feat(profile): /api/profile + eligibility filter + inference framework (ADR-0014 steps 4-6)

Step 4 — /api/profile read-through API:
  GET  /api/profile          → { user, prefs, consents, contexts }
  PATCH /api/profile/prefs/:scope  upsert user_preferences (source='user')
  PATCH /api/profile/consents      grant / revoke consent keys
  PATCH /api/profile/contexts      create / activate / deactivate contexts
  Legacy consentGiven bit folded in as data:core fallback.

Step 5 — registry-driven eligibility filter:
  fetchRegistry() exported from agent-registry.ts.
  profile/eligibility.ts: getEligibleAgentIds(userId) — filters by required
  consents, silenced_in_contexts, and user_preferences[enabled=false].
  fetchOrchestratorTip filters agent_outputs to eligible set before calling
  ml/serving /recommend. Fail-closed: registry unavailable → empty set.

Step 6 — shared context-inference framework (#111) + time-of-day proof (#112):
  ml/agents/inference/: UserHistory, FeedbackEvent, run_inference().
  Framework: cold-start, min_history gating, error fallback, structured logs.
  TimeOfDayAgent v1.1.0: inferred_params=[preferred_hour]; also reads
  quiet_start/quiet_end from agent_prefs. agent_prefs injected by TS caller.
  AgentInput gains agent_prefs field.
  ml/serving: POST /agents/{agent_id}/infer endpoint.
  agent-outputs.ts computeAndStore: loads prefs before compute, calls /infer
  after, persists results (source='inferred'); user overrides never touched.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

CLAUDE.md

@@ -106,15 +106,35 @@ Recent completions:
 - Model benchmarking for tip generation (#93, #95)
 - Admin UX refinements: feedback consolidation, settings placement (#100–102)
 - ADR-0012 — ε-greedy v2 (D=12) — 2026-04-26 (now superseded by ADR-0013)
+- ADR-0014 steps 1–6: unified Profile schema + backfill, manifest plumbing, `/api/profile` read-through, registry-driven eligibility filter, inference framework + time-of-day migration — 2026-05-05
 
 Active work (M2):
-- ADR-0014 (proposed) — unified Profile model + agent registry + inference framework
-- Unified Profile model: prefs, contexts, consents, registry plumbing, orchestrator cutover (#30)
-- Shared context-inference framework for agents (#111)
-- Per-agent auto-inference: time-of-day (#112), focus-area (#113), momentum (#114), overdue-task (#115), recent-patterns (#116)
+- ADR-0014 step 7 — per-agent inference: focus-area (#113), momentum (#114), overdue-task (#115), recent-patterns (#116)
+- ADR-0014 step 8 — drop `users.consentGiven` column
 - Signal abstraction for multi-source support (#78)
 - Per-user feature freshness SLAs (#61, ADR-0011 phase B)
 
+## ADR-0014 endpoint map (as of step 6)
+
+| Endpoint | Purpose |
+|----------|---------|
+| `GET /api/profile` | Read-through: user globals + prefs (by scope) + consents + contexts |
+| `PATCH /api/profile/prefs/:scope` | Upsert user_preferences rows (source='user') |
+| `PATCH /api/profile/consents` | Grant / revoke consent keys |
+| `PATCH /api/profile/contexts` | Create / activate / deactivate named contexts |
+| `GET /api/agents/registry` | Manifest list (proxy to ml/serving; 60 s cache) |
+| `POST /api/agents/:agentId/compute` | Internal: run agent compute for (user, agent) |
+| `POST /agents/{agent_id}/infer` *(ml/serving)* | Run inference framework → `{inferred_prefs}` |
+
+## Inference framework (ADR-0014 §3)
+
+Lives in `ml/agents/inference/`. `run_inference(manifest, history)` evaluates all `InferredParam` entries in the manifest and returns `{key: value}`. Rules:
+- Below `min_history` → emit `cold_start_default`
+- `infer()` error → emit `cold_start_default` (never crashes)
+- Results written to `user_preferences` with `source='inferred'`; keys with `source='user'` are never overwritten
+
+Time-of-day agent (`1.1.0`) is the proof agent (#112): infers `preferred_hour` (mode done-hour) and reads `quiet_start`/`quiet_end` from prefs.
+
 ## What NOT to do
 
 - Don't copy Todoist's data into our DB. Store the OAuth token + computed features/derivatives we need, fetch raw on demand.