@adaptic/maestro 1.1.7 → 1.4.1

package/scripts/daemon/classifier.mjs

@@ -5,28 +5,99 @@
  * action type, and which Claude model should handle them.
  *
  * Classification chain:
- *   1. Anthropic Claude Haiku (primary)
+ *   1. Claude Haiku via `claude --print` CLI (Max subscription, no API quota)
  *   2. OpenAI gpt-4o-mini (fallback)
  *   3. Rule-based heuristics (final fallback)
+ *
+ * Tier 1 was migrated off `@anthropic-ai/sdk` per CEO directive
+ * (Slack DM D099N1JGKRQ, 2026-04-27 09:38Z + 11:33Z): all agent
+ * daemon paths must funnel through Claude Code CLI sessions, not
+ * the Anthropic API. The Tier 2 OpenAI fallback is retained as a
+ * safety net for when the CLI is unavailable; Tier 3 rule-based
+ * remains the final fallback.
  */
 
-import Anthropic from "@anthropic-ai/sdk";
 import OpenAI from "openai";
 import dotenv from "dotenv";
+import { spawn } from "child_process";
 import { fileURLToPath } from "url";
 import { dirname, resolve } from "path";
+import { readFileSync } from "fs";
 
 // Load .env from project root
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = dirname(__filename);
 dotenv.config({ path: resolve(__dirname, "../../.env") });
 
+// ── Agent identity + peer agents ──────────────────────────────────────────
+// Loaded from config/known-agents.json and AGENT_DIR to determine which
+// agent is "me" and which are peers. Prevents cross-agent message
+// interception in shared channels (ib-20260418-cross-agent-routing).
+
+const AGENT_DIR = process.env.AGENT_DIR || process.env.AGENT_ROOT || resolve(__dirname, "../..");
+
+let _agentIdentity = null;   // { name, slackId, role }
+let _peerAgents = [];         // [{ name, slackId, role }] — all agents EXCEPT me
+
+function loadAgentRegistry() {
+  if (_agentIdentity) return; // already loaded
+
+  // 1. Load known-agents.json (try agent repo first, then maestro scaffold)
+  let agents = [];
+  for (const base of [AGENT_DIR, resolve(process.env.HOME || "", "maestro")]) {
+    try {
+      const raw = readFileSync(resolve(base, "config/known-agents.json"), "utf-8");
+      agents = JSON.parse(raw).agents || [];
+      if (agents.length > 0) break;
+    } catch { /* try next */ }
+  }
+
+  // 2. Determine which agent is "me" — match by AGENT_DIR basename
+  const repoSlug = AGENT_DIR.split("/").pop(); // e.g. "sophie-ai"
+  const me = agents.find(a => a.repo === repoSlug);
+
+  if (me) {
+    _agentIdentity = me;
+    _peerAgents = agents.filter(a => a.slackId !== me.slackId);
+  } else {
+    // Fallback: try to extract from agent.ts or CLAUDE.md
+    try {
+      const agentTs = readFileSync(resolve(AGENT_DIR, "config/agent.ts"), "utf-8");
+      const nameMatch = agentTs.match(/firstName:\s*['"](\w+)['"]/);
+      const slackMatch = agentTs.match(/slackMemberId:\s*['"]([^'"]+)['"]/);
+      _agentIdentity = {
+        name: nameMatch ? nameMatch[1] : "Unknown",
+        slackId: slackMatch ? slackMatch[1] : "",
+        role: "agent",
+      };
+      _peerAgents = agents.filter(a => a.slackId !== (_agentIdentity.slackId || "NONE"));
+    } catch {
+      _agentIdentity = { name: "Sophie", slackId: "", role: "agent" };
+      _peerAgents = agents;
+    }
+  }
+
+  console.log(`[classifier] Agent identity: ${_agentIdentity.name} (${_agentIdentity.slackId || "no slack ID"}), ${_peerAgents.length} peer agents`);
+}
+
 const ANTHROPIC_MODEL = "claude-haiku-4-5-20251001";
 const OPENAI_MODEL = "gpt-4o-mini";
+const CLAUDE_BIN = process.env.CLAUDE_BIN || "/Users/sophie/.local/bin/claude";
+const CLAUDE_CLI_TIMEOUT_MS = 30_000;
 
 // ── System prompt shared by both LLM classifiers ────────────────────────────
 
-const SYSTEM_PROMPT = `You are a message classifier for Sophie Nguyen, Chief of Staff (AI-operated) at Adaptic.ai. Sophie is the autonomous executive command layer for CEO Mehran Granfar.
+function buildSystemPrompt() {
+  loadAgentRegistry();
+  const agentName = _agentIdentity.name;
+  const agentRole = _agentIdentity.role || "agent";
+
+  // Build peer agents context for the LLM so it knows who the other agents are
+  const peerContext = _peerAgents.length > 0
+    ? `\nKNOWN PEER AGENTS (other AI agents in the organisation — if a message @-mentions one of these by name or Slack ID, it is NOT directed at ${agentName}):\n${_peerAgents.map(a => `- ${a.name} (${a.role}, Slack: <@${a.slackId}>)`).join("\n")}\n`
+    : "";
+
+  return `You are a message classifier for ${agentName}, ${agentRole} (AI-operated) at Adaptic.ai. ${agentName} is the autonomous executive command layer for CEO Mehran Granfar.
 
 Your job: classify each incoming message and return a JSON object with exactly these fields:
 
@@ -38,7 +109,7 @@ Your job: classify each incoming message and return a JSON object with exactly t
   "category": "action_required" | "fyi" | "ignore",
   "directed_at_sophie": true | false
 }
-
+${peerContext}
 Classification rules:
 
 PRIORITY:
@@ -64,21 +135,22 @@ CATEGORY:
 - "fyi": Informational, no action needed
 - "ignore": No value
 
-DIRECTED_AT_SOPHIE (CRITICAL — determines whether Sophie should respond. Default to false in channels/group chats.):
-- true: The message is a DM to Sophie (1:1)
-- true: The message explicitly mentions Sophie by name or @mention
+DIRECTED_AT_SOPHIE (CRITICAL — determines whether ${agentName} should respond. Default to false in channels/group chats.):
+- true: The message is a DM to ${agentName} (1:1)
+- true: The message explicitly mentions ${agentName} by name or @mention
 - true: The message is from the CEO in a DM (1:1 conversation)
-- true: The message explicitly asks Sophie to do something she's responsible for (scheduling, follow-ups, coordination, research) AND addresses her specifically by name or @mention
-- true: In a thread where Sophie previously replied, the message is a DIRECT reply to what Sophie said (e.g., answering her question, responding to her update) — not just any message in the same thread
-- false: CEO messages in channels/group chats that don't mention Sophie — the CEO talks to many people, not just Sophie
+- true: The message explicitly asks ${agentName} to do something they're responsible for AND addresses them specifically by name or @mention
+- true: In a thread where ${agentName} previously replied, the message is a DIRECT reply to what ${agentName} said (e.g., answering their question, responding to their update) — not just any message in the same thread
+- **FALSE — CROSS-AGENT RULE**: If the message explicitly @-mentions or names a DIFFERENT known AI agent (see KNOWN PEER AGENTS above), it is NOT directed at ${agentName} — even if the topic is relevant to ${agentName}'s role. The sender chose a specific agent; respect that routing.
+- false: CEO messages in channels/group chats that don't mention ${agentName} — the CEO talks to many people, not just ${agentName}
 - false: The message is general channel chatter between other team members
-- false: The message is a conversation between two people that doesn't involve Sophie, even if Sophie previously participated in the same thread
-- false: The message is a status update, FYI, or announcement not requiring Sophie's response
-- false: The message is someone responding to another person (not Sophie) in a thread
-- false: Short reactions like "thanks", "nice", "got it", "+1", emoji-only messages — even in threads Sophie is in
+- false: The message is a conversation between two people that doesn't involve ${agentName}, even if ${agentName} previously participated in the same thread
+- false: The message is a status update, FYI, or announcement not requiring ${agentName}'s response
+- false: The message is someone responding to another person (not ${agentName}) in a thread
+- false: Short reactions like "thanks", "nice", "got it", "+1", emoji-only messages — even in threads ${agentName} is in
 - false: Someone sharing a link, article, or resource with the channel generally
-- false: Sophie being in a thread does NOT mean every subsequent message is for her — only direct replies to her messages count
-- CRITICAL DEFAULT: When in doubt in any multi-person channel, group chat, or thread, ALWAYS default to false. Sophie must NOT insert herself into conversations she wasn't invited to. It is far worse to respond unnecessarily than to miss a message — someone will @mention Sophie if they need her.
+- false: ${agentName} being in a thread does NOT mean every subsequent message is for them — only direct replies to their messages count
+- CRITICAL DEFAULT: When in doubt in any multi-person channel, group chat, or thread, ALWAYS default to false. ${agentName} must NOT insert themselves into conversations they weren't invited to. It is far worse to respond unnecessarily than to miss a message — someone will @mention ${agentName} if they need them.
 
 Context:
 - sender_privilege "ceo" = Mehran Granfar (always critical, always opus)
@@ -106,8 +178,11 @@ Output: {"priority":"normal","action":"archive","model":"sonnet","summary":"Team
 Input: External email: "Following up on our conversation about the Singapore entity"
 Output: {"priority":"normal","action":"respond","model":"sonnet","summary":"External follow-up on Singapore entity discussion","category":"action_required","directed_at_sophie":true}
 
-Input: Channel message from Jacob: "@Sophie can you check the engine deployment?"
-Output: {"priority":"normal","action":"respond","model":"sonnet","summary":"Jacob asking Sophie to check engine deployment","category":"action_required","directed_at_sophie":true}
+Input: Channel message from Jacob: "@${agentName} can you check the engine deployment?"
+Output: {"priority":"normal","action":"respond","model":"sonnet","summary":"Jacob asking ${agentName} to check engine deployment","category":"action_required","directed_at_sophie":true}
+
+Input: Channel message from CEO: "@AnotherAgent can you review the agentic libraries in this channel?"
+Output: {"priority":"normal","action":"archive","model":"sonnet","summary":"CEO asking another agent to review agentic libraries — not directed at ${agentName}","category":"fyi","directed_at_sophie":false}
 
 Input: Channel message from Hootan to Nima: "Nima, did you file the DIFC response yet?"
 Output: {"priority":"normal","action":"archive","model":"sonnet","summary":"Hootan asking Nima about DIFC response filing","category":"fyi","directed_at_sophie":false}
@@ -115,11 +190,11 @@ Output: {"priority":"normal","action":"archive","model":"sonnet","summary":"Hoot
 Input: Channel thread — Jacob: "pushed the fix" / Hootan: "nice, looks good"
 Output: {"priority":"normal","action":"archive","model":"sonnet","summary":"Team exchange about code fix","category":"fyi","directed_at_sophie":false}
 
-Input: Thread where Sophie previously replied — Jacob: "yeah that makes sense, I'll handle it" (responding to Hootan, not Sophie)
+Input: Thread where ${agentName} previously replied — Jacob: "yeah that makes sense, I'll handle it" (responding to Hootan, not ${agentName})
 Output: {"priority":"normal","action":"archive","model":"sonnet","summary":"Jacob acknowledging Hootan in thread","category":"fyi","directed_at_sophie":false}
 
-Input: Thread where Sophie previously replied — Hootan: "Sophie, can you send the updated doc?"
-Output: {"priority":"high","action":"respond","model":"sonnet","summary":"Hootan asking Sophie for updated document","category":"action_required","directed_at_sophie":true}
+Input: Thread where ${agentName} previously replied — Hootan: "${agentName}, can you send the updated doc?"
+Output: {"priority":"high","action":"respond","model":"sonnet","summary":"Hootan asking ${agentName} for updated document","category":"action_required","directed_at_sophie":true}
 
 Input: Channel message: "FYI — the Cayman entity docs are signed and filed"
 Output: {"priority":"normal","action":"archive","model":"sonnet","summary":"FYI: Cayman entity docs signed and filed","category":"fyi","directed_at_sophie":false}
@@ -128,6 +203,7 @@ Input: Group chat — Nima: "Hootan, can we sync on the DFSA gaps tomorrow?"
 Output: {"priority":"normal","action":"archive","model":"sonnet","summary":"Nima asking Hootan to sync on DFSA gaps","category":"fyi","directed_at_sophie":false}
 
 Return ONLY the JSON object. No explanation, no markdown fencing, no extra text.`;
+}
 
 // ── Format the inbox item into a human-readable prompt ──────────────────────
 
@@ -158,7 +234,20 @@ function formatItemPrompt(item) {
 function parseClassification(text) {
   // Strip markdown code fences if present
   const cleaned = text.replace(/^```(?:json)?\s*/m, "").replace(/\s*```$/m, "").trim();
-  const parsed = JSON.parse(cleaned);
+  let parsed;
+  try {
+    parsed = JSON.parse(cleaned);
+  } catch (_) {
+    // CLI output may include prose around the JSON. Try regex-extract the
+    // first top-level {...} block. (Greedy match up to the last closing
+    // brace works for our flat schema; nested objects would need a real
+    // parser, but our classification objects are flat.)
+    const match = cleaned.match(/\{[\s\S]*\}/);
+    if (!match) {
+      throw new Error(`classifier: no JSON object found in output: ${cleaned.slice(0, 200)}`);
+    }
+    parsed = JSON.parse(match[0]);
+  }
 
   // Validate and coerce fields
   const validPriorities = ["critical", "high", "normal", "ignore"];
@@ -176,31 +265,109 @@ function parseClassification(text) {
   };
 }
 
-// ── Primary: Anthropic Claude Haiku ─────────────────────────────────────────
+// ── Primary: Claude Haiku via `claude --print` CLI ──────────────────────────
+//
+// We invoke the `claude` binary (Max subscription, Claude Code CLI) rather
+// than the Anthropic API SDK, per CEO directive (Slack DM D099N1JGKRQ,
+// 2026-04-27 09:38Z + 11:33Z): the daemon must NOT consume Anthropic API
+// quota; all model calls must funnel through `claude --print` sessions.
+//
+// Implementation notes:
+//   • child_process.spawn (not exec) — avoids shell-escape injection on
+//     potentially-hostile user message content.
+//   • System prompt rides on --append-system-prompt; the user prompt is
+//     written to stdin and the pipe is closed.
+//   • Output is parsed via parseClassification() which already handles
+//     ```json``` fences and bare JSON.
+//   • Any failure (non-zero exit, timeout, unparseable output) throws so
+//     the OpenAI Tier 2 fallback engages exactly as before.
+
+async function runClaudeCLI(systemPrompt, userPrompt) {
+  return new Promise((resolvePromise, rejectPromise) => {
+    const args = [
+      "--print",
+      "--dangerously-skip-permissions",
+      "--model", ANTHROPIC_MODEL,
+      "--append-system-prompt", systemPrompt,
+    ];
+
+    const proc = spawn(CLAUDE_BIN, args, {
+      stdio: ["pipe", "pipe", "pipe"],
+      // Force claude CLI onto keychain OAuth (Max subscription); strip any
+      // stale ANTHROPIC_API_KEY/AUTH_TOKEN inherited from the daemon env.
+      env: { ...process.env, ANTHROPIC_API_KEY: "", ANTHROPIC_AUTH_TOKEN: "" },
+    });
+
+    let stdout = "";
+    let stderr = "";
+    let settled = false;
+
+    const timer = setTimeout(() => {
+      if (settled) return;
+      settled = true;
+      try { proc.kill("SIGTERM"); } catch (_) { /* noop */ }
+      setTimeout(() => { try { if (!proc.killed) proc.kill("SIGKILL"); } catch (_) { /* noop */ } }, 2000);
+      rejectPromise(new Error(`claude CLI timed out after ${CLAUDE_CLI_TIMEOUT_MS}ms`));
+    }, CLAUDE_CLI_TIMEOUT_MS);
+
+    proc.stdout.on("data", (chunk) => { stdout += chunk.toString(); });
+    proc.stderr.on("data", (chunk) => { stderr += chunk.toString(); });
+
+    proc.on("error", (err) => {
+      if (settled) return;
+      settled = true;
+      clearTimeout(timer);
+      rejectPromise(new Error(`claude CLI spawn error: ${err.message}`));
+    });
+
+    proc.on("close", (code) => {
+      if (settled) return;
+      settled = true;
+      clearTimeout(timer);
+      if (code !== 0) {
+        const tail = (stderr || "").trim().slice(-500);
+        rejectPromise(new Error(`claude CLI exited ${code}: ${tail || "no stderr"}`));
+        return;
+      }
+      resolvePromise(stdout);
+    });
+
+    // Write the user prompt to stdin and close.
+    try {
+      proc.stdin.end(userPrompt, "utf8");
+    } catch (err) {
+      if (settled) return;
+      settled = true;
+      clearTimeout(timer);
+      rejectPromise(new Error(`claude CLI stdin write error: ${err.message}`));
+    }
+  });
+}
 
 async function classifyWithAnthropic(item) {
-  const client = new Anthropic();
-  const response = await client.messages.create({
-    model: ANTHROPIC_MODEL,
-    max_tokens: 256,
-    system: SYSTEM_PROMPT,
-    messages: [
-      { role: "user", content: formatItemPrompt(item) },
-    ],
-  });
-  const text = response.content[0].text;
-  return parseClassification(text);
+  const systemPrompt = buildSystemPrompt();
+  const userPrompt =
+    `${formatItemPrompt(item)}\n\n` +
+    `Respond ONLY with the JSON object specified in the system prompt. ` +
+    `No markdown fences, no commentary, no preamble — JSON only.`;
+
+  const stdout = await runClaudeCLI(systemPrompt, userPrompt);
+  if (!stdout || !stdout.trim()) {
+    throw new Error("claude CLI returned empty stdout");
+  }
+  return parseClassification(stdout);
 }
 
 // ── Fallback 1: OpenAI gpt-4o-mini ─────────────────────────────────────────
 
 async function classifyWithOpenAI(item) {
+  const systemPrompt = buildSystemPrompt();
   const client = new OpenAI();
   const response = await client.chat.completions.create({
     model: OPENAI_MODEL,
     max_tokens: 256,
     messages: [
-      { role: "system", content: SYSTEM_PROMPT },
+      { role: "system", content: systemPrompt },
       { role: "user", content: formatItemPrompt(item) },
     ],
   });
@@ -211,42 +378,89 @@ async function classifyWithOpenAI(item) {
 // ── Fallback 2: Rule-based classification ───────────────────────────────────
 
 /**
- * Rule-based check for whether a message is directed at Sophie.
+ * Check if the message explicitly @-mentions a DIFFERENT known AI agent.
+ * If it does AND does NOT also mention the current agent, the message
+ * should be skipped — the sender chose a specific agent.
+ *
+ * Added in ib-20260418-cross-agent-routing to fix the recurring issue
+ * where Lucas's agent intercepted messages tagged for Sophie in #dev-tooling.
+ */
+function mentionsOtherAgent(item) {
+  loadAgentRegistry();
+  if (_peerAgents.length === 0) return false;
+
+  const content = (item.content || "").toLowerCase();
+  const myName = (_agentIdentity.name || "").toLowerCase();
+  const mySlackId = (_agentIdentity.slackId || "").toLowerCase();
+
+  // Check if the message mentions the CURRENT agent (by name or Slack ID)
+  const mentionsMe = (myName && content.includes(myName))
+    || (mySlackId && content.includes(mySlackId.toLowerCase()));
+
+  // Check if the message mentions any PEER agent
+  const mentionedPeer = _peerAgents.find(peer => {
+    const peerName = (peer.name || "").toLowerCase();
+    const peerSlackId = (peer.slackId || "").toLowerCase();
+    return (peerName && content.includes(peerName))
+      || (peerSlackId && content.includes(peerSlackId.toLowerCase()));
+  });
+
+  // If a peer is mentioned but I am NOT mentioned, this is directed at them
+  if (mentionedPeer && !mentionsMe) {
+    return true;
+  }
+
+  return false;
+}
+
+/**
+ * Rule-based check for whether a message is directed at the current agent.
  * Used by both the rule-based classifier fallback and as a pre-check
  * that can override the LLM's assessment in clear-cut cases.
+ *
+ * Backward-compatible export name: isDirectedAtSophie (used by sophie-daemon.mjs).
  */
 function isDirectedAtSophie(item) {
-  // DMs are always directed at Sophie
+  loadAgentRegistry();
+
+  // ── Cross-agent gate (ib-20260418-cross-agent-routing) ──────────────────
+  // If the message explicitly @-mentions a different known agent and does
+  // NOT mention the current agent, skip it — the sender chose someone else.
+  if (mentionsOtherAgent(item)) return false;
+
+  // DMs are always directed at the current agent
   if (item.is_dm) return true;
   if ((item.channel || "").startsWith("dm/")) return true;
 
-  // CEO DMs are always directed at Sophie, but in channels/group chats
-  // the CEO may be talking to other people — don't auto-insert Sophie.
-  // CEO channel messages only count as directed if they mention Sophie.
+  // CEO DMs are always directed at the current agent
   if (item.sender_privilege === "ceo" && item.is_dm) return true;
 
   // Explicit @mention or name mention in the message content
   const content = (item.content || "").toLowerCase();
-  if (content.includes("sophie") || content.includes("<@u09") || content.includes("<@u0a")) return true; // Sophie user ID prefixes
+  const myName = (_agentIdentity.name || "sophie").toLowerCase();
+  const mySlackId = (_agentIdentity.slackId || "").toLowerCase();
+
+  if (content.includes(myName)) return true;
+  if (mySlackId && content.includes(mySlackId.toLowerCase())) return true;
 
-  // Gmail/calendar messages are directed at Sophie (they're in her inbox)
+  // Gmail/calendar messages are directed at the current agent (they're in its inbox)
   if (item.service === "gmail" || item.service === "calendar") return true;
 
-  // Sophie being in a thread is NOT enough on its own — in group chats,
+  // Agent being in a thread is NOT enough on its own — in group chats,
   // other people may be talking to each other. Only treat it as directed
   // if the message also contains a question, request keyword, or is a
-  // direct follow-up to Sophie's last message in the thread.
-  if (item.sophie_in_thread || (item.thread_context && /^Sophie:/m.test(item.thread_context))) {
-    // Check if Sophie was the last speaker in the thread (sender is replying to her)
+  // direct follow-up to the agent's last message in the thread.
+  const agentNameRegex = new RegExp(`^${myName}:`, "im");
+  if (item.sophie_in_thread || (item.thread_context && agentNameRegex.test(item.thread_context))) {
+    // Check if the agent was the last speaker in the thread
     if (item.thread_context) {
       const lines = item.thread_context.trim().split("\n").filter(Boolean);
       const lastLine = lines[lines.length - 1] || "";
-      if (/^Sophie:/i.test(lastLine)) return true;
+      if (agentNameRegex.test(lastLine)) return true;
     }
-    // Check for question marks or request-like language directed at Sophie
+    // Check for question marks or request-like language
     if (/\?/.test(content)) return true;
     if (/(?:can you|could you|please|would you|do you|let me know|update|status|any update)/i.test(content)) return true;
-    // Otherwise, don't assume the message is for Sophie just because she's in the thread
   }
 
   return false;
@@ -323,7 +537,7 @@ function classifyWithRules(item) {
 }
 
 // Export for use in daemon's pre-classification gate
-export { isDirectedAtSophie };
+export { isDirectedAtSophie, mentionsOtherAgent, loadAgentRegistry };
 
 // ── Main export ─────────────────────────────────────────────────────────────
 

package/scripts/daemon/dispatcher.mjs

@@ -5,7 +5,8 @@
 import { spawn } from "child_process";
 import { appendFileSync, mkdirSync, writeFileSync, readFileSync, renameSync } from "fs";
 import { join } from "path";
-import { releaseLock, releaseThreadLock, releaseRequestClaim } from "./session-lock.mjs";
+import { releaseLock, releaseThreadLock, releaseRequestClaim, claimItem, releaseItemClaim } from "./session-lock.mjs";
+import { recordSession } from "./health.mjs";
 
 const SOPHIE_AI_DIR = join(new URL(".", import.meta.url).pathname, "../..");
 const CLAUDE_BIN = process.env.CLAUDE_BIN || "/Users/sophie/.local/bin/claude";
@@ -27,6 +28,12 @@ const priorityQueue = [];          // critical/high items
 const normalQueue = [];            // normal items
 let sessionCounter = 0;
 
+// Tracks sessions whose proc.on("error") handler has already fired.
+// Prevents double-counting + double-cleanup when a spawn failure (ENOENT,
+// EACCES, ETIMEDOUT) triggers both "error" and a trailing "close" event.
+// See ib-20260416-daemon-etimedout-failed-event + cycle 135 memo.
+const spawnErrorHandled = new Set();
+
 // Backlog dedup: track which items have active sessions to prevent retry storms
 const activeBacklogKeys = new Set();  // backlog item key -> true (while session is running)
 const backlogRetryCount = new Map();  // backlog item key -> number of times dispatched
@@ -196,6 +203,26 @@ export function dispatch(prompt, item, classResult, source = "inbox") {
     }
   }
 
+  // Item-claim acquisition: file-based claim visible across daemon restarts
+  // and concurrent launchd triggers. Complements the in-memory activeBacklogKeys.
+  // (ib-20260407-001b: concurrent session coordination)
+  if (source === "backlog" && item.id) {
+    const sessionId = `s-${Date.now()}-${sessionCounter + 1}`;
+    const claim = claimItem(item.id, {
+      session_id: sessionId,
+      agent_description: classResult.summary || item.title || "",
+      ttl_minutes: classResult.model === "opus" ? 120 : 30,
+      source: "backlog",
+      queue_file: item.source_file || "",
+      pid: process.pid, // daemon PID; child PID not yet known
+    });
+    if (!claim.claimed) {
+      console.log(`[dispatcher] Item claim denied for ${item.id}: ${claim.reason} (holder: ${claim.holder || "unknown"})`);
+      logSession({ event: "skipped", reason: `item_claim_denied: ${claim.reason}`, summary: classResult.summary, holder: claim.holder });
+      return;
+    }
+  }
+
   // Backlog items respect the reserved slot cap
   if (source === "backlog") {
     const backlogCount = countBySource("backlog");
@@ -250,9 +277,13 @@ function spawnSession(entry) {
     prompt,
   ];
 
+  // Strip Anthropic API credentials from spawn env so claude CLI falls through
+  // to the keychain OAuth (Max subscription) per CEO directive 2026-04-27.
+  // A stale ANTHROPIC_API_KEY in the daemon's inherited env will otherwise
+  // override the OAuth token and cause "Invalid API key" failures.
   const proc = spawn(CLAUDE_BIN, args, {
     cwd: SOPHIE_AI_DIR,
-    env: { ...process.env },
+    env: { ...process.env, ANTHROPIC_API_KEY: "", ANTHROPIC_AUTH_TOKEN: "" },
     stdio: ["ignore", "pipe", "pipe"],
   });
 
@@ -287,8 +318,17 @@ function spawnSession(entry) {
 
   proc.on("close", (code) => {
     clearTimeout(timer);
+    // If proc.on("error") already fired for this session (spawn failure path
+    // — ENOENT, EACCES, ETIMEDOUT), cleanup + metric + lock release already
+    // happened. Skip to avoid double-count and double-release.
+    if (spawnErrorHandled.has(sessionId)) {
+      spawnErrorHandled.delete(sessionId);
+      drainQueue();
+      return;
+    }
     activeSessions.delete(sessionId);
     removeActiveSession(sessionId);
+    recordSession(true, code === 0);
     const duration = ((Date.now() - startTime) / 1000).toFixed(1);
 
     // Release item lock — MUST use same key order as acquireLock in daemon
@@ -312,12 +352,15 @@ function spawnSession(entry) {
       });
     }
 
-    // Release backlog tracking
+    // Release backlog tracking + item claim
     if (source === "backlog") {
       const key = backlogKey(item);
       activeBacklogKeys.delete(key);
       const retries = backlogRetryCount.get(key) || 0;
 
+      // Release file-based item claim (ib-20260407-001b)
+      if (item.id) releaseItemClaim(item.id);
+
       // If session timed out (143=SIGTERM) and hit retry limit, log it
       if (code === 143 && retries >= MAX_BACKLOG_RETRIES) {
         console.warn(`[dispatcher] Backlog item "${classResult.summary}" exhausted ${MAX_BACKLOG_RETRIES} retries — will not retry`);
@@ -347,9 +390,70 @@ function spawnSession(entry) {
 
   proc.on("error", (err) => {
     clearTimeout(timer);
+    // Mark so the trailing proc.on("close") doesn't double-process.
+    spawnErrorHandled.add(sessionId);
     activeSessions.delete(sessionId);
-    console.error(`[dispatcher] Session ${sessionId} error: ${err.message}`);
-    logSession({ event: "error", sessionId, error: err.message });
+    removeActiveSession(sessionId);
+    recordSession(true, false);
+    const duration = ((Date.now() - startTime) / 1000).toFixed(1);
+    const errorCode = err.code || "unknown";
+
+    // Release item lock — mirror of close-handler logic.
+    const itemId = item.raw_ref || item.id || item.title;
+    if (itemId) releaseLock(itemId);
+
+    // Release thread lock so new messages in this thread can be processed.
+    if (item.thread_id) {
+      const channel = item.channel_id || (item.raw_ref ? (item.raw_ref.match(/slack:([^:]+):/) || [])[1] : null) || item.channel;
+      if (channel) releaseThreadLock(channel, item.thread_id);
+    }
+
+    // Release request claim + emit explicit claim_released event so
+    // reconciliation audits (cycle 124 Agent C pattern) can distinguish
+    // genuine in-flight sessions from silent-exit ETIMEDOUT failures
+    // without cross-referencing logs/daemon/responses.jsonl.
+    let claimReleased = false;
+    if (classResult && classResult.summary) {
+      releaseRequestClaim({
+        recipient: item.channel_id || item.channel || item.sender || "unknown",
+        subject: classResult.summary || item.subject || "",
+        action_type: classResult.action || "respond",
+      });
+      claimReleased = true;
+    }
+
+    // Release backlog tracking + item claim.
+    if (source === "backlog") {
+      const key = backlogKey(item);
+      activeBacklogKeys.delete(key);
+      // Release file-based item claim (ib-20260407-001b)
+      if (item.id) releaseItemClaim(item.id);
+    }
+
+    console.error(`[dispatcher] Session ${sessionId} failed: ${errorCode} (${err.message})`);
+
+    // Rich "failed" event — see ib-20260416-daemon-etimedout-failed-event.
+    logSession({
+      event: "failed",
+      sessionId,
+      error: errorCode,
+      error_message: err.message,
+      model,
+      source,
+      priority: classResult?.priority,
+      summary: classResult?.summary,
+      duration_s: parseFloat(duration),
+      active_count: activeSessions.size,
+    });
+
+    if (claimReleased) {
+      logSession({
+        event: "claim_released",
+        sessionId,
+        reason: `spawn_failed_${errorCode}`,
+      });
+    }
+
     drainQueue();
   });
 }