java
 // Record or class with fields:
 // id, name, group, version, routeIds, capabilities, state, registeredAt, lastHeartbeat, staleTransitionTime
 // Methods: withState(), withLastHeartbeat(), etc.
 ```
 
-From cameleer3-server-core/.../agent/AgentState.java:
+From cameleer-server-core/.../agent/AgentState.java:
 ```java
 public enum AgentState { LIVE, STALE, DEAD }
 ```
 
-From cameleer3-server-core/.../agent/CommandType.java:
+From cameleer-server-core/.../agent/CommandType.java:
 ```java
 public enum CommandType { CONFIG_UPDATE, DEEP_TRACE, REPLAY }
 ```
 
-From cameleer3-server-core/.../agent/CommandStatus.java:
+From cameleer-server-core/.../agent/CommandStatus.java:
 ```java
 public enum CommandStatus { PENDING, DELIVERED, ACKNOWLEDGED, EXPIRED }
 ```
 
-From cameleer3-server-core/.../agent/AgentCommand.java:
+From cameleer-server-core/.../agent/AgentCommand.java:
 ```java
 // Record: id (UUID string), type (CommandType), payload (String JSON), targetAgentId, createdAt, status
 // Method: withStatus()
 ```
 
-From cameleer3-server-core/.../agent/AgentEventListener.java:
+From cameleer-server-core/.../agent/AgentEventListener.java:
 ```java
 public interface AgentEventListener {
     void onCommandReady(String agentId, AgentCommand command);
 }
 ```
 
-From cameleer3-server-core/.../agent/AgentRegistryService.java:
+From cameleer-server-core/.../agent/AgentRegistryService.java:
 ```java
 // Key methods:
 // register(id, name, group, version, routeIds, capabilities) -> AgentInfo
@@ -131,7 +131,7 @@ From cameleer3-server-core/.../agent/AgentRegistryService.java:
 // setEventListener(listener) -> void
 ```
 
-From cameleer3-server-app/.../config/AgentRegistryConfig.java:
+From cameleer-server-app/.../config/AgentRegistryConfig.java:
 ```java
 // @ConfigurationProperties(prefix = "agent-registry")
 // getPingIntervalMs(), getCommandExpiryMs(), etc.
@@ -144,11 +144,11 @@ From cameleer3-server-app/.../config/AgentRegistryConfig.java:
 <task type="auto">
   <name>Task 1: SseConnectionManager, SSE controller, and command controller</name>
   <files>
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/agent/SseConnectionManager.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentSseController.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentCommandController.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/AgentRegistryBeanConfig.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/WebConfig.java
+    cameleer-server-app/src/main/java/com/cameleer/server/app/agent/SseConnectionManager.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentSseController.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentCommandController.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/config/AgentRegistryBeanConfig.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/config/WebConfig.java
   </files>
   <action>
     Build the SSE infrastructure and command delivery system:
@@ -181,7 +181,7 @@ From cameleer3-server-app/.../config/AgentRegistryConfig.java:
     5. **Update WebConfig**: The SSE endpoint GET /api/v1/agents/{id}/events is already covered by the interceptor pattern "/api/v1/agents/**". Agents send the protocol version header on all requests (per research recommendation), so no exclusion needed. However, if the SSE GET causes issues because browsers/clients may not easily add custom headers to EventSource, add the SSE events path to excludePathPatterns: `/api/v1/agents/*/events`. This is a practical consideration -- add the exclusion to be safe.
   </action>
   <verify>
-    <automated>mvn compile -pl cameleer3-server-core,cameleer3-server-app</automated>
+    <automated>mvn compile -pl cameleer-server-core,cameleer-server-app</automated>
   </verify>
   <done>SseConnectionManager, AgentSseController, and AgentCommandController compile. SSE endpoint returns SseEmitter. Command endpoints accept type/payload and deliver via SSE. Ping keepalive scheduled. WebConfig updated if needed.</done>
 </task>
@@ -189,8 +189,8 @@ From cameleer3-server-app/.../config/AgentRegistryConfig.java:
 <task type="auto">
   <name>Task 2: Integration tests for SSE, commands, and full flow</name>
   <files>
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/AgentSseControllerIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/AgentCommandControllerIT.java
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/AgentSseControllerIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/AgentCommandControllerIT.java
   </files>
   <action>
     Write integration tests covering SSE connection, command delivery, ping, and acknowledgement:
@@ -224,7 +224,7 @@ From cameleer3-server-app/.../config/AgentRegistryConfig.java:
     **Test configuration**: If ping interval needs to be shorter for tests, add to test application.yml or use @TestPropertySource with agent-registry.ping-interval-ms=1000.
   </action>
   <verify>
-    <automated>mvn test -pl cameleer3-server-core,cameleer3-server-app -Dtest="Agent*"</automated>
+    <automated>mvn test -pl cameleer-server-core,cameleer-server-app -Dtest="Agent*"</automated>
   </verify>
   <done>All SSE integration tests pass: connect/disconnect, config-update/deep-trace/replay delivery via SSE, ping keepalive received, Last-Event-ID accepted, command targeting (single/group/broadcast), command acknowledgement. mvn clean verify passes with all existing tests still green.</done>
 </task>

.planning/phases/03-agent-registry-sse-push/03-02-SUMMARY.md

@@ -24,14 +24,14 @@ tech-stack:
 
 key-files:
   created:
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/agent/SseConnectionManager.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentSseController.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentCommandController.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/AgentSseControllerIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/AgentCommandControllerIT.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/agent/SseConnectionManager.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentSseController.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentCommandController.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/AgentSseControllerIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/AgentCommandControllerIT.java
   modified:
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/WebConfig.java
-    - cameleer3-server-app/src/test/resources/application-test.yml
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/config/WebConfig.java
+    - cameleer-server-app/src/test/resources/application-test.yml
 
 key-decisions:
   - "SSE events path excluded from ProtocolVersionInterceptor for EventSource client compatibility"

.planning/phases/03-agent-registry-sse-push/03-RESEARCH.md

@@ -6,7 +6,7 @@
 
 ## Summary
 
-This phase adds agent registration, heartbeat-based lifecycle management (LIVE/STALE/DEAD), and real-time command push via SSE to the Cameleer3 server. The technology stack is straightforward: Spring MVC's `SseEmitter` for server-push, `ConcurrentHashMap` for the in-memory agent registry, and `@Scheduled` for periodic lifecycle checks (same pattern already used by `ClickHouseFlushScheduler`).
+This phase adds agent registration, heartbeat-based lifecycle management (LIVE/STALE/DEAD), and real-time command push via SSE to the Cameleer server. The technology stack is straightforward: Spring MVC's `SseEmitter` for server-push, `ConcurrentHashMap` for the in-memory agent registry, and `@Scheduled` for periodic lifecycle checks (same pattern already used by `ClickHouseFlushScheduler`).
 
 The main architectural challenge is managing per-agent SSE connections reliably -- handling disconnections, timeouts, and cleanup without leaking threads or emitters. The command delivery model (PENDING with 60s expiry, acknowledgement) adds a second concurrent data structure to manage alongside the registry itself.
 
@@ -93,7 +93,7 @@ No new dependencies required. Everything is already on the classpath.
 
 ### Recommended Project Structure
 ```
-cameleer3-server-core/src/main/java/com/cameleer3/server/core/
+cameleer-server-core/src/main/java/com/cameleer/server/core/
 ├── agent/
 │   ├── AgentInfo.java              # Record: id, name, group, version, routeIds, capabilities, state, timestamps
 │   ├── AgentState.java             # Enum: LIVE, STALE, DEAD
@@ -101,7 +101,7 @@ cameleer3-server-core/src/main/java/com/cameleer3/server/core/
 │   ├── AgentCommand.java           # Record: id, type, payload, targetAgentId, createdAt, status
 │   └── CommandStatus.java          # Enum: PENDING, DELIVERED, ACKNOWLEDGED, EXPIRED
 
-cameleer3-server-app/src/main/java/com/cameleer3/server/app/
+cameleer-server-app/src/main/java/com/cameleer/server/app/
 ├── config/
 │   ├── AgentRegistryConfig.java    # @ConfigurationProperties(prefix = "agent-registry")
 │   └── AgentRegistryBeanConfig.java # @Configuration: wires AgentRegistryService as bean
@@ -452,30 +452,30 @@ spring:
 |----------|-------|
 | Framework | JUnit 5 + Spring Boot Test (via spring-boot-starter-test) |
 | Config file | pom.xml (Surefire + Failsafe configured) |
-| Quick run command | `mvn test -pl cameleer3-server-core -Dtest=AgentRegistryServiceTest` |
+| Quick run command | `mvn test -pl cameleer-server-core -Dtest=AgentRegistryServiceTest` |
 | Full suite command | `mvn clean verify` |
 
 ### Phase Requirements to Test Map
 | Req ID | Behavior | Test Type | Automated Command | File Exists? |
 |--------|----------|-----------|-------------------|-------------|
-| AGNT-01 | Agent registers and gets response | integration | `mvn test -pl cameleer3-server-app -Dtest=AgentRegistrationControllerIT#registerAgent*` | No - Wave 0 |
-| AGNT-02 | Lifecycle transitions LIVE/STALE/DEAD | unit | `mvn test -pl cameleer3-server-core -Dtest=AgentRegistryServiceTest#lifecycle*` | No - Wave 0 |
-| AGNT-03 | Heartbeat updates timestamp, returns 200/404 | integration | `mvn test -pl cameleer3-server-app -Dtest=AgentRegistrationControllerIT#heartbeat*` | No - Wave 0 |
-| AGNT-04 | Config-update pushed via SSE | integration | `mvn test -pl cameleer3-server-app -Dtest=AgentSseControllerIT#configUpdate*` | No - Wave 0 |
-| AGNT-05 | Deep-trace command pushed via SSE | integration | `mvn test -pl cameleer3-server-app -Dtest=AgentSseControllerIT#deepTrace*` | No - Wave 0 |
-| AGNT-06 | Replay command pushed via SSE | integration | `mvn test -pl cameleer3-server-app -Dtest=AgentSseControllerIT#replay*` | No - Wave 0 |
-| AGNT-07 | SSE ping keepalive + Last-Event-ID | integration | `mvn test -pl cameleer3-server-app -Dtest=AgentSseControllerIT#pingKeepalive*` | No - Wave 0 |
+| AGNT-01 | Agent registers and gets response | integration | `mvn test -pl cameleer-server-app -Dtest=AgentRegistrationControllerIT#registerAgent*` | No - Wave 0 |
+| AGNT-02 | Lifecycle transitions LIVE/STALE/DEAD | unit | `mvn test -pl cameleer-server-core -Dtest=AgentRegistryServiceTest#lifecycle*` | No - Wave 0 |
+| AGNT-03 | Heartbeat updates timestamp, returns 200/404 | integration | `mvn test -pl cameleer-server-app -Dtest=AgentRegistrationControllerIT#heartbeat*` | No - Wave 0 |
+| AGNT-04 | Config-update pushed via SSE | integration | `mvn test -pl cameleer-server-app -Dtest=AgentSseControllerIT#configUpdate*` | No - Wave 0 |
+| AGNT-05 | Deep-trace command pushed via SSE | integration | `mvn test -pl cameleer-server-app -Dtest=AgentSseControllerIT#deepTrace*` | No - Wave 0 |
+| AGNT-06 | Replay command pushed via SSE | integration | `mvn test -pl cameleer-server-app -Dtest=AgentSseControllerIT#replay*` | No - Wave 0 |
+| AGNT-07 | SSE ping keepalive + Last-Event-ID | integration | `mvn test -pl cameleer-server-app -Dtest=AgentSseControllerIT#pingKeepalive*` | No - Wave 0 |
 
 ### Sampling Rate
-- **Per task commit:** `mvn test -pl cameleer3-server-core,cameleer3-server-app -Dtest="Agent*"` (agent-related tests only)
+- **Per task commit:** `mvn test -pl cameleer-server-core,cameleer-server-app -Dtest="Agent*"` (agent-related tests only)
 - **Per wave merge:** `mvn clean verify`
 - **Phase gate:** Full suite green before /gsd:verify-work
 
 ### Wave 0 Gaps
-- [ ] `cameleer3-server-core/.../agent/AgentRegistryServiceTest.java` -- covers AGNT-02, AGNT-03 (unit tests for registry logic)
-- [ ] `cameleer3-server-app/.../controller/AgentRegistrationControllerIT.java` -- covers AGNT-01, AGNT-03
-- [ ] `cameleer3-server-app/.../controller/AgentSseControllerIT.java` -- covers AGNT-04, AGNT-05, AGNT-06, AGNT-07
-- [ ] `cameleer3-server-app/.../controller/AgentCommandControllerIT.java` -- covers command targeting (single, group, all)
+- [ ] `cameleer-server-core/.../agent/AgentRegistryServiceTest.java` -- covers AGNT-02, AGNT-03 (unit tests for registry logic)
+- [ ] `cameleer-server-app/.../controller/AgentRegistrationControllerIT.java` -- covers AGNT-01, AGNT-03
+- [ ] `cameleer-server-app/.../controller/AgentSseControllerIT.java` -- covers AGNT-04, AGNT-05, AGNT-06, AGNT-07
+- [ ] `cameleer-server-app/.../controller/AgentCommandControllerIT.java` -- covers command targeting (single, group, all)
 - [ ] No new framework install needed -- JUnit 5 + Spring Boot Test + Awaitility already in place
 
 ### SSE Test Strategy

.planning/phases/03-agent-registry-sse-push/03-VALIDATION.md

@@ -18,8 +18,8 @@ created: 2026-03-11
 | Property | Value |
 |----------|-------|
 | **Framework** | JUnit 5 + Spring Boot Test + Testcontainers ClickHouse 25.3 |
-| **Config file** | cameleer3-server-app/pom.xml (Surefire + Failsafe configured) |
-| **Quick run command** | `mvn test -pl cameleer3-server-core -Dtest=AgentRegistryServiceTest` |
+| **Config file** | cameleer-server-app/pom.xml (Surefire + Failsafe configured) |
+| **Quick run command** | `mvn test -pl cameleer-server-core -Dtest=AgentRegistryServiceTest` |
 | **Full suite command** | `mvn clean verify` |
 | **Estimated runtime** | ~50 seconds |
 
@@ -27,7 +27,7 @@ created: 2026-03-11
 
 ## Sampling Rate
 
-- **After every task commit:** Run `mvn test -pl cameleer3-server-core,cameleer3-server-app -Dtest="Agent*"`
+- **After every task commit:** Run `mvn test -pl cameleer-server-core,cameleer-server-app -Dtest="Agent*"`
 - **After every plan wave:** Run `mvn clean verify`
 - **Before `/gsd:verify-work`:** Full suite must be green
 - **Max feedback latency:** 50 seconds
@@ -38,13 +38,13 @@ created: 2026-03-11
 
 | Task ID | Plan | Wave | Requirement | Test Type | Automated Command | File Exists | Status |
 |---------|------|------|-------------|-----------|-------------------|-------------|--------|
-| 03-01-01 | 01 | 1 | AGNT-01 | integration | `mvn test -pl cameleer3-server-app -Dtest=AgentRegistrationControllerIT#registerAgent*` | ❌ W0 | ⬜ pending |
-| 03-01-02 | 01 | 1 | AGNT-02 | unit | `mvn test -pl cameleer3-server-core -Dtest=AgentRegistryServiceTest#lifecycle*` | ❌ W0 | ⬜ pending |
-| 03-01-03 | 01 | 1 | AGNT-03 | integration | `mvn test -pl cameleer3-server-app -Dtest=AgentRegistrationControllerIT#heartbeat*` | ❌ W0 | ⬜ pending |
-| 03-02-01 | 02 | 1 | AGNT-04 | integration | `mvn test -pl cameleer3-server-app -Dtest=AgentSseControllerIT#configUpdate*` | ❌ W0 | ⬜ pending |
-| 03-02-02 | 02 | 1 | AGNT-05 | integration | `mvn test -pl cameleer3-server-app -Dtest=AgentSseControllerIT#deepTrace*` | ❌ W0 | ⬜ pending |
-| 03-02-03 | 02 | 1 | AGNT-06 | integration | `mvn test -pl cameleer3-server-app -Dtest=AgentSseControllerIT#replay*` | ❌ W0 | ⬜ pending |
-| 03-02-04 | 02 | 1 | AGNT-07 | integration | `mvn test -pl cameleer3-server-app -Dtest=AgentSseControllerIT#pingKeepalive*` | ❌ W0 | ⬜ pending |
+| 03-01-01 | 01 | 1 | AGNT-01 | integration | `mvn test -pl cameleer-server-app -Dtest=AgentRegistrationControllerIT#registerAgent*` | ❌ W0 | ⬜ pending |
+| 03-01-02 | 01 | 1 | AGNT-02 | unit | `mvn test -pl cameleer-server-core -Dtest=AgentRegistryServiceTest#lifecycle*` | ❌ W0 | ⬜ pending |
+| 03-01-03 | 01 | 1 | AGNT-03 | integration | `mvn test -pl cameleer-server-app -Dtest=AgentRegistrationControllerIT#heartbeat*` | ❌ W0 | ⬜ pending |
+| 03-02-01 | 02 | 1 | AGNT-04 | integration | `mvn test -pl cameleer-server-app -Dtest=AgentSseControllerIT#configUpdate*` | ❌ W0 | ⬜ pending |
+| 03-02-02 | 02 | 1 | AGNT-05 | integration | `mvn test -pl cameleer-server-app -Dtest=AgentSseControllerIT#deepTrace*` | ❌ W0 | ⬜ pending |
+| 03-02-03 | 02 | 1 | AGNT-06 | integration | `mvn test -pl cameleer-server-app -Dtest=AgentSseControllerIT#replay*` | ❌ W0 | ⬜ pending |
+| 03-02-04 | 02 | 1 | AGNT-07 | integration | `mvn test -pl cameleer-server-app -Dtest=AgentSseControllerIT#pingKeepalive*` | ❌ W0 | ⬜ pending |
 
 *Status: ⬜ pending · ✅ green · ❌ red · ⚠️ flaky*
 

.planning/phases/03-agent-registry-sse-push/03-VERIFICATION.md

@@ -51,18 +51,18 @@ re_verification: false
 
 | Artifact | Expected | Status | Details |
 |----------|----------|--------|---------|
-| `cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/AgentRegistryService.java` | Registration, heartbeat, lifecycle, find/filter, commands | VERIFIED | 281 lines; full implementation with ConcurrentHashMap, compute-based atomic swaps, eventListener bridge |
-| `cameleer3-server-core/src/main/java/com/cameleer3/server/core/agent/AgentInfo.java` | Immutable record with all fields and wither methods | VERIFIED | 63 lines; record with 10 fields and 5 wither-style methods |
-| `cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentRegistrationController.java` | POST /register, POST /{id}/heartbeat, GET /agents | VERIFIED | 153 lines; all three endpoints implemented with OpenAPI annotations |
-| `cameleer3-server-app/src/main/java/com/cameleer3/server/app/agent/AgentLifecycleMonitor.java` | @Scheduled LIVE->STALE->DEAD transitions | VERIFIED | 37 lines; calls `registryService.checkLifecycle()` and `expireOldCommands()` on schedule |
+| `cameleer-server-core/src/main/java/com/cameleer/server/core/agent/AgentRegistryService.java` | Registration, heartbeat, lifecycle, find/filter, commands | VERIFIED | 281 lines; full implementation with ConcurrentHashMap, compute-based atomic swaps, eventListener bridge |
+| `cameleer-server-core/src/main/java/com/cameleer/server/core/agent/AgentInfo.java` | Immutable record with all fields and wither methods | VERIFIED | 63 lines; record with 10 fields and 5 wither-style methods |
+| `cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentRegistrationController.java` | POST /register, POST /{id}/heartbeat, GET /agents | VERIFIED | 153 lines; all three endpoints implemented with OpenAPI annotations |
+| `cameleer-server-app/src/main/java/com/cameleer/server/app/agent/AgentLifecycleMonitor.java` | @Scheduled LIVE->STALE->DEAD transitions | VERIFIED | 37 lines; calls `registryService.checkLifecycle()` and `expireOldCommands()` on schedule |
 
 ### Plan 02 Artifacts
 
 | Artifact | Expected | Status | Details |
 |----------|----------|--------|---------|
-| `cameleer3-server-app/src/main/java/com/cameleer3/server/app/agent/SseConnectionManager.java` | Per-agent SseEmitter management, event sending, ping | VERIFIED | 158 lines; implements AgentEventListener, reference-equality removal, @PostConstruct registration |
-| `cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentSseController.java` | GET /{id}/events SSE endpoint | VERIFIED | 67 lines; checks agent exists, delegates to connectionManager.connect() |
-| `cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentCommandController.java` | POST commands (single/group/broadcast) + ack | VERIFIED | 182 lines; all four endpoints implemented |
+| `cameleer-server-app/src/main/java/com/cameleer/server/app/agent/SseConnectionManager.java` | Per-agent SseEmitter management, event sending, ping | VERIFIED | 158 lines; implements AgentEventListener, reference-equality removal, @PostConstruct registration |
+| `cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentSseController.java` | GET /{id}/events SSE endpoint | VERIFIED | 67 lines; checks agent exists, delegates to connectionManager.connect() |
+| `cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentCommandController.java` | POST commands (single/group/broadcast) + ack | VERIFIED | 182 lines; all four endpoints implemented |
 
 ### Supporting Artifacts (confirmed present)
 
@@ -77,7 +77,7 @@ re_verification: false
 | `AgentRegistryBeanConfig.java` (@Configuration) | VERIFIED — creates AgentRegistryService with config values |
 | `application.yml` | VERIFIED — agent-registry section present; `spring.mvc.async.request-timeout: -1` present |
 | `application-test.yml` | VERIFIED — `agent-registry.ping-interval-ms: 1000` for fast SSE test assertions |
-| `Cameleer3ServerApplication.java` | VERIFIED — `AgentRegistryConfig.class` added to `@EnableConfigurationProperties` |
+| `CameleerServerApplication.java` | VERIFIED — `AgentRegistryConfig.class` added to `@EnableConfigurationProperties` |
 
 ---
 

.planning/phases/04-security/04-01-PLAN.md

@@ -5,19 +5,19 @@ type: execute
 wave: 1
 depends_on: []
 files_modified:
-  - cameleer3-server-app/pom.xml
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/security/JwtService.java
-  - cameleer3-server-core/src/main/java/com/cameleer3/server/core/security/Ed25519SigningService.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/JwtServiceImpl.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/Ed25519SigningServiceImpl.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/BootstrapTokenValidator.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/SecurityProperties.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/SecurityBeanConfig.java
-  - cameleer3-server-app/src/main/resources/application.yml
-  - cameleer3-server-app/src/test/resources/application-test.yml
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/JwtServiceTest.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/Ed25519SigningServiceTest.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/BootstrapTokenValidatorTest.java
+  - cameleer-server-app/pom.xml
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/security/JwtService.java
+  - cameleer-server-core/src/main/java/com/cameleer/server/core/security/Ed25519SigningService.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/security/JwtServiceImpl.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/security/Ed25519SigningServiceImpl.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/security/BootstrapTokenValidator.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/security/SecurityProperties.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/security/SecurityBeanConfig.java
+  - cameleer-server-app/src/main/resources/application.yml
+  - cameleer-server-app/src/test/resources/application-test.yml
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/security/JwtServiceTest.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/security/Ed25519SigningServiceTest.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/security/BootstrapTokenValidatorTest.java
 autonomous: true
 requirements:
   - SECU-03
@@ -31,15 +31,15 @@ must_haves:
     - "BootstrapTokenValidator accepts CAMELEER_AUTH_TOKEN and optionally CAMELEER_AUTH_TOKEN_PREVIOUS using constant-time comparison"
     - "Server fails fast on startup if CAMELEER_AUTH_TOKEN is not set"
   artifacts:
-    - path: "cameleer3-server-core/src/main/java/com/cameleer3/server/core/security/JwtService.java"
+    - path: "cameleer-server-core/src/main/java/com/cameleer/server/core/security/JwtService.java"
       provides: "JWT service interface with createAccessToken, createRefreshToken, validateAndExtractAgentId"
-    - path: "cameleer3-server-core/src/main/java/com/cameleer3/server/core/security/Ed25519SigningService.java"
+    - path: "cameleer-server-core/src/main/java/com/cameleer/server/core/security/Ed25519SigningService.java"
       provides: "Ed25519 signing interface with sign(payload) and getPublicKeyBase64()"
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/JwtServiceImpl.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/security/JwtServiceImpl.java"
       provides: "Nimbus JOSE+JWT HMAC-SHA256 implementation"
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/Ed25519SigningServiceImpl.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/security/Ed25519SigningServiceImpl.java"
       provides: "JDK 17 Ed25519 KeyPairGenerator implementation"
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/BootstrapTokenValidator.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/security/BootstrapTokenValidator.java"
       provides: "Constant-time bootstrap token validation with dual-token rotation"
   key_links:
     - from: "JwtServiceImpl"
@@ -76,10 +76,10 @@ Output: Working JwtService, Ed25519SigningService, BootstrapTokenValidator with
 @.planning/phases/04-security/04-RESEARCH.md
 @.planning/phases/04-security/04-VALIDATION.md
 
-@cameleer3-server-app/pom.xml
-@cameleer3-server-app/src/main/resources/application.yml
-@cameleer3-server-app/src/test/resources/application-test.yml
-@cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/AgentRegistryConfig.java
+@cameleer-server-app/pom.xml
+@cameleer-server-app/src/main/resources/application.yml
+@cameleer-server-app/src/test/resources/application-test.yml
+@cameleer-server-app/src/main/java/com/cameleer/server/app/config/AgentRegistryConfig.java
 
 <interfaces>
 <!-- Existing patterns to follow: core module = interfaces/domain, app module = Spring implementations -->
@@ -106,19 +106,19 @@ public class AgentRegistryConfig { ... }
 <task type="auto" tdd="true">
   <name>Task 1: Core interfaces + app implementations + Maven deps</name>
   <files>
-    cameleer3-server-app/pom.xml,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/security/JwtService.java,
-    cameleer3-server-core/src/main/java/com/cameleer3/server/core/security/Ed25519SigningService.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/JwtServiceImpl.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/Ed25519SigningServiceImpl.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/BootstrapTokenValidator.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/SecurityProperties.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/SecurityBeanConfig.java,
-    cameleer3-server-app/src/main/resources/application.yml,
-    cameleer3-server-app/src/test/resources/application-test.yml,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/JwtServiceTest.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/Ed25519SigningServiceTest.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/BootstrapTokenValidatorTest.java
+    cameleer-server-app/pom.xml,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/security/JwtService.java,
+    cameleer-server-core/src/main/java/com/cameleer/server/core/security/Ed25519SigningService.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/security/JwtServiceImpl.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/security/Ed25519SigningServiceImpl.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/security/BootstrapTokenValidator.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/security/SecurityProperties.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/security/SecurityBeanConfig.java,
+    cameleer-server-app/src/main/resources/application.yml,
+    cameleer-server-app/src/test/resources/application-test.yml,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/security/JwtServiceTest.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/security/Ed25519SigningServiceTest.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/security/BootstrapTokenValidatorTest.java
   </files>
   <behavior>
     JwtService tests:
@@ -145,7 +145,7 @@ public class AgentRegistryConfig { ... }
     - Uses constant-time comparison (MessageDigest.isEqual)
   </behavior>
   <action>
-    1. Add Maven dependencies to cameleer3-server-app/pom.xml:
+    1. Add Maven dependencies to cameleer-server-app/pom.xml:
        - `spring-boot-starter-security` (managed version)
        - `com.nimbusds:nimbus-jose-jwt:9.47` (explicit, may not be transitive without OAuth2 resource server)
        - `spring-security-test` scope test (managed version)
@@ -165,12 +165,12 @@ public class AgentRegistryConfig { ... }
 
     5. Update application-test.yml: Add `security.bootstrap-token: test-bootstrap-token`, `security.bootstrap-token-previous: old-bootstrap-token`. Also set `CAMELEER_AUTH_TOKEN: test-bootstrap-token` as an env override if needed.
 
-    6. IMPORTANT: Adding spring-boot-starter-security will break ALL existing tests immediately (401 on all endpoints). To prevent this during Plan 01 (before the security filter chain is configured in Plan 02), add a temporary test security config class `src/test/java/com/cameleer3/server/app/security/TestSecurityConfig.java` annotated `@TestConfiguration` that creates a `SecurityFilterChain` permitting all requests. This keeps existing tests green while security services are built. Plan 02 will replace this with real security config and update tests.
+    6. IMPORTANT: Adding spring-boot-starter-security will break ALL existing tests immediately (401 on all endpoints). To prevent this during Plan 01 (before the security filter chain is configured in Plan 02), add a temporary test security config class `src/test/java/com/cameleer/server/app/security/TestSecurityConfig.java` annotated `@TestConfiguration` that creates a `SecurityFilterChain` permitting all requests. This keeps existing tests green while security services are built. Plan 02 will replace this with real security config and update tests.
 
     7. Write unit tests per the behavior spec above. Tests should NOT require Spring context -- construct implementations directly with test SecurityProperties.
   </action>
   <verify>
-    <automated>cd /c/Users/Hendrik/Documents/projects/cameleer3-server && mvn test -pl cameleer3-server-app -Dtest="JwtServiceTest,Ed25519SigningServiceTest,BootstrapTokenValidatorTest" -Dsurefire.reuseForks=false</automated>
+    <automated>cd /c/Users/Hendrik/Documents/projects/cameleer-server && mvn test -pl cameleer-server-app -Dtest="JwtServiceTest,Ed25519SigningServiceTest,BootstrapTokenValidatorTest" -Dsurefire.reuseForks=false</automated>
   </verify>
   <done>
     - JwtService creates and validates access/refresh JWTs with correct claims and expiry

.planning/phases/04-security/04-01-SUMMARY.md

@@ -25,22 +25,22 @@ tech-stack:
 
 key-files:
   created:
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/security/JwtService.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/security/Ed25519SigningService.java
-    - cameleer3-server-core/src/main/java/com/cameleer3/server/core/security/InvalidTokenException.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/JwtServiceImpl.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/Ed25519SigningServiceImpl.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/BootstrapTokenValidator.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/SecurityProperties.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/SecurityBeanConfig.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/TestSecurityConfig.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/JwtServiceTest.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/Ed25519SigningServiceTest.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/BootstrapTokenValidatorTest.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/security/JwtService.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/security/Ed25519SigningService.java
+    - cameleer-server-core/src/main/java/com/cameleer/server/core/security/InvalidTokenException.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/security/JwtServiceImpl.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/security/Ed25519SigningServiceImpl.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/security/BootstrapTokenValidator.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/security/SecurityProperties.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/security/SecurityBeanConfig.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/security/TestSecurityConfig.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/security/JwtServiceTest.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/security/Ed25519SigningServiceTest.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/security/BootstrapTokenValidatorTest.java
   modified:
-    - cameleer3-server-app/pom.xml
-    - cameleer3-server-app/src/main/resources/application.yml
-    - cameleer3-server-app/src/test/resources/application-test.yml
+    - cameleer-server-app/pom.xml
+    - cameleer-server-app/src/main/resources/application.yml
+    - cameleer-server-app/src/test/resources/application-test.yml
 
 key-decisions:
   - "HMAC-SHA256 with ephemeral 256-bit secret for JWT signing (simpler than Ed25519 for tokens, Ed25519 reserved for config signing)"
@@ -91,21 +91,21 @@ _No REFACTOR commit needed -- implementations are clean and minimal._
 
 ## Files Created/Modified
 
-- `cameleer3-server-core/.../security/JwtService.java` - JWT service interface with create/validate methods
-- `cameleer3-server-core/.../security/Ed25519SigningService.java` - Ed25519 signing interface with sign/getPublicKeyBase64
-- `cameleer3-server-core/.../security/InvalidTokenException.java` - Runtime exception for invalid/expired/wrong-type tokens
-- `cameleer3-server-app/.../security/JwtServiceImpl.java` - Nimbus JOSE+JWT HMAC-SHA256 implementation
-- `cameleer3-server-app/.../security/Ed25519SigningServiceImpl.java` - JDK 17 Ed25519 KeyPairGenerator implementation
-- `cameleer3-server-app/.../security/BootstrapTokenValidator.java` - Constant-time bootstrap token validation
-- `cameleer3-server-app/.../security/SecurityProperties.java` - Config properties for token expiry and bootstrap tokens
-- `cameleer3-server-app/.../security/SecurityBeanConfig.java` - Bean wiring with fail-fast startup validation
-- `cameleer3-server-app/.../security/TestSecurityConfig.java` - Temporary permit-all for existing test compatibility
-- `cameleer3-server-app/pom.xml` - Added nimbus-jose-jwt, spring-boot-starter-security, spring-security-test
-- `cameleer3-server-app/.../application.yml` - Security config section with env var mapping
-- `cameleer3-server-app/.../application-test.yml` - Test bootstrap token values
-- `cameleer3-server-app/.../security/JwtServiceTest.java` - 7 unit tests for JWT creation/validation
-- `cameleer3-server-app/.../security/Ed25519SigningServiceTest.java` - 5 unit tests for signing/verification
-- `cameleer3-server-app/.../security/BootstrapTokenValidatorTest.java` - 6 unit tests for token matching
+- `cameleer-server-core/.../security/JwtService.java` - JWT service interface with create/validate methods
+- `cameleer-server-core/.../security/Ed25519SigningService.java` - Ed25519 signing interface with sign/getPublicKeyBase64
+- `cameleer-server-core/.../security/InvalidTokenException.java` - Runtime exception for invalid/expired/wrong-type tokens
+- `cameleer-server-app/.../security/JwtServiceImpl.java` - Nimbus JOSE+JWT HMAC-SHA256 implementation
+- `cameleer-server-app/.../security/Ed25519SigningServiceImpl.java` - JDK 17 Ed25519 KeyPairGenerator implementation
+- `cameleer-server-app/.../security/BootstrapTokenValidator.java` - Constant-time bootstrap token validation
+- `cameleer-server-app/.../security/SecurityProperties.java` - Config properties for token expiry and bootstrap tokens
+- `cameleer-server-app/.../security/SecurityBeanConfig.java` - Bean wiring with fail-fast startup validation
+- `cameleer-server-app/.../security/TestSecurityConfig.java` - Temporary permit-all for existing test compatibility
+- `cameleer-server-app/pom.xml` - Added nimbus-jose-jwt, spring-boot-starter-security, spring-security-test
+- `cameleer-server-app/.../application.yml` - Security config section with env var mapping
+- `cameleer-server-app/.../application-test.yml` - Test bootstrap token values
+- `cameleer-server-app/.../security/JwtServiceTest.java` - 7 unit tests for JWT creation/validation
+- `cameleer-server-app/.../security/Ed25519SigningServiceTest.java` - 5 unit tests for signing/verification
+- `cameleer-server-app/.../security/BootstrapTokenValidatorTest.java` - 6 unit tests for token matching
 
 ## Decisions Made
 

.planning/phases/04-security/04-02-PLAN.md

@@ -5,17 +5,17 @@ type: execute
 wave: 2
 depends_on: ["04-01"]
 files_modified:
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/JwtAuthenticationFilter.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/SecurityConfig.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentRegistrationController.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentSseController.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/WebConfig.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/SecurityFilterIT.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/JwtRefreshIT.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/RegistrationSecurityIT.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/BootstrapTokenIT.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/TestSecurityHelper.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/TestSecurityConfig.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/security/JwtAuthenticationFilter.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/security/SecurityConfig.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentRegistrationController.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentSseController.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/config/WebConfig.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/security/SecurityFilterIT.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/security/JwtRefreshIT.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/security/RegistrationSecurityIT.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/security/BootstrapTokenIT.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/TestSecurityHelper.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/security/TestSecurityConfig.java
 autonomous: true
 requirements:
   - SECU-01
@@ -30,11 +30,11 @@ must_haves:
     - "SSE endpoint accepts JWT via ?token= query parameter"
     - "Health endpoint and Swagger UI remain publicly accessible"
   artifacts:
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/JwtAuthenticationFilter.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/security/JwtAuthenticationFilter.java"
       provides: "OncePerRequestFilter extracting JWT from header or query param"
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/SecurityConfig.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/security/SecurityConfig.java"
       provides: "SecurityFilterChain with permitAll for public paths, authenticated for rest"
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentRegistrationController.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentRegistrationController.java"
       provides: "Updated register endpoint with bootstrap token validation, JWT issuance, public key"
   key_links:
     - from: "JwtAuthenticationFilter"
@@ -76,11 +76,11 @@ Output: Working security filter chain with protected/public endpoints, registrat
 @.planning/phases/04-security/04-VALIDATION.md
 @.planning/phases/04-security/04-01-SUMMARY.md
 
-@cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentRegistrationController.java
-@cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentSseController.java
-@cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/WebConfig.java
-@cameleer3-server-app/src/test/java/com/cameleer3/server/app/AbstractClickHouseIT.java
-@cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/AgentRegistrationControllerIT.java
+@cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentRegistrationController.java
+@cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentSseController.java
+@cameleer-server-app/src/main/java/com/cameleer/server/app/config/WebConfig.java
+@cameleer-server-app/src/test/java/com/cameleer/server/app/AbstractClickHouseIT.java
+@cameleer-server-app/src/test/java/com/cameleer/server/app/controller/AgentRegistrationControllerIT.java
 
 <interfaces>
 <!-- From Plan 01 (will exist after execution): -->
@@ -136,11 +136,11 @@ public class AgentRegistryService {
 <task type="auto">
   <name>Task 1: SecurityFilterChain + JwtAuthenticationFilter + registration/refresh integration</name>
   <files>
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/JwtAuthenticationFilter.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/SecurityConfig.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentRegistrationController.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentSseController.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/WebConfig.java
+    cameleer-server-app/src/main/java/com/cameleer/server/app/security/JwtAuthenticationFilter.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/security/SecurityConfig.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentRegistrationController.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentSseController.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/config/WebConfig.java
   </files>
   <action>
     1. Create `JwtAuthenticationFilter extends OncePerRequestFilter` (NOT annotated @Component -- constructed in SecurityConfig to avoid double registration):
@@ -176,7 +176,7 @@ public class AgentRegistryService {
     6. Update `WebConfig` if needed: The `ProtocolVersionInterceptor` excluded paths should align with Spring Security public paths. The SSE events path is already excluded from protocol version check (Phase 3 decision). Verify no conflicts.
   </action>
   <verify>
-    <automated>cd /c/Users/Hendrik/Documents/projects/cameleer3-server && mvn clean compile -pl cameleer3-server-app</automated>
+    <automated>cd /c/Users/Hendrik/Documents/projects/cameleer-server && mvn clean compile -pl cameleer-server-app</automated>
   </verify>
   <done>
     - SecurityConfig creates stateless filter chain with correct public/protected path split
@@ -190,28 +190,28 @@ public class AgentRegistryService {
 <task type="auto">
   <name>Task 2: Security integration tests + existing test adaptation</name>
   <files>
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/TestSecurityHelper.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/TestSecurityConfig.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/SecurityFilterIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/JwtRefreshIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/RegistrationSecurityIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/BootstrapTokenIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/AgentRegistrationControllerIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/ExecutionControllerIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/DiagramControllerIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/MetricsControllerIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/BackpressureIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/DiagramRenderControllerIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/DetailControllerIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/SearchControllerIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/AgentCommandControllerIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/AgentSseControllerIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/storage/DiagramLinkingIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/storage/IngestionSchemaIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/interceptor/ProtocolVersionIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/OpenApiIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/ForwardCompatIT.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/HealthControllerIT.java
+    cameleer-server-app/src/test/java/com/cameleer/server/app/TestSecurityHelper.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/security/TestSecurityConfig.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/security/SecurityFilterIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/security/JwtRefreshIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/security/RegistrationSecurityIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/security/BootstrapTokenIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/AgentRegistrationControllerIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/ExecutionControllerIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/DiagramControllerIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/MetricsControllerIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/BackpressureIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/DiagramRenderControllerIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/DetailControllerIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/SearchControllerIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/AgentCommandControllerIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/AgentSseControllerIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/storage/DiagramLinkingIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/storage/IngestionSchemaIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/interceptor/ProtocolVersionIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/OpenApiIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/ForwardCompatIT.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/controller/HealthControllerIT.java
   </files>
   <action>
     1. Replace the Plan 01 temporary `TestSecurityConfig` (permit-all) with real security active in tests. Remove the permit-all override so tests run with actual security enforcement.
@@ -259,7 +259,7 @@ public class AgentRegistryService {
        - Test: New access token from refresh can access protected endpoints
   </action>
   <verify>
-    <automated>cd /c/Users/Hendrik/Documents/projects/cameleer3-server && mvn clean verify</automated>
+    <automated>cd /c/Users/Hendrik/Documents/projects/cameleer-server && mvn clean verify</automated>
   </verify>
   <done>
     - All 17 existing ITs pass with JWT authentication

.planning/phases/04-security/04-02-SUMMARY.md

@@ -25,31 +25,31 @@ tech-stack:
 
 key-files:
   created:
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/JwtAuthenticationFilter.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/SecurityConfig.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/TestSecurityHelper.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/SecurityFilterIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/BootstrapTokenIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/RegistrationSecurityIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/JwtRefreshIT.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/security/JwtAuthenticationFilter.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/security/SecurityConfig.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/TestSecurityHelper.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/security/SecurityFilterIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/security/BootstrapTokenIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/security/RegistrationSecurityIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/security/JwtRefreshIT.java
   modified:
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/controller/AgentRegistrationController.java
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/config/WebConfig.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/TestSecurityConfig.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/AgentRegistrationControllerIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/ExecutionControllerIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/DiagramControllerIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/MetricsControllerIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/BackpressureIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/DiagramRenderControllerIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/DetailControllerIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/SearchControllerIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/AgentCommandControllerIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/AgentSseControllerIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/storage/DiagramLinkingIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/storage/IngestionSchemaIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/interceptor/ProtocolVersionIT.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/controller/ForwardCompatIT.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/controller/AgentRegistrationController.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/config/WebConfig.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/security/TestSecurityConfig.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/AgentRegistrationControllerIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/ExecutionControllerIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/DiagramControllerIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/MetricsControllerIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/BackpressureIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/DiagramRenderControllerIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/DetailControllerIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/SearchControllerIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/AgentCommandControllerIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/AgentSseControllerIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/storage/DiagramLinkingIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/storage/IngestionSchemaIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/interceptor/ProtocolVersionIT.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/controller/ForwardCompatIT.java
 
 key-decisions:
   - "Added /error to SecurityConfig permitAll to allow Spring Boot error page forwarding through security"

.planning/phases/04-security/04-03-PLAN.md

@@ -5,10 +5,10 @@ type: execute
 wave: 2
 depends_on: ["04-01"]
 files_modified:
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/agent/SseConnectionManager.java
-  - cameleer3-server-app/src/main/java/com/cameleer3/server/app/agent/SsePayloadSigner.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/SseSigningIT.java
-  - cameleer3-server-app/src/test/java/com/cameleer3/server/app/agent/SsePayloadSignerTest.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/agent/SseConnectionManager.java
+  - cameleer-server-app/src/main/java/com/cameleer/server/app/agent/SsePayloadSigner.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/security/SseSigningIT.java
+  - cameleer-server-app/src/test/java/com/cameleer/server/app/agent/SsePayloadSignerTest.java
 autonomous: true
 requirements:
   - SECU-04
@@ -19,9 +19,9 @@ must_haves:
     - "Signature is computed over the payload JSON without the signature field, then added as a 'signature' field"
     - "Agent can verify the signature using the public key received at registration"
   artifacts:
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/agent/SsePayloadSigner.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/agent/SsePayloadSigner.java"
       provides: "Component that signs SSE command payloads before delivery"
-    - path: "cameleer3-server-app/src/main/java/com/cameleer3/server/app/agent/SseConnectionManager.java"
+    - path: "cameleer-server-app/src/main/java/com/cameleer/server/app/agent/SseConnectionManager.java"
       provides: "Updated onCommandReady with signing before sendEvent"
   key_links:
     - from: "SseConnectionManager.onCommandReady"
@@ -54,7 +54,7 @@ Output: All SSE command events carry verifiable Ed25519 signatures.
 @.planning/phases/04-security/04-RESEARCH.md
 @.planning/phases/04-security/04-01-SUMMARY.md
 
-@cameleer3-server-app/src/main/java/com/cameleer3/server/app/agent/SseConnectionManager.java
+@cameleer-server-app/src/main/java/com/cameleer/server/app/agent/SseConnectionManager.java
 
 <interfaces>
 <!-- From Plan 01 (will exist after execution): -->
@@ -98,10 +98,10 @@ public record AgentCommand(String id, CommandType type, String payload, String a
 <task type="auto" tdd="true">
   <name>Task 1: SsePayloadSigner + signing integration in SseConnectionManager</name>
   <files>
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/agent/SsePayloadSigner.java,
-    cameleer3-server-app/src/main/java/com/cameleer3/server/app/agent/SseConnectionManager.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/agent/SsePayloadSignerTest.java,
-    cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/SseSigningIT.java
+    cameleer-server-app/src/main/java/com/cameleer/server/app/agent/SsePayloadSigner.java,
+    cameleer-server-app/src/main/java/com/cameleer/server/app/agent/SseConnectionManager.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/agent/SsePayloadSignerTest.java,
+    cameleer-server-app/src/test/java/com/cameleer/server/app/security/SseSigningIT.java
   </files>
   <behavior>
     SsePayloadSigner unit tests:
@@ -155,7 +155,7 @@ public record AgentCommand(String id, CommandType type, String payload, String a
        - NOTE: This test depends on Plan 02's bootstrap token and JWT auth being in place. If Plan 03 executes before Plan 02, the test will need the TestSecurityHelper or a different auth approach. Since both are Wave 2 but independent, document this: "If Plan 02 is not yet complete, use TestSecurityHelper from Plan 01's temporary permit-all config."
   </action>
   <verify>
-    <automated>cd /c/Users/Hendrik/Documents/projects/cameleer3-server && mvn test -pl cameleer3-server-app -Dtest="SsePayloadSignerTest,SseSigningIT" -Dsurefire.reuseForks=false</automated>
+    <automated>cd /c/Users/Hendrik/Documents/projects/cameleer-server && mvn test -pl cameleer-server-app -Dtest="SsePayloadSignerTest,SseSigningIT" -Dsurefire.reuseForks=false</automated>
   </verify>
   <done>
     - SsePayloadSigner signs JSON payloads with Ed25519 and adds signature field

.planning/phases/04-security/04-03-SUMMARY.md

@@ -22,11 +22,11 @@ tech-stack:
 
 key-files:
   created:
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/agent/SsePayloadSigner.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/agent/SsePayloadSignerTest.java
-    - cameleer3-server-app/src/test/java/com/cameleer3/server/app/security/SseSigningIT.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/agent/SsePayloadSigner.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/agent/SsePayloadSignerTest.java
+    - cameleer-server-app/src/test/java/com/cameleer/server/app/security/SseSigningIT.java
   modified:
-    - cameleer3-server-app/src/main/java/com/cameleer3/server/app/agent/SseConnectionManager.java
+    - cameleer-server-app/src/main/java/com/cameleer/server/app/agent/SseConnectionManager.java
 
 key-decisions:
   - "Signed payload parsed to JsonNode before passing to SseEmitter to avoid double-quoting raw JSON strings"
@@ -73,10 +73,10 @@ _No REFACTOR commit needed -- implementation is clean and minimal._
 
 ## Files Created/Modified
 
-- `cameleer3-server-app/.../agent/SsePayloadSigner.java` - Component that signs JSON payloads with Ed25519 and adds signature field
-- `cameleer3-server-app/.../agent/SseConnectionManager.java` - Updated onCommandReady to sign payload before SSE delivery
-- `cameleer3-server-app/.../agent/SsePayloadSignerTest.java` - 7 unit tests for signing behavior and edge cases
-- `cameleer3-server-app/.../security/SseSigningIT.java` - 2 integration tests for end-to-end signature verification
+- `cameleer-server-app/.../agent/SsePayloadSigner.java` - Component that signs JSON payloads with Ed25519 and adds signature field
+- `cameleer-server-app/.../agent/SseConnectionManager.java` - Updated onCommandReady to sign payload before SSE delivery
+- `cameleer-server-app/.../agent/SsePayloadSignerTest.java` - 7 unit tests for signing behavior and edge cases
+- `cameleer-server-app/.../security/SseSigningIT.java` - 2 integration tests for end-to-end signature verification
 
 ## Decisions Made
 

.planning/phases/04-security/04-RESEARCH.md

@@ -6,7 +6,7 @@
 
 ## Summary
 
-This phase adds authentication and integrity protection to the Cameleer3 server. The implementation uses Spring Security 6.4.3 (managed by Spring Boot 3.4.3) with a custom `OncePerRequestFilter` for JWT validation, JDK 17 built-in Ed25519 for signing SSE payloads, and environment variable-based bootstrap tokens for agent registration. The approach is deliberately simple -- no OAuth2 resource server, no external identity provider, just symmetric HMAC JWTs for access control and Ed25519 signatures for payload integrity.
+This phase adds authentication and integrity protection to the Cameleer server. The implementation uses Spring Security 6.4.3 (managed by Spring Boot 3.4.3) with a custom `OncePerRequestFilter` for JWT validation, JDK 17 built-in Ed25519 for signing SSE payloads, and environment variable-based bootstrap tokens for agent registration. The approach is deliberately simple -- no OAuth2 resource server, no external identity provider, just symmetric HMAC JWTs for access control and Ed25519 signatures for payload integrity.
 
 The existing codebase has clear integration points: `AgentRegistrationController.register()` already returns `serverPublicKey: null` as a placeholder, `SseConnectionManager.onCommandReady()` is the signing hook for SSE events, and `WebConfig` already defines excluded paths that align with the public endpoint list. Spring Security's `SecurityFilterChain` replaces the need for hand-rolled authorization logic -- endpoints are protected by default, with explicit `permitAll()` for health, register, and docs.
 
@@ -89,7 +89,7 @@ The existing codebase has clear integration points: `AgentRegistrationController
 - **Ed25519 library:** Use JDK built-in. Zero external dependencies, native performance, well-tested in JDK 17+.
 - **Refresh token storage:** Use stateless signed refresh tokens (also HMAC-signed JWTs with different claims/expiry). This avoids any in-memory storage for refresh tokens and scales naturally. The refresh token is just a JWT with `type=refresh`, `sub=agentId`, and 7-day expiry. On refresh, validate the refresh JWT, check agent still exists, issue new access JWT.
 
-**Installation (add to cameleer3-server-app pom.xml):**
+**Installation (add to cameleer-server-app pom.xml):**
 ```xml
 <dependency>
     <groupId>org.springframework.boot</groupId>
@@ -108,12 +108,12 @@ Note: If `spring-boot-starter-security` brings Nimbus transitively (via `spring-
 
 ### Recommended Project Structure
 ```
-cameleer3-server-core/src/main/java/com/cameleer3/server/core/
+cameleer-server-core/src/main/java/com/cameleer/server/core/
   security/
     JwtService.java              # Interface: createAccessToken, createRefreshToken, validateToken, extractAgentId
     Ed25519SigningService.java    # Interface: sign(payload) -> signature, getPublicKeyBase64()
 
-cameleer3-server-app/src/main/java/com/cameleer3/server/app/
+cameleer-server-app/src/main/java/com/cameleer/server/app/
   security/
     JwtServiceImpl.java          # Nimbus JOSE+JWT HMAC implementation
     Ed25519SigningServiceImpl.java # JDK Ed25519 keypair + signing implementation
@@ -439,23 +439,23 @@ public boolean validateBootstrapToken(String provided) {
 | Property | Value |
 |----------|-------|
 | Framework | JUnit 5 + Spring Boot Test (spring-boot-starter-test) |
-| Config file | `cameleer3-server-app/src/test/resources/application-test.yml` |
-| Quick run command | `mvn test -pl cameleer3-server-app -Dtest=Security*Test -Dsurefire.reuseForks=false` |
+| Config file | `cameleer-server-app/src/test/resources/application-test.yml` |
+| Quick run command | `mvn test -pl cameleer-server-app -Dtest=Security*Test -Dsurefire.reuseForks=false` |
 | Full suite command | `mvn clean verify` |
 
 ### Phase Requirements to Test Map
 | Req ID | Behavior | Test Type | Automated Command | File Exists? |
 |--------|----------|-----------|-------------------|-------------|
-| SECU-01 | Protected endpoints reject requests without JWT; public endpoints accessible | integration | `mvn test -pl cameleer3-server-app -Dtest=SecurityFilterIT -Dsurefire.reuseForks=false` | No -- Wave 0 |
-| SECU-02 | Refresh endpoint issues new access JWT from valid refresh token | integration | `mvn test -pl cameleer3-server-app -Dtest=JwtRefreshIT -Dsurefire.reuseForks=false` | No -- Wave 0 |
-| SECU-03 | Ed25519 keypair generated at startup; public key in registration response | integration | `mvn test -pl cameleer3-server-app -Dtest=RegistrationSecurityIT -Dsurefire.reuseForks=false` | No -- Wave 0 |
-| SECU-04 | SSE payloads carry valid Ed25519 signature | integration | `mvn test -pl cameleer3-server-app -Dtest=SseSigningIT -Dsurefire.reuseForks=false` | No -- Wave 0 |
-| SECU-05 | Bootstrap token required for registration; rejects invalid/missing tokens | integration | `mvn test -pl cameleer3-server-app -Dtest=BootstrapTokenIT -Dsurefire.reuseForks=false` | No -- Wave 0 |
-| N/A | JWT creation, validation, expiry logic | unit | `mvn test -pl cameleer3-server-app -Dtest=JwtServiceTest -Dsurefire.reuseForks=false` | No -- Wave 0 |
-| N/A | Ed25519 signing and verification roundtrip | unit | `mvn test -pl cameleer3-server-app -Dtest=Ed25519SigningServiceTest -Dsurefire.reuseForks=false` | No -- Wave 0 |
+| SECU-01 | Protected endpoints reject requests without JWT; public endpoints accessible | integration | `mvn test -pl cameleer-server-app -Dtest=SecurityFilterIT -Dsurefire.reuseForks=false` | No -- Wave 0 |
+| SECU-02 | Refresh endpoint issues new access JWT from valid refresh token | integration | `mvn test -pl cameleer-server-app -Dtest=JwtRefreshIT -Dsurefire.reuseForks=false` | No -- Wave 0 |
+| SECU-03 | Ed25519 keypair generated at startup; public key in registration response | integration | `mvn test -pl cameleer-server-app -Dtest=RegistrationSecurityIT -Dsurefire.reuseForks=false` | No -- Wave 0 |
+| SECU-04 | SSE payloads carry valid Ed25519 signature | integration | `mvn test -pl cameleer-server-app -Dtest=SseSigningIT -Dsurefire.reuseForks=false` | No -- Wave 0 |
+| SECU-05 | Bootstrap token required for registration; rejects invalid/missing tokens | integration | `mvn test -pl cameleer-server-app -Dtest=BootstrapTokenIT -Dsurefire.reuseForks=false` | No -- Wave 0 |
+| N/A | JWT creation, validation, expiry logic | unit | `mvn test -pl cameleer-server-app -Dtest=JwtServiceTest -Dsurefire.reuseForks=false` | No -- Wave 0 |
+| N/A | Ed25519 signing and verification roundtrip | unit | `mvn test -pl cameleer-server-app -Dtest=Ed25519SigningServiceTest -Dsurefire.reuseForks=false` | No -- Wave 0 |
 
 ### Sampling Rate
-- **Per task commit:** `mvn test -pl cameleer3-server-app -Dsurefire.reuseForks=false`
+- **Per task commit:** `mvn test -pl cameleer-server-app -Dsurefire.reuseForks=false`
 - **Per wave merge:** `mvn clean verify`
 - **Phase gate:** Full suite green before `/gsd:verify-work`
 

.planning/phases/04-security/04-VALIDATION.md

@@ -18,8 +18,8 @@ created: 2026-03-11
 | Property | Value |
 |----------|-------|
 | **Framework** | JUnit 5 + Spring Boot Test + Spring Security Test |
-| **Config file** | cameleer3-server-app/src/test/resources/application-test.yml |
-| **Quick run command** | `mvn test -pl cameleer3-server-app -Dtest="Security*,Jwt*,Bootstrap*,Ed25519*" -Dsurefire.reuseForks=false` |
+| **Config file** | cameleer-server-app/src/test/resources/application-test.yml |
+| **Quick run command** | `mvn test -pl cameleer-server-app -Dtest="Security*,Jwt*,Bootstrap*,Ed25519*" -Dsurefire.reuseForks=false` |
 | **Full suite command** | `mvn clean verify` |
 | **Estimated runtime** | ~60 seconds |
 
@@ -27,7 +27,7 @@ created: 2026-03-11
 
 ## Sampling Rate
 
-- **After every task commit:** Run `mvn test -pl cameleer3-server-app -Dsurefire.reuseForks=false`
+- **After every task commit:** Run `mvn test -pl cameleer-server-app -Dsurefire.reuseForks=false`
 - **After every plan wave:** Run `mvn clean verify`
 - **Before `/gsd:verify-work`:** Full suite must be green
 - **Max feedback latency:** 60 seconds
@@ -38,13 +38,13 @@ created: 2026-03-11
 
 | Task ID | Plan | Wave | Requirement | Test Type | Automated Command | File Exists | Status |
 |---------|------|------|-------------|-----------|-------------------|-------------|--------|
-| 04-01-01 | 01 | 1 | SECU-03 | unit | `mvn test -pl cameleer3-server-app -Dtest=Ed25519SigningServiceTest -Dsurefire.reuseForks=false` | ❌ W0 | ⬜ pending |
-| 04-01-02 | 01 | 1 | SECU-01 | unit | `mvn test -pl cameleer3-server-app -Dtest=JwtServiceTest -Dsurefire.reuseForks=false` | ❌ W0 | ⬜ pending |
-| 04-01-03 | 01 | 1 | SECU-05 | integration | `mvn test -pl cameleer3-server-app -Dtest=BootstrapTokenIT -Dsurefire.reuseForks=false` | ❌ W0 | ⬜ pending |
-| 04-01-04 | 01 | 1 | SECU-01 | integration | `mvn test -pl cameleer3-server-app -Dtest=SecurityFilterIT -Dsurefire.reuseForks=false` | ❌ W0 | ⬜ pending |
-| 04-01-05 | 01 | 1 | SECU-02 | integration | `mvn test -pl cameleer3-server-app -Dtest=JwtRefreshIT -Dsurefire.reuseForks=false` | ❌ W0 | ⬜ pending |
-| 04-01-06 | 01 | 1 | SECU-04 | integration | `mvn test -pl cameleer3-server-app -Dtest=SseSigningIT -Dsurefire.reuseForks=false` | ❌ W0 | ⬜ pending |
-| 04-01-07 | 01 | 1 | N/A | integration | `mvn test -pl cameleer3-server-app -Dtest=RegistrationSecurityIT -Dsurefire.reuseForks=false` | ❌ W0 | ⬜ pending |
+| 04-01-01 | 01 | 1 | SECU-03 | unit | `mvn test -pl cameleer-server-app -Dtest=Ed25519SigningServiceTest -Dsurefire.reuseForks=false` | ❌ W0 | ⬜ pending |
+| 04-01-02 | 01 | 1 | SECU-01 | unit | `mvn test -pl cameleer-server-app -Dtest=JwtServiceTest -Dsurefire.reuseForks=false` | ❌ W0 | ⬜ pending |
+| 04-01-03 | 01 | 1 | SECU-05 | integration | `mvn test -pl cameleer-server-app -Dtest=BootstrapTokenIT -Dsurefire.reuseForks=false` | ❌ W0 | ⬜ pending |
+| 04-01-04 | 01 | 1 | SECU-01 | integration | `mvn test -pl cameleer-server-app -Dtest=SecurityFilterIT -Dsurefire.reuseForks=false` | ❌ W0 | ⬜ pending |
+| 04-01-05 | 01 | 1 | SECU-02 | integration | `mvn test -pl cameleer-server-app -Dtest=JwtRefreshIT -Dsurefire.reuseForks=false` | ❌ W0 | ⬜ pending |
+| 04-01-06 | 01 | 1 | SECU-04 | integration | `mvn test -pl cameleer-server-app -Dtest=SseSigningIT -Dsurefire.reuseForks=false` | ❌ W0 | ⬜ pending |
+| 04-01-07 | 01 | 1 | N/A | integration | `mvn test -pl cameleer-server-app -Dtest=RegistrationSecurityIT -Dsurefire.reuseForks=false` | ❌ W0 | ⬜ pending |
 
 *Status: ⬜ pending · ✅ green · ❌ red · ⚠️ flaky*
 

.planning/phases/04-security/04-VERIFICATION.md

@@ -39,19 +39,19 @@ All truths drawn from PLAN frontmatter must_haves across plans 01, 02, and 03.
 
 | Artifact | Provides | Status | Details |
 |----------|----------|--------|---------|
-| `cameleer3-server-core/.../security/JwtService.java` | JWT interface: createAccessToken, createRefreshToken, validateAndExtractAgentId, validateRefreshToken | VERIFIED | 49 lines, substantive interface with 4 methods |
-| `cameleer3-server-core/.../security/Ed25519SigningService.java` | Ed25519 interface: sign(payload), getPublicKeyBase64() | VERIFIED | 29 lines, substantive interface with 2 methods |
-| `cameleer3-server-app/.../security/JwtServiceImpl.java` | Nimbus JOSE+JWT HMAC-SHA256 implementation | VERIFIED | 120 lines; uses `MACSigner`/`MACVerifier`, ephemeral 256-bit secret, correct claims |
-| `cameleer3-server-app/.../security/Ed25519SigningServiceImpl.java` | JDK 17 Ed25519 KeyPairGenerator implementation | VERIFIED | 54 lines; `KeyPairGenerator.getInstance("Ed25519")`, `Signature.getInstance("Ed25519")`, Base64-encoded output |
-| `cameleer3-server-app/.../security/BootstrapTokenValidator.java` | Constant-time bootstrap token validation with dual-token rotation | VERIFIED | 50 lines; `MessageDigest.isEqual()`, checks current and previous token, null/blank guard |
-| `cameleer3-server-app/.../security/SecurityProperties.java` | Config binding with env var mapping | VERIFIED | 48 lines; `@ConfigurationProperties(prefix="security")`; all 4 fields with defaults |
-| `cameleer3-server-app/.../security/SecurityBeanConfig.java` | Bean wiring with fail-fast validation | VERIFIED | 43 lines; `@EnableConfigurationProperties`, all 3 service beans, `InitializingBean` check |
-| `cameleer3-server-app/.../security/JwtAuthenticationFilter.java` | OncePerRequestFilter extracting JWT from header or query param | VERIFIED | 72 lines; extracts from `Authorization: Bearer` then `?token=` query param; sets `SecurityContextHolder` |
-| `cameleer3-server-app/.../security/SecurityConfig.java` | SecurityFilterChain with permitAll for public paths, authenticated for rest | VERIFIED | 54 lines; stateless, CSRF disabled, correct permitAll list, `addFilterBefore` JwtAuthenticationFilter |
-| `cameleer3-server-app/.../controller/AgentRegistrationController.java` | Updated register endpoint with bootstrap token validation, JWT issuance, public key; refresh endpoint | VERIFIED | 230 lines; both `/register` and `/{id}/refresh` endpoints fully wired |
-| `cameleer3-server-app/.../agent/SsePayloadSigner.java` | Component that signs SSE command payloads | VERIFIED | 77 lines; `@Component`, signs then adds field, defensive null/blank handling |
-| `cameleer3-server-app/.../agent/SseConnectionManager.java` | Updated onCommandReady with signing before sendEvent | VERIFIED | `onCommandReady()` calls `ssePayloadSigner.signPayload()`, parses to `JsonNode` to avoid double-quoting |
-| `cameleer3-server-app/.../resources/application.yml` | Security config with env var mapping | VERIFIED | `security.bootstrap-token: ${CAMELEER_AUTH_TOKEN:}` and `security.bootstrap-token-previous: ${CAMELEER_AUTH_TOKEN_PREVIOUS:}` present |
+| `cameleer-server-core/.../security/JwtService.java` | JWT interface: createAccessToken, createRefreshToken, validateAndExtractAgentId, validateRefreshToken | VERIFIED | 49 lines, substantive interface with 4 methods |
+| `cameleer-server-core/.../security/Ed25519SigningService.java` | Ed25519 interface: sign(payload), getPublicKeyBase64() | VERIFIED | 29 lines, substantive interface with 2 methods |
+| `cameleer-server-app/.../security/JwtServiceImpl.java` | Nimbus JOSE+JWT HMAC-SHA256 implementation | VERIFIED | 120 lines; uses `MACSigner`/`MACVerifier`, ephemeral 256-bit secret, correct claims |
+| `cameleer-server-app/.../security/Ed25519SigningServiceImpl.java` | JDK 17 Ed25519 KeyPairGenerator implementation | VERIFIED | 54 lines; `KeyPairGenerator.getInstance("Ed25519")`, `Signature.getInstance("Ed25519")`, Base64-encoded output |
+| `cameleer-server-app/.../security/BootstrapTokenValidator.java` | Constant-time bootstrap token validation with dual-token rotation | VERIFIED | 50 lines; `MessageDigest.isEqual()`, checks current and previous token, null/blank guard |
+| `cameleer-server-app/.../security/SecurityProperties.java` | Config binding with env var mapping | VERIFIED | 48 lines; `@ConfigurationProperties(prefix="security")`; all 4 fields with defaults |
+| `cameleer-server-app/.../security/SecurityBeanConfig.java` | Bean wiring with fail-fast validation | VERIFIED | 43 lines; `@EnableConfigurationProperties`, all 3 service beans, `InitializingBean` check |
+| `cameleer-server-app/.../security/JwtAuthenticationFilter.java` | OncePerRequestFilter extracting JWT from header or query param | VERIFIED | 72 lines; extracts from `Authorization: Bearer` then `?token=` query param; sets `SecurityContextHolder` |
+| `cameleer-server-app/.../security/SecurityConfig.java` | SecurityFilterChain with permitAll for public paths, authenticated for rest | VERIFIED | 54 lines; stateless, CSRF disabled, correct permitAll list, `addFilterBefore` JwtAuthenticationFilter |
+| `cameleer-server-app/.../controller/AgentRegistrationController.java` | Updated register endpoint with bootstrap token validation, JWT issuance, public key; refresh endpoint | VERIFIED | 230 lines; both `/register` and `/{id}/refresh` endpoints fully wired |
+| `cameleer-server-app/.../agent/SsePayloadSigner.java` | Component that signs SSE command payloads | VERIFIED | 77 lines; `@Component`, signs then adds field, defensive null/blank handling |
+| `cameleer-server-app/.../agent/SseConnectionManager.java` | Updated onCommandReady with signing before sendEvent | VERIFIED | `onCommandReady()` calls `ssePayloadSigner.signPayload()`, parses to `JsonNode` to avoid double-quoting |
+| `cameleer-server-app/.../resources/application.yml` | Security config with env var mapping | VERIFIED | `security.bootstrap-token: ${CAMELEER_AUTH_TOKEN:}` and `security.bootstrap-token-previous: ${CAMELEER_AUTH_TOKEN_PREVIOUS:}` present |
 
 ### Key Link Verification
 

.planning/research/ARCHITECTURE.md

@@ -57,7 +57,7 @@ Agents (50+)                        Users / UI
 Agent POST /api/v1/ingest
     |
     v
-[IngestController] -- validates JWT, deserializes using cameleer3-common models
+[IngestController] -- validates JWT, deserializes using cameleer-common models
     |
     v
 [IngestionService.accept(batch)] -- accepts TransactionData/ActivityData
@@ -126,7 +126,7 @@ Each registered SseEmitter sends event to connected agent
 Agent POST /api/v1/diagrams (on startup or route change)
     |
     v
-[DiagramController] -- receives route definition (XML/YAML/JSON from cameleer3-common)
+[DiagramController] -- receives route definition (XML/YAML/JSON from cameleer-common)
     |
     v
 [DiagramService.storeVersion(definition)]
@@ -341,11 +341,11 @@ public record PageCursor(Instant timestamp, String id) {}
 
 ## Module Boundary Design
 
-### Core Module (`cameleer3-server-core`)
+### Core Module (`cameleer-server-core`)
 
 The core module is the domain layer. It contains:
 
-- **Domain models** -- Transaction, Activity, Agent, DiagramVersion, etc. (may extend or complement cameleer3-common models)
+- **Domain models** -- Transaction, Activity, Agent, DiagramVersion, etc. (may extend or complement cameleer-common models)
 - **Service interfaces and implementations** -- TransactionService, AgentRegistryService, DiagramService, QueryEngine
 - **Repository interfaces** -- TransactionRepository, DiagramRepository, AgentRepository (interfaces only, no implementations)
 - **Ingestion logic** -- WriteBuffer, batch assembly, backpressure signaling
@@ -356,7 +356,7 @@ The core module is the domain layer. It contains:
 
 **No Spring Boot dependencies.** Jackson is acceptable (already present). JUnit for tests.
 
-### App Module (`cameleer3-server-app`)
+### App Module (`cameleer-server-app`)
 
 The app module is the infrastructure/adapter layer. It contains:
 
@@ -376,8 +376,8 @@ The app module is the infrastructure/adapter layer. It contains:
 ```
 app --> core (allowed)
 core --> app (NEVER)
-core --> cameleer3-common (allowed)
-app --> cameleer3-common (transitively via core)
+core --> cameleer-common (allowed)
+app --> cameleer-common (transitively via core)
 ```
 
 ## Ingestion Pipeline Detail
@@ -393,7 +393,7 @@ Use a two-stage approach:
 
 - WriteBuffer has a bounded capacity (configurable, default 50,000 items).
 - When buffer is >80% full, respond with HTTP 429 + `Retry-After` header.
-- Agents (cameleer3) should implement exponential backoff on 429.
+- Agents (cameleer) should implement exponential backoff on 429.
 - Monitor buffer fill level as a metric.
 
 ### Batch Size Tuning

.planning/research/PITFALLS.md

@@ -1,6 +1,6 @@
 # Domain Pitfalls
 
-**Domain:** Transaction monitoring / observability server (Cameleer3 Server)
+**Domain:** Transaction monitoring / observability server (Cameleer Server)
 **Researched:** 2026-03-11
 **Confidence:** MEDIUM (based on established patterns for ClickHouse, SSE, high-volume ingestion; no web verification available)
 

.planning/research/STACK.md

@@ -1,6 +1,6 @@
 # Technology Stack
 
-**Project:** Cameleer3 Server
+**Project:** Cameleer Server
 **Researched:** 2026-03-11
 **Overall confidence:** MEDIUM (no live source verification available; versions based on training data up to May 2025)
 

.planning/research/SUMMARY.md

@@ -1,4 +1,4 @@
-# Research Summary: Cameleer3 Server
+# Research Summary: Cameleer Server
 
 **Domain:** Transaction observability server for Apache Camel integrations
 **Researched:** 2026-03-11
@@ -6,7 +6,7 @@
 
 ## Executive Summary
 
-Cameleer3 Server is a write-heavy, read-occasional observability system that receives millions of transaction records per day from distributed Apache Camel agents, stores them with 30-day retention, and provides structured + full-text search. The architecture closely parallels established observability platforms like Jaeger, Zipkin, and njams Server, with the key differentiator being Camel route diagram visualization tied to individual transactions.
+Cameleer Server is a write-heavy, read-occasional observability system that receives millions of transaction records per day from distributed Apache Camel agents, stores them with 30-day retention, and provides structured + full-text search. The architecture closely parallels established observability platforms like Jaeger, Zipkin, and njams Server, with the key differentiator being Camel route diagram visualization tied to individual transactions.
 
 The recommended stack centers on **ClickHouse** as the primary data store. ClickHouse's columnar MergeTree engine provides the exact properties this project needs: massive batch insert throughput, excellent time-range query performance, native TTL-based retention, and 10-20x compression on structured observability data. This is a well-established pattern used by production observability platforms (SigNoz, Uptrace, PostHog all run on ClickHouse).
 
@@ -93,9 +93,9 @@ Based on research, suggested phase structure:
 ## Gaps to Address
 
 - **ClickHouse Java client API:** The clickhouse-java library has undergone significant changes. Exact API, connection pooling, and Spring Boot integration patterns need phase-specific research
-- **cameleer3-common PROTOCOL.md:** Must read the agent protocol definition before designing ClickHouse schema -- this defines the exact data structures being ingested
+- **cameleer-common PROTOCOL.md:** Must read the agent protocol definition before designing ClickHouse schema -- this defines the exact data structures being ingested
 - **ClickHouse Docker setup:** Optimal ClickHouse Docker configuration (memory limits, merge settings) for development and production
 - **Full-text search decision:** ClickHouse skip indexes may or may not meet the "search by any content" requirement. This needs prototyping with realistic data
-- **Diagram rendering library:** Server-side route diagram rendering is a significant unknown; needs prototyping with actual Camel route graph data from cameleer3-common
+- **Diagram rendering library:** Server-side route diagram rendering is a significant unknown; needs prototyping with actual Camel route graph data from cameleer-common
 - **Frontend framework:** No research on UI technology -- deferred to UI phase
-- **Agent protocol stability:** The cameleer3-common protocol is still evolving. Schema evolution strategy needs alignment with agent development
+- **Agent protocol stability:** The cameleer-common protocol is still evolving. Schema evolution strategy needs alignment with agent development

.superpowers/brainstorm/10188-1774613058/.server-stopped

@@ -0,0 +1 @@
+{"reason":"idle timeout","timestamp":1774616238650}

.superpowers/brainstorm/10188-1774613058/.server.pid

@@ -0,0 +1 @@
+10188

.superpowers/brainstorm/10188-1774613058/component-hierarchy.html

@@ -0,0 +1,105 @@
+<h2>ProcessDiagram Component Hierarchy</h2>
+<p class="subtitle">How the SVG rendering is structured — from data fetch to pixels</p>
+
+<div class="section">
+  <div class="mockup">
+    <div class="mockup-header">Component Tree</div>
+    <div class="mockup-body" style="padding: 20px; font-family: 'JetBrains Mono', monospace; font-size: 13px; line-height: 1.8; color: #1A1612;">
+      <div><strong style="color: #1A7F8E;">ProcessDiagram</strong> &mdash; root, fetches layout, manages state</div>
+      <div style="padding-left: 24px; border-left: 2px solid #E4DFD8;">
+        <div>&lt;svg&gt; container with viewBox (zoom/pan transforms)</div>
+        <div style="padding-left: 24px; border-left: 2px solid #E4DFD8;">
+          <div><strong style="color: #7C3AED;">DiagramSection</strong> label="Main Route"</div>
+          <div style="padding-left: 24px; border-left: 2px solid #E4DFD8;">
+            <div><strong style="color: #9C9184;">&lt;g&gt;</strong> edges layer (rendered first, behind nodes)</div>
+            <div style="padding-left: 24px;">
+              <div><strong style="color: #C6820E;">DiagramEdge</strong> &times; N &mdash; SVG &lt;path&gt; with arrowhead</div>
+            </div>
+            <div><strong style="color: #9C9184;">&lt;g&gt;</strong> nodes layer</div>
+            <div style="padding-left: 24px;">
+              <div><strong style="color: #C6820E;">DiagramNode</strong> &times; N &mdash; top-bar card</div>
+              <div style="padding-left: 24px; border-left: 2px solid #E4DFD8;">
+                <div><strong style="color: #3D7C47;">ConfigBadge</strong> &times; 0..N &mdash; tap/trace indicators</div>
+                <div><strong style="color: #3D7C47;">NodeToolbar</strong> &mdash; floating on hover</div>
+              </div>
+              <div><strong style="color: #C6820E;">CompoundNode</strong> &times; 0..N &mdash; choice/split container</div>
+              <div style="padding-left: 24px; border-left: 2px solid #E4DFD8;">
+                <div><strong style="color: #C6820E;">DiagramNode</strong> &times; N &mdash; children inside compound</div>
+              </div>
+            </div>
+          </div>
+          <div style="margin-top: 8px;"><strong style="color: #C0392B;">DiagramSection</strong> label="onException" variant="error"</div>
+          <div style="padding-left: 24px; border-left: 2px solid #C0392B;">
+            <div><em style="color: #9C9184;">same edge + node structure as above</em></div>
+          </div>
+        </div>
+        <div style="margin-top: 8px;"><strong style="color: #1A7F8E;">ZoomControls</strong> &mdash; HTML overlay (not SVG)</div>
+      </div>
+    </div>
+  </div>
+</div>
+
+<div class="section" style="margin-top: 24px;">
+  <div class="mockup">
+    <div class="mockup-header">SVG Structure (simplified)</div>
+    <div class="mockup-body" style="padding: 20px; font-family: 'JetBrains Mono', monospace; font-size: 12px; line-height: 1.7; color: #5C5347; background: #F5F2ED;">
+<pre style="margin: 0;">&lt;div class="process-diagram"&gt;            <span style="color:#9C9184">/* wrapper div */</span>
+  &lt;svg viewBox="0 0 {w} {h}"&gt;            <span style="color:#9C9184">/* zoom = viewBox transform */</span>
+    &lt;g class="diagram-content"&gt;           <span style="color:#9C9184">/* pan offset */</span>
+
+      <span style="color:#7C3AED">&lt;!-- Main Route section --&gt;</span>
+      &lt;g class="section section--main"&gt;
+        &lt;g class="edges"&gt;
+          &lt;path d="M 100 40 C ..." /&gt;     <span style="color:#9C9184">/* cubic bezier edge */</span>
+          &lt;marker&gt;...&lt;/marker&gt;             <span style="color:#9C9184">/* arrowhead def */</span>
+        &lt;/g&gt;
+        &lt;g class="nodes"&gt;
+          &lt;g transform="translate(x, y)"&gt; <span style="color:#9C9184">/* positioned by ELK */</span>
+            &lt;rect .../&gt;                    <span style="color:#9C9184">/* card background */</span>
+            &lt;rect .../&gt;                    <span style="color:#9C9184">/* color top bar */</span>
+            &lt;text&gt;LOG&lt;/text&gt;              <span style="color:#9C9184">/* label */</span>
+            &lt;g class="badges"&gt;...&lt;/g&gt;     <span style="color:#9C9184">/* config indicators */</span>
+          &lt;/g&gt;
+        &lt;/g&gt;
+      &lt;/g&gt;
+
+      <span style="color:#C0392B">&lt;!-- Error Handler section --&gt;</span>
+      &lt;g class="section section--error"
+         transform="translate(0, {mainH + gap})"&gt;
+        &lt;text&gt;onException&lt;/text&gt;          <span style="color:#9C9184">/* section label */</span>
+        &lt;line .../&gt;                        <span style="color:#9C9184">/* divider line */</span>
+        &lt;g class="edges"&gt;...&lt;/g&gt;
+        &lt;g class="nodes"&gt;...&lt;/g&gt;
+      &lt;/g&gt;
+
+    &lt;/g&gt;
+  &lt;/svg&gt;
+  &lt;div class="zoom-controls"&gt;...&lt;/div&gt;    <span style="color:#9C9184">/* HTML overlay */</span>
+&lt;/div&gt;</pre>
+    </div>
+  </div>
+</div>
+
+<div class="section" style="margin-top: 24px;">
+  <div class="mockup">
+    <div class="mockup-header">Data Flow</div>
+    <div class="mockup-body" style="padding: 20px; font-family: 'JetBrains Mono', monospace; font-size: 12px; line-height: 1.8; color: #5C5347;">
+<pre style="margin: 0;">
+<span style="color:#1A7F8E">GET /diagrams/{hash}/render?direction=LR</span>
+        │
+        ▼
+  DiagramLayout { nodes[], edges[], width, height }
+        │
+        ▼
+  <span style="color:#7C3AED">separateFlows(nodes)</span>  →  mainNodes[] + errorSections[]
+        │                       │
+        ▼                       ▼
+  <span style="color:#C6820E">renderMainSection()</span>    <span style="color:#C0392B">renderErrorSection()</span>
+        │                       │
+        ▼                       ▼
+  SVG groups with              SVG groups offset below
+  ELK x/y coordinates         main section by mainHeight + gap
+</pre>
+    </div>
+  </div>
+</div>

.superpowers/brainstorm/10188-1774613058/interactions-detail.html

@@ -0,0 +1,164 @@
+<h2>Node Interactions & Config Badges</h2>
+<p class="subtitle">Hover toolbar, selection states, and active config indicators</p>
+
+<div class="section">
+  <div class="mockup">
+    <div class="mockup-header">Node States</div>
+    <div class="mockup-body" style="padding: 24px; background: #F5F2ED;">
+      <svg width="100%" height="340" viewBox="0 0 520 340">
+
+        <!-- 1. Normal state -->
+        <text x="10" y="16" fill="#9C9184" font-size="11" font-weight="600">NORMAL</text>
+        <g transform="translate(10, 24)">
+          <rect x="0" y="0" width="200" height="56" rx="4" fill="white" stroke="#E4DFD8" stroke-width="1"/>
+          <rect x="0" y="0" width="200" height="6" rx="4" fill="#C6820E"/>
+          <rect x="4" y="0" width="192" height="6" fill="#C6820E"/>
+          <text x="16" y="32" fill="#C6820E" font-size="14">&#9881;</text>
+          <text x="36" y="28" fill="#1A1612" font-size="11" font-weight="600">LOG</text>
+          <text x="36" y="44" fill="#5C5347" font-size="10">Processing order</text>
+        </g>
+
+        <!-- 2. Hovered state with toolbar -->
+        <text x="270" y="16" fill="#9C9184" font-size="11" font-weight="600">HOVERED (toolbar appears)</text>
+        <g transform="translate(270, 24)">
+          <rect x="0" y="0" width="200" height="56" rx="4" fill="#FFFCF5" stroke="#C6820E" stroke-width="1.5"/>
+          <rect x="0" y="0" width="200" height="6" rx="4" fill="#C6820E"/>
+          <rect x="4" y="0" width="192" height="6" fill="#C6820E"/>
+          <text x="16" y="32" fill="#C6820E" font-size="14">&#9881;</text>
+          <text x="36" y="28" fill="#1A1612" font-size="11" font-weight="600">LOG</text>
+          <text x="36" y="44" fill="#5C5347" font-size="10">Processing order</text>
+          <!-- Floating toolbar -->
+          <g transform="translate(30, -32)">
+            <rect x="0" y="0" width="140" height="28" rx="6" fill="#1A1612" opacity="0.92"/>
+            <!-- Icons as circles -->
+            <g transform="translate(10, 4)">
+              <circle cx="10" cy="10" r="9" fill="rgba(255,255,255,0.15)"/>
+              <text x="10" y="14" fill="white" font-size="11" text-anchor="middle">&#128269;</text>
+            </g>
+            <g transform="translate(40, 4)">
+              <circle cx="10" cy="10" r="9" fill="rgba(255,255,255,0.15)"/>
+              <text x="10" y="14" fill="white" font-size="11" text-anchor="middle">T</text>
+            </g>
+            <g transform="translate(70, 4)">
+              <circle cx="10" cy="10" r="9" fill="rgba(255,255,255,0.15)"/>
+              <text x="10" y="14" fill="white" font-size="11" text-anchor="middle">&#9998;</text>
+            </g>
+            <g transform="translate(100, 4)">
+              <circle cx="10" cy="10" r="9" fill="rgba(255,255,255,0.15)"/>
+              <text x="10" y="14" fill="white" font-size="11" text-anchor="middle">&#8943;</text>
+            </g>
+          </g>
+        </g>
+
+        <!-- 3. Selected state -->
+        <text x="10" y="112" fill="#9C9184" font-size="11" font-weight="600">SELECTED (click)</text>
+        <g transform="translate(10, 120)">
+          <rect x="-2" y="-2" width="204" height="60" rx="6" fill="none" stroke="#C6820E" stroke-width="2.5" stroke-dasharray="none"/>
+          <rect x="0" y="0" width="200" height="56" rx="4" fill="white" stroke="#C6820E" stroke-width="1"/>
+          <rect x="0" y="0" width="200" height="6" rx="4" fill="#C6820E"/>
+          <rect x="4" y="0" width="192" height="6" fill="#C6820E"/>
+          <text x="16" y="32" fill="#C6820E" font-size="14">&#9881;</text>
+          <text x="36" y="28" fill="#1A1612" font-size="11" font-weight="600">LOG</text>
+          <text x="36" y="44" fill="#5C5347" font-size="10">Processing order</text>
+        </g>
+
+        <!-- 4. With config badges -->
+        <text x="270" y="112" fill="#9C9184" font-size="11" font-weight="600">WITH CONFIG BADGES</text>
+        <g transform="translate(270, 120)">
+          <rect x="0" y="0" width="200" height="56" rx="4" fill="white" stroke="#E4DFD8" stroke-width="1"/>
+          <rect x="0" y="0" width="200" height="6" rx="4" fill="#C6820E"/>
+          <rect x="4" y="0" width="192" height="6" fill="#C6820E"/>
+          <text x="16" y="32" fill="#C6820E" font-size="14">&#9881;</text>
+          <text x="36" y="28" fill="#1A1612" font-size="11" font-weight="600">LOG</text>
+          <text x="36" y="44" fill="#5C5347" font-size="10">Processing order</text>
+          <!-- Trace badge (top-right corner) -->
+          <g transform="translate(165, -6)">
+            <rect x="0" y="0" width="38" height="16" rx="8" fill="#1A7F8E"/>
+            <text x="19" y="12" fill="white" font-size="8" font-weight="600" text-anchor="middle">TRACE</text>
+          </g>
+          <!-- Tap badge -->
+          <g transform="translate(124, -6)">
+            <rect x="0" y="0" width="36" height="16" rx="8" fill="#7C3AED"/>
+            <text x="18" y="12" fill="white" font-size="8" font-weight="600" text-anchor="middle">TAP</text>
+          </g>
+        </g>
+
+        <!-- 5. Error node style -->
+        <text x="10" y="210" fill="#9C9184" font-size="11" font-weight="600">ERROR HANDLER NODE</text>
+        <g transform="translate(10, 218)">
+          <rect x="0" y="0" width="200" height="56" rx="4" fill="white" stroke="#E4DFD8" stroke-width="1"/>
+          <rect x="0" y="0" width="200" height="6" rx="4" fill="#C0392B"/>
+          <rect x="4" y="0" width="192" height="6" fill="#C0392B"/>
+          <text x="16" y="32" fill="#C0392B" font-size="14">&#9888;</text>
+          <text x="36" y="28" fill="#1A1612" font-size="11" font-weight="600">ON_EXCEPTION</text>
+          <text x="36" y="44" fill="#5C5347" font-size="10">java.lang.Exception</text>
+        </g>
+
+        <!-- 6. Compound node (Choice) -->
+        <text x="270" y="210" fill="#9C9184" font-size="11" font-weight="600">COMPOUND NODE (CHOICE)</text>
+        <g transform="translate(270, 218)">
+          <rect x="0" y="0" width="220" height="110" rx="4" fill="white" stroke="#7C3AED" stroke-width="1.5"/>
+          <rect x="0" y="0" width="220" height="22" rx="4" fill="#7C3AED"/>
+          <rect x="4" y="4" width="212" height="18" fill="#7C3AED"/>
+          <text x="110" y="16" fill="white" font-size="10" font-weight="600" text-anchor="middle">&#9670; CHOICE</text>
+          <!-- Children -->
+          <g transform="translate(10, 30)">
+            <rect x="0" y="0" width="200" height="32" rx="3" fill="white" stroke="#E4DFD8" stroke-width="1"/>
+            <rect x="0" y="0" width="200" height="4" rx="3" fill="#7C3AED"/>
+            <rect x="3" y="0" width="194" height="4" fill="#7C3AED"/>
+            <text x="12" y="22" fill="#7C3AED" font-size="10">&#9670;</text>
+            <text x="28" y="22" fill="#1A1612" font-size="10" font-weight="600">WHEN</text>
+            <text x="66" y="22" fill="#5C5347" font-size="9">type == 'A'</text>
+          </g>
+          <g transform="translate(10, 70)">
+            <rect x="0" y="0" width="200" height="32" rx="3" fill="white" stroke="#E4DFD8" stroke-width="1"/>
+            <rect x="0" y="0" width="200" height="4" rx="3" fill="#7C3AED"/>
+            <rect x="3" y="0" width="194" height="4" fill="#7C3AED"/>
+            <text x="12" y="22" fill="#7C3AED" font-size="10">&#9670;</text>
+            <text x="28" y="22" fill="#1A1612" font-size="10" font-weight="600">OTHERWISE</text>
+          </g>
+        </g>
+
+      </svg>
+    </div>
+  </div>
+</div>
+
+<div class="section" style="margin-top: 24px;">
+  <div class="mockup">
+    <div class="mockup-header">Toolbar Actions</div>
+    <div class="mockup-body" style="padding: 16px;">
+      <table style="width: 100%; border-collapse: collapse; font-size: 13px;">
+        <thead>
+          <tr style="border-bottom: 2px solid #E4DFD8;">
+            <th style="text-align: left; padding: 8px; color: #5C5347;">Icon</th>
+            <th style="text-align: left; padding: 8px; color: #5C5347;">Action</th>
+            <th style="text-align: left; padding: 8px; color: #5C5347;">Description</th>
+          </tr>
+        </thead>
+        <tbody>
+          <tr style="border-bottom: 1px solid #EDE9E3;">
+            <td style="padding: 8px;">&#128269;</td>
+            <td style="padding: 8px; font-weight: 600;">Inspect</td>
+            <td style="padding: 8px; color: #5C5347;">Select node &amp; open detail side-panel</td>
+          </tr>
+          <tr style="border-bottom: 1px solid #EDE9E3;">
+            <td style="padding: 8px;">T</td>
+            <td style="padding: 8px; font-weight: 600;">Toggle Trace</td>
+            <td style="padding: 8px; color: #5C5347;">Enable/disable capture of input+output for this processor</td>
+          </tr>
+          <tr style="border-bottom: 1px solid #EDE9E3;">
+            <td style="padding: 8px;">&#9998;</td>
+            <td style="padding: 8px; font-weight: 600;">Configure Tap</td>
+            <td style="padding: 8px; color: #5C5347;">Open tap expression editor for this processor</td>
+          </tr>
+          <tr>
+            <td style="padding: 8px;">&#8943;</td>
+            <td style="padding: 8px; font-weight: 600;">More</td>
+            <td style="padding: 8px; color: #5C5347;">Copy processor ID, jump to code, view in search</td>
+          </tr>
+        </tbody>
+      </table>
+    </div>
+  </div>
+</div>

.superpowers/brainstorm/10188-1774613058/node-interactions.html

@@ -0,0 +1,119 @@
+<h2>Node Interaction Model</h2>
+<p class="subtitle">What happens when you interact with a processor node on the diagram?</p>
+
+<div class="cards">
+  <!-- Option A: Click-to-select + context menu -->
+  <div class="card" data-choice="a" onclick="toggleSelect(this)">
+    <div class="card-image" style="padding: 24px; background: #F5F2ED;">
+      <svg width="100%" height="180" viewBox="0 0 420 180">
+        <!-- Normal node -->
+        <g transform="translate(10, 10)">
+          <rect x="0" y="0" width="180" height="56" rx="4" fill="white" stroke="#E4DFD8" stroke-width="1"/>
+          <rect x="0" y="0" width="180" height="6" rx="4" fill="#C6820E"/>
+          <rect x="4" y="0" width="172" height="6" fill="#C6820E"/>
+          <text x="16" y="32" fill="#C6820E" font-size="14">&#9881;</text>
+          <text x="36" y="30" fill="#1A1612" font-size="11" font-weight="600">LOG</text>
+          <text x="36" y="44" fill="#5C5347" font-size="10">Processing order</text>
+          <text x="96" y="72" fill="#9C9184" font-size="10" text-anchor="middle" font-style="italic">normal state</text>
+        </g>
+
+        <!-- Selected node (amber ring) -->
+        <g transform="translate(10, 100)">
+          <rect x="-2" y="-2" width="184" height="60" rx="6" fill="none" stroke="#C6820E" stroke-width="2.5"/>
+          <rect x="0" y="0" width="180" height="56" rx="4" fill="white" stroke="#C6820E" stroke-width="1"/>
+          <rect x="0" y="0" width="180" height="6" rx="4" fill="#C6820E"/>
+          <rect x="4" y="0" width="172" height="6" fill="#C6820E"/>
+          <text x="16" y="32" fill="#C6820E" font-size="14">&#9881;</text>
+          <text x="36" y="30" fill="#1A1612" font-size="11" font-weight="600">LOG</text>
+          <text x="36" y="44" fill="#5C5347" font-size="10">Processing order</text>
+          <text x="96" y="72" fill="#C6820E" font-size="10" text-anchor="middle" font-weight="600">click = select</text>
+        </g>
+
+        <!-- Context menu on right-click -->
+        <g transform="translate(220, 10)">
+          <rect x="0" y="0" width="180" height="56" rx="4" fill="white" stroke="#E4DFD8" stroke-width="1"/>
+          <rect x="0" y="0" width="180" height="6" rx="4" fill="#C6820E"/>
+          <rect x="4" y="0" width="172" height="6" fill="#C6820E"/>
+          <text x="16" y="32" fill="#C6820E" font-size="14">&#9881;</text>
+          <text x="36" y="30" fill="#1A1612" font-size="11" font-weight="600">LOG</text>
+          <text x="36" y="44" fill="#5C5347" font-size="10">Processing order</text>
+          <!-- Context menu -->
+          <g transform="translate(100, 40)">
+            <rect x="0" y="0" width="140" height="96" rx="6" fill="white" stroke="#E4DFD8" stroke-width="1" filter="url(#shadow)"/>
+            <text x="12" y="20" fill="#1A1612" font-size="11">&#128269; View Snapshot</text>
+            <line x1="8" y1="28" x2="132" y2="28" stroke="#EDE9E3" stroke-width="1"/>
+            <text x="12" y="44" fill="#1A7F8E" font-size="11">&#9881; Enable Tracing</text>
+            <text x="12" y="64" fill="#1A7F8E" font-size="11">&#128204; Set Tap</text>
+            <line x1="8" y1="72" x2="132" y2="72" stroke="#EDE9E3" stroke-width="1"/>
+            <text x="12" y="88" fill="#5C5347" font-size="11">&#128203; Copy Processor ID</text>
+          </g>
+          <text x="90" y="152" fill="#9C9184" font-size="10" text-anchor="middle" font-style="italic">right-click = context menu</text>
+        </g>
+
+        <defs>
+          <filter id="shadow" x="-4" y="-2" width="148" height="104">
+            <feDropShadow dx="0" dy="2" stdDeviation="4" flood-opacity="0.12"/>
+          </filter>
+        </defs>
+      </svg>
+    </div>
+    <div class="card-body">
+      <h3>A: Click-Select + Right-Click Menu</h3>
+      <p>Click to select a node (amber highlight ring). Right-click for context menu with tracing/tap/snapshot actions. Clean separation of concerns. Standard desktop UX.</p>
+    </div>
+  </div>
+
+  <!-- Option B: Hover toolbar -->
+  <div class="card" data-choice="b" onclick="toggleSelect(this)">
+    <div class="card-image" style="padding: 24px; background: #F5F2ED;">
+      <svg width="100%" height="180" viewBox="0 0 420 180">
+        <!-- Normal node -->
+        <g transform="translate(10, 10)">
+          <rect x="0" y="0" width="180" height="56" rx="4" fill="white" stroke="#E4DFD8" stroke-width="1"/>
+          <rect x="0" y="0" width="180" height="6" rx="4" fill="#C6820E"/>
+          <rect x="4" y="0" width="172" height="6" fill="#C6820E"/>
+          <text x="16" y="32" fill="#C6820E" font-size="14">&#9881;</text>
+          <text x="36" y="30" fill="#1A1612" font-size="11" font-weight="600">LOG</text>
+          <text x="36" y="44" fill="#5C5347" font-size="10">Processing order</text>
+          <text x="96" y="72" fill="#9C9184" font-size="10" text-anchor="middle" font-style="italic">normal state</text>
+        </g>
+
+        <!-- Hovered node with floating toolbar -->
+        <g transform="translate(10, 100)">
+          <rect x="0" y="0" width="180" height="56" rx="4" fill="#FFFCF5" stroke="#C6820E" stroke-width="1.5"/>
+          <rect x="0" y="0" width="180" height="6" rx="4" fill="#C6820E"/>
+          <rect x="4" y="0" width="172" height="6" fill="#C6820E"/>
+          <text x="16" y="32" fill="#C6820E" font-size="14">&#9881;</text>
+          <text x="36" y="30" fill="#1A1612" font-size="11" font-weight="600">LOG</text>
+          <text x="36" y="44" fill="#5C5347" font-size="10">Processing order</text>
+          <!-- Floating toolbar above -->
+          <g transform="translate(20, -30)">
+            <rect x="0" y="0" width="140" height="26" rx="13" fill="#1A1612" opacity="0.9"/>
+            <text x="18" y="17" fill="white" font-size="12" title="View">&#128269;</text>
+            <text x="46" y="17" fill="white" font-size="12" title="Trace">&#9881;</text>
+            <text x="74" y="17" fill="white" font-size="12" title="Tap">&#128204;</text>
+            <text x="102" y="17" fill="white" font-size="12" title="Copy">&#128203;</text>
+            <text x="124" y="17" fill="white" font-size="12" title="More">&#8943;</text>
+          </g>
+          <text x="96" y="72" fill="#C6820E" font-size="10" text-anchor="middle" font-weight="600">hover = toolbar appears</text>
+        </g>
+
+        <!-- Click = select (same as A) -->
+        <g transform="translate(220, 50)">
+          <rect x="-2" y="-2" width="184" height="60" rx="6" fill="none" stroke="#C6820E" stroke-width="2.5"/>
+          <rect x="0" y="0" width="180" height="56" rx="4" fill="white" stroke="#C6820E" stroke-width="1"/>
+          <rect x="0" y="0" width="180" height="6" rx="4" fill="#C6820E"/>
+          <rect x="4" y="0" width="172" height="6" fill="#C6820E"/>
+          <text x="16" y="32" fill="#C6820E" font-size="14">&#9881;</text>
+          <text x="36" y="30" fill="#1A1612" font-size="11" font-weight="600">LOG</text>
+          <text x="36" y="44" fill="#5C5347" font-size="10">Processing order</text>
+          <text x="96" y="72" fill="#C6820E" font-size="10" text-anchor="middle" font-weight="600">click = select</text>
+        </g>
+      </svg>
+    </div>
+    <div class="card-body">
+      <h3>B: Hover Floating Toolbar</h3>
+      <p>Hover reveals a dark floating icon toolbar above the node. Click still selects. More discoverable than right-click, but can feel cluttered on dense diagrams.</p>
+    </div>
+  </div>
+</div>

.superpowers/brainstorm/10188-1774613058/node-style.html

@@ -0,0 +1,208 @@
+<h2>Node Visual Style</h2>
+<p class="subtitle">Which processor node style fits our design system best? Think MuleSoft / TIBCO BW5 but adapted to our warm parchment theme.</p>
+
+<div class="cards">
+  <!-- Option A: Icon-first blocks (MuleSoft-inspired) -->
+  <div class="card" data-choice="a" onclick="toggleSelect(this)">
+    <div class="card-image" style="padding: 24px; background: #F5F2ED;">
+      <svg width="100%" height="220" viewBox="0 0 400 220">
+        <!-- FROM node -->
+        <g transform="translate(20, 10)">
+          <rect x="0" y="0" width="160" height="56" rx="8" fill="#1A7F8E" opacity="0.12" stroke="#1A7F8E" stroke-width="1.5"/>
+          <rect x="0" y="0" width="42" height="56" rx="8" fill="#1A7F8E"/>
+          <rect x="8" y="0" width="34" height="56" fill="#1A7F8E"/>
+          <text x="21" y="34" fill="white" font-size="20" text-anchor="middle">&#9654;</text>
+          <text x="100" y="25" fill="#1A1612" font-size="12" font-weight="600" text-anchor="middle">FROM</text>
+          <text x="100" y="42" fill="#5C5347" font-size="11" text-anchor="middle">direct:orders</text>
+        </g>
+        <!-- Connector -->
+        <line x1="100" y1="66" x2="100" y2="86" stroke="#9C9184" stroke-width="1.5"/>
+        <polygon points="95,82 100,90 105,82" fill="#9C9184"/>
+        <!-- PROCESS node -->
+        <g transform="translate(20, 90)">
+          <rect x="0" y="0" width="160" height="56" rx="8" fill="#C6820E" opacity="0.12" stroke="#C6820E" stroke-width="1.5"/>
+          <rect x="0" y="0" width="42" height="56" rx="8" fill="#C6820E"/>
+          <rect x="8" y="0" width="34" height="56" fill="#C6820E"/>
+          <text x="21" y="34" fill="white" font-size="18" text-anchor="middle">&#9881;</text>
+          <text x="100" y="25" fill="#1A1612" font-size="12" font-weight="600" text-anchor="middle">LOG</text>
+          <text x="100" y="42" fill="#5C5347" font-size="11" text-anchor="middle">Processing order</text>
+        </g>
+        <!-- Connector -->
+        <line x1="100" y1="146" x2="100" y2="166" stroke="#9C9184" stroke-width="1.5"/>
+        <polygon points="95,162 100,170 105,162" fill="#9C9184"/>
+        <!-- TO node -->
+        <g transform="translate(20, 170)">
+          <rect x="0" y="0" width="160" height="56" rx="8" fill="#3D7C47" opacity="0.12" stroke="#3D7C47" stroke-width="1.5"/>
+          <rect x="0" y="0" width="42" height="56" rx="8" fill="#3D7C47"/>
+          <rect x="8" y="0" width="34" height="56" fill="#3D7C47"/>
+          <text x="21" y="34" fill="white" font-size="18" text-anchor="middle">&#9724;</text>
+          <text x="100" y="25" fill="#1A1612" font-size="12" font-weight="600" text-anchor="middle">TO</text>
+          <text x="100" y="42" fill="#5C5347" font-size="11" text-anchor="middle">kafka:processed</text>
+        </g>
+
+        <!-- CHOICE compound on the right -->
+        <g transform="translate(210, 10)">
+          <rect x="0" y="0" width="180" height="210" rx="10" fill="#7C3AED" opacity="0.06" stroke="#7C3AED" stroke-width="1.5" stroke-dasharray="4 2"/>
+          <text x="10" y="20" fill="#7C3AED" font-size="11" font-weight="600">CHOICE</text>
+          <!-- When child -->
+          <g transform="translate(10, 30)">
+            <rect x="0" y="0" width="160" height="48" rx="6" fill="#7C3AED" opacity="0.12" stroke="#7C3AED" stroke-width="1"/>
+            <rect x="0" y="0" width="36" height="48" rx="6" fill="#7C3AED"/>
+            <rect x="6" y="0" width="30" height="48" fill="#7C3AED"/>
+            <text x="18" y="30" fill="white" font-size="14" text-anchor="middle">&#9670;</text>
+            <text x="96" y="20" fill="#1A1612" font-size="11" font-weight="600" text-anchor="middle">WHEN</text>
+            <text x="96" y="36" fill="#5C5347" font-size="10" text-anchor="middle">header.type == 'A'</text>
+          </g>
+          <!-- Otherwise child -->
+          <g transform="translate(10, 88)">
+            <rect x="0" y="0" width="160" height="48" rx="6" fill="#7C3AED" opacity="0.12" stroke="#7C3AED" stroke-width="1"/>
+            <rect x="0" y="0" width="36" height="48" rx="6" fill="#7C3AED"/>
+            <rect x="6" y="0" width="30" height="48" fill="#7C3AED"/>
+            <text x="18" y="30" fill="white" font-size="14" text-anchor="middle">&#9670;</text>
+            <text x="96" y="20" fill="#1A1612" font-size="11" font-weight="600" text-anchor="middle">OTHERWISE</text>
+            <text x="96" y="36" fill="#5C5347" font-size="10" text-anchor="middle">default branch</text>
+          </g>
+        </g>
+      </svg>
+    </div>
+    <div class="card-body">
+      <h3>A: Icon Sidebar Blocks</h3>
+      <p>MuleSoft-style: colored icon strip on the left, label + detail on the right. Color encodes node type. Compound nodes (choice, split) use dashed containers.</p>
+    </div>
+  </div>
+
+  <!-- Option B: Rounded pill with centered icon -->
+  <div class="card" data-choice="b" onclick="toggleSelect(this)">
+    <div class="card-image" style="padding: 24px; background: #F5F2ED;">
+      <svg width="100%" height="220" viewBox="0 0 400 220">
+        <!-- FROM node -->
+        <g transform="translate(20, 10)">
+          <rect x="0" y="0" width="160" height="50" rx="25" fill="#1A7F8E" opacity="0.15" stroke="#1A7F8E" stroke-width="1.5"/>
+          <circle cx="30" cy="25" r="16" fill="#1A7F8E"/>
+          <text x="30" y="31" fill="white" font-size="14" text-anchor="middle">&#9654;</text>
+          <text x="98" y="22" fill="#1A1612" font-size="12" font-weight="600" text-anchor="middle">FROM</text>
+          <text x="98" y="38" fill="#5C5347" font-size="10" text-anchor="middle">direct:orders</text>
+        </g>
+        <!-- Connector -->
+        <line x1="100" y1="60" x2="100" y2="80" stroke="#9C9184" stroke-width="1.5"/>
+        <polygon points="95,76 100,84 105,76" fill="#9C9184"/>
+        <!-- PROCESS node -->
+        <g transform="translate(20, 84)">
+          <rect x="0" y="0" width="160" height="50" rx="25" fill="#C6820E" opacity="0.15" stroke="#C6820E" stroke-width="1.5"/>
+          <circle cx="30" cy="25" r="16" fill="#C6820E"/>
+          <text x="30" y="31" fill="white" font-size="14" text-anchor="middle">&#9881;</text>
+          <text x="98" y="22" fill="#1A1612" font-size="12" font-weight="600" text-anchor="middle">LOG</text>
+          <text x="98" y="38" fill="#5C5347" font-size="10" text-anchor="middle">Processing order</text>
+        </g>
+        <!-- Connector -->
+        <line x1="100" y1="134" x2="100" y2="154" stroke="#9C9184" stroke-width="1.5"/>
+        <polygon points="95,150 100,158 105,150" fill="#9C9184"/>
+        <!-- TO node -->
+        <g transform="translate(20, 158)">
+          <rect x="0" y="0" width="160" height="50" rx="25" fill="#3D7C47" opacity="0.15" stroke="#3D7C47" stroke-width="1.5"/>
+          <circle cx="30" cy="25" r="16" fill="#3D7C47"/>
+          <text x="30" y="31" fill="white" font-size="14" text-anchor="middle">&#9724;</text>
+          <text x="98" y="22" fill="#1A1612" font-size="12" font-weight="600" text-anchor="middle">TO</text>
+          <text x="98" y="38" fill="#5C5347" font-size="10" text-anchor="middle">kafka:processed</text>
+        </g>
+
+        <!-- CHOICE compound on the right -->
+        <g transform="translate(210, 10)">
+          <rect x="0" y="0" width="180" height="200" rx="12" fill="#7C3AED" opacity="0.06" stroke="#7C3AED" stroke-width="1.5" stroke-dasharray="5 3"/>
+          <text x="90" y="20" fill="#7C3AED" font-size="11" font-weight="600" text-anchor="middle">CHOICE</text>
+          <!-- When child -->
+          <g transform="translate(10, 30)">
+            <rect x="0" y="0" width="160" height="44" rx="22" fill="#7C3AED" opacity="0.15" stroke="#7C3AED" stroke-width="1"/>
+            <circle cx="26" cy="22" r="14" fill="#7C3AED"/>
+            <text x="26" y="28" fill="white" font-size="12" text-anchor="middle">&#9670;</text>
+            <text x="96" y="18" fill="#1A1612" font-size="11" font-weight="600" text-anchor="middle">WHEN</text>
+            <text x="96" y="34" fill="#5C5347" font-size="10" text-anchor="middle">type == 'A'</text>
+          </g>
+          <!-- Otherwise child -->
+          <g transform="translate(10, 84)">
+            <rect x="0" y="0" width="160" height="44" rx="22" fill="#7C3AED" opacity="0.15" stroke="#7C3AED" stroke-width="1"/>
+            <circle cx="26" cy="22" r="14" fill="#7C3AED"/>
+            <text x="26" y="28" fill="white" font-size="12" text-anchor="middle">&#9670;</text>
+            <text x="96" y="18" fill="#1A1612" font-size="11" font-weight="600" text-anchor="middle">OTHERWISE</text>
+            <text x="96" y="34" fill="#5C5347" font-size="10" text-anchor="middle">default</text>
+          </g>
+        </g>
+      </svg>
+    </div>
+    <div class="card-body">
+      <h3>B: Rounded Pills</h3>
+      <p>Softer, more modern look with pill-shaped nodes and circular icons. Lighter feel. Compounds still use dashed containers.</p>
+    </div>
+  </div>
+
+  <!-- Option C: TIBCO BW5 style - rectangular with top color bar -->
+  <div class="card" data-choice="c" onclick="toggleSelect(this)">
+    <div class="card-image" style="padding: 24px; background: #F5F2ED;">
+      <svg width="100%" height="220" viewBox="0 0 400 220">
+        <!-- FROM node -->
+        <g transform="translate(20, 10)">
+          <rect x="0" y="0" width="160" height="56" rx="4" fill="white" stroke="#E4DFD8" stroke-width="1"/>
+          <rect x="0" y="0" width="160" height="6" rx="4" fill="#1A7F8E"/>
+          <rect x="4" y="0" width="152" height="6" fill="#1A7F8E"/>
+          <text x="18" y="32" fill="#1A7F8E" font-size="16">&#9654;</text>
+          <text x="40" y="30" fill="#1A1612" font-size="12" font-weight="600">FROM</text>
+          <text x="40" y="46" fill="#5C5347" font-size="10">direct:orders</text>
+        </g>
+        <!-- Connector -->
+        <line x1="100" y1="66" x2="100" y2="86" stroke="#9C9184" stroke-width="1.5"/>
+        <polygon points="95,82 100,90 105,82" fill="#9C9184"/>
+        <!-- PROCESS node -->
+        <g transform="translate(20, 90)">
+          <rect x="0" y="0" width="160" height="56" rx="4" fill="white" stroke="#E4DFD8" stroke-width="1"/>
+          <rect x="0" y="0" width="160" height="6" rx="4" fill="#C6820E"/>
+          <rect x="4" y="0" width="152" height="6" fill="#C6820E"/>
+          <text x="18" y="32" fill="#C6820E" font-size="16">&#9881;</text>
+          <text x="40" y="30" fill="#1A1612" font-size="12" font-weight="600">LOG</text>
+          <text x="40" y="46" fill="#5C5347" font-size="10">Processing order</text>
+        </g>
+        <!-- Connector -->
+        <line x1="100" y1="146" x2="100" y2="166" stroke="#9C9184" stroke-width="1.5"/>
+        <polygon points="95,162 100,170 105,162" fill="#9C9184"/>
+        <!-- TO node -->
+        <g transform="translate(20, 170)">
+          <rect x="0" y="0" width="160" height="56" rx="4" fill="white" stroke="#E4DFD8" stroke-width="1"/>
+          <rect x="0" y="0" width="160" height="6" rx="4" fill="#3D7C47"/>
+          <rect x="4" y="0" width="152" height="6" fill="#3D7C47"/>
+          <text x="18" y="32" fill="#3D7C47" font-size="16">&#9724;</text>
+          <text x="40" y="30" fill="#1A1612" font-size="12" font-weight="600">TO</text>
+          <text x="40" y="46" fill="#5C5347" font-size="10">kafka:processed</text>
+        </g>
+
+        <!-- CHOICE compound on the right -->
+        <g transform="translate(210, 10)">
+          <rect x="0" y="0" width="180" height="210" rx="4" fill="white" stroke="#7C3AED" stroke-width="1.5"/>
+          <rect x="0" y="0" width="180" height="22" rx="4" fill="#7C3AED"/>
+          <rect x="4" y="4" width="172" height="18" fill="#7C3AED"/>
+          <text x="90" y="16" fill="white" font-size="11" font-weight="600" text-anchor="middle">CHOICE</text>
+          <!-- When child -->
+          <g transform="translate(10, 32)">
+            <rect x="0" y="0" width="160" height="48" rx="4" fill="white" stroke="#E4DFD8" stroke-width="1"/>
+            <rect x="0" y="0" width="160" height="5" rx="4" fill="#7C3AED"/>
+            <rect x="4" y="0" width="152" height="5" fill="#7C3AED"/>
+            <text x="14" y="28" fill="#7C3AED" font-size="14">&#9670;</text>
+            <text x="34" y="26" fill="#1A1612" font-size="11" font-weight="600">WHEN</text>
+            <text x="34" y="40" fill="#5C5347" font-size="10">type == 'A'</text>
+          </g>
+          <!-- Otherwise child -->
+          <g transform="translate(10, 90)">
+            <rect x="0" y="0" width="160" height="48" rx="4" fill="white" stroke="#E4DFD8" stroke-width="1"/>
+            <rect x="0" y="0" width="160" height="5" rx="4" fill="#7C3AED"/>
+            <rect x="4" y="0" width="152" height="5" fill="#7C3AED"/>
+            <text x="14" y="28" fill="#7C3AED" font-size="14">&#9670;</text>
+            <text x="34" y="26" fill="#1A1612" font-size="11" font-weight="600">OTHERWISE</text>
+            <text x="34" y="40" fill="#5C5347" font-size="10">default</text>
+          </g>
+        </g>
+      </svg>
+    </div>
+    <div class="card-body">
+      <h3>C: Top-Bar Cards</h3>
+      <p>TIBCO BW5-inspired: white cards with colored top accent bar. Clean, professional, card-like. Compound nodes get a full colored header bar with white title text.</p>
+    </div>
+  </div>
+</div>

.superpowers/brainstorm/10188-1774613058/waiting.html

@@ -0,0 +1,3 @@
+<div style="display:flex;align-items:center;justify-content:center;min-height:60vh">
+  <p class="subtitle">Continuing in terminal...</p>
+</div>

.superpowers/brainstorm/14618-1774629192/.server-stopped

@@ -0,0 +1 @@
+{"reason":"idle timeout","timestamp":1774632733532}

.superpowers/brainstorm/14618-1774629192/.server.pid

@@ -0,0 +1 @@
+14618

.superpowers/brainstorm/14618-1774629192/detail-panel-tabs.html

@@ -0,0 +1,287 @@
+<h2>Detail Panel: Tab Designs</h2>
+<p class="subtitle">Bottom panel content when a processor node is selected</p>
+
+<div class="mockup">
+  <div class="mockup-header">Info Tab — processor metadata + attributes</div>
+  <div class="mockup-body" style="background: #fff; padding: 0;">
+    <!-- Processor header -->
+    <div style="display: flex; align-items: center; gap: 10px; padding: 6px 14px; border-bottom: 1px solid #E4DFD8; background: #FAFAF8;">
+      <span style="font-size: 11px; font-weight: 600; color: #1A1612;">bean:validate</span>
+      <span style="font-size: 10px; color: #C0392B; background: #FDF2F0; padding: 1px 6px; border-radius: 8px;">FAILED</span>
+      <span style="font-size: 10px; color: #9C9184;">processor-5</span>
+    </div>
+    <!-- Tabs -->
+    <div style="display: flex; gap: 0; border-bottom: 1px solid #E4DFD8; background: #FAFAF8; padding: 0 14px;">
+      <div style="font-size: 11px; padding: 6px 12px; color: #C6820E; border-bottom: 2px solid #C6820E; font-weight: 600; cursor: pointer;">Info</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Headers</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Input</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Output</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #C0392B; cursor: pointer;">Error</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer; opacity: 0.4;">Config</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Timeline</div>
+    </div>
+    <!-- Info content -->
+    <div style="padding: 12px 14px; display: grid; grid-template-columns: 1fr 1fr 1fr; gap: 12px 24px; font-size: 12px;">
+      <div>
+        <div style="font-size: 10px; color: #9C9184; text-transform: uppercase; letter-spacing: 0.5px; margin-bottom: 2px;">Processor ID</div>
+        <div style="color: #1A1612; font-family: monospace; font-size: 11px;">processor-5</div>
+      </div>
+      <div>
+        <div style="font-size: 10px; color: #9C9184; text-transform: uppercase; letter-spacing: 0.5px; margin-bottom: 2px;">Type</div>
+        <div style="color: #1A1612;">BEAN</div>
+      </div>
+      <div>
+        <div style="font-size: 10px; color: #9C9184; text-transform: uppercase; letter-spacing: 0.5px; margin-bottom: 2px;">Status</div>
+        <div style="color: #C0392B; font-weight: 500;">FAILED</div>
+      </div>
+      <div>
+        <div style="font-size: 10px; color: #9C9184; text-transform: uppercase; letter-spacing: 0.5px; margin-bottom: 2px;">Start Time</div>
+        <div style="color: #1A1612;">14:32:05.123</div>
+      </div>
+      <div>
+        <div style="font-size: 10px; color: #9C9184; text-transform: uppercase; letter-spacing: 0.5px; margin-bottom: 2px;">End Time</div>
+        <div style="color: #1A1612;">14:32:05.243</div>
+      </div>
+      <div>
+        <div style="font-size: 10px; color: #9C9184; text-transform: uppercase; letter-spacing: 0.5px; margin-bottom: 2px;">Duration</div>
+        <div style="color: #1A1612; font-weight: 500;">120ms</div>
+      </div>
+      <div>
+        <div style="font-size: 10px; color: #9C9184; text-transform: uppercase; letter-spacing: 0.5px; margin-bottom: 2px;">Endpoint URI</div>
+        <div style="color: #1A1612; font-family: monospace; font-size: 11px;">bean:orderValidator?method=validate</div>
+      </div>
+      <div style="grid-column: span 2;">
+        <div style="font-size: 10px; color: #9C9184; text-transform: uppercase; letter-spacing: 0.5px; margin-bottom: 2px;">Resolved URI</div>
+        <div style="color: #1A1612; font-family: monospace; font-size: 11px;">bean://com.example.OrderValidator?method=validate</div>
+      </div>
+      <!-- Attributes from taps -->
+      <div style="grid-column: span 3; border-top: 1px solid #E4DFD8; padding-top: 8px; margin-top: 4px;">
+        <div style="font-size: 10px; color: #9C9184; text-transform: uppercase; letter-spacing: 0.5px; margin-bottom: 6px;">Attributes</div>
+        <div style="display: flex; gap: 6px; flex-wrap: wrap;">
+          <span style="font-size: 10px; padding: 2px 8px; background: #F5F0EA; border-radius: 10px; color: #5C5347;">orderId: <strong>ORD-1234</strong></span>
+          <span style="font-size: 10px; padding: 2px 8px; background: #F5F0EA; border-radius: 10px; color: #5C5347;">customer: <strong>Acme Corp</strong></span>
+          <span style="font-size: 10px; padding: 2px 8px; background: #F5F0EA; border-radius: 10px; color: #5C5347;">priority: <strong>HIGH</strong></span>
+        </div>
+      </div>
+    </div>
+  </div>
+</div>
+
+<div style="margin-top: 20px;"></div>
+
+<div class="mockup">
+  <div class="mockup-header">Headers Tab — input vs output side by side</div>
+  <div class="mockup-body" style="background: #fff; padding: 0;">
+    <div style="display: flex; align-items: center; gap: 10px; padding: 6px 14px; border-bottom: 1px solid #E4DFD8; background: #FAFAF8;">
+      <span style="font-size: 11px; font-weight: 600; color: #1A1612;">log:incoming</span>
+      <span style="font-size: 10px; color: #3D7C47; background: #F0F9F1; padding: 1px 6px; border-radius: 8px;">COMPLETED</span>
+      <span style="font-size: 10px; color: #9C9184;">processor-2</span>
+    </div>
+    <div style="display: flex; gap: 0; border-bottom: 1px solid #E4DFD8; background: #FAFAF8; padding: 0 14px;">
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Info</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #C6820E; border-bottom: 2px solid #C6820E; font-weight: 600; cursor: pointer;">Headers</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Input</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Output</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer; opacity: 0.4;">Error</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer; opacity: 0.4;">Config</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Timeline</div>
+    </div>
+    <!-- Headers side by side -->
+    <div style="display: flex; gap: 0; padding: 0;">
+      <!-- Input headers -->
+      <div style="flex: 1; padding: 10px 14px; border-right: 1px solid #E4DFD8;">
+        <div style="font-size: 10px; color: #9C9184; text-transform: uppercase; letter-spacing: 0.5px; margin-bottom: 8px;">Input Headers</div>
+        <table style="width: 100%; font-size: 11px; border-collapse: collapse;">
+          <tr style="border-bottom: 1px solid #F5F0EA;">
+            <td style="padding: 3px 0; color: #5C5347; font-weight: 500; width: 40%;">Content-Type</td>
+            <td style="padding: 3px 0; color: #1A1612; font-family: monospace; font-size: 10px;">application/json</td>
+          </tr>
+          <tr style="border-bottom: 1px solid #F5F0EA;">
+            <td style="padding: 3px 0; color: #5C5347; font-weight: 500;">JMSMessageID</td>
+            <td style="padding: 3px 0; color: #1A1612; font-family: monospace; font-size: 10px;">ID:broker-42</td>
+          </tr>
+          <tr style="border-bottom: 1px solid #F5F0EA;">
+            <td style="padding: 3px 0; color: #5C5347; font-weight: 500;">breadcrumbId</td>
+            <td style="padding: 3px 0; color: #1A1612; font-family: monospace; font-size: 10px;">abc-123-def</td>
+          </tr>
+          <tr>
+            <td style="padding: 3px 0; color: #5C5347; font-weight: 500;">CamelHttpMethod</td>
+            <td style="padding: 3px 0; color: #1A1612; font-family: monospace; font-size: 10px;">POST</td>
+          </tr>
+        </table>
+      </div>
+      <!-- Output headers -->
+      <div style="flex: 1; padding: 10px 14px;">
+        <div style="font-size: 10px; color: #9C9184; text-transform: uppercase; letter-spacing: 0.5px; margin-bottom: 8px;">Output Headers</div>
+        <table style="width: 100%; font-size: 11px; border-collapse: collapse;">
+          <tr style="border-bottom: 1px solid #F5F0EA;">
+            <td style="padding: 3px 0; color: #5C5347; font-weight: 500; width: 40%;">Content-Type</td>
+            <td style="padding: 3px 0; color: #1A1612; font-family: monospace; font-size: 10px;">application/json</td>
+          </tr>
+          <tr style="border-bottom: 1px solid #F5F0EA;">
+            <td style="padding: 3px 0; color: #5C5347; font-weight: 500;">JMSMessageID</td>
+            <td style="padding: 3px 0; color: #1A1612; font-family: monospace; font-size: 10px;">ID:broker-42</td>
+          </tr>
+          <tr style="border-bottom: 1px solid #F5F0EA;">
+            <td style="padding: 3px 0; color: #5C5347; font-weight: 500;">breadcrumbId</td>
+            <td style="padding: 3px 0; color: #1A1612; font-family: monospace; font-size: 10px;">abc-123-def</td>
+          </tr>
+          <tr style="border-bottom: 1px solid #F5F0EA;">
+            <td style="padding: 3px 0; color: #5C5347; font-weight: 500;">CamelHttpMethod</td>
+            <td style="padding: 3px 0; color: #1A1612; font-family: monospace; font-size: 10px;">POST</td>
+          </tr>
+          <tr>
+            <td style="padding: 3px 0; color: #5C5347; font-weight: 500; color: #3D7C47;">orderStatus</td>
+            <td style="padding: 3px 0; color: #3D7C47; font-family: monospace; font-size: 10px;">validated <span style="font-size: 9px; color: #9C9184; font-family: sans-serif;">(new)</span></td>
+          </tr>
+        </table>
+      </div>
+    </div>
+  </div>
+</div>
+
+<div style="margin-top: 20px;"></div>
+
+<div class="mockup">
+  <div class="mockup-header">Input Tab — formatted message body</div>
+  <div class="mockup-body" style="background: #fff; padding: 0;">
+    <div style="display: flex; align-items: center; gap: 10px; padding: 6px 14px; border-bottom: 1px solid #E4DFD8; background: #FAFAF8;">
+      <span style="font-size: 11px; font-weight: 600; color: #1A1612;">log:incoming</span>
+      <span style="font-size: 10px; color: #3D7C47; background: #F0F9F1; padding: 1px 6px; border-radius: 8px;">COMPLETED</span>
+      <span style="font-size: 10px; color: #9C9184;">processor-2 &middot; 5ms</span>
+    </div>
+    <div style="display: flex; gap: 0; border-bottom: 1px solid #E4DFD8; background: #FAFAF8; padding: 0 14px;">
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Info</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Headers</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #C6820E; border-bottom: 2px solid #C6820E; font-weight: 600; cursor: pointer;">Input</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Output</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer; opacity: 0.4;">Error</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer; opacity: 0.4;">Config</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Timeline</div>
+    </div>
+    <!-- Body content with syntax highlighting -->
+    <div style="padding: 10px 14px;">
+      <div style="display: flex; align-items: center; justify-content: space-between; margin-bottom: 6px;">
+        <span style="font-size: 10px; color: #9C9184;">JSON &middot; 234 bytes</span>
+        <button style="font-size: 9px; padding: 2px 8px; border: 1px solid #E4DFD8; background: #FAFAF8; border-radius: 3px; cursor: pointer; color: #5C5347;">Copy</button>
+      </div>
+      <pre style="font-size: 11px; background: #1A1612; color: #E4DFD8; padding: 12px; border-radius: 6px; margin: 0; line-height: 1.6; overflow-x: auto;">{
+  <span style="color: #1A7F8E;">"orderId"</span>: <span style="color: #C6820E;">"ORD-1234"</span>,
+  <span style="color: #1A7F8E;">"customer"</span>: {
+    <span style="color: #1A7F8E;">"name"</span>: <span style="color: #C6820E;">"Acme Corp"</span>,
+    <span style="color: #1A7F8E;">"id"</span>: <span style="color: #7C3AED;">42</span>
+  },
+  <span style="color: #1A7F8E;">"items"</span>: [
+    {
+      <span style="color: #1A7F8E;">"product"</span>: <span style="color: #C6820E;">"Widget A"</span>,
+      <span style="color: #1A7F8E;">"quantity"</span>: <span style="color: #7C3AED;">5</span>,
+      <span style="color: #1A7F8E;">"price"</span>: <span style="color: #7C3AED;">29.99</span>
+    }
+  ],
+  <span style="color: #1A7F8E;">"priority"</span>: <span style="color: #C6820E;">"HIGH"</span>
+}</pre>
+    </div>
+  </div>
+</div>
+
+<div style="margin-top: 20px;"></div>
+
+<div class="mockup">
+  <div class="mockup-header">Timeline Tab — Gantt-style processor durations</div>
+  <div class="mockup-body" style="background: #fff; padding: 0;">
+    <div style="display: flex; align-items: center; gap: 10px; padding: 6px 14px; border-bottom: 1px solid #E4DFD8; background: #FAFAF8;">
+      <span style="font-size: 11px; font-weight: 600; color: #1A1612;">content-based-routing</span>
+      <span style="font-size: 10px; color: #C0392B; background: #FDF2F0; padding: 1px 6px; border-radius: 8px;">FAILED</span>
+      <span style="font-size: 10px; color: #9C9184;">247ms total</span>
+    </div>
+    <div style="display: flex; gap: 0; border-bottom: 1px solid #E4DFD8; background: #FAFAF8; padding: 0 14px;">
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Info</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Headers</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Input</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Output</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #C0392B; cursor: pointer;">Error</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer; opacity: 0.4;">Config</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #C6820E; border-bottom: 2px solid #C6820E; font-weight: 600; cursor: pointer;">Timeline</div>
+    </div>
+    <!-- Gantt chart -->
+    <div style="padding: 10px 14px;">
+      <!-- Time axis -->
+      <div style="display: flex; justify-content: space-between; font-size: 9px; color: #9C9184; margin-bottom: 4px; padding-left: 110px;">
+        <span>0ms</span><span>50ms</span><span>100ms</span><span>150ms</span><span>200ms</span><span>247ms</span>
+      </div>
+      <!-- Processor rows -->
+      <div style="display: flex; flex-direction: column; gap: 3px;">
+        <!-- from:jms -->
+        <div style="display: flex; align-items: center; gap: 8px;">
+          <span style="font-size: 10px; color: #5C5347; width: 100px; text-align: right; flex-shrink: 0;">from:jms</span>
+          <div style="flex: 1; height: 16px; background: #F5F0EA; border-radius: 2px; position: relative;">
+            <div style="position: absolute; left: 0%; width: 0.8%; height: 100%; background: #3D7C47; border-radius: 2px; min-width: 3px;"></div>
+          </div>
+          <span style="font-size: 9px; color: #9C9184; width: 36px; flex-shrink: 0;">2ms</span>
+        </div>
+        <!-- log -->
+        <div style="display: flex; align-items: center; gap: 8px;">
+          <span style="font-size: 10px; color: #5C5347; width: 100px; text-align: right; flex-shrink: 0;">log</span>
+          <div style="flex: 1; height: 16px; background: #F5F0EA; border-radius: 2px; position: relative;">
+            <div style="position: absolute; left: 0.8%; width: 2%; height: 100%; background: #3D7C47; border-radius: 2px; min-width: 3px;"></div>
+          </div>
+          <span style="font-size: 9px; color: #9C9184; width: 36px; flex-shrink: 0;">5ms</span>
+        </div>
+        <!-- setHeader -->
+        <div style="display: flex; align-items: center; gap: 8px;">
+          <span style="font-size: 10px; color: #5C5347; width: 100px; text-align: right; flex-shrink: 0;">setHeader</span>
+          <div style="flex: 1; height: 16px; background: #F5F0EA; border-radius: 2px; position: relative;">
+            <div style="position: absolute; left: 2.8%; width: 0.4%; height: 100%; background: #3D7C47; border-radius: 2px; min-width: 3px;"></div>
+          </div>
+          <span style="font-size: 9px; color: #9C9184; width: 36px; flex-shrink: 0;">1ms</span>
+        </div>
+        <!-- bean:validate (FAILED - long) -->
+        <div style="display: flex; align-items: center; gap: 8px;">
+          <span style="font-size: 10px; color: #C0392B; font-weight: 600; width: 100px; text-align: right; flex-shrink: 0;">bean:validate</span>
+          <div style="flex: 1; height: 16px; background: #F5F0EA; border-radius: 2px; position: relative;">
+            <div style="position: absolute; left: 3.2%; width: 48.6%; height: 100%; background: #C0392B; border-radius: 2px; opacity: 0.8;"></div>
+          </div>
+          <span style="font-size: 9px; color: #C0392B; font-weight: 500; width: 36px; flex-shrink: 0;">120ms</span>
+        </div>
+        <!-- to:http (skipped) -->
+        <div style="display: flex; align-items: center; gap: 8px; opacity: 0.35;">
+          <span style="font-size: 10px; color: #5C5347; width: 100px; text-align: right; flex-shrink: 0;">to:http</span>
+          <div style="flex: 1; height: 16px; background: #F5F0EA; border-radius: 2px;"></div>
+          <span style="font-size: 9px; color: #9C9184; width: 36px; flex-shrink: 0;">—</span>
+        </div>
+        <!-- to:jms (skipped) -->
+        <div style="display: flex; align-items: center; gap: 8px; opacity: 0.35;">
+          <span style="font-size: 10px; color: #5C5347; width: 100px; text-align: right; flex-shrink: 0;">to:jms</span>
+          <div style="flex: 1; height: 16px; background: #F5F0EA; border-radius: 2px;"></div>
+          <span style="font-size: 9px; color: #9C9184; width: 36px; flex-shrink: 0;">—</span>
+        </div>
+      </div>
+      <div style="margin-top: 8px; font-size: 10px; color: #9C9184;">Click a bar to select that processor in the diagram</div>
+    </div>
+  </div>
+</div>
+
+<div style="margin-top: 20px;"></div>
+
+<div class="mockup">
+  <div class="mockup-header">Error Tab — grayed out when no error on selected processor</div>
+  <div class="mockup-body" style="background: #fff; padding: 0;">
+    <div style="display: flex; align-items: center; gap: 10px; padding: 6px 14px; border-bottom: 1px solid #E4DFD8; background: #FAFAF8;">
+      <span style="font-size: 11px; font-weight: 600; color: #1A1612;">log:incoming</span>
+      <span style="font-size: 10px; color: #3D7C47; background: #F0F9F1; padding: 1px 6px; border-radius: 8px;">COMPLETED</span>
+      <span style="font-size: 10px; color: #9C9184;">processor-2 &middot; 5ms</span>
+    </div>
+    <div style="display: flex; gap: 0; border-bottom: 1px solid #E4DFD8; background: #FAFAF8; padding: 0 14px;">
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Info</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Headers</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Input</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Output</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer; opacity: 0.4; cursor: not-allowed;">Error</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer; opacity: 0.4;">Config</div>
+      <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Timeline</div>
+    </div>
+    <div style="padding: 20px 14px; text-align: center; color: #9C9184; font-size: 12px;">
+      No error on this processor
+    </div>
+  </div>
+</div>

.superpowers/brainstorm/14618-1774629192/execution-overlay-design.html

@@ -0,0 +1,207 @@
+<h2>Execution Overlay: Full Design Mockup</h2>
+<p class="subtitle">ExecutionDiagram component — diagram with execution overlay + detail panel</p>
+
+<div class="mockup">
+  <div class="mockup-header">ExecutionDiagram — Failed Exchange View</div>
+  <div class="mockup-body" style="background: #FAFAF8; padding: 0;">
+    <!-- Top bar: Exchange summary -->
+    <div style="display: flex; align-items: center; gap: 12px; padding: 8px 14px; background: #fff; border-bottom: 1px solid #E4DFD8; font-size: 12px; color: #5C5347;">
+      <span style="font-weight: 600; color: #1A1612;">Exchange</span>
+      <code style="font-size: 11px; background: #F5F0EA; padding: 2px 6px; border-radius: 3px; color: #1A1612;">abc-123-def-456</code>
+      <span style="background: #C0392B; color: white; font-size: 10px; padding: 1px 8px; border-radius: 10px; font-weight: 600;">FAILED</span>
+      <span style="color: #9C9184;">sample-app / content-based-routing</span>
+      <span style="color: #9C9184;">247ms</span>
+      <div style="margin-left: auto; display: flex; gap: 6px;">
+        <button style="font-size: 10px; padding: 3px 10px; border: 1px solid #C0392B; background: #FDF2F0; color: #C0392B; border-radius: 4px; cursor: pointer; font-weight: 500;">Jump to Error</button>
+      </div>
+    </div>
+
+    <!-- Main content: Diagram top, Detail bottom -->
+    <div style="display: flex; flex-direction: column; height: 480px;">
+
+      <!-- TOP: Process Diagram with Overlay -->
+      <div style="flex: 1; position: relative; overflow: hidden; background: #fff; border-bottom: 2px solid #E4DFD8;">
+
+        <!-- Breadcrumbs (if drilled down) -->
+
+        <!-- Diagram content -->
+        <div style="padding: 24px 30px;">
+          <!-- Main flow -->
+          <div style="display: flex; align-items: center; gap: 0;">
+
+            <!-- Node: from:jms (COMPLETED) -->
+            <div style="position: relative;">
+              <div style="width: 140px; height: 52px; background: #fff; border: 1px solid #E4DFD8; border-radius: 6px; border-left: 4px solid #3D7C47; overflow: hidden;">
+                <div style="height: 5px; background: #1A7F8E;"></div>
+                <div style="padding: 4px 8px;">
+                  <div style="font-size: 10px; font-weight: 600; color: #1A1612;">from:jms:orders</div>
+                  <div style="font-size: 9px; color: #9C9184;">ENDPOINT</div>
+                </div>
+              </div>
+              <div style="position: absolute; bottom: 2px; right: 6px; font-size: 8px; color: #3D7C47; font-weight: 500;">2ms</div>
+            </div>
+
+            <!-- Edge -->
+            <svg width="30" height="10" style="flex-shrink:0;"><line x1="0" y1="5" x2="30" y2="5" stroke="#9CA3AF" stroke-width="1.5"/><polygon points="25,2 30,5 25,8" fill="#9CA3AF"/></svg>
+
+            <!-- Node: log (COMPLETED) -->
+            <div style="position: relative;">
+              <div style="width: 140px; height: 52px; background: #fff; border: 1px solid #E4DFD8; border-radius: 6px; border-left: 4px solid #3D7C47; overflow: hidden;">
+                <div style="height: 5px; background: #C6820E;"></div>
+                <div style="padding: 4px 8px;">
+                  <div style="font-size: 10px; font-weight: 600; color: #1A1612;">log:incoming</div>
+                  <div style="font-size: 9px; color: #9C9184;">LOG</div>
+                </div>
+              </div>
+              <div style="position: absolute; bottom: 2px; right: 6px; font-size: 8px; color: #3D7C47; font-weight: 500;">5ms</div>
+            </div>
+
+            <!-- Edge -->
+            <svg width="30" height="10" style="flex-shrink:0;"><line x1="0" y1="5" x2="30" y2="5" stroke="#9CA3AF" stroke-width="1.5"/><polygon points="25,2 30,5 25,8" fill="#9CA3AF"/></svg>
+
+            <!-- Node: CHOICE compound -->
+            <div style="position: relative; border: 2px dashed #7C3AED; border-radius: 8px; padding: 0; background: #FAFAFF;">
+              <!-- Compound header -->
+              <div style="background: #7C3AED; color: white; font-size: 10px; font-weight: 600; padding: 3px 10px; border-radius: 5px 5px 0 0;">CHOICE</div>
+              <div style="padding: 10px; display: flex; gap: 16px;">
+                <!-- WHEN branch (taken, failed) -->
+                <div style="border: 1px solid #E4DFD8; border-radius: 5px; padding: 6px; background: #fff;">
+                  <div style="font-size: 8px; color: #7C3AED; font-weight: 600; margin-bottom: 4px;">WHEN: header.type == 'A'</div>
+                  <div style="display: flex; align-items: center; gap: 0;">
+                    <!-- Node: bean (FAILED) -->
+                    <div style="position: relative;">
+                      <div style="width: 120px; height: 48px; background: #FDF2F0; border: 2px solid #C0392B; border-radius: 6px; overflow: hidden;">
+                        <div style="height: 5px; background: #C6820E;"></div>
+                        <div style="padding: 3px 6px;">
+                          <div style="font-size: 9px; font-weight: 600; color: #C0392B;">bean:validate</div>
+                          <div style="font-size: 8px; color: #C0392B;">FAILED</div>
+                        </div>
+                      </div>
+                      <div style="position: absolute; bottom: 1px; right: 4px; font-size: 7px; color: #C0392B; font-weight: 500;">120ms</div>
+                      <!-- Error icon -->
+                      <div style="position: absolute; top: -6px; right: -6px; width: 16px; height: 16px; background: #C0392B; border-radius: 50%; display: flex; align-items: center; justify-content: center; font-size: 9px; color: white; font-weight: bold;">!</div>
+                    </div>
+
+                    <svg width="20" height="10" style="flex-shrink:0;"><line x1="0" y1="5" x2="20" y2="5" stroke="#9CA3AF" stroke-width="1"/></svg>
+
+                    <!-- Node: to:http (NOT EXECUTED - dimmed) -->
+                    <div style="position: relative; opacity: 0.35;">
+                      <div style="width: 120px; height: 48px; background: #fff; border: 1px solid #E4DFD8; border-radius: 6px; overflow: hidden;">
+                        <div style="height: 5px; background: #3D7C47;"></div>
+                        <div style="padding: 3px 6px;">
+                          <div style="font-size: 9px; font-weight: 600; color: #1A1612;">to:http:api</div>
+                          <div style="font-size: 8px; color: #9C9184;">TO</div>
+                        </div>
+                      </div>
+                    </div>
+                  </div>
+                </div>
+
+                <!-- OTHERWISE branch (not taken - dimmed) -->
+                <div style="border: 1px solid #E4DFD8; border-radius: 5px; padding: 6px; background: #fff; opacity: 0.35;">
+                  <div style="font-size: 8px; color: #7C3AED; font-weight: 600; margin-bottom: 4px;">OTHERWISE</div>
+                  <div style="width: 120px; height: 48px; background: #fff; border: 1px solid #E4DFD8; border-radius: 6px; overflow: hidden;">
+                    <div style="height: 5px; background: #3D7C47;"></div>
+                    <div style="padding: 3px 6px;">
+                      <div style="font-size: 9px; font-weight: 600; color: #1A1612;">to:direct:alt</div>
+                      <div style="font-size: 8px; color: #9C9184;">DIRECT</div>
+                    </div>
+                  </div>
+                </div>
+              </div>
+            </div>
+          </div>
+        </div>
+
+        <!-- Zoom controls (bottom-right) -->
+        <div style="position: absolute; bottom: 8px; right: 8px; display: flex; align-items: center; gap: 3px; background: #fff; border: 1px solid #E4DFD8; border-radius: 4px; padding: 3px; box-shadow: 0 1px 4px rgba(0,0,0,0.06);">
+          <button style="width: 22px; height: 22px; border: none; background: transparent; font-size: 12px; cursor: pointer; color: #1A1612;">+</button>
+          <span style="font-size: 9px; color: #9C9184; min-width: 30px; text-align: center;">100%</span>
+          <button style="width: 22px; height: 22px; border: none; background: transparent; font-size: 12px; cursor: pointer; color: #1A1612;">-</button>
+          <button style="width: 22px; height: 22px; border: none; background: transparent; font-size: 10px; cursor: pointer; color: #1A1612;">Fit</button>
+        </div>
+
+        <!-- Minimap (bottom-left) -->
+        <div style="position: absolute; bottom: 8px; left: 8px; width: 100px; height: 60px; background: #fff; border: 1px solid #E4DFD8; border-radius: 4px; box-shadow: 0 1px 4px rgba(0,0,0,0.06); overflow: hidden;">
+          <div style="padding: 4px;">
+            <div style="display: flex; gap: 2px; align-items: center; transform: scale(0.3); transform-origin: top left;">
+              <div style="width: 60px; height: 20px; background: #1A7F8E; border-radius: 2px;"></div>
+              <div style="width: 60px; height: 20px; background: #C6820E; border-radius: 2px;"></div>
+              <div style="width: 100px; height: 40px; border: 1px solid #7C3AED; border-radius: 2px;"></div>
+            </div>
+          </div>
+        </div>
+      </div>
+
+      <!-- SPLITTER -->
+      <div style="height: 4px; background: #E4DFD8; cursor: row-resize; flex-shrink: 0;"></div>
+
+      <!-- BOTTOM: Detail Panel -->
+      <div style="flex: 0 0 180px; background: #fff; display: flex; flex-direction: column;">
+        <!-- Selected processor header -->
+        <div style="display: flex; align-items: center; gap: 10px; padding: 6px 14px; border-bottom: 1px solid #E4DFD8; background: #FAFAF8;">
+          <span style="font-size: 11px; font-weight: 600; color: #C0392B;">bean:validate</span>
+          <span style="font-size: 10px; color: #C0392B; background: #FDF2F0; padding: 1px 6px; border-radius: 8px;">FAILED</span>
+          <span style="font-size: 10px; color: #9C9184;">processor-5 &middot; 120ms</span>
+        </div>
+
+        <!-- Tabs -->
+        <div style="display: flex; gap: 0; border-bottom: 1px solid #E4DFD8; background: #FAFAF8; padding: 0 14px;">
+          <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Info</div>
+          <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Headers</div>
+          <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Input</div>
+          <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Output</div>
+          <div style="font-size: 11px; padding: 6px 12px; color: #C0392B; border-bottom: 2px solid #C0392B; font-weight: 600; cursor: pointer;">Error</div>
+          <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer; opacity: 0.5;">Config</div>
+          <div style="font-size: 11px; padding: 6px 12px; color: #9C9184; cursor: pointer;">Timeline</div>
+        </div>
+
+        <!-- Tab content: Error -->
+        <div style="flex: 1; padding: 10px 14px; overflow-y: auto;">
+          <div style="margin-bottom: 8px;">
+            <div style="font-size: 10px; color: #9C9184; text-transform: uppercase; letter-spacing: 0.5px; margin-bottom: 2px;">Exception</div>
+            <div style="font-size: 12px; color: #C0392B; font-weight: 500;">javax.validation.ValidationException</div>
+          </div>
+          <div style="margin-bottom: 8px;">
+            <div style="font-size: 10px; color: #9C9184; text-transform: uppercase; letter-spacing: 0.5px; margin-bottom: 2px;">Message</div>
+            <div style="font-size: 12px; color: #1A1612;">Order quantity must be positive: received -3</div>
+          </div>
+          <div style="margin-bottom: 8px;">
+            <div style="font-size: 10px; color: #9C9184; text-transform: uppercase; letter-spacing: 0.5px; margin-bottom: 2px;">Root Cause</div>
+            <div style="font-size: 12px; color: #C0392B;">java.lang.IllegalArgumentException: quantity must be > 0</div>
+          </div>
+          <div>
+            <div style="font-size: 10px; color: #9C9184; text-transform: uppercase; letter-spacing: 0.5px; margin-bottom: 2px;">Stack Trace</div>
+            <pre style="font-size: 10px; color: #5C5347; background: #F5F0EA; padding: 8px; border-radius: 4px; overflow-x: auto; margin: 0; line-height: 1.6;">at com.example.OrderValidator.validate(OrderValidator.java:42)
+at com.example.OrderRoute.process(OrderRoute.java:18)
+at org.apache.camel.processor.DelegateSyncProcessor.process(...)
+at org.apache.camel.processor.Pipeline.process(Pipeline.java:184)
+... 8 more</pre>
+          </div>
+        </div>
+      </div>
+    </div>
+  </div>
+</div>
+
+<div style="margin-top: 24px;">
+  <h3>Design Decisions Shown</h3>
+  <div style="display: grid; grid-template-columns: 1fr 1fr; gap: 12px; font-size: 13px; color: #5C5347;">
+    <div style="background: #f8f8f6; padding: 10px; border-radius: 6px; border-left: 3px solid #3D7C47;">
+      <strong style="color: #1A1612;">Executed (OK)</strong><br/>
+      Green left border, duration badge bottom-right
+    </div>
+    <div style="background: #f8f8f6; padding: 10px; border-radius: 6px; border-left: 3px solid #C0392B;">
+      <strong style="color: #1A1612;">Failed</strong><br/>
+      Red border, red tint background, red ! badge top-right
+    </div>
+    <div style="background: #f8f8f6; padding: 10px; border-radius: 6px; border-left: 3px solid #9C9184;">
+      <strong style="color: #1A1612;">Not Executed</strong><br/>
+      Dimmed to 35% opacity — full topology visible
+    </div>
+    <div style="background: #f8f8f6; padding: 10px; border-radius: 6px; border-left: 3px solid #C6820E;">
+      <strong style="color: #1A1612;">Selected</strong><br/>
+      Amber ring (existing), detail panel updates below
+    </div>
+  </div>
+</div>

.superpowers/brainstorm/14618-1774629192/iteration-stepper.html

@@ -0,0 +1,143 @@
+<h2>Per-Compound Iteration Stepper</h2>
+<p class="subtitle">Each loop/split compound gets its own stepper in the header bar</p>
+
+<div class="mockup">
+  <div class="mockup-header">Loop with iteration stepper — iteration 3 of 5</div>
+  <div class="mockup-body" style="background: #FAFAF8; padding: 20px;">
+
+    <!-- LOOP compound -->
+    <div style="position: relative; border: 2px dashed #7C3AED; border-radius: 8px; background: #FAFAFF; max-width: 600px;">
+      <!-- Compound header with stepper -->
+      <div style="background: #7C3AED; color: white; font-size: 11px; font-weight: 600; padding: 4px 10px; border-radius: 5px 5px 0 0; display: flex; align-items: center; justify-content: space-between;">
+        <span>LOOP</span>
+        <!-- Iteration stepper -->
+        <div style="display: flex; align-items: center; gap: 4px; background: rgba(255,255,255,0.15); border-radius: 3px; padding: 1px 4px;">
+          <button style="width: 18px; height: 18px; border: none; background: rgba(255,255,255,0.2); color: white; border-radius: 2px; cursor: pointer; font-size: 10px; display: flex; align-items: center; justify-content: center;">&lsaquo;</button>
+          <span style="font-size: 10px; min-width: 30px; text-align: center; font-variant-numeric: tabular-nums;">3 / 5</span>
+          <button style="width: 18px; height: 18px; border: none; background: rgba(255,255,255,0.2); color: white; border-radius: 2px; cursor: pointer; font-size: 10px; display: flex; align-items: center; justify-content: center;">&rsaquo;</button>
+        </div>
+      </div>
+
+      <!-- Loop body: showing iteration 3 data -->
+      <div style="padding: 12px; display: flex; align-items: center; gap: 0;">
+        <!-- transform (OK in iteration 3) -->
+        <div style="position: relative;">
+          <div style="width: 130px; height: 48px; background: #F0F9F1; border: 1.5px solid #3D7C47; border-radius: 5px; border-left: 3px solid #3D7C47; overflow: hidden;">
+            <div style="height: 4px; background: #C6820E;"></div>
+            <div style="padding: 3px 6px;">
+              <div style="font-size: 9px; font-weight: 600; color: #1A1612;">transform</div>
+              <div style="font-size: 8px; color: #9C9184;">TRANSFORM</div>
+            </div>
+          </div>
+          <div style="position: absolute; bottom: 1px; right: 4px; font-size: 7px; color: #3D7C47;">3ms</div>
+          <div style="position: absolute; top: -5px; right: -5px; width: 13px; height: 13px; background: #3D7C47; border-radius: 50%; display: flex; align-items: center; justify-content: center; font-size: 8px; color: white;">&#10003;</div>
+        </div>
+
+        <svg width="24" height="10" style="flex-shrink:0;"><line x1="0" y1="5" x2="20" y2="5" stroke="#3D7C47" stroke-width="1.5"/><polygon points="17,2 22,5 17,8" fill="#3D7C47"/></svg>
+
+        <!-- to:http (OK in iteration 3) -->
+        <div style="position: relative;">
+          <div style="width: 130px; height: 48px; background: #F0F9F1; border: 1.5px solid #3D7C47; border-radius: 5px; border-left: 3px solid #3D7C47; overflow: hidden;">
+            <div style="height: 4px; background: #3D7C47;"></div>
+            <div style="padding: 3px 6px;">
+              <div style="font-size: 9px; font-weight: 600; color: #1A1612;">to:http:api</div>
+              <div style="font-size: 8px; color: #9C9184;">TO</div>
+            </div>
+          </div>
+          <div style="position: absolute; bottom: 1px; right: 4px; font-size: 7px; color: #3D7C47;">45ms</div>
+          <div style="position: absolute; top: -5px; right: -5px; width: 13px; height: 13px; background: #3D7C47; border-radius: 50%; display: flex; align-items: center; justify-content: center; font-size: 8px; color: white;">&#10003;</div>
+        </div>
+
+        <svg width="24" height="10" style="flex-shrink:0;"><line x1="0" y1="5" x2="20" y2="5" stroke="#3D7C47" stroke-width="1.5"/><polygon points="17,2 22,5 17,8" fill="#3D7C47"/></svg>
+
+        <!-- log (OK in iteration 3) -->
+        <div style="position: relative;">
+          <div style="width: 130px; height: 48px; background: #F0F9F1; border: 1.5px solid #3D7C47; border-radius: 5px; border-left: 3px solid #3D7C47; overflow: hidden;">
+            <div style="height: 4px; background: #C6820E;"></div>
+            <div style="padding: 3px 6px;">
+              <div style="font-size: 9px; font-weight: 600; color: #1A1612;">log:result</div>
+              <div style="font-size: 8px; color: #9C9184;">LOG</div>
+            </div>
+          </div>
+          <div style="position: absolute; bottom: 1px; right: 4px; font-size: 7px; color: #3D7C47;">1ms</div>
+          <div style="position: absolute; top: -5px; right: -5px; width: 13px; height: 13px; background: #3D7C47; border-radius: 50%; display: flex; align-items: center; justify-content: center; font-size: 8px; color: white;">&#10003;</div>
+        </div>
+      </div>
+    </div>
+  </div>
+</div>
+
+<h3 style="margin-top: 24px;">Nested Loops</h3>
+<p class="subtitle">Each compound level has its own independent stepper</p>
+
+<div class="mockup">
+  <div class="mockup-header">Outer loop (iteration 2/3) containing inner split (branch 1/4)</div>
+  <div class="mockup-body" style="background: #FAFAF8; padding: 20px;">
+
+    <!-- Outer LOOP -->
+    <div style="border: 2px dashed #7C3AED; border-radius: 8px; background: #FAFAFF; max-width: 550px;">
+      <div style="background: #7C3AED; color: white; font-size: 11px; font-weight: 600; padding: 4px 10px; border-radius: 5px 5px 0 0; display: flex; align-items: center; justify-content: space-between;">
+        <span>LOOP</span>
+        <div style="display: flex; align-items: center; gap: 4px; background: rgba(255,255,255,0.15); border-radius: 3px; padding: 1px 4px;">
+          <button style="width: 18px; height: 18px; border: none; background: rgba(255,255,255,0.2); color: white; border-radius: 2px; cursor: pointer; font-size: 10px; display: flex; align-items: center; justify-content: center;">&lsaquo;</button>
+          <span style="font-size: 10px; min-width: 30px; text-align: center;">2 / 3</span>
+          <button style="width: 18px; height: 18px; border: none; background: rgba(255,255,255,0.2); color: white; border-radius: 2px; cursor: pointer; font-size: 10px; display: flex; align-items: center; justify-content: center;">&rsaquo;</button>
+        </div>
+      </div>
+
+      <div style="padding: 12px;">
+        <div style="display: flex; align-items: center; gap: 0;">
+
+          <!-- Processor before split -->
+          <div style="position: relative;">
+            <div style="width: 110px; height: 44px; background: #F0F9F1; border: 1.5px solid #3D7C47; border-radius: 5px; border-left: 3px solid #3D7C47; overflow: hidden;">
+              <div style="height: 4px; background: #C6820E;"></div>
+              <div style="padding: 3px 6px;">
+                <div style="font-size: 9px; font-weight: 600; color: #1A1612;">setBody</div>
+                <div style="font-size: 8px; color: #9C9184;">SET_BODY</div>
+              </div>
+            </div>
+            <div style="position: absolute; top: -5px; right: -5px; width: 13px; height: 13px; background: #3D7C47; border-radius: 50%; display: flex; align-items: center; justify-content: center; font-size: 8px; color: white;">&#10003;</div>
+          </div>
+
+          <svg width="20" height="10" style="flex-shrink:0;"><line x1="0" y1="5" x2="16" y2="5" stroke="#3D7C47" stroke-width="1.5"/></svg>
+
+          <!-- Inner SPLIT -->
+          <div style="border: 2px dashed #7C3AED; border-radius: 6px; background: #F8F7FF;">
+            <div style="background: #9B6AED; color: white; font-size: 10px; font-weight: 600; padding: 3px 8px; border-radius: 3px 3px 0 0; display: flex; align-items: center; justify-content: space-between;">
+              <span>SPLIT</span>
+              <div style="display: flex; align-items: center; gap: 3px; background: rgba(255,255,255,0.15); border-radius: 3px; padding: 1px 3px;">
+                <button style="width: 16px; height: 16px; border: none; background: rgba(255,255,255,0.2); color: white; border-radius: 2px; cursor: pointer; font-size: 9px; display: flex; align-items: center; justify-content: center;">&lsaquo;</button>
+                <span style="font-size: 9px; min-width: 26px; text-align: center;">1 / 4</span>
+                <button style="width: 16px; height: 16px; border: none; background: rgba(255,255,255,0.2); color: white; border-radius: 2px; cursor: pointer; font-size: 9px; display: flex; align-items: center; justify-content: center;">&rsaquo;</button>
+              </div>
+            </div>
+            <div style="padding: 8px; display: flex; align-items: center; gap: 0;">
+              <div style="position: relative;">
+                <div style="width: 100px; height: 40px; background: #F0F9F1; border: 1.5px solid #3D7C47; border-radius: 4px; border-left: 3px solid #3D7C47; overflow: hidden;">
+                  <div style="height: 3px; background: #3D7C47;"></div>
+                  <div style="padding: 2px 5px;">
+                    <div style="font-size: 8px; font-weight: 600; color: #1A1612;">to:kafka</div>
+                    <div style="font-size: 7px; color: #9C9184;">TO</div>
+                  </div>
+                </div>
+                <div style="position: absolute; top: -4px; right: -4px; width: 12px; height: 12px; background: #3D7C47; border-radius: 50%; display: flex; align-items: center; justify-content: center; font-size: 7px; color: white;">&#10003;</div>
+              </div>
+            </div>
+          </div>
+        </div>
+      </div>
+    </div>
+  </div>
+</div>
+
+<h3 style="margin-top: 24px;">Stepper Behavior</h3>
+<div style="font-size: 13px; color: #5C5347; line-height: 1.8;">
+  <ul style="margin: 0; padding-left: 20px;">
+    <li><strong>Independent per compound</strong> — outer loop at iteration 2, inner split at branch 1</li>
+    <li><strong>Overlay updates per-compound</strong> — stepping the loop re-renders its children's execution data for that iteration</li>
+    <li><strong>CHOICE shows which branch was taken</strong> — no stepper, just highlights the taken branch</li>
+    <li><strong>Keyboard</strong> — when a compound is focused/hovered, left/right arrow keys step through iterations</li>
+    <li><strong>Detail panel syncs</strong> — selecting a processor inside a loop shows that iteration's data</li>
+  </ul>
+</div>

.superpowers/brainstorm/14618-1774629192/layout-overview.html

@@ -0,0 +1,166 @@
+<h2>Execution Overlay: Page Layout</h2>
+<p class="subtitle">How should the diagram + execution details be arranged?</p>
+
+<div class="cards">
+  <!-- Option A: Horizontal Split -->
+  <div class="card" data-choice="a" onclick="toggleSelect(this)">
+    <div class="card-image">
+      <div style="padding: 16px; background: #1a1612; border-radius: 6px;">
+        <!-- IDE-style: diagram top, detail bottom -->
+        <div style="display: flex; flex-direction: column; gap: 8px; height: 280px;">
+          <!-- Top: Diagram -->
+          <div style="flex: 1; background: #2a2520; border-radius: 4px; padding: 12px; position: relative; overflow: hidden;">
+            <div style="font-size: 10px; color: #9C9184; margin-bottom: 8px;">DIAGRAM</div>
+            <!-- Mini route flow mockup -->
+            <div style="display: flex; align-items: center; gap: 6px; margin-left: 20px;">
+              <div style="width: 60px; height: 28px; background: #1A7F8E; border-radius: 3px; display: flex; align-items: center; justify-content: center; font-size: 8px; color: white;">from:jms</div>
+              <div style="width: 20px; height: 1px; background: #5C5347;"></div>
+              <div style="width: 60px; height: 28px; background: #C6820E; border-radius: 3px; display: flex; align-items: center; justify-content: center; font-size: 8px; color: white; border: 2px solid #3D7C47;">log</div>
+              <div style="width: 20px; height: 1px; background: #5C5347;"></div>
+              <div style="width: 60px; height: 28px; background: #C0392B; border-radius: 3px; display: flex; align-items: center; justify-content: center; font-size: 8px; color: white; border: 2px solid #C0392B; opacity: 0.9;">bean</div>
+              <div style="width: 20px; height: 1px; background: #5C5347;"></div>
+              <div style="width: 60px; height: 28px; background: #3D7C47; border-radius: 3px; display: flex; align-items: center; justify-content: center; font-size: 8px; color: white; opacity: 0.4;">to:http</div>
+            </div>
+            <!-- Zoom controls hint -->
+            <div style="position: absolute; bottom: 6px; right: 6px; font-size: 8px; color: #5C5347; background: #2a2520; padding: 2px 6px; border: 1px solid #3a3530; border-radius: 3px;">100%</div>
+            <!-- Iteration stepper -->
+            <div style="position: absolute; top: 6px; right: 6px; font-size: 8px; color: #C6820E; background: #2a2520; padding: 2px 8px; border: 1px solid #3a3530; border-radius: 3px;">Loop 2/5</div>
+          </div>
+          <!-- Resizable splitter -->
+          <div style="height: 3px; background: #3a3530; border-radius: 2px; cursor: row-resize;"></div>
+          <!-- Bottom: Details -->
+          <div style="flex: 0 0 100px; background: #2a2520; border-radius: 4px; padding: 8px; overflow: hidden;">
+            <div style="display: flex; gap: 12px; font-size: 9px; color: #9C9184; border-bottom: 1px solid #3a3530; padding-bottom: 4px; margin-bottom: 6px;">
+              <span style="color: #C6820E; border-bottom: 2px solid #C6820E; padding-bottom: 3px;">Input</span>
+              <span>Output</span>
+              <span>Headers</span>
+              <span>Error</span>
+              <span>Timeline</span>
+            </div>
+            <div style="font-family: monospace; font-size: 8px; color: #9C9184; line-height: 1.5;">
+              <div>{"orderId": "ORD-1234",</div>
+              <div>&nbsp;"product": "Widget A",</div>
+              <div>&nbsp;"quantity": 5}</div>
+            </div>
+          </div>
+        </div>
+      </div>
+    </div>
+    <div class="card-body">
+      <h3>A: Top/Bottom Split (IDE Style)</h3>
+      <p>Diagram on top, tabbed detail panel below. Resizable splitter between them. Maximizes diagram width. Tabs: Input, Output, Headers, Error, Timeline.</p>
+      <div class="pros-cons">
+        <div class="pros"><h4>Pros</h4><ul><li>Full diagram width</li><li>Familiar IDE pattern</li><li>Detail panel always visible</li></ul></div>
+        <div class="cons"><h4>Cons</h4><ul><li>Vertical space shared</li><li>Diagram shrinks on small screens</li></ul></div>
+      </div>
+    </div>
+  </div>
+
+  <!-- Option B: Right Panel -->
+  <div class="card" data-choice="b" onclick="toggleSelect(this)">
+    <div class="card-image">
+      <div style="padding: 16px; background: #1a1612; border-radius: 6px;">
+        <div style="display: flex; gap: 8px; height: 280px;">
+          <!-- Left: Diagram -->
+          <div style="flex: 1; background: #2a2520; border-radius: 4px; padding: 12px; position: relative; overflow: hidden;">
+            <div style="font-size: 10px; color: #9C9184; margin-bottom: 8px;">DIAGRAM</div>
+            <div style="display: flex; align-items: center; gap: 6px; margin-left: 10px;">
+              <div style="width: 55px; height: 26px; background: #1A7F8E; border-radius: 3px; display: flex; align-items: center; justify-content: center; font-size: 7px; color: white;">from:jms</div>
+              <div style="width: 14px; height: 1px; background: #5C5347;"></div>
+              <div style="width: 55px; height: 26px; background: #C6820E; border-radius: 3px; display: flex; align-items: center; justify-content: center; font-size: 7px; color: white; border: 2px solid #3D7C47;">log</div>
+              <div style="width: 14px; height: 1px; background: #5C5347;"></div>
+              <div style="width: 55px; height: 26px; background: #C0392B; border-radius: 3px; display: flex; align-items: center; justify-content: center; font-size: 7px; color: white; border: 2px solid #C0392B;">bean</div>
+            </div>
+            <div style="position: absolute; bottom: 6px; right: 6px; font-size: 8px; color: #5C5347; background: #2a2520; padding: 2px 6px; border: 1px solid #3a3530; border-radius: 3px;">100%</div>
+          </div>
+          <!-- Resizable splitter -->
+          <div style="width: 3px; background: #3a3530; border-radius: 2px; cursor: col-resize;"></div>
+          <!-- Right: Detail Panel -->
+          <div style="flex: 0 0 200px; background: #2a2520; border-radius: 4px; padding: 8px; overflow: hidden;">
+            <div style="font-size: 9px; color: #C6820E; font-weight: 600; margin-bottom: 6px;">log (processor-3)</div>
+            <div style="font-size: 8px; color: #3D7C47; margin-bottom: 8px;">COMPLETED - 12ms</div>
+            <div style="display: flex; flex-direction: column; gap: 2px; font-size: 8px; color: #9C9184; border-bottom: 1px solid #3a3530; padding-bottom: 4px; margin-bottom: 6px;">
+              <div style="display: flex; gap: 6px;">
+                <span style="color: #C6820E; font-weight: 600;">Input</span>
+                <span>Output</span>
+                <span>Headers</span>
+              </div>
+            </div>
+            <div style="font-family: monospace; font-size: 7px; color: #9C9184; line-height: 1.4;">
+              <div>{"orderId": "ORD-1234",</div>
+              <div>&nbsp;"product": "Widget A",</div>
+              <div>&nbsp;"quantity": 5,</div>
+              <div>&nbsp;"price": 29.99}</div>
+            </div>
+          </div>
+        </div>
+      </div>
+    </div>
+    <div class="card-body">
+      <h3>B: Left/Right Split</h3>
+      <p>Diagram on left, collapsible detail panel on right. Slide-in when node selected. Diagram keeps full height.</p>
+      <div class="pros-cons">
+        <div class="pros"><h4>Pros</h4><ul><li>Full diagram height</li><li>Panel can collapse</li><li>Good for wide screens</li></ul></div>
+        <div class="cons"><h4>Cons</h4><ul><li>Steals diagram width</li><li>Tight on narrow screens</li></ul></div>
+      </div>
+    </div>
+  </div>
+
+  <!-- Option C: Hybrid -->
+  <div class="card" data-choice="c" onclick="toggleSelect(this)">
+    <div class="card-image">
+      <div style="padding: 16px; background: #1a1612; border-radius: 6px;">
+        <div style="display: flex; flex-direction: column; gap: 8px; height: 280px;">
+          <!-- Top: Full width diagram -->
+          <div style="flex: 1; background: #2a2520; border-radius: 4px; padding: 12px; position: relative; overflow: hidden;">
+            <div style="font-size: 10px; color: #9C9184; margin-bottom: 8px;">DIAGRAM</div>
+            <div style="display: flex; align-items: center; gap: 6px; margin-left: 20px;">
+              <div style="width: 60px; height: 28px; background: #1A7F8E; border-radius: 3px; display: flex; align-items: center; justify-content: center; font-size: 8px; color: white;">from:jms</div>
+              <div style="width: 20px; height: 1px; background: #5C5347;"></div>
+              <div style="width: 60px; height: 28px; background: #C6820E; border-radius: 3px; display: flex; align-items: center; justify-content: center; font-size: 8px; color: white; border: 2px solid #3D7C47;">log</div>
+              <div style="width: 20px; height: 1px; background: #5C5347;"></div>
+              <div style="width: 60px; height: 28px; background: #C0392B; border-radius: 3px; display: flex; align-items: center; justify-content: center; font-size: 8px; color: white; border: 2px solid #C0392B;">bean</div>
+              <div style="width: 20px; height: 1px; background: #5C5347;"></div>
+              <div style="width: 60px; height: 28px; background: #3D7C47; border-radius: 3px; display: flex; align-items: center; justify-content: center; font-size: 8px; color: white; opacity: 0.4;">to:http</div>
+            </div>
+            <div style="position: absolute; bottom: 6px; right: 6px; font-size: 8px; color: #5C5347; background: #2a2520; padding: 2px 6px; border: 1px solid #3a3530; border-radius: 3px;">100%</div>
+          </div>
+          <!-- Bottom: Two-column detail -->
+          <div style="height: 3px; background: #3a3530; border-radius: 2px;"></div>
+          <div style="flex: 0 0 100px; display: flex; gap: 8px;">
+            <!-- Left: Processor list / timeline -->
+            <div style="flex: 0 0 140px; background: #2a2520; border-radius: 4px; padding: 6px; overflow: hidden;">
+              <div style="font-size: 8px; color: #9C9184; margin-bottom: 4px; font-weight: 600;">Processors</div>
+              <div style="font-size: 7px; line-height: 1.8;">
+                <div style="color: #3D7C47; padding: 1px 4px; background: #2a2a20; border-radius: 2px;">from:jms - 2ms</div>
+                <div style="color: #C6820E; padding: 1px 4px; background: #3a3020; border-radius: 2px; border-left: 2px solid #C6820E;">log - 12ms</div>
+                <div style="color: #C0392B; padding: 1px 4px;">bean - FAILED</div>
+                <div style="color: #5C5347; padding: 1px 4px; opacity: 0.5;">to:http - skipped</div>
+              </div>
+            </div>
+            <!-- Right: Selected processor detail -->
+            <div style="flex: 1; background: #2a2520; border-radius: 4px; padding: 6px; overflow: hidden;">
+              <div style="display: flex; gap: 8px; font-size: 8px; color: #9C9184; border-bottom: 1px solid #3a3530; padding-bottom: 3px; margin-bottom: 4px;">
+                <span style="color: #C6820E;">Input</span>
+                <span>Output</span>
+                <span>Headers</span>
+              </div>
+              <div style="font-family: monospace; font-size: 7px; color: #9C9184; line-height: 1.4;">
+                <div>{"orderId": "ORD-1234",</div>
+                <div>&nbsp;"product": "Widget A"}</div>
+              </div>
+            </div>
+          </div>
+        </div>
+      </div>
+    </div>
+    <div class="card-body">
+      <h3>C: Top/Bottom with Processor List</h3>
+      <p>Diagram on top, bottom split into processor list (left) + detail tabs (right). Clicking processor in list or diagram syncs selection. Most information density.</p>
+      <div class="pros-cons">
+        <div class="pros"><h4>Pros</h4><ul><li>Processor list as navigation</li><li>Full diagram width</li><li>Maximum information density</li></ul></div>
+        <div class="cons"><h4>Cons</h4><ul><li>More complex layout</li><li>May feel crowded</li></ul></div>
+      </div>
+    </div>
+  </div>
+</div>

.superpowers/brainstorm/14618-1774629192/overlay-intensity.html

@@ -0,0 +1,190 @@
+<h2>Execution Overlay: Visual Intensity Comparison</h2>
+<p class="subtitle">How strong should the overlay tinting be?</p>
+
+<div class="split">
+  <!-- Current: Subtle -->
+  <div class="mockup" data-choice="subtle" onclick="toggleSelect(this)">
+    <div class="mockup-header">Current: Subtle (border only)</div>
+    <div class="mockup-body" style="background: #FAFAF8; padding: 16px;">
+      <div style="display: flex; flex-direction: column; gap: 12px;">
+        <!-- OK node - border only -->
+        <div style="display: flex; align-items: center; gap: 10px;">
+          <span style="font-size: 10px; color: #9C9184; width: 70px;">Completed</span>
+          <div style="position: relative; width: 160px; height: 52px; background: #fff; border: 1px solid #E4DFD8; border-radius: 6px; border-left: 4px solid #3D7C47; overflow: hidden;">
+            <div style="height: 5px; background: #1A7F8E;"></div>
+            <div style="padding: 4px 8px;">
+              <div style="font-size: 10px; font-weight: 600; color: #1A1612;">from:jms:orders</div>
+              <div style="font-size: 9px; color: #9C9184;">ENDPOINT</div>
+            </div>
+            <div style="position: absolute; bottom: 2px; right: 6px; font-size: 8px; color: #3D7C47; font-weight: 500;">2ms</div>
+          </div>
+        </div>
+        <!-- Failed node - border only -->
+        <div style="display: flex; align-items: center; gap: 10px;">
+          <span style="font-size: 10px; color: #9C9184; width: 70px;">Failed</span>
+          <div style="position: relative; width: 160px; height: 52px; background: #fff; border: 2px solid #C0392B; border-radius: 6px; overflow: hidden;">
+            <div style="height: 5px; background: #C6820E;"></div>
+            <div style="padding: 4px 8px;">
+              <div style="font-size: 10px; font-weight: 600; color: #1A1612;">bean:validate</div>
+              <div style="font-size: 9px; color: #9C9184;">BEAN</div>
+            </div>
+            <div style="position: absolute; bottom: 2px; right: 6px; font-size: 8px; color: #C0392B; font-weight: 500;">120ms</div>
+            <div style="position: absolute; top: -6px; right: -6px; width: 16px; height: 16px; background: #C0392B; border-radius: 50%; display: flex; align-items: center; justify-content: center; font-size: 9px; color: white; font-weight: bold;">!</div>
+          </div>
+        </div>
+        <!-- Skipped node -->
+        <div style="display: flex; align-items: center; gap: 10px;">
+          <span style="font-size: 10px; color: #9C9184; width: 70px;">Skipped</span>
+          <div style="opacity: 0.35; width: 160px; height: 52px; background: #fff; border: 1px solid #E4DFD8; border-radius: 6px; overflow: hidden;">
+            <div style="height: 5px; background: #3D7C47;"></div>
+            <div style="padding: 4px 8px;">
+              <div style="font-size: 10px; font-weight: 600; color: #1A1612;">to:http:api</div>
+              <div style="font-size: 9px; color: #9C9184;">TO</div>
+            </div>
+          </div>
+        </div>
+      </div>
+    </div>
+  </div>
+
+  <!-- Proposed: Tinted backgrounds -->
+  <div class="mockup" data-choice="tinted" onclick="toggleSelect(this)">
+    <div class="mockup-header">Proposed: Tinted backgrounds</div>
+    <div class="mockup-body" style="background: #FAFAF8; padding: 16px;">
+      <div style="display: flex; flex-direction: column; gap: 12px;">
+        <!-- OK node - green tint -->
+        <div style="display: flex; align-items: center; gap: 10px;">
+          <span style="font-size: 10px; color: #9C9184; width: 70px;">Completed</span>
+          <div style="position: relative; width: 160px; height: 52px; background: #F0F9F1; border: 1.5px solid #3D7C47; border-radius: 6px; border-left: 4px solid #3D7C47; overflow: hidden;">
+            <div style="height: 5px; background: #1A7F8E;"></div>
+            <div style="padding: 4px 8px;">
+              <div style="font-size: 10px; font-weight: 600; color: #1A1612;">from:jms:orders</div>
+              <div style="font-size: 9px; color: #9C9184;">ENDPOINT</div>
+            </div>
+            <div style="position: absolute; bottom: 2px; right: 6px; font-size: 8px; color: #3D7C47; font-weight: 500;">2ms</div>
+          </div>
+        </div>
+        <!-- Failed node - red tint -->
+        <div style="display: flex; align-items: center; gap: 10px;">
+          <span style="font-size: 10px; color: #9C9184; width: 70px;">Failed</span>
+          <div style="position: relative; width: 160px; height: 52px; background: #FDF2F0; border: 2px solid #C0392B; border-radius: 6px; overflow: hidden;">
+            <div style="height: 5px; background: #C6820E;"></div>
+            <div style="padding: 4px 8px;">
+              <div style="font-size: 10px; font-weight: 600; color: #C0392B;">bean:validate</div>
+              <div style="font-size: 9px; color: #C0392B;">FAILED</div>
+            </div>
+            <div style="position: absolute; bottom: 2px; right: 6px; font-size: 8px; color: #C0392B; font-weight: 500;">120ms</div>
+            <div style="position: absolute; top: -6px; right: -6px; width: 16px; height: 16px; background: #C0392B; border-radius: 50%; display: flex; align-items: center; justify-content: center; font-size: 9px; color: white; font-weight: bold;">!</div>
+          </div>
+        </div>
+        <!-- Skipped node -->
+        <div style="display: flex; align-items: center; gap: 10px;">
+          <span style="font-size: 10px; color: #9C9184; width: 70px;">Skipped</span>
+          <div style="opacity: 0.35; width: 160px; height: 52px; background: #fff; border: 1px solid #E4DFD8; border-radius: 6px; overflow: hidden;">
+            <div style="height: 5px; background: #3D7C47;"></div>
+            <div style="padding: 4px 8px;">
+              <div style="font-size: 10px; font-weight: 600; color: #1A1612;">to:http:api</div>
+              <div style="font-size: 9px; color: #9C9184;">TO</div>
+            </div>
+          </div>
+        </div>
+      </div>
+    </div>
+  </div>
+</div>
+
+<h3 style="margin-top: 24px;">Full Flow Comparison</h3>
+<p class="subtitle">Same route, tinted version — see how it reads at a glance</p>
+
+<div class="mockup">
+  <div class="mockup-header">Tinted overlay on a full route</div>
+  <div class="mockup-body" style="background: #FAFAF8; padding: 20px;">
+    <div style="display: flex; align-items: center; gap: 0;">
+
+      <!-- from:jms (OK) -->
+      <div style="position: relative;">
+        <div style="width: 140px; height: 52px; background: #F0F9F1; border: 1.5px solid #3D7C47; border-radius: 6px; border-left: 4px solid #3D7C47; overflow: hidden;">
+          <div style="height: 5px; background: #1A7F8E;"></div>
+          <div style="padding: 4px 8px;">
+            <div style="font-size: 10px; font-weight: 600; color: #1A1612;">from:jms:orders</div>
+            <div style="font-size: 9px; color: #9C9184;">ENDPOINT</div>
+          </div>
+        </div>
+        <div style="position: absolute; bottom: 2px; right: 6px; font-size: 8px; color: #3D7C47; font-weight: 500;">2ms</div>
+      </div>
+
+      <svg width="30" height="10" style="flex-shrink:0;"><line x1="0" y1="5" x2="25" y2="5" stroke="#3D7C47" stroke-width="1.5"/><polygon points="22,2 28,5 22,8" fill="#3D7C47"/></svg>
+
+      <!-- log (OK) -->
+      <div style="position: relative;">
+        <div style="width: 140px; height: 52px; background: #F0F9F1; border: 1.5px solid #3D7C47; border-radius: 6px; border-left: 4px solid #3D7C47; overflow: hidden;">
+          <div style="height: 5px; background: #C6820E;"></div>
+          <div style="padding: 4px 8px;">
+            <div style="font-size: 10px; font-weight: 600; color: #1A1612;">log:incoming</div>
+            <div style="font-size: 9px; color: #9C9184;">LOG</div>
+          </div>
+        </div>
+        <div style="position: absolute; bottom: 2px; right: 6px; font-size: 8px; color: #3D7C47; font-weight: 500;">5ms</div>
+      </div>
+
+      <svg width="30" height="10" style="flex-shrink:0;"><line x1="0" y1="5" x2="25" y2="5" stroke="#3D7C47" stroke-width="1.5"/><polygon points="22,2 28,5 22,8" fill="#3D7C47"/></svg>
+
+      <!-- setHeader (OK) -->
+      <div style="position: relative;">
+        <div style="width: 140px; height: 52px; background: #F0F9F1; border: 1.5px solid #3D7C47; border-radius: 6px; border-left: 4px solid #3D7C47; overflow: hidden;">
+          <div style="height: 5px; background: #C6820E;"></div>
+          <div style="padding: 4px 8px;">
+            <div style="font-size: 10px; font-weight: 600; color: #1A1612;">setHeader:type</div>
+            <div style="font-size: 9px; color: #9C9184;">SET_HEADER</div>
+          </div>
+        </div>
+        <div style="position: absolute; bottom: 2px; right: 6px; font-size: 8px; color: #3D7C47; font-weight: 500;">1ms</div>
+      </div>
+
+      <svg width="30" height="10" style="flex-shrink:0;"><line x1="0" y1="5" x2="25" y2="5" stroke="#3D7C47" stroke-width="1.5"/><polygon points="22,2 28,5 22,8" fill="#3D7C47"/></svg>
+
+      <!-- bean:validate (FAILED) -->
+      <div style="position: relative;">
+        <div style="width: 140px; height: 52px; background: #FDF2F0; border: 2px solid #C0392B; border-radius: 6px; overflow: hidden;">
+          <div style="height: 5px; background: #C6820E;"></div>
+          <div style="padding: 4px 8px;">
+            <div style="font-size: 10px; font-weight: 600; color: #C0392B;">bean:validate</div>
+            <div style="font-size: 9px; color: #C0392B;">FAILED</div>
+          </div>
+        </div>
+        <div style="position: absolute; bottom: 2px; right: 6px; font-size: 8px; color: #C0392B; font-weight: 500;">120ms</div>
+        <div style="position: absolute; top: -6px; right: -6px; width: 16px; height: 16px; background: #C0392B; border-radius: 50%; display: flex; align-items: center; justify-content: center; font-size: 9px; color: white; font-weight: bold;">!</div>
+      </div>
+
+      <svg width="30" height="10" style="flex-shrink:0;"><line x1="0" y1="5" x2="25" y2="5" stroke="#9CA3AF" stroke-width="1" stroke-dasharray="3,3"/></svg>
+
+      <!-- to:http (SKIPPED) -->
+      <div style="opacity: 0.35;">
+        <div style="width: 140px; height: 52px; background: #fff; border: 1px solid #E4DFD8; border-radius: 6px; overflow: hidden;">
+          <div style="height: 5px; background: #3D7C47;"></div>
+          <div style="padding: 4px 8px;">
+            <div style="font-size: 10px; font-weight: 600; color: #1A1612;">to:http:api</div>
+            <div style="font-size: 9px; color: #9C9184;">TO</div>
+          </div>
+        </div>
+      </div>
+
+      <svg width="30" height="10" style="flex-shrink:0;"><line x1="0" y1="5" x2="25" y2="5" stroke="#9CA3AF" stroke-width="1" stroke-dasharray="3,3"/></svg>
+
+      <!-- to:jms (SKIPPED) -->
+      <div style="opacity: 0.35;">
+        <div style="width: 140px; height: 52px; background: #fff; border: 1px solid #E4DFD8; border-radius: 6px; overflow: hidden;">
+          <div style="height: 5px; background: #3D7C47;"></div>
+          <div style="padding: 4px 8px;">
+            <div style="font-size: 10px; font-weight: 600; color: #1A1612;">to:jms:result</div>
+            <div style="font-size: 9px; color: #9C9184;">TO</div>
+          </div>
+        </div>
+      </div>
+    </div>
+
+    <div style="margin-top: 16px; font-size: 11px; color: #5C5347;">
+      <strong>Note:</strong> Edges between executed nodes turn green. Edges leading to skipped nodes become dashed gray.
+    </div>
+  </div>
+</div>

.superpowers/brainstorm/14618-1774629192/overlay-with-markers.html

@@ -0,0 +1,159 @@
+<h2>Execution Overlay: Success + Error Markers</h2>
+<p class="subtitle">Every executed node gets a status badge — green check or red exclamation</p>
+
+<div class="mockup">
+  <div class="mockup-header">Full route with status markers</div>
+  <div class="mockup-body" style="background: #FAFAF8; padding: 20px;">
+    <div style="display: flex; align-items: center; gap: 0;">
+
+      <!-- from:jms (OK) -->
+      <div style="position: relative;">
+        <div style="width: 140px; height: 52px; background: #F0F9F1; border: 1.5px solid #3D7C47; border-radius: 6px; border-left: 4px solid #3D7C47; overflow: hidden;">
+          <div style="height: 5px; background: #1A7F8E;"></div>
+          <div style="padding: 4px 8px;">
+            <div style="font-size: 10px; font-weight: 600; color: #1A1612;">from:jms:orders</div>
+            <div style="font-size: 9px; color: #9C9184;">ENDPOINT</div>
+          </div>
+        </div>
+        <div style="position: absolute; bottom: 2px; right: 6px; font-size: 8px; color: #3D7C47; font-weight: 500;">2ms</div>
+        <!-- Success marker -->
+        <div style="position: absolute; top: -6px; right: -6px; width: 16px; height: 16px; background: #3D7C47; border-radius: 50%; display: flex; align-items: center; justify-content: center; font-size: 10px; color: white; font-weight: bold;">&#10003;</div>
+      </div>
+
+      <svg width="30" height="10" style="flex-shrink:0;"><line x1="0" y1="5" x2="25" y2="5" stroke="#3D7C47" stroke-width="1.5"/><polygon points="22,2 28,5 22,8" fill="#3D7C47"/></svg>
+
+      <!-- log (OK) -->
+      <div style="position: relative;">
+        <div style="width: 140px; height: 52px; background: #F0F9F1; border: 1.5px solid #3D7C47; border-radius: 6px; border-left: 4px solid #3D7C47; overflow: hidden;">
+          <div style="height: 5px; background: #C6820E;"></div>
+          <div style="padding: 4px 8px;">
+            <div style="font-size: 10px; font-weight: 600; color: #1A1612;">log:incoming</div>
+            <div style="font-size: 9px; color: #9C9184;">LOG</div>
+          </div>
+        </div>
+        <div style="position: absolute; bottom: 2px; right: 6px; font-size: 8px; color: #3D7C47; font-weight: 500;">5ms</div>
+        <div style="position: absolute; top: -6px; right: -6px; width: 16px; height: 16px; background: #3D7C47; border-radius: 50%; display: flex; align-items: center; justify-content: center; font-size: 10px; color: white; font-weight: bold;">&#10003;</div>
+      </div>
+
+      <svg width="30" height="10" style="flex-shrink:0;"><line x1="0" y1="5" x2="25" y2="5" stroke="#3D7C47" stroke-width="1.5"/><polygon points="22,2 28,5 22,8" fill="#3D7C47"/></svg>
+
+      <!-- setHeader (OK) -->
+      <div style="position: relative;">
+        <div style="width: 140px; height: 52px; background: #F0F9F1; border: 1.5px solid #3D7C47; border-radius: 6px; border-left: 4px solid #3D7C47; overflow: hidden;">
+          <div style="height: 5px; background: #C6820E;"></div>
+          <div style="padding: 4px 8px;">
+            <div style="font-size: 10px; font-weight: 600; color: #1A1612;">setHeader:type</div>
+            <div style="font-size: 9px; color: #9C9184;">SET_HEADER</div>
+          </div>
+        </div>
+        <div style="position: absolute; bottom: 2px; right: 6px; font-size: 8px; color: #3D7C47; font-weight: 500;">1ms</div>
+        <div style="position: absolute; top: -6px; right: -6px; width: 16px; height: 16px; background: #3D7C47; border-radius: 50%; display: flex; align-items: center; justify-content: center; font-size: 10px; color: white; font-weight: bold;">&#10003;</div>
+      </div>
+
+      <svg width="30" height="10" style="flex-shrink:0;"><line x1="0" y1="5" x2="25" y2="5" stroke="#3D7C47" stroke-width="1.5"/><polygon points="22,2 28,5 22,8" fill="#3D7C47"/></svg>
+
+      <!-- bean:validate (FAILED) -->
+      <div style="position: relative;">
+        <div style="width: 140px; height: 52px; background: #FDF2F0; border: 2px solid #C0392B; border-radius: 6px; overflow: hidden;">
+          <div style="height: 5px; background: #C6820E;"></div>
+          <div style="padding: 4px 8px;">
+            <div style="font-size: 10px; font-weight: 600; color: #C0392B;">bean:validate</div>
+            <div style="font-size: 9px; color: #C0392B;">FAILED</div>
+          </div>
+        </div>
+        <div style="position: absolute; bottom: 2px; right: 6px; font-size: 8px; color: #C0392B; font-weight: 500;">120ms</div>
+        <!-- Error marker -->
+        <div style="position: absolute; top: -6px; right: -6px; width: 16px; height: 16px; background: #C0392B; border-radius: 50%; display: flex; align-items: center; justify-content: center; font-size: 9px; color: white; font-weight: bold;">!</div>
+      </div>
+
+      <svg width="30" height="10" style="flex-shrink:0;"><line x1="0" y1="5" x2="25" y2="5" stroke="#9CA3AF" stroke-width="1" stroke-dasharray="3,3"/></svg>
+
+      <!-- to:http (SKIPPED) -->
+      <div style="opacity: 0.35;">
+        <div style="width: 140px; height: 52px; background: #fff; border: 1px solid #E4DFD8; border-radius: 6px; overflow: hidden;">
+          <div style="height: 5px; background: #3D7C47;"></div>
+          <div style="padding: 4px 8px;">
+            <div style="font-size: 10px; font-weight: 600; color: #1A1612;">to:http:api</div>
+            <div style="font-size: 9px; color: #9C9184;">TO</div>
+          </div>
+        </div>
+      </div>
+
+      <svg width="30" height="10" style="flex-shrink:0;"><line x1="0" y1="5" x2="25" y2="5" stroke="#9CA3AF" stroke-width="1" stroke-dasharray="3,3"/></svg>
+
+      <!-- to:jms (SKIPPED) -->
+      <div style="opacity: 0.35;">
+        <div style="width: 140px; height: 52px; background: #fff; border: 1px solid #E4DFD8; border-radius: 6px; overflow: hidden;">
+          <div style="height: 5px; background: #3D7C47;"></div>
+          <div style="padding: 4px 8px;">
+            <div style="font-size: 10px; font-weight: 600; color: #1A1612;">to:jms:result</div>
+            <div style="font-size: 9px; color: #9C9184;">TO</div>
+          </div>
+        </div>
+      </div>
+    </div>
+  </div>
+</div>
+
+<h3 style="margin-top: 24px;">Node State Legend</h3>
+<div style="display: flex; gap: 16px; flex-wrap: wrap; margin-top: 8px;">
+
+  <!-- Completed -->
+  <div style="display: flex; align-items: center; gap: 8px; background: #f8f8f6; padding: 10px 14px; border-radius: 6px;">
+    <div style="position: relative; width: 80px; height: 36px; background: #F0F9F1; border: 1.5px solid #3D7C47; border-radius: 4px; border-left: 3px solid #3D7C47;">
+      <div style="position: absolute; top: -5px; right: -5px; width: 14px; height: 14px; background: #3D7C47; border-radius: 50%; display: flex; align-items: center; justify-content: center; font-size: 8px; color: white;">&#10003;</div>
+      <div style="position: absolute; bottom: 1px; right: 4px; font-size: 7px; color: #3D7C47;">5ms</div>
+    </div>
+    <div>
+      <div style="font-size: 12px; font-weight: 600; color: #3D7C47;">Completed</div>
+      <div style="font-size: 10px; color: #9C9184;">Green tint + border + check badge + duration</div>
+    </div>
+  </div>
+
+  <!-- Failed -->
+  <div style="display: flex; align-items: center; gap: 8px; background: #f8f8f6; padding: 10px 14px; border-radius: 6px;">
+    <div style="position: relative; width: 80px; height: 36px; background: #FDF2F0; border: 2px solid #C0392B; border-radius: 4px;">
+      <div style="position: absolute; top: -5px; right: -5px; width: 14px; height: 14px; background: #C0392B; border-radius: 50%; display: flex; align-items: center; justify-content: center; font-size: 8px; color: white; font-weight: bold;">!</div>
+      <div style="position: absolute; bottom: 1px; right: 4px; font-size: 7px; color: #C0392B;">120ms</div>
+    </div>
+    <div>
+      <div style="font-size: 12px; font-weight: 600; color: #C0392B;">Failed</div>
+      <div style="font-size: 10px; color: #9C9184;">Red tint + border + ! badge + duration</div>
+    </div>
+  </div>
+
+  <!-- Sub-route failure -->
+  <div style="display: flex; align-items: center; gap: 8px; background: #f8f8f6; padding: 10px 14px; border-radius: 6px;">
+    <div style="position: relative; width: 80px; height: 36px; background: #FDF2F0; border: 2px solid #C0392B; border-radius: 4px;">
+      <div style="position: absolute; top: -5px; right: -5px; width: 14px; height: 14px; background: #C0392B; border-radius: 50%; display: flex; align-items: center; justify-content: center; font-size: 8px; color: white; font-weight: bold;">!</div>
+      <div style="position: absolute; bottom: 1px; left: 4px; font-size: 8px; color: #C0392B;">&#8628;</div>
+      <div style="position: absolute; bottom: 1px; right: 4px; font-size: 7px; color: #C0392B;">85ms</div>
+    </div>
+    <div>
+      <div style="font-size: 12px; font-weight: 600; color: #C0392B;">Sub-route Failure</div>
+      <div style="font-size: 10px; color: #9C9184;">Same as failed + drill-down arrow</div>
+    </div>
+  </div>
+
+  <!-- Skipped -->
+  <div style="display: flex; align-items: center; gap: 8px; background: #f8f8f6; padding: 10px 14px; border-radius: 6px;">
+    <div style="opacity: 0.35; width: 80px; height: 36px; background: #fff; border: 1px solid #E4DFD8; border-radius: 4px;">
+    </div>
+    <div>
+      <div style="font-size: 12px; font-weight: 600; color: #9C9184;">Skipped</div>
+      <div style="font-size: 10px; color: #9C9184;">35% opacity, no badge, no duration</div>
+    </div>
+  </div>
+</div>
+
+<h3 style="margin-top: 24px;">Edge States</h3>
+<div style="display: flex; gap: 16px; flex-wrap: wrap; margin-top: 8px;">
+  <div style="display: flex; align-items: center; gap: 8px; background: #f8f8f6; padding: 10px 14px; border-radius: 6px;">
+    <svg width="60" height="10"><line x1="0" y1="5" x2="50" y2="5" stroke="#3D7C47" stroke-width="1.5"/><polygon points="47,2 53,5 47,8" fill="#3D7C47"/></svg>
+    <div style="font-size: 11px; color: #5C5347;"><strong>Traversed</strong> — green, solid</div>
+  </div>
+  <div style="display: flex; align-items: center; gap: 8px; background: #f8f8f6; padding: 10px 14px; border-radius: 6px;">
+    <svg width="60" height="10"><line x1="0" y1="5" x2="50" y2="5" stroke="#9CA3AF" stroke-width="1" stroke-dasharray="3,3"/><polygon points="47,2 53,5 47,8" fill="#9CA3AF"/></svg>
+    <div style="font-size: 11px; color: #5C5347;"><strong>Not traversed</strong> — gray, dashed</div>
+  </div>
+</div>

.superpowers/brainstorm/14618-1774629192/waiting.html

@@ -0,0 +1,3 @@
+<div style="display:flex;align-items:center;justify-content:center;min-height:60vh">
+  <p class="subtitle">Continuing in terminal...</p>
+</div>

.superpowers/brainstorm/2048-1774541143/content/appconfig-detail-new-sections.html

@@ -0,0 +1,181 @@
+<h2>AppConfigDetailPage — New Sections</h2>
+<p class="subtitle">Taps overview, route recording map, and compress success toggle added to existing config page</p>
+
+<div class="mockup">
+  <div class="mockup-header">AppConfigDetailPage — Full Layout (scrollable)</div>
+  <div class="mockup-body" style="background:#1a1a2e;color:#e0e0e0;padding:20px;font-family:system-ui,-apple-system,sans-serif;font-size:13px;">
+
+    <!-- Back + Header -->
+    <div style="display:flex;align-items:center;gap:8px;margin-bottom:16px;">
+      <span style="color:#9ca3af;cursor:pointer;font-size:16px;">&#8592;</span>
+      <span style="font-size:16px;font-weight:600;">order-service</span>
+      <span style="font-family:monospace;font-size:11px;color:#6b7280;margin-left:8px;">v14 · Updated 3 min ago</span>
+      <div style="margin-left:auto;display:flex;gap:8px;">
+        <span style="color:#9ca3af;cursor:pointer;font-size:14px;" title="Edit">&#9998;</span>
+      </div>
+    </div>
+
+    <!-- ═══ EXISTING: Logging Section ═══ -->
+    <div style="background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;padding:16px;margin-bottom:12px;">
+      <div style="font-size:12px;font-weight:600;margin-bottom:10px;color:#9ca3af;text-transform:uppercase;letter-spacing:0.5px;">Logging</div>
+      <div style="display:flex;gap:24px;">
+        <div>
+          <div style="font-size:11px;color:#6b7280;margin-bottom:3px;">Log Forwarding Level</div>
+          <span style="background:#1e3a5f;color:#7dd3fc;padding:2px 10px;border-radius:4px;font-size:11px;">INFO</span>
+        </div>
+      </div>
+    </div>
+
+    <!-- ═══ EXISTING: Observability Section ═══ -->
+    <div style="background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;padding:16px;margin-bottom:12px;">
+      <div style="font-size:12px;font-weight:600;margin-bottom:10px;color:#9ca3af;text-transform:uppercase;letter-spacing:0.5px;">Observability</div>
+      <div style="display:flex;gap:24px;flex-wrap:wrap;">
+        <div>
+          <div style="font-size:11px;color:#6b7280;margin-bottom:3px;">Engine Level</div>
+          <span style="background:#1e3a5f;color:#7dd3fc;padding:2px 10px;border-radius:4px;font-size:11px;">REGULAR</span>
+        </div>
+        <div>
+          <div style="font-size:11px;color:#6b7280;margin-bottom:3px;">Payload Capture</div>
+          <span style="background:#2d1f3b;color:#d8b4fe;padding:2px 10px;border-radius:4px;font-size:11px;">BOTH</span>
+        </div>
+        <div>
+          <div style="font-size:11px;color:#6b7280;margin-bottom:3px;">Metrics</div>
+          <span style="background:#1a3a2a;color:#86efac;padding:2px 10px;border-radius:4px;font-size:11px;">ON</span>
+        </div>
+        <div>
+          <div style="font-size:11px;color:#6b7280;margin-bottom:3px;">Sampling Rate</div>
+          <span style="font-family:monospace;font-size:12px;color:#e0e0e0;">1.0</span>
+        </div>
+        <div>
+          <div style="font-size:11px;color:#6b7280;margin-bottom:3px;">Compress Success</div>
+          <span style="background:#3b2f1f;color:#fcd34d;padding:2px 10px;border-radius:4px;font-size:11px;">OFF</span>
+        </div>
+      </div>
+    </div>
+
+    <!-- ═══ EXISTING: Traced Processors ═══ -->
+    <div style="background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;padding:16px;margin-bottom:12px;">
+      <div style="font-size:12px;font-weight:600;margin-bottom:10px;color:#9ca3af;text-transform:uppercase;letter-spacing:0.5px;">Traced Processors</div>
+      <div style="font-size:11px;color:#6b7280;margin-bottom:8px;">2 processors with custom capture modes</div>
+      <table style="width:100%;border-collapse:collapse;font-size:12px;">
+        <thead>
+          <tr style="border-bottom:1px solid #2d2d50;">
+            <th style="text-align:left;padding:6px 8px;color:#9ca3af;font-size:11px;font-weight:500;">Processor ID</th>
+            <th style="text-align:left;padding:6px 8px;color:#9ca3af;font-size:11px;font-weight:500;">Capture Mode</th>
+          </tr>
+        </thead>
+        <tbody>
+          <tr style="border-bottom:1px solid #161630;">
+            <td style="padding:6px 8px;font-family:monospace;font-size:11px;">unmarshal1</td>
+            <td style="padding:6px 8px;"><span style="background:#2d1f3b;color:#d8b4fe;padding:1px 8px;border-radius:4px;font-size:10px;">BOTH</span></td>
+          </tr>
+          <tr>
+            <td style="padding:6px 8px;font-family:monospace;font-size:11px;">toDatabase</td>
+            <td style="padding:6px 8px;"><span style="background:#1e3a5f;color:#7dd3fc;padding:1px 8px;border-radius:4px;font-size:10px;">INPUT</span></td>
+          </tr>
+        </tbody>
+      </table>
+    </div>
+
+    <!-- ═══ NEW: Data Extraction Taps ═══ -->
+    <div style="background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;padding:16px;margin-bottom:12px;">
+      <div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:10px;">
+        <div style="font-size:12px;font-weight:600;color:#9ca3af;text-transform:uppercase;letter-spacing:0.5px;">Data Extraction Taps</div>
+        <span style="font-size:11px;color:#6b7280;">3 taps · manage on route pages</span>
+      </div>
+      <table style="width:100%;border-collapse:collapse;font-size:12px;">
+        <thead>
+          <tr style="border-bottom:1px solid #2d2d50;">
+            <th style="text-align:left;padding:6px 8px;color:#9ca3af;font-size:11px;font-weight:500;">Attribute</th>
+            <th style="text-align:left;padding:6px 8px;color:#9ca3af;font-size:11px;font-weight:500;">Processor</th>
+            <th style="text-align:left;padding:6px 8px;color:#9ca3af;font-size:11px;font-weight:500;">Expression</th>
+            <th style="text-align:left;padding:6px 8px;color:#9ca3af;font-size:11px;font-weight:500;">Language</th>
+            <th style="text-align:center;padding:6px 8px;color:#9ca3af;font-size:11px;font-weight:500;">Enabled</th>
+          </tr>
+        </thead>
+        <tbody>
+          <tr style="border-bottom:1px solid #161630;">
+            <td style="padding:6px 8px;font-weight:500;">orderId</td>
+            <td style="padding:6px 8px;font-family:monospace;font-size:11px;color:#60a5fa;">unmarshal1</td>
+            <td style="padding:6px 8px;font-family:monospace;font-size:11px;"><span style="background:#161630;padding:1px 6px;border-radius:4px;">${body.orderId}</span></td>
+            <td style="padding:6px 8px;"><span style="background:#1e3a5f;color:#7dd3fc;padding:1px 6px;border-radius:4px;font-size:10px;">simple</span></td>
+            <td style="padding:6px 8px;text-align:center;"><span style="color:#4ade80;">&#10003;</span></td>
+          </tr>
+          <tr style="border-bottom:1px solid #161630;">
+            <td style="padding:6px 8px;font-weight:500;">customerId</td>
+            <td style="padding:6px 8px;font-family:monospace;font-size:11px;color:#60a5fa;">unmarshal1</td>
+            <td style="padding:6px 8px;font-family:monospace;font-size:11px;"><span style="background:#161630;padding:1px 6px;border-radius:4px;">${body.customer.id}</span></td>
+            <td style="padding:6px 8px;"><span style="background:#1e3a5f;color:#7dd3fc;padding:1px 6px;border-radius:4px;font-size:10px;">simple</span></td>
+            <td style="padding:6px 8px;text-align:center;"><span style="color:#4ade80;">&#10003;</span></td>
+          </tr>
+          <tr>
+            <td style="padding:6px 8px;font-weight:500;">orderTotal</td>
+            <td style="padding:6px 8px;font-family:monospace;font-size:11px;color:#60a5fa;">enrichPrice</td>
+            <td style="padding:6px 8px;font-family:monospace;font-size:11px;"><span style="background:#161630;padding:1px 6px;border-radius:4px;">$.total</span></td>
+            <td style="padding:6px 8px;"><span style="background:#3b2f1f;color:#fcd34d;padding:1px 6px;border-radius:4px;font-size:10px;">jsonpath</span></td>
+            <td style="padding:6px 8px;text-align:center;"><span style="color:#6b7280;">&#10007;</span></td>
+          </tr>
+        </tbody>
+      </table>
+    </div>
+
+    <!-- ═══ NEW: Route Recording ═══ -->
+    <div style="background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;padding:16px;margin-bottom:12px;">
+      <div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:10px;">
+        <div style="font-size:12px;font-weight:600;color:#9ca3af;text-transform:uppercase;letter-spacing:0.5px;">Route Recording</div>
+        <span style="font-size:11px;color:#6b7280;">4 of 5 routes recording</span>
+      </div>
+      <table style="width:100%;border-collapse:collapse;font-size:12px;">
+        <thead>
+          <tr style="border-bottom:1px solid #2d2d50;">
+            <th style="text-align:left;padding:6px 8px;color:#9ca3af;font-size:11px;font-weight:500;">Route</th>
+            <th style="text-align:center;padding:6px 8px;color:#9ca3af;font-size:11px;font-weight:500;">Recording</th>
+          </tr>
+        </thead>
+        <tbody>
+          <tr style="border-bottom:1px solid #161630;">
+            <td style="padding:6px 8px;font-family:monospace;font-size:11px;">processOrder</td>
+            <td style="padding:6px 8px;text-align:center;">
+              <div style="width:32px;height:18px;background:#3b82f6;border-radius:9px;position:relative;margin:0 auto;cursor:pointer;">
+                <div style="width:14px;height:14px;background:white;border-radius:50%;position:absolute;top:2px;right:2px;"></div>
+              </div>
+            </td>
+          </tr>
+          <tr style="border-bottom:1px solid #161630;">
+            <td style="padding:6px 8px;font-family:monospace;font-size:11px;">processPayment</td>
+            <td style="padding:6px 8px;text-align:center;">
+              <div style="width:32px;height:18px;background:#3b82f6;border-radius:9px;position:relative;margin:0 auto;cursor:pointer;">
+                <div style="width:14px;height:14px;background:white;border-radius:50%;position:absolute;top:2px;right:2px;"></div>
+              </div>
+            </td>
+          </tr>
+          <tr style="border-bottom:1px solid #161630;">
+            <td style="padding:6px 8px;font-family:monospace;font-size:11px;">sendNotification</td>
+            <td style="padding:6px 8px;text-align:center;">
+              <div style="width:32px;height:18px;background:#3b82f6;border-radius:9px;position:relative;margin:0 auto;cursor:pointer;">
+                <div style="width:14px;height:14px;background:white;border-radius:50%;position:absolute;top:2px;right:2px;"></div>
+              </div>
+            </td>
+          </tr>
+          <tr style="border-bottom:1px solid #161630;">
+            <td style="padding:6px 8px;font-family:monospace;font-size:11px;">handleRefund</td>
+            <td style="padding:6px 8px;text-align:center;">
+              <div style="width:32px;height:18px;background:#4b5563;border-radius:9px;position:relative;margin:0 auto;cursor:pointer;">
+                <div style="width:14px;height:14px;background:white;border-radius:50%;position:absolute;top:2px;left:2px;"></div>
+              </div>
+            </td>
+          </tr>
+          <tr>
+            <td style="padding:6px 8px;font-family:monospace;font-size:11px;">healthCheck</td>
+            <td style="padding:6px 8px;text-align:center;">
+              <div style="width:32px;height:18px;background:#3b82f6;border-radius:9px;position:relative;margin:0 auto;cursor:pointer;">
+                <div style="width:14px;height:14px;background:white;border-radius:50%;position:absolute;top:2px;right:2px;"></div>
+              </div>
+            </td>
+          </tr>
+        </tbody>
+      </table>
+    </div>
+
+  </div>
+</div>

.superpowers/brainstorm/2048-1774541143/content/appconfig-final-layout.html

@@ -0,0 +1,149 @@
+<h2>AppConfigDetailPage — Final Layout</h2>
+<p class="subtitle">Three clean sections: Settings, Traces & Taps, Route Recording</p>
+
+<div class="mockup">
+  <div class="mockup-header">AppConfigDetailPage — Complete</div>
+  <div class="mockup-body" style="background:#1a1a2e;color:#e0e0e0;padding:20px;font-family:system-ui,-apple-system,sans-serif;font-size:13px;">
+
+    <!-- Back + Header -->
+    <div style="display:flex;align-items:center;gap:8px;margin-bottom:16px;">
+      <span style="color:#9ca3af;cursor:pointer;font-size:16px;">&#8592;</span>
+      <span style="font-size:16px;font-weight:600;">order-service</span>
+      <span style="font-family:monospace;font-size:11px;color:#6b7280;margin-left:8px;">v14 · Updated 3 min ago</span>
+      <div style="margin-left:auto;display:flex;gap:8px;">
+        <span style="color:#9ca3af;cursor:pointer;font-size:14px;" title="Edit">&#9998;</span>
+      </div>
+    </div>
+
+    <!-- ═══ Section 1: Settings ═══ -->
+    <div style="background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;padding:16px;margin-bottom:12px;">
+      <div style="font-size:12px;font-weight:600;margin-bottom:12px;color:#9ca3af;text-transform:uppercase;letter-spacing:0.5px;">Settings</div>
+      <div style="display:flex;gap:28px;flex-wrap:wrap;">
+        <div>
+          <div style="font-size:11px;color:#6b7280;margin-bottom:3px;">Log Forwarding</div>
+          <span style="background:#1e3a5f;color:#7dd3fc;padding:2px 10px;border-radius:4px;font-size:11px;">INFO</span>
+        </div>
+        <div>
+          <div style="font-size:11px;color:#6b7280;margin-bottom:3px;">Engine Level</div>
+          <span style="background:#1e3a5f;color:#7dd3fc;padding:2px 10px;border-radius:4px;font-size:11px;">REGULAR</span>
+        </div>
+        <div>
+          <div style="font-size:11px;color:#6b7280;margin-bottom:3px;">Payload Capture</div>
+          <span style="background:#2d1f3b;color:#d8b4fe;padding:2px 10px;border-radius:4px;font-size:11px;">BOTH</span>
+        </div>
+        <div>
+          <div style="font-size:11px;color:#6b7280;margin-bottom:3px;">Metrics</div>
+          <span style="background:#1a3a2a;color:#86efac;padding:2px 10px;border-radius:4px;font-size:11px;">ON</span>
+        </div>
+        <div>
+          <div style="font-size:11px;color:#6b7280;margin-bottom:3px;">Sampling Rate</div>
+          <span style="font-family:monospace;font-size:12px;color:#e0e0e0;">1.0</span>
+        </div>
+        <div>
+          <div style="font-size:11px;color:#6b7280;margin-bottom:3px;">Compress Success</div>
+          <span style="background:#3b2f1f;color:#fcd34d;padding:2px 10px;border-radius:4px;font-size:11px;">OFF</span>
+        </div>
+      </div>
+    </div>
+
+    <!-- ═══ Section 2: Traces & Taps ═══ -->
+    <div style="background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;padding:16px;margin-bottom:12px;">
+      <div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:10px;">
+        <div style="font-size:12px;font-weight:600;color:#9ca3af;text-transform:uppercase;letter-spacing:0.5px;">Traces & Taps</div>
+        <span style="font-size:11px;color:#6b7280;">2 traced · 3 taps · manage taps on route pages</span>
+      </div>
+      <table style="width:100%;border-collapse:collapse;font-size:12px;">
+        <thead>
+          <tr style="border-bottom:1px solid #2d2d50;">
+            <th style="text-align:left;padding:8px;color:#9ca3af;font-size:11px;font-weight:500;">Processor</th>
+            <th style="text-align:left;padding:8px;color:#9ca3af;font-size:11px;font-weight:500;">Capture</th>
+            <th style="text-align:left;padding:8px;color:#9ca3af;font-size:11px;font-weight:500;">Taps</th>
+          </tr>
+        </thead>
+        <tbody>
+          <tr style="border-bottom:1px solid #161630;">
+            <td style="padding:8px;font-family:monospace;font-size:11px;color:#60a5fa;">unmarshal1</td>
+            <td style="padding:8px;"><span style="background:#2d1f3b;color:#d8b4fe;padding:1px 8px;border-radius:4px;font-size:10px;">BOTH</span></td>
+            <td style="padding:8px;">
+              <div style="display:flex;gap:6px;flex-wrap:wrap;">
+                <span style="background:#1e3a5f;color:#7dd3fc;padding:1px 8px;border-radius:10px;font-size:10px;font-family:monospace;">orderId <span style="color:#4ade80;margin-left:2px;">&#10003;</span></span>
+                <span style="background:#1e3a5f;color:#7dd3fc;padding:1px 8px;border-radius:10px;font-size:10px;font-family:monospace;">customerId <span style="color:#4ade80;margin-left:2px;">&#10003;</span></span>
+              </div>
+            </td>
+          </tr>
+          <tr style="border-bottom:1px solid #161630;">
+            <td style="padding:8px;font-family:monospace;font-size:11px;color:#60a5fa;">toDatabase</td>
+            <td style="padding:8px;"><span style="background:#1e3a5f;color:#7dd3fc;padding:1px 8px;border-radius:4px;font-size:10px;">INPUT</span></td>
+            <td style="padding:8px;"><span style="color:#6b7280;font-size:11px;">—</span></td>
+          </tr>
+          <tr>
+            <td style="padding:8px;font-family:monospace;font-size:11px;color:#60a5fa;">enrichPrice</td>
+            <td style="padding:8px;"><span style="color:#6b7280;font-size:11px;">—</span></td>
+            <td style="padding:8px;">
+              <span style="background:#3b2f1f;color:#fcd34d;padding:1px 8px;border-radius:10px;font-size:10px;font-family:monospace;">orderTotal <span style="color:#6b7280;margin-left:2px;">&#10007;</span></span>
+            </td>
+          </tr>
+        </tbody>
+      </table>
+    </div>
+
+    <!-- ═══ Section 3: Route Recording ═══ -->
+    <div style="background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;padding:16px;">
+      <div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:10px;">
+        <div style="font-size:12px;font-weight:600;color:#9ca3af;text-transform:uppercase;letter-spacing:0.5px;">Route Recording</div>
+        <span style="font-size:11px;color:#6b7280;">4 of 5 routes recording</span>
+      </div>
+      <table style="width:100%;border-collapse:collapse;font-size:12px;">
+        <thead>
+          <tr style="border-bottom:1px solid #2d2d50;">
+            <th style="text-align:left;padding:6px 8px;color:#9ca3af;font-size:11px;font-weight:500;">Route</th>
+            <th style="text-align:center;padding:6px 8px;color:#9ca3af;font-size:11px;font-weight:500;width:80px;">Recording</th>
+          </tr>
+        </thead>
+        <tbody>
+          <tr style="border-bottom:1px solid #161630;">
+            <td style="padding:6px 8px;font-family:monospace;font-size:11px;">processOrder</td>
+            <td style="padding:6px 8px;text-align:center;">
+              <div style="width:32px;height:18px;background:#3b82f6;border-radius:9px;position:relative;margin:0 auto;">
+                <div style="width:14px;height:14px;background:white;border-radius:50%;position:absolute;top:2px;right:2px;"></div>
+              </div>
+            </td>
+          </tr>
+          <tr style="border-bottom:1px solid #161630;">
+            <td style="padding:6px 8px;font-family:monospace;font-size:11px;">processPayment</td>
+            <td style="padding:6px 8px;text-align:center;">
+              <div style="width:32px;height:18px;background:#3b82f6;border-radius:9px;position:relative;margin:0 auto;">
+                <div style="width:14px;height:14px;background:white;border-radius:50%;position:absolute;top:2px;right:2px;"></div>
+              </div>
+            </td>
+          </tr>
+          <tr style="border-bottom:1px solid #161630;">
+            <td style="padding:6px 8px;font-family:monospace;font-size:11px;">sendNotification</td>
+            <td style="padding:6px 8px;text-align:center;">
+              <div style="width:32px;height:18px;background:#3b82f6;border-radius:9px;position:relative;margin:0 auto;">
+                <div style="width:14px;height:14px;background:white;border-radius:50%;position:absolute;top:2px;right:2px;"></div>
+              </div>
+            </td>
+          </tr>
+          <tr style="border-bottom:1px solid #161630;">
+            <td style="padding:6px 8px;font-family:monospace;font-size:11px;">handleRefund</td>
+            <td style="padding:6px 8px;text-align:center;">
+              <div style="width:32px;height:18px;background:#4b5563;border-radius:9px;position:relative;margin:0 auto;">
+                <div style="width:14px;height:14px;background:white;border-radius:50%;position:absolute;top:2px;left:2px;"></div>
+              </div>
+            </td>
+          </tr>
+          <tr>
+            <td style="padding:6px 8px;font-family:monospace;font-size:11px;">healthCheck</td>
+            <td style="padding:6px 8px;text-align:center;">
+              <div style="width:32px;height:18px;background:#3b82f6;border-radius:9px;position:relative;margin:0 auto;">
+                <div style="width:14px;height:14px;background:white;border-radius:50%;position:absolute;top:2px;right:2px;"></div>
+              </div>
+            </td>
+          </tr>
+        </tbody>
+      </table>
+    </div>
+
+  </div>
+</div>

.superpowers/brainstorm/2048-1774541143/content/appconfig-traces-taps-merged.html

@@ -0,0 +1,77 @@
+<h2>AppConfigDetailPage — Merged "Traces & Taps" Section</h2>
+<p class="subtitle">Single table combining traced processors and data extraction taps</p>
+
+<div class="mockup">
+  <div class="mockup-header">Traces & Taps — Merged Table</div>
+  <div class="mockup-body" style="background:#1a1a2e;color:#e0e0e0;padding:20px;font-family:system-ui,-apple-system,sans-serif;font-size:13px;">
+
+    <div style="background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;padding:16px;">
+      <div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:10px;">
+        <div style="font-size:12px;font-weight:600;color:#9ca3af;text-transform:uppercase;letter-spacing:0.5px;">Traces & Taps</div>
+        <span style="font-size:11px;color:#6b7280;">2 traced · 3 taps · manage taps on route pages</span>
+      </div>
+
+      <table style="width:100%;border-collapse:collapse;font-size:12px;">
+        <thead>
+          <tr style="border-bottom:1px solid #2d2d50;">
+            <th style="text-align:left;padding:8px;color:#9ca3af;font-size:11px;font-weight:500;">Processor</th>
+            <th style="text-align:left;padding:8px;color:#9ca3af;font-size:11px;font-weight:500;">Capture</th>
+            <th style="text-align:left;padding:8px;color:#9ca3af;font-size:11px;font-weight:500;">Taps</th>
+          </tr>
+        </thead>
+        <tbody>
+          <!-- Processor with both trace + taps -->
+          <tr style="border-bottom:1px solid #161630;">
+            <td style="padding:8px;font-family:monospace;font-size:11px;color:#60a5fa;">unmarshal1</td>
+            <td style="padding:8px;">
+              <span style="background:#2d1f3b;color:#d8b4fe;padding:1px 8px;border-radius:4px;font-size:10px;">BOTH</span>
+            </td>
+            <td style="padding:8px;">
+              <div style="display:flex;gap:6px;flex-wrap:wrap;">
+                <span style="background:#1e3a5f;color:#7dd3fc;padding:1px 8px;border-radius:10px;font-size:10px;font-family:monospace;">orderId <span style="color:#4ade80;margin-left:2px;">&#10003;</span></span>
+                <span style="background:#1e3a5f;color:#7dd3fc;padding:1px 8px;border-radius:10px;font-size:10px;font-family:monospace;">customerId <span style="color:#4ade80;margin-left:2px;">&#10003;</span></span>
+              </div>
+            </td>
+          </tr>
+          <!-- Processor with trace only -->
+          <tr style="border-bottom:1px solid #161630;">
+            <td style="padding:8px;font-family:monospace;font-size:11px;color:#60a5fa;">toDatabase</td>
+            <td style="padding:8px;">
+              <span style="background:#1e3a5f;color:#7dd3fc;padding:1px 8px;border-radius:4px;font-size:10px;">INPUT</span>
+            </td>
+            <td style="padding:8px;">
+              <span style="color:#6b7280;font-size:11px;">—</span>
+            </td>
+          </tr>
+          <!-- Processor with tap only (no trace override) -->
+          <tr>
+            <td style="padding:8px;font-family:monospace;font-size:11px;color:#60a5fa;">enrichPrice</td>
+            <td style="padding:8px;">
+              <span style="color:#6b7280;font-size:11px;">—</span>
+            </td>
+            <td style="padding:8px;">
+              <div style="display:flex;gap:6px;flex-wrap:wrap;">
+                <span style="background:#3b2f1f;color:#fcd34d;padding:1px 8px;border-radius:10px;font-size:10px;font-family:monospace;">orderTotal <span style="color:#6b7280;margin-left:2px;">&#10007;</span></span>
+              </div>
+            </td>
+          </tr>
+        </tbody>
+      </table>
+    </div>
+
+  </div>
+</div>
+
+<div style="margin-top:16px;"></div>
+
+<div class="section">
+  <h3>Design Notes</h3>
+  <ul style="font-size:14px;line-height:1.8;">
+    <li><strong>One row per processor</strong> that has either a capture override or taps (or both)</li>
+    <li><strong>Capture column:</strong> shows the trace capture mode badge, or em-dash if default</li>
+    <li><strong>Taps column:</strong> attribute name badges with enabled/disabled indicator (&#10003; / &#10007;), or em-dash if none</li>
+    <li><strong>Tap badges color-coded by language:</strong> blue = simple, yellow = jsonpath (matches RouteDetail tap table)</li>
+    <li><strong>Edit mode:</strong> capture column becomes a dropdown, taps remain read-only (manage on route pages)</li>
+    <li><strong>Empty state:</strong> "No processor-specific traces or taps configured" with link to route pages</li>
+  </ul>
+</div>

.superpowers/brainstorm/2048-1774541143/content/exchange-detail-mockup.html

@@ -0,0 +1,150 @@
+<h2>ExchangeDetail — Business Attributes & Replay</h2>
+<p class="subtitle">New elements added to the existing exchange detail page</p>
+
+<div class="mockup">
+  <div class="mockup-header">Exchange Detail Page — Header Card (enhanced)</div>
+  <div class="mockup-body" style="background:#1a1a2e;color:#e0e0e0;padding:20px;font-family:system-ui,-apple-system,sans-serif;font-size:13px;">
+
+    <!-- Exchange Header -->
+    <div style="display:flex;justify-content:space-between;align-items:flex-start;margin-bottom:16px;">
+      <div>
+        <div style="display:flex;align-items:center;gap:10px;margin-bottom:8px;">
+          <span style="width:10px;height:10px;border-radius:50%;background:#4ade80;display:inline-block;"></span>
+          <span style="font-family:monospace;font-size:15px;font-weight:600;">a1b2c3d4-e5f6-7890-abcd-ef1234567890</span>
+          <span style="background:#065f46;color:#6ee7b7;padding:2px 8px;border-radius:4px;font-size:11px;font-weight:600;">COMPLETED</span>
+        </div>
+        <div style="display:flex;gap:16px;font-size:12px;color:#9ca3af;">
+          <span>Route: <span style="color:#60a5fa;">processOrder</span></span>
+          <span>App: <span style="font-family:monospace;">order-service</span></span>
+          <span>Correlation: <span style="font-family:monospace;">corr-abc123</span></span>
+        </div>
+      </div>
+      <div style="display:flex;gap:8px;align-items:center;">
+        <!-- REPLAY BUTTON (NEW) -->
+        <button style="background:#3b82f6;color:white;border:none;padding:6px 14px;border-radius:6px;font-size:12px;font-weight:600;cursor:pointer;display:flex;align-items:center;gap:6px;">
+          &#x21bb; Replay
+        </button>
+      </div>
+    </div>
+
+    <!-- Business Attributes Strip (NEW) -->
+    <div style="display:flex;gap:8px;flex-wrap:wrap;padding:10px 14px;background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;margin-bottom:16px;">
+      <span style="font-size:11px;color:#9ca3af;margin-right:4px;line-height:24px;">Attributes</span>
+      <span style="background:#1e3a5f;color:#7dd3fc;padding:2px 10px;border-radius:12px;font-size:11px;font-family:monospace;">orderId: ORD-2024-78542</span>
+      <span style="background:#3b1f4b;color:#d8b4fe;padding:2px 10px;border-radius:12px;font-size:11px;font-family:monospace;">customerId: CUST-1234</span>
+      <span style="background:#1a3a2a;color:#86efac;padding:2px 10px;border-radius:12px;font-size:11px;font-family:monospace;">orderTotal: €149.90</span>
+      <span style="background:#3b2f1f;color:#fcd34d;padding:2px 10px;border-radius:12px;font-size:11px;font-family:monospace;">region: EU-WEST</span>
+    </div>
+
+    <!-- Stat boxes row -->
+    <div style="display:flex;gap:12px;">
+      <div style="flex:1;background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;padding:10px 14px;">
+        <div style="font-size:10px;color:#9ca3af;text-transform:uppercase;letter-spacing:0.5px;">Duration</div>
+        <div style="font-size:18px;font-weight:600;color:#4ade80;">245ms</div>
+      </div>
+      <div style="flex:1;background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;padding:10px 14px;">
+        <div style="font-size:10px;color:#9ca3af;text-transform:uppercase;letter-spacing:0.5px;">Agent</div>
+        <div style="font-size:14px;font-family:monospace;color:#e0e0e0;">order-svc-01</div>
+      </div>
+      <div style="flex:1;background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;padding:10px 14px;">
+        <div style="font-size:10px;color:#9ca3af;text-transform:uppercase;letter-spacing:0.5px;">Started</div>
+        <div style="font-size:14px;font-family:monospace;color:#e0e0e0;">14:23:45.123</div>
+      </div>
+      <div style="flex:1;background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;padding:10px 14px;">
+        <div style="font-size:10px;color:#9ca3af;text-transform:uppercase;letter-spacing:0.5px;">Processors</div>
+        <div style="font-size:18px;font-weight:600;color:#e0e0e0;">12</div>
+      </div>
+    </div>
+  </div>
+</div>
+
+<div style="margin-top:24px;"></div>
+
+<div class="mockup">
+  <div class="mockup-header">Replay Confirmation Dialog</div>
+  <div class="mockup-body" style="background:#1a1a2e;color:#e0e0e0;padding:40px;display:flex;justify-content:center;">
+    <div style="background:#1e1e3a;border:1px solid #2d2d50;border-radius:12px;padding:24px;width:480px;box-shadow:0 20px 60px rgba(0,0,0,0.5);">
+      <div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:16px;">
+        <span style="font-size:15px;font-weight:600;">Replay Exchange</span>
+        <span style="color:#9ca3af;cursor:pointer;">✕</span>
+      </div>
+      <div style="font-size:12px;color:#9ca3af;margin-bottom:16px;">
+        This will re-execute the exchange on the target agent. The original exchange data will be used as input.
+      </div>
+      <div style="margin-bottom:12px;">
+        <div style="font-size:11px;color:#9ca3af;margin-bottom:4px;">Original Exchange</div>
+        <div style="font-family:monospace;font-size:12px;background:#161630;border:1px solid #2d2d50;border-radius:6px;padding:8px 12px;">a1b2c3d4-e5f6-7890-abcd-ef1234567890</div>
+      </div>
+      <div style="margin-bottom:12px;">
+        <div style="font-size:11px;color:#9ca3af;margin-bottom:4px;">Target Agent</div>
+        <div style="background:#161630;border:1px solid #2d2d50;border-radius:6px;padding:8px 12px;font-size:12px;display:flex;justify-content:space-between;align-items:center;">
+          <span style="font-family:monospace;">order-svc-01</span>
+          <span style="color:#9ca3af;font-size:10px;">▼</span>
+        </div>
+      </div>
+      <div style="margin-bottom:16px;">
+        <div style="font-size:11px;color:#9ca3af;margin-bottom:4px;">Route</div>
+        <div style="font-family:monospace;font-size:12px;background:#161630;border:1px solid #2d2d50;border-radius:6px;padding:8px 12px;">processOrder</div>
+      </div>
+      <div style="display:flex;gap:8px;justify-content:flex-end;">
+        <button style="background:transparent;color:#9ca3af;border:1px solid #2d2d50;padding:6px 16px;border-radius:6px;font-size:12px;cursor:pointer;">Cancel</button>
+        <button style="background:#3b82f6;color:white;border:none;padding:6px 16px;border-radius:6px;font-size:12px;font-weight:600;cursor:pointer;">&#x21bb; Replay</button>
+      </div>
+    </div>
+  </div>
+</div>
+
+<div style="margin-top:24px;"></div>
+
+<div class="mockup">
+  <div class="mockup-header">Dashboard — Exchanges Table (with business attributes)</div>
+  <div class="mockup-body" style="background:#1a1a2e;color:#e0e0e0;padding:16px;font-family:system-ui,-apple-system,sans-serif;font-size:12px;">
+    <table style="width:100%;border-collapse:collapse;">
+      <thead>
+        <tr style="border-bottom:1px solid #2d2d50;text-align:left;">
+          <th style="padding:8px 12px;color:#9ca3af;font-size:11px;font-weight:500;">Status</th>
+          <th style="padding:8px 12px;color:#9ca3af;font-size:11px;font-weight:500;">Route</th>
+          <th style="padding:8px 12px;color:#9ca3af;font-size:11px;font-weight:500;">App</th>
+          <th style="padding:8px 12px;color:#9ca3af;font-size:11px;font-weight:500;">Attributes</th>
+          <th style="padding:8px 12px;color:#9ca3af;font-size:11px;font-weight:500;">Exchange ID</th>
+          <th style="padding:8px 12px;color:#9ca3af;font-size:11px;font-weight:500;">Duration</th>
+        </tr>
+      </thead>
+      <tbody>
+        <tr style="border-bottom:1px solid #1e1e3a;">
+          <td style="padding:8px 12px;"><span style="width:8px;height:8px;border-radius:50%;background:#4ade80;display:inline-block;"></span> <span style="color:#6ee7b7;font-size:11px;">OK</span></td>
+          <td style="padding:8px 12px;color:#60a5fa;">processOrder</td>
+          <td style="padding:8px 12px;font-family:monospace;">order-svc</td>
+          <td style="padding:8px 12px;">
+            <span style="background:#1e3a5f;color:#7dd3fc;padding:1px 6px;border-radius:8px;font-size:10px;font-family:monospace;">ORD-78542</span>
+            <span style="background:#3b1f4b;color:#d8b4fe;padding:1px 6px;border-radius:8px;font-size:10px;font-family:monospace;">CUST-1234</span>
+          </td>
+          <td style="padding:8px 12px;font-family:monospace;font-size:11px;">a1b2c3d4-e5f6…</td>
+          <td style="padding:8px 12px;font-family:monospace;color:#4ade80;">245ms</td>
+        </tr>
+        <tr style="border-bottom:1px solid #1e1e3a;">
+          <td style="padding:8px 12px;"><span style="width:8px;height:8px;border-radius:50%;background:#f87171;display:inline-block;"></span> <span style="color:#fca5a5;font-size:11px;">ERR</span></td>
+          <td style="padding:8px 12px;color:#60a5fa;">processPayment</td>
+          <td style="padding:8px 12px;font-family:monospace;">payment-svc</td>
+          <td style="padding:8px 12px;">
+            <span style="background:#1e3a5f;color:#7dd3fc;padding:1px 6px;border-radius:8px;font-size:10px;font-family:monospace;">PAY-91023</span>
+            <span style="color:#6b7280;font-size:10px;">+2</span>
+          </td>
+          <td style="padding:8px 12px;font-family:monospace;font-size:11px;">f8e7d6c5-b4a3…</td>
+          <td style="padding:8px 12px;font-family:monospace;color:#f87171;">1,234ms</td>
+        </tr>
+        <tr style="border-bottom:1px solid #1e1e3a;">
+          <td style="padding:8px 12px;"><span style="width:8px;height:8px;border-radius:50%;background:#4ade80;display:inline-block;"></span> <span style="color:#6ee7b7;font-size:11px;">OK</span></td>
+          <td style="padding:8px 12px;color:#60a5fa;">sendNotification</td>
+          <td style="padding:8px 12px;font-family:monospace;">notif-svc</td>
+          <td style="padding:8px 12px;"><span style="color:#6b7280;font-size:10px;font-style:italic;">—</span></td>
+          <td style="padding:8px 12px;font-family:monospace;font-size:11px;">12345678-abcd…</td>
+          <td style="padding:8px 12px;font-family:monospace;color:#4ade80;">89ms</td>
+        </tr>
+      </tbody>
+    </table>
+    <div style="margin-top:12px;font-size:11px;color:#6b7280;">
+      Note: Attributes column shows first 2 values as compact badges, "+N" overflow indicator when more exist. Em-dash when no attributes extracted.
+    </div>
+  </div>
+</div>

.superpowers/brainstorm/2048-1774541143/content/replay-dialog-v2.html

@@ -0,0 +1,138 @@
+<h2>Replay Dialog — Revised</h2>
+<p class="subtitle">Target agent selection + editable payload and headers</p>
+
+<div class="mockup">
+  <div class="mockup-header">Replay Exchange Dialog (large modal)</div>
+  <div class="mockup-body" style="background:#1a1a2e;color:#e0e0e0;padding:40px;display:flex;justify-content:center;">
+    <div style="background:#1e1e3a;border:1px solid #2d2d50;border-radius:12px;padding:0;width:640px;box-shadow:0 20px 60px rgba(0,0,0,0.5);overflow:hidden;">
+
+      <!-- Dialog header -->
+      <div style="display:flex;justify-content:space-between;align-items:center;padding:16px 20px;border-bottom:1px solid #2d2d50;">
+        <span style="font-size:15px;font-weight:600;">Replay Exchange</span>
+        <span style="color:#9ca3af;cursor:pointer;font-size:18px;">✕</span>
+      </div>
+
+      <div style="padding:20px;">
+        <!-- Warning -->
+        <div style="font-size:12px;color:#fbbf24;background:#3b2f1f;border:1px solid #854d0e;border-radius:6px;padding:8px 12px;margin-bottom:16px;display:flex;align-items:center;gap:8px;">
+          <span>⚠</span> This will re-execute the exchange on the selected agent.
+        </div>
+
+        <!-- Target Agent -->
+        <div style="margin-bottom:16px;">
+          <div style="font-size:11px;color:#9ca3af;margin-bottom:4px;font-weight:500;">Target Agent</div>
+          <div style="background:#161630;border:1px solid #2d2d50;border-radius:6px;padding:8px 12px;font-size:12px;display:flex;justify-content:space-between;align-items:center;">
+            <span style="font-family:monospace;">order-svc-01</span>
+            <span style="color:#9ca3af;font-size:10px;">▼</span>
+          </div>
+          <div style="font-size:10px;color:#6b7280;margin-top:4px;">Only LIVE agents for this application are shown</div>
+        </div>
+
+        <!-- Tabs: Headers / Body -->
+        <div style="display:flex;gap:0;margin-bottom:0;border-bottom:1px solid #2d2d50;">
+          <div style="padding:8px 16px;font-size:12px;font-weight:600;color:#60a5fa;border-bottom:2px solid #3b82f6;cursor:pointer;">Headers</div>
+          <div style="padding:8px 16px;font-size:12px;color:#9ca3af;cursor:pointer;">Body</div>
+        </div>
+
+        <!-- Headers tab content -->
+        <div style="background:#161630;border:1px solid #2d2d50;border-top:none;border-radius:0 0 6px 6px;padding:12px;margin-bottom:16px;">
+          <table style="width:100%;border-collapse:collapse;font-size:11px;">
+            <thead>
+              <tr style="border-bottom:1px solid #2d2d50;">
+                <th style="text-align:left;padding:4px 8px;color:#9ca3af;font-weight:500;width:35%;">Key</th>
+                <th style="text-align:left;padding:4px 8px;color:#9ca3af;font-weight:500;">Value</th>
+                <th style="width:32px;"></th>
+              </tr>
+            </thead>
+            <tbody>
+              <tr style="border-bottom:1px solid #1e1e3a;">
+                <td style="padding:4px 8px;"><input style="background:#1a1a2e;border:1px solid #2d2d50;border-radius:4px;color:#e0e0e0;padding:4px 8px;width:100%;font-family:monospace;font-size:11px;box-sizing:border-box;" value="Content-Type" /></td>
+                <td style="padding:4px 8px;"><input style="background:#1a1a2e;border:1px solid #2d2d50;border-radius:4px;color:#e0e0e0;padding:4px 8px;width:100%;font-family:monospace;font-size:11px;box-sizing:border-box;" value="application/json" /></td>
+                <td style="padding:4px 8px;text-align:center;"><span style="color:#f87171;cursor:pointer;font-size:14px;">✕</span></td>
+              </tr>
+              <tr style="border-bottom:1px solid #1e1e3a;">
+                <td style="padding:4px 8px;"><input style="background:#1a1a2e;border:1px solid #2d2d50;border-radius:4px;color:#e0e0e0;padding:4px 8px;width:100%;font-family:monospace;font-size:11px;box-sizing:border-box;" value="X-Correlation-Id" /></td>
+                <td style="padding:4px 8px;"><input style="background:#1a1a2e;border:1px solid #2d2d50;border-radius:4px;color:#e0e0e0;padding:4px 8px;width:100%;font-family:monospace;font-size:11px;box-sizing:border-box;" value="corr-abc123" /></td>
+                <td style="padding:4px 8px;text-align:center;"><span style="color:#f87171;cursor:pointer;font-size:14px;">✕</span></td>
+              </tr>
+              <tr>
+                <td colspan="3" style="padding:6px 8px;">
+                  <span style="color:#3b82f6;cursor:pointer;font-size:11px;">+ Add header</span>
+                </td>
+              </tr>
+            </tbody>
+          </table>
+        </div>
+      </div>
+
+      <!-- Footer -->
+      <div style="display:flex;gap:8px;justify-content:flex-end;padding:12px 20px;border-top:1px solid #2d2d50;background:#1a1a30;">
+        <button style="background:transparent;color:#9ca3af;border:1px solid #2d2d50;padding:6px 16px;border-radius:6px;font-size:12px;cursor:pointer;">Cancel</button>
+        <button style="background:#3b82f6;color:white;border:none;padding:6px 16px;border-radius:6px;font-size:12px;font-weight:600;cursor:pointer;">&#x21bb; Replay</button>
+      </div>
+    </div>
+  </div>
+</div>
+
+<div style="margin-top:24px;"></div>
+
+<div class="mockup">
+  <div class="mockup-header">Replay Dialog — Body Tab</div>
+  <div class="mockup-body" style="background:#1a1a2e;color:#e0e0e0;padding:40px;display:flex;justify-content:center;">
+    <div style="background:#1e1e3a;border:1px solid #2d2d50;border-radius:12px;padding:0;width:640px;box-shadow:0 20px 60px rgba(0,0,0,0.5);overflow:hidden;">
+
+      <!-- Dialog header -->
+      <div style="display:flex;justify-content:space-between;align-items:center;padding:16px 20px;border-bottom:1px solid #2d2d50;">
+        <span style="font-size:15px;font-weight:600;">Replay Exchange</span>
+        <span style="color:#9ca3af;cursor:pointer;font-size:18px;">✕</span>
+      </div>
+
+      <div style="padding:20px;">
+        <!-- Warning -->
+        <div style="font-size:12px;color:#fbbf24;background:#3b2f1f;border:1px solid #854d0e;border-radius:6px;padding:8px 12px;margin-bottom:16px;display:flex;align-items:center;gap:8px;">
+          <span>⚠</span> This will re-execute the exchange on the selected agent.
+        </div>
+
+        <!-- Target Agent (collapsed) -->
+        <div style="margin-bottom:16px;">
+          <div style="font-size:11px;color:#9ca3af;margin-bottom:4px;font-weight:500;">Target Agent</div>
+          <div style="background:#161630;border:1px solid #2d2d50;border-radius:6px;padding:8px 12px;font-size:12px;display:flex;justify-content:space-between;align-items:center;">
+            <span style="font-family:monospace;">order-svc-01</span>
+            <span style="color:#9ca3af;font-size:10px;">▼</span>
+          </div>
+        </div>
+
+        <!-- Tabs: Headers / Body -->
+        <div style="display:flex;gap:0;margin-bottom:0;border-bottom:1px solid #2d2d50;">
+          <div style="padding:8px 16px;font-size:12px;color:#9ca3af;cursor:pointer;">Headers</div>
+          <div style="padding:8px 16px;font-size:12px;font-weight:600;color:#60a5fa;border-bottom:2px solid #3b82f6;cursor:pointer;">Body</div>
+        </div>
+
+        <!-- Body tab content — editable code area -->
+        <div style="background:#161630;border:1px solid #2d2d50;border-top:none;border-radius:0 0 6px 6px;padding:0;margin-bottom:16px;position:relative;">
+          <div style="display:flex;justify-content:flex-end;padding:6px 8px;border-bottom:1px solid #2d2d50;">
+            <span style="font-size:10px;color:#6b7280;background:#1a1a2e;padding:2px 8px;border-radius:4px;">JSON</span>
+          </div>
+          <pre style="margin:0;padding:12px;font-family:monospace;font-size:11px;line-height:1.6;color:#e0e0e0;min-height:160px;overflow:auto;white-space:pre;"><span style="color:#9ca3af;">{</span>
+  <span style="color:#7dd3fc;">"orderId"</span><span style="color:#9ca3af;">:</span> <span style="color:#fcd34d;">"ORD-2024-78542"</span><span style="color:#9ca3af;">,</span>
+  <span style="color:#7dd3fc;">"customerId"</span><span style="color:#9ca3af;">:</span> <span style="color:#fcd34d;">"CUST-1234"</span><span style="color:#9ca3af;">,</span>
+  <span style="color:#7dd3fc;">"items"</span><span style="color:#9ca3af;">:</span> <span style="color:#9ca3af;">[</span>
+    <span style="color:#9ca3af;">{</span>
+      <span style="color:#7dd3fc;">"sku"</span><span style="color:#9ca3af;">:</span> <span style="color:#fcd34d;">"WIDGET-001"</span><span style="color:#9ca3af;">,</span>
+      <span style="color:#7dd3fc;">"qty"</span><span style="color:#9ca3af;">:</span> <span style="color:#c4b5fd;">3</span><span style="color:#9ca3af;">,</span>
+      <span style="color:#7dd3fc;">"price"</span><span style="color:#9ca3af;">:</span> <span style="color:#c4b5fd;">49.97</span>
+    <span style="color:#9ca3af;">}</span>
+  <span style="color:#9ca3af;">],</span>
+  <span style="color:#7dd3fc;">"total"</span><span style="color:#9ca3af;">:</span> <span style="color:#c4b5fd;">149.90</span>
+<span style="color:#9ca3af;">}</span></pre>
+        </div>
+      </div>
+
+      <!-- Footer -->
+      <div style="display:flex;gap:8px;justify-content:flex-end;padding:12px 20px;border-top:1px solid #2d2d50;background:#1a1a30;">
+        <button style="background:transparent;color:#9ca3af;border:1px solid #2d2d50;padding:6px 16px;border-radius:6px;font-size:12px;cursor:pointer;">Cancel</button>
+        <button style="background:#3b82f6;color:white;border:none;padding:6px 16px;border-radius:6px;font-size:12px;font-weight:600;cursor:pointer;">&#x21bb; Replay</button>
+      </div>
+    </div>
+  </div>
+</div>

.superpowers/brainstorm/2048-1774541143/content/route-detail-taps.html

@@ -0,0 +1,221 @@
+<h2>RouteDetail — Tap Management & Recording Toggle</h2>
+<p class="subtitle">New "Taps" tab on RouteDetail + recording toggle in header</p>
+
+<div class="mockup">
+  <div class="mockup-header">RouteDetail Page — Header with Recording Toggle</div>
+  <div class="mockup-body" style="background:#1a1a2e;color:#e0e0e0;padding:20px;font-family:system-ui,-apple-system,sans-serif;font-size:13px;">
+
+    <!-- Route header -->
+    <div style="display:flex;justify-content:space-between;align-items:flex-start;margin-bottom:16px;">
+      <div>
+        <div style="font-size:16px;font-weight:600;margin-bottom:4px;">processOrder</div>
+        <div style="font-size:12px;color:#9ca3af;">
+          <span style="font-family:monospace;">order-service</span>
+          <span style="margin:0 8px;color:#2d2d50;">|</span>
+          <span style="color:#4ade80;">99.2% success</span>
+          <span style="margin:0 8px;color:#2d2d50;">|</span>
+          <span>245ms avg</span>
+        </div>
+      </div>
+      <div style="display:flex;align-items:center;gap:12px;">
+        <!-- Recording toggle -->
+        <div style="display:flex;align-items:center;gap:8px;background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;padding:6px 12px;">
+          <span style="font-size:11px;color:#9ca3af;">Recording</span>
+          <div style="width:36px;height:20px;background:#3b82f6;border-radius:10px;position:relative;cursor:pointer;">
+            <div style="width:16px;height:16px;background:white;border-radius:50%;position:absolute;top:2px;right:2px;transition:all 0.2s;"></div>
+          </div>
+        </div>
+      </div>
+    </div>
+
+    <!-- KPI strip (abbreviated) -->
+    <div style="display:flex;gap:10px;margin-bottom:16px;">
+      <div style="flex:1;background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;padding:8px 12px;">
+        <div style="font-size:10px;color:#9ca3af;">Success Rate</div>
+        <div style="font-size:16px;font-weight:600;color:#4ade80;">99.2%</div>
+      </div>
+      <div style="flex:1;background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;padding:8px 12px;">
+        <div style="font-size:10px;color:#9ca3af;">Avg Duration</div>
+        <div style="font-size:16px;font-weight:600;">245ms</div>
+      </div>
+      <div style="flex:1;background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;padding:8px 12px;">
+        <div style="font-size:10px;color:#9ca3af;">Total</div>
+        <div style="font-size:16px;font-weight:600;">12,482</div>
+      </div>
+      <div style="flex:1;background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;padding:8px 12px;">
+        <div style="font-size:10px;color:#9ca3af;">Active Taps</div>
+        <div style="font-size:16px;font-weight:600;color:#60a5fa;">3</div>
+      </div>
+    </div>
+
+    <!-- Tabs -->
+    <div style="display:flex;gap:0;border-bottom:1px solid #2d2d50;margin-bottom:16px;">
+      <div style="padding:8px 16px;font-size:12px;color:#9ca3af;cursor:pointer;">Overview</div>
+      <div style="padding:8px 16px;font-size:12px;color:#9ca3af;cursor:pointer;">Processors</div>
+      <div style="padding:8px 16px;font-size:12px;color:#9ca3af;cursor:pointer;">Errors</div>
+      <div style="padding:8px 16px;font-size:12px;color:#9ca3af;cursor:pointer;">Executions</div>
+      <div style="padding:8px 16px;font-size:12px;font-weight:600;color:#60a5fa;border-bottom:2px solid #3b82f6;cursor:pointer;">Taps</div>
+    </div>
+
+    <!-- Taps tab content -->
+    <div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:12px;">
+      <div style="font-size:13px;font-weight:600;">Data Extraction Taps</div>
+      <button style="background:#3b82f6;color:white;border:none;padding:6px 14px;border-radius:6px;font-size:12px;font-weight:500;cursor:pointer;display:flex;align-items:center;gap:4px;">+ Add Tap</button>
+    </div>
+
+    <!-- Taps table -->
+    <div style="background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;overflow:hidden;">
+      <table style="width:100%;border-collapse:collapse;font-size:12px;">
+        <thead>
+          <tr style="border-bottom:1px solid #2d2d50;">
+            <th style="text-align:left;padding:10px 12px;color:#9ca3af;font-size:11px;font-weight:500;">Attribute</th>
+            <th style="text-align:left;padding:10px 12px;color:#9ca3af;font-size:11px;font-weight:500;">Processor</th>
+            <th style="text-align:left;padding:10px 12px;color:#9ca3af;font-size:11px;font-weight:500;">Expression</th>
+            <th style="text-align:left;padding:10px 12px;color:#9ca3af;font-size:11px;font-weight:500;">Language</th>
+            <th style="text-align:left;padding:10px 12px;color:#9ca3af;font-size:11px;font-weight:500;">Target</th>
+            <th style="text-align:left;padding:10px 12px;color:#9ca3af;font-size:11px;font-weight:500;">Type</th>
+            <th style="text-align:center;padding:10px 12px;color:#9ca3af;font-size:11px;font-weight:500;">Enabled</th>
+            <th style="width:60px;"></th>
+          </tr>
+        </thead>
+        <tbody>
+          <tr style="border-bottom:1px solid #161630;">
+            <td style="padding:8px 12px;font-weight:500;">orderId</td>
+            <td style="padding:8px 12px;font-family:monospace;font-size:11px;color:#60a5fa;">unmarshal1</td>
+            <td style="padding:8px 12px;font-family:monospace;font-size:11px;"><span style="background:#161630;padding:2px 6px;border-radius:4px;">${body.orderId}</span></td>
+            <td style="padding:8px 12px;"><span style="background:#1e3a5f;color:#7dd3fc;padding:1px 8px;border-radius:4px;font-size:10px;">simple</span></td>
+            <td style="padding:8px 12px;"><span style="background:#2d1f3b;color:#d8b4fe;padding:1px 8px;border-radius:4px;font-size:10px;">OUTPUT</span></td>
+            <td style="padding:8px 12px;"><span style="background:#1a3a2a;color:#86efac;padding:1px 8px;border-radius:4px;font-size:10px;">BUSINESS</span></td>
+            <td style="padding:8px 12px;text-align:center;">
+              <div style="width:32px;height:18px;background:#3b82f6;border-radius:9px;position:relative;margin:0 auto;cursor:pointer;">
+                <div style="width:14px;height:14px;background:white;border-radius:50%;position:absolute;top:2px;right:2px;"></div>
+              </div>
+            </td>
+            <td style="padding:8px 12px;text-align:center;">
+              <span style="color:#9ca3af;cursor:pointer;font-size:14px;" title="Edit">&#9998;</span>
+              <span style="color:#f87171;cursor:pointer;font-size:14px;margin-left:6px;" title="Delete">&#x2715;</span>
+            </td>
+          </tr>
+          <tr style="border-bottom:1px solid #161630;">
+            <td style="padding:8px 12px;font-weight:500;">customerId</td>
+            <td style="padding:8px 12px;font-family:monospace;font-size:11px;color:#60a5fa;">unmarshal1</td>
+            <td style="padding:8px 12px;font-family:monospace;font-size:11px;"><span style="background:#161630;padding:2px 6px;border-radius:4px;">${body.customer.id}</span></td>
+            <td style="padding:8px 12px;"><span style="background:#1e3a5f;color:#7dd3fc;padding:1px 8px;border-radius:4px;font-size:10px;">simple</span></td>
+            <td style="padding:8px 12px;"><span style="background:#2d1f3b;color:#d8b4fe;padding:1px 8px;border-radius:4px;font-size:10px;">OUTPUT</span></td>
+            <td style="padding:8px 12px;"><span style="background:#1a3a2a;color:#86efac;padding:1px 8px;border-radius:4px;font-size:10px;">CORRELATION</span></td>
+            <td style="padding:8px 12px;text-align:center;">
+              <div style="width:32px;height:18px;background:#3b82f6;border-radius:9px;position:relative;margin:0 auto;cursor:pointer;">
+                <div style="width:14px;height:14px;background:white;border-radius:50%;position:absolute;top:2px;right:2px;"></div>
+              </div>
+            </td>
+            <td style="padding:8px 12px;text-align:center;">
+              <span style="color:#9ca3af;cursor:pointer;font-size:14px;" title="Edit">&#9998;</span>
+              <span style="color:#f87171;cursor:pointer;font-size:14px;margin-left:6px;" title="Delete">&#x2715;</span>
+            </td>
+          </tr>
+          <tr>
+            <td style="padding:8px 12px;font-weight:500;">orderTotal</td>
+            <td style="padding:8px 12px;font-family:monospace;font-size:11px;color:#60a5fa;">enrichPrice</td>
+            <td style="padding:8px 12px;font-family:monospace;font-size:11px;"><span style="background:#161630;padding:2px 6px;border-radius:4px;">$.total</span></td>
+            <td style="padding:8px 12px;"><span style="background:#3b2f1f;color:#fcd34d;padding:1px 8px;border-radius:4px;font-size:10px;">jsonpath</span></td>
+            <td style="padding:8px 12px;"><span style="background:#2d1f3b;color:#d8b4fe;padding:1px 8px;border-radius:4px;font-size:10px;">OUTPUT</span></td>
+            <td style="padding:8px 12px;"><span style="background:#1a3a2a;color:#86efac;padding:1px 8px;border-radius:4px;font-size:10px;">BUSINESS</span></td>
+            <td style="padding:8px 12px;text-align:center;">
+              <div style="width:32px;height:18px;background:#4b5563;border-radius:9px;position:relative;margin:0 auto;cursor:pointer;">
+                <div style="width:14px;height:14px;background:white;border-radius:50%;position:absolute;top:2px;left:2px;"></div>
+              </div>
+            </td>
+            <td style="padding:8px 12px;text-align:center;">
+              <span style="color:#9ca3af;cursor:pointer;font-size:14px;" title="Edit">&#9998;</span>
+              <span style="color:#f87171;cursor:pointer;font-size:14px;margin-left:6px;" title="Delete">&#x2715;</span>
+            </td>
+          </tr>
+        </tbody>
+      </table>
+    </div>
+  </div>
+</div>
+
+<div style="margin-top:24px;"></div>
+
+<div class="mockup">
+  <div class="mockup-header">Add/Edit Tap — Modal Dialog</div>
+  <div class="mockup-body" style="background:#1a1a2e;color:#e0e0e0;padding:40px;display:flex;justify-content:center;">
+    <div style="background:#1e1e3a;border:1px solid #2d2d50;border-radius:12px;padding:0;width:520px;box-shadow:0 20px 60px rgba(0,0,0,0.5);overflow:hidden;">
+
+      <!-- Header -->
+      <div style="display:flex;justify-content:space-between;align-items:center;padding:16px 20px;border-bottom:1px solid #2d2d50;">
+        <span style="font-size:15px;font-weight:600;">Add Tap</span>
+        <span style="color:#9ca3af;cursor:pointer;font-size:18px;">✕</span>
+      </div>
+
+      <div style="padding:20px;">
+        <!-- Attribute Name -->
+        <div style="margin-bottom:14px;">
+          <div style="font-size:11px;color:#9ca3af;margin-bottom:4px;font-weight:500;">Attribute Name <span style="color:#f87171;">*</span></div>
+          <input style="background:#161630;border:1px solid #2d2d50;border-radius:6px;color:#e0e0e0;padding:8px 12px;width:100%;font-size:12px;box-sizing:border-box;" placeholder="e.g. orderId, customerId" />
+        </div>
+
+        <!-- Processor -->
+        <div style="margin-bottom:14px;">
+          <div style="font-size:11px;color:#9ca3af;margin-bottom:4px;font-weight:500;">Processor <span style="color:#f87171;">*</span></div>
+          <div style="background:#161630;border:1px solid #2d2d50;border-radius:6px;padding:8px 12px;font-size:12px;display:flex;justify-content:space-between;align-items:center;">
+            <span style="color:#6b7280;">Select processor…</span>
+            <span style="color:#9ca3af;font-size:10px;">▼</span>
+          </div>
+          <div style="font-size:10px;color:#6b7280;margin-top:3px;">Processors from this route's diagram</div>
+        </div>
+
+        <!-- Two columns: Language + Target -->
+        <div style="display:flex;gap:12px;margin-bottom:14px;">
+          <div style="flex:1;">
+            <div style="font-size:11px;color:#9ca3af;margin-bottom:4px;font-weight:500;">Language <span style="color:#f87171;">*</span></div>
+            <div style="background:#161630;border:1px solid #2d2d50;border-radius:6px;padding:8px 12px;font-size:12px;display:flex;justify-content:space-between;align-items:center;">
+              <span>simple</span>
+              <span style="color:#9ca3af;font-size:10px;">▼</span>
+            </div>
+          </div>
+          <div style="flex:1;">
+            <div style="font-size:11px;color:#9ca3af;margin-bottom:4px;font-weight:500;">Target <span style="color:#f87171;">*</span></div>
+            <div style="background:#161630;border:1px solid #2d2d50;border-radius:6px;padding:8px 12px;font-size:12px;display:flex;justify-content:space-between;align-items:center;">
+              <span>OUTPUT</span>
+              <span style="color:#9ca3af;font-size:10px;">▼</span>
+            </div>
+          </div>
+        </div>
+
+        <!-- Expression -->
+        <div style="margin-bottom:14px;">
+          <div style="font-size:11px;color:#9ca3af;margin-bottom:4px;font-weight:500;">Expression <span style="color:#f87171;">*</span></div>
+          <textarea style="background:#161630;border:1px solid #2d2d50;border-radius:6px;color:#e0e0e0;padding:8px 12px;width:100%;font-family:monospace;font-size:12px;box-sizing:border-box;resize:vertical;min-height:48px;" placeholder="e.g. ${body.orderId} or $.customer.id">${body.orderId}</textarea>
+          <div style="font-size:10px;color:#6b7280;margin-top:3px;">Camel expression — evaluated at the selected processor</div>
+        </div>
+
+        <!-- Attribute Type -->
+        <div style="margin-bottom:14px;">
+          <div style="font-size:11px;color:#9ca3af;margin-bottom:4px;font-weight:500;">Attribute Type</div>
+          <div style="display:flex;gap:8px;">
+            <div style="background:#1e3a5f;color:#7dd3fc;padding:4px 12px;border-radius:6px;font-size:11px;cursor:pointer;border:1px solid #3b82f6;">BUSINESS_OBJECT</div>
+            <div style="background:#161630;color:#9ca3af;padding:4px 12px;border-radius:6px;font-size:11px;cursor:pointer;border:1px solid #2d2d50;">CORRELATION</div>
+            <div style="background:#161630;color:#9ca3af;padding:4px 12px;border-radius:6px;font-size:11px;cursor:pointer;border:1px solid #2d2d50;">EVENT</div>
+            <div style="background:#161630;color:#9ca3af;padding:4px 12px;border-radius:6px;font-size:11px;cursor:pointer;border:1px solid #2d2d50;">CUSTOM</div>
+          </div>
+        </div>
+
+        <!-- Enabled -->
+        <div style="display:flex;align-items:center;gap:8px;margin-bottom:4px;">
+          <div style="width:36px;height:20px;background:#3b82f6;border-radius:10px;position:relative;cursor:pointer;">
+            <div style="width:16px;height:16px;background:white;border-radius:50%;position:absolute;top:2px;right:2px;"></div>
+          </div>
+          <span style="font-size:12px;color:#e0e0e0;">Enabled</span>
+        </div>
+      </div>
+
+      <!-- Footer -->
+      <div style="display:flex;gap:8px;justify-content:flex-end;padding:12px 20px;border-top:1px solid #2d2d50;background:#1a1a30;">
+        <button style="background:transparent;color:#9ca3af;border:1px solid #2d2d50;padding:6px 16px;border-radius:6px;font-size:12px;cursor:pointer;">Cancel</button>
+        <button style="background:#3b82f6;color:white;border:none;padding:6px 16px;border-radius:6px;font-size:12px;font-weight:600;cursor:pointer;">Save Tap</button>
+      </div>
+    </div>
+  </div>
+</div>

.superpowers/brainstorm/2048-1774541143/content/tap-test-expression.html

@@ -0,0 +1,175 @@
+<h2>Add Tap — With Expression Testing</h2>
+<p class="subtitle">Collapsible test section at bottom of the tap modal</p>
+
+<div class="mockup">
+  <div class="mockup-header">Add Tap Modal — Test Expression (Recent Exchange)</div>
+  <div class="mockup-body" style="background:#1a1a2e;color:#e0e0e0;padding:40px;display:flex;justify-content:center;">
+    <div style="background:#1e1e3a;border:1px solid #2d2d50;border-radius:12px;padding:0;width:560px;box-shadow:0 20px 60px rgba(0,0,0,0.5);overflow:hidden;">
+
+      <!-- Header -->
+      <div style="display:flex;justify-content:space-between;align-items:center;padding:16px 20px;border-bottom:1px solid #2d2d50;">
+        <span style="font-size:15px;font-weight:600;">Add Tap</span>
+        <span style="color:#9ca3af;cursor:pointer;font-size:18px;">✕</span>
+      </div>
+
+      <div style="padding:20px;max-height:70vh;overflow-y:auto;">
+        <!-- Form fields (collapsed for brevity) -->
+        <div style="margin-bottom:14px;">
+          <div style="font-size:11px;color:#9ca3af;margin-bottom:4px;font-weight:500;">Attribute Name <span style="color:#f87171;">*</span></div>
+          <input style="background:#161630;border:1px solid #2d2d50;border-radius:6px;color:#e0e0e0;padding:8px 12px;width:100%;font-size:12px;box-sizing:border-box;" value="orderId" />
+        </div>
+
+        <div style="margin-bottom:14px;">
+          <div style="font-size:11px;color:#9ca3af;margin-bottom:4px;font-weight:500;">Processor <span style="color:#f87171;">*</span></div>
+          <div style="background:#161630;border:1px solid #2d2d50;border-radius:6px;padding:8px 12px;font-size:12px;display:flex;justify-content:space-between;align-items:center;">
+            <span style="font-family:monospace;">unmarshal1</span>
+            <span style="color:#9ca3af;font-size:10px;">▼</span>
+          </div>
+        </div>
+
+        <div style="display:flex;gap:12px;margin-bottom:14px;">
+          <div style="flex:1;">
+            <div style="font-size:11px;color:#9ca3af;margin-bottom:4px;font-weight:500;">Language</div>
+            <div style="background:#161630;border:1px solid #2d2d50;border-radius:6px;padding:8px 12px;font-size:12px;display:flex;justify-content:space-between;align-items:center;">
+              <span>simple</span><span style="color:#9ca3af;font-size:10px;">▼</span>
+            </div>
+          </div>
+          <div style="flex:1;">
+            <div style="font-size:11px;color:#9ca3af;margin-bottom:4px;font-weight:500;">Target</div>
+            <div style="background:#161630;border:1px solid #2d2d50;border-radius:6px;padding:8px 12px;font-size:12px;display:flex;justify-content:space-between;align-items:center;">
+              <span>OUTPUT</span><span style="color:#9ca3af;font-size:10px;">▼</span>
+            </div>
+          </div>
+        </div>
+
+        <div style="margin-bottom:14px;">
+          <div style="font-size:11px;color:#9ca3af;margin-bottom:4px;font-weight:500;">Expression <span style="color:#f87171;">*</span></div>
+          <textarea style="background:#161630;border:1px solid #2d2d50;border-radius:6px;color:#e0e0e0;padding:8px 12px;width:100%;font-family:monospace;font-size:12px;box-sizing:border-box;resize:vertical;min-height:40px;">${body.orderId}</textarea>
+        </div>
+
+        <div style="margin-bottom:14px;">
+          <div style="font-size:11px;color:#9ca3af;margin-bottom:4px;font-weight:500;">Attribute Type</div>
+          <div style="display:flex;gap:8px;">
+            <div style="background:#1e3a5f;color:#7dd3fc;padding:4px 12px;border-radius:6px;font-size:11px;cursor:pointer;border:1px solid #3b82f6;">BUSINESS_OBJECT</div>
+            <div style="background:#161630;color:#9ca3af;padding:4px 12px;border-radius:6px;font-size:11px;cursor:pointer;border:1px solid #2d2d50;">CORRELATION</div>
+            <div style="background:#161630;color:#9ca3af;padding:4px 12px;border-radius:6px;font-size:11px;cursor:pointer;border:1px solid #2d2d50;">EVENT</div>
+            <div style="background:#161630;color:#9ca3af;padding:4px 12px;border-radius:6px;font-size:11px;cursor:pointer;border:1px solid #2d2d50;">CUSTOM</div>
+          </div>
+        </div>
+
+        <!-- ═══ TEST EXPRESSION SECTION ═══ -->
+        <div style="border-top:1px solid #2d2d50;margin-top:8px;padding-top:14px;">
+          <div style="display:flex;align-items:center;gap:6px;margin-bottom:12px;cursor:pointer;">
+            <span style="color:#60a5fa;font-size:10px;">&#9660;</span>
+            <span style="font-size:12px;font-weight:600;color:#60a5fa;">Test Expression</span>
+          </div>
+
+          <!-- Data source tabs -->
+          <div style="display:flex;gap:0;margin-bottom:0;border-bottom:1px solid #2d2d50;">
+            <div style="padding:6px 14px;font-size:11px;font-weight:600;color:#60a5fa;border-bottom:2px solid #3b82f6;cursor:pointer;">Recent Exchange</div>
+            <div style="padding:6px 14px;font-size:11px;color:#9ca3af;cursor:pointer;">Custom Payload</div>
+          </div>
+
+          <!-- Recent exchange picker -->
+          <div style="background:#161630;border:1px solid #2d2d50;border-top:none;border-radius:0 0 6px 6px;padding:12px;">
+            <div style="margin-bottom:10px;">
+              <div style="background:#1a1a2e;border:1px solid #2d2d50;border-radius:6px;padding:8px 12px;font-size:11px;display:flex;justify-content:space-between;align-items:center;">
+                <div style="display:flex;align-items:center;gap:8px;">
+                  <span style="width:7px;height:7px;border-radius:50%;background:#4ade80;display:inline-block;"></span>
+                  <span style="font-family:monospace;color:#e0e0e0;">a1b2c3d4-e5f6-7890</span>
+                  <span style="color:#6b7280;">·</span>
+                  <span style="color:#6b7280;">245ms</span>
+                  <span style="color:#6b7280;">·</span>
+                  <span style="color:#6b7280;">2 min ago</span>
+                </div>
+                <span style="color:#9ca3af;font-size:10px;">▼</span>
+              </div>
+            </div>
+
+            <!-- Test button + result -->
+            <div style="display:flex;gap:8px;align-items:flex-start;">
+              <button style="background:#3b82f6;color:white;border:none;padding:6px 14px;border-radius:6px;font-size:11px;font-weight:600;cursor:pointer;white-space:nowrap;">&#9654; Test</button>
+              <div style="flex:1;background:#0f2a1a;border:1px solid #166534;border-radius:6px;padding:8px 12px;">
+                <div style="font-size:10px;color:#6b7280;margin-bottom:2px;">Result</div>
+                <div style="font-family:monospace;font-size:12px;color:#4ade80;">ORD-2024-78542</div>
+              </div>
+            </div>
+          </div>
+        </div>
+      </div>
+
+      <!-- Footer -->
+      <div style="display:flex;gap:8px;justify-content:flex-end;padding:12px 20px;border-top:1px solid #2d2d50;background:#1a1a30;">
+        <button style="background:transparent;color:#9ca3af;border:1px solid #2d2d50;padding:6px 16px;border-radius:6px;font-size:12px;cursor:pointer;">Cancel</button>
+        <button style="background:#3b82f6;color:white;border:none;padding:6px 16px;border-radius:6px;font-size:12px;font-weight:600;cursor:pointer;">Save Tap</button>
+      </div>
+    </div>
+  </div>
+</div>
+
+<div style="margin-top:24px;"></div>
+
+<div class="mockup">
+  <div class="mockup-header">Test Expression — Custom Payload Mode</div>
+  <div class="mockup-body" style="background:#1a1a2e;color:#e0e0e0;padding:40px;display:flex;justify-content:center;">
+    <div style="background:#1e1e3a;border:1px solid #2d2d50;border-radius:12px;padding:0;width:560px;box-shadow:0 20px 60px rgba(0,0,0,0.5);overflow:hidden;">
+
+      <!-- Header -->
+      <div style="display:flex;justify-content:space-between;align-items:center;padding:16px 20px;border-bottom:1px solid #2d2d50;">
+        <span style="font-size:15px;font-weight:600;">Add Tap</span>
+        <span style="color:#9ca3af;cursor:pointer;font-size:18px;">✕</span>
+      </div>
+
+      <div style="padding:20px;">
+        <!-- Form fields abbreviated -->
+        <div style="text-align:center;padding:8px;font-size:11px;color:#6b7280;border:1px dashed #2d2d50;border-radius:6px;margin-bottom:14px;">
+          ⬆ Form fields above (attribute name, processor, language, target, expression, type)
+        </div>
+
+        <!-- ═══ TEST EXPRESSION SECTION ═══ -->
+        <div style="border-top:1px solid #2d2d50;padding-top:14px;">
+          <div style="display:flex;align-items:center;gap:6px;margin-bottom:12px;cursor:pointer;">
+            <span style="color:#60a5fa;font-size:10px;">&#9660;</span>
+            <span style="font-size:12px;font-weight:600;color:#60a5fa;">Test Expression</span>
+          </div>
+
+          <!-- Data source tabs -->
+          <div style="display:flex;gap:0;margin-bottom:0;border-bottom:1px solid #2d2d50;">
+            <div style="padding:6px 14px;font-size:11px;color:#9ca3af;cursor:pointer;">Recent Exchange</div>
+            <div style="padding:6px 14px;font-size:11px;font-weight:600;color:#60a5fa;border-bottom:2px solid #3b82f6;cursor:pointer;">Custom Payload</div>
+          </div>
+
+          <!-- Custom payload editor -->
+          <div style="background:#161630;border:1px solid #2d2d50;border-top:none;border-radius:0 0 6px 6px;padding:12px;">
+            <div style="margin-bottom:10px;">
+              <textarea style="background:#1a1a2e;border:1px solid #2d2d50;border-radius:6px;color:#e0e0e0;padding:8px 12px;width:100%;font-family:monospace;font-size:11px;box-sizing:border-box;resize:vertical;min-height:100px;line-height:1.5;">{
+  "orderId": "ORD-2024-78542",
+  "customer": {
+    "id": "CUST-1234",
+    "name": "Acme Corp"
+  },
+  "total": 149.90
+}</textarea>
+            </div>
+
+            <!-- Test button + error result -->
+            <div style="display:flex;gap:8px;align-items:flex-start;">
+              <button style="background:#3b82f6;color:white;border:none;padding:6px 14px;border-radius:6px;font-size:11px;font-weight:600;cursor:pointer;white-space:nowrap;">&#9654; Test</button>
+              <div style="flex:1;background:#2a0f0f;border:1px solid #991b1b;border-radius:6px;padding:8px 12px;">
+                <div style="font-size:10px;color:#6b7280;margin-bottom:2px;">Error</div>
+                <div style="font-family:monospace;font-size:11px;color:#f87171;">Expression evaluation timed out (50ms limit)</div>
+              </div>
+            </div>
+            <div style="font-size:10px;color:#6b7280;margin-top:8px;">Evaluated by agent <span style="font-family:monospace;">order-svc-01</span> using Camel's <span style="font-family:monospace;">simple</span> language</div>
+          </div>
+        </div>
+      </div>
+
+      <!-- Footer -->
+      <div style="display:flex;gap:8px;justify-content:flex-end;padding:12px 20px;border-top:1px solid #2d2d50;background:#1a1a30;">
+        <button style="background:transparent;color:#9ca3af;border:1px solid #2d2d50;padding:6px 16px;border-radius:6px;font-size:12px;cursor:pointer;">Cancel</button>
+        <button style="background:#3b82f6;color:white;border:none;padding:6px 16px;border-radius:6px;font-size:12px;font-weight:600;cursor:pointer;">Save Tap</button>
+      </div>
+    </div>
+  </div>
+</div>

.superpowers/brainstorm/2048-1774541143/content/traces-taps-with-route.html

@@ -0,0 +1,61 @@
+<h2>Traces & Taps — With Route Column</h2>
+<p class="subtitle">Route column added to prevent ambiguity across routes</p>
+
+<div class="mockup">
+  <div class="mockup-header">Traces & Taps — Updated</div>
+  <div class="mockup-body" style="background:#1a1a2e;color:#e0e0e0;padding:20px;font-family:system-ui,-apple-system,sans-serif;font-size:13px;">
+
+    <div style="background:#1e1e3a;border:1px solid #2d2d50;border-radius:8px;padding:16px;">
+      <div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:10px;">
+        <div style="font-size:12px;font-weight:600;color:#9ca3af;text-transform:uppercase;letter-spacing:0.5px;">Traces & Taps</div>
+        <span style="font-size:11px;color:#6b7280;">3 traced · 4 taps · manage taps on route pages</span>
+      </div>
+      <table style="width:100%;border-collapse:collapse;font-size:12px;">
+        <thead>
+          <tr style="border-bottom:1px solid #2d2d50;">
+            <th style="text-align:left;padding:8px;color:#9ca3af;font-size:11px;font-weight:500;">Route</th>
+            <th style="text-align:left;padding:8px;color:#9ca3af;font-size:11px;font-weight:500;">Processor</th>
+            <th style="text-align:left;padding:8px;color:#9ca3af;font-size:11px;font-weight:500;">Capture</th>
+            <th style="text-align:left;padding:8px;color:#9ca3af;font-size:11px;font-weight:500;">Taps</th>
+          </tr>
+        </thead>
+        <tbody>
+          <tr style="border-bottom:1px solid #161630;">
+            <td style="padding:8px;color:#60a5fa;font-size:11px;">processOrder</td>
+            <td style="padding:8px;font-family:monospace;font-size:11px;">unmarshal1</td>
+            <td style="padding:8px;"><span style="background:#2d1f3b;color:#d8b4fe;padding:1px 8px;border-radius:4px;font-size:10px;">BOTH</span></td>
+            <td style="padding:8px;">
+              <div style="display:flex;gap:6px;flex-wrap:wrap;">
+                <span style="background:#1e3a5f;color:#7dd3fc;padding:1px 8px;border-radius:10px;font-size:10px;font-family:monospace;">orderId <span style="color:#4ade80;margin-left:2px;">&#10003;</span></span>
+                <span style="background:#1e3a5f;color:#7dd3fc;padding:1px 8px;border-radius:10px;font-size:10px;font-family:monospace;">customerId <span style="color:#4ade80;margin-left:2px;">&#10003;</span></span>
+              </div>
+            </td>
+          </tr>
+          <tr style="border-bottom:1px solid #161630;">
+            <td style="padding:8px;color:#60a5fa;font-size:11px;">processOrder</td>
+            <td style="padding:8px;font-family:monospace;font-size:11px;">enrichPrice</td>
+            <td style="padding:8px;"><span style="color:#6b7280;font-size:11px;">—</span></td>
+            <td style="padding:8px;">
+              <span style="background:#3b2f1f;color:#fcd34d;padding:1px 8px;border-radius:10px;font-size:10px;font-family:monospace;">orderTotal <span style="color:#6b7280;margin-left:2px;">&#10007;</span></span>
+            </td>
+          </tr>
+          <tr style="border-bottom:1px solid #161630;">
+            <td style="padding:8px;color:#60a5fa;font-size:11px;">processPayment</td>
+            <td style="padding:8px;font-family:monospace;font-size:11px;">toDatabase</td>
+            <td style="padding:8px;"><span style="background:#1e3a5f;color:#7dd3fc;padding:1px 8px;border-radius:4px;font-size:10px;">INPUT</span></td>
+            <td style="padding:8px;"><span style="color:#6b7280;font-size:11px;">—</span></td>
+          </tr>
+          <tr>
+            <td style="padding:8px;color:#60a5fa;font-size:11px;">processPayment</td>
+            <td style="padding:8px;font-family:monospace;font-size:11px;">validate1</td>
+            <td style="padding:8px;"><span style="color:#6b7280;font-size:11px;">—</span></td>
+            <td style="padding:8px;">
+              <span style="background:#1e3a5f;color:#7dd3fc;padding:1px 8px;border-radius:10px;font-size:10px;font-family:monospace;">paymentRef <span style="color:#4ade80;margin-left:2px;">&#10003;</span></span>
+            </td>
+          </tr>
+        </tbody>
+      </table>
+    </div>
+
+  </div>
+</div>

.superpowers/brainstorm/2048-1774541143/content/waiting.html

@@ -0,0 +1,3 @@
+<div style="display:flex;align-items:center;justify-content:center;min-height:60vh">
+  <p class="subtitle">Continuing in terminal...</p>
+</div>

.superpowers/brainstorm/2048-1774541143/state/server-stopped

@@ -0,0 +1 @@
+{"reason":"idle timeout","timestamp":1774552065018}

.superpowers/brainstorm/2048-1774541143/state/server.pid

@@ -0,0 +1 @@
+2048

AGENTS.md

@@ -0,0 +1,101 @@
+<!-- gitnexus:start -->
+# GitNexus — Code Intelligence
+
+This project is indexed by GitNexus as **cameleer-server** (6306 symbols, 15892 relationships, 300 execution flows). Use the GitNexus MCP tools to understand code, assess impact, and navigate safely.
+
+> If any GitNexus tool warns the index is stale, run `npx gitnexus analyze` in terminal first.
+
+## Always Do
+
+- **MUST run impact analysis before editing any symbol.** Before modifying a function, class, or method, run `gitnexus_impact({target: "symbolName", direction: "upstream"})` and report the blast radius (direct callers, affected processes, risk level) to the user.
+- **MUST run `gitnexus_detect_changes()` before committing** to verify your changes only affect expected symbols and execution flows.
+- **MUST warn the user** if impact analysis returns HIGH or CRITICAL risk before proceeding with edits.
+- When exploring unfamiliar code, use `gitnexus_query({query: "concept"})` to find execution flows instead of grepping. It returns process-grouped results ranked by relevance.
+- When you need full context on a specific symbol — callers, callees, which execution flows it participates in — use `gitnexus_context({name: "symbolName"})`.
+
+## When Debugging
+
+1. `gitnexus_query({query: "<error or symptom>"})` — find execution flows related to the issue
+2. `gitnexus_context({name: "<suspect function>"})` — see all callers, callees, and process participation
+3. `READ gitnexus://repo/cameleer-server/process/{processName}` — trace the full execution flow step by step
+4. For regressions: `gitnexus_detect_changes({scope: "compare", base_ref: "main"})` — see what your branch changed
+
+## When Refactoring
+
+- **Renaming**: MUST use `gitnexus_rename({symbol_name: "old", new_name: "new", dry_run: true})` first. Review the preview — graph edits are safe, text_search edits need manual review. Then run with `dry_run: false`.
+- **Extracting/Splitting**: MUST run `gitnexus_context({name: "target"})` to see all incoming/outgoing refs, then `gitnexus_impact({target: "target", direction: "upstream"})` to find all external callers before moving code.
+- After any refactor: run `gitnexus_detect_changes({scope: "all"})` to verify only expected files changed.
+
+## Never Do
+
+- NEVER edit a function, class, or method without first running `gitnexus_impact` on it.
+- NEVER ignore HIGH or CRITICAL risk warnings from impact analysis.
+- NEVER rename symbols with find-and-replace — use `gitnexus_rename` which understands the call graph.
+- NEVER commit changes without running `gitnexus_detect_changes()` to check affected scope.
+
+## Tools Quick Reference
+
+| Tool | When to use | Command |
+|------|-------------|---------|
+| `query` | Find code by concept | `gitnexus_query({query: "auth validation"})` |
+| `context` | 360-degree view of one symbol | `gitnexus_context({name: "validateUser"})` |
+| `impact` | Blast radius before editing | `gitnexus_impact({target: "X", direction: "upstream"})` |
+| `detect_changes` | Pre-commit scope check | `gitnexus_detect_changes({scope: "staged"})` |
+| `rename` | Safe multi-file rename | `gitnexus_rename({symbol_name: "old", new_name: "new", dry_run: true})` |
+| `cypher` | Custom graph queries | `gitnexus_cypher({query: "MATCH ..."})` |
+
+## Impact Risk Levels
+
+| Depth | Meaning | Action |
+|-------|---------|--------|
+| d=1 | WILL BREAK — direct callers/importers | MUST update these |
+| d=2 | LIKELY AFFECTED — indirect deps | Should test |
+| d=3 | MAY NEED TESTING — transitive | Test if critical path |
+
+## Resources
+
+| Resource | Use for |
+|----------|---------|
+| `gitnexus://repo/cameleer-server/context` | Codebase overview, check index freshness |
+| `gitnexus://repo/cameleer-server/clusters` | All functional areas |
+| `gitnexus://repo/cameleer-server/processes` | All execution flows |
+| `gitnexus://repo/cameleer-server/process/{name}` | Step-by-step execution trace |
+
+## Self-Check Before Finishing
+
+Before completing any code modification task, verify:
+1. `gitnexus_impact` was run for all modified symbols
+2. No HIGH/CRITICAL risk warnings were ignored
+3. `gitnexus_detect_changes()` confirms changes match expected scope
+4. All d=1 (WILL BREAK) dependents were updated
+
+## Keeping the Index Fresh
+
+After committing code changes, the GitNexus index becomes stale. Re-run analyze to update it:
+
+```bash
+npx gitnexus analyze
+```
+
+If the index previously included embeddings, preserve them by adding `--embeddings`:
+
+```bash
+npx gitnexus analyze --embeddings
+```
+
+To check whether embeddings exist, inspect `.gitnexus/meta.json` — the `stats.embeddings` field shows the count (0 means no embeddings). **Running analyze without `--embeddings` will delete any previously generated embeddings.**
+
+> Claude Code users: A PostToolUse hook handles this automatically after `git commit` and `git merge`.
+
+## CLI
+
+| Task | Read this skill file |
+|------|---------------------|
+| Understand architecture / "How does X work?" | `.claude/skills/gitnexus/gitnexus-exploring/SKILL.md` |
+| Blast radius / "What breaks if I change X?" | `.claude/skills/gitnexus/gitnexus-impact-analysis/SKILL.md` |
+| Trace bugs / "Why is X failing?" | `.claude/skills/gitnexus/gitnexus-debugging/SKILL.md` |
+| Rename / extract / split / refactor | `.claude/skills/gitnexus/gitnexus-refactoring/SKILL.md` |
+| Tools, resources, schema reference | `.claude/skills/gitnexus/gitnexus-guide/SKILL.md` |
+| Index, status, clean, wiki CLI commands | `.claude/skills/gitnexus/gitnexus-cli/SKILL.md` |
+
+<!-- gitnexus:end -->

CLAUDE.md

@@ -4,18 +4,18 @@ This file provides guidance to Claude Code (claude.ai/code) when working with co
 
 ## Project
 
-Cameleer3 Server — observability server that receives, stores, and serves Camel route execution data and route diagrams from Cameleer3 agents. Pushes config and commands to agents via SSE.
+Cameleer Server — observability server that receives, stores, and serves Camel route execution data and route diagrams from Cameleer agents. Pushes config and commands to agents via SSE. Also orchestrates Docker container deployments when running under cameleer-saas.
 
 ## Related Project
 
-- **cameleer3** (`https://gitea.siegeln.net/cameleer/cameleer3`) — the Java agent that instruments Camel applications
-- Protocol defined in `cameleer3-common/PROTOCOL.md` in the agent repo
-- This server depends on `com.cameleer3:cameleer3-common` (shared models and graph API)
+- **cameleer** (`https://gitea.siegeln.net/cameleer/cameleer`) — the Java agent that instruments Camel applications
+- Protocol defined in `cameleer-common/PROTOCOL.md` in the agent repo
+- This server depends on `com.cameleer:cameleer-common` (shared models and graph API)
 
 ## Modules
 
-- `cameleer3-server-core` — domain logic, storage, agent registry
-- `cameleer3-server-app` — Spring Boot web app, REST controllers, SSE, static resources
+- `cameleer-server-core` — domain logic, storage interfaces, services (no Spring dependencies)
+- `cameleer-server-app` — Spring Boot web app, REST controllers, SSE, persistence, Docker orchestration
 
 ## Build Commands
 
@@ -27,36 +27,152 @@ mvn clean verify           # Full build with tests
 ## Run
 
 ```bash
-java -jar cameleer3-server-app/target/cameleer3-server-app-1.0-SNAPSHOT.jar
+java -jar cameleer-server-app/target/cameleer-server-app-1.0-SNAPSHOT.jar
 ```
 
 ## Key Conventions
 
 - Java 17+ required
 - Spring Boot 3.4.3 parent POM
-- Depends on `com.cameleer3:cameleer3-common` from Gitea Maven registry
+- Depends on `com.cameleer:cameleer-common` from Gitea Maven registry
 - Jackson `JavaTimeModule` for `Instant` deserialization
-- Communication: receives HTTP POST data from agents, serves SSE event streams for config push/commands
-- Maintains agent instance registry with states: LIVE → STALE → DEAD
-- Storage: PostgreSQL (TimescaleDB) for structured data, OpenSearch for full-text search
-- Security: JWT auth with RBAC (AGENT/VIEWER/OPERATOR/ADMIN roles), Ed25519 config signing, bootstrap token for registration
-- OIDC: Optional external identity provider support (token exchange pattern). Configured via admin API, stored in database (`server_config` table)
+- Communication: receives HTTP POST data from agents (executions, diagrams, metrics, logs), serves SSE event streams for config push/commands (config-update, deep-trace, replay, route-control)
+- Environment filtering: all data queries filter by the selected environment. All commands target only agents in the selected environment. Backend endpoints accept optional `environment` query parameter; null = all environments (backward compatible).
+- Maintains agent instance registry (in-memory) with states: LIVE -> STALE -> DEAD. Auto-heals from JWT `env` claim + heartbeat body on heartbeat/SSE after server restart (priority: heartbeat `environmentId` > JWT `env` claim > `"default"`). Capabilities and route states updated on every heartbeat (protocol v2). Route catalog merges three sources: in-memory agent registry, persistent `route_catalog` table (ClickHouse), and `stats_1m_route` execution stats. The persistent catalog tracks `first_seen`/`last_seen` per route per environment, updated on every registration and heartbeat. Routes appear in the sidebar when their lifecycle overlaps the selected time window (`first_seen <= to AND last_seen >= from`), so historical routes remain visible even after being dropped from newer app versions.
+- Multi-tenancy: each server instance serves one tenant (configured via `CAMELEER_SERVER_TENANT_ID`, default: `"default"`). Environments (dev/staging/prod) are first-class. PostgreSQL isolated via schema-per-tenant (`?currentSchema=tenant_{id}`) and `ApplicationName=tenant_{id}` on the JDBC URL. ClickHouse shared DB with `tenant_id` + `environment` columns, partitioned by `(tenant_id, toYYYYMM(timestamp))`.
+- Storage: PostgreSQL for RBAC, config, and audit; ClickHouse for all observability data (executions, search, logs, metrics, stats, diagrams). ClickHouse schema migrations in `clickhouse/*.sql`, run idempotently on startup by `ClickHouseSchemaInitializer`. Use `IF NOT EXISTS` for CREATE and ADD PROJECTION.
+- Log exchange correlation: `ClickHouseLogStore` extracts `exchange_id` from log entry MDC, preferring `cameleer.exchangeId` over `camel.exchangeId` (fallback for older agents). For `ON_COMPLETION` exchange copies, the agent sets `cameleer.exchangeId` to the parent's exchange ID via `CORRELATION_ID`.
+- Log processor correlation: The agent sets `cameleer.processorId` in MDC, identifying which processor node emitted a log line.
+- Logging: ClickHouse JDBC set to INFO (`com.clickhouse`), HTTP client to WARN (`org.apache.hc.client5`) in application.yml
+- Security: JWT auth with RBAC (AGENT/VIEWER/OPERATOR/ADMIN roles), Ed25519 config signing (key derived deterministically from JWT secret via HMAC-SHA256), bootstrap token for registration. CORS: `CAMELEER_SERVER_SECURITY_CORSALLOWEDORIGINS` (comma-separated) overrides `CAMELEER_SERVER_SECURITY_UIORIGIN` for multi-origin setups. Infrastructure access: `CAMELEER_SERVER_SECURITY_INFRASTRUCTUREENDPOINTS=false` disables Database and ClickHouse admin endpoints. Last-ADMIN guard: system prevents removal of the last ADMIN role (409 Conflict). Password policy: min 12 chars, 3-of-4 character classes, no username match. Brute-force protection: 5 failed attempts -> 15 min lockout. Token revocation: `token_revoked_before` column on users, checked in `JwtAuthenticationFilter`, set on password change.
+- OIDC: Optional external identity provider support (token exchange pattern). Configured via admin API/UI, stored in database (`server_config` table). Resource server mode: accepts external access tokens (Logto M2M) via JWKS validation when `CAMELEER_SERVER_SECURITY_OIDCISSUERURI` is set. Scope-based role mapping via `SystemRole.normalizeScope()`. System roles synced on every OIDC login via `applyClaimMappings()` in `OidcAuthController` (calls `clearManagedAssignments` + `assignManagedRole` on `RbacService`) — always overwrites managed role assignments; uses managed assignment origin to avoid touching group-inherited or directly-assigned roles. Supports ES384, ES256, RS256.
+- OIDC role extraction: `OidcTokenExchanger` reads roles from the **access_token** first (JWT with `at+jwt` type), then falls back to id_token. `OidcConfig` includes `audience` (RFC 8707 resource indicator) and `additionalScopes`. All provider-specific configuration is external — no provider-specific code in the server.
+- Sensitive keys: Global enforced baseline for masking sensitive data in agent payloads. Merge rule: `final = global UNION per-app` (case-insensitive dedup, per-app can only add, never remove global keys).
 - User persistence: PostgreSQL `users` table, admin CRUD at `/api/v1/admin/users`
+- Usage analytics: ClickHouse `usage_events` table tracks authenticated UI requests, flushed every 5s
 
-## CI/CD & Deployment
+## Database Migrations
 
-- CI workflow: `.gitea/workflows/ci.yml` — build → docker → deploy on push to main or feature branches
-- Build step skips integration tests (`-DskipITs`) — Testcontainers needs Docker daemon
-- Docker: multi-stage build (`Dockerfile`), `$BUILDPLATFORM` for native Maven on ARM64 runner, amd64 runtime
-- `REGISTRY_TOKEN` build arg required for `cameleer3-common` dependency resolution
-- Registry: `gitea.siegeln.net/cameleer/cameleer3-server` (container images)
-- K8s manifests in `deploy/` — Kustomize base + overlays (main/feature), shared infra (PostgreSQL, OpenSearch, Authentik) as top-level manifests
-- Deployment target: k3s at 192.168.50.86, namespace `cameleer` (main), `cam-<slug>` (feature branches)
-- Feature branches: isolated namespace, PG schema, OpenSearch index prefix; Traefik Ingress at `<slug>-api.cameleer.siegeln.net`
-- Secrets managed in CI deploy step (idempotent `--dry-run=client | kubectl apply`): `cameleer-auth`, `postgres-credentials`, `opensearch-credentials`
-- K8s probes: server uses `/api/v1/health`, PostgreSQL uses `pg_isready`, OpenSearch uses `/_cluster/health`
-- Docker build uses buildx registry cache + `--provenance=false` for Gitea compatibility
+PostgreSQL (Flyway): `cameleer-server-app/src/main/resources/db/migration/`
+- V1 — RBAC (users, roles, groups, audit_log)
+- V2 — Claim mappings (OIDC)
+- V3 — Runtime management (apps, environments, deployments, app_versions)
+- V4 — Environment config (default_container_config JSONB)
+- V5 — App container config (container_config JSONB on apps)
+- V6 — JAR retention policy (jar_retention_count on environments)
+- V7 — Deployment orchestration (target_state, deployment_strategy, replica_states JSONB, deploy_stage)
+- V8 — Deployment active config (resolved_config JSONB on deployments)
+- V9 — Password hardening (failed_login_attempts, locked_until, token_revoked_before on users)
+- V10 — Runtime type detection (detected_runtime_type, detected_main_class on app_versions)
+
+ClickHouse: `cameleer-server-app/src/main/resources/clickhouse/init.sql` (run idempotently on startup)
+
+## Maintaining .claude/rules/
+
+When adding, removing, or renaming classes, controllers, endpoints, UI components, or metrics, update the corresponding `.claude/rules/` file as part of the same change. The rule files are the class/API map that future sessions rely on — stale rules cause wrong assumptions. Treat rule file updates like updating an import: part of the change, not a separate task.
 
 ## Disabled Skills
 
 - Do NOT use any `gsd:*` skills in this project. This includes all `/gsd:` prefixed commands.
+
+<!-- gitnexus:start -->
+# GitNexus — Code Intelligence
+
+This project is indexed by GitNexus as **cameleer-server** (6281 symbols, 15871 relationships, 300 execution flows). Use the GitNexus MCP tools to understand code, assess impact, and navigate safely.
+
+> If any GitNexus tool warns the index is stale, run `npx gitnexus analyze` in terminal first.
+
+## Always Do
+
+- **MUST run impact analysis before editing any symbol.** Before modifying a function, class, or method, run `gitnexus_impact({target: "symbolName", direction: "upstream"})` and report the blast radius (direct callers, affected processes, risk level) to the user.
+- **MUST run `gitnexus_detect_changes()` before committing** to verify your changes only affect expected symbols and execution flows.
+- **MUST warn the user** if impact analysis returns HIGH or CRITICAL risk before proceeding with edits.
+- When exploring unfamiliar code, use `gitnexus_query({query: "concept"})` to find execution flows instead of grepping. It returns process-grouped results ranked by relevance.
+- When you need full context on a specific symbol — callers, callees, which execution flows it participates in — use `gitnexus_context({name: "symbolName"})`.
+
+## When Debugging
+
+1. `gitnexus_query({query: "<error or symptom>"})` — find execution flows related to the issue
+2. `gitnexus_context({name: "<suspect function>"})` — see all callers, callees, and process participation
+3. `READ gitnexus://repo/cameleer-server/process/{processName}` — trace the full execution flow step by step
+4. For regressions: `gitnexus_detect_changes({scope: "compare", base_ref: "main"})` — see what your branch changed
+
+## When Refactoring
+
+- **Renaming**: MUST use `gitnexus_rename({symbol_name: "old", new_name: "new", dry_run: true})` first. Review the preview — graph edits are safe, text_search edits need manual review. Then run with `dry_run: false`.
+- **Extracting/Splitting**: MUST run `gitnexus_context({name: "target"})` to see all incoming/outgoing refs, then `gitnexus_impact({target: "target", direction: "upstream"})` to find all external callers before moving code.
+- After any refactor: run `gitnexus_detect_changes({scope: "all"})` to verify only expected files changed.
+
+## Never Do
+
+- NEVER edit a function, class, or method without first running `gitnexus_impact` on it.
+- NEVER ignore HIGH or CRITICAL risk warnings from impact analysis.
+- NEVER rename symbols with find-and-replace — use `gitnexus_rename` which understands the call graph.
+- NEVER commit changes without running `gitnexus_detect_changes()` to check affected scope.
+
+## Tools Quick Reference
+
+| Tool | When to use | Command |
+|------|-------------|---------|
+| `query` | Find code by concept | `gitnexus_query({query: "auth validation"})` |
+| `context` | 360-degree view of one symbol | `gitnexus_context({name: "validateUser"})` |
+| `impact` | Blast radius before editing | `gitnexus_impact({target: "X", direction: "upstream"})` |
+| `detect_changes` | Pre-commit scope check | `gitnexus_detect_changes({scope: "staged"})` |
+| `rename` | Safe multi-file rename | `gitnexus_rename({symbol_name: "old", new_name: "new", dry_run: true})` |
+| `cypher` | Custom graph queries | `gitnexus_cypher({query: "MATCH ..."})` |
+
+## Impact Risk Levels
+
+| Depth | Meaning | Action |
+|-------|---------|--------|
+| d=1 | WILL BREAK — direct callers/importers | MUST update these |
+| d=2 | LIKELY AFFECTED — indirect deps | Should test |
+| d=3 | MAY NEED TESTING — transitive | Test if critical path |
+
+## Resources
+
+| Resource | Use for |
+|----------|---------|
+| `gitnexus://repo/cameleer-server/context` | Codebase overview, check index freshness |
+| `gitnexus://repo/cameleer-server/clusters` | All functional areas |
+| `gitnexus://repo/cameleer-server/processes` | All execution flows |
+| `gitnexus://repo/cameleer-server/process/{name}` | Step-by-step execution trace |
+
+## Self-Check Before Finishing
+
+Before completing any code modification task, verify:
+1. `gitnexus_impact` was run for all modified symbols
+2. No HIGH/CRITICAL risk warnings were ignored
+3. `gitnexus_detect_changes()` confirms changes match expected scope
+4. All d=1 (WILL BREAK) dependents were updated
+
+## Keeping the Index Fresh
+
+After committing code changes, the GitNexus index becomes stale. Re-run analyze to update it:
+
+```bash
+npx gitnexus analyze
+```
+
+If the index previously included embeddings, preserve them by adding `--embeddings`:
+
+```bash
+npx gitnexus analyze --embeddings
+```
+
+To check whether embeddings exist, inspect `.gitnexus/meta.json` — the `stats.embeddings` field shows the count (0 means no embeddings). **Running analyze without `--embeddings` will delete any previously generated embeddings.**
+
+> Claude Code users: A PostToolUse hook handles this automatically after `git commit` and `git merge`.
+
+## CLI
+
+| Task | Read this skill file |
+|------|---------------------|
+| Understand architecture / "How does X work?" | `.claude/skills/gitnexus/gitnexus-exploring/SKILL.md` |
+| Blast radius / "What breaks if I change X?" | `.claude/skills/gitnexus/gitnexus-impact-analysis/SKILL.md` |
+| Trace bugs / "Why is X failing?" | `.claude/skills/gitnexus/gitnexus-debugging/SKILL.md` |
+| Rename / extract / split / refactor | `.claude/skills/gitnexus/gitnexus-refactoring/SKILL.md` |
+| Tools, resources, schema reference | `.claude/skills/gitnexus/gitnexus-guide/SKILL.md` |
+| Index, status, clean, wiki CLI commands | `.claude/skills/gitnexus/gitnexus-cli/SKILL.md` |
+
+<!-- gitnexus:end -->

Dockerfile

@@ -1,27 +1,25 @@
 FROM --platform=$BUILDPLATFORM maven:3.9-eclipse-temurin-17 AS build
 WORKDIR /build
 
-# Configure Gitea Maven Registry for cameleer3-common dependency
+# Configure Gitea Maven Registry for cameleer-common dependency
 ARG REGISTRY_TOKEN
 RUN mkdir -p ~/.m2 && \
     echo '<settings><servers><server><id>gitea</id><username>cameleer</username><password>'${REGISTRY_TOKEN}'</password></server></servers></settings>' > ~/.m2/settings.xml
 
 COPY pom.xml .
-COPY cameleer3-server-core/pom.xml cameleer3-server-core/
-COPY cameleer3-server-app/pom.xml cameleer3-server-app/
+COPY cameleer-server-core/pom.xml cameleer-server-core/
+COPY cameleer-server-app/pom.xml cameleer-server-app/
 # Cache deps — only re-downloaded when POMs change
 RUN mvn dependency:go-offline -B || true
 COPY . .
-RUN mvn clean package -DskipTests -B
+RUN mvn clean package -DskipTests -U -B
 
 FROM eclipse-temurin:17-jre
 WORKDIR /app
-COPY --from=build /build/cameleer3-server-app/target/cameleer3-server-app-*.jar /app/server.jar
-
-ENV SPRING_DATASOURCE_URL=jdbc:postgresql://postgres:5432/cameleer3
-ENV SPRING_DATASOURCE_USERNAME=cameleer
-ENV SPRING_DATASOURCE_PASSWORD=cameleer_dev
-ENV OPENSEARCH_URL=http://opensearch:9200
+COPY --from=build /build/cameleer-server-app/target/cameleer-server-app-*.jar /app/server.jar
+COPY docker-entrypoint.sh /app/
+RUN chmod +x /app/docker-entrypoint.sh
 
 EXPOSE 8081
-ENTRYPOINT exec java -jar /app/server.jar
+ENV TZ=UTC
+ENTRYPOINT ["/app/docker-entrypoint.sh"]

HOWTO.md

@@ -1,4 +1,4 @@
-# HOWTO — Cameleer3 Server
+# HOWTO — Cameleer Server
 
 ## Prerequisites
 
@@ -6,7 +6,7 @@
 - Maven 3.9+
 - Node.js 22+ and npm
 - Docker & Docker Compose
-- Access to the Gitea Maven registry (for `cameleer3-common` dependency)
+- Access to the Gitea Maven registry (for `cameleer-common` dependency)
 
 ## Build
 
@@ -21,31 +21,36 @@ mvn clean verify           # compile + run all tests (needs Docker for integrati
 
 ## Infrastructure Setup
 
-Start PostgreSQL and OpenSearch:
+Start PostgreSQL:
 
 ```bash
 docker compose up -d
 ```
 
-This starts TimescaleDB (PostgreSQL 16) and OpenSearch 2.19. The database schema is applied automatically via Flyway migrations on server startup.
+This starts PostgreSQL 16. The database schema is applied automatically via Flyway migrations on server startup. ClickHouse tables are created by the schema initializer on startup.
 
 | Service    | Port | Purpose              |
 |------------|------|----------------------|
 | PostgreSQL | 5432 | JDBC (Spring JDBC)   |
-| OpenSearch | 9200 | REST API (full-text)  |
 
-PostgreSQL credentials: `cameleer` / `cameleer_dev`, database `cameleer3`.
+PostgreSQL credentials: `cameleer` / `cameleer_dev`, database `cameleer`.
 
 ## Run the Server
 
 ```bash
 mvn clean package -DskipTests
-CAMELEER_AUTH_TOKEN=my-secret-token java -jar cameleer3-server-app/target/cameleer3-server-app-1.0-SNAPSHOT.jar
+SPRING_DATASOURCE_URL=jdbc:postgresql://localhost:5432/cameleer \
+SPRING_DATASOURCE_USERNAME=cameleer \
+SPRING_DATASOURCE_PASSWORD=cameleer_dev \
+CAMELEER_SERVER_SECURITY_BOOTSTRAPTOKEN=my-secret-token \
+java -jar cameleer-server-app/target/cameleer-server-app-1.0-SNAPSHOT.jar
 ```
 
-The server starts on **port 8081**. The `CAMELEER_AUTH_TOKEN` environment variable is **required** — the server fails fast on startup if it is not set.
+> **Note:** The Docker image no longer includes default database credentials. When running via `docker run`, pass `-e SPRING_DATASOURCE_URL=...` etc. The docker-compose setup provides these automatically.
 
-For token rotation without downtime, set `CAMELEER_AUTH_TOKEN_PREVIOUS` to the old token while rolling out the new one. The server accepts both during the overlap window.
+The server starts on **port 8081**. The `CAMELEER_SERVER_SECURITY_BOOTSTRAPTOKEN` environment variable is **required** — the server fails fast on startup if it is not set.
+
+For token rotation without downtime, set `CAMELEER_SERVER_SECURITY_BOOTSTRAPTOKENPREVIOUS` to the old token while rolling out the new one. The server accepts both during the overlap window.
 
 ## API Endpoints
 
@@ -84,7 +89,7 @@ curl -s -X POST http://localhost:8081/api/v1/auth/refresh \
   -d '{"refreshToken":"<refreshToken>"}'
 ```
 
-UI credentials are configured via `CAMELEER_UI_USER` / `CAMELEER_UI_PASSWORD` env vars (default: `admin` / `admin`).
+UI credentials are configured via `CAMELEER_SERVER_SECURITY_UIUSER` / `CAMELEER_SERVER_SECURITY_UIPASSWORD` env vars (default: `admin` / `admin`).
 
 **Public endpoints (no JWT required):** `GET /api/v1/health`, `POST /api/v1/agents/register` (uses bootstrap token), `POST /api/v1/auth/**`, OpenAPI/Swagger docs.
 
@@ -100,13 +105,15 @@ JWTs carry a `roles` claim. Endpoints are restricted by role:
 
 | Role | Access |
 |------|--------|
-| `AGENT` | Data ingestion (`/data/**`), heartbeat, SSE events, command ack |
-| `VIEWER` | Search, execution detail, diagrams, agent list |
-| `OPERATOR` | VIEWER + send commands to agents |
-| `ADMIN` | OPERATOR + user management (`/admin/**`) |
+| `AGENT` | Data ingestion (`/data/**` — executions, diagrams, metrics, logs), heartbeat, SSE events, command ack |
+| `VIEWER` | Search, execution detail, diagrams, agent list, app config (read-only) |
+| `OPERATOR` | VIEWER + send commands to agents, route control, replay, edit app config |
+| `ADMIN` | OPERATOR + user management, audit log, OIDC config, database admin (`/admin/**`) |
 
 The env-var local user gets `ADMIN` role. Agents get `AGENT` role at registration.
 
+**UI role gating:** The sidebar hides the Admin section for non-ADMIN users. Admin routes (`/admin/*`) redirect to `/` for non-admin. The diagram node toolbar and route control bar are hidden for VIEWER. Config is a main tab (`/config` shows all apps, `/config/:appId` filters to one app with detail panel; sidebar clicks stay on config tab, route clicks resolve to parent app). VIEWER sees read-only, OPERATOR+ can edit.
+
 ### OIDC Login (Optional)
 
 OIDC configuration is stored in PostgreSQL and managed via the admin API or UI. The SPA checks if OIDC is available:
@@ -139,7 +146,7 @@ curl -s -X PUT http://localhost:8081/api/v1/admin/oidc \
   -H "Authorization: Bearer $TOKEN" \
   -d '{
     "enabled": true,
-    "issuerUri": "http://authentik:9000/application/o/cameleer/",
+    "issuerUri": "http://cameleer-logto:3001/oidc",
     "clientId": "your-client-id",
     "clientSecret": "your-client-secret",
     "rolesClaim": "realm_access.roles",
@@ -155,30 +162,44 @@ curl -s -X DELETE http://localhost:8081/api/v1/admin/oidc \
   -H "Authorization: Bearer $TOKEN"
 ```
 
-**Initial provisioning**: OIDC can also be seeded from `CAMELEER_OIDC_*` env vars on first startup (when DB is empty). After that, the admin API takes over.
+**Initial provisioning**: OIDC can also be seeded from `CAMELEER_SERVER_SECURITY_OIDC*` env vars on first startup (when DB is empty). After that, the admin API takes over.
 
-### Authentik Setup (OIDC Provider)
+### Logto Setup (OIDC Provider)
 
-Authentik is deployed alongside the Cameleer stack. After first deployment:
+Logto is deployed alongside the Cameleer stack. After first deployment:
 
-1. **Initial setup**: Open `http://192.168.50.86:30950/if/flow/initial-setup/` and create the admin account
-2. **Create provider**: Admin Interface → Providers → Create → OAuth2/OpenID Provider
-   - Name: `Cameleer`
-   - Authorization flow: `default-provider-authorization-explicit-consent`
-   - Client type: `Confidential`
-   - Redirect URIs: `http://192.168.50.86:30090/callback` (or your UI URL)
+Logto is proxy-aware via `TRUST_PROXY_HEADER=1`. The `LOGTO_ENDPOINT` and `LOGTO_ADMIN_ENDPOINT` secrets define the public-facing URLs that Logto uses for OIDC discovery, issuer URI, and redirect URLs. When behind a reverse proxy (e.g., Traefik), set these to the external URLs (e.g., `https://auth.cameleer.my.domain`). Logto needs its own subdomain — it cannot be path-prefixed under another app.
+
+1. **Initial setup**: Open the Logto admin console (the `LOGTO_ADMIN_ENDPOINT` URL) and create the admin account
+2. **Create SPA application**: Applications → Create → Single Page App
+   - Name: `Cameleer UI`
+   - Redirect URI: your UI URL + `/oidc/callback`
+   - Note the **Client ID**
+3. **Create API Resource**: API Resources → Create
+   - Name: `Cameleer Server API`
+   - Indicator: your API URL (e.g., `https://cameleer.siegeln.net/api`)
+   - Add permissions: `server:admin`, `server:operator`, `server:viewer`
+4. **Create M2M application** (for SaaS platform): Applications → Create → Machine-to-Machine
+   - Name: `Cameleer SaaS`
+   - Assign the API Resource created above with `server:admin` scope
    - Note the **Client ID** and **Client Secret**
-3. **Create application**: Admin Interface → Applications → Create
-   - Name: `Cameleer`
-   - Provider: select `Cameleer` (created above)
-4. **Configure roles** (optional): Create groups in Authentik and map them to Cameleer roles via the `roles-claim` config. Default claim path is `realm_access.roles`. For Authentik, you may need to customize the OIDC scope to include group claims.
-5. **Configure Cameleer**: Use the admin API (`PUT /api/v1/admin/oidc`) or set env vars for initial seeding:
+5. **Configure Cameleer OIDC login**: Use the admin API (`PUT /api/v1/admin/oidc`) or the admin UI. OIDC login configuration is stored in the database — no env vars needed for the SPA OIDC flow.
+6. **Configure resource server** (for M2M token validation):
    ```
-   CAMELEER_OIDC_ENABLED=true
-   CAMELEER_OIDC_ISSUER=http://authentik:9000/application/o/cameleer/
-   CAMELEER_OIDC_CLIENT_ID=<client-id-from-step-2>
-   CAMELEER_OIDC_CLIENT_SECRET=<client-secret-from-step-2>
+   CAMELEER_SERVER_SECURITY_OIDCISSUERURI=<LOGTO_ENDPOINT>/oidc
+   CAMELEER_SERVER_SECURITY_OIDCJWKSETURI=http://cameleer-logto:3001/oidc/jwks
+   CAMELEER_SERVER_SECURITY_OIDCAUDIENCE=<api-resource-indicator-from-step-3>
+   CAMELEER_SERVER_SECURITY_OIDCTLSSKIPVERIFY=true   # optional — skip cert verification for self-signed CAs
    ```
+   `OIDCJWKSETURI` is needed when the public issuer URL isn't reachable from inside containers — it fetches JWKS directly from the internal Logto service. `OIDCTLSSKIPVERIFY` disables certificate verification for all OIDC HTTP calls (discovery, token exchange, JWKS); use only when the provider has a self-signed CA.
+
+### SSO Behavior
+
+When OIDC is configured and enabled, the UI automatically redirects to the OIDC provider for silent SSO (`prompt=none`). Users with an active provider session are signed in without seeing a login form. On first login, the provider may show a consent screen (scopes), after which subsequent logins are seamless. If auto-signup is enabled, new users are automatically provisioned with the configured default roles.
+
+- **Bypass SSO**: Navigate to `/login?local` to see the local login form
+- **Subpath deployments**: The OIDC redirect_uri respects `BASE_PATH` (e.g., `https://host/server/oidc/callback`)
+- **Role sync**: System roles (ADMIN/OPERATOR/VIEWER) are synced from OIDC scopes on every login — revoking a scope in the provider takes effect on next login. Manually assigned group memberships are preserved.
 
 ### User Management (ADMIN only)
 
@@ -220,6 +241,19 @@ curl -s -X POST http://localhost:8081/api/v1/data/metrics \
   -H "X-Protocol-Version: 1" \
   -H "Authorization: Bearer $TOKEN" \
   -d '[{"agentId":"agent-1","metricName":"cpu","value":42.0,"timestamp":"2026-03-11T00:00:00Z","tags":{}}]'
+
+# Post application log entries (raw JSON array — no wrapper)
+curl -s -X POST http://localhost:8081/api/v1/data/logs \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer $TOKEN" \
+  -d '[{
+    "timestamp": "2026-03-25T10:00:00Z",
+    "level": "INFO",
+    "loggerName": "com.acme.MyService",
+    "message": "Processing order #12345",
+    "threadName": "main",
+    "source": "app"
+  }]'
 ```
 
 **Note:** The `X-Protocol-Version: 1` header is required on all `/api/v1/data/**` endpoints. Missing or wrong version returns 400.
@@ -311,6 +345,12 @@ curl -s -X POST http://localhost:8081/api/v1/agents/groups/order-service-prod/co
   -H "Authorization: Bearer $TOKEN" \
   -d '{"type":"deep-trace","payload":{"routeId":"route-1","durationSeconds":60}}'
 
+# Send route control command to agent group (start/stop/suspend/resume)
+curl -s -X POST http://localhost:8081/api/v1/agents/groups/order-service-prod/commands \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer $TOKEN" \
+  -d '{"type":"route-control","payload":{"routeId":"route-1","action":"stop","nonce":"unique-uuid"}}'
+
 # Broadcast command to all live agents
 curl -s -X POST http://localhost:8081/api/v1/agents/commands \
   -H "Content-Type: application/json" \
@@ -324,43 +364,98 @@ curl -s -X POST http://localhost:8081/api/v1/agents/agent-1/commands/{commandId}
 
 **Agent lifecycle:** LIVE (heartbeat within 90s) → STALE (missed 3 heartbeats) → DEAD (5min after STALE). DEAD agents kept indefinitely.
 
-**SSE events:** `config-update`, `deep-trace`, `replay` commands pushed in real time. Server sends ping keepalive every 15s.
+**Server restart resilience:** The agent registry is in-memory and lost on server restart. Agents auto-re-register on their next heartbeat or SSE connection — the server reconstructs registry entries from JWT claims (subject, application). Route catalog uses ClickHouse execution data as fallback until agents re-register with full route IDs. Agents should also handle 404 on heartbeat by triggering a full re-registration.
+
+**SSE events:** `config-update`, `deep-trace`, `replay`, `route-control` commands pushed in real time. Server sends ping keepalive every 15s.
 
 **Command expiry:** Unacknowledged commands expire after 60 seconds.
 
+**Route control responses:** Route control commands return `CommandGroupResponse` with per-agent status, response count, and timed-out agent IDs.
+
 ### Backpressure
 
 When the write buffer is full (default capacity: 50,000), ingestion endpoints return **503 Service Unavailable**. Already-buffered data is not lost.
 
 ## Configuration
 
-Key settings in `cameleer3-server-app/src/main/resources/application.yml`:
+Key settings in `cameleer-server-app/src/main/resources/application.yml`. All custom properties live under `cameleer.server.*`. Env vars are a mechanical 1:1 mapping (dots to underscores, uppercase).
 
-| Setting | Default | Description |
-|---------|---------|-------------|
-| `server.port` | 8081 | Server port |
-| `ingestion.buffer-capacity` | 50000 | Max items in write buffer |
-| `ingestion.batch-size` | 5000 | Items per batch insert |
-| `ingestion.flush-interval-ms` | 1000 | Buffer flush interval (ms) |
-| `agent-registry.heartbeat-interval-seconds` | 30 | Expected heartbeat interval |
-| `agent-registry.stale-threshold-seconds` | 90 | Time before agent marked STALE |
-| `agent-registry.dead-threshold-seconds` | 300 | Time after STALE before DEAD |
-| `agent-registry.command-expiry-seconds` | 60 | Pending command TTL |
-| `agent-registry.keepalive-interval-seconds` | 15 | SSE ping keepalive interval |
-| `security.access-token-expiry-ms` | 3600000 | JWT access token lifetime (1h) |
-| `security.refresh-token-expiry-ms` | 604800000 | Refresh token lifetime (7d) |
-| `security.bootstrap-token` | `${CAMELEER_AUTH_TOKEN}` | Bootstrap token for agent registration (required) |
-| `security.bootstrap-token-previous` | `${CAMELEER_AUTH_TOKEN_PREVIOUS}` | Previous bootstrap token for rotation (optional) |
-| `security.ui-user` | `admin` | UI login username (`CAMELEER_UI_USER` env var) |
-| `security.ui-password` | `admin` | UI login password (`CAMELEER_UI_PASSWORD` env var) |
-| `security.ui-origin` | `http://localhost:5173` | CORS allowed origin for UI (`CAMELEER_UI_ORIGIN` env var) |
-| `security.jwt-secret` | *(random)* | HMAC secret for JWT signing (`CAMELEER_JWT_SECRET`). If set, tokens survive restarts |
-| `security.oidc.enabled` | `false` | Enable OIDC login (`CAMELEER_OIDC_ENABLED`) |
-| `security.oidc.issuer-uri` | | OIDC provider issuer URL (`CAMELEER_OIDC_ISSUER`) |
-| `security.oidc.client-id` | | OAuth2 client ID (`CAMELEER_OIDC_CLIENT_ID`) |
-| `security.oidc.client-secret` | | OAuth2 client secret (`CAMELEER_OIDC_CLIENT_SECRET`) |
-| `security.oidc.roles-claim` | `realm_access.roles` | JSONPath to roles in OIDC id_token (`CAMELEER_OIDC_ROLES_CLAIM`) |
-| `security.oidc.default-roles` | `VIEWER` | Default roles for new OIDC users (`CAMELEER_OIDC_DEFAULT_ROLES`) |
+**Security** (`cameleer.server.security.*`):
+
+| Setting | Default | Env var | Description |
+|---------|---------|---------|-------------|
+| `cameleer.server.security.bootstraptoken` | *(required)* | `CAMELEER_SERVER_SECURITY_BOOTSTRAPTOKEN` | Bootstrap token for agent registration |
+| `cameleer.server.security.bootstraptokenprevious` | *(empty)* | `CAMELEER_SERVER_SECURITY_BOOTSTRAPTOKENPREVIOUS` | Previous bootstrap token for rotation |
+| `cameleer.server.security.uiuser` | `admin` | `CAMELEER_SERVER_SECURITY_UIUSER` | UI login username |
+| `cameleer.server.security.uipassword` | `admin` | `CAMELEER_SERVER_SECURITY_UIPASSWORD` | UI login password |
+| `cameleer.server.security.uiorigin` | `http://localhost:5173` | `CAMELEER_SERVER_SECURITY_UIORIGIN` | CORS allowed origin for UI |
+| `cameleer.server.security.corsallowedorigins` | *(empty)* | `CAMELEER_SERVER_SECURITY_CORSALLOWEDORIGINS` | Comma-separated CORS origins — overrides `uiorigin` when set |
+| `cameleer.server.security.jwtsecret` | *(random)* | `CAMELEER_SERVER_SECURITY_JWTSECRET` | HMAC secret for JWT signing. If set, tokens survive restarts |
+| `cameleer.server.security.accesstokenexpiryms` | `3600000` | `CAMELEER_SERVER_SECURITY_ACCESSTOKENEXPIRYMS` | JWT access token lifetime (1h) |
+| `cameleer.server.security.refreshtokenexpiryms` | `604800000` | `CAMELEER_SERVER_SECURITY_REFRESHTOKENEXPIRYMS` | Refresh token lifetime (7d) |
+| `cameleer.server.security.infrastructureendpoints` | `true` | `CAMELEER_SERVER_SECURITY_INFRASTRUCTUREENDPOINTS` | Show DB/ClickHouse admin endpoints. Set `false` in SaaS-managed mode |
+
+**OIDC resource server** (`cameleer.server.security.oidc.*`):
+
+| Setting | Default | Env var | Description |
+|---------|---------|---------|-------------|
+| `cameleer.server.security.oidc.issueruri` | *(empty)* | `CAMELEER_SERVER_SECURITY_OIDC_ISSUERURI` | OIDC issuer URI — enables resource server mode |
+| `cameleer.server.security.oidc.jwkseturi` | *(empty)* | `CAMELEER_SERVER_SECURITY_OIDC_JWKSETURI` | Direct JWKS URL — bypasses OIDC discovery |
+| `cameleer.server.security.oidc.audience` | *(empty)* | `CAMELEER_SERVER_SECURITY_OIDC_AUDIENCE` | Expected JWT audience |
+| `cameleer.server.security.oidc.tlsskipverify` | `false` | `CAMELEER_SERVER_SECURITY_OIDC_TLSSKIPVERIFY` | Skip TLS cert verification for OIDC calls |
+
+**Note:** OIDC *login* configuration (issuer, client ID, client secret, roles claim, default roles) is stored in the database and managed via the admin API (`PUT /api/v1/admin/oidc`) or admin UI. The env vars above are for resource server mode (M2M token validation) only.
+
+**Ingestion** (`cameleer.server.ingestion.*`):
+
+| Setting | Default | Env var | Description |
+|---------|---------|---------|-------------|
+| `cameleer.server.ingestion.buffercapacity` | `50000` | `CAMELEER_SERVER_INGESTION_BUFFERCAPACITY` | Max items in write buffer |
+| `cameleer.server.ingestion.batchsize` | `5000` | `CAMELEER_SERVER_INGESTION_BATCHSIZE` | Items per batch insert |
+| `cameleer.server.ingestion.flushintervalms` | `5000` | `CAMELEER_SERVER_INGESTION_FLUSHINTERVALMS` | Buffer flush interval (ms) |
+| `cameleer.server.ingestion.bodysizelimit` | `16384` | `CAMELEER_SERVER_INGESTION_BODYSIZELIMIT` | Max body size per execution (bytes) |
+
+**Agent registry** (`cameleer.server.agentregistry.*`):
+
+| Setting | Default | Env var | Description |
+|---------|---------|---------|-------------|
+| `cameleer.server.agentregistry.heartbeatintervalms` | `30000` | `CAMELEER_SERVER_AGENTREGISTRY_HEARTBEATINTERVALMS` | Expected heartbeat interval (ms) |
+| `cameleer.server.agentregistry.stalethresholdms` | `90000` | `CAMELEER_SERVER_AGENTREGISTRY_STALETHRESHOLDMS` | Time before agent marked STALE (ms) |
+| `cameleer.server.agentregistry.deadthresholdms` | `300000` | `CAMELEER_SERVER_AGENTREGISTRY_DEADTHRESHOLDMS` | Time after STALE before DEAD (ms) |
+| `cameleer.server.agentregistry.pingintervalms` | `15000` | `CAMELEER_SERVER_AGENTREGISTRY_PINGINTERVALMS` | SSE ping keepalive interval (ms) |
+| `cameleer.server.agentregistry.commandexpiryms` | `60000` | `CAMELEER_SERVER_AGENTREGISTRY_COMMANDEXPIRYMS` | Pending command TTL (ms) |
+| `cameleer.server.agentregistry.lifecyclecheckintervalms` | `10000` | `CAMELEER_SERVER_AGENTREGISTRY_LIFECYCLECHECKINTERVALMS` | Lifecycle monitor interval (ms) |
+
+**Runtime** (`cameleer.server.runtime.*`):
+
+| Setting | Default | Env var | Description |
+|---------|---------|---------|-------------|
+| `cameleer.server.runtime.enabled` | `true` | `CAMELEER_SERVER_RUNTIME_ENABLED` | Enable Docker orchestration |
+| `cameleer.server.runtime.baseimage` | `cameleer-runtime-base:latest` | `CAMELEER_SERVER_RUNTIME_BASEIMAGE` | Base Docker image for app containers |
+| `cameleer.server.runtime.dockernetwork` | `cameleer` | `CAMELEER_SERVER_RUNTIME_DOCKERNETWORK` | Primary Docker network |
+| `cameleer.server.runtime.jarstoragepath` | `/data/jars` | `CAMELEER_SERVER_RUNTIME_JARSTORAGEPATH` | JAR file storage directory |
+| `cameleer.server.runtime.jardockervolume` | *(empty)* | `CAMELEER_SERVER_RUNTIME_JARDOCKERVOLUME` | Docker volume for JAR sharing |
+| `cameleer.server.runtime.routingmode` | `path` | `CAMELEER_SERVER_RUNTIME_ROUTINGMODE` | `path` or `subdomain` Traefik routing |
+| `cameleer.server.runtime.routingdomain` | `localhost` | `CAMELEER_SERVER_RUNTIME_ROUTINGDOMAIN` | Domain for Traefik routing labels |
+| `cameleer.server.runtime.serverurl` | *(empty)* | `CAMELEER_SERVER_RUNTIME_SERVERURL` | Server URL injected into app containers |
+| `cameleer.server.runtime.agenthealthport` | `9464` | `CAMELEER_SERVER_RUNTIME_AGENTHEALTHPORT` | Agent health check port |
+| `cameleer.server.runtime.healthchecktimeout` | `60` | `CAMELEER_SERVER_RUNTIME_HEALTHCHECKTIMEOUT` | Health check timeout (seconds) |
+| `cameleer.server.runtime.container.memorylimit` | `512m` | `CAMELEER_SERVER_RUNTIME_CONTAINER_MEMORYLIMIT` | Default memory limit for app containers |
+| `cameleer.server.runtime.container.cpushares` | `512` | `CAMELEER_SERVER_RUNTIME_CONTAINER_CPUSHARES` | Default CPU shares for app containers |
+
+**Other** (`cameleer.server.*`):
+
+| Setting | Default | Env var | Description |
+|---------|---------|---------|-------------|
+| `cameleer.server.catalog.discoveryttldays` | `7` | `CAMELEER_SERVER_CATALOG_DISCOVERYTTLDAYS` | Days before stale discovered apps auto-hide from sidebar |
+| `cameleer.server.tenant.id` | `default` | `CAMELEER_SERVER_TENANT_ID` | Tenant identifier |
+| `cameleer.server.indexer.debouncems` | `2000` | `CAMELEER_SERVER_INDEXER_DEBOUNCEMS` | Search indexer debounce delay (ms) |
+| `cameleer.server.indexer.queuesize` | `10000` | `CAMELEER_SERVER_INDEXER_QUEUESIZE` | Search indexer queue capacity |
+| `cameleer.server.license.token` | *(empty)* | `CAMELEER_SERVER_LICENSE_TOKEN` | License token |
+| `cameleer.server.license.publickey` | *(empty)* | `CAMELEER_SERVER_LICENSE_PUBLICKEY` | License verification public key |
+| `cameleer.server.clickhouse.url` | `jdbc:clickhouse://localhost:8123/cameleer` | `CAMELEER_SERVER_CLICKHOUSE_URL` | ClickHouse JDBC URL |
+| `cameleer.server.clickhouse.username` | `default` | `CAMELEER_SERVER_CLICKHOUSE_USERNAME` | ClickHouse user |
+| `cameleer.server.clickhouse.password` | *(empty)* | `CAMELEER_SERVER_CLICKHOUSE_PASSWORD` | ClickHouse password |
 
 ## Web UI Development
 
@@ -371,7 +466,7 @@ npm run dev          # Vite dev server on http://localhost:5173 (proxies /api to
 npm run build        # Production build to ui/dist/
 ```
 
-Login with `admin` / `admin` (or whatever `CAMELEER_UI_USER` / `CAMELEER_UI_PASSWORD` are set to).
+Login with `admin` / `admin` (or whatever `CAMELEER_SERVER_SECURITY_UIUSER` / `CAMELEER_SERVER_SECURITY_UIPASSWORD` are set to).
 
 The UI uses runtime configuration via `public/config.js`. In Kubernetes, a ConfigMap overrides this file to set the correct API base URL.
 
@@ -385,17 +480,17 @@ npm run generate-api   # Requires backend running on :8081
 
 ## Running Tests
 
-Integration tests use Testcontainers (starts PostgreSQL and OpenSearch automatically — requires Docker):
+Integration tests use Testcontainers (starts PostgreSQL automatically — requires Docker):
 
 ```bash
 # All tests
 mvn verify
 
 # Unit tests only (no Docker needed)
-mvn test -pl cameleer3-server-core
+mvn test -pl cameleer-server-core
 
 # Specific integration test
-mvn test -pl cameleer3-server-app -Dtest=ExecutionControllerIT
+mvn test -pl cameleer-server-app -Dtest=ExecutionControllerIT
 ```
 
 ## Verify Database Data
@@ -403,7 +498,7 @@ mvn test -pl cameleer3-server-app -Dtest=ExecutionControllerIT
 After posting data and waiting for the flush interval (1s default):
 
 ```bash
-docker exec -it cameleer3-server-postgres-1 psql -U cameleer -d cameleer3 \
+docker exec -it cameleer-server-postgres-1 psql -U cameleer -d cameleer \
   -c "SELECT count(*) FROM route_executions"
 ```
 
@@ -415,14 +510,16 @@ The full stack is deployed to k3s via CI/CD on push to `main`. K8s manifests are
 
 ```
 cameleer namespace:
-  PostgreSQL (StatefulSet, 10Gi PVC)       ← postgres:5432 (ClusterIP)
-  OpenSearch (StatefulSet, 10Gi PVC)       ← opensearch:9200 (ClusterIP)
-  cameleer3-server (Deployment)            ← NodePort 30081
-  cameleer3-ui (Deployment, Nginx)         ← NodePort 30090
-  Authentik Server (Deployment)            ← NodePort 30950
-  Authentik Worker (Deployment)
-  Authentik PostgreSQL (StatefulSet, 1Gi)  ← ClusterIP
-  Authentik Redis (Deployment)             ← ClusterIP
+  PostgreSQL (StatefulSet, 10Gi PVC)       ← cameleer-postgres:5432 (ClusterIP)
+  ClickHouse (StatefulSet, 10Gi PVC)       ← cameleer-clickhouse:8123 (ClusterIP)
+  cameleer-server (Deployment)            ← NodePort 30081
+  cameleer-ui (Deployment, Nginx)         ← NodePort 30090
+  cameleer-deploy-demo (Deployment)        ← NodePort 30092
+  Logto Server (Deployment)               ← NodePort 30951/30952
+  Logto PostgreSQL (StatefulSet, 1Gi)     ← ClusterIP
+
+cameleer-demo namespace:
+  (deployed Camel applications — managed by cameleer-deploy-demo)
 ```
 
 ### Access (from your network)
@@ -432,13 +529,15 @@ cameleer namespace:
 | Web UI | `http://192.168.50.86:30090` |
 | Server API | `http://192.168.50.86:30081/api/v1/health` |
 | Swagger UI | `http://192.168.50.86:30081/api/v1/swagger-ui.html` |
-| Authentik | `http://192.168.50.86:30950` |
+| Deploy Demo | `http://192.168.50.86:30092` |
+| Logto API | `LOGTO_ENDPOINT` secret (NodePort 30951 direct, or behind reverse proxy) |
+| Logto Admin | `LOGTO_ADMIN_ENDPOINT` secret (NodePort 30952 direct, or behind reverse proxy) |
 
 ### CI/CD Pipeline
 
 Push to `main` triggers: **build** (UI npm + Maven, unit tests) → **docker** (buildx amd64 for server + UI, push to Gitea registry) → **deploy** (kubectl apply + rolling update).
 
-Required Gitea org secrets: `REGISTRY_TOKEN`, `KUBECONFIG_BASE64`, `CAMELEER_AUTH_TOKEN`, `CAMELEER_JWT_SECRET`, `POSTGRES_USER`, `POSTGRES_PASSWORD`, `POSTGRES_DB`, `OPENSEARCH_USER`, `OPENSEARCH_PASSWORD`, `CAMELEER_UI_USER` (optional), `CAMELEER_UI_PASSWORD` (optional), `AUTHENTIK_PG_USER`, `AUTHENTIK_PG_PASSWORD`, `AUTHENTIK_SECRET_KEY`, `CAMELEER_OIDC_ENABLED`, `CAMELEER_OIDC_ISSUER`, `CAMELEER_OIDC_CLIENT_ID`, `CAMELEER_OIDC_CLIENT_SECRET`.
+Required Gitea org secrets: `REGISTRY_TOKEN`, `KUBECONFIG_BASE64`, `CAMELEER_SERVER_SECURITY_BOOTSTRAPTOKEN`, `CAMELEER_SERVER_SECURITY_JWTSECRET`, `POSTGRES_USER`, `POSTGRES_PASSWORD`, `POSTGRES_DB`, `CLICKHOUSE_USER`, `CLICKHOUSE_PASSWORD`, `CAMELEER_SERVER_SECURITY_UIUSER` (optional), `CAMELEER_SERVER_SECURITY_UIPASSWORD` (optional), `LOGTO_PG_USER`, `LOGTO_PG_PASSWORD`, `LOGTO_ENDPOINT` (public-facing Logto URL, e.g., `https://auth.cameleer.my.domain`), `LOGTO_ADMIN_ENDPOINT` (admin console URL), `CAMELEER_SERVER_SECURITY_OIDCISSUERURI` (optional, for resource server M2M token validation), `CAMELEER_SERVER_SECURITY_OIDCAUDIENCE` (optional, API resource indicator), `CAMELEER_SERVER_SECURITY_OIDCTLSSKIPVERIFY` (optional, skip TLS cert verification for self-signed CAs).
 
 ### Manual K8s Commands
 
@@ -447,14 +546,14 @@ Required Gitea org secrets: `REGISTRY_TOKEN`, `KUBECONFIG_BASE64`, `CAMELEER_AUT
 kubectl -n cameleer get pods
 
 # View server logs
-kubectl -n cameleer logs -f deploy/cameleer3-server
+kubectl -n cameleer logs -f deploy/cameleer-server
 
 # View PostgreSQL logs
-kubectl -n cameleer logs -f statefulset/postgres
+kubectl -n cameleer logs -f statefulset/cameleer-postgres
 
-# View OpenSearch logs
-kubectl -n cameleer logs -f statefulset/opensearch
+# View ClickHouse logs
+kubectl -n cameleer logs -f statefulset/cameleer-clickhouse
 
 # Restart server
-kubectl -n cameleer rollout restart deployment/cameleer3-server
+kubectl -n cameleer rollout restart deployment/cameleer-server
 ```

UI-CONSISTENCY-AUDIT.md

@@ -0,0 +1,259 @@
+> **Status: RESOLVED** — All phases (1-5) executed on 2026-04-09. Remaining: responsive design (separate initiative).
+
+# UI Consistency Audit — cameleer-server
+
+**Date:** 2026-04-09
+**Scope:** All files under `ui/src/` (26 CSS modules, ~45 TSX components, ~15 pages)
+**Verdict:** ~55% design system adoption for interactive UI. Significant duplication and inline style debt.
+
+---
+
+## Executive Summary
+
+| Dimension | Score | Key Issue |
+|-----------|-------|-----------|
+| Design system component adoption | 55% | 32 raw `<button>`, 12 raw `<select>`, 8 raw `<input>` should use DS |
+| Color consistency | Poor | ~140 violations: 45 hardcoded hex in TSX, 13 naked hex in CSS, ~55 fallback hex in `var()` |
+| Inline styles | Poor | 55 RED (static inline styles), 8 YELLOW, 14 GREEN (justified) |
+| Layout consistency | Mixed | 3 different page padding values, mixed gap/margin approaches |
+| CSS module duplication | 22% | ~135 of 618 classes are copy-pasted across files |
+| Responsive design | None | Zero `@media` queries in entire UI |
+
+---
+
+## 1. Critical: Hardcoded Colors (CLAUDE.md violation)
+
+The project rule states: *"Always use `@cameleer/design-system` CSS variables for colors — never hardcode hex values."*
+
+### Worst offenders
+
+| File | Violations | Severity |
+|------|-----------|----------|
+| `ProcessDiagram/DiagramNode.tsx` | ~20 hex values in SVG fill/stroke | Critical |
+| `ExecutionDiagram/ExecutionDiagram.module.css` | 17 naked hex + ~40 hex fallbacks in `var()` | Critical |
+| `ProcessDiagram/CompoundNode.tsx` | 8 hex values | Critical |
+| `ProcessDiagram/DiagramEdge.tsx` | 3 hex values | High |
+| `ProcessDiagram/ConfigBadge.tsx` | 3 hex values | High |
+| `ProcessDiagram/ErrorSection.tsx` | 2 hex values | High |
+| `ProcessDiagram/NodeToolbar.tsx` | 2 hex values | High |
+| `ProcessDiagram/Minimap.tsx` | 3 hex values | High |
+| `Dashboard/Dashboard.module.css` | `#5db866` (not even a DS color) | High |
+| `AppsTab/AppsTab.module.css` | `var(--accent, #6c7aff)` (undefined DS variable) | Medium |
+
+### Undefined CSS variables (not in design system)
+
+| Variable | Files | Should be |
+|----------|-------|-----------|
+| `--accent` | EnvironmentSelector, AppsTab | `--amber` (or define in DS) |
+| `--bg-base` | LoginPage | `--bg-body` |
+| `--surface` | ContentTabs, ExchangeHeader | `--bg-surface` |
+| `--bg-surface-raised` | AgentHealth | `--bg-raised` |
+
+### Missing DS tokens needed
+
+Several tint/background colors are used repeatedly but have no DS variable:
+- `--error-bg` (used as `#FDF2F0`, `#F9E0DC`)
+- `--success-bg` (used as `#F0F9F1`)
+- `--amber-bg` / `--warning-bg` (used as `#FFF8F0`)
+- `--bg-inverse` / `--text-inverse` (used as `#1A1612` / `#E4DFD8`)
+
+---
+
+## 2. Critical: CSS Module Duplication (~22%)
+
+~135 of 618 class definitions are copy-pasted across files.
+
+### Table section pattern — 5 files, ~35 duplicate classes
+
+`.tableSection`, `.tableHeader`, `.tableTitle`, `.tableMeta`, `.tableRight` are **identical** in:
+- `DashboardTab.module.css`
+- `AuditLogPage.module.css`
+- `ClickHouseAdminPage.module.css`
+- `RoutesMetrics.module.css`
+- `RouteDetail.module.css`
+
+### Log viewer panel — 2 files, ~50 lines identical
+
+`.logCard`, `.logHeader`, `.logToolbar`, `.logSearchWrap`, `.logSearchInput`, `.logSearchClear`, `.logClearFilters`, `.logEmpty`, `.sortBtn`, `.refreshBtn`, `.headerActions` — byte-for-byte identical in `AgentHealth.module.css` and `AgentInstance.module.css`.
+
+### Tap modal form — 2 files, ~40 lines identical
+
+`.typeSelector`, `.typeOption`, `.typeOptionActive`, `.testSection`, `.testTabs`, `.testTabBtn`, `.testTabBtnActive`, `.testBody`, `.testResult`, `.testSuccess`, `.testError` — identical in `TapConfigModal.module.css` and `RouteDetail.module.css`.
+
+### Other duplicates
+
+| Pattern | Files | Lines |
+|---------|-------|-------|
+| Rate color classes (`.rateGood/.rateWarn/.rateBad/.rateNeutral`) | DashboardTab, RouteDetail, RoutesMetrics | ~12 each |
+| Refresh indicator + `@keyframes pulse` | DashboardTab, RoutesMetrics | ~15 each |
+| Chart card (`.chartCard`) | AgentInstance, RouteDetail | ~6 each |
+| Section card (`.section`) | AppConfigDetailPage, OidcConfigPage | ~7 each |
+| Meta grid (`.metaGrid/.metaLabel/.metaValue`) | AboutMeDialog, UserManagement | ~9 each |
+
+---
+
+## 3. High: Inline Styles (55 RED violations)
+
+### Files with zero CSS modules (all inline)
+
+| File | Issue |
+|------|-------|
+| `pages/Admin/AdminLayout.tsx` | Entire layout wrapper is inline styled |
+| `pages/Admin/DatabaseAdminPage.tsx` | All layout, typography, spacing inline — no CSS module |
+| `auth/OidcCallback.tsx` | Full-page layout inline — no CSS module |
+
+### Most inline violations
+
+| File | RED count | Primary patterns |
+|------|-----------|-----------------|
+| `pages/AppsTab/AppsTab.tsx` | ~25 | Fixed-width inputs (`width: 50-90px` x18), visually-hidden pattern x2, table cell layouts |
+| `components/LayoutShell.tsx` | 6 | StarredList sub-component, sidebar layout |
+| `pages/Admin/EnvironmentsPage.tsx` | 8 | Raw `<select>` fully styled inline, save/cancel button rows |
+| `pages/Routes/RouteDetail.tsx` | 5 | Heading styles, tab panel margins |
+
+### Repeated inline patterns that need extraction
+
+| Pattern | Occurrences | Fix |
+|---------|-------------|-----|
+| `style={{ display: 'flex', justifyContent: 'center', padding: '4rem' }}` (loading fallback) | 3 files | Create shared `<PageLoader>` |
+| `style={{ position: 'absolute', width: 1, height: 1, clip: 'rect(0,0,0,0)' }}` (visually hidden) | 2 in AppsTab | Create `.visuallyHidden` utility class |
+| `style={{ width: N }}` on `<Input>`/`<Select>` (fixed widths) | 18+ in AppsTab | Size classes or CSS module rules |
+| `style={{ marginTop: 8, display: 'flex', gap: 8, justifyContent: 'flex-end' }}` (action row) | 3+ in EnvironmentsPage | Shared `.editActions` class |
+
+---
+
+## 4. High: Design System Component Adoption Gaps
+
+### Native HTML that should use DS components
+
+| Element | Instances | Files | DS Replacement |
+|---------|-----------|-------|---------------|
+| `<button>` | 32 | 8 files | `Button`, `SegmentedTabs` |
+| `<select>` | 12 | 4 files | `Select` |
+| `<input>` | 8 | 4 files | `Input`, `Toggle`, `Checkbox` |
+| `<label>` | 9 | 2 files | `FormField`, `Label` |
+| `<table>` (data) | 2 | 2 files | `DataTable`, `LogViewer` |
+
+### Highest-priority replacements
+
+1. **`EnvironmentSelector.tsx`** — zero DS imports, entire component is a bare `<select>`. Used globally in sidebar.
+2. **`ExecutionDiagram/tabs/LogTab.tsx`** — reimplements LogViewer from scratch (raw table + input + button). AgentInstance and AgentHealth already use DS `LogViewer` correctly.
+3. **`AppsTab.tsx` sub-tabs** — 3 instances of homegrown `<button>` tab bars. DS provides `SegmentedTabs` and `Tabs`.
+4. **`AppConfigDetailPage.tsx`** — 4x `<select>`, 4x `<label>`, 2x `<input type="checkbox">`, 4x `<button>` — all have DS equivalents already used elsewhere.
+5. **`AgentHealth.tsx`** — config bar uses `Toggle` (correct) alongside raw `<select>` and `<button>` (incorrect).
+
+### Cross-page inconsistencies
+
+| Pattern | Correct usage | Incorrect usage |
+|---------|--------------|-----------------|
+| Log viewer | AgentInstance, AgentHealth use DS `LogViewer` | LogTab rebuilds from scratch |
+| Config edit form | Both pages render same 4 fields | AgentHealth uses `Toggle`, AppConfigDetail uses `<input type="checkbox">` |
+| Sub-tabs | RbacPage uses DS `Tabs` | AppsTab uses homegrown `<button>` tabs with non-DS `--accent` color |
+| Select dropdowns | AppsTab uses DS `Select` for some fields | Same file uses raw `<select>` for other fields |
+
+---
+
+## 5. Medium: Layout Inconsistencies
+
+### Page padding (3 different values)
+
+| Pages | Padding |
+|-------|---------|
+| AgentHealth, AgentInstance, AdminLayout | `20px 24px 40px` |
+| AppsTab | `16px` (all sides) |
+| DashboardTab, Dashboard | No padding (full-bleed) |
+
+### Section gap spacing (mixed approaches)
+
+| Approach | Pages |
+|----------|-------|
+| CSS `gap: 20px` on flex container | DashboardTab, RoutesMetrics |
+| `margin-bottom: 20px` | AgentInstance |
+| Mixed `margin-bottom: 16px` and `20px` on same page | AgentHealth, ClickHouseAdminPage |
+
+### Typography inconsistencies
+
+| Issue | Details |
+|-------|---------|
+| Card title weight | Most use `font-weight: 600`, RouteDetail `.paneTitle` uses `700` |
+| Chart title style | RouteDetail: `12px/700/uppercase`, AgentHealth: `12px/600/uppercase` |
+| Font units | ExchangeHeader + TabKpis use `rem`, everything else uses `px` |
+| Raw headings | DatabaseAdminPage uses `<h2>`/`<h3>` with inline styles; all others use DS `SectionHeader` or CSS classes |
+| Table header padding | Most: `12px 16px`, Dashboard: `8px 12px`, AgentHealth eventCard: `10px 16px` |
+
+### Stat strip layouts
+
+| Page | Layout | Gap |
+|------|--------|-----|
+| AgentHealth, AgentInstance, RbacPage | CSS grid `repeat(N, 1fr)` | `10px` |
+| ClickHouseAdminPage | Flexbox (unequal widths) | `10px` |
+| DatabaseAdminPage | Inline flex | `1rem` (16px) |
+
+### Empty state patterns (4 different approaches)
+
+1. DS `<EmptyState>` component (AgentInstance — correct)
+2. `EntityList emptyMessage` prop (EnvironmentsPage, RbacPage)
+3. `.logEmpty` CSS class, `12px`, `var(--text-faint)` (AgentHealth, AgentInstance)
+4. `.emptyNote` CSS class, `12px`, `italic` (AppsTab)
+5. Inline `0.875rem`, `var(--text-muted)` (ExchangesPage)
+
+### Loading state patterns (3 different approaches)
+
+1. `<Spinner size="lg">` in flex div with inline `padding: 4rem` — copy-pasted 3 times
+2. `<Spinner size="md">` returned directly, no centering (EnvironmentsPage)
+3. No loading UI, data simply absent (DashboardL1/L2/L3)
+
+---
+
+## 6. Low: Other Findings
+
+- **`!important`**: 1 use in `RouteControlBar.module.css` — works around specificity conflict
+- **Zero responsive design**: no `@media` queries anywhere
+- **Z-index**: only 4 uses, all in diagram components (5 and 10), consistent
+- **Naming convention**: all camelCase — consistent, no issues
+- **Unused CSS classes**: ~11 likely unused in AppsTab (old create-modal classes) and TapConfigModal
+
+---
+
+## Recommended Fix Order
+
+### Phase 1: Design system tokens (unblocks everything else)
+
+1. Add missing DS variables: `--error-bg`, `--success-bg`, `--amber-bg`, `--bg-inverse`, `--text-inverse`
+2. Fix undefined variables: `--accent` -> `--amber`, `--bg-base` -> `--bg-body`, `--surface` -> `--bg-surface`
+
+### Phase 2: Eliminate CSS duplication (~22% of all classes)
+
+3. Extract shared `tableSection` pattern to shared CSS module (saves ~140 duplicate lines across 5 files)
+4. Extract shared log viewer CSS to shared module (saves ~50 lines across 2 files)
+5. Remove duplicate tap modal CSS from RouteDetail (saves ~40 lines)
+6. Extract shared rate/refresh/chart patterns
+
+### Phase 3: Fix hardcoded colors
+
+7. Replace all hex in `ProcessDiagram/*.tsx` SVG components (~45 values)
+8. Replace all hex in `ExecutionDiagram.module.css` (~17 naked + strip ~40 fallbacks)
+9. Fix remaining CSS hex violations (Dashboard, AppsTab, AgentHealth)
+
+### Phase 4: Replace native HTML with DS components
+
+10. `EnvironmentSelector` -> DS `Select`
+11. `LogTab` -> DS `LogViewer`
+12. `AppsTab` sub-tabs -> DS `SegmentedTabs`
+13. `AppConfigDetailPage` form elements -> DS `Select`/`Toggle`/`FormField`/`Button`
+14. Remaining `<button>` -> DS `Button`
+
+### Phase 5: Eliminate inline styles
+
+15. Create CSS modules for AdminLayout, DatabaseAdminPage, OidcCallback
+16. Extract shared `<PageLoader>` component
+17. Move AppsTab fixed-width inputs to CSS module size classes
+18. Move remaining inline margins/flex patterns to CSS classes
+
+### Phase 6: Standardize layout patterns
+
+19. Unify page padding to `20px 24px 40px`
+20. Standardize section gaps to `gap: 20px` on flex containers
+21. Normalize font units to `px` throughout
+22. Standardize empty state to DS `<EmptyState>`
+23. Standardize loading state to shared `<PageLoader>`

UI_FINDINGS.md

@@ -0,0 +1,294 @@
+# UI/UX Evaluation Report — Cameleer Server
+
+**Date:** 2026-03-25
+**Evaluated URL:** http://192.168.50.86:30090/
+**Methodology:** Playwright-driven navigation of all major pages (14 screenshots), evaluated by 3 specialist agents: Visual Design, Information Architecture & Usability, Readability & Accessibility.
+
+---
+
+## Executive Summary
+
+The Cameleer dashboard has a **distinctive, well-crafted warm amber design language** that stands out in the observability space. The core monitoring pages (Dashboard, Exchange Detail, Routes, Agents) are polished and consistent. The design system provides a solid foundation.
+
+**Key strengths:** KPI strip pattern, command palette (Ctrl+K), agent card grouping, dark mode token system, cohesive brand identity.
+
+**Critical gaps to address:**
+1. **Font sizes too small** — pervasive 10-11px text for critical data impairs reading under stress
+2. **Color contrast failures** — `--text-muted` and `--text-faint` fail WCAG AA in both themes
+3. **Status indicators rely on color alone** — not accessible for color-blind users
+4. **Admin infrastructure pages lag in polish** — Database/OpenSearch use ad-hoc styling
+5. **Dashboard is a monitoring display, not yet an incident response tool** — missing error highlighting, per-route error breakdowns, actionable status pages
+
+**Overall Score: 7/10** — Strong foundation, needs targeted fixes for production readiness under stress.
+
+---
+
+## Pages Evaluated
+
+| # | Page | Screenshot |
+|---|------|-----------|
+| 1 | Login | `screenshots/14-login-page.png` |
+| 2 | Dashboard (light) | `screenshots/01-dashboard.png` |
+| 3 | Dashboard + Detail Panel | `screenshots/02-dashboard-detail-panel.png` |
+| 4 | Exchange Detail | `screenshots/03-exchange-detail.png` |
+| 5 | Routes Metrics | `screenshots/04-routes-metrics.png` |
+| 6 | Agent Health | `screenshots/05-agents.png` |
+| 7 | Agent Instance | `screenshots/06-agent-instance.png` |
+| 8 | Admin RBAC | `screenshots/07-admin-rbac.png` |
+| 9 | Admin Audit Log | `screenshots/08-admin-audit.png` |
+| 10 | Admin OIDC | `screenshots/09-admin-oidc.png` |
+| 11 | Admin Database | `screenshots/10-admin-database.png` |
+| 12 | Admin OpenSearch | `screenshots/11-admin-opensearch.png` |
+| 13 | Command Palette | `screenshots/12-command-palette.png` |
+| 14 | Dashboard (dark) | `screenshots/13-dashboard-dark-mode.png` |
+
+---
+
+## Page-by-Page Findings
+
+### Login Page
+
+- **[Important]** No brand identity — missing camel logo/icon from sidebar. First impression feels generic.
+- **[Important]** Sign-in button color mismatch — uses washed-out gold, not the saturated `--amber` (#C6820E) used throughout the app.
+- **[Important]** No SSO/OIDC button visible — system supports OIDC but login page only shows username/password.
+- **[Important]** Subtitle text `--text-muted` (#9C9184) on white fails WCAG AA (~2.8:1, needs 4.5:1).
+- **[Important]** White text on amber button fails WCAG AA for normal text (~3.2:1).
+- **[Nice-to-have]** Card has no shadow/border against the `--bg-body` cream background — minimal separation.
+
+### Dashboard
+
+- **[Important]** Errors KPI card uses red/orange accent border even when errors = 0. Zero-error state should feel reassuring (green/neutral), not alarming. Creates false alarm fatigue.
+- **[Important]** Table lacks visible sort indicators — no arrows showing current sort direction.
+- **[Important]** Duration column uses color alone (`.durFast` green, `.durSlow` amber, `.durBreach` red) — not color-blind safe.
+- **[Important]** Status dots are ~6px — too small to reliably identify, especially for color-blind users.
+- **[Critical]** Table meta text at 11px with `--text-muted` is borderline illegible for fatigued users.
+- **[Critical]** KPI stat labels at 10px with `--text-muted` — below recommended 12px minimum.
+- **[Nice-to-have]** Exchange ID column too wide — truncate to 8 chars with copy-on-click.
+
+### Dashboard — Detail Panel
+
+- **[Important]** Panel lacks clear visual separation from main table — needs left border accent or different background.
+- **[Important]** Processor timeline preview in panel is too small to read — adds visual noise without utility.
+- **[Critical]** Overview labels at 10px with `--text-muted` — nearly invisible.
+- **[Critical]** Panel section meta at 10px with `--text-faint` (#C4BAB0) on white — contrast ratio ~1.9:1, severely fails WCAG AA.
+- **[Nice-to-have]** No quick actions (copy exchange ID, view logs, view route diagram).
+
+### Exchange Detail
+
+- **[Critical]** Processor timeline label column too narrow — processor names are truncated/illegible. This is the page's primary visualization.
+- **[Critical]** No error highlighting in processor timeline — failed processors need red bars/icons. During incidents, engineers must instantly see WHICH processor failed.
+- **[Important]** No linkage to route diagram — "View in Route Diagram" would overlay execution on the visual route graph.
+- **[Important]** Long exchange ID in breadcrumb is visually heavy — truncate with copy button.
+- **[Important]** Header stat labels at 10px uppercase with `--text-muted` — same contrast issue.
+
+### Routes Metrics
+
+- **[Important]** KPI number formatting inconsistent — Dashboard shows "11.742 ms" (decimal + space), Routes shows "11742ms" (no decimal, no space).
+- **[Important]** No per-route error rate column — error rate in KPI strip but not broken down per route.
+- **[Important]** Charts disconnected from table — clicking a route should filter/highlight its chart data.
+- **[Nice-to-have]** No visual comparison between routes (bar chart or heatmap for quick identification of slowest).
+
+### Agent Health
+
+- **[Critical]** Stale/Dead agent visual distinction is too subtle — at 3am, the difference between LIVE and DEAD must scream. Dead agents should have prominent red background or strikethrough, not just `--text-muted`.
+- **[Critical]** Agent state dots (green live, amber stale, gray dead) use color alone — no shape variation for color-blind users.
+- **[Important]** "2/26" active routes KPI is ambiguous — unit and meaning need to be explicit.
+- **[Nice-to-have]** Timeline at bottom takes significant space — consider making it collapsible.
+
+### Agent Instance Detail
+
+- **[Important]** Charts lack threshold/alert lines — CPU at 2% is fine, but where is "concerning"? Configurable thresholds (CPU > 80%, Memory > 90%) would make charts actionable.
+- **[Important]** Chart axis labels appear too small.
+- **[Nice-to-have]** GC Pauses uses area fill while others use line charts — minor inconsistency.
+- **[Nice-to-have]** Six charts in 2x3 grid can create cognitive overload — consider collapsible groups.
+
+### Admin — RBAC
+
+- **[Important]** KPI strip for "Users: 1, Groups: 2, Roles: 4" has too much visual weight — these low-value numbers don't need full stat-card treatment.
+- **[Important]** "ADMIN" role badge vs "ADMINS" group badge look identical — different badge styles needed (outlined for groups, filled for roles).
+- **[Nice-to-have]** Empty detail panel ("Select a user to view details") needs icon/illustration.
+
+### Admin — Audit Log
+
+- **[Important]** "no data" empty state is uninformative — should explain "No audit events match your filters" with guidance.
+- **[Important]** No export functionality — audit logs need CSV/JSON export for compliance.
+- **[Important]** Date range filters use raw datetime inputs — inconsistent with dashboard's polished time range pills.
+
+### Admin — OIDC Config
+
+- **[Critical]** "Delete OIDC Configuration" is a destructive action without confirmation dialog — could lock out all SSO users.
+- **[Important]** No inline validation — Issuer URL should validate format on blur, required fields need indicators.
+- **[Nice-to-have]** No connection test result display area.
+
+### Admin — Database
+
+- **[Important]** Visual treatment inconsistent with rest of app — "Connected" status and pool stats use ad-hoc text, not design system components.
+- **[Important]** Page title "Database Administration" implies actions, but page is read-only — rename to "Database Status" or add operations.
+- **[Nice-to-have]** Table row counts should be right-aligned for numerical scanning.
+
+### Admin — OpenSearch
+
+- **[Critical]** "Disconnected" status displayed as plain text — needs error styling (red text, error badge, or status banner). Infrastructure disconnection is a critical state.
+- **[Important]** "Yellow" cluster health displayed as plain text with no visual hierarchy — same size/weight as version number and node count.
+- **[Important]** Indexing pipeline stats use ad-hoc inline format — should use consistent stat-card pattern.
+- **[Important]** "Disconnected" + "Yellow" health shown simultaneously is contradictory — if disconnected, clarify whether data is stale.
+
+### Command Palette
+
+- **[Nice-to-have]** No visible keyboard navigation hint for currently selected item.
+- **[Nice-to-have]** Empty palette should show recent/frequent items instead of requiring typing.
+- Overall well-executed — categories, counts, keyboard hints in footer.
+
+### Dark Mode
+
+- **[Critical]** `--text-muted` (#7A7068) on `--bg-surface` (#242019) is ~2.9:1 — fails WCAG AA. Affects ALL muted labels across every page.
+- **[Critical]** `--text-faint` (#4A4238) on `--bg-surface` (#242019) is ~1.4:1 — catastrophically fails WCAG AA. Essentially invisible.
+- **[Important]** `--amber` (#D4941E) on `--bg-surface` (#242019) is ~3.6:1 — amber links/active text fail AA.
+- **[Important]** KPI sparkline chart lines are harder to read — thin strokes need increased width or brightness.
+- **[Important]** Sidebar boundary contrast drops significantly (`--sidebar-bg` #141210 vs `--bg-body` #1A1714 is only ~6 units apart).
+- **[Important]** Table row alternation contrast near zero in dark mode.
+- **[Nice-to-have]** Amber accent color shift from #C6820E to #D4941E is well-handled.
+- **[Nice-to-have]** Semantic colors (success, error, warning) appropriately increase luminance.
+
+---
+
+## Cross-Cutting Issues
+
+### 1. Color Contrast (WCAG AA Failures)
+
+**Light Mode:**
+
+| Element | Foreground | Background | Ratio | Required | Verdict |
+|---------|-----------|------------|-------|----------|---------|
+| StatCard labels, table meta, section headers | `--text-muted` #9C9184 | #FFFFFF | ~3.0:1 | 4.5:1 | **FAIL** |
+| Panel meta, overview hints | `--text-faint` #C4BAB0 | #FFFFFF | ~1.9:1 | 4.5:1 | **FAIL** |
+| Sign-in button text | #FFFFFF | `--amber` #C6820E | ~3.2:1 | 4.5:1 | **FAIL** |
+| Sidebar muted text | #9C9184 | `--sidebar-bg` #2C2520 | ~3.1:1 | 4.5:1 | **FAIL** |
+
+**Dark Mode:**
+
+| Element | Foreground | Background | Ratio | Required | Verdict |
+|---------|-----------|------------|-------|----------|---------|
+| All muted labels | #7A7068 | #242019 | ~2.9:1 | 4.5:1 | **FAIL** |
+| All faint hints | #4A4238 | #242019 | ~1.4:1 | 4.5:1 | **FAIL** |
+| Amber links/active text | #D4941E | #242019 | ~3.6:1 | 4.5:1 | **FAIL** |
+
+**Fix:** Change `--text-muted` to **#766A5E** (light) / **#9A9088** (dark). Restrict `--text-faint` to decorative use only or lighten dark variant to #6A6058.
+
+### 2. Font Size Floor
+
+10px text is used for: StatCard labels, overview labels, chain labels, section meta, error class names, detail labels, sidebar tree labels. 11px is used for: table meta, error messages, pagination, toggle buttons, chart titles.
+
+**Fix:** Establish `--font-size-min: 12px` as a design system floor. Update all 10px instances to 12px, all 11px instances to 12px.
+
+### 3. Number/Unit Formatting
+
+Inconsistent across pages:
+- Dashboard: "11.742 ms" (decimal + space)
+- Routes: "11742ms" (no decimal, no space)
+- Dashboard: "1.1 msg/s" vs Agent Instance: "0.1/s"
+
+**Fix:** Create a shared formatting utility enforcing: consistent decimal precision, space before unit, consistent abbreviations.
+
+### 4. KPI Strip Inconsistency
+
+Used on Dashboard, Routes, Agents, Agent Instance (consistent). But RBAC uses oversized cards for trivial counts, and Database/OpenSearch use ad-hoc text rendering.
+
+**Fix:** Admin infra pages should adopt KPI stat strip or a compact-stat component.
+
+### 5. Empty States
+
+Inconsistent handling:
+- Audit Log: "no data" in plain gray
+- RBAC detail: "Select a user to view details" in gray
+- No consistent empty state component with icon + message + CTA
+
+**Fix:** Design system EmptyState component with icon, message, and optional action.
+
+### 6. Status Indicator Accessibility
+
+Color-only status encoding throughout:
+- Duration: green (fast), amber (slow), red (breach) — no icons
+- Status dots: green (live), amber (stale), gray (dead) — no shapes
+- Agent dead state uses `--text-muted` instead of `--error`
+
+**Fix:** Add shape variation (checkmark/triangle/X), increase dot size to 10px minimum, always render text label alongside.
+
+### 7. Sidebar Structure
+
+Same apps listed 3x (under Applications, Agents, Routes) — triples sidebar length and scales poorly.
+
+**Fix:** Unified application-centric tree where expanding an app shows its agents and routes as children.
+
+---
+
+## Prioritized Recommendations
+
+### Critical (fix now)
+
+| # | Recommendation | Impact |
+|---|---------------|--------|
+| 1 | **Bump `--text-muted` to WCAG AA compliance** — #766A5E (light) / #9A9088 (dark). Single highest-impact fix across all pages. | Fixes majority of contrast failures |
+| 2 | **Establish 12px minimum font size** — update all 10px and 11px instances. Especially StatCard labels, overview labels, table meta. | Readable under stress |
+| 3 | **Add error highlighting to processor timeline** — red bars, error icons for failed processors. Core debugging view. | Incident response speed |
+| 4 | **Make Stale/Dead agent states unmistakable** — full card background color (yellow stale, red dead), prominent badge. Change dead from `--text-muted` to `--error`. | Prevents missed outages |
+| 5 | **Fix OpenSearch "Disconnected" status** — use error badge/banner, add "Reconnect" action, clarify stale data. | Actionable admin page |
+| 6 | **Add confirmation dialog for OIDC deletion** — type-to-confirm to prevent locking out SSO users. | Prevents lockout |
+| 7 | **Color Errors KPI card conditionally** — green/neutral at 0, red only when > 0. Prevents false alarm fatigue. | Reduces noise |
+
+### Important (next sprint)
+
+| # | Recommendation | Impact |
+|---|---------------|--------|
+| 8 | **Add secondary encoding to status indicators** — shapes (checkmark/triangle/X) alongside color dots. Increase dot size to 10px+. | Accessibility compliance |
+| 9 | **Standardize number/unit formatting** — shared utility for decimals, spacing, unit abbreviations. | Visual consistency |
+| 10 | **Add per-route error rate to Routes table** — essential for isolating failing routes. | Incident triage |
+| 11 | **Add visible sort indicators to data tables** — arrows on column headers. | Data exploration |
+| 12 | **Bring admin infra pages to design system quality** — replace ad-hoc text with KPI strips/stat cards. | Professional polish |
+| 13 | **Fix login page brand identity** — add camel logo, use correct `--amber` for button, add SSO button when OIDC configured. | First impression |
+| 14 | **Fix dark mode specifics** — increase sidebar boundary contrast (add 1px border), boost chart stroke width, fix amber link contrast. | Dark mode usability |
+| 15 | **Widen processor timeline label column** — prevent name truncation, add tooltips for long names. | Core visualization |
+| 16 | **Add detail panel visual separation** — 2px left border accent. | Layout clarity |
+| 17 | **Pin Admin/API Docs to sidebar footer** — accessible without scrolling. | Navigation |
+| 18 | **Audit log improvements** — informative empty state, CSV/JSON export, date picker consistent with dashboard. | Admin usability |
+| 19 | **OIDC form validation** — inline URL validation, required field indicators, test result display. | Configuration safety |
+| 20 | **Fix amber button text contrast** — darken button to #8B5A06 or use dark text on amber. | Accessibility |
+
+### Nice-to-have (backlog)
+
+| # | Recommendation | Impact |
+|---|---------------|--------|
+| 21 | Unify sidebar into single application-centric tree (Applications > agents + routes) | Scalability |
+| 22 | Truncate Exchange IDs to 8 chars with copy-on-click | Table space |
+| 23 | Add threshold/alert lines to agent metric charts | Actionable monitoring |
+| 24 | Link charts to table selection on Routes Metrics | Data exploration |
+| 25 | Add clickable KPI cards navigating to filtered views | Navigation shortcuts |
+| 26 | Add `prefers-reduced-motion` support for StatusDot pulse animation | Accessibility |
+| 27 | Add tooltips to sparkline charts showing value on hover | Data context |
+| 28 | Replace hardcoded `#5db866` in Dashboard.module.css with `var(--success)` | Token compliance |
+| 29 | Add keyboard navigation indicators to command palette (selected item highlight) | Power user UX |
+| 30 | Show recent/frequent items in empty command palette | Discoverability |
+| 31 | Consolidate duplicated table-header CSS into design system component | Maintainability |
+| 32 | Login page card shadow for visual lift | Polish |
+| 33 | Collapsible agent event timeline | Space efficiency |
+| 34 | Dark mode `--text-faint` increase to #6A6058 for 3:1 minimum | Accessibility |
+| 35 | Increase DataTable row height to 44px (touch target minimum) | Accessibility |
+
+---
+
+## Dark Mode Assessment
+
+**Grade: Good foundation, specific contrast concerns.**
+
+**What works well:**
+- Token system remaps all semantic colors without introducing cold blue-grays — warm brand preserved
+- Amber accent brightens appropriately (#C6820E → #D4941E)
+- Error/warning/success colors increase luminance correctly
+- Shadows shift from warm semi-transparent to opaque — correct for dark backgrounds
+
+**What needs fixing:**
+- Sidebar contrast: `--sidebar-bg` #141210 vs `--bg-body` #1A1714 only ~6 units apart (was ~50 in light mode)
+- Chart line visibility: thin 1-2px strokes need increased width
+- Table row alternation: near-zero contrast between `--bg-surface` and `--bg-raised`
+- `--text-faint`: essentially invisible at 1.4:1 contrast
+- `--text-muted`: 2.9:1 — below AA minimum