console_agent 0.10.0 → 0.12.0

data/lib/console_agent/slack_bot.rb

@@ -0,0 +1,473 @@
+require 'json'
+require 'uri'
+require 'net/http'
+require 'openssl'
+require 'console_agent/channel/slack'
+require 'console_agent/conversation_engine'
+require 'console_agent/context_builder'
+require 'console_agent/providers/base'
+require 'console_agent/executor'
+
+module ConsoleAgent
+  class SlackBot
+    def initialize
+      @bot_token = ConsoleAgent.configuration.slack_bot_token || ENV['SLACK_BOT_TOKEN']
+      @app_token = ConsoleAgent.configuration.slack_app_token || ENV['SLACK_APP_TOKEN']
+      @channel_ids = resolve_channel_ids
+
+      raise ConfigurationError, "SLACK_BOT_TOKEN is required" unless @bot_token
+      raise ConfigurationError, "SLACK_APP_TOKEN is required (Socket Mode)" unless @app_token
+      raise ConfigurationError, "slack_allowed_usernames must be configured (e.g. ['alice'] or 'ALL')" unless ConsoleAgent.configuration.slack_allowed_usernames
+
+      @bot_user_id = nil
+      @sessions = {}       # thread_ts → { channel:, engine:, thread: }
+      @user_cache = {}     # slack user_id → display_name
+      @mutex = Mutex.new
+    end
+
+    def start
+      @bot_user_id = slack_api("auth.test", token: @bot_token).dig("user_id")
+      log_startup
+
+      loop do
+        run_socket_mode
+        puts "Reconnecting in 5s..."
+        sleep 5
+      end
+    rescue Interrupt
+      puts "\nSlackBot shutting down."
+    end
+
+    private
+
+    # --- Socket Mode connection ---
+
+    def run_socket_mode
+      url = obtain_wss_url
+      uri = URI.parse(url)
+
+      tcp = TCPSocket.new(uri.host, uri.port || 443)
+      ssl = OpenSSL::SSL::SSLSocket.new(tcp, OpenSSL::SSL::SSLContext.new)
+      ssl.hostname = uri.host
+      ssl.connect
+
+      # WebSocket handshake
+      path = "#{uri.path}?#{uri.query}"
+      handshake = [
+        "GET #{path} HTTP/1.1",
+        "Host: #{uri.host}",
+        "Upgrade: websocket",
+        "Connection: Upgrade",
+        "Sec-WebSocket-Key: #{SecureRandom.base64(16)}",
+        "Sec-WebSocket-Version: 13",
+        "", ""
+      ].join("\r\n")
+
+      ssl.write(handshake)
+
+      # Read HTTP 101 response headers
+      response_line = ssl.gets
+      unless response_line&.include?("101")
+        raise "WebSocket handshake failed: #{response_line}"
+      end
+      # Consume remaining headers
+      loop do
+        line = ssl.gets
+        break if line.nil? || line.strip.empty?
+      end
+
+      puts "Connected to Slack Socket Mode."
+
+      # Main read loop
+      loop do
+        data = read_ws_frame(ssl)
+        next unless data
+
+        begin
+          msg = JSON.parse(data, symbolize_names: true)
+        rescue JSON::ParserError
+          next
+        end
+
+        # Acknowledge immediately (Slack requires fast ack)
+        if msg[:envelope_id]
+          send_ws_frame(ssl, JSON.generate({ envelope_id: msg[:envelope_id] }))
+        end
+
+        case msg[:type]
+        when "hello"
+          # Connection confirmed
+        when "disconnect"
+          puts "Slack disconnect: #{msg[:reason]}"
+          break
+        when "events_api"
+          handle_event(msg)
+        end
+      end
+    rescue EOFError, IOError, Errno::ECONNRESET, OpenSSL::SSL::SSLError => e
+      puts "Socket Mode connection lost: #{e.message}"
+    ensure
+      ssl&.close rescue nil
+      tcp&.close rescue nil
+    end
+
+    def obtain_wss_url
+      result = slack_api("apps.connections.open", token: @app_token)
+      raise "Failed to obtain WSS URL: #{result["error"]}" unless result["ok"]
+      result["url"]
+    end
+
+    # --- WebSocket frame reading/writing (RFC 6455 minimal implementation) ---
+
+    def read_ws_frame(ssl)
+      first_byte = ssl.read(1)&.unpack1("C")
+      return nil unless first_byte
+
+      opcode = first_byte & 0x0F
+      # Handle ping (opcode 9) → send pong (opcode 10)
+      if opcode == 9
+        payload = read_ws_payload(ssl)
+        send_ws_pong(ssl, payload)
+        return nil
+      end
+      # Close frame (opcode 8)
+      return nil if opcode == 8
+      # Only process text frames (opcode 1)
+      return nil unless opcode == 1
+
+      read_ws_payload(ssl)
+    end
+
+    def read_ws_payload(ssl)
+      second_byte = ssl.read(1)&.unpack1("C")
+      return nil unless second_byte
+
+      masked = (second_byte & 0x80) != 0
+      length = second_byte & 0x7F
+
+      if length == 126
+        length = ssl.read(2).unpack1("n")
+      elsif length == 127
+        length = ssl.read(8).unpack1("Q>")
+      end
+
+      if masked
+        mask_key = ssl.read(4).bytes
+        raw = ssl.read(length).bytes
+        raw.each_with_index.map { |b, i| (b ^ mask_key[i % 4]).chr }.join
+      else
+        ssl.read(length)
+      end
+    end
+
+    def send_ws_frame(ssl, text)
+      bytes = text.encode("UTF-8").bytes
+      # Client frames must be masked per RFC 6455
+      mask_key = 4.times.map { rand(256) }
+      masked = bytes.each_with_index.map { |b, i| b ^ mask_key[i % 4] }
+
+      frame = [0x81].pack("C") # FIN + text opcode
+      if bytes.length < 126
+        frame << [(bytes.length | 0x80)].pack("C")
+      elsif bytes.length < 65536
+        frame << [126 | 0x80].pack("C")
+        frame << [bytes.length].pack("n")
+      else
+        frame << [127 | 0x80].pack("C")
+        frame << [bytes.length].pack("Q>")
+      end
+      frame << mask_key.pack("C*")
+      frame << masked.pack("C*")
+      ssl.write(frame)
+    end
+
+    def send_ws_pong(ssl, payload)
+      payload ||= ""
+      bytes = payload.bytes
+      mask_key = 4.times.map { rand(256) }
+      masked = bytes.each_with_index.map { |b, i| b ^ mask_key[i % 4] }
+
+      frame = [0x8A].pack("C") # FIN + pong opcode
+      frame << [(bytes.length | 0x80)].pack("C")
+      frame << mask_key.pack("C*")
+      frame << masked.pack("C*")
+      ssl.write(frame)
+    end
+
+    # --- Slack Web API (minimal, uses Net::HTTP) ---
+
+    def slack_api(method, token: @bot_token, **params)
+      uri = URI("https://slack.com/api/#{method}")
+      http = Net::HTTP.new(uri.host, uri.port)
+      http.use_ssl = true
+
+      if params.empty?
+        req = Net::HTTP::Post.new(uri.path)
+      else
+        req = Net::HTTP::Post.new(uri.path)
+        req.body = JSON.generate(params)
+        req["Content-Type"] = "application/json; charset=utf-8"
+      end
+      req["Authorization"] = "Bearer #{token}"
+
+      resp = http.request(req)
+      JSON.parse(resp.body)
+    rescue => e
+      { "ok" => false, "error" => e.message }
+    end
+
+    def post_message(channel:, thread_ts:, text:)
+      slack_api("chat.postMessage", channel: channel, thread_ts: thread_ts, text: text)
+    end
+
+    # --- Event handling ---
+
+    def handle_event(msg)
+      event = msg.dig(:payload, :event)
+      return unless event
+      return unless event[:type] == "message"
+
+      # Ignore bot messages, subtypes (edits/deletes), own messages
+      return if event[:bot_id]
+      return if event[:user] == @bot_user_id
+      return if event[:subtype]
+
+      text = event[:text]
+      return unless text && !text.strip.empty?
+
+      channel_id = event[:channel]
+      return unless watched_channel?(channel_id)
+
+      thread_ts = event[:thread_ts] || event[:ts]
+      user_id = event[:user]
+      user_name = resolve_user_name(user_id)
+
+      allowed_list = Array(ConsoleAgent.configuration.slack_allowed_usernames).map(&:to_s).map(&:downcase)
+      unless allowed_list.include?('all') || allowed_list.include?(user_name.to_s.downcase)
+        puts "[#{channel_id}/#{thread_ts}] @#{user_name} << (ignored — not in allowed usernames)"
+        post_message(channel: channel_id, thread_ts: thread_ts, text: "Sorry, I don't recognize your username (@#{user_name}). Ask an admin to add you to the allowed usernames list.")
+        return
+      end
+
+      puts "[#{channel_id}/#{thread_ts}] @#{user_name} << #{text.strip}"
+
+      session = @mutex.synchronize { @sessions[thread_ts] }
+
+      command = text.strip.downcase
+      if command == 'cancel' || command == 'stop'
+        cancel_session(session, channel_id, thread_ts)
+        return
+      end
+
+      if command == 'clear'
+        count = count_bot_messages(channel_id, thread_ts)
+        if count == 0
+          post_message(channel: channel_id, thread_ts: thread_ts, text: "No bot messages to clear.")
+        else
+          post_message(channel: channel_id, thread_ts: thread_ts,
+            text: "This will permanently delete #{count} bot message#{'s' unless count == 1} from this thread. Type `clear!` to confirm.")
+        end
+        return
+      end
+
+      if command == 'clear!'
+        cancel_session(session, channel_id, thread_ts) if session
+        clear_bot_messages(channel_id, thread_ts)
+        return
+      end
+
+      if session
+        handle_thread_reply(session, text.strip)
+      else
+        # New thread, or existing thread after bot restart — start a fresh session
+        start_session(channel_id, thread_ts, text.strip, user_name)
+      end
+    rescue => e
+      ConsoleAgent.logger.error("SlackBot event handling error: #{e.class}: #{e.message}")
+    end
+
+    def start_session(channel_id, thread_ts, text, user_name)
+      channel = Channel::Slack.new(
+        slack_bot: self,
+        channel_id: channel_id,
+        thread_ts: thread_ts,
+        user_name: user_name
+      )
+
+      sandbox_binding = Object.new.instance_eval { binding }
+      engine = ConversationEngine.new(
+        binding_context: sandbox_binding,
+        channel: channel,
+        slack_thread_ts: thread_ts
+      )
+
+      # Try to restore conversation history from a previous session (e.g. after bot restart)
+      restored = restore_from_db(engine, thread_ts)
+
+      session = { channel: channel, engine: engine, thread: nil }
+      @mutex.synchronize { @sessions[thread_ts] = session }
+
+      session[:thread] = Thread.new do
+        Thread.current.report_on_exception = false
+        begin
+          channel.display_dim("_session: #{channel_id}/#{thread_ts}_")
+          if restored
+            puts "Restored session for thread #{thread_ts} (#{engine.history.length} messages)"
+            channel.display_dim("_(session restored — continuing from previous conversation)_")
+          end
+          engine.process_message(text)
+        rescue => e
+          channel.display_error("Error: #{e.class}: #{e.message}")
+          ConsoleAgent.logger.error("SlackBot session error: #{e.class}: #{e.message}\n#{e.backtrace.first(5).join("\n")}")
+        ensure
+          ActiveRecord::Base.clear_active_connections! if defined?(ActiveRecord::Base)
+        end
+      end
+    end
+
+    def restore_from_db(engine, thread_ts)
+      require 'console_agent/session_logger'
+      saved = SessionLogger.find_by_slack_thread(thread_ts)
+      return false unless saved
+
+      engine.init_interactive
+      engine.restore_session(saved)
+      true
+    rescue => e
+      ConsoleAgent.logger.warn("SlackBot: failed to restore session for #{thread_ts}: #{e.message}")
+      false
+    end
+
+    def handle_thread_reply(session, text)
+      channel = session[:channel]
+      engine = session[:engine]
+
+      # If the engine is blocked waiting for user input (ask_user), push to queue
+      if waiting_for_reply?(channel)
+        channel.receive_reply(text)
+        return
+      end
+
+      # Otherwise treat as a new message in the conversation
+      session[:thread] = Thread.new do
+        Thread.current.report_on_exception = false
+        begin
+          engine.process_message(text)
+        rescue => e
+          channel.display_error("Error: #{e.class}: #{e.message}")
+          ConsoleAgent.logger.error("SlackBot session error: #{e.class}: #{e.message}\n#{e.backtrace.first(5).join("\n")}")
+        ensure
+          ActiveRecord::Base.clear_active_connections! if defined?(ActiveRecord::Base)
+        end
+      end
+    end
+
+    def cancel_session(session, channel_id, thread_ts)
+      if session
+        session[:channel].cancel!
+        session[:channel].display("Stopped.")
+        puts "[#{channel_id}/#{thread_ts}] cancel requested"
+      else
+        post_message(channel: channel_id, thread_ts: thread_ts, text: "No active session to stop.")
+        puts "[#{channel_id}/#{thread_ts}] cancel: no session"
+      end
+      @mutex.synchronize { @sessions.delete(thread_ts) }
+    end
+
+    def count_bot_messages(channel_id, thread_ts)
+      result = slack_get("conversations.replies", channel: channel_id, ts: thread_ts, limit: 200)
+      return 0 unless result["ok"]
+      (result["messages"] || []).count { |m| m["user"] == @bot_user_id }
+    rescue
+      0
+    end
+
+    def clear_bot_messages(channel_id, thread_ts)
+      result = slack_get("conversations.replies", channel: channel_id, ts: thread_ts, limit: 200)
+      unless result["ok"]
+        puts "[#{channel_id}/#{thread_ts}] clear: failed to fetch replies: #{result["error"]}"
+        return
+      end
+
+      bot_messages = (result["messages"] || []).select { |m| m["user"] == @bot_user_id }
+      bot_messages.each do |m|
+        puts "[#{channel_id}/#{thread_ts}] clearing #{channel_id.length} / #{m["ts"]}"
+        slack_api("chat.delete", channel: channel_id, ts: m["ts"])
+      end
+      puts "[#{channel_id}/#{thread_ts}] cleared #{bot_messages.length} bot messages"
+    rescue => e
+      puts "[#{channel_id}/#{thread_ts}] clear failed: #{e.message}"
+    end
+
+    def slack_get(method, **params)
+      uri = URI("https://slack.com/api/#{method}")
+      uri.query = URI.encode_www_form(params)
+      http = Net::HTTP.new(uri.host, uri.port)
+      http.use_ssl = true
+      req = Net::HTTP::Get.new(uri)
+      req["Authorization"] = "Bearer #{@bot_token}"
+      resp = http.request(req)
+      JSON.parse(resp.body)
+    rescue => e
+      { "ok" => false, "error" => e.message }
+    end
+
+    def waiting_for_reply?(channel)
+      channel.instance_variable_get(:@reply_queue).num_waiting > 0
+    end
+
+    def watched_channel?(channel_id)
+      return true if @channel_ids.nil? || @channel_ids.empty?
+      @channel_ids.include?(channel_id)
+    end
+
+    def resolve_channel_ids
+      ids = ConsoleAgent.configuration.slack_channel_ids || ENV['CONSOLE_AGENT_SLACK_CHANNELS']
+      return nil if ids.nil?
+      ids = ids.split(',').map(&:strip) if ids.is_a?(String)
+      ids
+    end
+
+    def resolve_user_name(user_id)
+      return @user_cache[user_id] if @user_cache.key?(user_id)
+
+      # users.info requires form-encoded params, not JSON
+      uri = URI("https://slack.com/api/users.info")
+      uri.query = URI.encode_www_form(user: user_id)
+      http = Net::HTTP.new(uri.host, uri.port)
+      http.use_ssl = true
+      req = Net::HTTP::Get.new(uri)
+      req["Authorization"] = "Bearer #{@bot_token}"
+      resp = http.request(req)
+      result = JSON.parse(resp.body)
+
+      name = result.dig("user", "profile", "display_name")
+      name = result.dig("user", "real_name") if name.nil? || name.empty?
+      name = result.dig("user", "name") if name.nil? || name.empty?
+      @user_cache[user_id] = name || user_id
+    rescue => e
+      ConsoleAgent.logger.warn("Failed to resolve user name for #{user_id}: #{e.message}")
+      @user_cache[user_id] = user_id
+    end
+
+    def log_startup
+      channel_info = if @channel_ids && !@channel_ids.empty?
+                       "channels: #{@channel_ids.join(', ')}"
+                     else
+                       "all channels"
+                     end
+      puts "ConsoleAgent SlackBot started (#{channel_info}, bot: #{@bot_user_id})"
+
+      channel = Channel::Slack.new(slack_bot: self, channel_id: "boot", thread_ts: "boot")
+      engine = ConversationEngine.new(
+        binding_context: Object.new.instance_eval { binding },
+        channel: channel
+      )
+      puts "\nFull system prompt for Slack sessions:"
+      puts "-" * 60
+      puts engine.context
+      puts "-" * 60
+      puts
+    end
+  end
+end

data/lib/console_agent/tools/registry.rb

@@ -8,9 +8,10 @@ module ConsoleAgent
       # Tools that should never be cached (side effects or user interaction)
       NO_CACHE = %w[ask_user save_memory delete_memory execute_plan].freeze
 
-      def initialize(executor: nil, mode: :default)
+      def initialize(executor: nil, mode: :default, channel: nil)
         @executor = executor
         @mode = mode
+        @channel = channel
         @definitions = []
         @handlers = {}
         @cache = {}
@@ -302,8 +303,12 @@ module ConsoleAgent
         # Ask for plan approval (unless auto-execute)
         skip_confirmations = auto
         unless auto
-          $stdout.print "\e[33m  Accept plan? [y/N/a(uto)] \e[0m"
-          answer = $stdin.gets.to_s.strip.downcase
+          if @channel
+            answer = @channel.confirm("  Accept plan? [y/N/a(uto)] ")
+          else
+            $stdout.print "\e[33m  Accept plan? [y/N/a(uto)] \e[0m"
+            answer = $stdin.gets.to_s.strip.downcase
+          end
           case answer
           when 'a', 'auto'
             skip_confirmations = true
@@ -326,8 +331,12 @@ module ConsoleAgent
 
           # Per-step confirmation (unless auto-execute or plan-level auto)
           unless skip_confirmations
-            $stdout.print "\e[33m  Run? [y/N/edit] \e[0m"
-            step_answer = $stdin.gets.to_s.strip.downcase
+            if @channel
+              step_answer = @channel.confirm("  Run? [y/N/edit] ")
+            else
+              $stdout.print "\e[33m  Run? [y/N/edit] \e[0m"
+              step_answer = $stdin.gets.to_s.strip.downcase
+            end
 
             case step_answer
             when 'e', 'edit'
@@ -335,8 +344,12 @@ module ConsoleAgent
               if edited && edited != step['code']
                 $stdout.puts "\e[33m  # Edited code:\e[0m"
                 $stdout.puts highlight_plan_code(edited)
-                $stdout.print "\e[33m  Run edited code? [y/N] \e[0m"
-                confirm = $stdin.gets.to_s.strip.downcase
+                if @channel
+                  confirm = @channel.confirm("  Run edited code? [y/N] ")
+                else
+                  $stdout.print "\e[33m  Run edited code? [y/N] \e[0m"
+                  confirm = $stdin.gets.to_s.strip.downcase
+                end
                 unless confirm == 'y' || confirm == 'yes'
                   feedback = ask_feedback("What would you like changed?")
                   results << "Step #{i + 1}: User declined after edit. Feedback: #{feedback}"
@@ -354,6 +367,17 @@ module ConsoleAgent
           end
 
           exec_result = @executor.execute(step['code'])
+
+          # On safety error, offer to re-run with guards disabled (console only)
+          if @executor.last_safety_error
+            if @channel && !@channel.supports_danger?
+              results << "Step #{i + 1} (#{step['description']}):\nBLOCKED by safety guard: #{@executor.last_error}. Write operations are not permitted in this channel."
+              break
+            else
+              exec_result = @executor.offer_danger_retry(step['code'])
+            end
+          end
+
           # Make result available as step1, step2, etc. for subsequent steps
           @executor.binding_context.local_variable_set(:"step#{i + 1}", exec_result)
           output = @executor.last_output
@@ -407,18 +431,26 @@ module ConsoleAgent
       end
 
       def ask_feedback(prompt)
-        $stdout.print "\e[36m  #{prompt} > \e[0m"
-        feedback = $stdin.gets
-        return '(no feedback provided)' if feedback.nil?
-        feedback.strip.empty? ? '(no feedback provided)' : feedback.strip
+        if @channel
+          @channel.prompt("  #{prompt} > ")
+        else
+          $stdout.print "\e[36m  #{prompt} > \e[0m"
+          feedback = $stdin.gets
+          return '(no feedback provided)' if feedback.nil?
+          feedback.strip.empty? ? '(no feedback provided)' : feedback.strip
+        end
       end
 
       def ask_user(question)
-        $stdout.puts "\e[36m  ? #{question}\e[0m"
-        $stdout.print "\e[36m  > \e[0m"
-        answer = $stdin.gets
-        return '(no answer provided)' if answer.nil?
-        answer.strip.empty? ? '(no answer provided)' : answer.strip
+        if @channel
+          @channel.prompt("  ? #{question}\n  > ")
+        else
+          $stdout.puts "\e[36m  ? #{question}\e[0m"
+          $stdout.print "\e[36m  > \e[0m"
+          answer = $stdin.gets
+          return '(no answer provided)' if answer.nil?
+          answer.strip.empty? ? '(no answer provided)' : answer.strip
+        end
       end
 
       def register(name:, description:, parameters:, handler:)

data/lib/console_agent/version.rb

@@ -1,3 +1,3 @@
 module ConsoleAgent
-  VERSION = '0.10.0'.freeze
+  VERSION = '0.12.0'.freeze
 end

data/lib/console_agent.rb

@@ -58,8 +58,8 @@ module ConsoleAgent
     def status
       c = configuration
       key = c.resolved_api_key
-      masked_key = if key.nil? || key.empty?
-                     "\e[31m(not set)\e[0m"
+      masked_key = if key.nil? || key.empty? || key == 'no-key'
+                     c.provider == :local ? "\e[32m(not required)\e[0m" : "\e[31m(not set)\e[0m"
                    else
                      key[0..6] + '...' + key[-4..-1]
                    end
@@ -69,11 +69,19 @@ module ConsoleAgent
       lines << "  Provider:       #{c.provider}"
       lines << "  Model:          #{c.resolved_model}"
       lines << "  API key:        #{masked_key}"
-      lines << "  Max tokens:     #{c.max_tokens}"
+      lines << "  Local URL:      #{c.local_url}" if c.provider == :local
+      lines << "  Max tokens:     #{c.max_tokens || '(auto)'}"
       lines << "  Temperature:    #{c.temperature}"
       lines << "  Timeout:        #{c.timeout}s"
       lines << "  Max tool rounds:#{c.max_tool_rounds}"
       lines << "  Auto-execute:   #{c.auto_execute}"
+      guards = c.safety_guards
+      if guards.empty?
+        lines << "  Safe mode:      \e[33m(no guards configured)\e[0m"
+      else
+        status = guards.enabled? ? "\e[32mON\e[0m" : "\e[31mOFF\e[0m"
+        lines << "  Safe mode:      #{status} (#{guards.names.join(', ')})"
+      end
       lines << "  Memories:       #{c.memories_enabled}"
       lines << "  Session logging:#{session_table_status}"
       lines << "  Debug:          #{c.debug}"
@@ -134,6 +142,12 @@ module ConsoleAgent
         migrations << 'name'
       end
 
+      unless conn.column_exists?(table, :slack_thread_ts)
+        conn.add_column(table, :slack_thread_ts, :string, limit: 255)
+        conn.add_index(table, :slack_thread_ts) unless conn.index_exists?(table, :slack_thread_ts)
+        migrations << 'slack_thread_ts'
+      end
+
       if migrations.empty?
         $stdout.puts "\e[32mConsoleAgent: #{table} is up to date.\e[0m"
       else

data/lib/generators/console_agent/templates/initializer.rb

@@ -1,5 +1,5 @@
 ConsoleAgent.configure do |config|
-  # LLM provider: :anthropic or :openai
+  # LLM provider: :anthropic, :openai, or :local
   config.provider = :anthropic
 
   # API key (or set ANTHROPIC_API_KEY / OPENAI_API_KEY env var)
@@ -23,6 +23,16 @@ ConsoleAgent.configure do |config|
   # HTTP timeout in seconds
   config.timeout = 30
 
+  # Local model provider (Ollama, vLLM, or any OpenAI-compatible server):
+  # config.provider = :local
+  # config.local_url = 'http://localhost:11434'
+  # config.local_model = 'qwen2.5:7b'
+  # config.local_api_key = nil
+
+  # Slack: which users the bot responds to (required for Slack mode)
+  # config.slack_allowed_usernames = ['alice', 'bob']  # specific users
+  # config.slack_allowed_usernames = 'ALL'              # everyone
+
   # Debug mode: prints full API requests/responses and tool calls to stderr
   # config.debug = true
 
@@ -38,4 +48,27 @@ ConsoleAgent.configure do |config|
   # When nil, all requests are denied. Set credentials or use config.authenticate.
   # config.admin_username = 'admin'
   # config.admin_password = 'changeme'
+
+  # Safety guards: prevent side effects (DB writes, HTTP calls, etc.) during code execution.
+  # When enabled, code runs in safe mode by default. Users can toggle with /danger in the REPL.
+  #
+  # Built-in guard for database writes (works on Rails 5+, all adapters):
+  # config.use_builtin_safety_guard :database_writes
+  #
+  # Built-in guard for HTTP mutations — blocks POST/PUT/PATCH/DELETE via Net::HTTP.
+  # Covers most Ruby HTTP libraries (HTTParty, RestClient, Faraday) since they use Net::HTTP:
+  # config.use_builtin_safety_guard :http_mutations
+  #
+  # Allowlist specific hosts or tables so they pass through without blocking:
+  # config.use_builtin_safety_guard :http_mutations,
+  #   allow: [/s3\.amazonaws\.com/, /googleapis\.com/]
+  # config.use_builtin_safety_guard :database_writes,
+  #   allow: ['console_agent_sessions']
+  #
+  # Built-in guard for mailers — disables ActionMailer delivery:
+  # config.use_builtin_safety_guard :mailers
+  #
+  # config.safety_guard :jobs do |&execute|
+  #   Sidekiq::Testing.fake! { execute.call }
+  # end
 end

data/lib/tasks/console_agent.rake

@@ -0,0 +1,7 @@
+namespace :console_agent do
+  desc "Start the ConsoleAgent Slack bot (Socket Mode)"
+  task slack: :environment do
+    require 'console_agent/slack_bot'
+    ConsoleAgent::SlackBot.new.start
+  end
+end