Changes
- Added clearer permission prompt choices for deny, one-time allow, and always allow.
- Added runtime permission evaluation across guardrails, permission patterns, agent modes, and stored approvals.
- Added memory extraction enqueueing for new memories, summaries, and auto-summaries when extraction is available.
- Improved provider-switch preparation for CLI and API providers by resetting session continuity state appropriately.
Fixes
- Prevent runtime permission policies from being bypassed while the permission broker is running.
- Preserve action-required provider migration state during previews and partial provider-change failures.
- Hide stale or already-resolved permission prompts from the overlay and inline stream.
- Skip empty memories during triple extraction without starving the extraction queue.
- Preserve visible permission request IDs and downgrade legacy session-scoped approvals to one-time decisions.