From bcb5afa82026970cdd50642fec14c5000bc6eedb Mon Sep 17 00:00:00 2001
From: gitadmin <ody@wellspr.ing>
Date: Sat, 2 May 2026 13:07:40 +0000
Subject: [PATCH] feat: add routes/steward.ts

---
 routes/steward.ts | 1444 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 1444 insertions(+)
 create mode 100644 routes/steward.ts

diff --git a/routes/steward.ts b/routes/steward.ts
new file mode 100644
index 0000000..c1cc666
--- /dev/null
+++ b/routes/steward.ts
@@ -0,0 +1,1444 @@
+/**
+ * PersonaForge Stewardship Dashboard
+ *
+ * The steward-facing workspace for vetting corpus artifacts before a build.
+ * Not the admin panel — this is the person responsible for the corpus doing
+ * their actual review work, with Ody as a research assistant.
+ *
+ * Routes (agentify.help host, dashboard-token protected):
+ *   GET  /steward/:slug                             — SSR dashboard
+ *   GET  /api/steward/:slug/info                    — subject + stats
+ *   GET  /api/steward/:slug/artifacts               — list artifacts + curation
+ *   PATCH /api/steward/:slug/artifacts/:artifact_id — update curation status
+ *   POST /api/steward/:slug/artifacts/:artifact_id/ody-ask — Ody analysis
+ *   POST /api/steward/:slug/corpus/fetch            — trigger essay fetch
+ *   POST /api/steward/:slug/corpus/build            — build approved-only corpus
+ *   GET  /api/steward/:slug/dashboard-token         — admin: get/generate token
+ */
+
+import type { Express, Request, Response } from "express";
+import { pool } from "../db";
+import crypto from "crypto";
+import Anthropic from "@anthropic-ai/sdk";
+
+const ADMIN_KEY = process.env.ADMIN_KEY || "b0db7a87384fc814b0f46ea7bdc6ab6a81152be5b098718b";
+const claude = new Anthropic({ apiKey: process.env.ANTHROPIC_API_KEY });
+
+// ── Schema migrations ─────────────────────────────────────────────────────────
+export async function initStewardDash() {
+  // Curation columns on artifacts
+  await pool.query(`ALTER TABLE personaforge_artifacts ADD COLUMN IF NOT EXISTS curation_status TEXT NOT NULL DEFAULT 'pending'`);
+  await pool.query(`ALTER TABLE personaforge_artifacts ADD COLUMN IF NOT EXISTS curation_note TEXT`);
+  await pool.query(`ALTER TABLE personaforge_artifacts ADD COLUMN IF NOT EXISTS ody_verdict TEXT`);
+  // Manual artifact content (bypasses URL fetch — used for injected bio facts, Wikipedia excerpts, etc.)
+  await pool.query(`ALTER TABLE personaforge_artifacts ADD COLUMN IF NOT EXISTS content_text TEXT`);
+  // Dashboard token stored on personaforge_subjects (guaranteed to exist for all subjects)
+  await pool.query(`ALTER TABLE personaforge_subjects ADD COLUMN IF NOT EXISTS dashboard_token TEXT`);
+  // Biographical baseline facts (structured markdown, highest-priority corpus chunk, not curatable)
+  await pool.query(`ALTER TABLE personaforge_subjects ADD COLUMN IF NOT EXISTS bio_facts_md TEXT`);
+  // PTP attestation metadata for bio_facts (who wrote it and under what token/scope)
+  await pool.query(`ALTER TABLE personaforge_subjects ADD COLUMN IF NOT EXISTS bio_facts_ptp_token_id TEXT`);
+  await pool.query(`ALTER TABLE personaforge_subjects ADD COLUMN IF NOT EXISTS bio_facts_attested_at TIMESTAMPTZ`);
+  await pool.query(`ALTER TABLE personaforge_subjects ADD COLUMN IF NOT EXISTS bio_facts_vcap_uri TEXT`);
+  // Wikipedia/secondary source summary (skepticism-weighted; separate from primary corpus)
+  await pool.query(`ALTER TABLE personaforge_subjects ADD COLUMN IF NOT EXISTS wiki_summary_md TEXT`);
+  // PTP attestation metadata for wiki summary
+  await pool.query(`ALTER TABLE personaforge_subjects ADD COLUMN IF NOT EXISTS wiki_ptp_token_id TEXT`);
+  await pool.query(`ALTER TABLE personaforge_subjects ADD COLUMN IF NOT EXISTS wiki_attested_at TIMESTAMPTZ`);
+  // Corpus consult log (PTP injection events, QA sessions)
+  await pool.query(`
+    CREATE TABLE IF NOT EXISTS corpus_consult_log (
+      id SERIAL PRIMARY KEY,
+      slug TEXT NOT NULL,
+      event_type TEXT NOT NULL,
+      token_id TEXT,
+      scope TEXT,
+      purpose TEXT,
+      attested_at TEXT,
+      session_notes TEXT,
+      created_at TIMESTAMPTZ DEFAULT NOW()
+    )
+  `);
+  // Also add to registry for forward-compat (new stewards via web form)
+  await pool.query(`ALTER TABLE agentify_subject_registry ADD COLUMN IF NOT EXISTS dashboard_token TEXT`).catch(() => {});
+  console.log("[StewardDash] Schema columns ready");
+}
+
+// ── Helpers ───────────────────────────────────────────────────────────────────
+function isAgentify(req: Request): boolean {
+  const candidates = [
+    req.headers["x-forwarded-host"],
+    req.headers["x-geo-node-host"],
+    req.hostname,
+    req.headers["host"],
+  ].flat().filter(Boolean).map((h: any) => h.toString().toLowerCase().split(",")[0].trim());
+  return candidates.some(h => h.includes("agentify") && !h.startsWith("skills."));
+}
+
+async function validateStewardToken(slug: string, token: string | undefined): Promise<boolean> {
+  if (!token) return false;
+  // Primary source: personaforge_subjects (exists for all subjects including admin-seeded)
+  const { rows } = await pool.query(
+    `SELECT dashboard_token FROM personaforge_subjects WHERE slug = $1`,
+    [slug]
+  );
+  if (rows.length > 0 && rows[0].dashboard_token === token) return true;
+  // Fallback: agentify_subject_registry (for stewards registered via web form)
+  const { rows: reg } = await pool.query(
+    `SELECT dashboard_token FROM agentify_subject_registry WHERE subject_slug = $1`,
+    [slug]
+  ).catch(() => ({ rows: [] }));
+  return reg.length > 0 && reg[0].dashboard_token === token;
+}
+
+async function getOrCreateDashboardToken(slug: string): Promise<string> {
+  // Primary: personaforge_subjects
+  const { rows } = await pool.query(
+    `SELECT dashboard_token FROM personaforge_subjects WHERE slug = $1`, [slug]
+  );
+  if (rows[0]?.dashboard_token) return rows[0].dashboard_token;
+  const token = crypto.randomBytes(24).toString("hex");
+  // Store in personaforge_subjects
+  const updated = await pool.query(
+    `UPDATE personaforge_subjects SET dashboard_token = $2, updated_at = NOW() WHERE slug = $1 RETURNING slug`,
+    [slug, token]
+  );
+  if ((updated.rowCount || 0) === 0) throw new Error(`Subject '${slug}' not found in personaforge_subjects`);
+  // Also sync to agentify_subject_registry if that row exists
+  await pool.query(
+    `UPDATE agentify_subject_registry SET dashboard_token = $2, updated_at = NOW() WHERE subject_slug = $1`,
+    [slug, token]
+  ).catch(() => {});
+  return token;
+}
+
+async function fetchEssayText(url: string): Promise<string> {
+  try {
+    const html = await fetch(url, {
+      headers: { "User-Agent": "WellSpr.ing PersonaForge/1.0" },
+      signal: AbortSignal.timeout(15000),
+    }).then(r => r.text());
+    return html
+      .replace(/<script[^>]*>[\s\S]*?<\/script>/gi, " ")
+      .replace(/<style[^>]*>[\s\S]*?<\/style>/gi, " ")
+      .replace(/<[^>]+>/g, " ")
+      .replace(/&amp;/g, "&").replace(/&lt;/g, "<").replace(/&gt;/g, ">").replace(/&nbsp;/g, " ")
+      .replace(/\s+/g, " ").trim();
+  } catch {
+    return "";
+  }
+}
+
+// ── SSR Dashboard page ────────────────────────────────────────────────────────
+function dashboardPage(slug: string, subjectName: string): string {
+  return `<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="utf-8">
+<meta name="viewport" content="width=device-width,initial-scale=1">
+<title>${subjectName} — Stewardship Dashboard | Agentify.Help</title>
+<style>
+*{box-sizing:border-box;margin:0;padding:0}
+:root{
+  --navy:#07102a;--navy2:#0d1b3e;--navy3:#132148;
+  --gold:#d4a730;--gold2:#e8c24a;
+  --green:#22c55e;--red:#ef4444;--amber:#f59e0b;--blue:#60a5fa;
+  --muted:#8899bb;--border:#1e3060;
+  --text:#dde6f4;--text2:#a8bcd8;
+}
+body{background:var(--navy);color:var(--text);font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',system-ui,sans-serif;min-height:100vh}
+
+/* ── header ── */
+.header{background:var(--navy2);border-bottom:1px solid var(--border);padding:1rem 2rem;display:flex;align-items:center;gap:1.5rem;flex-wrap:wrap}
+.header-left{display:flex;align-items:center;gap:1rem}
+.logo-badge{background:var(--gold);color:#07102a;font-size:0.6rem;font-weight:900;letter-spacing:0.12em;padding:0.25rem 0.5rem;border-radius:3px}
+.header-title{font-size:1.25rem;font-weight:700;color:#fff}
+.header-sub{font-size:0.8rem;color:var(--muted);margin-top:0.1rem}
+.header-actions{margin-left:auto;display:flex;gap:0.75rem;align-items:center}
+.btn{display:inline-flex;align-items:center;gap:0.4rem;padding:0.5rem 1rem;border-radius:6px;border:none;cursor:pointer;font-size:0.85rem;font-weight:600;transition:opacity 0.15s}
+.btn:disabled{opacity:0.4;cursor:not-allowed}
+.btn-gold{background:var(--gold);color:#07102a}
+.btn-gold:hover:not(:disabled){background:var(--gold2)}
+.btn-outline{background:transparent;border:1px solid var(--border);color:var(--text2)}
+.btn-outline:hover:not(:disabled){border-color:var(--gold);color:var(--gold)}
+.btn-sm{padding:0.3rem 0.65rem;font-size:0.78rem}
+
+/* ── stats bar ── */
+.stats-bar{background:var(--navy3);border-bottom:1px solid var(--border);padding:0.85rem 2rem;display:flex;gap:2rem;align-items:center;flex-wrap:wrap}
+.stat{display:flex;flex-direction:column;align-items:center;gap:0.15rem}
+.stat-val{font-size:1.4rem;font-weight:800;color:#fff}
+.stat-label{font-size:0.7rem;text-transform:uppercase;letter-spacing:0.08em;color:var(--muted)}
+.stat-val.green{color:var(--green)}
+.stat-val.red{color:var(--red)}
+.stat-val.amber{color:var(--amber)}
+.progress-wrap{flex:1;min-width:200px}
+.progress-label{font-size:0.75rem;color:var(--muted);margin-bottom:0.35rem}
+.progress-bar{height:6px;background:var(--border);border-radius:3px;overflow:hidden}
+.progress-fill{height:100%;background:var(--green);border-radius:3px;transition:width 0.4s}
+
+/* ── filters ── */
+.filters{padding:1rem 2rem;display:flex;gap:0.5rem;flex-wrap:wrap;align-items:center;border-bottom:1px solid var(--border)}
+.filter-btn{padding:0.4rem 0.9rem;border-radius:20px;border:1px solid var(--border);background:transparent;color:var(--text2);font-size:0.82rem;cursor:pointer;transition:all 0.15s}
+.filter-btn.active{background:var(--gold);color:#07102a;border-color:var(--gold);font-weight:700}
+.filter-btn:hover:not(.active){border-color:var(--gold);color:var(--gold)}
+.search-wrap{margin-left:auto}
+.search-input{background:var(--navy3);border:1px solid var(--border);border-radius:6px;padding:0.4rem 0.75rem;color:var(--text);font-size:0.82rem;width:220px;outline:none}
+.search-input:focus{border-color:var(--gold)}
+
+/* ── artifact grid ── */
+.artifacts{padding:1.5rem 2rem;display:flex;flex-direction:column;gap:0.85rem}
+.artifact-card{background:var(--navy2);border:1px solid var(--border);border-radius:10px;border-left:4px solid var(--border);padding:1rem 1.25rem;transition:border-color 0.2s}
+.artifact-card.pending{border-left-color:var(--border)}
+.artifact-card.approved{border-left-color:var(--green)}
+.artifact-card.rejected{border-left-color:var(--red)}
+.artifact-card.flagged{border-left-color:var(--amber)}
+.card-top{display:flex;align-items:flex-start;gap:1rem}
+.card-meta{flex:1;min-width:0}
+.card-title{font-size:0.97rem;font-weight:600;color:#fff;white-space:nowrap;overflow:hidden;text-overflow:ellipsis}
+.card-details{display:flex;gap:0.75rem;margin-top:0.3rem;flex-wrap:wrap}
+.detail-chip{font-size:0.72rem;color:var(--muted);background:var(--navy3);padding:0.18rem 0.5rem;border-radius:4px}
+.status-badge{font-size:0.7rem;font-weight:700;padding:0.22rem 0.6rem;border-radius:4px;text-transform:uppercase;letter-spacing:0.06em;white-space:nowrap}
+.status-badge.pending{background:rgba(136,153,187,0.15);color:var(--muted)}
+.status-badge.approved{background:rgba(34,197,94,0.15);color:var(--green)}
+.status-badge.rejected{background:rgba(239,68,68,0.15);color:var(--red)}
+.status-badge.flagged{background:rgba(245,158,11,0.15);color:var(--amber)}
+.card-actions{display:flex;gap:0.5rem;margin-top:0.85rem;flex-wrap:wrap;align-items:center}
+.act-btn{padding:0.3rem 0.7rem;border-radius:5px;border:1px solid;font-size:0.78rem;font-weight:600;cursor:pointer;transition:all 0.15s}
+.act-btn.approve{border-color:rgba(34,197,94,0.4);color:var(--green);background:rgba(34,197,94,0.08)}
+.act-btn.approve:hover,.act-btn.approve.active{background:var(--green);color:#07102a;border-color:var(--green)}
+.act-btn.reject{border-color:rgba(239,68,68,0.4);color:var(--red);background:rgba(239,68,68,0.08)}
+.act-btn.reject:hover,.act-btn.reject.active{background:var(--red);color:#fff;border-color:var(--red)}
+.act-btn.flag{border-color:rgba(245,158,11,0.4);color:var(--amber);background:rgba(245,158,11,0.08)}
+.act-btn.flag:hover,.act-btn.flag.active{background:var(--amber);color:#07102a;border-color:var(--amber)}
+.act-btn.ody{border-color:rgba(96,165,250,0.4);color:var(--blue);background:rgba(96,165,250,0.08)}
+.act-btn.ody:hover{background:var(--blue);color:#07102a;border-color:var(--blue)}
+.act-btn:disabled{opacity:0.4;cursor:not-allowed}
+.source-link{font-size:0.72rem;color:var(--muted);text-decoration:none;margin-left:auto}
+.source-link:hover{color:var(--gold)}
+
+/* ── Ody verdict inline ── */
+.ody-verdict{background:var(--navy3);border:1px solid rgba(96,165,250,0.25);border-radius:7px;padding:0.85rem 1rem;margin-top:0.85rem;position:relative}
+.ody-verdict-label{font-size:0.68rem;font-weight:700;text-transform:uppercase;letter-spacing:0.1em;color:var(--blue);margin-bottom:0.4rem}
+.ody-verdict-text{font-size:0.86rem;color:var(--text2);line-height:1.6}
+.ody-verdict-tag{display:inline-block;font-size:0.7rem;font-weight:700;padding:0.15rem 0.5rem;border-radius:4px;margin-bottom:0.5rem}
+.ody-verdict-tag.approve{background:rgba(34,197,94,0.15);color:var(--green)}
+.ody-verdict-tag.flag{background:rgba(245,158,11,0.15);color:var(--amber)}
+.ody-verdict-tag.reject{background:rgba(239,68,68,0.15);color:var(--red)}
+.ody-close{position:absolute;top:0.5rem;right:0.75rem;background:none;border:none;color:var(--muted);cursor:pointer;font-size:1rem;padding:0.1rem}
+.ody-close:hover{color:var(--text)}
+.ody-spinner{display:inline-block;width:14px;height:14px;border:2px solid rgba(96,165,250,0.3);border-top-color:var(--blue);border-radius:50%;animation:spin 0.7s linear infinite}
+@keyframes spin{to{transform:rotate(360deg)}}
+
+/* ── empty + loading states ── */
+.empty-state{text-align:center;padding:4rem 2rem;color:var(--muted)}
+.empty-state h2{font-size:1.1rem;color:var(--text2);margin-bottom:0.5rem}
+.empty-state p{font-size:0.85rem;line-height:1.6}
+.loading-state{text-align:center;padding:4rem 2rem;color:var(--muted);font-size:0.9rem}
+
+/* ── fetch modal ── */
+.modal-overlay{position:fixed;inset:0;background:rgba(7,16,42,0.85);display:flex;align-items:center;justify-content:center;z-index:100;backdrop-filter:blur(4px)}
+.modal-overlay.hidden{display:none}
+.modal{background:var(--navy2);border:1px solid var(--border);border-radius:12px;padding:2rem;max-width:480px;width:90%;max-height:80vh;overflow-y:auto}
+.modal h2{font-size:1.1rem;font-weight:700;color:#fff;margin-bottom:0.5rem}
+.modal p{font-size:0.85rem;color:var(--text2);line-height:1.6;margin-bottom:1.25rem}
+.modal-log{background:var(--navy);border:1px solid var(--border);border-radius:6px;padding:0.75rem;font-size:0.75rem;font-family:monospace;color:var(--muted);height:150px;overflow-y:auto;margin-bottom:1rem}
+.modal-actions{display:flex;gap:0.75rem;justify-content:flex-end}
+
+/* ── build status panel ── */
+.build-panel{background:var(--navy3);border-top:1px solid var(--border);padding:1rem 2rem;display:none;align-items:center;gap:1rem;flex-wrap:wrap;position:sticky;bottom:0}
+.build-panel.visible{display:flex}
+.build-log{background:var(--navy);border:1px solid var(--border);border-radius:6px;padding:0.5rem 0.75rem;font-size:0.72rem;font-family:monospace;color:var(--muted);flex:1;min-width:200px;max-height:80px;overflow-y:auto}
+
+/* ── biographical baseline panel ── */
+.bio-panel{border-left:3px solid var(--gold);background:rgba(212,175,55,0.06);margin:1.25rem 2rem 0;border-radius:6px;overflow:hidden}
+.bio-panel-header{display:flex;align-items:center;gap:0.6rem;padding:0.7rem 1rem;cursor:pointer;user-select:none}
+.bio-panel-header h3{font-size:0.85rem;font-weight:700;color:var(--gold);margin:0;letter-spacing:0.04em;text-transform:uppercase}
+.bio-panel-header .bio-badge{font-size:0.68rem;background:rgba(212,175,55,0.18);color:var(--gold);padding:0.2rem 0.5rem;border-radius:10px;font-weight:600}
+.bio-panel-header .bio-expand{margin-left:auto;font-size:0.7rem;color:var(--muted)}
+.bio-panel-body{padding:0 1rem 1rem;display:none}
+.bio-panel-body.open{display:block}
+.bio-section{margin-bottom:1rem}
+.bio-section h4{font-size:0.75rem;font-weight:700;color:var(--muted);text-transform:uppercase;letter-spacing:0.06em;margin:0 0 0.4rem}
+.bio-textarea{width:100%;background:var(--navy);border:1px solid var(--border);border-radius:5px;color:#e8e8e8;font-family:monospace;font-size:0.72rem;line-height:1.5;padding:0.6rem 0.75rem;resize:vertical;min-height:160px;box-sizing:border-box}
+.bio-textarea:focus{outline:none;border-color:var(--gold)}
+.bio-actions{display:flex;gap:0.6rem;margin-top:0.5rem;align-items:center}
+.bio-status{font-size:0.72rem;color:var(--muted);margin-left:auto}
+
+a{color:inherit;text-decoration:none}
+</style>
+</head>
+<body>
+
+<!-- ── Header ── -->
+<header class="header">
+  <div class="header-left">
+    <span class="logo-badge">AGENTIFY.HELP</span>
+    <div>
+      <div class="header-title" id="subjectName">${subjectName}</div>
+      <div class="header-sub">Corpus Stewardship Dashboard</div>
+    </div>
+  </div>
+  <div class="header-actions">
+    <button class="btn btn-outline btn-sm" id="btnFetch" onclick="openFetchModal()">Fetch source essays</button>
+    <button class="btn btn-gold" id="btnBuild" onclick="triggerBuild()" disabled>
+      Build corpus from approved
+    </button>
+  </div>
+</header>
+
+<!-- ── Stats bar ── -->
+<div class="stats-bar" id="statsBar">
+  <div class="stat"><span class="stat-val" id="statTotal">—</span><span class="stat-label">Total</span></div>
+  <div class="stat"><span class="stat-val green" id="statApproved">—</span><span class="stat-label">Approved</span></div>
+  <div class="stat"><span class="stat-val red" id="statRejected">—</span><span class="stat-label">Rejected</span></div>
+  <div class="stat"><span class="stat-val amber" id="statFlagged">—</span><span class="stat-label">Flagged</span></div>
+  <div class="stat"><span class="stat-val" id="statPending">—</span><span class="stat-label">Pending</span></div>
+  <div class="progress-wrap">
+    <div class="progress-label" id="progressLabel">0 of 0 reviewed</div>
+    <div class="progress-bar"><div class="progress-fill" id="progressFill" style="width:0%"></div></div>
+  </div>
+</div>
+
+<!-- ── Biographical Baseline Panel ── -->
+<div class="bio-panel" id="bioPanel">
+  <div class="bio-panel-header" onclick="toggleBioPanel()">
+    <h3>Biographical Baseline</h3>
+    <span class="bio-badge" id="bioBadge">Loading…</span>
+    <span class="bio-expand" id="bioExpandLabel">▼ show</span>
+  </div>
+  <div class="bio-panel-body" id="bioPanelBody">
+    <div class="bio-section">
+      <h4>Ground-Truth Facts — injected as first corpus chunk, highest priority, not curatable</h4>
+      <textarea class="bio-textarea" id="bioFactsMd" placeholder="Paste structured biographical facts here (markdown). These become the persona's factual anchor — name, birthdate, family, education, career timeline, known frameworks. Skepticism-weight each fact: [V]=verified, [P]=partial, [U]=unconfirmed."></textarea>
+      <div class="bio-actions">
+        <button class="btn btn-gold btn-sm" onclick="saveBioFacts()">Save facts</button>
+        <button class="btn btn-outline btn-sm" onclick="loadBioFacts()">Reload</button>
+        <span class="bio-status" id="bioFactsStatus"></span>
+      </div>
+    </div>
+    <div class="bio-section">
+      <h4>Wikipedia / Secondary Sources — skepticism-weighted; separate from primary corpus</h4>
+      <textarea class="bio-textarea" id="wikiSummaryMd" placeholder="Paste Wikipedia summary or article excerpts here. These are ingested with a skepticism-weighting note — the persona knows this is secondary source material and will not treat it as first-person memory."></textarea>
+      <div class="bio-actions">
+        <button class="btn btn-gold btn-sm" onclick="saveWikiSummary()">Save wiki/articles</button>
+        <button class="btn btn-outline btn-sm" onclick="loadBioFacts()">Reload</button>
+        <span class="bio-status" id="wikiStatus"></span>
+      </div>
+    </div>
+  </div>
+</div>
+
+<!-- ── Filters ── -->
+<div class="filters">
+  <button class="filter-btn active" data-filter="all" onclick="setFilter('all',this)">All</button>
+  <button class="filter-btn" data-filter="pending" onclick="setFilter('pending',this)">Pending</button>
+  <button class="filter-btn" data-filter="approved" onclick="setFilter('approved',this)">Approved</button>
+  <button class="filter-btn" data-filter="flagged" onclick="setFilter('flagged',this)">Flagged</button>
+  <button class="filter-btn" data-filter="rejected" onclick="setFilter('rejected',this)">Rejected</button>
+  <div class="search-wrap">
+    <input class="search-input" type="text" id="searchInput" placeholder="Search essays..." oninput="renderArtifacts()">
+  </div>
+</div>
+
+<!-- ── Artifact list ── -->
+<div class="artifacts" id="artifactsContainer">
+  <div class="loading-state" id="loadingState">Loading corpus artifacts…</div>
+</div>
+
+<!-- ── Build panel ── -->
+<div class="build-panel" id="buildPanel">
+  <span style="font-size:0.85rem;font-weight:600;color:var(--gold)">Building corpus…</span>
+  <div class="build-log" id="buildLog"></div>
+  <button class="btn btn-outline btn-sm" onclick="closeBuildPanel()">Dismiss</button>
+</div>
+
+<!-- ── Fetch modal ── -->
+<div class="modal-overlay hidden" id="fetchModal">
+  <div class="modal">
+    <h2>Fetch source essays</h2>
+    <p>This will scrape the source URL and pull the full list of essays. Existing entries are preserved. No essay text is fetched yet — just titles and URLs.</p>
+    <div class="modal-log" id="fetchLog">Ready.</div>
+    <div class="modal-actions">
+      <button class="btn btn-outline" onclick="closeFetchModal()">Cancel</button>
+      <button class="btn btn-gold" id="btnFetchConfirm" onclick="doFetch()">Fetch essays</button>
+    </div>
+  </div>
+</div>
+
+<script>
+const SLUG = ${JSON.stringify(slug)};
+const TOKEN = new URLSearchParams(location.search).get('token') || sessionStorage.getItem('steward_token_' + SLUG) || '';
+if (TOKEN) sessionStorage.setItem('steward_token_' + SLUG, TOKEN);
+
+let allArtifacts = [];
+let currentFilter = 'all';
+
+// ── Bootstrap ──────────────────────────────────────────────────────────────
+async function init() {
+  await Promise.all([loadArtifacts(), loadBioFacts()]);
+}
+
+// ── Biographical Baseline ──────────────────────────────────────────────────
+let bioPanelOpen = false;
+
+function toggleBioPanel() {
+  bioPanelOpen = !bioPanelOpen;
+  document.getElementById('bioPanelBody').classList.toggle('open', bioPanelOpen);
+  document.getElementById('bioExpandLabel').textContent = bioPanelOpen ? '▲ hide' : '▼ show';
+}
+
+async function loadBioFacts() {
+  try {
+    const r = await fetch('/api/steward/' + SLUG + '/bio-facts?token=' + TOKEN);
+    const data = await r.json();
+    document.getElementById('bioFactsMd').value = data.bio_facts_md || '';
+    document.getElementById('wikiSummaryMd').value = data.wiki_summary_md || '';
+    const hasB = !!(data.bio_facts_md && data.bio_facts_md.trim());
+    const hasW = !!(data.wiki_summary_md && data.wiki_summary_md.trim());
+    const badge = hasB ? (hasW ? 'Bio + Wiki loaded' : 'Bio loaded') : (hasW ? 'Wiki only' : 'Not set');
+    document.getElementById('bioBadge').textContent = badge;
+    document.getElementById('bioBadge').style.color = hasB ? 'var(--gold)' : 'var(--muted)';
+    if (hasB && !bioPanelOpen) toggleBioPanel();
+  } catch (e) {
+    document.getElementById('bioBadge').textContent = 'Error loading';
+  }
+}
+
+async function saveBioFacts() {
+  const md = document.getElementById('bioFactsMd').value;
+  const st = document.getElementById('bioFactsStatus');
+  st.textContent = 'Saving…';
+  try {
+    const r = await fetch('/api/steward/' + SLUG + '/bio-facts', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ token: TOKEN, bio_facts_md: md }),
+    });
+    const data = await r.json();
+    st.textContent = data.ok ? 'Saved ✓' : ('Error: ' + (data.error || 'unknown'));
+    if (data.ok) await loadBioFacts();
+  } catch (e) {
+    st.textContent = 'Network error';
+  }
+  setTimeout(() => { st.textContent = ''; }, 3000);
+}
+
+async function saveWikiSummary() {
+  const md = document.getElementById('wikiSummaryMd').value;
+  const st = document.getElementById('wikiStatus');
+  st.textContent = 'Saving…';
+  try {
+    const r = await fetch('/api/steward/' + SLUG + '/bio-facts', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ token: TOKEN, wiki_summary_md: md }),
+    });
+    const data = await r.json();
+    st.textContent = data.ok ? 'Saved ✓' : ('Error: ' + (data.error || 'unknown'));
+    if (data.ok) await loadBioFacts();
+  } catch (e) {
+    st.textContent = 'Network error';
+  }
+  setTimeout(() => { st.textContent = ''; }, 3000);
+}
+
+async function loadArtifacts() {
+  try {
+    const r = await fetch('/api/steward/' + SLUG + '/artifacts?token=' + TOKEN);
+    if (!r.ok) {
+      if (r.status === 403) return showError('Invalid or expired dashboard token. Check your link.');
+      return showError('Could not load artifacts.');
+    }
+    const data = await r.json();
+    allArtifacts = data.artifacts || [];
+    renderStats();
+    renderArtifacts();
+    updateBuildBtn();
+  } catch (e) {
+    showError('Network error loading artifacts.');
+  }
+}
+
+function showError(msg) {
+  document.getElementById('artifactsContainer').innerHTML =
+    '<div class="empty-state"><h2>Error</h2><p>' + msg + '</p></div>';
+}
+
+// ── Stats ──────────────────────────────────────────────────────────────────
+function renderStats() {
+  const total = allArtifacts.length;
+  const approved = allArtifacts.filter(a => a.curation_status === 'approved').length;
+  const rejected = allArtifacts.filter(a => a.curation_status === 'rejected').length;
+  const flagged = allArtifacts.filter(a => a.curation_status === 'flagged').length;
+  const pending = allArtifacts.filter(a => a.curation_status === 'pending').length;
+  const reviewed = total - pending;
+  document.getElementById('statTotal').textContent = total;
+  document.getElementById('statApproved').textContent = approved;
+  document.getElementById('statRejected').textContent = rejected;
+  document.getElementById('statFlagged').textContent = flagged;
+  document.getElementById('statPending').textContent = pending;
+  document.getElementById('progressLabel').textContent = reviewed + ' of ' + total + ' reviewed';
+  document.getElementById('progressFill').style.width = total ? Math.round(reviewed/total*100)+'%' : '0%';
+}
+
+function updateBuildBtn() {
+  const approved = allArtifacts.filter(a => a.curation_status === 'approved').length;
+  const btn = document.getElementById('btnBuild');
+  btn.disabled = approved === 0;
+  btn.textContent = approved > 0
+    ? 'Build corpus from ' + approved + ' approved'
+    : 'Build corpus from approved';
+}
+
+// ── Filter + search ────────────────────────────────────────────────────────
+function setFilter(f, el) {
+  currentFilter = f;
+  document.querySelectorAll('.filter-btn').forEach(b => b.classList.remove('active'));
+  el.classList.add('active');
+  renderArtifacts();
+}
+
+function renderArtifacts() {
+  const query = (document.getElementById('searchInput').value || '').toLowerCase();
+  let visible = allArtifacts.filter(a => {
+    if (currentFilter !== 'all' && a.curation_status !== currentFilter) return false;
+    if (query && !a.title.toLowerCase().includes(query)) return false;
+    return true;
+  });
+
+  const container = document.getElementById('artifactsContainer');
+  if (allArtifacts.length === 0) {
+    container.innerHTML = '<div class="empty-state"><h2>No essays fetched yet</h2><p>Click "Fetch source essays" to pull the essay list from the source URL. No essay text is downloaded yet — just titles and links.</p></div>';
+    return;
+  }
+  if (visible.length === 0) {
+    container.innerHTML = '<div class="empty-state"><h2>No matches</h2><p>Try a different filter or search term.</p></div>';
+    return;
+  }
+  container.innerHTML = visible.map(a => cardHTML(a)).join('');
+}
+
+// ── Card HTML ──────────────────────────────────────────────────────────────
+function cardHTML(a) {
+  const wc = a.word_count ? a.word_count.toLocaleString() + ' words' : 'word count unknown';
+  const date = a.pub_date || 'undated';
+  const statusClass = a.curation_status || 'pending';
+  const statusLabel = {pending:'Pending',approved:'Approved',rejected:'Rejected',flagged:'Flagged'}[statusClass] || 'Pending';
+
+  const verdictHtml = a.ody_verdict ? odtVerdictInlineHTML(a.ody_verdict, a.artifact_id) : '';
+
+  return \`<div class="artifact-card \${statusClass}" id="card-\${a.artifact_id}">
+    <div class="card-top">
+      <div class="card-meta">
+        <div class="card-title" title="\${esc(a.title)}">\${esc(a.title)}</div>
+        <div class="card-details">
+          <span class="detail-chip">\${esc(date)}</span>
+          <span class="detail-chip">\${esc(wc)}</span>
+          <span class="detail-chip">\${esc(a.artifact_type || 'essay')}</span>
+        </div>
+      </div>
+      <span class="status-badge \${statusClass}">\${statusLabel}</span>
+    </div>
+    <div class="card-actions">
+      <button class="act-btn approve \${statusClass==='approved'?'active':''}" onclick="setCuration('\${a.artifact_id}','approved',this)">✓ Approve</button>
+      <button class="act-btn reject \${statusClass==='rejected'?'active':''}" onclick="setCuration('\${a.artifact_id}','rejected',this)">✗ Reject</button>
+      <button class="act-btn flag \${statusClass==='flagged'?'active':''}" onclick="setCuration('\${a.artifact_id}','flagged',this)">⚑ Flag</button>
+      <button class="act-btn ody" id="ody-btn-\${a.artifact_id}" onclick="askOdy('\${a.artifact_id}',\${JSON.stringify(a.title)},\${JSON.stringify(a.source_url||'')})">Ask Ody</button>
+      \${a.source_url ? \`<a class="source-link" href="\${esc(a.source_url)}" target="_blank" rel="noopener">Read →</a>\` : ''}
+    </div>
+    \${verdictHtml}
+  </div>\`;
+}
+
+function odtVerdictInlineHTML(verdict, artifactId) {
+  const parsed = tryParseVerdict(verdict);
+  return \`<div class="ody-verdict" id="verdict-\${artifactId}">
+    <div class="ody-verdict-label">Ody's read</div>
+    \${parsed.tag ? \`<span class="ody-verdict-tag \${parsed.tag}">\${parsed.tagLabel}</span>\` : ''}
+    <div class="ody-verdict-text">\${esc(parsed.body)}</div>
+    <button class="ody-close" onclick="clearVerdict('\${artifactId}')" title="Dismiss">×</button>
+  </div>\`;
+}
+
+function tryParseVerdict(text) {
+  const lower = text.toLowerCase();
+  let tag = '', tagLabel = '';
+  if (lower.includes('verdict: approve') || lower.startsWith('approve')) { tag='approve'; tagLabel='Approve'; }
+  else if (lower.includes('verdict: flag') || lower.startsWith('flag')) { tag='flag'; tagLabel='Flag for review'; }
+  else if (lower.includes('verdict: reject') || lower.startsWith('reject')) { tag='reject'; tagLabel='Reject'; }
+  return { tag, tagLabel, body: text };
+}
+
+function clearVerdict(artifactId) {
+  const el = document.getElementById('verdict-' + artifactId);
+  if (el) el.remove();
+  const a = allArtifacts.find(x => x.artifact_id === artifactId);
+  if (a) a.ody_verdict = null;
+}
+
+function esc(str) {
+  return String(str||'').replace(/&/g,'&amp;').replace(/</g,'&lt;').replace(/>/g,'&gt;').replace(/"/g,'&quot;');
+}
+
+// ── Curation actions ───────────────────────────────────────────────────────
+async function setCuration(artifactId, status, clickedBtn) {
+  const card = document.getElementById('card-' + artifactId);
+  const btns = card.querySelectorAll('.act-btn.approve,.act-btn.reject,.act-btn.flag');
+  btns.forEach(b => b.disabled = true);
+  try {
+    const r = await fetch('/api/steward/' + SLUG + '/artifacts/' + artifactId, {
+      method: 'PATCH',
+      headers: {'Content-Type':'application/json'},
+      body: JSON.stringify({ curation_status: status, token: TOKEN }),
+    });
+    if (!r.ok) throw new Error('Save failed');
+    const a = allArtifacts.find(x => x.artifact_id === artifactId);
+    if (a) a.curation_status = status;
+    // update card in place
+    card.className = 'artifact-card ' + status;
+    const badge = card.querySelector('.status-badge');
+    if (badge) {
+      badge.className = 'status-badge ' + status;
+      badge.textContent = {pending:'Pending',approved:'Approved',rejected:'Rejected',flagged:'Flagged'}[status];
+    }
+    btns.forEach(b => {
+      b.classList.remove('active');
+      b.disabled = false;
+    });
+    clickedBtn.classList.add('active');
+    renderStats();
+    updateBuildBtn();
+  } catch {
+    btns.forEach(b => b.disabled = false);
+    alert('Could not save. Try again.');
+  }
+}
+
+// ── Ask Ody ────────────────────────────────────────────────────────────────
+async function askOdy(artifactId, title, sourceUrl) {
+  const btn = document.getElementById('ody-btn-' + artifactId);
+  if (!btn) return;
+  btn.disabled = true;
+  btn.innerHTML = '<span class="ody-spinner"></span> Asking…';
+
+  // Remove existing verdict if any
+  const existingVerdict = document.getElementById('verdict-' + artifactId);
+  if (existingVerdict) existingVerdict.remove();
+
+  // Show spinner in card
+  const card = document.getElementById('card-' + artifactId);
+  const spinEl = document.createElement('div');
+  spinEl.className = 'ody-verdict';
+  spinEl.id = 'verdict-' + artifactId;
+  spinEl.innerHTML = '<div class="ody-verdict-label">Ody is reading…</div><div style="display:flex;align-items:center;gap:0.5rem;margin-top:0.4rem"><span class="ody-spinner"></span><span style="font-size:0.82rem;color:var(--text2)">Fetching essay and analyzing…</span></div>';
+  card.appendChild(spinEl);
+
+  try {
+    const r = await fetch('/api/steward/' + SLUG + '/artifacts/' + artifactId + '/ody-ask', {
+      method: 'POST',
+      headers: {'Content-Type':'application/json'},
+      body: JSON.stringify({ token: TOKEN }),
+    });
+    if (!r.ok) throw new Error(await r.text());
+    const data = await r.json();
+    const verdict = data.verdict || '';
+    const a = allArtifacts.find(x => x.artifact_id === artifactId);
+    if (a) a.ody_verdict = verdict;
+    // Replace spinner with verdict
+    const verdictEl = document.getElementById('verdict-' + artifactId);
+    if (verdictEl) {
+      const parsed = tryParseVerdict(verdict);
+      verdictEl.innerHTML = \`
+        <div class="ody-verdict-label">Ody's read</div>
+        \${parsed.tag ? \`<span class="ody-verdict-tag \${parsed.tag}">\${parsed.tagLabel}</span>\` : ''}
+        <div class="ody-verdict-text">\${esc(verdict)}</div>
+        <button class="ody-close" onclick="clearVerdict('\${artifactId}')" title="Dismiss">×</button>
+      \`;
+    }
+  } catch(e) {
+    const verdictEl = document.getElementById('verdict-' + artifactId);
+    if (verdictEl) {
+      verdictEl.innerHTML = '<div class="ody-verdict-label" style="color:var(--red)">Error</div><div class="ody-verdict-text">Could not get Ody\'s analysis. ' + esc(e.message) + '</div><button class="ody-close" onclick="clearVerdict(\\''+artifactId+'\\')">×</button>';
+    }
+  } finally {
+    btn.disabled = false;
+    btn.innerHTML = 'Ask Ody';
+  }
+}
+
+// ── Fetch modal ────────────────────────────────────────────────────────────
+function openFetchModal() {
+  document.getElementById('fetchLog').textContent = 'Ready to fetch.';
+  document.getElementById('fetchModal').classList.remove('hidden');
+  document.getElementById('btnFetchConfirm').disabled = false;
+  document.getElementById('btnFetchConfirm').textContent = 'Fetch essays';
+}
+
+function closeFetchModal() {
+  document.getElementById('fetchModal').classList.add('hidden');
+}
+
+async function doFetch() {
+  const logEl = document.getElementById('fetchLog');
+  const btn = document.getElementById('btnFetchConfirm');
+  btn.disabled = true;
+  btn.textContent = 'Fetching…';
+  logEl.textContent = 'Sending fetch request…\\n';
+
+  try {
+    const r = await fetch('/api/steward/' + SLUG + '/corpus/fetch', {
+      method: 'POST',
+      headers: {'Content-Type':'application/json'},
+      body: JSON.stringify({ token: TOKEN }),
+    });
+    const data = await r.json();
+    if (!r.ok) throw new Error(data.error || 'Fetch failed');
+    logEl.textContent += 'Done. ' + (data.count || 0) + ' essays found.\\n';
+    btn.textContent = 'Close';
+    btn.disabled = false;
+    btn.onclick = closeFetchModal;
+    await loadArtifacts();
+  } catch(e) {
+    logEl.textContent += 'Error: ' + e.message;
+    btn.disabled = false;
+    btn.textContent = 'Retry';
+    btn.onclick = doFetch;
+  }
+}
+
+// ── Build ──────────────────────────────────────────────────────────────────
+async function triggerBuild() {
+  const approved = allArtifacts.filter(a => a.curation_status === 'approved');
+  if (approved.length === 0) return;
+
+  const panel = document.getElementById('buildPanel');
+  const logEl = document.getElementById('buildLog');
+  panel.classList.add('visible');
+  logEl.textContent = 'Initiating corpus build for ' + approved.length + ' approved essays…\\n';
+  document.getElementById('btnBuild').disabled = true;
+
+  try {
+    const r = await fetch('/api/steward/' + SLUG + '/corpus/build', {
+      method: 'POST',
+      headers: {'Content-Type':'application/json'},
+      body: JSON.stringify({ token: TOKEN }),
+    });
+    const data = await r.json();
+    if (!r.ok) throw new Error(data.error || 'Build failed to start');
+    logEl.textContent += 'Build started. Bundle: ' + (data.bundle_id || '?') + '\\n';
+    logEl.textContent += 'Connecting to live log stream…\\n';
+
+    // SSE stream
+    const es = new EventSource('/api/personaforge/subjects/' + SLUG + '/logs');
+    es.addEventListener('log', e => {
+      try {
+        const { msg } = JSON.parse(e.data);
+        logEl.textContent += msg + '\\n';
+        logEl.scrollTop = logEl.scrollHeight;
+      } catch {}
+    });
+    es.addEventListener('done', () => {
+      logEl.textContent += '\\nBuild complete.\\n';
+      es.close();
+      document.getElementById('btnBuild').disabled = false;
+    });
+    es.onerror = () => {
+      logEl.textContent += '(log stream ended)\\n';
+      es.close();
+      document.getElementById('btnBuild').disabled = false;
+    };
+  } catch(e) {
+    logEl.textContent += 'Error: ' + e.message;
+    document.getElementById('btnBuild').disabled = false;
+  }
+}
+
+function closeBuildPanel() {
+  document.getElementById('buildPanel').classList.remove('visible');
+}
+
+// ── Run ────────────────────────────────────────────────────────────────────
+init();
+</script>
+</body>
+</html>`;
+}
+
+// ── Routes ────────────────────────────────────────────────────────────────────
+// NOTE: This function is intentionally synchronous so that app.get("/steward/:slug")
+// is registered before serveSpaFallback() in the production middleware stack.
+// initStewardDash() runs DB schema migrations in the background — the route
+// handlers themselves are safe to execute once the DB is available.
+export function registerStewardRoutes(app: Express) {
+  // Run schema migrations in the background; do NOT await before registering routes
+  initStewardDash().catch((e: any) => console.error("[StewardDash] init error:", e.message));
+
+  // ── GET /steward/:slug — SSR dashboard ──────────────────────────────────
+  // Note: host guard removed — the dashboard token is the access control.
+  // Subjects may exist in either personaforge_subjects (admin-seeded) or
+  // agentify_subject_registry (registered via web form). We check both and
+  // auto-promote registry-only subjects into personaforge_subjects on first access.
+  app.get("/steward/:slug", async (req: Request, res: Response) => {
+    const { slug } = req.params;
+    const token = req.query.token as string;
+
+    const notFoundPage = `<!DOCTYPE html><html><head><meta charset="utf-8"><title>Not found</title>
+      <style>body{background:#07102a;color:#dde6f4;font-family:system-ui;display:flex;align-items:center;justify-content:center;min-height:100vh;margin:0}
+      .box{text-align:center}h1{color:#d4a730;margin-bottom:0.5rem}p{color:#8899bb;font-size:0.9rem}</style></head>
+      <body><div class="box"><h1>Not found</h1><p>No subject found for slug: ${slug}</p></div></body></html>`;
+
+    const accessDeniedPage = `<!DOCTYPE html><html><head><meta charset="utf-8"><title>Access denied</title>
+      <style>body{background:#07102a;color:#dde6f4;font-family:system-ui;display:flex;align-items:center;justify-content:center;min-height:100vh;margin:0}
+      .box{text-align:center;max-width:400px}h1{color:#d4a730;margin-bottom:0.5rem}p{color:#8899bb;font-size:0.9rem;line-height:1.6}</style></head>
+      <body><div class="box"><h1>Access denied</h1><p>This dashboard requires a valid stewardship token. Use the link from your confirmation email, or contact <a href="mailto:ody@wellspr.ing" style="color:#d4a730">ody@wellspr.ing</a>.</p></div></body></html>`;
+
+    try {
+      // 1. Look up in personaforge_subjects (primary/canonical source)
+      let { rows: pf } = await pool.query(
+        `SELECT subject_name, build_status, dashboard_token FROM personaforge_subjects WHERE slug = $1`, [slug]
+      );
+
+      // 2. If not found in personaforge_subjects, check agentify_subject_registry
+      //    (stewards who registered via the web form end up here)
+      if (!pf[0]) {
+        const { rows: reg } = await pool.query(
+          `SELECT subject_name, subject_domain, steward_name, steward_email, dashboard_token, status
+           FROM agentify_subject_registry WHERE subject_slug = $1`, [slug]
+        ).catch(() => ({ rows: [] as any[] }));
+
+        if (!reg[0]) {
+          return res.status(404).send(notFoundPage);
+        }
+
+        const r = reg[0];
+
+        // Auto-promote into personaforge_subjects so all dashboard features work
+        await pool.query(
+          `INSERT INTO personaforge_subjects (slug, subject_name, domain, build_status, dashboard_token)
+           VALUES ($1, $2, $3, 'active', $4)
+           ON CONFLICT (slug) DO UPDATE
+             SET subject_name = EXCLUDED.subject_name,
+                 domain = EXCLUDED.domain,
+                 dashboard_token = COALESCE(personaforge_subjects.dashboard_token, EXCLUDED.dashboard_token),
+                 updated_at = NOW()`,
+          [slug, r.subject_name, r.subject_domain || "general", r.dashboard_token || null]
+        ).catch((e: any) => console.warn("[StewardDash] auto-promote error:", e.message));
+
+        // Re-fetch so the rest of the handler sees the row
+        const refetch = await pool.query(
+          `SELECT subject_name, build_status, dashboard_token FROM personaforge_subjects WHERE slug = $1`, [slug]
+        );
+        pf = refetch.rows;
+        if (!pf[0]) {
+          // Fallback: use registry data directly
+          const validToken = r.dashboard_token;
+          if (!validToken || token !== validToken) return res.status(403).send(accessDeniedPage);
+          return res.send(dashboardPage(slug, r.subject_name));
+        }
+      }
+
+      const subjectName = pf[0].subject_name;
+      const validToken = pf[0].dashboard_token;
+      if (!validToken || token !== validToken) return res.status(403).send(accessDeniedPage);
+
+      return res.send(dashboardPage(slug, subjectName));
+    } catch (e: any) {
+      console.error("[StewardDash] /steward/:slug error:", e.message);
+      return res.status(500).send(`<!DOCTYPE html><html><body style="background:#07102a;color:#dde6f4;font-family:system-ui;display:flex;align-items:center;justify-content:center;min-height:100vh;margin:0"><div style="text-align:center"><h1 style="color:#d4a730">Error</h1><p style="color:#8899bb">Something went wrong loading this dashboard. Please try again.</p></div></body></html>`);
+    }
+  });
+
+  // ── GET /api/steward/:slug/info ──────────────────────────────────────────
+  app.get("/api/steward/:slug/info", async (req: Request, res: Response) => {
+    const { slug } = req.params;
+    const token = req.query.token as string || req.body?.token;
+    if (!await validateStewardToken(slug, token)) return res.status(403).json({ error: "Invalid token" });
+
+    const { rows: pf } = await pool.query(`SELECT * FROM personaforge_subjects WHERE slug = $1`, [slug]);
+    if (!pf[0]) return res.status(404).json({ error: "Subject not found" });
+
+    const { rows: counts } = await pool.query(
+      `SELECT curation_status, COUNT(*) as n FROM personaforge_artifacts WHERE subject_slug = $1 GROUP BY curation_status`, [slug]
+    );
+    const stats: Record<string, number> = { pending: 0, approved: 0, rejected: 0, flagged: 0 };
+    counts.forEach(r => { stats[r.curation_status] = parseInt(r.n); });
+
+    res.json({ subject: pf[0], stats });
+  });
+
+  // ── GET /api/steward/:slug/artifacts ────────────────────────────────────
+  app.get("/api/steward/:slug/artifacts", async (req: Request, res: Response) => {
+    const { slug } = req.params;
+    const token = req.query.token as string;
+    if (!await validateStewardToken(slug, token)) return res.status(403).json({ error: "Invalid token" });
+
+    const { rows } = await pool.query(
+      `SELECT artifact_id, title, source_url, pub_date, artifact_type, word_count, chunk_count, curation_status, curation_note, ody_verdict, created_at
+       FROM personaforge_artifacts WHERE subject_slug = $1 ORDER BY pub_date DESC NULLS LAST, title ASC`,
+      [slug]
+    );
+    res.json({ artifacts: rows });
+  });
+
+  // ── PATCH /api/steward/:slug/artifacts/:artifact_id ─────────────────────
+  app.patch("/api/steward/:slug/artifacts/:artifact_id", async (req: Request, res: Response) => {
+    const { slug, artifact_id } = req.params;
+    const { token, curation_status, curation_note } = req.body;
+    if (!await validateStewardToken(slug, token)) return res.status(403).json({ error: "Invalid token" });
+
+    const allowed = ["pending", "approved", "rejected", "flagged"];
+    if (!allowed.includes(curation_status)) return res.status(400).json({ error: "Invalid curation_status" });
+
+    await pool.query(
+      `UPDATE personaforge_artifacts SET curation_status = $1, curation_note = $2 WHERE artifact_id = $3 AND subject_slug = $4`,
+      [curation_status, curation_note || null, artifact_id, slug]
+    );
+    res.json({ ok: true });
+  });
+
+  // ── POST /api/steward/:slug/artifacts/:artifact_id/ody-ask ──────────────
+  app.post("/api/steward/:slug/artifacts/:artifact_id/ody-ask", async (req: Request, res: Response) => {
+    const { slug, artifact_id } = req.params;
+    const { token } = req.body;
+    if (!await validateStewardToken(slug, token)) return res.status(403).json({ error: "Invalid token" });
+
+    // Get artifact
+    const { rows } = await pool.query(
+      `SELECT title, source_url, word_count, artifact_type FROM personaforge_artifacts WHERE artifact_id = $1 AND subject_slug = $2`,
+      [artifact_id, slug]
+    );
+    if (!rows[0]) return res.status(404).json({ error: "Artifact not found" });
+    const art = rows[0];
+
+    // Get subject info
+    const { rows: pf } = await pool.query(`SELECT subject_name, domain FROM personaforge_subjects WHERE slug = $1`, [slug]);
+    const subject = pf[0] || { subject_name: slug, domain: "" };
+
+    // Fetch essay text (first ~3000 words worth)
+    let essayText = "";
+    if (art.source_url) {
+      const raw = await fetchEssayText(art.source_url);
+      essayText = raw.substring(0, 12000); // ~3000 words
+    }
+
+    if (!essayText) {
+      return res.json({ verdict: `Verdict: Flag\n\nCould not fetch the essay text from ${art.source_url || "the source URL"}. You may want to review this one manually before including it.` });
+    }
+
+    const prompt = `You are helping a steward vet corpus material for an AI persona based on ${subject.subject_name}.
+
+The steward is reviewing each piece of source material to decide whether it should be included in the corpus that will train and ground the persona.
+
+**Essay title:** "${art.title}"
+**Type:** ${art.artifact_type || "essay"}
+**Word count:** ${art.word_count || "unknown"}
+
+**Essay text (excerpt):**
+${essayText}
+
+Please give a concise vetting assessment (3–5 sentences). Address:
+1. Is this representative of ${subject.subject_name}'s actual thinking and voice?
+2. Is the content high signal — substantive ideas, not just announcements or filler?
+3. Any concerns about quality, accuracy, or relevance to the corpus?
+
+Then give your verdict on a new line: "Verdict: Approve", "Verdict: Flag", or "Verdict: Reject".`;
+
+    try {
+      const msg = await claude.messages.create({
+        model: "claude-haiku-4-5",
+        max_tokens: 400,
+        messages: [{ role: "user", content: prompt }],
+      });
+      const verdict = (msg.content[0] as any).text || "";
+      // Store verdict
+      await pool.query(
+        `UPDATE personaforge_artifacts SET ody_verdict = $1 WHERE artifact_id = $2`,
+        [verdict, artifact_id]
+      );
+      res.json({ verdict });
+    } catch (e: any) {
+      console.error("[StewardDash] Ody ask error:", e.message);
+      res.status(500).json({ error: "Claude error: " + e.message });
+    }
+  });
+
+  // ── POST /api/steward/:slug/corpus/fetch ────────────────────────────────
+  // Delegates to PersonaForge fetch (admin-side), authorized via steward token
+  app.post("/api/steward/:slug/corpus/fetch", async (req: Request, res: Response) => {
+    const { slug } = req.params;
+    const { token } = req.body;
+    if (!await validateStewardToken(slug, token)) return res.status(403).json({ error: "Invalid token" });
+
+    // Call the PersonaForge fetch endpoint internally (same process)
+    try {
+      const { rows: pf } = await pool.query(
+        `SELECT source_url FROM personaforge_subjects WHERE slug = $1`, [slug]
+      );
+      if (!pf[0]?.source_url) return res.status(400).json({ error: "No source URL configured for this subject" });
+
+      const sourceUrl = pf[0].source_url;
+      const html = await fetch(sourceUrl, { headers: { "User-Agent": "WellSpr.ing PersonaForge/1.0" } }).then(r => r.text());
+      const base = new URL(sourceUrl);
+      const found: { slug: string; title: string; url: string }[] = [];
+      const re = /<a\s+href="([^"]+\.html)"[^>]*>([^<]+)<\/a>/gi;
+      let m: RegExpExecArray | null;
+      while ((m = re.exec(html)) !== null) {
+        const href = m[1].trim();
+        const title = m[2].trim();
+        if (!title || title.length < 3) continue;
+        try {
+          const full = new URL(href, base).href;
+          const artSlug = href.replace(/.*\//, "").replace(".html", "").toLowerCase().replace(/[^a-z0-9]+/g, "-");
+          if (!found.find(r => r.slug === artSlug)) found.push({ slug: artSlug, title, url: full });
+        } catch {}
+      }
+
+      let inserted = 0;
+      for (const item of found) {
+        const artifactId = `${slug}::${item.slug}`;
+        const result = await pool.query(
+          `INSERT INTO personaforge_artifacts (subject_slug, artifact_id, title, source_url, artifact_type, curation_status)
+           VALUES ($1, $2, $3, $4, 'essay', 'pending')
+           ON CONFLICT (artifact_id) DO NOTHING`,
+          [slug, artifactId, item.title, item.url]
+        );
+        if (result.rowCount && result.rowCount > 0) inserted++;
+      }
+
+      await pool.query(`UPDATE personaforge_subjects SET essay_count = $2, updated_at = NOW() WHERE slug = $1`, [slug, found.length]);
+      res.json({ ok: true, count: found.length, inserted });
+    } catch (e: any) {
+      console.error("[StewardDash] Fetch error:", e.message);
+      res.status(500).json({ error: e.message });
+    }
+  });
+
+  // ── POST /api/steward/:slug/corpus/build ────────────────────────────────
+  // Triggers a build using only approved artifacts
+  app.post("/api/steward/:slug/corpus/build", async (req: Request, res: Response) => {
+    const { slug } = req.params;
+    const { token } = req.body;
+    if (!await validateStewardToken(slug, token)) return res.status(403).json({ error: "Invalid token" });
+
+    // Get approved artifact IDs
+    const { rows: approved } = await pool.query(
+      `SELECT artifact_id FROM personaforge_artifacts WHERE subject_slug = $1 AND curation_status = 'approved'`, [slug]
+    );
+    if (approved.length === 0) return res.status(400).json({ error: "No approved artifacts to build" });
+
+    // Delegate to personaforge build endpoint (internal HTTP call via admin key)
+    try {
+      const bundleId = crypto.randomUUID();
+      await pool.query(
+        `UPDATE personaforge_subjects SET build_status = 'building', bundle_id = $2, build_log = '', updated_at = NOW() WHERE slug = $1`,
+        [slug, bundleId]
+      );
+
+      res.json({ ok: true, bundle_id: bundleId, approved_count: approved.length, message: "Build started — connect to SSE log stream for progress" });
+
+      // Async build (fire and forget — steward watches via SSE)
+      setImmediate(() => runApprovedBuild(slug, bundleId, approved.map(r => r.artifact_id)));
+    } catch (e: any) {
+      res.status(500).json({ error: e.message });
+    }
+  });
+
+  // ── POST /api/steward/:slug/bio-facts/ptp ───────────────────────────────
+  // PTP-authenticated corpus injection. Any AI agent holding a valid WellSpr.ing
+  // PTP token with scope corpus:write:personaforge:{slug} (or :*) may inject
+  // verified biographical facts and have them stamped with their attestation.
+  //
+  // Intended use: a Claude session runs the QA skill against a persona, verifies
+  // facts against primary sources, then writes the verified facts back to the
+  // corpus with a PTP-attested audit trail. The token_id is stored with the facts
+  // so anyone can verify who/what wrote them and under what scope.
+  //
+  // Flow:
+  //   1. Agent requests PTP token: POST /api/v1/ptp/token
+  //      scope: "corpus:write:personaforge:{slug}"  (or "corpus:write:personaforge:*")
+  //      purpose: "QA review and verified fact injection for [Subject Name]"
+  //   2. Agent presents token here with facts payload
+  //   3. Server verifies token validity + scope coverage
+  //   4. Facts stored with ptp_token_id, attested_at, vcap_attestation_uri
+  //   5. Returns verifiable attestation record
+  app.post("/api/steward/:slug/bio-facts/ptp", async (req: Request, res: Response) => {
+    const { slug } = req.params;
+    const { token_id, bio_facts_md, wiki_summary_md, session_notes } = req.body;
+    if (!token_id) return res.status(400).json({ error: "token_id required (PTP presence token)" });
+    if (bio_facts_md === undefined && wiki_summary_md === undefined) {
+      return res.status(400).json({ error: "At least one of bio_facts_md or wiki_summary_md is required" });
+    }
+
+    try {
+      // Verify the PTP token and check scope coverage for this subject
+      const requiredScope = `corpus:write:personaforge:${slug}`;
+      const ptpResult = await pool.query(`SELECT * FROM ptp_tokens WHERE id = $1`, [token_id]);
+      if (!ptpResult.rows.length) return res.status(403).json({ error: "ptp_token_not_found", token_id });
+
+      const tk = ptpResult.rows[0];
+      const now = new Date();
+      if (tk.revoked) return res.status(403).json({ error: "ptp_token_revoked", revoked_at: tk.revoked_at });
+      if (tk.expires_at && new Date(tk.expires_at) < now) {
+        return res.status(403).json({ error: "ptp_token_expired", expired_at: tk.expires_at });
+      }
+
+      // Scope check: token scope must equal or be a wildcard superset of corpus:write:personaforge:{slug}
+      const tokenParts   = (tk.scope as string).split(":");
+      const requiredParts = requiredScope.split(":");
+      let scopeOk = true;
+      for (let i = 0; i < requiredParts.length; i++) {
+        if (tokenParts[i] !== "*" && tokenParts[i] !== requiredParts[i]) { scopeOk = false; break; }
+      }
+      if (!scopeOk) {
+        return res.status(403).json({
+          error: "scope_insufficient",
+          token_scope: tk.scope,
+          required_scope: requiredScope,
+          hint: `Request a token with scope "corpus:write:personaforge:${slug}" or "corpus:write:personaforge:*"`,
+        });
+      }
+
+      // Ensure subject row exists
+      await pool.query(
+        `INSERT INTO personaforge_subjects (slug, subject_name, build_status)
+         VALUES ($1, $1, 'registered') ON CONFLICT (slug) DO NOTHING`, [slug]
+      );
+
+      // Write facts + stamp with PTP attestation metadata
+      const attestedAt = new Date().toISOString();
+      if (bio_facts_md !== undefined) {
+        await pool.query(
+          `UPDATE personaforge_subjects
+           SET bio_facts_md = $2,
+               bio_facts_ptp_token_id = $3,
+               bio_facts_attested_at = $4,
+               bio_facts_vcap_uri = $5,
+               updated_at = NOW()
+           WHERE slug = $1`,
+          [slug, bio_facts_md, token_id, attestedAt, tk.vcap_attestation_uri]
+        );
+      }
+      if (wiki_summary_md !== undefined) {
+        await pool.query(
+          `UPDATE personaforge_subjects
+           SET wiki_summary_md = $2,
+               wiki_ptp_token_id = $3,
+               wiki_attested_at = $4,
+               updated_at = NOW()
+           WHERE slug = $1`,
+          [slug, wiki_summary_md, token_id, attestedAt]
+        );
+      }
+
+      // Log to corpus_consult_log if it exists (non-fatal)
+      await pool.query(
+        `INSERT INTO corpus_consult_log
+           (slug, event_type, token_id, scope, purpose, attested_at, session_notes, created_at)
+         VALUES ($1, 'ptp_bio_injection', $2, $3, $4, $5, $6, NOW())`,
+        [slug, token_id, tk.scope, tk.purpose_declaration, attestedAt, session_notes || null]
+      ).catch(() => {}); // table may not exist in all environments
+
+      res.json({
+        ok: true,
+        slug,
+        attested_at: attestedAt,
+        token_id,
+        scope: tk.scope,
+        vcap_attestation_uri: tk.vcac_attestation_uri || tk.vcap_attestation_uri,
+        fields_written: [
+          ...(bio_facts_md !== undefined ? ["bio_facts_md"] : []),
+          ...(wiki_summary_md !== undefined ? ["wiki_summary_md"] : []),
+        ],
+        verification: `GET https://wellspr.ing/api/v1/ptp/token/${token_id}`,
+        note: "Biographical facts are now stamped with this PTP token. The corpus build will inject them as priority-0 chunks.",
+      });
+    } catch (e: any) {
+      console.error("[StewardDash] PTP injection error:", e.message);
+      res.status(500).json({ error: e.message });
+    }
+  });
+
+  // ── GET /api/steward/:slug/bio-facts ────────────────────────────────────
+  app.get("/api/steward/:slug/bio-facts", async (req: Request, res: Response) => {
+    const { slug } = req.params;
+    const token = req.query.token as string;
+    if (!await validateStewardToken(slug, token)) return res.status(403).json({ error: "Invalid token" });
+    try {
+      const { rows } = await pool.query(
+        `SELECT bio_facts_md, wiki_summary_md FROM personaforge_subjects WHERE slug = $1`, [slug]
+      );
+      const row = rows[0] || {};
+      res.json({ bio_facts_md: row.bio_facts_md || null, wiki_summary_md: row.wiki_summary_md || null });
+    } catch (e: any) {
+      res.status(500).json({ error: e.message });
+    }
+  });
+
+  // ── POST /api/steward/:slug/bio-facts ────────────────────────────────────
+  // Requires steward token (or admin key). Updates bio_facts_md and/or wiki_summary_md.
+  app.post("/api/steward/:slug/bio-facts", async (req: Request, res: Response) => {
+    const { slug } = req.params;
+    const { token, bio_facts_md, wiki_summary_md } = req.body;
+    const adminKey = (req.headers["x-admin-key"] as string) || req.query.admin_key as string;
+    const isAdmin = adminKey === ADMIN_KEY;
+    if (!isAdmin && !await validateStewardToken(slug, token)) return res.status(403).json({ error: "Invalid token or admin key" });
+
+    if (bio_facts_md === undefined && wiki_summary_md === undefined) return res.status(400).json({ error: "Nothing to update" });
+
+    try {
+      // Ensure the subject row exists (auto-create if missing, e.g. dev DB or fresh environment)
+      await pool.query(
+        `INSERT INTO personaforge_subjects (slug, subject_name, build_status)
+         VALUES ($1, $1, 'registered')
+         ON CONFLICT (slug) DO NOTHING`,
+        [slug]
+      );
+
+      // Update whichever fields were provided
+      if (bio_facts_md !== undefined) {
+        await pool.query(
+          `UPDATE personaforge_subjects SET bio_facts_md = $2, updated_at = NOW() WHERE slug = $1`,
+          [slug, bio_facts_md]
+        );
+      }
+      if (wiki_summary_md !== undefined) {
+        await pool.query(
+          `UPDATE personaforge_subjects SET wiki_summary_md = $2, updated_at = NOW() WHERE slug = $1`,
+          [slug, wiki_summary_md]
+        );
+      }
+      res.json({ ok: true });
+    } catch (e: any) {
+      res.status(500).json({ error: e.message });
+    }
+  });
+
+  // ── POST /api/steward/:slug/artifacts/inject ─────────────────────────────
+  // Admin-only. Inject a manual artifact with full text content (no URL required).
+  // Used for Wikipedia excerpts, articles-about-the-person, curated secondary sources.
+  app.post("/api/steward/:slug/artifacts/inject", async (req: Request, res: Response) => {
+    const { slug } = req.params;
+    const adminKey = (req.headers["x-admin-key"] as string) || req.body.admin_key;
+    if (adminKey !== ADMIN_KEY) return res.status(403).json({ error: "Admin key required" });
+    const { title, content_text, artifact_type, source_url, pub_date } = req.body;
+    if (!title || !content_text) return res.status(400).json({ error: "title and content_text required" });
+    const artifactId = `${slug}::injected::${crypto.randomUUID().slice(0, 8)}`;
+    try {
+      await pool.query(
+        `INSERT INTO personaforge_artifacts
+           (subject_slug, artifact_id, title, source_url, artifact_type, content_text, curation_status, pub_date)
+         VALUES ($1, $2, $3, $4, $5, $6, 'approved', $7)
+         ON CONFLICT (artifact_id) DO UPDATE SET content_text = EXCLUDED.content_text, title = EXCLUDED.title`,
+        [slug, artifactId, title, source_url || null, artifact_type || 'injected', content_text, pub_date || null]
+      );
+      await pool.query(`UPDATE personaforge_subjects SET updated_at = NOW() WHERE slug = $1`, [slug]);
+      res.json({ ok: true, artifact_id: artifactId });
+    } catch (e: any) {
+      res.status(500).json({ error: e.message });
+    }
+  });
+
+  // ── GET /api/steward/:slug/dashboard-token (admin only) ─────────────────
+  app.get("/api/steward/:slug/dashboard-token", async (req: Request, res: Response) => {
+    const { slug } = req.params;
+    const key = (req.headers["x-admin-key"] as string) || req.query.admin_key as string;
+    if (key !== ADMIN_KEY) return res.status(403).json({ error: "Admin key required" });
+
+    const token = await getOrCreateDashboardToken(slug);
+    const dashUrl = `https://agentify.help/steward/${slug}?token=${token}`;
+    res.json({ slug, dashboard_token: token, dashboard_url: dashUrl });
+  });
+}
+
+// ── Approved-only corpus build (async) ───────────────────────────────────────
+import { S3Client, PutObjectCommand } from "@aws-sdk/client-s3";
+
+const S3_HOSTNAME = process.env.VULTR_S3_HOSTNAME || "ewr1.vultrobjects.com";
+const S3_BUCKET   = process.env.CORPUS_S3_BUCKET  || "agentify-corpus";
+
+function getS3(): S3Client {
+  return new S3Client({
+    endpoint: `https://${S3_HOSTNAME}`,
+    region: "ewr1",
+    forcePathStyle: true,
+    credentials: {
+      accessKeyId:     process.env.VULTR_S3_ACCESS_KEY || "",
+      secretAccessKey: process.env.VULTR_S3_SECRET_KEY || "",
+    },
+  });
+}
+
+function chunkText(text: string, maxWords = 400): string[] {
+  const sentences = text.split(/(?<=[.!?])\s+/);
+  const chunks: string[] = [];
+  let current = "";
+  for (const s of sentences) {
+    const proposed = current ? current + " " + s : s;
+    if (proposed.split(/\s+/).length > maxWords && current) {
+      chunks.push(current.trim());
+      current = s;
+    } else {
+      current = proposed;
+    }
+  }
+  if (current.trim()) chunks.push(current.trim());
+  return chunks.filter(c => c.split(/\s+/).length >= 30);
+}
+
+async function broadcastStewardLog(slug: string, msg: string) {
+  console.log(`[StewardBuild/${slug}] ${msg}`);
+  await pool.query(
+    `UPDATE personaforge_subjects SET build_log = COALESCE(build_log,'') || $2, updated_at=NOW() WHERE slug=$1`,
+    [slug, `[${new Date().toISOString().slice(11, 19)}] ${msg}\n`]
+  ).catch(() => {});
+}
+
+async function runApprovedBuild(slug: string, bundleId: string, approvedIds: string[]) {
+  const s3 = getS3();
+  const allChunks: any[] = [];
+  let chunkSeq = 0;
+  let processed = 0;
+  let errors = 0;
+
+  const { rows: pf } = await pool.query(
+    `SELECT subject_name, domain, corpus_version, bio_facts_md, wiki_summary_md FROM personaforge_subjects WHERE slug = $1`, [slug]
+  );
+  const subject = pf[0] || { subject_name: slug, domain: "", corpus_version: "1.0.0" };
+
+  await broadcastStewardLog(slug, `Starting approved-only build: ${approvedIds.length} artifacts, bundle ${bundleId}`);
+
+  // ── Priority chunk 0: Biographical baseline facts ──────────────────────
+  if (subject.bio_facts_md && subject.bio_facts_md.trim()) {
+    const bioChunks = chunkText(subject.bio_facts_md);
+    for (const chunk of bioChunks) {
+      allChunks.push({
+        chunk_id: `${slug}-${bundleId}-bio-${String(chunkSeq++).padStart(5, "0")}`,
+        subject_slug: slug,
+        artifact_id: `${slug}::bio_facts_baseline`,
+        title: "Biographical Baseline — Ground-Truth Facts",
+        pub_date: null,
+        artifact_type: "bio_facts",
+        priority: "critical",
+        text: chunk,
+      });
+    }
+    await broadcastStewardLog(slug, `Injected biographical baseline (${bioChunks.length} chunks) as priority-0 corpus anchor.`);
+  }
+
+  // ── Priority chunk 1: Wikipedia / secondary sources ────────────────────
+  if (subject.wiki_summary_md && subject.wiki_summary_md.trim()) {
+    const wikiPreamble = `[SKEPTICISM NOTE: The following is from Wikipedia and secondary sources. Treat as background reference, not first-person memory. Verify contested facts against primary corpus.]\n\n`;
+    const wikiChunks = chunkText(wikiPreamble + subject.wiki_summary_md);
+    for (const chunk of wikiChunks) {
+      allChunks.push({
+        chunk_id: `${slug}-${bundleId}-wiki-${String(chunkSeq++).padStart(5, "0")}`,
+        subject_slug: slug,
+        artifact_id: `${slug}::wiki_secondary_sources`,
+        title: "Wikipedia & Secondary Sources — Skepticism-Weighted",
+        pub_date: null,
+        artifact_type: "wiki_secondary",
+        priority: "background",
+        text: chunk,
+      });
+    }
+    await broadcastStewardLog(slug, `Injected Wikipedia/secondary sources (${wikiChunks.length} chunks) with skepticism weighting.`);
+  }
+
+  for (const artifactId of approvedIds) {
+    const { rows: arts } = await pool.query(
+      `SELECT title, source_url, pub_date, artifact_type, content_text FROM personaforge_artifacts WHERE artifact_id = $1`, [artifactId]
+    );
+    if (!arts[0]) continue;
+    const art = arts[0];
+
+    try {
+      await broadcastStewardLog(slug, `Fetching: ${art.title}`);
+      // Use inline content_text if present (injected artifacts), otherwise fetch from URL
+      const text = art.content_text || (art.source_url ? await fetchEssayTextBuild(art.source_url) : "");
+      if (!text || text.split(/\s+/).length < 50) {
+        await broadcastStewardLog(slug, `Skipped (too short): ${art.title}`);
+        errors++;
+        continue;
+      }
+      const chunks = chunkText(text);
+      const wc = text.split(/\s+/).length;
+      for (const chunk of chunks) {
+        allChunks.push({
+          chunk_id: `${slug}-${bundleId}-${String(chunkSeq++).padStart(5, "0")}`,
+          subject_slug: slug,
+          artifact_id: artifactId,
+          title: art.title,
+          pub_date: art.pub_date || null,
+          artifact_type: art.artifact_type || "essay",
+          text: chunk,
+        });
+      }
+      await pool.query(
+        `UPDATE personaforge_artifacts SET chunk_count = $1, word_count = $2 WHERE artifact_id = $3`,
+        [chunks.length, wc, artifactId]
+      );
+      processed++;
+    } catch (e: any) {
+      await broadcastStewardLog(slug, `Error on ${art.title}: ${e.message}`);
+      errors++;
+    }
+  }
+
+  await broadcastStewardLog(slug, `All artifacts processed. ${allChunks.length} chunks total. Uploading to S3…`);
+
+  try {
+    const prefix = `staging/${slug}/v${subject.corpus_version}/${bundleId}`;
+    const ndjson = allChunks.map(c => JSON.stringify(c)).join("\n");
+    await s3.send(new PutObjectCommand({
+      Bucket: S3_BUCKET,
+      Key: `${prefix}/chunks/index.ndjson`,
+      Body: ndjson,
+      ContentType: "application/x-ndjson",
+    }));
+
+    const manifest = {
+      bundle_id: bundleId,
+      subject_slug: slug,
+      subject_name: subject.subject_name,
+      domain: subject.domain,
+      corpus_version: subject.corpus_version,
+      chunk_count: allChunks.length,
+      artifact_count: processed,
+      approved_only: true,
+      built_at: new Date().toISOString(),
+    };
+    await s3.send(new PutObjectCommand({
+      Bucket: S3_BUCKET,
+      Key: `${prefix}/manifest.json`,
+      Body: JSON.stringify(manifest, null, 2),
+      ContentType: "application/json",
+    }));
+
+    await pool.query(
+      `UPDATE personaforge_subjects SET build_status = 'built', chunk_count = $2, updated_at = NOW() WHERE slug = $1`,
+      [slug, allChunks.length]
+    );
+    await broadcastStewardLog(slug, `Build complete. ${allChunks.length} chunks uploaded. Bundle: ${bundleId}`);
+    if (errors > 0) await broadcastStewardLog(slug, `Note: ${errors} artifacts had errors and were skipped.`);
+  } catch (e: any) {
+    await broadcastStewardLog(slug, `S3 upload error: ${e.message}`);
+    await pool.query(`UPDATE personaforge_subjects SET build_status = 'error' WHERE slug = $1`, [slug]);
+  }
+}
+
+async function fetchEssayTextBuild(url: string): Promise<string> {
+  try {
+    const html = await fetch(url, {
+      headers: { "User-Agent": "WellSpr.ing PersonaForge/1.0" },
+      signal: AbortSignal.timeout(20000),
+    }).then(r => r.text());
+    return html
+      .replace(/<script[^>]*>[\s\S]*?<\/script>/gi, " ")
+      .replace(/<style[^>]*>[\s\S]*?<\/style>/gi, " ")
+      .replace(/<[^>]+>/g, " ")
+      .replace(/&amp;/g, "&").replace(/&lt;/g, "<").replace(/&gt;/g, ">").replace(/&nbsp;/g, " ")
+      .replace(/\s+/g, " ").trim();
+  } catch {
+    return "";
+  }
+}