feat: AI conversation memory, on-demand AI toggle, fix config bug

- Debug AI chat now includes message history for multi-turn conversations
- Public debug endpoint stores messages and applies PII redaction
- Add PATCH endpoints to enable AI on any debug session (auth + token-based)
- Debug viewer shows Ask AI button on all sessions, enables on click
- Fix aiAutoAnalyze not returned by getConfig, consolidate config update
- Add llm-product-discipline Cursor rule

Author: dantelex

.cursor/rules/llm-product-discipline.mdc

@@ -0,0 +1,88 @@
+---
+description: Pre-implementation gate that forces product-value, architecture, and cleanup checks before coding any new feature.
+alwaysApply: true
+---
+
+# LLM Product Discipline
+
+## Purpose
+Use this skill before implementing any new feature, enhancement, or prototype.
+
+The goal is to prevent:
+- shipping low-value features
+- architecture decay
+- hacky iterations
+- confusing prototypes with real product thinking
+
+## Trigger
+Use this skill when:
+- the user asks to add a feature
+- the user asks for a prototype
+- the user asks for a quick implementation
+- a change touches architecture or existing flows
+- the request sounds easy but product value is unclear
+
+## Required behavior
+Before writing code, do ALL of the following:
+
+### Step 1: Restate the request
+Summarize the requested feature in 1-2 sentences.
+
+### Step 2: Evaluate product value
+Answer:
+- Who is this for?
+- What problem does it solve?
+- How painful/frequent is the problem?
+- What happens if we do not build it?
+- Is this core, leverage, or convenience?
+
+If the request is weak, say so clearly.
+
+### Step 3: Evaluate architecture
+Answer:
+- Does this fit the current design?
+- Would implementing it require hacks, duplication, or awkward exceptions?
+- Should the design be refactored first?
+
+If refactor is needed, recommend refactor before implementation.
+
+### Step 4: Evaluate whether cleanup is higher ROI
+Answer:
+- Is fixing or simplifying existing code higher value than adding this feature?
+- What existing issues should be cleaned first?
+
+### Step 5: Give a decision
+Choose one:
+- BUILD NOW
+- REFACTOR FIRST
+- DO NOT BUILD YET
+
+Explain why.
+
+## Output format
+Always respond in this structure before coding:
+
+### Feature Summary
+...
+
+### Value Check
+...
+
+### Architecture Check
+...
+
+### Cleanup Check
+...
+
+### Decision
+BUILD NOW / REFACTOR FIRST / DO NOT BUILD YET
+
+### If Building
+Describe the smallest correct implementation.
+
+## Rules
+- Do not jump straight into code for feature requests.
+- Do not treat "easy to code" as evidence of value.
+- Do not patch bad architecture with LLM-generated hacks.
+- Prefer fewer, higher-conviction features.
+- Leave the system cleaner than you found it.

apps/api/src/ai/ai.controller.ts

@@ -88,15 +88,10 @@ export class AIController {
       }
     }
 
-    await this.aiService.updateConfig(workspaceId, body);
-
-    // Also update autoAnalyze if provided
-    if (body.autoAnalyze !== undefined) {
-      await this.prisma.workspace.update({
-        where: { id: workspaceId },
-        data: { aiAutoAnalyze: body.autoAnalyze },
-      });
-    }
+    await this.aiService.updateConfig(workspaceId, {
+      ...body,
+      autoAnalyze: body.autoAnalyze,
+    });
 
     return { success: true };
   }

apps/api/src/ai/ai.service.ts

@@ -7,6 +7,7 @@ export interface AIConfig {
   model: string;
   apiKey?: string;
   ollamaUrl?: string;
+  autoAnalyze?: boolean;
 }
 
 export interface AnalysisRequest {
@@ -58,6 +59,7 @@ export class AIService {
         aiModel: true,
         aiApiKey: true,
         aiOllamaUrl: true,
+        aiAutoAnalyze: true,
       },
     });
 
@@ -68,6 +70,7 @@ export class AIService {
       model: workspace.aiModel || this.getDefaultModel(workspace.aiProvider),
       apiKey: workspace.aiApiKey ? decryptField(workspace.aiApiKey) : undefined,
       ollamaUrl: workspace.aiOllamaUrl || this.defaultOllamaUrl,
+      autoAnalyze: workspace.aiAutoAnalyze,
     };
   }
 
@@ -82,6 +85,7 @@ export class AIService {
         aiModel: config.model,
         aiApiKey: config.apiKey != null ? encryptField(config.apiKey) : config.apiKey,
         aiOllamaUrl: config.ollamaUrl,
+        ...(config.autoAnalyze !== undefined && { aiAutoAnalyze: config.autoAnalyze }),
       },
     });
   }

apps/api/src/debug/debug.controller.ts

@@ -2,6 +2,7 @@ import {
   Controller,
   Get,
   Post,
+  Patch,
   Delete,
   Param,
   Body,
@@ -15,6 +16,7 @@ import {
   Optional,
 } from '@nestjs/common';
 import { DebugService } from './debug.service';
+import { PrismaService } from '../prisma/prisma.service';
 import { AuthGuard } from '../auth/auth.guard';
 import { CombinedAuthGuard } from '../auth/combined-auth.guard';
 import { AIService } from '../ai/ai.service';
@@ -35,6 +37,7 @@ interface CreateSessionDto {
 export class DebugController {
   constructor(
     private debugService: DebugService,
+    private prisma: PrismaService,
     @Optional() @Inject(forwardRef(() => AIService))
     private aiService?: AIService,
   ) {}
@@ -135,6 +138,51 @@ export class DebugController {
     return { success: true };
   }
 
+  /**
+   * Toggle AI on a debug session
+   */
+  @Patch('sessions/:id/ai')
+  @UseGuards(AuthGuard)
+  async toggleAI(
+    @Param('id') id: string,
+    @Body() body: { enabled: boolean },
+  ) {
+    const session = await this.debugService.getSession(id);
+    if (!session) {
+      throw new NotFoundException('Session not found');
+    }
+
+    await this.prisma.debugSession.update({
+      where: { id },
+      data: { aiEnabled: body.enabled },
+    });
+
+    return { success: true, aiEnabled: body.enabled };
+  }
+
+  /**
+   * Toggle AI on a debug session (public, token-based)
+   */
+  @Patch('public/:token/ai/enable')
+  @UseGuards(RateLimitGuard)
+  @RateLimit('debug')
+  async toggleAIPublic(
+    @Param('token') token: string,
+    @Body() body: { enabled: boolean },
+  ) {
+    const session = await this.debugService.getSessionByToken(token);
+    if (!session) {
+      throw new NotFoundException('Session not found or expired');
+    }
+
+    await this.prisma.debugSession.update({
+      where: { id: session.id },
+      data: { aiEnabled: body.enabled },
+    });
+
+    return { success: true, aiEnabled: body.enabled };
+  }
+
   /**
    * End a debug session by token (public - requires session token to prevent unauthorized termination)
    */
@@ -567,14 +615,45 @@ export class DebugController {
 
     // Build context from packet data
     const packets = body.packetContext || [];
-    
+
+    // Load conversation history for multi-turn context
+    const history = await this.prisma.debugAIMessage.findMany({
+      where: { sessionId: session.id },
+      orderBy: { createdAt: 'asc' },
+      take: 20,
+    });
+
+    const ai = this.aiService!;
+    const shouldRedact = config.provider !== 'ollama';
+    const messages = [
+      ...history.map(m => ({
+        role: m.role as 'user' | 'assistant',
+        content: shouldRedact ? ai.redactPII(m.content) : m.content,
+      })),
+      { role: 'user' as const, content: shouldRedact ? ai.redactPII(body.message) : body.message },
+    ];
+
     try {
-      const response = await this.aiService.chat(
+      const response = await ai.chat(
         config,
-        [{ role: 'user', content: body.message }],
-        { packets },
+        messages,
+        { packets: shouldRedact
+          ? packets.map((p: any) => ({
+              ...p,
+              parsed: p.parsed ? JSON.parse(ai.redactPII(JSON.stringify(p.parsed))) : undefined,
+            }))
+          : packets,
+        },
       );
 
+      // Store messages for conversation history
+      await this.prisma.debugAIMessage.createMany({
+        data: [
+          { sessionId: session.id, role: 'user', content: body.message },
+          { sessionId: session.id, role: 'assistant', content: response.content, tokensUsed: response.tokensUsed },
+        ],
+      });
+
       return {
         response: response.content,
         tokensUsed: response.tokensUsed,

apps/web/pages/debug/[token].vue

@@ -107,15 +107,19 @@
           </button>
           <!-- AI Chat Toggle -->
           <button
-            v-if="session?.aiEnabled"
-            @click="showAIChat = !showAIChat"
+            @click="toggleAIChat"
+            :disabled="enablingAI"
             class="px-2.5 sm:px-3 py-1.5 text-xs sm:text-sm font-medium rounded-lg transition-all flex items-center gap-1.5 sm:gap-2"
             :class="showAIChat ? 'bg-blue-300 text-black' : 'bg-blue-300/10 border border-blue-300/10 text-blue-300 hover:bg-blue-300/20'"
           >
-            <svg class="w-3.5 h-3.5 sm:w-4 sm:h-4" fill="currentColor" viewBox="0 0 20 20">
+            <svg v-if="enablingAI" class="animate-spin w-3.5 h-3.5 sm:w-4 sm:h-4" viewBox="0 0 24 24">
+              <circle class="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" stroke-width="4" fill="none"></circle>
+              <path class="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path>
+            </svg>
+            <svg v-else class="w-3.5 h-3.5 sm:w-4 sm:h-4" fill="currentColor" viewBox="0 0 20 20">
               <path d="M10 2a1 1 0 011 1v1.323l3.954 1.582 1.599-.8a1 1 0 01.894 1.79l-1.233.616 1.738 5.42a1 1 0 01-.285 1.05A3.989 3.989 0 0115 15a3.989 3.989 0 01-2.667-1.019 1 1 0 01-.285-1.05l1.715-5.349L11 6.477V16h2a1 1 0 110 2H7a1 1 0 110-2h2V6.477L6.237 7.582l1.715 5.349a1 1 0 01-.285 1.05A3.989 3.989 0 015 15a3.989 3.989 0 01-2.667-1.019 1 1 0 01-.285-1.05l1.738-5.42-1.233-.617a1 1 0 01.894-1.788l1.599.799L9 4.323V3a1 1 0 011-1z"/>
             </svg>
-            <span class="hidden sm:inline">{{ showAIChat ? 'Hide AI' : 'Ask AI' }}</span>
+            <span class="hidden sm:inline">{{ enablingAI ? 'Enabling...' : showAIChat ? 'Hide AI' : 'Ask AI' }}</span>
           </button>
         </div>
       </div>
@@ -534,7 +538,7 @@
       </div>
 
       <!-- AI Chat Panel -->
-      <div v-if="session?.aiEnabled && showAIChat" class="mt-6">
+      <div v-if="aiEnabled && showAIChat" class="mt-6">
         <div class="bg-gray-500/5 border border-gray-500/10 rounded-xl overflow-hidden">
           <!-- Chat Header -->
           <div class="border-b border-gray-500/10 p-4 flex items-center justify-between">
@@ -736,6 +740,34 @@ const showAIChat = ref(false);
 const aiInput = ref('');
 const aiMessages = ref<Array<{ role: 'user' | 'assistant'; content: string }>>([]);
 const aiThinking = ref(false);
+const enablingAI = ref(false);
+const aiEnabled = ref(false);
+
+watch(() => session.value?.aiEnabled, (val) => {
+  if (val !== undefined) aiEnabled.value = val;
+}, { immediate: true });
+
+const toggleAIChat = async () => {
+  if (!aiEnabled.value) {
+    enablingAI.value = true;
+    try {
+      const token = route.params.token as string;
+      const res = await fetch(`${config.public.apiUrl}/v1/debug/public/${token}/ai/enable`, {
+        method: 'PATCH',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ enabled: true }),
+      });
+      if (res.ok) {
+        aiEnabled.value = true;
+        showAIChat.value = true;
+      }
+    } finally {
+      enablingAI.value = false;
+    }
+  } else {
+    showAIChat.value = !showAIChat.value;
+  }
+};
 
 // Close tunnel state
 const showCloseModal = ref(false);