@agent-team-foundation/first-tree-hub 0.11.4 → 0.12.0

package/dist/client-BPUdUaZT-CyCrpCTP.mjs

@@ -0,0 +1,2033 @@
+import { O as withSpan, f as messageAttrs, s as createLogger } from "./observability-BAScT_5S-BcW9HgkG.mjs";
+import { a as AGENT_STATUSES, at as questionAnswerMessageContentSchema, dt as scanMentionTokens, ot as questionMessageContentSchema, s as AGENT_VISIBILITY, w as clientCapabilitiesSchema, z as extractMentions } from "./dist-UOZ6vMUW.mjs";
+import { a as ConflictError, i as ClientUserMismatchError, l as organizations, n as BadRequestError, o as ForbiddenError, s as NotFoundError, u as users } from "./errors-CF5evtJt-B0NTIVPt.mjs";
+import { randomUUID } from "node:crypto";
+import { and, desc, eq, inArray, isNotNull, lt, ne, or, sql } from "drizzle-orm";
+import { bigserial, boolean, index, integer, jsonb, pgTable, primaryKey, text, timestamp, unique } from "drizzle-orm/pg-core";
+//#region ../server/dist/client-BPUdUaZT.mjs
+/**
+* Client connections. A client is a single SDK process (AgentRuntime) that may
+* host multiple agents. From the unified-user-token milestone on, a client is
+* owned by a user — Rule R-RUN requires `clients.user_id == jwt.userId` for
+* every `agent:bind` request. `user_id` is nullable only to accommodate legacy
+* rows created before JWT-on-handshake; the WS handshake claims the row on
+* first re-register under an authenticated JWT (see `client:register` M13).
+*
+* A client is also bound to exactly one organization for its lifetime. The
+* `organization_id` column is populated on first registration from the
+* authenticated JWT's org claim and never changes thereafter. Re-registering
+* the same clientId under a JWT for a different org is rejected with
+* `CLIENT_ORG_MISMATCH` — the CLI responds by abandoning the local clientId
+* and registering a new one instead (see docs/multi-tenancy-hardening-design.md).
+*/
+const clients = pgTable("clients", {
+	id: text("id").primaryKey(),
+	userId: text("user_id").references(() => users.id, { onDelete: "set null" }),
+	organizationId: text("organization_id").notNull().references(() => organizations.id),
+	status: text("status").notNull().default("disconnected"),
+	sdkVersion: text("sdk_version"),
+	hostname: text("hostname"),
+	os: text("os"),
+	instanceId: text("instance_id"),
+	connectedAt: timestamp("connected_at", { withTimezone: true }),
+	lastSeenAt: timestamp("last_seen_at", { withTimezone: true }).notNull().defaultNow(),
+	metadata: jsonb("metadata").$type()
+}, (table) => [index("idx_clients_user").on(table.userId), index("idx_clients_org").on(table.organizationId)]);
+/** Agent registration. Each agent owns a unique inboxId for message delivery. */
+const agents = pgTable("agents", {
+	uuid: text("uuid").primaryKey(),
+	name: text("name"),
+	organizationId: text("organization_id").notNull().references(() => organizations.id),
+	type: text("type").notNull(),
+	displayName: text("display_name").notNull(),
+	delegateMention: text("delegate_mention"),
+	inboxId: text("inbox_id").unique().notNull(),
+	status: text("status").notNull().default("active"),
+	source: text("source"),
+	visibility: text("visibility").notNull().default("private"),
+	metadata: jsonb("metadata").$type().notNull().default({}),
+	managerId: text("manager_id").notNull(),
+	clientId: text("client_id").references(() => clients.id, { onDelete: "restrict" }),
+	runtimeProvider: text("runtime_provider").notNull().default("claude-code"),
+	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow(),
+	updatedAt: timestamp("updated_at", { withTimezone: true }).notNull().defaultNow()
+}, (table) => [
+	index("idx_agents_org").on(table.organizationId),
+	index("idx_agents_manager").on(table.managerId),
+	index("idx_agents_visibility_org").on(table.organizationId, table.visibility),
+	index("idx_agents_client").on(table.clientId),
+	unique("uq_agents_org_name").on(table.organizationId, table.name)
+]);
+/** Communication container. All messages between agents flow within a Chat. */
+const chats = pgTable("chats", {
+	id: text("id").primaryKey(),
+	organizationId: text("organization_id").notNull().references(() => organizations.id),
+	type: text("type").notNull().default("direct"),
+	topic: text("topic"),
+	lifecyclePolicy: text("lifecycle_policy").default("persistent"),
+	parentChatId: text("parent_chat_id"),
+	metadata: jsonb("metadata").$type().notNull().default({}),
+	lastMessageAt: timestamp("last_message_at", { withTimezone: true }),
+	lastMessagePreview: text("last_message_preview"),
+	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow(),
+	updatedAt: timestamp("updated_at", { withTimezone: true }).notNull().defaultNow()
+}, (table) => [index("idx_chats_org_last_message").on(table.organizationId, desc(table.lastMessageAt))]);
+/** Speaking participants of a chat (M:N). Watchers live in chat_subscriptions. */
+const chatParticipants = pgTable("chat_participants", {
+	chatId: text("chat_id").notNull().references(() => chats.id, { onDelete: "cascade" }),
+	agentId: text("agent_id").notNull().references(() => agents.uuid),
+	role: text("role").notNull().default("member"),
+	mode: text("mode").notNull().default("full"),
+	lastReadAt: timestamp("last_read_at", { withTimezone: true }),
+	unreadMentionCount: integer("unread_mention_count").notNull().default(0),
+	joinedAt: timestamp("joined_at", { withTimezone: true }).notNull().defaultNow()
+}, (table) => [primaryKey({ columns: [table.chatId, table.agentId] }), index("idx_participants_agent").on(table.agentId)]);
+/**
+* Non-speaking observers ("watchers"). Used by the chat-first workspace so a
+* user can supervise chats their managed agents participate in without
+* accidentally being part of fan-out.
+*
+* Invariants:
+*   1. (chat_id, agent_id) is mutually exclusive with chat_participants.
+*   2. Rows here NEVER produce inbox_entries (fan-out exclusivity).
+*   3. Mention candidate resolution NEVER includes these rows.
+*   4. State transitions (join/leave) carry last_read_at + counter; lifecycle
+*      recomputes default to NULL/0 and MUST NOT run on the join/leave path.
+*
+* See docs/chat-first-workspace-product-design.md "Data Model" + "State
+* Transitions" for the full contract.
+*/
+const chatSubscriptions = pgTable("chat_subscriptions", {
+	chatId: text("chat_id").notNull().references(() => chats.id, { onDelete: "cascade" }),
+	agentId: text("agent_id").notNull().references(() => agents.uuid),
+	kind: text("kind").notNull().default("watching"),
+	lastReadAt: timestamp("last_read_at", { withTimezone: true }),
+	unreadMentionCount: integer("unread_mention_count").notNull().default(0),
+	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow()
+}, (table) => [primaryKey({ columns: [table.chatId, table.agentId] }), index("idx_chat_subscriptions_agent").on(table.agentId)]);
+/** Organization membership. Links a user to an org with a role and a 1:1 human agent. */
+const members = pgTable("members", {
+	id: text("id").primaryKey(),
+	userId: text("user_id").notNull().references(() => users.id),
+	organizationId: text("organization_id").notNull().references(() => organizations.id),
+	agentId: text("agent_id").unique().notNull().references(() => agents.uuid),
+	role: text("role").notNull(),
+	status: text("status").notNull().default("active"),
+	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow()
+}, (table) => [
+	unique("uq_members_user_org").on(table.userId, table.organizationId),
+	index("idx_members_user").on(table.userId),
+	index("idx_members_org").on(table.organizationId)
+]);
+/**
+* Process-local cache for the per-chat realtime push audience
+* (`chat_participants ∪ chat_subscriptions`, keyed by human agent
+* uuid). Sits in front of the admin WS dispatch so a chat with N
+* messages/sec doesn't issue N audience-resolution queries; one query
+* + cache hit per chat per TTL window.
+*
+* The cache exposes both a populator (`getCachedAudience`) and an
+* invalidator (`invalidateChatAudience`). Participant-mutation paths
+* (`addMeChatParticipants`, `joinMeChat`, `leaveMeChat`,
+* `recomputeChatWatchers`, `joinAsParticipant`, `leaveAsParticipant`)
+* MUST call `invalidateChatAudience` after their tx commits so the
+* very next dispatch reflects the new audience without waiting for
+* the TTL to age out — without invalidation, a freshly-added speaker
+* would miss `chat:message` pushes for up to TTL_MS.
+*
+* Cross-instance correctness: not handled here. The PG NOTIFY layer
+* already broadcasts message events to every replica; each replica's
+* audience cache is independently invalidated by its own
+* service-layer mutations on chats it routes traffic for. For
+* cross-replica participant changes to invalidate this cache, route
+* the mutation through the same replica that hosts the WS connection
+* (sticky routing) or add a dedicated `chat:audience` PG NOTIFY in
+* a follow-up.
+*/
+const log$2 = createLogger("ChatAudienceCache");
+const TTL_MS = 5e3;
+const MAX_ENTRIES = 1024;
+const cache = /* @__PURE__ */ new Map();
+/** Resolve a chat's push audience, hitting the cache when fresh.
+*  Returns null on DB error (caller should skip dispatch). */
+async function getCachedAudience(db, chatId) {
+	const now = Date.now();
+	const cached = cache.get(chatId);
+	if (cached && cached.expiresAt > now) return cached.audience;
+	try {
+		const rows = await db.execute(sql`
+      SELECT agent_id FROM chat_participants WHERE chat_id = ${chatId}
+      UNION
+      SELECT agent_id FROM chat_subscriptions WHERE chat_id = ${chatId}
+    `);
+		const audience = new Set(rows.map((r) => r.agent_id));
+		cache.set(chatId, {
+			audience,
+			expiresAt: now + TTL_MS
+		});
+		if (cache.size > MAX_ENTRIES) {
+			for (const [k, v] of cache) if (v.expiresAt <= now) cache.delete(k);
+		}
+		return audience;
+	} catch (err) {
+		log$2.warn({
+			err,
+			chatId
+		}, "failed to resolve chat audience");
+		return null;
+	}
+}
+/** Drop the cached audience for a chat. Called from participant-
+*  mutation paths after their transaction commits, so the next
+*  `chat:message` dispatch hits the DB and reflects the new
+*  membership instead of serving a stale TTL window. */
+function invalidateChatAudience(chatId) {
+	cache.delete(chatId);
+}
+/**
+* Chat-first workspace — watcher subscription helpers.
+*
+* Watchers (rows in `chat_subscriptions`) are non-speaking observers. A
+* member who manages an agent that participates in a chat — but whose own
+* human agent is not a speaker there — sees the chat in their workspace
+* via a watcher row.
+*
+* Two distinct kinds of operation live here:
+*
+*   1. Set rebuilds (`recompute*`). Idempotent set-based recomputations
+*      driven by lifecycle events (chat created, participant added/removed,
+*      member status flipped, etc.). These DEFAULT new rows to NULL/0 read
+*      state.
+*
+*   2. State-carry transitions (`joinAsParticipant`, `leaveAsParticipant`).
+*      Move a single (chat, agent) pair between `chat_participants` and
+*      `chat_subscriptions` while preserving `last_read_at` and
+*      `unread_mention_count`. NEVER call recompute on this path or you'll
+*      lose read state.
+*
+* See docs/chat-first-workspace-product-design.md "State Transitions" and
+* "Risk Constraints".
+*/
+/**
+* Recompute watcher rows for ONE chat. For every active member who:
+*   - manages a non-human agent that speaks in the chat, AND
+*   - whose own human agent is NOT a speaker in the chat
+* an `(chat_id, member.agent_id)` watcher row is upserted (NULL read state).
+*
+* Watchers whose anchoring condition no longer holds (manager left, the
+* managed agent was removed from the chat, the manager joined as a speaker
+* themselves) are deleted.
+*
+* Idempotent: safe to call multiple times for the same chat.
+*/
+async function recomputeChatWatchers(db, chatId) {
+	await db.execute(sql`
+    INSERT INTO chat_subscriptions
+      (chat_id, agent_id, kind, last_read_at, unread_mention_count, created_at)
+    SELECT DISTINCT cp.chat_id, m.agent_id, 'watching', NULL::timestamp with time zone, 0, now()
+      FROM chat_participants cp
+      JOIN agents  a ON a.uuid = cp.agent_id
+      JOIN members m ON m.id   = a.manager_id
+     WHERE cp.chat_id = ${chatId}
+       AND m.status   = 'active'
+       AND a.type    <> 'human'
+       AND NOT EXISTS (
+         SELECT 1 FROM chat_participants cp2
+          WHERE cp2.chat_id  = cp.chat_id
+            AND cp2.agent_id = m.agent_id
+       )
+    ON CONFLICT (chat_id, agent_id) DO NOTHING
+  `);
+	await db.execute(sql`
+    DELETE FROM chat_subscriptions cs
+     WHERE cs.chat_id = ${chatId}
+       AND NOT EXISTS (
+         SELECT 1
+           FROM chat_participants cp
+           JOIN agents  a ON a.uuid = cp.agent_id
+           JOIN members m ON m.id   = a.manager_id
+          WHERE cp.chat_id = cs.chat_id
+            AND m.agent_id = cs.agent_id
+            AND m.status   = 'active'
+            AND a.type    <> 'human'
+            AND NOT EXISTS (
+              SELECT 1 FROM chat_participants cp2
+               WHERE cp2.chat_id  = cp.chat_id
+                 AND cp2.agent_id = m.agent_id
+            )
+       )
+  `);
+}
+/**
+* Recompute watcher rows touching ONE agent across all chats it speaks in.
+* Used after `rebindAgent` (manager change) so the new manager picks up
+* watcher rows and the old manager's are dropped.
+*/
+async function recomputeWatchersForAgent(db, agentId) {
+	const chatRows = await db.select({ chatId: chatParticipants.chatId }).from(chatParticipants).where(eq(chatParticipants.agentId, agentId));
+	for (const { chatId } of chatRows) await recomputeChatWatchers(db, chatId);
+}
+/**
+* Recompute watcher rows touching ONE member across all chats. Triggered
+* when the member's status flips active ↔ left.
+*/
+async function recomputeWatchersForMember(db, memberId) {
+	const rows = await db.selectDistinct({ chatId: chatParticipants.chatId }).from(chatParticipants).innerJoin(agents, eq(chatParticipants.agentId, agents.uuid)).where(and(eq(agents.managerId, memberId), ne(agents.type, "human")));
+	for (const { chatId } of rows) await recomputeChatWatchers(db, chatId);
+}
+/**
+* Mirror of `services/chat.ts` `maybeUpgradeDirectToGroup`. Inlined here so
+* `joinAsParticipant` keeps the upgrade rule + the state carry in one
+* transaction without depending on chat.ts (avoids a circular import).
+*/
+async function maybeUpgradeDirectToGroup$1(tx, chatId, existingParticipantIds) {
+	if (existingParticipantIds.length + 1 < 3) return;
+	const [chat] = await tx.select({ type: chats.type }).from(chats).where(eq(chats.id, chatId)).limit(1);
+	if (!chat || chat.type !== "direct") return;
+	await tx.update(chats).set({
+		type: "group",
+		updatedAt: /* @__PURE__ */ new Date()
+	}).where(eq(chats.id, chatId));
+	if (existingParticipantIds.length === 0) return;
+	const ids = (await tx.select({ uuid: agents.uuid }).from(agents).where(and(inArray(agents.uuid, existingParticipantIds), ne(agents.type, "human")))).map((r) => r.uuid);
+	if (ids.length === 0) return;
+	await tx.update(chatParticipants).set({ mode: "mention_only" }).where(and(eq(chatParticipants.chatId, chatId), inArray(chatParticipants.agentId, ids)));
+}
+/**
+* Watcher → speaking participant. State-carry transaction.
+*
+*   1. DELETE the watcher row (returning read state).
+*   2. If a participant row already exists, no-op (idempotent).
+*   3. Otherwise, run the direct → group upgrade rule against the *current*
+*      participant set, then INSERT the participant row carrying read state.
+*
+* If `requireWatcherOrVisible` is true, refuse when the user has neither a
+* watcher row nor admin-derived visibility — used to keep the public
+* `/me/chats/:chatId/join` endpoint honest. Pre-check happens in the
+* route layer where we have the full member scope.
+*/
+async function joinAsParticipant(db, chatId, humanAgentId) {
+	return db.transaction(async (tx) => {
+		const [carriedRow] = await tx.delete(chatSubscriptions).where(and(eq(chatSubscriptions.chatId, chatId), eq(chatSubscriptions.agentId, humanAgentId))).returning({
+			lastReadAt: chatSubscriptions.lastReadAt,
+			unreadMentionCount: chatSubscriptions.unreadMentionCount
+		});
+		const [existing] = await tx.select({ chatId: chatParticipants.chatId }).from(chatParticipants).where(and(eq(chatParticipants.chatId, chatId), eq(chatParticipants.agentId, humanAgentId))).limit(1);
+		if (existing) return {
+			chatId,
+			inserted: false,
+			carried: carriedRow ?? null
+		};
+		await maybeUpgradeDirectToGroup$1(tx, chatId, (await tx.select({ agentId: chatParticipants.agentId }).from(chatParticipants).where(eq(chatParticipants.chatId, chatId))).map((p) => p.agentId));
+		await tx.insert(chatParticipants).values({
+			chatId,
+			agentId: humanAgentId,
+			role: "member",
+			mode: "full",
+			lastReadAt: carriedRow?.lastReadAt ?? null,
+			unreadMentionCount: carriedRow?.unreadMentionCount ?? 0
+		});
+		return {
+			chatId,
+			inserted: true,
+			carried: carriedRow ?? null
+		};
+	});
+}
+/**
+* Speaking participant → watcher (or fully detach).
+*
+*   1. DELETE the participant row (returning read state).
+*   2. Test "still visible": is the user still the manager of an agent that
+*      remains a participant in this chat? If yes, INSERT a watcher row
+*      carrying read state. If no, drop entirely.
+*
+* Caller must validate that the user actually has a participant row to
+* leave (returns `NotFoundError` if not).
+*/
+async function leaveAsParticipant(db, chatId, humanAgentId) {
+	return db.transaction(async (tx) => {
+		const [carried] = await tx.delete(chatParticipants).where(and(eq(chatParticipants.chatId, chatId), eq(chatParticipants.agentId, humanAgentId))).returning({
+			lastReadAt: chatParticipants.lastReadAt,
+			unreadMentionCount: chatParticipants.unreadMentionCount
+		});
+		if (!carried) throw new NotFoundError("Not a participant of this chat");
+		const [stillVisibleRow] = await tx.execute(sql`
+      SELECT EXISTS (
+        SELECT 1
+          FROM chat_participants cp
+          JOIN agents  a ON a.uuid = cp.agent_id
+          JOIN members m ON m.id   = a.manager_id
+         WHERE cp.chat_id = ${chatId}
+           AND m.agent_id = ${humanAgentId}
+           AND m.status   = 'active'
+           AND a.type    <> 'human'
+      ) AS visible
+    `);
+		if (!Boolean(stillVisibleRow?.visible)) return {
+			chatId,
+			membershipKind: null
+		};
+		await tx.insert(chatSubscriptions).values({
+			chatId,
+			agentId: humanAgentId,
+			kind: "watching",
+			lastReadAt: carried.lastReadAt,
+			unreadMentionCount: carried.unreadMentionCount
+		}).onConflictDoNothing();
+		return {
+			chatId,
+			membershipKind: "watching"
+		};
+	});
+}
+/**
+* Resolve the membership row of the human agent for the given chat. Returns
+* one of: 'participant', 'watching', or null.
+*
+* Used by `/me/chats/:chatId/join` to refuse a join when the user has
+* neither a watcher row nor a participant row, and isn't otherwise
+* authorised (admin in the chat's org).
+*/
+async function resolveChatMembership(db, chatId, humanAgentId) {
+	const [participant] = await db.select({ chatId: chatParticipants.chatId }).from(chatParticipants).where(and(eq(chatParticipants.chatId, chatId), eq(chatParticipants.agentId, humanAgentId))).limit(1);
+	if (participant) return "participant";
+	const [sub] = await db.select({ chatId: chatSubscriptions.chatId }).from(chatSubscriptions).where(and(eq(chatSubscriptions.chatId, chatId), eq(chatSubscriptions.agentId, humanAgentId))).limit(1);
+	if (sub) return "watching";
+	return null;
+}
+/**
+* Used by `/me/chats/:chatId/join`. Throw 409 if already a speaker (no work
+* to do) and 403 if no watcher row and no admin override. Admin override is
+* resolved at the route layer; this helper only reports the watcher state.
+*/
+function ensureCanJoin(membership) {
+	if (membership === "participant") throw new ConflictError("Already a participant in this chat");
+	if (membership === null) throw new ForbiddenError("Not a watcher of this chat — open the chat from your workspace before joining");
+}
+/**
+* When a direct chat grows past 2 participants, upgrade it to `group` and
+* flip every existing non-human agent participant to `mention_only` — see
+* proposals/hub-agent-messaging-reply-and-mentions §3.3. The caller is
+* expected to insert the new participant AFTER this runs, so the "existing"
+* set excludes them.
+*
+* Idempotent: if the chat is already a group, no-op.
+*/
+async function maybeUpgradeDirectToGroup(db, chatId, existingParticipantIds, newParticipantCount) {
+	if (existingParticipantIds.length + newParticipantCount < 3) return;
+	const [chat] = await db.select({ type: chats.type }).from(chats).where(eq(chats.id, chatId)).limit(1);
+	if (!chat || chat.type !== "direct") return;
+	await db.update(chats).set({
+		type: "group",
+		updatedAt: /* @__PURE__ */ new Date()
+	}).where(eq(chats.id, chatId));
+	if (existingParticipantIds.length === 0) return;
+	const ids = (await db.select({ uuid: agents.uuid }).from(agents).where(and(inArray(agents.uuid, existingParticipantIds), ne(agents.type, "human")))).map((a) => a.uuid);
+	if (ids.length === 0) return;
+	await db.update(chatParticipants).set({ mode: "mention_only" }).where(and(eq(chatParticipants.chatId, chatId), inArray(chatParticipants.agentId, ids)));
+}
+async function createChat(db, creatorId, data) {
+	const chatId = randomUUID();
+	const allParticipantIds = new Set([creatorId, ...data.participantIds]);
+	const existingAgents = await db.select({
+		id: agents.uuid,
+		organizationId: agents.organizationId,
+		type: agents.type
+	}).from(agents).where(inArray(agents.uuid, [...allParticipantIds]));
+	if (existingAgents.length !== allParticipantIds.size) {
+		const found = new Set(existingAgents.map((a) => a.id));
+		throw new BadRequestError(`Agents not found: ${[...allParticipantIds].filter((id) => !found.has(id)).join(", ")}`);
+	}
+	const creator = existingAgents.find((a) => a.id === creatorId);
+	if (!creator) throw new Error("Unexpected: creator not in existingAgents");
+	const orgId = creator.organizationId;
+	const crossOrg = existingAgents.filter((a) => a.organizationId !== orgId);
+	if (crossOrg.length > 0) throw new BadRequestError(`Cross-organization chat not allowed: ${crossOrg.map((a) => a.id).join(", ")}`);
+	const isDirectAgentOnly = data.type === "direct" && existingAgents.every((a) => a.type !== "human");
+	return db.transaction(async (tx) => {
+		const [chat] = await tx.insert(chats).values({
+			id: chatId,
+			organizationId: orgId,
+			type: data.type,
+			topic: data.topic ?? null,
+			metadata: data.metadata ?? {}
+		}).returning();
+		const participantRows = [...allParticipantIds].map((agentId) => ({
+			chatId,
+			agentId,
+			role: agentId === creatorId ? "owner" : "member",
+			...isDirectAgentOnly ? { mode: "mention_only" } : {}
+		}));
+		await tx.insert(chatParticipants).values(participantRows);
+		await recomputeChatWatchers(tx, chatId);
+		const participants = await tx.select().from(chatParticipants).where(eq(chatParticipants.chatId, chatId));
+		if (!chat) throw new Error("Unexpected: INSERT RETURNING produced no row");
+		return {
+			...chat,
+			participants
+		};
+	});
+}
+async function getChat(db, chatId) {
+	const [chat] = await db.select().from(chats).where(eq(chats.id, chatId)).limit(1);
+	if (!chat) throw new NotFoundError(`Chat "${chatId}" not found`);
+	return chat;
+}
+async function getChatDetail(db, chatId) {
+	const chat = await getChat(db, chatId);
+	const participants = await db.select().from(chatParticipants).where(eq(chatParticipants.chatId, chatId));
+	return {
+		...chat,
+		participants
+	};
+}
+async function listChats(db, agentId, limit, cursor) {
+	const chatIds = (await db.select({ chatId: chatParticipants.chatId }).from(chatParticipants).where(eq(chatParticipants.agentId, agentId))).map((r) => r.chatId);
+	if (chatIds.length === 0) return {
+		items: [],
+		nextCursor: null
+	};
+	const where = cursor ? and(inArray(chats.id, chatIds), lt(chats.updatedAt, new Date(cursor))) : inArray(chats.id, chatIds);
+	const rows = await db.select().from(chats).where(where).orderBy(desc(chats.updatedAt)).limit(limit + 1);
+	const hasMore = rows.length > limit;
+	const items = hasMore ? rows.slice(0, limit) : rows;
+	const last = items[items.length - 1];
+	return {
+		items,
+		nextCursor: hasMore && last ? last.updatedAt.toISOString() : null
+	};
+}
+/**
+* List participants of a chat with their agent names — used by the client
+* runtime to resolve `@<name>` mentions against the authoritative participant
+* set (see proposals/hub-agent-messaging-reply-and-mentions §4).
+*/
+async function listChatParticipantsWithNames(db, chatId) {
+	return await db.select({
+		agentId: chatParticipants.agentId,
+		role: chatParticipants.role,
+		mode: chatParticipants.mode,
+		joinedAt: chatParticipants.joinedAt,
+		name: agents.name,
+		displayName: agents.displayName,
+		type: agents.type
+	}).from(chatParticipants).innerJoin(agents, eq(chatParticipants.agentId, agents.uuid)).where(eq(chatParticipants.chatId, chatId));
+}
+async function assertParticipant(db, chatId, agentId) {
+	const [row] = await db.select({ chatId: chatParticipants.chatId }).from(chatParticipants).where(and(eq(chatParticipants.chatId, chatId), eq(chatParticipants.agentId, agentId))).limit(1);
+	if (!row) throw new ForbiddenError("Not a participant of this chat");
+}
+/** Ensure an agent is a participant of a chat. Silently adds them if not already. */
+async function ensureParticipant(db, chatId, agentId) {
+	const [existing] = await db.select({ agentId: chatParticipants.agentId }).from(chatParticipants).where(and(eq(chatParticipants.chatId, chatId), eq(chatParticipants.agentId, agentId))).limit(1);
+	if (existing) return;
+	await db.transaction(async (tx) => {
+		await maybeUpgradeDirectToGroup(tx, chatId, (await tx.select({ agentId: chatParticipants.agentId }).from(chatParticipants).where(eq(chatParticipants.chatId, chatId))).map((p) => p.agentId), 1);
+		await tx.delete(chatSubscriptions).where(and(eq(chatSubscriptions.chatId, chatId), eq(chatSubscriptions.agentId, agentId)));
+		await tx.insert(chatParticipants).values({
+			chatId,
+			agentId,
+			mode: "full"
+		}).onConflictDoNothing({ target: [chatParticipants.chatId, chatParticipants.agentId] });
+		await recomputeChatWatchers(tx, chatId);
+	});
+	invalidateChatAudience(chatId);
+}
+async function addParticipant(db, chatId, requesterId, data) {
+	const chat = await getChat(db, chatId);
+	await assertParticipant(db, chatId, requesterId);
+	const [targetAgent] = await db.select({
+		id: agents.uuid,
+		organizationId: agents.organizationId
+	}).from(agents).where(eq(agents.uuid, data.agentId)).limit(1);
+	if (!targetAgent) throw new NotFoundError(`Agent "${data.agentId}" not found`);
+	if (targetAgent.organizationId !== chat.organizationId) throw new BadRequestError("Cannot add agent from different organization");
+	const [existing] = await db.select({ chatId: chatParticipants.chatId }).from(chatParticipants).where(and(eq(chatParticipants.chatId, chatId), eq(chatParticipants.agentId, data.agentId))).limit(1);
+	if (existing) throw new ConflictError(`Agent "${data.agentId}" is already a participant`);
+	await db.transaction(async (tx) => {
+		await maybeUpgradeDirectToGroup(tx, chatId, (await tx.select({ agentId: chatParticipants.agentId }).from(chatParticipants).where(eq(chatParticipants.chatId, chatId))).map((p) => p.agentId), 1);
+		await tx.delete(chatSubscriptions).where(and(eq(chatSubscriptions.chatId, chatId), eq(chatSubscriptions.agentId, data.agentId)));
+		await tx.insert(chatParticipants).values({
+			chatId,
+			agentId: data.agentId,
+			mode: data.mode ?? "full"
+		});
+		await recomputeChatWatchers(tx, chatId);
+	});
+	invalidateChatAudience(chatId);
+	return db.select().from(chatParticipants).where(eq(chatParticipants.chatId, chatId));
+}
+async function removeParticipant(db, chatId, requesterId, targetAgentId) {
+	await assertParticipant(db, chatId, requesterId);
+	if (requesterId === targetAgentId) throw new BadRequestError("Cannot remove yourself from a chat");
+	const [removed] = await db.delete(chatParticipants).where(and(eq(chatParticipants.chatId, chatId), eq(chatParticipants.agentId, targetAgentId))).returning();
+	if (!removed) throw new NotFoundError(`Agent "${targetAgentId}" is not a participant of this chat`);
+	await recomputeChatWatchers(db, chatId);
+	invalidateChatAudience(chatId);
+	return db.select().from(chatParticipants).where(eq(chatParticipants.chatId, chatId));
+}
+/**
+* List chats visible to a member, grouped by agent.
+* A member sees chats where:
+*   1. Their human agent is a participant, OR
+*   2. Any agent they manage (managerId = memberId) is a participant (supervision)
+*/
+async function listChatsForMember(db, memberId, humanAgentId) {
+	const managedAgents = await db.select({
+		uuid: agents.uuid,
+		name: agents.name,
+		type: agents.type,
+		displayName: agents.displayName
+	}).from(agents).where(eq(agents.managerId, memberId));
+	const agentMap = /* @__PURE__ */ new Map();
+	for (const a of managedAgents) agentMap.set(a.uuid, a);
+	if (!agentMap.has(humanAgentId)) {
+		const [ha] = await db.select({
+			uuid: agents.uuid,
+			name: agents.name,
+			type: agents.type,
+			displayName: agents.displayName
+		}).from(agents).where(eq(agents.uuid, humanAgentId)).limit(1);
+		if (ha) agentMap.set(ha.uuid, ha);
+	}
+	const agentIds = [...agentMap.keys()];
+	if (agentIds.length === 0) return [];
+	const participations = await db.select({
+		chatId: chatParticipants.chatId,
+		agentId: chatParticipants.agentId,
+		role: chatParticipants.role,
+		mode: chatParticipants.mode
+	}).from(chatParticipants).where(inArray(chatParticipants.agentId, agentIds));
+	if (participations.length === 0) return [];
+	const chatIds = [...new Set(participations.map((p) => p.chatId))];
+	const agentChatMap = /* @__PURE__ */ new Map();
+	for (const p of participations) {
+		const list = agentChatMap.get(p.agentId) ?? [];
+		list.push(p.chatId);
+		agentChatMap.set(p.agentId, list);
+	}
+	const chatRows = await db.select({
+		id: chats.id,
+		type: chats.type,
+		topic: chats.topic,
+		metadata: chats.metadata,
+		createdAt: chats.createdAt,
+		updatedAt: chats.updatedAt,
+		participantCount: sql`(SELECT count(*)::int FROM chat_participants WHERE chat_id = ${chats.id})`
+	}).from(chats).where(inArray(chats.id, chatIds)).orderBy(desc(chats.updatedAt));
+	const chatMap = new Map(chatRows.map((c) => [c.id, c]));
+	const humanParticipantChatIds = new Set(participations.filter((p) => p.agentId === humanAgentId).map((p) => p.chatId));
+	const result = [];
+	for (const [agentId, agentChatIds] of agentChatMap) {
+		const agentInfo = agentMap.get(agentId);
+		if (!agentInfo) continue;
+		const agentChats = agentChatIds.map((chatId) => {
+			const chat = chatMap.get(chatId);
+			if (!chat) return null;
+			const isSupervisionOnly = agentId !== humanAgentId && !humanParticipantChatIds.has(chatId);
+			return {
+				id: chat.id,
+				type: chat.type,
+				topic: chat.topic,
+				participantCount: chat.participantCount,
+				isSupervisionOnly,
+				createdAt: chat.createdAt.toISOString(),
+				updatedAt: chat.updatedAt.toISOString()
+			};
+		}).filter((c) => c !== null);
+		if (agentChats.length > 0) result.push({
+			agent: agentInfo,
+			chats: agentChats
+		});
+	}
+	return result;
+}
+/**
+* Manager joins a chat. Adds their human agent as a participant.
+* Requires the member to have supervision rights (manages at least one existing participant).
+*/
+async function joinChat(db, chatId, memberId, humanAgentId) {
+	const chat = await getChat(db, chatId);
+	const participantAgentIds = (await db.select().from(chatParticipants).where(eq(chatParticipants.chatId, chatId))).map((p) => p.agentId);
+	if (participantAgentIds.length === 0) throw new NotFoundError("Chat has no participants");
+	if (participantAgentIds.includes(humanAgentId)) throw new ConflictError("Already a participant in this chat");
+	if ((await db.select({ uuid: agents.uuid }).from(agents).where(and(inArray(agents.uuid, participantAgentIds), eq(agents.managerId, memberId)))).length === 0) throw new ForbiddenError("You can only join chats where you manage at least one participant");
+	const [humanAgent] = await db.select({ organizationId: agents.organizationId }).from(agents).where(eq(agents.uuid, humanAgentId)).limit(1);
+	if (!humanAgent || humanAgent.organizationId !== chat.organizationId) throw new BadRequestError("Agent does not belong to the same organization as the chat");
+	await db.transaction(async (tx) => {
+		const [carriedRow] = await tx.delete(chatSubscriptions).where(and(eq(chatSubscriptions.chatId, chatId), eq(chatSubscriptions.agentId, humanAgentId))).returning({
+			lastReadAt: chatSubscriptions.lastReadAt,
+			unreadMentionCount: chatSubscriptions.unreadMentionCount
+		});
+		await maybeUpgradeDirectToGroup(tx, chatId, participantAgentIds, 1);
+		await tx.insert(chatParticipants).values({
+			chatId,
+			agentId: humanAgentId,
+			role: "member",
+			mode: "full",
+			lastReadAt: carriedRow?.lastReadAt ?? null,
+			unreadMentionCount: carriedRow?.unreadMentionCount ?? 0
+		});
+		await recomputeChatWatchers(tx, chatId);
+	});
+	invalidateChatAudience(chatId);
+	return db.select().from(chatParticipants).where(eq(chatParticipants.chatId, chatId));
+}
+/**
+* Manager leaves a chat. Removes their human agent from participants.
+* Only allowed if the human agent is a participant.
+*
+* Delegates the participant→watcher transition to `leaveAsParticipant`
+* so admin-side and `/me/chats/:id/leave` share one canonical path. The
+* earlier "recompute then UPDATE-back state" variant violated the design
+* rule that recompute is only for set rebuild — never on a transition
+* path (review #228 issue #2). The returned participant list is fetched
+* after the tx commits, matching the admin route's existing contract.
+*/
+async function leaveChat(db, chatId, humanAgentId) {
+	await leaveAsParticipant(db, chatId, humanAgentId);
+	invalidateChatAudience(chatId);
+	return db.select().from(chatParticipants).where(eq(chatParticipants.chatId, chatId));
+}
+async function findOrCreateDirectChat(db, agentAId, agentBId) {
+	const aChats = await db.select({ chatId: chatParticipants.chatId }).from(chatParticipants).where(eq(chatParticipants.agentId, agentAId));
+	const bChats = await db.select({ chatId: chatParticipants.chatId }).from(chatParticipants).where(eq(chatParticipants.agentId, agentBId));
+	const bChatIds = new Set(bChats.map((r) => r.chatId));
+	const commonChatIds = aChats.map((r) => r.chatId).filter((id) => bChatIds.has(id));
+	if (commonChatIds.length > 0) {
+		const directChats = await db.select().from(chats).where(and(inArray(chats.id, commonChatIds), eq(chats.type, "direct")));
+		if (directChats.length > 0 && directChats[0]) return directChats[0];
+	}
+	const ends = await db.select({
+		uuid: agents.uuid,
+		organizationId: agents.organizationId,
+		type: agents.type
+	}).from(agents).where(inArray(agents.uuid, [agentAId, agentBId]));
+	const agentA = ends.find((a) => a.uuid === agentAId);
+	if (!agentA) throw new NotFoundError(`Agent "${agentAId}" not found`);
+	const agentB = ends.find((a) => a.uuid === agentBId);
+	if (!agentB) throw new NotFoundError(`Agent "${agentBId}" not found`);
+	const mode = agentA.type !== "human" && agentB.type !== "human" ? "mention_only" : "full";
+	const chatId = randomUUID();
+	return db.transaction(async (tx) => {
+		const [chat] = await tx.insert(chats).values({
+			id: chatId,
+			organizationId: agentA.organizationId,
+			type: "direct"
+		}).returning();
+		await tx.insert(chatParticipants).values([{
+			chatId,
+			agentId: agentAId,
+			role: "member",
+			mode
+		}, {
+			chatId,
+			agentId: agentBId,
+			role: "member",
+			mode
+		}]);
+		await recomputeChatWatchers(tx, chatId);
+		if (!chat) throw new Error("Unexpected: INSERT RETURNING produced no row");
+		return chat;
+	});
+}
+/** Agent presence and runtime state. Tracked via WebSocket connections; stale entries are cleaned up using server_instances heartbeat. */
+const agentPresence = pgTable("agent_presence", {
+	agentId: text("agent_id").primaryKey().references(() => agents.uuid, { onDelete: "cascade" }),
+	status: text("status").notNull().default("offline"),
+	instanceId: text("instance_id"),
+	connectedAt: timestamp("connected_at", { withTimezone: true }),
+	lastSeenAt: timestamp("last_seen_at", { withTimezone: true }).notNull().defaultNow(),
+	clientId: text("client_id").references(() => clients.id, { onDelete: "set null" }),
+	runtimeType: text("runtime_type"),
+	runtimeVersion: text("runtime_version"),
+	runtimeState: text("runtime_state"),
+	activeSessions: integer("active_sessions"),
+	totalSessions: integer("total_sessions"),
+	runtimeUpdatedAt: timestamp("runtime_updated_at", { withTimezone: true })
+});
+/**
+* Shared access-control primitives. Most route-level gating now lives in
+* `scope/require-*.ts` — this module is reduced to two helpers that need
+* SQL building blocks reused across routes and tests:
+*
+*   - `agentVisibilityCondition` — WHERE clause for "agents visible to a
+*     member" (org-visible OR managerId = the caller's member). Composed
+*     into list queries that already select from `agents`.
+*   - `listAgentsManagedByUser` — cross-org list of agents personally
+*     managed by a user; powers the CLI `agent list --remote` view.
+*
+* Visibility is the same for all roles — admin sees the same set as a
+* regular member. Admin privilege is expressed through manageability
+* (`requireAgentAccess(..., "manage")`), not visibility.
+*/
+/**
+* SQL WHERE conditions for agents visible to a member.
+*   target org + not deleted + (organization-visible OR managerId = caller's member)
+*/
+function agentVisibilityCondition(orgId, memberId) {
+	return and(eq(agents.organizationId, orgId), ne(agents.status, AGENT_STATUSES.DELETED), or(eq(agents.visibility, AGENT_VISIBILITY.ORGANIZATION), eq(agents.managerId, memberId)));
+}
+/**
+* Cross-org listing helper for "agents I personally manage". Used by the
+* CLI `agent list --remote` view — JOINs `agents → members.id` and filters
+* by `members.user_id`.
+*/
+async function listAgentsManagedByUser(db, userId) {
+	return db.select({
+		uuid: agents.uuid,
+		name: agents.name,
+		displayName: agents.displayName,
+		type: agents.type,
+		organizationId: agents.organizationId,
+		inboxId: agents.inboxId,
+		visibility: agents.visibility,
+		runtimeProvider: agents.runtimeProvider,
+		clientId: agents.clientId
+	}).from(agents).innerJoin(members, eq(agents.managerId, members.id)).where(and(eq(members.userId, userId), eq(members.status, "active"), ne(agents.status, AGENT_STATUSES.DELETED)));
+}
+/** Messages. Immutable after creation. Each message belongs to exactly one Chat. */
+const messages = pgTable("messages", {
+	id: text("id").primaryKey(),
+	chatId: text("chat_id").notNull().references(() => chats.id),
+	senderId: text("sender_id").notNull(),
+	format: text("format").notNull(),
+	content: jsonb("content").$type().notNull(),
+	metadata: jsonb("metadata").$type().notNull().default({}),
+	replyToInbox: text("reply_to_inbox"),
+	replyToChat: text("reply_to_chat"),
+	inReplyTo: text("in_reply_to"),
+	source: text("source"),
+	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow()
+}, (table) => [index("idx_messages_chat_time").on(table.chatId, table.createdAt), index("idx_messages_in_reply_to").on(table.inReplyTo)]);
+/** Delivery queue (envelope). One entry per recipient created during message fan-out. Uses SKIP LOCKED for concurrent-safe consumption. */
+const inboxEntries = pgTable("inbox_entries", {
+	id: bigserial("id", { mode: "number" }).primaryKey(),
+	inboxId: text("inbox_id").notNull(),
+	messageId: text("message_id").notNull().references(() => messages.id),
+	chatId: text("chat_id"),
+	status: text("status").notNull().default("pending"),
+	notify: boolean("notify").notNull().default(true),
+	retryCount: integer("retry_count").notNull().default(0),
+	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow(),
+	deliveredAt: timestamp("delivered_at", { withTimezone: true }),
+	ackedAt: timestamp("acked_at", { withTimezone: true })
+}, (table) => [
+	unique("uq_inbox_delivery").on(table.inboxId, table.messageId, table.chatId),
+	index("idx_inbox_pending").on(table.inboxId, table.createdAt),
+	index("idx_inbox_pending_notify").on(table.inboxId, table.createdAt).where(sql`status = 'pending' AND notify = true`),
+	index("idx_inbox_chat_silent").on(table.inboxId, table.chatId, table.notify, table.status)
+]);
+/** Server instance heartbeat. Used to detect crashed instances and clean up associated agent_presence records. */
+const serverInstances = pgTable("server_instances", {
+	instanceId: text("instance_id").primaryKey(),
+	lastHeartbeat: timestamp("last_heartbeat", { withTimezone: true }).notNull().defaultNow()
+});
+/** Common field reset when agent goes offline or is unbound. */
+function runtimeFieldsReset(now) {
+	return {
+		runtimeState: null,
+		activeSessions: null,
+		totalSessions: null,
+		runtimeUpdatedAt: now,
+		lastSeenAt: now
+	};
+}
+async function setOffline(db, agentId) {
+	const now = /* @__PURE__ */ new Date();
+	await db.update(agentPresence).set({
+		status: "offline",
+		instanceId: null,
+		...runtimeFieldsReset(now)
+	}).where(eq(agentPresence.agentId, agentId));
+}
+async function getPresence(db, agentId) {
+	const [row] = await db.select().from(agentPresence).where(eq(agentPresence.agentId, agentId)).limit(1);
+	return row ?? null;
+}
+async function getOnlineCount(db) {
+	const [result] = await db.select({ count: sql`count(*)::int` }).from(agentPresence).where(eq(agentPresence.status, "online"));
+	return result?.count ?? 0;
+}
+async function bindAgent(db, agentId, data) {
+	const now = /* @__PURE__ */ new Date();
+	await db.insert(agentPresence).values({
+		agentId,
+		status: "online",
+		instanceId: data.instanceId,
+		clientId: data.clientId,
+		runtimeType: data.runtimeType,
+		runtimeVersion: data.runtimeVersion ?? null,
+		runtimeState: "idle",
+		connectedAt: now,
+		lastSeenAt: now,
+		runtimeUpdatedAt: now
+	}).onConflictDoUpdate({
+		target: agentPresence.agentId,
+		set: {
+			status: "online",
+			instanceId: data.instanceId,
+			clientId: data.clientId,
+			runtimeType: data.runtimeType,
+			runtimeVersion: data.runtimeVersion ?? null,
+			runtimeState: "idle",
+			activeSessions: null,
+			totalSessions: null,
+			connectedAt: now,
+			lastSeenAt: now,
+			runtimeUpdatedAt: now
+		}
+	});
+}
+async function unbindAgent(db, agentId) {
+	const now = /* @__PURE__ */ new Date();
+	await db.update(agentPresence).set({
+		status: "offline",
+		clientId: null,
+		...runtimeFieldsReset(now)
+	}).where(eq(agentPresence.agentId, agentId));
+}
+/** Set runtime state directly from client-reported value.
+*
+* When an org-scoped notifier is provided, emit a PG NOTIFY on the
+* `runtime_state_changes` channel so the pulse aggregator (and any future
+* admin-side consumers) can observe the transition. Fire-and-forget to match
+* notifier semantics elsewhere in this module. */
+async function setRuntimeState(db, agentId, runtimeState, options) {
+	const now = /* @__PURE__ */ new Date();
+	await db.update(agentPresence).set({
+		runtimeState,
+		runtimeUpdatedAt: now,
+		lastSeenAt: now
+	}).where(eq(agentPresence.agentId, agentId));
+	if (options?.notifier && options.organizationId) options.notifier.notifyRuntimeStateChange(agentId, runtimeState, options.organizationId).catch(() => {});
+}
+/** Touch agent last_seen_at on heartbeat (per-agent liveness). */
+async function touchAgent(db, agentId) {
+	await db.update(agentPresence).set({ lastSeenAt: /* @__PURE__ */ new Date() }).where(eq(agentPresence.agentId, agentId));
+}
+async function heartbeatInstance(db, instanceId) {
+	await db.insert(serverInstances).values({
+		instanceId,
+		lastHeartbeat: /* @__PURE__ */ new Date()
+	}).onConflictDoUpdate({
+		target: serverInstances.instanceId,
+		set: { lastHeartbeat: /* @__PURE__ */ new Date() }
+	});
+}
+/**
+* M1: Mark agents as offline whose last_seen_at is older than staleSeconds.
+* Unlike cleanupStalePresence (which checks instance liveness), this checks
+* per-agent heartbeat liveness — detecting agents that stopped heartbeating
+* while the client process may still be alive.
+*
+* Returns the list of agent IDs that were marked stale (for notification in Step 6).
+*/
+async function markStaleAgents(db, staleSeconds = 60) {
+	return (await db.execute(sql`
+    UPDATE agent_presence SET
+      status = 'offline',
+      client_id = NULL,
+      runtime_state = NULL,
+      active_sessions = NULL,
+      total_sessions = NULL,
+      runtime_updated_at = NOW()
+    WHERE status = 'online'
+    AND last_seen_at < NOW() - make_interval(secs => ${staleSeconds})
+    RETURNING agent_id
+  `)).map((r) => r.agent_id);
+}
+async function cleanupStalePresence(db, staleSeconds = 60) {
+	return (await db.execute(sql`
+    UPDATE agent_presence SET status = 'offline', instance_id = NULL,
+      runtime_state = NULL,
+      active_sessions = NULL, total_sessions = NULL,
+      runtime_updated_at = NOW()
+    WHERE instance_id IN (
+      SELECT instance_id FROM server_instances
+      WHERE last_heartbeat < NOW() - make_interval(secs => ${staleSeconds})
+    )
+    AND status = 'online'
+    RETURNING agent_id
+  `)).length;
+}
+/** Per-session state snapshot. One row per (agent, chat) pair, upserted on each session:state message. */
+const agentChatSessions = pgTable("agent_chat_sessions", {
+	agentId: text("agent_id").notNull().references(() => agents.uuid, { onDelete: "cascade" }),
+	chatId: text("chat_id").notNull().references(() => chats.id, { onDelete: "cascade" }),
+	state: text("state").notNull(),
+	updatedAt: timestamp("updated_at", { withTimezone: true }).notNull().defaultNow()
+}, (table) => [primaryKey({ columns: [table.agentId, table.chatId] })]);
+/**
+* Upsert session state + refresh presence aggregates + NOTIFY.
+*
+* `agent_chat_sessions.(agent_id, chat_id)` is a single-row "current session
+* state" cache, not a session history log. A new runtime session starting on
+* the same (agent, chat) pair MUST overwrite whatever ended before — including
+* an `evicted` row left by a previous terminate. The previous "revival
+* defense" conflated two concerns: "this runtime session ended" (which is
+* what `evicted` actually means) and "this chat is permanently archived for
+* this agent" (a chat-level decision that should live on `chats`, not here).
+* See proposals/hub-agent-messaging-reply-and-mentions §M2-session-lifecycle.
+*
+* Presence row contract: this function tolerates a missing `agent_presence`
+* row by using `INSERT ... ON CONFLICT DO UPDATE`. The predictive-write path
+* (sendMessage on first message) may target an agent whose client has never
+* bound, so a prior `update agent_presence ... where agentId` would silently
+* drop the activeSessions/totalSessions refresh. See PR #198 review §2.
+*/
+async function upsertSessionState(db, agentId, chatId, state, organizationId, notifier, options) {
+	const now = /* @__PURE__ */ new Date();
+	let wrote = false;
+	await db.transaction(async (tx) => {
+		await tx.insert(agentChatSessions).values({
+			agentId,
+			chatId,
+			state,
+			updatedAt: now
+		}).onConflictDoUpdate({
+			target: [agentChatSessions.agentId, agentChatSessions.chatId],
+			set: {
+				state,
+				updatedAt: now
+			},
+			setWhere: ne(agentChatSessions.state, state)
+		});
+		const [counts] = await tx.select({
+			active: sql`count(*) FILTER (WHERE ${agentChatSessions.state} = 'active')::int`,
+			total: sql`count(*) FILTER (WHERE ${agentChatSessions.state} != 'evicted')::int`
+		}).from(agentChatSessions).where(eq(agentChatSessions.agentId, agentId));
+		const activeSessions = counts?.active ?? 0;
+		const totalSessions = counts?.total ?? 0;
+		const presenceSet = options?.touchPresenceLastSeen ?? true ? {
+			activeSessions,
+			totalSessions,
+			lastSeenAt: now
+		} : {
+			activeSessions,
+			totalSessions
+		};
+		await tx.insert(agentPresence).values({
+			agentId,
+			activeSessions,
+			totalSessions
+		}).onConflictDoUpdate({
+			target: [agentPresence.agentId],
+			set: presenceSet
+		});
+		wrote = true;
+	});
+	if (wrote && notifier) notifier.notifySessionStateChange(agentId, chatId, state, organizationId).catch(() => {});
+}
+async function resetActivity(db, agentId) {
+	const now = /* @__PURE__ */ new Date();
+	await db.update(agentPresence).set({
+		runtimeState: "idle",
+		runtimeUpdatedAt: now
+	}).where(eq(agentPresence.agentId, agentId));
+}
+async function getActivityOverview(db) {
+	const [agentCounts] = await db.select({
+		total: sql`count(*)::int`,
+		running: sql`count(*) FILTER (WHERE ${agentPresence.runtimeState} IS NOT NULL)::int`,
+		idle: sql`count(*) FILTER (WHERE ${agentPresence.runtimeState} = 'idle')::int`,
+		working: sql`count(*) FILTER (WHERE ${agentPresence.runtimeState} = 'working')::int`,
+		blocked: sql`count(*) FILTER (WHERE ${agentPresence.runtimeState} = 'blocked')::int`,
+		error: sql`count(*) FILTER (WHERE ${agentPresence.runtimeState} = 'error')::int`
+	}).from(agentPresence);
+	const [clientCounts] = await db.select({ count: sql`count(*)::int` }).from(clients).where(eq(clients.status, "connected"));
+	return {
+		total: agentCounts?.total ?? 0,
+		running: agentCounts?.running ?? 0,
+		byState: {
+			idle: agentCounts?.idle ?? 0,
+			working: agentCounts?.working ?? 0,
+			blocked: agentCounts?.blocked ?? 0,
+			error: agentCounts?.error ?? 0
+		},
+		clients: clientCounts?.count ?? 0
+	};
+}
+/**
+* List agents with active runtime state.
+* When scope is provided, filters to agents visible to the member.
+*/
+async function listAgentsWithRuntime(db, scope) {
+	if (!scope) return db.select().from(agentPresence).where(isNotNull(agentPresence.runtimeState));
+	return db.select({
+		agentId: agentPresence.agentId,
+		status: agentPresence.status,
+		instanceId: agentPresence.instanceId,
+		connectedAt: agentPresence.connectedAt,
+		lastSeenAt: agentPresence.lastSeenAt,
+		clientId: agentPresence.clientId,
+		runtimeType: agentPresence.runtimeType,
+		runtimeVersion: agentPresence.runtimeVersion,
+		runtimeState: agentPresence.runtimeState,
+		activeSessions: agentPresence.activeSessions,
+		totalSessions: agentPresence.totalSessions,
+		runtimeUpdatedAt: agentPresence.runtimeUpdatedAt,
+		type: agents.type
+	}).from(agentPresence).innerJoin(agents, eq(agentPresence.agentId, agents.uuid)).where(and(isNotNull(agentPresence.runtimeState), agentVisibilityCondition(scope.organizationId, scope.memberId)));
+}
+/**
+* Chat-first workspace — append-only post-fan-out projection.
+*
+* The single sanctioned extension point on the message hot path. Called
+* from `services/message.ts` AFTER existing fan-out completes, inside the
+* same transaction. Three responsibilities:
+*
+*   1. Mention propagation: increment `unread_mention_count` for mentioned
+*      speaking participants AND for watcher rows whose managed agent was
+*      mentioned. Sender row is excluded.
+*
+*   2. Chats projection: roll forward `chats.last_message_at`,
+*      `chats.last_message_preview`. Powers the conversation list cursor +
+*      sort + preview.
+*
+*   3. Realtime kick: fire-and-forget `pg_notify('chat_message_events', …)`
+*      so admin WS sockets can translate it into a `chat:message` frame.
+*      Failure is swallowed — durable persistence is the correctness path.
+*
+* Strict invariants (see docs/chat-first-workspace-product-design.md
+* "Risk Constraints"):
+*   - This module appends ONLY. Never edits existing fan-out / inbox /
+*     mention-extraction code.
+*   - Watchers (chat_subscriptions) are NEVER added to inbox_entries here.
+*     Their counters are bumped purely as a per-user red-dot signal.
+*   - Mention candidate set is `chat_participants` only; watchers are not
+*     direct `@`-mention targets.
+*/
+let dispatcher = null;
+function registerChatMessageDispatcher(fn) {
+	dispatcher = fn;
+}
+/**
+* Best-effort cross-process kick for the chat-first workspace. Call AFTER
+* the message transaction commits — never inside the tx. Failure logs +
+* drops; web reconnect refetches.
+*
+* Speakers also get an inbox NOTIFY through the existing path. They will
+* receive both, and the web client de-dupes naturally because both end up
+* invalidating the same query keys.
+*/
+function fireChatMessageKick(chatId, messageId) {
+	if (!dispatcher) return;
+	try {
+		dispatcher(chatId, messageId);
+	} catch {}
+}
+/**
+* Apply the post-fan-out projection. MUST be called inside the same
+* transaction as the message INSERT. Safe to call when `mentionedAgentIds`
+* is empty (degenerate case skips the mention UPDATEs).
+*/
+async function applyAfterFanOut(tx, input) {
+	const { chatId, senderId, mentionedAgentIds, contentPreview, messageCreatedAt } = input;
+	const previewClipped = contentPreview.length > 0 ? contentPreview.slice(0, 200) : null;
+	const ts = messageCreatedAt ?? /* @__PURE__ */ new Date();
+	await tx.update(chats).set({
+		lastMessageAt: ts,
+		lastMessagePreview: previewClipped
+	}).where(eq(chats.id, chatId));
+	if (mentionedAgentIds.length === 0) return;
+	await tx.update(chatParticipants).set({ unreadMentionCount: sql`${chatParticipants.unreadMentionCount} + 1` }).where(and(eq(chatParticipants.chatId, chatId), inArray(chatParticipants.agentId, mentionedAgentIds), ne(chatParticipants.agentId, senderId)));
+	const managerHumanAgentIds = (await tx.execute(sql`
+    SELECT DISTINCT m.agent_id AS human_agent_id
+      FROM agents a
+      JOIN members m ON m.id = a.manager_id
+     WHERE a.uuid IN ${makeUuidList(mentionedAgentIds)}
+       AND a.type <> 'human'
+       AND m.status = 'active'
+  `)).map((r) => r.human_agent_id);
+	if (managerHumanAgentIds.length === 0) return;
+	await tx.update(chatSubscriptions).set({ unreadMentionCount: sql`${chatSubscriptions.unreadMentionCount} + 1` }).where(and(eq(chatSubscriptions.chatId, chatId), inArray(chatSubscriptions.agentId, managerHumanAgentIds)));
+}
+/**
+* Build a parenthesised, comma-separated list of bound parameters: `(?, ?, ?)`.
+* Used in raw SQL where drizzle's `inArray` can't be directly applied (e.g.
+* inside a hand-rolled SELECT). Always called with a non-empty list — the
+* caller short-circuits the empty case.
+*/
+function makeUuidList(ids) {
+	return sql`(${sql.join(ids.map((id) => sql`${id}`), sql`, `)})`;
+}
+/**
+* Server-side lifecycle tracker for `format=question` messages.
+*
+* Written when an agent emits a question through `sendMessage`; status
+* flips to `answered` when the user posts an answer, or to `superseded`
+* when the chat session is archived or its client is claimed away.
+*
+* Per the team's "integrity in service layer" convention, NO foreign-key
+* constraints — referential integrity is enforced by the question
+* service itself (chat-id / agent-id / message-id are validated at
+* write time and the lifecycle hooks supersede orphaned rows).
+*/
+const pendingQuestions = pgTable("pending_questions", {
+	id: text("id").primaryKey(),
+	agentId: text("agent_id").notNull(),
+	chatId: text("chat_id").notNull(),
+	messageId: text("message_id").notNull(),
+	status: text("status").notNull().default("pending"),
+	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow(),
+	answeredAt: timestamp("answered_at", { withTimezone: true }),
+	supersededAt: timestamp("superseded_at", { withTimezone: true }),
+	supersededReason: text("superseded_reason")
+}, (table) => [index("idx_pending_questions_agent_status").on(table.agentId, table.status), index("idx_pending_questions_chat_status").on(table.chatId, table.status)]);
+const INBOX_CHANNEL = "inbox_notifications";
+const CONFIG_CHANNEL = "config_changes";
+const SESSION_STATE_CHANNEL = "session_state_changes";
+const RUNTIME_STATE_CHANNEL = "runtime_state_changes";
+/**
+* Chat-first workspace cross-process kick. Carries `<chatId>:<messageId>`.
+* Lets admin WS sockets translate every chat message (speaker AND watcher
+* audience) into a `chat:message` frame, without being coupled to the
+* inbox NOTIFY path that only reaches speakers.
+*/
+const CHAT_MESSAGE_CHANNEL = "chat_message_events";
+function createNotifier(listenClient) {
+	const subscriptions = /* @__PURE__ */ new Map();
+	const configChangeHandlers = [];
+	const sessionStateChangeHandlers = [];
+	const runtimeStateChangeHandlers = [];
+	const chatMessageHandlers = [];
+	let unlistenInboxFn = null;
+	let unlistenConfigFn = null;
+	let unlistenSessionStateFn = null;
+	let unlistenRuntimeStateFn = null;
+	let unlistenChatMessageFn = null;
+	function handleNotification(payload) {
+		const sepIdx = payload.indexOf(":");
+		if (sepIdx === -1) return;
+		const inboxId = payload.slice(0, sepIdx);
+		const messageId = payload.slice(sepIdx + 1);
+		const sockets = subscriptions.get(inboxId);
+		if (!sockets) return;
+		const doorbellFrame = JSON.stringify({
+			type: "new_message",
+			inboxId,
+			messageId
+		});
+		for (const [ws, pushHandler] of sockets) {
+			if (ws.readyState !== ws.OPEN) continue;
+			if (pushHandler) Promise.resolve(pushHandler(messageId)).catch(() => {});
+			else ws.send(doorbellFrame);
+		}
+	}
+	return {
+		subscribe(inboxId, ws, pushHandler) {
+			let map = subscriptions.get(inboxId);
+			if (!map) {
+				map = /* @__PURE__ */ new Map();
+				subscriptions.set(inboxId, map);
+			}
+			map.set(ws, pushHandler ?? null);
+		},
+		unsubscribe(inboxId, ws) {
+			const map = subscriptions.get(inboxId);
+			if (map) {
+				map.delete(ws);
+				if (map.size === 0) subscriptions.delete(inboxId);
+			}
+		},
+		async notify(inboxId, messageId) {
+			try {
+				await listenClient`SELECT pg_notify(${INBOX_CHANNEL}, ${`${inboxId}:${messageId}`})`;
+			} catch {}
+		},
+		async notifyConfigChange(configType) {
+			try {
+				await listenClient`SELECT pg_notify(${CONFIG_CHANNEL}, ${configType})`;
+			} catch {}
+		},
+		async notifySessionStateChange(agentId, chatId, state, organizationId) {
+			try {
+				await listenClient`SELECT pg_notify(${SESSION_STATE_CHANNEL}, ${`${agentId}:${chatId}:${state}:${organizationId}`})`;
+			} catch {}
+		},
+		async notifyRuntimeStateChange(agentId, state, organizationId) {
+			try {
+				await listenClient`SELECT pg_notify(${RUNTIME_STATE_CHANNEL}, ${`${agentId}:${state}:${organizationId}`})`;
+			} catch {}
+		},
+		async notifyChatMessage(chatId, messageId) {
+			try {
+				await listenClient`SELECT pg_notify(${CHAT_MESSAGE_CHANNEL}, ${`${chatId}:${messageId}`})`;
+			} catch {}
+		},
+		async pushFrameToInbox(inboxId, frame) {
+			const map = subscriptions.get(inboxId);
+			if (!map) return 0;
+			let queued = 0;
+			const pending = [];
+			for (const ws of map.keys()) {
+				if (ws.readyState !== ws.OPEN) continue;
+				pending.push(new Promise((resolve) => {
+					ws.send(frame, (err) => {
+						if (!err) queued += 1;
+						resolve();
+					});
+				}));
+			}
+			await Promise.all(pending);
+			return queued;
+		},
+		onConfigChange(handler) {
+			configChangeHandlers.push(handler);
+		},
+		onSessionStateChange(handler) {
+			sessionStateChangeHandlers.push(handler);
+		},
+		onRuntimeStateChange(handler) {
+			runtimeStateChangeHandlers.push(handler);
+		},
+		onChatMessage(handler) {
+			chatMessageHandlers.push(handler);
+		},
+		async start() {
+			unlistenInboxFn = (await listenClient.listen(INBOX_CHANNEL, (payload) => {
+				if (payload) handleNotification(payload);
+			})).unlisten;
+			unlistenConfigFn = (await listenClient.listen(CONFIG_CHANNEL, (payload) => {
+				if (payload) for (const handler of configChangeHandlers) handler(payload);
+			})).unlisten;
+			unlistenSessionStateFn = (await listenClient.listen(SESSION_STATE_CHANNEL, (payload) => {
+				if (payload) {
+					const firstSep = payload.indexOf(":");
+					const secondSep = payload.indexOf(":", firstSep + 1);
+					const thirdSep = payload.indexOf(":", secondSep + 1);
+					if (firstSep > 0 && secondSep > firstSep && thirdSep > secondSep) {
+						const agentId = payload.slice(0, firstSep);
+						const chatId = payload.slice(firstSep + 1, secondSep);
+						const state = payload.slice(secondSep + 1, thirdSep);
+						const organizationId = payload.slice(thirdSep + 1);
+						for (const handler of sessionStateChangeHandlers) handler({
+							agentId,
+							chatId,
+							state,
+							organizationId
+						});
+					}
+				}
+			})).unlisten;
+			unlistenRuntimeStateFn = (await listenClient.listen(RUNTIME_STATE_CHANNEL, (payload) => {
+				if (payload) {
+					const firstSep = payload.indexOf(":");
+					const secondSep = payload.indexOf(":", firstSep + 1);
+					if (firstSep > 0 && secondSep > firstSep) {
+						const agentId = payload.slice(0, firstSep);
+						const state = payload.slice(firstSep + 1, secondSep);
+						const organizationId = payload.slice(secondSep + 1);
+						for (const handler of runtimeStateChangeHandlers) handler({
+							agentId,
+							state,
+							organizationId
+						});
+					}
+				}
+			})).unlisten;
+			unlistenChatMessageFn = (await listenClient.listen(CHAT_MESSAGE_CHANNEL, (payload) => {
+				if (!payload) return;
+				const sep = payload.indexOf(":");
+				if (sep <= 0) return;
+				const chatId = payload.slice(0, sep);
+				const messageId = payload.slice(sep + 1);
+				for (const handler of chatMessageHandlers) try {
+					handler({
+						chatId,
+						messageId
+					});
+				} catch {}
+			})).unlisten;
+		},
+		async stop() {
+			if (unlistenInboxFn) {
+				await unlistenInboxFn();
+				unlistenInboxFn = null;
+			}
+			if (unlistenConfigFn) {
+				await unlistenConfigFn();
+				unlistenConfigFn = null;
+			}
+			if (unlistenSessionStateFn) {
+				await unlistenSessionStateFn();
+				unlistenSessionStateFn = null;
+			}
+			if (unlistenRuntimeStateFn) {
+				await unlistenRuntimeStateFn();
+				unlistenRuntimeStateFn = null;
+			}
+			if (unlistenChatMessageFn) {
+				await unlistenChatMessageFn();
+				unlistenChatMessageFn = null;
+			}
+		}
+	};
+}
+/** Fire-and-forget: notify all recipients that a new message is available. */
+function notifyRecipients(notifier, recipients, messageId) {
+	for (const inboxId of recipients) notifier.notify(inboxId, messageId).catch(() => {});
+}
+const log$1 = createLogger("questions");
+/**
+* Insert a `pending_questions` row inside the same transaction that wrote a
+* `format=question` message. Caller is `sendMessage` after the message INSERT
+* returns, so a rollback drops both rows together. No-op (returns silently)
+* if the message content is not a valid `QuestionMessageContent` — the caller
+* will already have rejected such input upstream, but we defend in depth so a
+* malformed write never leaves a dangling pending row.
+*/
+async function recordPendingQuestionFromMessage(tx, args) {
+	const parsed = questionMessageContentSchema.safeParse(args.content);
+	if (!parsed.success) throw new BadRequestError("Invalid question message content", { "question.parse_error": parsed.error.message.slice(0, 200) });
+	const { correlationId } = parsed.data;
+	await tx.insert(pendingQuestions).values({
+		id: correlationId,
+		agentId: args.agentId,
+		chatId: args.chatId,
+		messageId: args.messageId,
+		status: "pending"
+	});
+}
+/**
+* Defensive write-side check: codex-runtime agents must never emit
+* `format=question` (Codex SDK 0.125 has no ask-user surface, so any such
+* message would be a runtime regression). Looks up the sender's
+* `runtime_provider` and rejects if it is `codex`. Throws `ForbiddenError`
+* (HTTP 403) so the bug surfaces loudly to the offending writer.
+*
+* Returns the runtime provider for telemetry / further checks (e.g. the
+* caller can attach it to the active span).
+*/
+async function assertSenderMayEmitQuestion(tx, senderAgentId) {
+	const [row] = await tx.select({ runtimeProvider: agents.runtimeProvider }).from(agents).where(eq(agents.uuid, senderAgentId)).limit(1);
+	if (!row) throw new NotFoundError(`Sender agent "${senderAgentId}" not found`);
+	if (row.runtimeProvider === "codex") {
+		log$1.error({
+			agentId: senderAgentId,
+			runtimeProvider: row.runtimeProvider
+		}, "rejected format=question emit from codex-runtime agent");
+		throw new ForbiddenError("Codex runtime cannot emit ask-user questions", {
+			"question.codex_emit_attempt": true,
+			"agent.id": senderAgentId
+		});
+	}
+	return row.runtimeProvider;
+}
+/**
+* User-side answer submission. Atomically:
+*   1. Lock the `pending_questions` row by correlationId.
+*   2. Refuse if status !== "pending" (409 if already-answered, 410-shaped
+*      400 if superseded — both surface as ConflictError so the caller knows
+*      the question is no longer answerable).
+*   3. Validate that the answer keys match the original `questions[]`.
+*   4. Flip status to `answered` INSIDE the lock-tx, before releasing the
+*      row lock. This is the linearisation point: the second concurrent
+*      submitter (waiting on the same row lock) will, on its turn, see
+*      status=answered and exit with ConflictError BEFORE it can write a
+*      second `format=question_answer` message.
+*   5. Send the `format=question_answer` message OUTSIDE the lock-tx
+*      (sendMessage opens its own transaction; nesting wasn't supported by
+*      the existing call site). At this point we hold an exclusive logical
+*      claim — only one submitter ever reaches this step per correlationId.
+*
+* `submitterAgentId` is the human agent on whose behalf the answer is
+* written (it must be a participant of the question's chat). Returns the
+* created `question_answer` message id so the route can include it in the
+* 201 response.
+*
+* Failure semantics: if step 5 (sendMessage) fails after status was flipped,
+* we revert the row to `pending` so the user can retry. This is best-effort —
+* the revert UPDATE is guarded by `status='answered'` to avoid clobbering a
+* supersede that might race in. If the revert itself fails, the row is
+* stranded as `answered` with no answer message; an operator would need to
+* intervene, but a sendMessage failure (local DB tx) is already
+* extraordinarily rare.
+*/
+async function submitAnswer(db, notifier, args) {
+	const questionRow = await db.transaction(async (tx) => {
+		const [row] = await tx.select({
+			id: pendingQuestions.id,
+			status: pendingQuestions.status,
+			chatId: pendingQuestions.chatId,
+			agentId: pendingQuestions.agentId,
+			messageId: pendingQuestions.messageId
+		}).from(pendingQuestions).where(eq(pendingQuestions.id, args.correlationId)).for("update").limit(1);
+		if (!row) throw new NotFoundError(`Question "${args.correlationId}" not found`);
+		if (row.chatId !== args.chatId) throw new NotFoundError(`Question "${args.correlationId}" not found in this chat`);
+		if (row.status !== "pending") throw new ConflictError(`Question "${args.correlationId}" is no longer pending`, { "question.status": row.status });
+		const [msg] = await tx.select({ content: messages.content }).from(messages).where(eq(messages.id, row.messageId)).limit(1);
+		if (!msg) throw new NotFoundError(`Question message "${row.messageId}" not found`);
+		const parsedQuestion = questionMessageContentSchema.safeParse(msg.content);
+		if (!parsedQuestion.success) throw new BadRequestError("Stored question content is malformed", { "question.parse_error": parsedQuestion.error.message.slice(0, 200) });
+		const expectedKeys = new Set(parsedQuestion.data.questions.map((q) => q.question));
+		for (const key of Object.keys(args.answers)) if (!expectedKeys.has(key)) throw new BadRequestError(`Answer key "${key}" does not match any question`, { "question.id": args.correlationId });
+		for (const key of expectedKeys) if (!(key in args.answers)) throw new BadRequestError(`Answer missing for question "${key}"`, { "question.id": args.correlationId });
+		await tx.update(pendingQuestions).set({
+			status: "answered",
+			answeredAt: /* @__PURE__ */ new Date()
+		}).where(eq(pendingQuestions.id, args.correlationId));
+		return row;
+	});
+	const answerContent = {
+		correlationId: args.correlationId,
+		answers: args.answers
+	};
+	questionAnswerMessageContentSchema.parse(answerContent);
+	let result;
+	try {
+		result = await sendMessage(db, args.chatId, args.submitterAgentId, {
+			format: "question_answer",
+			content: answerContent,
+			inReplyTo: questionRow.messageId,
+			source: "hub_ui"
+		});
+	} catch (err) {
+		log$1.error({
+			correlationId: args.correlationId,
+			chatId: args.chatId,
+			err: err instanceof Error ? err.message : String(err)
+		}, "sendMessage failed after status flip; reverting pending_questions row to 'pending'");
+		try {
+			await db.update(pendingQuestions).set({
+				status: "pending",
+				answeredAt: null
+			}).where(and(eq(pendingQuestions.id, args.correlationId), eq(pendingQuestions.status, "answered")));
+		} catch (revertErr) {
+			log$1.error({
+				correlationId: args.correlationId,
+				chatId: args.chatId,
+				revertErr: revertErr instanceof Error ? revertErr.message : String(revertErr)
+			}, "revert UPDATE also failed; row may be stranded as 'answered' without an answer message");
+		}
+		throw err;
+	}
+	if (notifier) notifyRecipients(notifier, result.recipients, result.message.id);
+	return {
+		messageId: result.message.id,
+		recipients: result.recipients
+	};
+}
+/**
+* Mark every pending row whose chat is `chatId` as superseded. Used when a
+* chat session is archived — the agent runtime that emitted the question
+* may already be gone, so leaving the row pending would block forever.
+*/
+async function markSupersededByChat(tx, chatId, reason = "chat_archived") {
+	return (await tx.update(pendingQuestions).set({
+		status: "superseded",
+		supersededAt: /* @__PURE__ */ new Date(),
+		supersededReason: reason
+	}).where(and(eq(pendingQuestions.chatId, chatId), eq(pendingQuestions.status, "pending"))).returning({ id: pendingQuestions.id })).length;
+}
+/**
+* Mark every pending row owned by any of `agentIds` as superseded. Used when
+* the client carrying these agents is claimed by a new user — the previous
+* owner's runtime is detached and cannot deliver an answer back.
+*/
+async function markSupersededByAgents(tx, agentIds, reason = "client_claimed") {
+	if (agentIds.length === 0) return 0;
+	return (await tx.update(pendingQuestions).set({
+		status: "superseded",
+		supersededAt: /* @__PURE__ */ new Date(),
+		supersededReason: reason
+	}).where(and(inArray(pendingQuestions.agentId, agentIds), eq(pendingQuestions.status, "pending"))).returning({ id: pendingQuestions.id })).length;
+}
+const log = createLogger("message");
+async function sendMessage(db, chatId, senderId, data, options = {}) {
+	return withSpan("inbox.enqueue", messageAttrs({
+		chatId,
+		senderAgentId: senderId,
+		source: data.source ?? void 0
+	}), () => sendMessageInner(db, chatId, senderId, data, options));
+}
+async function sendMessageInner(db, chatId, senderId, data, options) {
+	const txResult = await db.transaction(async (tx) => {
+		const [participants, [chatRow], [senderRow]] = await Promise.all([
+			tx.select({
+				agentId: chatParticipants.agentId,
+				inboxId: agents.inboxId,
+				mode: chatParticipants.mode,
+				name: agents.name
+			}).from(chatParticipants).innerJoin(agents, eq(chatParticipants.agentId, agents.uuid)).where(eq(chatParticipants.chatId, chatId)),
+			tx.select({ type: chats.type }).from(chats).where(eq(chats.id, chatId)).limit(1),
+			tx.select({
+				inboxId: agents.inboxId,
+				organizationId: agents.organizationId
+			}).from(agents).where(eq(agents.uuid, senderId)).limit(1)
+		]);
+		const chatType = chatRow?.type ?? null;
+		if (!senderRow) throw new NotFoundError(`Sender agent "${senderId}" not found`);
+		if (data.replyToInbox !== void 0 && data.replyToInbox !== null) {
+			if (senderRow.inboxId !== data.replyToInbox) throw new BadRequestError("replyToInbox must reference the sender's own inbox");
+		}
+		const incomingMeta = data.metadata ?? {};
+		const explicitMentionsRaw = incomingMeta.mentions;
+		const explicitMentions = Array.isArray(explicitMentionsRaw) ? explicitMentionsRaw.filter((m) => typeof m === "string") : [];
+		const contentText = typeof data.content === "string" ? data.content : "";
+		const resolved = contentText ? extractMentions(contentText, participants) : [];
+		const mergedMentions = [...new Set([...explicitMentions, ...resolved])];
+		const metadataToStore = mergedMentions.length > 0 ? {
+			...incomingMeta,
+			mentions: mergedMentions
+		} : incomingMeta;
+		if (options.enforceGroupMention && chatType === "group") {
+			if (mergedMentions.filter((id) => id !== senderId).length === 0) throw new BadRequestError("Sending to a group chat requires an explicit @mention. Use `agent send <name>` to message a single agent, or @<name> in the content to address one or more group members.");
+		}
+		let outboundContent = data.content;
+		if (options.normalizeMentionsInContent && typeof outboundContent === "string") {
+			const present = new Set(scanMentionTokens(outboundContent));
+			const missingNames = [];
+			for (const id of mergedMentions) {
+				if (id === senderId) continue;
+				const p = participants.find((q) => q.agentId === id);
+				if (!p?.name) continue;
+				if (present.has(p.name.toLowerCase())) continue;
+				missingNames.push(p.name);
+			}
+			if (missingNames.length > 0) {
+				const prefix = missingNames.map((n) => `@${n}`).join(" ");
+				outboundContent = outboundContent.length > 0 ? `${prefix} ${outboundContent}` : prefix;
+			}
+		}
+		if (data.format === "question") await assertSenderMayEmitQuestion(tx, senderId);
+		const messageId = randomUUID();
+		const [msg] = await tx.insert(messages).values({
+			id: messageId,
+			chatId,
+			senderId,
+			format: data.format,
+			content: outboundContent,
+			metadata: metadataToStore,
+			replyToInbox: data.replyToInbox ?? null,
+			replyToChat: data.replyToChat ?? null,
+			inReplyTo: data.inReplyTo ?? null,
+			source: data.source ?? null
+		}).returning();
+		if (data.format === "question" && msg) await recordPendingQuestionFromMessage(tx, {
+			agentId: senderId,
+			chatId,
+			messageId: msg.id,
+			content: outboundContent
+		});
+		const mentionSet = new Set(mergedMentions);
+		const fanout = participants.filter((p) => p.agentId !== senderId).map((p) => ({
+			agentId: p.agentId,
+			inboxId: p.inboxId,
+			notify: p.mode !== "mention_only" || mentionSet.has(p.agentId)
+		}));
+		if (fanout.length > 0) await tx.insert(inboxEntries).values(fanout.map((f) => ({
+			inboxId: f.inboxId,
+			messageId,
+			chatId,
+			notify: f.notify
+		})));
+		const notified = fanout.filter((f) => f.notify);
+		const recipients = notified.map((f) => f.inboxId);
+		const recipientAgentIds = notified.map((f) => f.agentId);
+		if (data.inReplyTo) {
+			const [original] = await tx.select({
+				replyToInbox: messages.replyToInbox,
+				replyToChat: messages.replyToChat
+			}).from(messages).where(eq(messages.id, data.inReplyTo)).limit(1);
+			if (original?.replyToInbox && original?.replyToChat) {
+				await tx.insert(inboxEntries).values({
+					inboxId: original.replyToInbox,
+					messageId,
+					chatId: original.replyToChat
+				}).onConflictDoNothing();
+				if (!recipients.includes(original.replyToInbox)) recipients.push(original.replyToInbox);
+			}
+		}
+		await tx.update(chats).set({ updatedAt: /* @__PURE__ */ new Date() }).where(eq(chats.id, chatId));
+		if (!msg) throw new Error("Unexpected: INSERT RETURNING produced no row");
+		const previewText = typeof outboundContent === "string" ? outboundContent.trim() : "";
+		await applyAfterFanOut(tx, {
+			chatId,
+			messageId: msg.id,
+			senderId,
+			mentionedAgentIds: mergedMentions,
+			contentPreview: previewText,
+			messageCreatedAt: msg.createdAt
+		});
+		return {
+			message: msg,
+			recipients,
+			recipientAgentIds,
+			organizationId: senderRow.organizationId
+		};
+	});
+	const settled = await Promise.allSettled(txResult.recipientAgentIds.map((agentId) => upsertSessionState(db, agentId, chatId, "active", txResult.organizationId, void 0, { touchPresenceLastSeen: false })));
+	for (let i = 0; i < settled.length; i++) {
+		const r = settled[i];
+		if (r?.status === "rejected") log.error({
+			err: r.reason,
+			chatId,
+			agentId: txResult.recipientAgentIds[i]
+		}, "predictive session activation failed");
+	}
+	fireChatMessageKick(chatId, txResult.message.id);
+	return {
+		message: txResult.message,
+		recipients: txResult.recipients
+	};
+}
+async function sendToAgent(db, senderUuid, targetName, data) {
+	const [sender] = await db.select({
+		uuid: agents.uuid,
+		organizationId: agents.organizationId
+	}).from(agents).where(eq(agents.uuid, senderUuid)).limit(1);
+	if (!sender) throw new NotFoundError(`Agent "${senderUuid}" not found`);
+	const [target] = await db.select({ uuid: agents.uuid }).from(agents).where(and(eq(agents.organizationId, sender.organizationId), eq(agents.name, targetName), ne(agents.status, "deleted"))).limit(1);
+	if (!target) throw new NotFoundError(`Agent "${targetName}" not found${/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i.test(targetName) ? " — `agent send` expects an agent NAME, not a uuid. Run `first-tree-hub agent list` to see available names." : ""}`);
+	const chat = await findOrCreateDirectChat(db, senderUuid, target.uuid);
+	const incomingMeta = data.metadata ?? {};
+	const existingMentionsRaw = incomingMeta.mentions;
+	const existingMentions = Array.isArray(existingMentionsRaw) ? existingMentionsRaw.filter((m) => typeof m === "string") : [];
+	const mergedMentions = existingMentions.includes(target.uuid) ? existingMentions : [...existingMentions, target.uuid];
+	const metadata = {
+		...incomingMeta,
+		mentions: mergedMentions
+	};
+	return sendMessage(db, chat.id, senderUuid, {
+		format: data.format,
+		content: data.content,
+		metadata,
+		replyToInbox: data.replyToInbox,
+		replyToChat: data.replyToChat,
+		source: data.source
+	}, { normalizeMentionsInContent: true });
+}
+async function editMessage(db, chatId, messageId, senderId, data) {
+	const [msg] = await db.select().from(messages).where(eq(messages.id, messageId)).limit(1);
+	if (!msg) throw new NotFoundError(`Message "${messageId}" not found`);
+	if (msg.chatId !== chatId) throw new NotFoundError(`Message "${messageId}" not found in this chat`);
+	if (msg.senderId !== senderId) throw new ForbiddenError("Only the sender can edit a message");
+	const setClause = {};
+	if (data.format !== void 0) setClause.format = data.format;
+	if (data.content !== void 0) setClause.content = data.content;
+	const meta = msg.metadata ?? {};
+	meta.editedAt = (/* @__PURE__ */ new Date()).toISOString();
+	setClause.metadata = meta;
+	const [updated] = await db.update(messages).set(setClause).where(eq(messages.id, messageId)).returning();
+	if (!updated) throw new Error("Unexpected: UPDATE RETURNING produced no row");
+	return updated;
+}
+async function listMessages(db, chatId, limit, cursor) {
+	const where = cursor ? and(eq(messages.chatId, chatId), lt(messages.createdAt, new Date(cursor))) : eq(messages.chatId, chatId);
+	const rows = await db.select().from(messages).where(where).orderBy(desc(messages.createdAt)).limit(limit + 1);
+	const hasMore = rows.length > limit;
+	const items = hasMore ? rows.slice(0, limit) : rows;
+	const last = items[items.length - 1];
+	return {
+		items,
+		nextCursor: hasMore && last ? last.createdAt.toISOString() : null
+	};
+}
+/**
+* Assert the caller can act on this client. Throws 404 for both "not found"
+* and "not yours" to prevent UUID enumeration. The client is owned by exactly
+* one user; cross-user admin access is no longer supported by this code path
+* (see decouple-client-from-identity-design §4.10.5 option A). Cross-user
+* ownership transfer goes through `claimClient` in PR-B.
+*/
+async function assertClientOwner(db, clientId, scope) {
+	const [row] = await db.select({
+		id: clients.id,
+		userId: clients.userId
+	}).from(clients).where(eq(clients.id, clientId)).limit(1);
+	if (!row || row.userId !== scope.userId) throw new NotFoundError(`Client "${clientId}" not found`);
+}
+/**
+* Upsert the clients row for a given `client_id` under an authenticated user.
+*
+* Claim semantics (decouple-client-from-identity §4.1.1):
+*   - New client_id → INSERT with the authenticated user_id. `organization_id`
+*     is written as a placeholder (NOT NULL legacy column; no longer consumed
+*     by any read path) sourced from the caller-supplied JWT default org.
+*   - Existing row with the same user_id → refresh runtime columns.
+*     `organization_id` is **not** updated on conflict, so the placeholder set
+*     at first insert sticks for the row's lifetime.
+*   - Existing row with a different user_id → raises
+*     {@link ClientUserMismatchError} (WS close 4403). The CLI guides the
+*     operator through `first-tree-hub client claim --confirm` to take
+*     ownership, which unpins the previous owner's agents from the machine.
+*/
+async function registerClient(db, data) {
+	const now = /* @__PURE__ */ new Date();
+	const [existing] = await db.select({
+		id: clients.id,
+		userId: clients.userId
+	}).from(clients).where(eq(clients.id, data.clientId)).limit(1);
+	if (existing?.userId && existing.userId !== data.userId) throw new ClientUserMismatchError(`Client "${data.clientId}" is owned by a different user. Run \`first-tree-hub client claim --confirm\` to transfer ownership.`);
+	await db.insert(clients).values({
+		id: data.clientId,
+		userId: data.userId,
+		organizationId: data.organizationId,
+		status: "connected",
+		instanceId: data.instanceId,
+		hostname: data.hostname ?? null,
+		os: data.os ?? null,
+		sdkVersion: data.sdkVersion ?? null,
+		connectedAt: now,
+		lastSeenAt: now
+	}).onConflictDoUpdate({
+		target: clients.id,
+		set: {
+			userId: data.userId,
+			status: "connected",
+			instanceId: data.instanceId,
+			hostname: data.hostname ?? null,
+			os: data.os ?? null,
+			sdkVersion: data.sdkVersion ?? null,
+			connectedAt: now,
+			lastSeenAt: now
+		}
+	});
+}
+/**
+* Transfer ownership of a client row to a new user, unpinning any agents
+* whose manager belonged to the previous owner. Atomic: caller is guaranteed
+* either a fully-applied ownership flip + bulk unpin, or no change. Idempotent
+* when `newUserId` already owns the row.
+*
+* Manager → user resolution goes through the members JOIN (the agents table
+* carries only `manager_id`); cross-org agents under the same previous owner
+* are unpinned together (decouple-client-from-identity §4.4).
+*
+* Caller is responsible for the caller-side authorization (the new owner must
+* be the authenticated request's user). The structured log
+* `event: client.owner_transfer` is emitted by the caller after the
+* transaction commits, using the returned `previousUserId` /
+* `unpinnedAgentIds`.
+*/
+async function claimClient(db, clientId, newUserId) {
+	return db.transaction(async (tx) => {
+		const [locked] = await tx.execute(sql`SELECT id, user_id FROM clients WHERE id = ${clientId} FOR UPDATE`);
+		if (!locked) throw new NotFoundError(`Client "${clientId}" not found`);
+		const previousUserId = locked.user_id;
+		if (previousUserId === newUserId) return {
+			previousUserId,
+			unpinnedAgentIds: []
+		};
+		let unpinnedAgentIds = [];
+		if (previousUserId !== null) {
+			unpinnedAgentIds = (await tx.select({ uuid: agents.uuid }).from(agents).innerJoin(members, eq(agents.managerId, members.id)).where(and(eq(agents.clientId, clientId), eq(members.userId, previousUserId)))).map((r) => r.uuid);
+			if (unpinnedAgentIds.length > 0) {
+				const now = /* @__PURE__ */ new Date();
+				await tx.update(agents).set({
+					clientId: null,
+					updatedAt: now
+				}).where(inArray(agents.uuid, unpinnedAgentIds));
+				await tx.update(agentPresence).set({
+					status: "offline",
+					clientId: null,
+					...runtimeFieldsReset(now)
+				}).where(inArray(agentPresence.agentId, unpinnedAgentIds));
+				await markSupersededByAgents(tx, unpinnedAgentIds, "client_claimed");
+			}
+		}
+		await tx.update(clients).set({ userId: newUserId }).where(eq(clients.id, clientId));
+		return {
+			previousUserId,
+			unpinnedAgentIds
+		};
+	});
+}
+async function disconnectClient(db, clientId) {
+	const now = /* @__PURE__ */ new Date();
+	await db.update(agentPresence).set({
+		status: "offline",
+		clientId: null,
+		...runtimeFieldsReset(now)
+	}).where(eq(agentPresence.clientId, clientId));
+	await db.update(clients).set({
+		status: "disconnected",
+		lastSeenAt: now
+	}).where(eq(clients.id, clientId));
+}
+async function heartbeatClient(db, clientId) {
+	await db.update(clients).set({ lastSeenAt: /* @__PURE__ */ new Date() }).where(eq(clients.id, clientId));
+}
+async function getClient(db, clientId) {
+	const [row] = await db.select().from(clients).where(eq(clients.id, clientId)).limit(1);
+	return row ?? null;
+}
+/**
+* List the active agents currently pinned to a client. Used by the WS
+* registration handshake to backfill `agent:pinned` notifications missed while
+* the client was offline — without it, an admin who pinned an agent during a
+* client outage would still need a manual `first-tree-hub agent add`.
+*
+* Excludes soft-deleted agents (status = "deleted"). Human agents are
+* naturally excluded by the `clientId` filter — they never carry a clientId.
+*/
+async function listActiveAgentsPinnedToClient(db, clientId) {
+	return db.select({
+		uuid: agents.uuid,
+		name: agents.name,
+		displayName: agents.displayName,
+		type: agents.type,
+		runtimeProvider: agents.runtimeProvider
+	}).from(agents).where(and(eq(agents.clientId, clientId), ne(agents.status, "deleted")));
+}
+/**
+* Member-scoped: every active agent pinned to a client owned by this user.
+* Used by client startup to reconcile its local YAML against the authoritative
+* `agents.runtime_provider`. Cross-org by design — a client is owned by a
+* user, not an org (decouple-client-from-identity §4.1).
+*/
+async function listMyPinnedAgents(db, scope) {
+	return (await db.select({
+		agentId: agents.uuid,
+		clientId: agents.clientId,
+		runtimeProvider: agents.runtimeProvider
+	}).from(agents).innerJoin(clients, eq(agents.clientId, clients.id)).where(and(eq(clients.userId, scope.userId), ne(agents.status, "deleted")))).filter((r) => r.clientId !== null).map((r) => ({
+		agentId: r.agentId,
+		clientId: r.clientId,
+		runtimeProvider: r.runtimeProvider
+	}));
+}
+/**
+* Replace this client's capabilities snapshot. Capabilities live under
+* `clients.metadata.capabilities` (Option C — no dedicated column); other
+* `metadata` subkeys are preserved on merge.
+*
+* Caller is expected to have already passed `assertClientOwner`.
+*/
+async function updateClientCapabilities(db, clientId, capabilities) {
+	const parsed = clientCapabilitiesSchema.safeParse(capabilities);
+	if (!parsed.success) throw new BadRequestError(`Invalid capabilities payload: ${parsed.error.message}`);
+	const [client] = await db.select({ metadata: clients.metadata }).from(clients).where(eq(clients.id, clientId)).limit(1);
+	if (!client) throw new NotFoundError(`Client "${clientId}" not found`);
+	const merged = {
+		...client.metadata ?? {},
+		capabilities: parsed.data
+	};
+	await db.update(clients).set({ metadata: merged }).where(eq(clients.id, clientId));
+}
+/**
+* Scope-aware client listing. Returns the caller's own clients (cross-org —
+* a client is owned by a user, not an org). The admin route adds a separate
+* `?organizationId=` cross-user view via {@link listClientsForOrgAdmin}.
+*/
+async function listClients(db, scope) {
+	return attachAgentCounts(db, await db.select().from(clients).where(eq(clients.userId, scope.userId)));
+}
+/**
+* Admin-only cross-user listing: every client owned by an active member of
+* `orgId`. Joining `clients → members.user_id` instead of `clients.organization_id`
+* keeps the read path consistent with the rule that connection has no
+* runtime relationship to organization (decouple-client-from-identity §A).
+*
+* The caller must verify admin role realtime via `requireMemberInOrg` before
+* invoking this function — the service does not re-check, so it is
+* unsafe to expose without that gate.
+*/
+async function listClientsForOrgAdmin(db, orgId) {
+	return attachAgentCounts(db, await db.select({
+		id: clients.id,
+		userId: clients.userId,
+		organizationId: clients.organizationId,
+		status: clients.status,
+		sdkVersion: clients.sdkVersion,
+		hostname: clients.hostname,
+		os: clients.os,
+		instanceId: clients.instanceId,
+		connectedAt: clients.connectedAt,
+		lastSeenAt: clients.lastSeenAt,
+		metadata: clients.metadata
+	}).from(clients).innerJoin(members, eq(members.userId, clients.userId)).where(and(eq(members.organizationId, orgId), eq(members.status, "active"))));
+}
+/**
+* Infer whether the client's locally-cached refresh token can plausibly
+* still mint access tokens. Used by the Web admin dashboard to render an
+* "AUTH EXPIRED" pill on rows whose offline duration has exceeded the
+* server's configured refresh-token TTL.
+*
+* Uses `lastSeenAt` (not `connectedAt`) because a healthy long-lived
+* client slides the refresh token continuously, so the absolute connect
+* time is no proxy for liveness. `lastSeenAt` is updated on register,
+* heartbeat, and the final disconnect — it lower-bounds the issue time
+* of the refresh token the client most likely still holds.
+*
+* Pure function, no DB access; the column-less design means there's no
+* server-side revocation path yet — every "expired" decision is purely
+* time-based. If we ever want admin-driven revocation, add a column
+* back and OR its value into this function.
+*/
+function deriveAuthState(row, refreshTokenExpirySeconds) {
+	if (row.status === "disconnected") {
+		if (Date.now() - row.lastSeenAt.getTime() > refreshTokenExpirySeconds * 1e3) return "expired";
+	}
+	return "ok";
+}
+async function attachAgentCounts(db, rows) {
+	const counts = await db.select({
+		clientId: agents.clientId,
+		count: sql`count(*)::int`
+	}).from(agents).where(and(sql`${agents.clientId} IS NOT NULL`, ne(agents.status, "deleted"))).groupBy(agents.clientId);
+	const countMap = new Map(counts.map((c) => [c.clientId, c.count]));
+	return rows.map((row) => ({
+		...row,
+		agentCount: countMap.get(row.id) ?? 0
+	}));
+}
+/**
+* Retire a client row. Refuses while any non-deleted agent is still pinned to
+* it — per proposal M12, the operator must delete the agents first
+* (no reassign in this milestone). Throws {@link ConflictError} with the
+* pinned agent list so the UI can show the exact names.
+*
+* Runs in a single transaction with `SELECT … FOR UPDATE` on the client row
+* so a concurrent `createAgent(clientId=X)` cannot land between the pinned
+* check and the DELETE — otherwise the agents.client_id RESTRICT FK would
+* surface as a raw PG 23503 instead of the ConflictError the caller expects.
+*/
+async function retireClient(db, clientId) {
+	await db.transaction(async (tx) => {
+		const [locked] = await tx.execute(sql`SELECT id FROM clients WHERE id = ${clientId} FOR UPDATE`);
+		if (!locked) throw new NotFoundError(`Client "${clientId}" not found`);
+		const pinned = await tx.select({
+			uuid: agents.uuid,
+			name: agents.name
+		}).from(agents).where(and(eq(agents.clientId, clientId), ne(agents.status, "deleted")));
+		if (pinned.length > 0) {
+			const names = pinned.map((a) => a.name ?? a.uuid).join(", ");
+			throw new ConflictError(`Cannot retire client "${clientId}" — ${pinned.length} agent(s) still pinned (${names}). Delete the pinned agents first (no reassign is available in this milestone).`);
+		}
+		await tx.update(agents).set({ clientId: null }).where(and(eq(agents.clientId, clientId), eq(agents.status, "deleted")));
+		await tx.delete(clients).where(eq(clients.id, clientId));
+	});
+}
+/**
+* System-scope sweep: mark clients as disconnected when their last-seen
+* server instance stopped sending heartbeats. Runs globally across all orgs
+* by design — it is invoked only by internal timers, never from a
+* user-scoped request, so the per-org filter the read paths enforce does not
+* apply. Org isolation on the data these clients belong to is still
+* enforced at the read paths (see `assertClientOwner` / `listClients`).
+*/
+async function cleanupStaleClients(db, staleSeconds = 60) {
+	const result = await db.execute(sql`
+    UPDATE clients SET status = 'disconnected'
+    WHERE instance_id IN (
+      SELECT instance_id FROM server_instances
+      WHERE last_heartbeat < NOW() - make_interval(secs => ${staleSeconds})
+    )
+    AND status = 'connected'
+    RETURNING id
+  `);
+	if (result.length > 0) {
+		const staleIds = result.map((r) => r.id);
+		await db.update(agentPresence).set({
+			status: "offline",
+			...runtimeFieldsReset(/* @__PURE__ */ new Date())
+		}).where(inArray(agentPresence.clientId, staleIds));
+	}
+	return result.length;
+}
+//#endregion
+export { pendingQuestions as $, heartbeatClient as A, listAgentsWithRuntime as B, findOrCreateDirectChat as C, getClient as D, getChatDetail as E, joinChat as F, listClientsForOrgAdmin as G, listChats as H, leaveAsParticipant as I, markStaleAgents as J, listMessages as K, leaveChat as L, inboxEntries as M, invalidateChatAudience as N, getOnlineCount as O, joinAsParticipant as P, notifyRecipients as Q, listActiveAgentsPinnedToClient as R, ensureParticipant as S, getCachedAudience as T, listChatsForMember as U, listChatParticipantsWithNames as V, listClients as W, members as X, markSupersededByChat as Y, messages as Z, createNotifier as _, updateClientCapabilities as _t, agents as a, removeParticipant as at, editMessage as b, bindAgent as c, retireClient as ct, chats as d, serverInstances as dt, recomputeChatWatchers as et, claimClient as f, setOffline as ft, createChat as g, unbindAgent as gt, clients as h, touchAgent as ht, agentVisibilityCondition as i, registerClient as it, heartbeatInstance as j, getPresence as k, chatParticipants as l, sendMessage as lt, cleanupStalePresence as m, submitAnswer as mt, agentChatSessions as n, recomputeWatchersForMember as nt, assertClientOwner as o, resetActivity as ot, cleanupStaleClients as p, setRuntimeState as pt, listMyPinnedAgents as q, agentPresence as r, registerChatMessageDispatcher as rt, assertParticipant as s, resolveChatMembership as st, addParticipant as t, recomputeWatchersForAgent as tt, chatSubscriptions as u, sendToAgent as ut, deriveAuthState as v, upsertSessionState as vt, getActivityOverview as w, ensureCanJoin as x, disconnectClient as y, listAgentsManagedByUser as z };