npm - @agent-team-foundation/first-tree-hub - Versions diffs - 0.11.5 → 0.12.0 - Mend

@agent-team-foundation/first-tree-hub 0.11.5 → 0.12.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (34) hide show

package/dist/{saas-connect-CO554S-V.mjs → saas-connect-Drn9g6cR.mjs} RENAMED Viewed

@@ -1,11 +1,11 @@
 import { a as __toCommonJS, o as __toESM, t as __commonJSMin } from "./chunk-BSw8zbkd.mjs";
-import { A as FIRST_TREE_HUB_ATTR, C as stampOrgScope, D as untrustedAttrs, E as startWsConnectionSpan, M as require_pino, O as withSpan, S as stampChatResource, _ as rootLogger$1, a as buildRateLimitError, c as currentTraceId, f as messageAttrs, g as reportErrorToRoot, i as bodyCaptureOnSendHook, j as redactUrl, k as withWsMessageSpan, l as decodeJwtForTrace, m as observabilityPlugin, n as applyLoggerConfig, o as classifyJoseError, r as attachRequestContext, s as createLogger$1, t as adapterAttrs, u as endWsConnectionSpan, x as stampAgentResource, y as setWsConnectionAttrs } from "./observability-BAScT_5S-gw1ODB_o.mjs";
+import { A as FIRST_TREE_HUB_ATTR, C as stampOrgScope, D as untrustedAttrs, E as startWsConnectionSpan, M as require_pino, O as withSpan, S as stampChatResource, _ as rootLogger$1, a as buildRateLimitError, c as currentTraceId, g as reportErrorToRoot, i as bodyCaptureOnSendHook, j as redactUrl, k as withWsMessageSpan, l as decodeJwtForTrace, m as observabilityPlugin, n as applyLoggerConfig, o as classifyJoseError, r as attachRequestContext, s as createLogger$1, t as adapterAttrs, u as endWsConnectionSpan, x as stampAgentResource, y as setWsConnectionAttrs } from "./observability-BAScT_5S-BcW9HgkG.mjs";
 import { C as resetConfigMeta, E as setConfigValue, S as resetConfig, T as serverConfigSchema, b as migrateLegacyHome, c as resolveServerUrl, d as DEFAULT_CONFIG_DIR, f as DEFAULT_DATA_DIR$1, g as collectMissingPrompts, h as clientConfigSchema, i as ensureFreshAccessToken, l as saveAgentConfig, m as agentConfigSchema, o as loadCredentials, p as DEFAULT_HOME_DIR$1, u as saveCredentials, v as initConfig, w as resolveConfigReadonly, y as loadAgents } from "./bootstrap-C_K2CKXC.mjs";
 import { a as print, i as blank, n as CLI_USER_AGENT, r as COMMAND_VERSION, s as status, t as cliFetch } from "./cli-fetch--tiwKm5S.mjs";
-import { $ as loginSchema, A as createAgentSchema, B as githubCallbackQuerySchema, C as agentTypeSchema$1, Ct as updateChatSchema, D as contextTreeSnapshotSchema, Dt as updateTaskStatusSchema, E as connectTokenExchangeSchema, Et as updateOrganizationSchema, F as createTaskSchema, G as inboxDeliverFrameSchema$1, H as githubStartQuerySchema, I as defaultRuntimeConfigPayload, J as isRedactedEnvValue, K as inboxPollQuerySchema, L as delegateFeishuUserSchema, M as createMeChatSchema, N as createMemberSchema, O as createAdapterConfigSchema, Ot as wsAuthFrameSchema, P as createOrgFromMeSchema, Q as listMeChatsQuerySchema, R as dryRunAgentRuntimeConfigSchema, S as agentRuntimeConfigPayloadSchema$1, St as updateAgentSchema, T as clientRegisterSchema, Tt as updateMemberSchema, U as imageInlineContentSchema, V as githubDevCallbackQuerySchema, W as inboxAckFrameSchema, X as joinByInvitationSchema, Y as isReservedAgentName$1, Z as linkTaskChatSchema, _ as addParticipantSchema, _t as sessionStateMessageSchema, a as AGENT_STATUSES, at as rebindAgentSchema, b as agentBindRequestSchema, bt as updateAdapterConfigSchema, ct as safeRedirectPath, d as TASK_CREATOR_TYPES, dt as sendMessageSchema, et as messageSourceSchema$1, f as TASK_HEALTH_SIGNALS, ft as sendToAgentSchema, g as addMeChatParticipantsSchema, gt as sessionReconcileRequestSchema, h as WS_AUTH_FRAME_TIMEOUT_MS, ht as sessionEventSchema$1, i as AGENT_SOURCES, it as patchOnboardingSchema, j as createChatSchema, k as createAdapterMappingSchema, l as MENTION_REGEX, lt as scanMentionTokens, m as TASK_TERMINAL_STATUSES, mt as sessionEventMessageSchema, n as AGENT_NAME_REGEX$1, nt as onboardingEventSchema, o as AGENT_TYPES, ot as refreshTokenSchema, p as TASK_STATUSES, pt as sessionCompletionMessageSchema, q as isOrgSettingNamespace, r as AGENT_SELECTOR_HEADER$1, rt as paginationQuerySchema, s as AGENT_VISIBILITY, st as runtimeStateMessageSchema, t as AGENT_BIND_REJECT_REASONS, tt as notificationQuerySchema, u as ORG_SETTINGS_NAMESPACES$1, ut as selfServiceFeishuBotSchema, v as adminCreateTaskSchema, vt as stripCode, wt as updateClientCapabilitiesSchema, x as agentPinnedMessageSchema$1, xt as updateAgentRuntimeConfigSchema, y as adminUpdateTaskSchema, yt as taskListQuerySchema, z as extractMentions } from "./dist-CfvCT4E0.mjs";
+import { $ as loginSchema, A as createAgentSchema, At as updateTaskStatusSchema, B as githubCallbackQuerySchema, C as agentTypeSchema$1, Ct as updateAdapterConfigSchema, D as contextTreeSnapshotSchema, Dt as updateClientCapabilitiesSchema, E as connectTokenExchangeSchema, Et as updateChatSchema, F as createTaskSchema, G as inboxDeliverFrameSchema$1, H as githubStartQuerySchema, I as defaultRuntimeConfigPayload, J as isRedactedEnvValue, K as inboxPollQuerySchema, L as delegateFeishuUserSchema, M as createMeChatSchema, N as createMemberSchema, O as createAdapterConfigSchema, Ot as updateMemberSchema, P as createOrgFromMeSchema, Q as listMeChatsQuerySchema, R as dryRunAgentRuntimeConfigSchema, S as agentRuntimeConfigPayloadSchema$1, St as taskListQuerySchema, T as clientRegisterSchema, Tt as updateAgentSchema, U as imageInlineContentSchema, V as githubDevCallbackQuerySchema, W as inboxAckFrameSchema, X as joinByInvitationSchema, Y as isReservedAgentName$1, Z as linkTaskChatSchema, _ as addParticipantSchema, _t as sessionEventSchema$1, a as AGENT_STATUSES, b as agentBindRequestSchema, bt as stripCode, ct as refreshTokenSchema, d as TASK_CREATOR_TYPES, et as messageSourceSchema$1, f as TASK_HEALTH_SIGNALS, ft as selfServiceFeishuBotSchema, g as addMeChatParticipantsSchema, gt as sessionEventMessageSchema, h as WS_AUTH_FRAME_TIMEOUT_MS, ht as sessionCompletionMessageSchema, i as AGENT_SOURCES, it as patchOnboardingSchema, j as createChatSchema, jt as wsAuthFrameSchema, k as createAdapterMappingSchema, kt as updateOrganizationSchema, l as MENTION_REGEX, lt as runtimeStateMessageSchema, m as TASK_TERMINAL_STATUSES, mt as sendToAgentSchema, n as AGENT_NAME_REGEX$1, nt as onboardingEventSchema, o as AGENT_TYPES, p as TASK_STATUSES, pt as sendMessageSchema, q as isOrgSettingNamespace, r as AGENT_SELECTOR_HEADER$1, rt as paginationQuerySchema, s as AGENT_VISIBILITY, st as rebindAgentSchema, t as AGENT_BIND_REJECT_REASONS, tt as notificationQuerySchema, u as ORG_SETTINGS_NAMESPACES$1, ut as safeRedirectPath, v as adminCreateTaskSchema, vt as sessionReconcileRequestSchema, wt as updateAgentRuntimeConfigSchema, x as agentPinnedMessageSchema$1, xt as submitQuestionAnswerSchema, y as adminUpdateTaskSchema, yt as sessionStateMessageSchema } from "./dist-UOZ6vMUW.mjs";
 import { a as ConflictError, c as UnauthorizedError, i as ClientUserMismatchError$1, l as organizations, n as BadRequestError, o as ForbiddenError, r as ClientOrgMismatchError$1, s as NotFoundError, t as AppError, u as users } from "./errors-CF5evtJt-B0NTIVPt.mjs";
-import { C as retireClient, D as touchAgent, E as setRuntimeState, O as unbindAgent, S as registerClient, T as setOffline, _ as listClients, a as claimClient, b as markStaleAgents, c as clients, d as getClient, f as getOnlineCount, g as listActiveAgentsPinnedToClient, h as heartbeatInstance, i as bindAgent, k as updateClientCapabilities, l as deriveAuthState, m as heartbeatClient, n as agents, o as cleanupStaleClients, p as getPresence, r as assertClientOwner, s as cleanupStalePresence, t as agentPresence, u as disconnectClient, v as listClientsForOrgAdmin, w as serverInstances, x as members } from "./client-DqdGiggm-NQoGZ2vM.mjs";
-import { n as init_esm, r as trace, t as esm_exports } from "./esm-Ci8E1Gtj.mjs";
+import { n as init_esm, r as trace, t as esm_exports } from "./esm-iadMkGbV.mjs";
+import { $ as pendingQuestions, A as heartbeatClient, B as listAgentsWithRuntime, C as findOrCreateDirectChat, D as getClient, E as getChatDetail, F as joinChat, G as listClientsForOrgAdmin, H as listChats, I as leaveAsParticipant, J as markStaleAgents, K as listMessages, L as leaveChat, M as inboxEntries, N as invalidateChatAudience, O as getOnlineCount, P as joinAsParticipant, Q as notifyRecipients, R as listActiveAgentsPinnedToClient, S as ensureParticipant$1, T as getCachedAudience, U as listChatsForMember, V as listChatParticipantsWithNames, W as listClients, X as members, Y as markSupersededByChat, Z as messages, _ as createNotifier, _t as updateClientCapabilities, a as agents, at as removeParticipant, b as editMessage, c as bindAgent, ct as retireClient, d as chats, dt as serverInstances, et as recomputeChatWatchers, f as claimClient, ft as setOffline, g as createChat, gt as unbindAgent, h as clients, ht as touchAgent, i as agentVisibilityCondition, it as registerClient, j as heartbeatInstance, k as getPresence, l as chatParticipants, lt as sendMessage, m as cleanupStalePresence, mt as submitAnswer, n as agentChatSessions, nt as recomputeWatchersForMember, o as assertClientOwner, ot as resetActivity, p as cleanupStaleClients, pt as setRuntimeState, r as agentPresence, rt as registerChatMessageDispatcher, s as assertParticipant, st as resolveChatMembership, t as addParticipant, tt as recomputeWatchersForAgent, u as chatSubscriptions, ut as sendToAgent$1, v as deriveAuthState, vt as upsertSessionState, w as getActivityOverview, x as ensureCanJoin, y as disconnectClient, z as listAgentsManagedByUser } from "./client-BPUdUaZT-CyCrpCTP.mjs";
 import { a as invitationRedemptions, c as recordRedemption, i as getActiveInvitation, l as rotateInvitation, n as ensureActiveInvitation, o as invitations, r as findActiveByToken, t as buildInviteUrl, u as uuidv7 } from "./invitation-Bg0TRiyx-BsZH4GCS.mjs";
 import { createRequire } from "node:module";
 import { ZodError, z } from "zod";
@@ -29,7 +29,7 @@ import { and, asc, count, desc, eq, gt, gte, inArray, isNotNull, isNull, lt, ne,
 import { drizzle } from "drizzle-orm/postgres-js";
 import postgres from "postgres";
 import { migrate } from "drizzle-orm/postgres-js/migrator";
-import { bigserial, boolean, index, integer, jsonb, pgTable, primaryKey, serial, text, timestamp, unique, uniqueIndex } from "drizzle-orm/pg-core";
+import { boolean, index, integer, jsonb, pgTable, primaryKey, serial, text, timestamp, unique, uniqueIndex } from "drizzle-orm/pg-core";
 import { SignJWT, jwtVerify } from "jose";
 import cors from "@fastify/cors";
 import rateLimit from "@fastify/rate-limit";
@@ -1015,7 +1015,9 @@ const messageFormatSchema = z.enum([
 	"card",
 	"reference",
 	"file",
-	"task"
+	"task",
+	"question",
+	"question_answer"
 ]);
 z.object({
 	format: messageFormatSchema.default("text"),
@@ -1363,26 +1365,26 @@ z.object({
 *   2. Add a key to `ORG_SETTINGS_NAMESPACES`.
 *   3. Done. No DB migration, no new API route.
 */
-const orgContextTreeRepoUrlSchema = z.string().url().refine((value) => {
+const httpsRepoUrlSchema = z.string().url().refine((value) => {
 	try {
 		return new URL(value).protocol === "https:";
 	} catch {
 		return false;
 	}
-}, { message: "Context Tree repo URL must use HTTPS." }).refine((value) => {
+}, { message: "Repo URL must use HTTPS." }).refine((value) => {
 	try {
 		const url = new URL(value);
 		return url.username.length === 0 && url.password.length === 0;
 	} catch {
 		return false;
 	}
-}, { message: "Context Tree repo URL must not include credentials." });
+}, { message: "Repo URL must not include credentials." });
 const orgContextTreeStorageSchema = z.object({
-	repo: orgContextTreeRepoUrlSchema.optional(),
+	repo: httpsRepoUrlSchema.optional(),
 	branch: z.string().default("main")
 });
 const orgContextTreeInputSchema = z.object({
-	repo: orgContextTreeRepoUrlSchema.nullish(),
+	repo: httpsRepoUrlSchema.nullish(),
 	branch: z.string().min(1).nullish()
 });
 const orgContextTreeOutputSchema = z.object({
@@ -1395,16 +1397,36 @@ const orgGithubIntegrationOutputSchema = z.object({
 	webhookSecretConfigured: z.boolean(),
 	webhookUrl: z.string()
 });
+const orgSourceReposStorageSchema = z.object({ repos: z.array(z.object({
+	url: httpsRepoUrlSchema,
+	defaultBranch: z.string().optional()
+})).default([]) });
+const orgSourceReposInputSchema = z.object({ repos: z.array(z.object({
+	url: httpsRepoUrlSchema,
+	defaultBranch: z.string().min(1).optional()
+})).optional() });
+const orgSourceReposOutputSchema = z.object({ repos: z.array(z.object({
+	url: z.string(),
+	defaultBranch: z.string().optional()
+})) });
 const ORG_SETTINGS_NAMESPACES = {
 	context_tree: {
 		storage: orgContextTreeStorageSchema,
 		input: orgContextTreeInputSchema,
-		output: orgContextTreeOutputSchema
+		output: orgContextTreeOutputSchema,
+		readPolicy: "member"
 	},
 	github_integration: {
 		storage: orgGithubIntegrationStorageSchema,
 		input: orgGithubIntegrationInputSchema,
-		output: orgGithubIntegrationOutputSchema
+		output: orgGithubIntegrationOutputSchema,
+		readPolicy: "admin"
+	},
+	source_repos: {
+		storage: orgSourceReposStorageSchema,
+		input: orgSourceReposInputSchema,
+		output: orgSourceReposOutputSchema,
+		readPolicy: "member"
 	}
 };
 const ORG_SETTINGS_NAMESPACE_KEYS = Object.keys(ORG_SETTINGS_NAMESPACES);
@@ -1443,6 +1465,78 @@ z.object({
 	organizationId: z.string(),
 	agents: z.record(z.string(), z.array(pulseBucketSchema).length(32))
 });
+/**
+* Structured ask-user payloads bridged from the Claude Agent SDK
+* `AskUserQuestion` tool to Hub messages.
+*
+* Shape mirrors the SDK 0.2.84 input/output verbatim so the client
+* runtime adapter can pass `updatedInput` straight through. See
+* verify scripts under `packages/client/tmp-verify/` for the live
+* matrix this was validated against.
+*
+* Lifecycle:
+*  1. Agent emits a `format: "question"` message — its `content` is a
+*     `QuestionMessageContent` carrying `correlationId` + `questions[]`.
+*  2. User picks options in the Web UI and POSTs answers; server writes
+*     a `format: "question_answer"` message — its `content` is a
+*     `QuestionAnswerMessageContent` referencing the same `correlationId`.
+*  3. Client runtime resolves the in-flight `canUseTool` promise with the
+*     answers, and the SDK feeds them back to the model.
+*
+* `pending → answered → superseded` runtime status lives in a separate
+* server table (`pending_questions`) and is not part of the message —
+* messages are immutable once written.
+*/
+/**
+* Single option inside a question. `preview` is rich content rendered above
+* the label — the SDK's tool input emits it as `string | undefined` (the
+* field is omitted when the model didn't generate any preview content), so
+* we accept undefined / null / string and normalise downstream renderers
+* to treat all three the same way.
+*/
+const questionOptionSchema = z.object({
+	label: z.string().min(1),
+	description: z.string(),
+	preview: z.string().nullable().optional()
+});
+/**
+* One question. `header` is a chip-style short tag. The SDK schema docs
+* describe ≤12 chars but in practice the model occasionally emits
+* slightly longer headers; we keep the rule loose (≤24) so a stylistic
+* regression doesn't fail-closed at canUseTool and abandon the entire
+* tool call. The UI truncates visually if needed.
+*/
+const questionItemSchema = z.object({
+	question: z.string().min(1),
+	header: z.string().min(1).max(24),
+	options: z.array(questionOptionSchema).min(2).max(4),
+	multiSelect: z.boolean()
+});
+/** Session-level preview format hint. Mirrors `toolConfig.askUserQuestion.previewFormat`. */
+const questionPreviewFormatSchema = z.enum(["html", "markdown"]).nullable();
+z.object({
+	correlationId: z.string().min(1),
+	questions: z.array(questionItemSchema).min(1).max(4),
+	previewFormat: questionPreviewFormatSchema,
+	allowFreeText: z.boolean()
+});
+/**
+* Content payload for a message whose `format === "question_answer"`.
+*
+* `answers` is keyed by `QuestionItem.question` text. For `multiSelect` questions
+* the value is a `, `-joined string of selected labels (matches SDK convention).
+* For free-text answers the value is the user's raw input.
+*/
+const questionAnswerMessageContentSchema = z.object({
+	correlationId: z.string().min(1),
+	answers: z.record(z.string().min(1), z.string())
+});
+z.object({ answers: z.record(z.string().min(1), z.string()) });
+z.enum([
+	"pending",
+	"answered",
+	"superseded"
+]);
 const sessionEventKind = z.enum([
 	"tool_call",
 	"error",
@@ -3471,6 +3565,85 @@ function cleanWorkspaces(workspaceRoot, activeChatIds, ttlMs = DEFAULT_WORKSPACE
 	}
 	return removed;
 }
+const pending = /* @__PURE__ */ new Map();
+/**
+* Register a Promise that will resolve when the matching `question_answer`
+* message arrives. Same `correlationId` re-registration is treated as the
+* SDK retrying — the previous entry is rejected as superseded so its
+* `canUseTool` callback unblocks.
+*/
+function registerPendingQuestion(args) {
+	const { correlationId, agentId, chatId } = args;
+	const existing = pending.get(correlationId);
+	if (existing) existing.resolve({
+		status: "denied",
+		reason: "Question re-registered with the same correlation id."
+	});
+	return new Promise((resolve) => {
+		pending.set(correlationId, {
+			agentId,
+			chatId,
+			registeredAt: Date.now(),
+			resolve
+		});
+	});
+}
+/**
+* Best-effort resolve. Called by the inbox dispatcher when a
+* `format: "question_answer"` message arrives. Returns `true` when an entry
+* matched (so the caller knows it can ack + skip normal session routing),
+* `false` when there was no waiter (stale answer, e.g. session resumed after
+* the bridge was already cleaned up).
+*
+* Schema validation lives here too — a malformed answer payload is logged
+* (well, `false` returned and the dispatcher emits a warn) but never throws.
+*/
+function tryResolveQuestionAnswer(content) {
+	const parsed = questionAnswerMessageContentSchema.safeParse(content);
+	if (!parsed.success) return false;
+	const entry = pending.get(parsed.data.correlationId);
+	if (!entry) return false;
+	pending.delete(parsed.data.correlationId);
+	entry.resolve({
+		status: "answered",
+		answers: parsed.data.answers
+	});
+	return true;
+}
+/** Cleanup hook used by handler.shutdown() to fail-fast every in-flight question. */
+function rejectPendingForAgent(agentId, reason) {
+	let count = 0;
+	for (const [correlationId, entry] of pending) {
+		if (entry.agentId !== agentId) continue;
+		pending.delete(correlationId);
+		entry.resolve({
+			status: "denied",
+			reason
+		});
+		count++;
+	}
+	return count;
+}
+/**
+* Silent cleanup for `handler.suspend()`. Removes pending entries WITHOUT
+* resolving the Promise — the SDK process is being torn down anyway, and
+* resolving would unblock the canUseTool callback whose return value the
+* SDK then writes to a now-closed transport (the symptom: 'ProcessTransport
+* is not ready for writing' uncaught). The orphaned Promise stack frame is
+* GC'd alongside the SDK process exit. When the user eventually answers,
+* SessionManager.dispatch sees no matching waiter (`tryResolveQuestionAnswer`
+* returns false) and routes the answer message through the normal dispatch
+* path so the suspended session resumes with the answer as fresh input.
+*/
+function clearPendingForAgent(agentId) {
+	let count = 0;
+	for (const [correlationId, entry] of pending) {
+		if (entry.agentId !== agentId) continue;
+		pending.delete(correlationId);
+		count++;
+	}
+	return count;
+}
 /**
 * Resolve which Claude Code binary the SDK should spawn.
 *
@@ -3826,6 +3999,90 @@ const createClaudeCodeHandler = (config) => {
 		recordAppliedPayload(sessionCtx);
 		consumerDone = consumeOutput(sessionCtx);
 	}
+	/**
+	* Build the SDK `canUseTool` callback for this session. Auto-allows every
+	* tool except `AskUserQuestion`, which we route through the Hub's inbox:
+	*
+	*   1. Validate the SDK's question shape against the shared Zod schema (so
+	*      a malformed model output can't smuggle bad data into Hub messages).
+	*   2. Send a `format: "question"` message via the agent SDK — this hits
+	*      the server's `sendMessage` path which writes the `pending_questions`
+	*      lifecycle row in the same transaction (see commit 2).
+	*   3. Register a Promise keyed on the SDK `toolUseID`. The matching
+	*      `question_answer` message arrives over the inbox WS / poll path
+	*      and SessionManager.dispatch resolves the Promise (commit 2 wired
+	*      the answer route + supersede hooks; SessionManager wiring lives
+	*      in this commit).
+	*   4. Map the bridge result to `PermissionResult`: `answered` →
+	*      `{ behavior: "allow", updatedInput: { questions, answers } }`,
+	*      `denied` → `{ behavior: "deny", message }` so the model abandons
+	*      the call instead of looping.
+	*
+	* `bypassPermissions` mode still calls `canUseTool` for `AskUserQuestion`
+	* specifically — verified by `tmp-verify/verify.mjs` cases A through G.
+	*/
+	function buildAskUserCanUseTool(sessionCtx) {
+		return async (toolName, input, options) => {
+			if (toolName !== "AskUserQuestion") return {
+				behavior: "allow",
+				updatedInput: input
+			};
+			const parsed = z.object({ questions: z.array(questionItemSchema).min(1).max(4) }).safeParse(input);
+			if (!parsed.success) {
+				sessionCtx.log(`AskUserQuestion: malformed input — ${parsed.error.message.slice(0, 200)}`);
+				return {
+					behavior: "deny",
+					message: "AskUserQuestion input did not validate; abandon the question and pick a different tool or answer."
+				};
+			}
+			const correlationId = options.toolUseID;
+			const questions = parsed.data.questions;
+			const questionContent = {
+				correlationId,
+				questions,
+				previewFormat: "html",
+				allowFreeText: true
+			};
+			try {
+				await sessionCtx.sdk.sendMessage(sessionCtx.chatId, {
+					format: "question",
+					content: questionContent
+				});
+			} catch (err) {
+				const reason = err instanceof Error ? err.message : String(err);
+				sessionCtx.log(`AskUserQuestion: failed to publish question — ${reason}`);
+				return {
+					behavior: "deny",
+					message: `Hub could not publish the question (${reason}); abandon the call.`
+				};
+			}
+			sessionCtx.log(`AskUserQuestion: published correlationId=${correlationId}; awaiting user answer`);
+			const result = await registerPendingQuestion({
+				correlationId,
+				agentId: sessionCtx.agent.agentId,
+				chatId: sessionCtx.chatId
+			});
+			if (options.signal.aborted) return {
+				behavior: "deny",
+				message: "AskUserQuestion aborted before an answer arrived."
+			};
+			if (result.status === "denied") {
+				sessionCtx.log(`AskUserQuestion: denied correlationId=${correlationId} reason=${result.reason}`);
+				return {
+					behavior: "deny",
+					message: result.reason
+				};
+			}
+			sessionCtx.log(`AskUserQuestion: answered correlationId=${correlationId}`);
+			return {
+				behavior: "allow",
+				updatedInput: {
+					questions,
+					answers: result.answers
+				}
+			};
+		};
+	}
 	/** Rebuild query and input controller without starting a new consumer loop (used for retry within the existing loop). */
 	function respawnQuery(sessionId, sessionCtx) {
 		buildQuery(sessionId, sessionCtx, sessionId);
@@ -3858,6 +4115,8 @@ const createClaudeCodeHandler = (config) => {
 				allowDangerouslySkipPermissions: true,
 				settingSources: ["user", "project"],
 				env: buildEnv(sessionCtx),
+				canUseTool: buildAskUserCanUseTool(sessionCtx),
+				toolConfig: { askUserQuestion: { previewFormat: "html" } },
 				...claudeCodeExecutable ? { pathToClaudeCodeExecutable: claudeCodeExecutable } : {},
 				...payload?.model ? { model: payload.model } : {},
 				...payload?.prompt.append ? { systemPrompt: {
@@ -4120,6 +4379,11 @@ const createClaudeCodeHandler = (config) => {
 		},
 		async suspend() {
 			ctx?.log("Suspending session");
+			const sessionCtx = ctx;
+			if (sessionCtx) {
+				const dropped = clearPendingForAgent(sessionCtx.agent.agentId);
+				if (dropped > 0) sessionCtx.log(`Cleared ${dropped} pending AskUserQuestion entries on suspend`);
+			}
 			if (inputController) {
 				inputController.end();
 				inputController = null;
@@ -4137,6 +4401,10 @@ const createClaudeCodeHandler = (config) => {
 		async shutdown() {
 			const sessionCtx = ctx;
 			await handler.suspend();
+			if (sessionCtx) {
+				const dropped = rejectPendingForAgent(sessionCtx.agent.agentId, "Session shutting down.");
+				if (dropped > 0) sessionCtx.log(`Rejected ${dropped} pending AskUserQuestion entries during shutdown`);
+			}
 			if (sessionCtx) await cleanupGitWorktrees(sessionCtx);
 			if (cwd) {
 				try {
@@ -4815,8 +5083,34 @@ function resolveSenderLabel(senderId, participants) {
 * Async because the participant list may need a server round-trip on first
 * use; subsequent messages in the same session hit the cache.
 */
+/**
+* Convert a SessionMessage's payload to a plain-text snippet the LLM can
+* read as user input. Most formats are already strings; the special case
+* is `question_answer` — when an answer arrives AFTER the SDK process was
+* suspended, SessionManager.dispatch routes it through the normal path,
+* and we need to render the structured `{correlationId, answers}` payload
+* as readable English so the resumed Claude turn can act on it.
+*/
+function renderForLLM(message) {
+	if (message.format === "question_answer" && message.content && typeof message.content === "object") {
+		const c = message.content;
+		if (c.answers && typeof c.answers === "object") {
+			const lines = [];
+			for (const [question, answer] of Object.entries(c.answers)) {
+				lines.push(`Q: ${question}`);
+				lines.push(`A: ${answer}`);
+			}
+			return [
+				"[The user has answered an earlier AskUserQuestion you raised. Continue the task using their answers below; do NOT call AskUserQuestion again for the same questions.]",
+				"",
+				...lines
+			].join("\n");
+		}
+	}
+	return typeof message.content === "string" ? message.content : JSON.stringify(message.content);
+}
 async function formatInboundContent(message, participants) {
-	const rawContent = typeof message.content === "string" ? message.content : JSON.stringify(message.content);
+	const rawContent = renderForLLM(message);
 	const preceding = message.precedingMessages ?? [];
 	let header = "";
 	if (preceding.length > 0) {
@@ -5019,6 +5313,16 @@ var SessionManager = class {
 	async dispatch(entry) {
 		const chatId = entry.chatId ?? entry.message.chatId;
 		const messageId = entry.message.id;
+		if (entry.message.format === "question_answer") {
+			if (tryResolveQuestionAnswer(entry.message.content)) {
+				await this.ackEntry(entry.id, chatId);
+				return;
+			}
+			this.config.log.info({
+				chatId,
+				messageId
+			}, "question_answer with no live bridge waiter — resuming session with answer as input");
+		}
 		const dedupKey = `${chatId}:${messageId}`;
 		if (this.deduplicator.isDuplicate(dedupKey)) {
 			this.config.log.debug({
@@ -8376,7 +8680,7 @@ async function onboardCreate(args) {
 	}
 	const runtimeAgent = args.type === "human" ? args.assistant : args.id;
 	if (args.feishuBotAppId && args.feishuBotAppSecret) {
-		const { bindFeishuBot } = await import("./feishu-DbSvp9UH.mjs").then((n) => n.r);
+		const { bindFeishuBot } = await import("./feishu-C6qlhju2.mjs").then((n) => n.r);
 		const targetAgentUuid = args.type === "human" ? assistantUuid : primary.uuid;
 		if (!targetAgentUuid) print.line(`Warning: Cannot bind Feishu bot — no runtime agent available for "${args.id}".\n`);
 		else {
@@ -9589,7 +9893,7 @@ function createFeedbackHandler(config) {
 	return { handle };
 }
 //#endregion
-//#region ../server/dist/app--DB1keQE.mjs
+//#region ../server/dist/app-CVe_gn9M.mjs
 var import_fastify_opentelemetry = /* @__PURE__ */ __toESM(require_fastify_opentelemetry(), 1);
 init_esm();
 var __defProp = Object.defineProperty;
@@ -9613,53 +9917,6 @@ const adapterAgentMappings = pgTable("adapter_agent_mappings", {
 	metadata: jsonb("metadata").$type().notNull().default({}),
 	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow()
 }, (table) => [unique("uq_adapter_agent_mapping").on(table.platform, table.externalUserId)]);
-/** Communication container. All messages between agents flow within a Chat. */
-const chats = pgTable("chats", {
-	id: text("id").primaryKey(),
-	organizationId: text("organization_id").notNull().references(() => organizations.id),
-	type: text("type").notNull().default("direct"),
-	topic: text("topic"),
-	lifecyclePolicy: text("lifecycle_policy").default("persistent"),
-	parentChatId: text("parent_chat_id"),
-	metadata: jsonb("metadata").$type().notNull().default({}),
-	lastMessageAt: timestamp("last_message_at", { withTimezone: true }),
-	lastMessagePreview: text("last_message_preview"),
-	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow(),
-	updatedAt: timestamp("updated_at", { withTimezone: true }).notNull().defaultNow()
-}, (table) => [index("idx_chats_org_last_message").on(table.organizationId, desc(table.lastMessageAt))]);
-/** Speaking participants of a chat (M:N). Watchers live in chat_subscriptions. */
-const chatParticipants = pgTable("chat_participants", {
-	chatId: text("chat_id").notNull().references(() => chats.id, { onDelete: "cascade" }),
-	agentId: text("agent_id").notNull().references(() => agents.uuid),
-	role: text("role").notNull().default("member"),
-	mode: text("mode").notNull().default("full"),
-	lastReadAt: timestamp("last_read_at", { withTimezone: true }),
-	unreadMentionCount: integer("unread_mention_count").notNull().default(0),
-	joinedAt: timestamp("joined_at", { withTimezone: true }).notNull().defaultNow()
-}, (table) => [primaryKey({ columns: [table.chatId, table.agentId] }), index("idx_participants_agent").on(table.agentId)]);
-/**
-* Non-speaking observers ("watchers"). Used by the chat-first workspace so a
-* user can supervise chats their managed agents participate in without
-* accidentally being part of fan-out.
-*
-* Invariants:
-*   1. (chat_id, agent_id) is mutually exclusive with chat_participants.
-*   2. Rows here NEVER produce inbox_entries (fan-out exclusivity).
-*   3. Mention candidate resolution NEVER includes these rows.
-*   4. State transitions (join/leave) carry last_read_at + counter; lifecycle
-*      recomputes default to NULL/0 and MUST NOT run on the join/leave path.
-*
-* See docs/chat-first-workspace-product-design.md "Data Model" + "State
-* Transitions" for the full contract.
-*/
-const chatSubscriptions = pgTable("chat_subscriptions", {
-	chatId: text("chat_id").notNull().references(() => chats.id, { onDelete: "cascade" }),
-	agentId: text("agent_id").notNull().references(() => agents.uuid),
-	kind: text("kind").notNull().default("watching"),
-	lastReadAt: timestamp("last_read_at", { withTimezone: true }),
-	unreadMentionCount: integer("unread_mention_count").notNull().default(0),
-	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow()
-}, (table) => [primaryKey({ columns: [table.chatId, table.agentId] }), index("idx_chat_subscriptions_agent").on(table.agentId)]);
 /**
 * Tasks — lightweight work units. Process descriptors, not tickets.
 * Immutable status state machine: pending → assigned → working → (completed | failed | cancelled).
@@ -10090,7 +10347,7 @@ async function deleteAdapterConfig(db, id) {
 	const [row] = await db.delete(adapterConfigs).where(eq(adapterConfigs.id, id)).returning();
 	if (!row) throw new NotFoundError(`Adapter config "${id}" not found`);
 }
-const log$7 = createLogger$1("Adapters");
+const log$5 = createLogger$1("Adapters");
 function parseId(raw) {
 	const id = Number(raw);
 	if (!Number.isInteger(id) || id <= 0) throw new BadRequestError(`Invalid adapter ID: "${raw}"`);
@@ -10116,7 +10373,7 @@ async function adapterRoutes(app) {
 		const existing = await getAdapterConfig(app.db, id);
 		await assertAgentManageableByUser(app.db, userId, existing.agentId);
 		const config = await updateAdapterConfig(app.db, id, body, app.config.secrets.encryptionKey);
-		app.adapterManager.reload().catch((err) => log$7.error({ err }, "adapter reload failed after update"));
+		app.adapterManager.reload().catch((err) => log$5.error({ err }, "adapter reload failed after update"));
 		app.notifier.notifyConfigChange("adapter_configs").catch(() => {});
 		return {
 			...config,
@@ -10130,7 +10387,7 @@ async function adapterRoutes(app) {
 		const existing = await getAdapterConfig(app.db, id);
 		await assertAgentManageableByUser(app.db, userId, existing.agentId);
 		await deleteAdapterConfig(app.db, id);
-		app.adapterManager.reload().catch((err) => log$7.error({ err }, "adapter reload failed after delete"));
+		app.adapterManager.reload().catch((err) => log$5.error({ err }, "adapter reload failed after delete"));
 		app.notifier.notifyConfigChange("adapter_configs").catch(() => {});
 		return reply.status(204).send();
 	});
@@ -10146,619 +10403,6 @@ function requireAgent(request) {
 	if (!agent) throw new UnauthorizedError("Agent authentication required");
 	return agent;
 }
-/**
-* Process-local cache for the per-chat realtime push audience
-* (`chat_participants ∪ chat_subscriptions`, keyed by human agent
-* uuid). Sits in front of the admin WS dispatch so a chat with N
-* messages/sec doesn't issue N audience-resolution queries; one query
-* + cache hit per chat per TTL window.
-*
-* The cache exposes both a populator (`getCachedAudience`) and an
-* invalidator (`invalidateChatAudience`). Participant-mutation paths
-* (`addMeChatParticipants`, `joinMeChat`, `leaveMeChat`,
-* `recomputeChatWatchers`, `joinAsParticipant`, `leaveAsParticipant`)
-* MUST call `invalidateChatAudience` after their tx commits so the
-* very next dispatch reflects the new audience without waiting for
-* the TTL to age out — without invalidation, a freshly-added speaker
-* would miss `chat:message` pushes for up to TTL_MS.
-*
-* Cross-instance correctness: not handled here. The PG NOTIFY layer
-* already broadcasts message events to every replica; each replica's
-* audience cache is independently invalidated by its own
-* service-layer mutations on chats it routes traffic for. For
-* cross-replica participant changes to invalidate this cache, route
-* the mutation through the same replica that hosts the WS connection
-* (sticky routing) or add a dedicated `chat:audience` PG NOTIFY in
-* a follow-up.
-*/
-const log$6 = createLogger$1("ChatAudienceCache");
-const TTL_MS = 5e3;
-const MAX_ENTRIES = 1024;
-const cache = /* @__PURE__ */ new Map();
-/** Resolve a chat's push audience, hitting the cache when fresh.
-*  Returns null on DB error (caller should skip dispatch). */
-async function getCachedAudience(db, chatId) {
-	const now = Date.now();
-	const cached = cache.get(chatId);
-	if (cached && cached.expiresAt > now) return cached.audience;
-	try {
-		const rows = await db.execute(sql`
-      SELECT agent_id FROM chat_participants WHERE chat_id = ${chatId}
-      UNION
-      SELECT agent_id FROM chat_subscriptions WHERE chat_id = ${chatId}
-    `);
-		const audience = new Set(rows.map((r) => r.agent_id));
-		cache.set(chatId, {
-			audience,
-			expiresAt: now + TTL_MS
-		});
-		if (cache.size > MAX_ENTRIES) {
-			for (const [k, v] of cache) if (v.expiresAt <= now) cache.delete(k);
-		}
-		return audience;
-	} catch (err) {
-		log$6.warn({
-			err,
-			chatId
-		}, "failed to resolve chat audience");
-		return null;
-	}
-}
-/** Drop the cached audience for a chat. Called from participant-
-*  mutation paths after their transaction commits, so the next
-*  `chat:message` dispatch hits the DB and reflects the new
-*  membership instead of serving a stale TTL window. */
-function invalidateChatAudience(chatId) {
-	cache.delete(chatId);
-}
-/**
-* Chat-first workspace — watcher subscription helpers.
-*
-* Watchers (rows in `chat_subscriptions`) are non-speaking observers. A
-* member who manages an agent that participates in a chat — but whose own
-* human agent is not a speaker there — sees the chat in their workspace
-* via a watcher row.
-*
-* Two distinct kinds of operation live here:
-*
-*   1. Set rebuilds (`recompute*`). Idempotent set-based recomputations
-*      driven by lifecycle events (chat created, participant added/removed,
-*      member status flipped, etc.). These DEFAULT new rows to NULL/0 read
-*      state.
-*
-*   2. State-carry transitions (`joinAsParticipant`, `leaveAsParticipant`).
-*      Move a single (chat, agent) pair between `chat_participants` and
-*      `chat_subscriptions` while preserving `last_read_at` and
-*      `unread_mention_count`. NEVER call recompute on this path or you'll
-*      lose read state.
-*
-* See docs/chat-first-workspace-product-design.md "State Transitions" and
-* "Risk Constraints".
-*/
-/**
-* Recompute watcher rows for ONE chat. For every active member who:
-*   - manages a non-human agent that speaks in the chat, AND
-*   - whose own human agent is NOT a speaker in the chat
-* an `(chat_id, member.agent_id)` watcher row is upserted (NULL read state).
-*
-* Watchers whose anchoring condition no longer holds (manager left, the
-* managed agent was removed from the chat, the manager joined as a speaker
-* themselves) are deleted.
-*
-* Idempotent: safe to call multiple times for the same chat.
-*/
-async function recomputeChatWatchers(db, chatId) {
-	await db.execute(sql`
-    INSERT INTO chat_subscriptions
-      (chat_id, agent_id, kind, last_read_at, unread_mention_count, created_at)
-    SELECT DISTINCT cp.chat_id, m.agent_id, 'watching', NULL::timestamp with time zone, 0, now()
-      FROM chat_participants cp
-      JOIN agents  a ON a.uuid = cp.agent_id
-      JOIN members m ON m.id   = a.manager_id
-     WHERE cp.chat_id = ${chatId}
-       AND m.status   = 'active'
-       AND a.type    <> 'human'
-       AND NOT EXISTS (
-         SELECT 1 FROM chat_participants cp2
-          WHERE cp2.chat_id  = cp.chat_id
-            AND cp2.agent_id = m.agent_id
-       )
-    ON CONFLICT (chat_id, agent_id) DO NOTHING
-  `);
-	await db.execute(sql`
-    DELETE FROM chat_subscriptions cs
-     WHERE cs.chat_id = ${chatId}
-       AND NOT EXISTS (
-         SELECT 1
-           FROM chat_participants cp
-           JOIN agents  a ON a.uuid = cp.agent_id
-           JOIN members m ON m.id   = a.manager_id
-          WHERE cp.chat_id = cs.chat_id
-            AND m.agent_id = cs.agent_id
-            AND m.status   = 'active'
-            AND a.type    <> 'human'
-            AND NOT EXISTS (
-              SELECT 1 FROM chat_participants cp2
-               WHERE cp2.chat_id  = cp.chat_id
-                 AND cp2.agent_id = m.agent_id
-            )
-       )
-  `);
-}
-/**
-* Recompute watcher rows touching ONE agent across all chats it speaks in.
-* Used after `rebindAgent` (manager change) so the new manager picks up
-* watcher rows and the old manager's are dropped.
-*/
-async function recomputeWatchersForAgent(db, agentId) {
-	const chatRows = await db.select({ chatId: chatParticipants.chatId }).from(chatParticipants).where(eq(chatParticipants.agentId, agentId));
-	for (const { chatId } of chatRows) await recomputeChatWatchers(db, chatId);
-}
-/**
-* Recompute watcher rows touching ONE member across all chats. Triggered
-* when the member's status flips active ↔ left.
-*/
-async function recomputeWatchersForMember(db, memberId) {
-	const rows = await db.selectDistinct({ chatId: chatParticipants.chatId }).from(chatParticipants).innerJoin(agents, eq(chatParticipants.agentId, agents.uuid)).where(and(eq(agents.managerId, memberId), ne(agents.type, "human")));
-	for (const { chatId } of rows) await recomputeChatWatchers(db, chatId);
-}
-/**
-* Mirror of `services/chat.ts` `maybeUpgradeDirectToGroup`. Inlined here so
-* `joinAsParticipant` keeps the upgrade rule + the state carry in one
-* transaction without depending on chat.ts (avoids a circular import).
-*/
-async function maybeUpgradeDirectToGroup$1(tx, chatId, existingParticipantIds) {
-	if (existingParticipantIds.length + 1 < 3) return;
-	const [chat] = await tx.select({ type: chats.type }).from(chats).where(eq(chats.id, chatId)).limit(1);
-	if (!chat || chat.type !== "direct") return;
-	await tx.update(chats).set({
-		type: "group",
-		updatedAt: /* @__PURE__ */ new Date()
-	}).where(eq(chats.id, chatId));
-	if (existingParticipantIds.length === 0) return;
-	const ids = (await tx.select({ uuid: agents.uuid }).from(agents).where(and(inArray(agents.uuid, existingParticipantIds), ne(agents.type, "human")))).map((r) => r.uuid);
-	if (ids.length === 0) return;
-	await tx.update(chatParticipants).set({ mode: "mention_only" }).where(and(eq(chatParticipants.chatId, chatId), inArray(chatParticipants.agentId, ids)));
-}
-/**
-* Watcher → speaking participant. State-carry transaction.
-*
-*   1. DELETE the watcher row (returning read state).
-*   2. If a participant row already exists, no-op (idempotent).
-*   3. Otherwise, run the direct → group upgrade rule against the *current*
-*      participant set, then INSERT the participant row carrying read state.
-*
-* If `requireWatcherOrVisible` is true, refuse when the user has neither a
-* watcher row nor admin-derived visibility — used to keep the public
-* `/me/chats/:chatId/join` endpoint honest. Pre-check happens in the
-* route layer where we have the full member scope.
-*/
-async function joinAsParticipant(db, chatId, humanAgentId) {
-	return db.transaction(async (tx) => {
-		const [carriedRow] = await tx.delete(chatSubscriptions).where(and(eq(chatSubscriptions.chatId, chatId), eq(chatSubscriptions.agentId, humanAgentId))).returning({
-			lastReadAt: chatSubscriptions.lastReadAt,
-			unreadMentionCount: chatSubscriptions.unreadMentionCount
-		});
-		const [existing] = await tx.select({ chatId: chatParticipants.chatId }).from(chatParticipants).where(and(eq(chatParticipants.chatId, chatId), eq(chatParticipants.agentId, humanAgentId))).limit(1);
-		if (existing) return {
-			chatId,
-			inserted: false,
-			carried: carriedRow ?? null
-		};
-		await maybeUpgradeDirectToGroup$1(tx, chatId, (await tx.select({ agentId: chatParticipants.agentId }).from(chatParticipants).where(eq(chatParticipants.chatId, chatId))).map((p) => p.agentId));
-		await tx.insert(chatParticipants).values({
-			chatId,
-			agentId: humanAgentId,
-			role: "member",
-			mode: "full",
-			lastReadAt: carriedRow?.lastReadAt ?? null,
-			unreadMentionCount: carriedRow?.unreadMentionCount ?? 0
-		});
-		return {
-			chatId,
-			inserted: true,
-			carried: carriedRow ?? null
-		};
-	});
-}
-/**
-* Speaking participant → watcher (or fully detach).
-*
-*   1. DELETE the participant row (returning read state).
-*   2. Test "still visible": is the user still the manager of an agent that
-*      remains a participant in this chat? If yes, INSERT a watcher row
-*      carrying read state. If no, drop entirely.
-*
-* Caller must validate that the user actually has a participant row to
-* leave (returns `NotFoundError` if not).
-*/
-async function leaveAsParticipant(db, chatId, humanAgentId) {
-	return db.transaction(async (tx) => {
-		const [carried] = await tx.delete(chatParticipants).where(and(eq(chatParticipants.chatId, chatId), eq(chatParticipants.agentId, humanAgentId))).returning({
-			lastReadAt: chatParticipants.lastReadAt,
-			unreadMentionCount: chatParticipants.unreadMentionCount
-		});
-		if (!carried) throw new NotFoundError("Not a participant of this chat");
-		const [stillVisibleRow] = await tx.execute(sql`
-      SELECT EXISTS (
-        SELECT 1
-          FROM chat_participants cp
-          JOIN agents  a ON a.uuid = cp.agent_id
-          JOIN members m ON m.id   = a.manager_id
-         WHERE cp.chat_id = ${chatId}
-           AND m.agent_id = ${humanAgentId}
-           AND m.status   = 'active'
-           AND a.type    <> 'human'
-      ) AS visible
-    `);
-		if (!Boolean(stillVisibleRow?.visible)) return {
-			chatId,
-			membershipKind: null
-		};
-		await tx.insert(chatSubscriptions).values({
-			chatId,
-			agentId: humanAgentId,
-			kind: "watching",
-			lastReadAt: carried.lastReadAt,
-			unreadMentionCount: carried.unreadMentionCount
-		}).onConflictDoNothing();
-		return {
-			chatId,
-			membershipKind: "watching"
-		};
-	});
-}
-/**
-* Resolve the membership row of the human agent for the given chat. Returns
-* one of: 'participant', 'watching', or null.
-*
-* Used by `/me/chats/:chatId/join` to refuse a join when the user has
-* neither a watcher row nor a participant row, and isn't otherwise
-* authorised (admin in the chat's org).
-*/
-async function resolveChatMembership(db, chatId, humanAgentId) {
-	const [participant] = await db.select({ chatId: chatParticipants.chatId }).from(chatParticipants).where(and(eq(chatParticipants.chatId, chatId), eq(chatParticipants.agentId, humanAgentId))).limit(1);
-	if (participant) return "participant";
-	const [sub] = await db.select({ chatId: chatSubscriptions.chatId }).from(chatSubscriptions).where(and(eq(chatSubscriptions.chatId, chatId), eq(chatSubscriptions.agentId, humanAgentId))).limit(1);
-	if (sub) return "watching";
-	return null;
-}
-/**
-* Used by `/me/chats/:chatId/join`. Throw 409 if already a speaker (no work
-* to do) and 403 if no watcher row and no admin override. Admin override is
-* resolved at the route layer; this helper only reports the watcher state.
-*/
-function ensureCanJoin(membership) {
-	if (membership === "participant") throw new ConflictError("Already a participant in this chat");
-	if (membership === null) throw new ForbiddenError("Not a watcher of this chat — open the chat from your workspace before joining");
-}
-/**
-* When a direct chat grows past 2 participants, upgrade it to `group` and
-* flip every existing non-human agent participant to `mention_only` — see
-* proposals/hub-agent-messaging-reply-and-mentions §3.3. The caller is
-* expected to insert the new participant AFTER this runs, so the "existing"
-* set excludes them.
-*
-* Idempotent: if the chat is already a group, no-op.
-*/
-async function maybeUpgradeDirectToGroup(db, chatId, existingParticipantIds, newParticipantCount) {
-	if (existingParticipantIds.length + newParticipantCount < 3) return;
-	const [chat] = await db.select({ type: chats.type }).from(chats).where(eq(chats.id, chatId)).limit(1);
-	if (!chat || chat.type !== "direct") return;
-	await db.update(chats).set({
-		type: "group",
-		updatedAt: /* @__PURE__ */ new Date()
-	}).where(eq(chats.id, chatId));
-	if (existingParticipantIds.length === 0) return;
-	const ids = (await db.select({ uuid: agents.uuid }).from(agents).where(and(inArray(agents.uuid, existingParticipantIds), ne(agents.type, "human")))).map((a) => a.uuid);
-	if (ids.length === 0) return;
-	await db.update(chatParticipants).set({ mode: "mention_only" }).where(and(eq(chatParticipants.chatId, chatId), inArray(chatParticipants.agentId, ids)));
-}
-async function createChat(db, creatorId, data) {
-	const chatId = randomUUID();
-	const allParticipantIds = new Set([creatorId, ...data.participantIds]);
-	const existingAgents = await db.select({
-		id: agents.uuid,
-		organizationId: agents.organizationId,
-		type: agents.type
-	}).from(agents).where(inArray(agents.uuid, [...allParticipantIds]));
-	if (existingAgents.length !== allParticipantIds.size) {
-		const found = new Set(existingAgents.map((a) => a.id));
-		throw new BadRequestError(`Agents not found: ${[...allParticipantIds].filter((id) => !found.has(id)).join(", ")}`);
-	}
-	const creator = existingAgents.find((a) => a.id === creatorId);
-	if (!creator) throw new Error("Unexpected: creator not in existingAgents");
-	const orgId = creator.organizationId;
-	const crossOrg = existingAgents.filter((a) => a.organizationId !== orgId);
-	if (crossOrg.length > 0) throw new BadRequestError(`Cross-organization chat not allowed: ${crossOrg.map((a) => a.id).join(", ")}`);
-	const isDirectAgentOnly = data.type === "direct" && existingAgents.every((a) => a.type !== "human");
-	return db.transaction(async (tx) => {
-		const [chat] = await tx.insert(chats).values({
-			id: chatId,
-			organizationId: orgId,
-			type: data.type,
-			topic: data.topic ?? null,
-			metadata: data.metadata ?? {}
-		}).returning();
-		const participantRows = [...allParticipantIds].map((agentId) => ({
-			chatId,
-			agentId,
-			role: agentId === creatorId ? "owner" : "member",
-			...isDirectAgentOnly ? { mode: "mention_only" } : {}
-		}));
-		await tx.insert(chatParticipants).values(participantRows);
-		await recomputeChatWatchers(tx, chatId);
-		const participants = await tx.select().from(chatParticipants).where(eq(chatParticipants.chatId, chatId));
-		if (!chat) throw new Error("Unexpected: INSERT RETURNING produced no row");
-		return {
-			...chat,
-			participants
-		};
-	});
-}
-async function getChat(db, chatId) {
-	const [chat] = await db.select().from(chats).where(eq(chats.id, chatId)).limit(1);
-	if (!chat) throw new NotFoundError(`Chat "${chatId}" not found`);
-	return chat;
-}
-async function getChatDetail(db, chatId) {
-	const chat = await getChat(db, chatId);
-	const participants = await db.select().from(chatParticipants).where(eq(chatParticipants.chatId, chatId));
-	return {
-		...chat,
-		participants
-	};
-}
-async function listChats(db, agentId, limit, cursor) {
-	const chatIds = (await db.select({ chatId: chatParticipants.chatId }).from(chatParticipants).where(eq(chatParticipants.agentId, agentId))).map((r) => r.chatId);
-	if (chatIds.length === 0) return {
-		items: [],
-		nextCursor: null
-	};
-	const where = cursor ? and(inArray(chats.id, chatIds), lt(chats.updatedAt, new Date(cursor))) : inArray(chats.id, chatIds);
-	const rows = await db.select().from(chats).where(where).orderBy(desc(chats.updatedAt)).limit(limit + 1);
-	const hasMore = rows.length > limit;
-	const items = hasMore ? rows.slice(0, limit) : rows;
-	const last = items[items.length - 1];
-	return {
-		items,
-		nextCursor: hasMore && last ? last.updatedAt.toISOString() : null
-	};
-}
-/**
-* List participants of a chat with their agent names — used by the client
-* runtime to resolve `@<name>` mentions against the authoritative participant
-* set (see proposals/hub-agent-messaging-reply-and-mentions §4).
-*/
-async function listChatParticipantsWithNames(db, chatId) {
-	return await db.select({
-		agentId: chatParticipants.agentId,
-		role: chatParticipants.role,
-		mode: chatParticipants.mode,
-		joinedAt: chatParticipants.joinedAt,
-		name: agents.name,
-		displayName: agents.displayName,
-		type: agents.type
-	}).from(chatParticipants).innerJoin(agents, eq(chatParticipants.agentId, agents.uuid)).where(eq(chatParticipants.chatId, chatId));
-}
-async function assertParticipant(db, chatId, agentId) {
-	const [row] = await db.select({ chatId: chatParticipants.chatId }).from(chatParticipants).where(and(eq(chatParticipants.chatId, chatId), eq(chatParticipants.agentId, agentId))).limit(1);
-	if (!row) throw new ForbiddenError("Not a participant of this chat");
-}
-/** Ensure an agent is a participant of a chat. Silently adds them if not already. */
-async function ensureParticipant$1(db, chatId, agentId) {
-	const [existing] = await db.select({ agentId: chatParticipants.agentId }).from(chatParticipants).where(and(eq(chatParticipants.chatId, chatId), eq(chatParticipants.agentId, agentId))).limit(1);
-	if (existing) return;
-	await db.transaction(async (tx) => {
-		await maybeUpgradeDirectToGroup(tx, chatId, (await tx.select({ agentId: chatParticipants.agentId }).from(chatParticipants).where(eq(chatParticipants.chatId, chatId))).map((p) => p.agentId), 1);
-		await tx.delete(chatSubscriptions).where(and(eq(chatSubscriptions.chatId, chatId), eq(chatSubscriptions.agentId, agentId)));
-		await tx.insert(chatParticipants).values({
-			chatId,
-			agentId,
-			mode: "full"
-		}).onConflictDoNothing({ target: [chatParticipants.chatId, chatParticipants.agentId] });
-		await recomputeChatWatchers(tx, chatId);
-	});
-	invalidateChatAudience(chatId);
-}
-async function addParticipant(db, chatId, requesterId, data) {
-	const chat = await getChat(db, chatId);
-	await assertParticipant(db, chatId, requesterId);
-	const [targetAgent] = await db.select({
-		id: agents.uuid,
-		organizationId: agents.organizationId
-	}).from(agents).where(eq(agents.uuid, data.agentId)).limit(1);
-	if (!targetAgent) throw new NotFoundError(`Agent "${data.agentId}" not found`);
-	if (targetAgent.organizationId !== chat.organizationId) throw new BadRequestError("Cannot add agent from different organization");
-	const [existing] = await db.select({ chatId: chatParticipants.chatId }).from(chatParticipants).where(and(eq(chatParticipants.chatId, chatId), eq(chatParticipants.agentId, data.agentId))).limit(1);
-	if (existing) throw new ConflictError(`Agent "${data.agentId}" is already a participant`);
-	await db.transaction(async (tx) => {
-		await maybeUpgradeDirectToGroup(tx, chatId, (await tx.select({ agentId: chatParticipants.agentId }).from(chatParticipants).where(eq(chatParticipants.chatId, chatId))).map((p) => p.agentId), 1);
-		await tx.delete(chatSubscriptions).where(and(eq(chatSubscriptions.chatId, chatId), eq(chatSubscriptions.agentId, data.agentId)));
-		await tx.insert(chatParticipants).values({
-			chatId,
-			agentId: data.agentId,
-			mode: data.mode ?? "full"
-		});
-		await recomputeChatWatchers(tx, chatId);
-	});
-	invalidateChatAudience(chatId);
-	return db.select().from(chatParticipants).where(eq(chatParticipants.chatId, chatId));
-}
-async function removeParticipant(db, chatId, requesterId, targetAgentId) {
-	await assertParticipant(db, chatId, requesterId);
-	if (requesterId === targetAgentId) throw new BadRequestError("Cannot remove yourself from a chat");
-	const [removed] = await db.delete(chatParticipants).where(and(eq(chatParticipants.chatId, chatId), eq(chatParticipants.agentId, targetAgentId))).returning();
-	if (!removed) throw new NotFoundError(`Agent "${targetAgentId}" is not a participant of this chat`);
-	await recomputeChatWatchers(db, chatId);
-	invalidateChatAudience(chatId);
-	return db.select().from(chatParticipants).where(eq(chatParticipants.chatId, chatId));
-}
-/**
-* List chats visible to a member, grouped by agent.
-* A member sees chats where:
-*   1. Their human agent is a participant, OR
-*   2. Any agent they manage (managerId = memberId) is a participant (supervision)
-*/
-async function listChatsForMember(db, memberId, humanAgentId) {
-	const managedAgents = await db.select({
-		uuid: agents.uuid,
-		name: agents.name,
-		type: agents.type,
-		displayName: agents.displayName
-	}).from(agents).where(eq(agents.managerId, memberId));
-	const agentMap = /* @__PURE__ */ new Map();
-	for (const a of managedAgents) agentMap.set(a.uuid, a);
-	if (!agentMap.has(humanAgentId)) {
-		const [ha] = await db.select({
-			uuid: agents.uuid,
-			name: agents.name,
-			type: agents.type,
-			displayName: agents.displayName
-		}).from(agents).where(eq(agents.uuid, humanAgentId)).limit(1);
-		if (ha) agentMap.set(ha.uuid, ha);
-	}
-	const agentIds = [...agentMap.keys()];
-	if (agentIds.length === 0) return [];
-	const participations = await db.select({
-		chatId: chatParticipants.chatId,
-		agentId: chatParticipants.agentId,
-		role: chatParticipants.role,
-		mode: chatParticipants.mode
-	}).from(chatParticipants).where(inArray(chatParticipants.agentId, agentIds));
-	if (participations.length === 0) return [];
-	const chatIds = [...new Set(participations.map((p) => p.chatId))];
-	const agentChatMap = /* @__PURE__ */ new Map();
-	for (const p of participations) {
-		const list = agentChatMap.get(p.agentId) ?? [];
-		list.push(p.chatId);
-		agentChatMap.set(p.agentId, list);
-	}
-	const chatRows = await db.select({
-		id: chats.id,
-		type: chats.type,
-		topic: chats.topic,
-		metadata: chats.metadata,
-		createdAt: chats.createdAt,
-		updatedAt: chats.updatedAt,
-		participantCount: sql`(SELECT count(*)::int FROM chat_participants WHERE chat_id = ${chats.id})`
-	}).from(chats).where(inArray(chats.id, chatIds)).orderBy(desc(chats.updatedAt));
-	const chatMap = new Map(chatRows.map((c) => [c.id, c]));
-	const humanParticipantChatIds = new Set(participations.filter((p) => p.agentId === humanAgentId).map((p) => p.chatId));
-	const result = [];
-	for (const [agentId, agentChatIds] of agentChatMap) {
-		const agentInfo = agentMap.get(agentId);
-		if (!agentInfo) continue;
-		const agentChats = agentChatIds.map((chatId) => {
-			const chat = chatMap.get(chatId);
-			if (!chat) return null;
-			const isSupervisionOnly = agentId !== humanAgentId && !humanParticipantChatIds.has(chatId);
-			return {
-				id: chat.id,
-				type: chat.type,
-				topic: chat.topic,
-				participantCount: chat.participantCount,
-				isSupervisionOnly,
-				createdAt: chat.createdAt.toISOString(),
-				updatedAt: chat.updatedAt.toISOString()
-			};
-		}).filter((c) => c !== null);
-		if (agentChats.length > 0) result.push({
-			agent: agentInfo,
-			chats: agentChats
-		});
-	}
-	return result;
-}
-/**
-* Manager joins a chat. Adds their human agent as a participant.
-* Requires the member to have supervision rights (manages at least one existing participant).
-*/
-async function joinChat(db, chatId, memberId, humanAgentId) {
-	const chat = await getChat(db, chatId);
-	const participantAgentIds = (await db.select().from(chatParticipants).where(eq(chatParticipants.chatId, chatId))).map((p) => p.agentId);
-	if (participantAgentIds.length === 0) throw new NotFoundError("Chat has no participants");
-	if (participantAgentIds.includes(humanAgentId)) throw new ConflictError("Already a participant in this chat");
-	if ((await db.select({ uuid: agents.uuid }).from(agents).where(and(inArray(agents.uuid, participantAgentIds), eq(agents.managerId, memberId)))).length === 0) throw new ForbiddenError("You can only join chats where you manage at least one participant");
-	const [humanAgent] = await db.select({ organizationId: agents.organizationId }).from(agents).where(eq(agents.uuid, humanAgentId)).limit(1);
-	if (!humanAgent || humanAgent.organizationId !== chat.organizationId) throw new BadRequestError("Agent does not belong to the same organization as the chat");
-	await db.transaction(async (tx) => {
-		const [carriedRow] = await tx.delete(chatSubscriptions).where(and(eq(chatSubscriptions.chatId, chatId), eq(chatSubscriptions.agentId, humanAgentId))).returning({
-			lastReadAt: chatSubscriptions.lastReadAt,
-			unreadMentionCount: chatSubscriptions.unreadMentionCount
-		});
-		await maybeUpgradeDirectToGroup(tx, chatId, participantAgentIds, 1);
-		await tx.insert(chatParticipants).values({
-			chatId,
-			agentId: humanAgentId,
-			role: "member",
-			mode: "full",
-			lastReadAt: carriedRow?.lastReadAt ?? null,
-			unreadMentionCount: carriedRow?.unreadMentionCount ?? 0
-		});
-		await recomputeChatWatchers(tx, chatId);
-	});
-	invalidateChatAudience(chatId);
-	return db.select().from(chatParticipants).where(eq(chatParticipants.chatId, chatId));
-}
-/**
-* Manager leaves a chat. Removes their human agent from participants.
-* Only allowed if the human agent is a participant.
-*
-* Delegates the participant→watcher transition to `leaveAsParticipant`
-* so admin-side and `/me/chats/:id/leave` share one canonical path. The
-* earlier "recompute then UPDATE-back state" variant violated the design
-* rule that recompute is only for set rebuild — never on a transition
-* path (review #228 issue #2). The returned participant list is fetched
-* after the tx commits, matching the admin route's existing contract.
-*/
-async function leaveChat(db, chatId, humanAgentId) {
-	await leaveAsParticipant(db, chatId, humanAgentId);
-	invalidateChatAudience(chatId);
-	return db.select().from(chatParticipants).where(eq(chatParticipants.chatId, chatId));
-}
-async function findOrCreateDirectChat(db, agentAId, agentBId) {
-	const aChats = await db.select({ chatId: chatParticipants.chatId }).from(chatParticipants).where(eq(chatParticipants.agentId, agentAId));
-	const bChats = await db.select({ chatId: chatParticipants.chatId }).from(chatParticipants).where(eq(chatParticipants.agentId, agentBId));
-	const bChatIds = new Set(bChats.map((r) => r.chatId));
-	const commonChatIds = aChats.map((r) => r.chatId).filter((id) => bChatIds.has(id));
-	if (commonChatIds.length > 0) {
-		const directChats = await db.select().from(chats).where(and(inArray(chats.id, commonChatIds), eq(chats.type, "direct")));
-		if (directChats.length > 0 && directChats[0]) return directChats[0];
-	}
-	const ends = await db.select({
-		uuid: agents.uuid,
-		organizationId: agents.organizationId,
-		type: agents.type
-	}).from(agents).where(inArray(agents.uuid, [agentAId, agentBId]));
-	const agentA = ends.find((a) => a.uuid === agentAId);
-	if (!agentA) throw new NotFoundError(`Agent "${agentAId}" not found`);
-	const agentB = ends.find((a) => a.uuid === agentBId);
-	if (!agentB) throw new NotFoundError(`Agent "${agentBId}" not found`);
-	const mode = agentA.type !== "human" && agentB.type !== "human" ? "mention_only" : "full";
-	const chatId = randomUUID();
-	return db.transaction(async (tx) => {
-		const [chat] = await tx.insert(chats).values({
-			id: chatId,
-			organizationId: agentA.organizationId,
-			type: "direct"
-		}).returning();
-		await tx.insert(chatParticipants).values([{
-			chatId,
-			agentId: agentAId,
-			role: "member",
-			mode
-		}, {
-			chatId,
-			agentId: agentBId,
-			role: "member",
-			mode
-		}]);
-		await recomputeChatWatchers(tx, chatId);
-		if (!chat) throw new Error("Unexpected: INSERT RETURNING produced no row");
-		return chat;
-	});
-}
 function serializeChat(chat) {
 	return {
 		...chat,
@@ -10866,46 +10510,6 @@ const agentConfigs = pgTable("agent_configs", {
 	updatedAt: timestamp("updated_at", { withTimezone: true }).notNull().defaultNow()
 });
 /**
-* Shared access-control primitives. Most route-level gating now lives in
-* `scope/require-*.ts` — this module is reduced to two helpers that need
-* SQL building blocks reused across routes and tests:
-*
-*   - `agentVisibilityCondition` — WHERE clause for "agents visible to a
-*     member" (org-visible OR managerId = the caller's member). Composed
-*     into list queries that already select from `agents`.
-*   - `listAgentsManagedByUser` — cross-org list of agents personally
-*     managed by a user; powers the CLI `agent list --remote` view.
-*
-* Visibility is the same for all roles — admin sees the same set as a
-* regular member. Admin privilege is expressed through manageability
-* (`requireAgentAccess(..., "manage")`), not visibility.
-*/
-/**
-* SQL WHERE conditions for agents visible to a member.
-*   target org + not deleted + (organization-visible OR managerId = caller's member)
-*/
-function agentVisibilityCondition(orgId, memberId) {
-	return and(eq(agents.organizationId, orgId), ne(agents.status, AGENT_STATUSES.DELETED), or(eq(agents.visibility, AGENT_VISIBILITY.ORGANIZATION), eq(agents.managerId, memberId)));
-}
-/**
-* Cross-org listing helper for "agents I personally manage". Used by the
-* CLI `agent list --remote` view — JOINs `agents → members.id` and filters
-* by `members.user_id`.
-*/
-async function listAgentsManagedByUser(db, userId) {
-	return db.select({
-		uuid: agents.uuid,
-		name: agents.name,
-		displayName: agents.displayName,
-		type: agents.type,
-		organizationId: agents.organizationId,
-		inboxId: agents.inboxId,
-		visibility: agents.visibility,
-		runtimeProvider: agents.runtimeProvider,
-		clientId: agents.clientId
-	}).from(agents).innerJoin(members, eq(agents.managerId, members.id)).where(and(eq(members.userId, userId), eq(members.status, "active"), ne(agents.status, AGENT_STATUSES.DELETED)));
-}
-/**
 * Resolve the UUID of the "default" organization. Internal use only —
 * webhooks, fallbacks, etc. The HTTP API layer no longer falls back to
 * the JWT default org.
@@ -11348,7 +10952,7 @@ async function deleteAgent(db, uuid) {
 	if (!agent) throw new Error("Unexpected: UPDATE RETURNING produced no row");
 	return agent;
 }
-const log$5 = createLogger$1("AgentFeishuBot");
+const log$4 = createLogger$1("AgentFeishuBot");
 async function agentFeishuBotRoutes(app) {
 	/**
 	* PUT /agent/me/feishu-bot
@@ -11376,7 +10980,7 @@ async function agentFeishuBotRoutes(app) {
 			},
 			status: "active"
 		}, app.config.secrets.encryptionKey);
-		app.adapterManager.reload().catch((err) => log$5.error({ err }, "adapter reload failed after self-service bind"));
+		app.adapterManager.reload().catch((err) => log$4.error({ err }, "adapter reload failed after self-service bind"));
 		app.notifier.notifyConfigChange("adapter_configs").catch(() => {});
 		return reply.status(current ? 200 : 201).send({
 			...config,
@@ -11393,7 +10997,7 @@ async function agentFeishuBotRoutes(app) {
 		const current = (await listAdapterConfigs(app.db)).find((c) => c.agentId === identity.uuid && c.platform === "feishu");
 		if (!current) return reply.status(204).send();
 		await deleteAdapterConfig(app.db, current.id);
-		app.adapterManager.reload().catch((err) => log$5.error({ err }, "adapter reload failed after self-service unbind"));
+		app.adapterManager.reload().catch((err) => log$4.error({ err }, "adapter reload failed after self-service unbind"));
 		app.notifier.notifyConfigChange("adapter_configs").catch(() => {});
 		return reply.status(204).send();
 	});
@@ -11414,20 +11018,6 @@ const adapterChatMappings = pgTable("adapter_chat_mappings", {
 	metadata: jsonb("metadata").$type().notNull().default({}),
 	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow()
 });
-/** Messages. Immutable after creation. Each message belongs to exactly one Chat. */
-const messages = pgTable("messages", {
-	id: text("id").primaryKey(),
-	chatId: text("chat_id").notNull().references(() => chats.id),
-	senderId: text("sender_id").notNull(),
-	format: text("format").notNull(),
-	content: jsonb("content").$type().notNull(),
-	metadata: jsonb("metadata").$type().notNull().default({}),
-	replyToInbox: text("reply_to_inbox"),
-	replyToChat: text("reply_to_chat"),
-	inReplyTo: text("in_reply_to"),
-	source: text("source"),
-	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow()
-}, (table) => [index("idx_messages_chat_time").on(table.chatId, table.createdAt), index("idx_messages_in_reply_to").on(table.inReplyTo)]);
 /** Cross-reference between internal messages and external platform message IDs. */
 const adapterMessageReferences = pgTable("adapter_message_references", {
 	id: serial("id").primaryKey(),
@@ -11618,24 +11208,6 @@ async function agentFeishuUserRoutes(app) {
 		return reply.status(204).send();
 	});
 }
-/** Delivery queue (envelope). One entry per recipient created during message fan-out. Uses SKIP LOCKED for concurrent-safe consumption. */
-const inboxEntries = pgTable("inbox_entries", {
-	id: bigserial("id", { mode: "number" }).primaryKey(),
-	inboxId: text("inbox_id").notNull(),
-	messageId: text("message_id").notNull().references(() => messages.id),
-	chatId: text("chat_id"),
-	status: text("status").notNull().default("pending"),
-	notify: boolean("notify").notNull().default(true),
-	retryCount: integer("retry_count").notNull().default(0),
-	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow(),
-	deliveredAt: timestamp("delivered_at", { withTimezone: true }),
-	ackedAt: timestamp("acked_at", { withTimezone: true })
-}, (table) => [
-	unique("uq_inbox_delivery").on(table.inboxId, table.messageId, table.chatId),
-	index("idx_inbox_pending").on(table.inboxId, table.createdAt),
-	index("idx_inbox_pending_notify").on(table.inboxId, table.createdAt).where(sql`status = 'pending' AND notify = true`),
-	index("idx_inbox_chat_silent").on(table.inboxId, table.chatId, table.notify, table.status)
-]);
 function normaliseSource(source) {
 	if (source === null) return null;
 	const parsed = messageSourceSchema$1.safeParse(source);
@@ -12071,585 +11643,6 @@ async function collectTargetInboxes(db, chatId, inReplyTo) {
 	}
 	return [...set];
 }
-/** Per-session state snapshot. One row per (agent, chat) pair, upserted on each session:state message. */
-const agentChatSessions = pgTable("agent_chat_sessions", {
-	agentId: text("agent_id").notNull().references(() => agents.uuid, { onDelete: "cascade" }),
-	chatId: text("chat_id").notNull().references(() => chats.id, { onDelete: "cascade" }),
-	state: text("state").notNull(),
-	updatedAt: timestamp("updated_at", { withTimezone: true }).notNull().defaultNow()
-}, (table) => [primaryKey({ columns: [table.agentId, table.chatId] })]);
-/**
-* Upsert session state + refresh presence aggregates + NOTIFY.
-*
-* `agent_chat_sessions.(agent_id, chat_id)` is a single-row "current session
-* state" cache, not a session history log. A new runtime session starting on
-* the same (agent, chat) pair MUST overwrite whatever ended before — including
-* an `evicted` row left by a previous terminate. The previous "revival
-* defense" conflated two concerns: "this runtime session ended" (which is
-* what `evicted` actually means) and "this chat is permanently archived for
-* this agent" (a chat-level decision that should live on `chats`, not here).
-* See proposals/hub-agent-messaging-reply-and-mentions §M2-session-lifecycle.
-*
-* Presence row contract: this function tolerates a missing `agent_presence`
-* row by using `INSERT ... ON CONFLICT DO UPDATE`. The predictive-write path
-* (sendMessage on first message) may target an agent whose client has never
-* bound, so a prior `update agent_presence ... where agentId` would silently
-* drop the activeSessions/totalSessions refresh. See PR #198 review §2.
-*/
-async function upsertSessionState(db, agentId, chatId, state, organizationId, notifier, options) {
-	const now = /* @__PURE__ */ new Date();
-	let wrote = false;
-	await db.transaction(async (tx) => {
-		await tx.insert(agentChatSessions).values({
-			agentId,
-			chatId,
-			state,
-			updatedAt: now
-		}).onConflictDoUpdate({
-			target: [agentChatSessions.agentId, agentChatSessions.chatId],
-			set: {
-				state,
-				updatedAt: now
-			},
-			setWhere: ne(agentChatSessions.state, state)
-		});
-		const [counts] = await tx.select({
-			active: sql`count(*) FILTER (WHERE ${agentChatSessions.state} = 'active')::int`,
-			total: sql`count(*) FILTER (WHERE ${agentChatSessions.state} != 'evicted')::int`
-		}).from(agentChatSessions).where(eq(agentChatSessions.agentId, agentId));
-		const activeSessions = counts?.active ?? 0;
-		const totalSessions = counts?.total ?? 0;
-		const presenceSet = options?.touchPresenceLastSeen ?? true ? {
-			activeSessions,
-			totalSessions,
-			lastSeenAt: now
-		} : {
-			activeSessions,
-			totalSessions
-		};
-		await tx.insert(agentPresence).values({
-			agentId,
-			activeSessions,
-			totalSessions
-		}).onConflictDoUpdate({
-			target: [agentPresence.agentId],
-			set: presenceSet
-		});
-		wrote = true;
-	});
-	if (wrote && notifier) notifier.notifySessionStateChange(agentId, chatId, state, organizationId).catch(() => {});
-}
-async function resetActivity(db, agentId) {
-	const now = /* @__PURE__ */ new Date();
-	await db.update(agentPresence).set({
-		runtimeState: "idle",
-		runtimeUpdatedAt: now
-	}).where(eq(agentPresence.agentId, agentId));
-}
-async function getActivityOverview(db) {
-	const [agentCounts] = await db.select({
-		total: sql`count(*)::int`,
-		running: sql`count(*) FILTER (WHERE ${agentPresence.runtimeState} IS NOT NULL)::int`,
-		idle: sql`count(*) FILTER (WHERE ${agentPresence.runtimeState} = 'idle')::int`,
-		working: sql`count(*) FILTER (WHERE ${agentPresence.runtimeState} = 'working')::int`,
-		blocked: sql`count(*) FILTER (WHERE ${agentPresence.runtimeState} = 'blocked')::int`,
-		error: sql`count(*) FILTER (WHERE ${agentPresence.runtimeState} = 'error')::int`
-	}).from(agentPresence);
-	const [clientCounts] = await db.select({ count: sql`count(*)::int` }).from(clients).where(eq(clients.status, "connected"));
-	return {
-		total: agentCounts?.total ?? 0,
-		running: agentCounts?.running ?? 0,
-		byState: {
-			idle: agentCounts?.idle ?? 0,
-			working: agentCounts?.working ?? 0,
-			blocked: agentCounts?.blocked ?? 0,
-			error: agentCounts?.error ?? 0
-		},
-		clients: clientCounts?.count ?? 0
-	};
-}
-/**
-* List agents with active runtime state.
-* When scope is provided, filters to agents visible to the member.
-*/
-async function listAgentsWithRuntime(db, scope) {
-	if (!scope) return db.select().from(agentPresence).where(isNotNull(agentPresence.runtimeState));
-	return db.select({
-		agentId: agentPresence.agentId,
-		status: agentPresence.status,
-		instanceId: agentPresence.instanceId,
-		connectedAt: agentPresence.connectedAt,
-		lastSeenAt: agentPresence.lastSeenAt,
-		clientId: agentPresence.clientId,
-		runtimeType: agentPresence.runtimeType,
-		runtimeVersion: agentPresence.runtimeVersion,
-		runtimeState: agentPresence.runtimeState,
-		activeSessions: agentPresence.activeSessions,
-		totalSessions: agentPresence.totalSessions,
-		runtimeUpdatedAt: agentPresence.runtimeUpdatedAt,
-		type: agents.type
-	}).from(agentPresence).innerJoin(agents, eq(agentPresence.agentId, agents.uuid)).where(and(isNotNull(agentPresence.runtimeState), agentVisibilityCondition(scope.organizationId, scope.memberId)));
-}
-/**
-* Chat-first workspace — append-only post-fan-out projection.
-*
-* The single sanctioned extension point on the message hot path. Called
-* from `services/message.ts` AFTER existing fan-out completes, inside the
-* same transaction. Three responsibilities:
-*
-*   1. Mention propagation: increment `unread_mention_count` for mentioned
-*      speaking participants AND for watcher rows whose managed agent was
-*      mentioned. Sender row is excluded.
-*
-*   2. Chats projection: roll forward `chats.last_message_at`,
-*      `chats.last_message_preview`. Powers the conversation list cursor +
-*      sort + preview.
-*
-*   3. Realtime kick: fire-and-forget `pg_notify('chat_message_events', …)`
-*      so admin WS sockets can translate it into a `chat:message` frame.
-*      Failure is swallowed — durable persistence is the correctness path.
-*
-* Strict invariants (see docs/chat-first-workspace-product-design.md
-* "Risk Constraints"):
-*   - This module appends ONLY. Never edits existing fan-out / inbox /
-*     mention-extraction code.
-*   - Watchers (chat_subscriptions) are NEVER added to inbox_entries here.
-*     Their counters are bumped purely as a per-user red-dot signal.
-*   - Mention candidate set is `chat_participants` only; watchers are not
-*     direct `@`-mention targets.
-*/
-let dispatcher = null;
-function registerChatMessageDispatcher(fn) {
-	dispatcher = fn;
-}
-/**
-* Best-effort cross-process kick for the chat-first workspace. Call AFTER
-* the message transaction commits — never inside the tx. Failure logs +
-* drops; web reconnect refetches.
-*
-* Speakers also get an inbox NOTIFY through the existing path. They will
-* receive both, and the web client de-dupes naturally because both end up
-* invalidating the same query keys.
-*/
-function fireChatMessageKick(chatId, messageId) {
-	if (!dispatcher) return;
-	try {
-		dispatcher(chatId, messageId);
-	} catch {}
-}
-/**
-* Apply the post-fan-out projection. MUST be called inside the same
-* transaction as the message INSERT. Safe to call when `mentionedAgentIds`
-* is empty (degenerate case skips the mention UPDATEs).
-*/
-async function applyAfterFanOut(tx, input) {
-	const { chatId, senderId, mentionedAgentIds, contentPreview, messageCreatedAt } = input;
-	const previewClipped = contentPreview.length > 0 ? contentPreview.slice(0, 200) : null;
-	const ts = messageCreatedAt ?? /* @__PURE__ */ new Date();
-	await tx.update(chats).set({
-		lastMessageAt: ts,
-		lastMessagePreview: previewClipped
-	}).where(eq(chats.id, chatId));
-	if (mentionedAgentIds.length === 0) return;
-	await tx.update(chatParticipants).set({ unreadMentionCount: sql`${chatParticipants.unreadMentionCount} + 1` }).where(and(eq(chatParticipants.chatId, chatId), inArray(chatParticipants.agentId, mentionedAgentIds), ne(chatParticipants.agentId, senderId)));
-	const managerHumanAgentIds = (await tx.execute(sql`
-    SELECT DISTINCT m.agent_id AS human_agent_id
-      FROM agents a
-      JOIN members m ON m.id = a.manager_id
-     WHERE a.uuid IN ${makeUuidList(mentionedAgentIds)}
-       AND a.type <> 'human'
-       AND m.status = 'active'
-  `)).map((r) => r.human_agent_id);
-	if (managerHumanAgentIds.length === 0) return;
-	await tx.update(chatSubscriptions).set({ unreadMentionCount: sql`${chatSubscriptions.unreadMentionCount} + 1` }).where(and(eq(chatSubscriptions.chatId, chatId), inArray(chatSubscriptions.agentId, managerHumanAgentIds)));
-}
-/**
-* Build a parenthesised, comma-separated list of bound parameters: `(?, ?, ?)`.
-* Used in raw SQL where drizzle's `inArray` can't be directly applied (e.g.
-* inside a hand-rolled SELECT). Always called with a non-empty list — the
-* caller short-circuits the empty case.
-*/
-function makeUuidList(ids) {
-	return sql`(${sql.join(ids.map((id) => sql`${id}`), sql`, `)})`;
-}
-const log$4 = createLogger$1("message");
-async function sendMessage(db, chatId, senderId, data, options = {}) {
-	return withSpan("inbox.enqueue", messageAttrs({
-		chatId,
-		senderAgentId: senderId,
-		source: data.source ?? void 0
-	}), () => sendMessageInner(db, chatId, senderId, data, options));
-}
-async function sendMessageInner(db, chatId, senderId, data, options) {
-	const txResult = await db.transaction(async (tx) => {
-		const [participants, [chatRow], [senderRow]] = await Promise.all([
-			tx.select({
-				agentId: chatParticipants.agentId,
-				inboxId: agents.inboxId,
-				mode: chatParticipants.mode,
-				name: agents.name
-			}).from(chatParticipants).innerJoin(agents, eq(chatParticipants.agentId, agents.uuid)).where(eq(chatParticipants.chatId, chatId)),
-			tx.select({ type: chats.type }).from(chats).where(eq(chats.id, chatId)).limit(1),
-			tx.select({
-				inboxId: agents.inboxId,
-				organizationId: agents.organizationId
-			}).from(agents).where(eq(agents.uuid, senderId)).limit(1)
-		]);
-		const chatType = chatRow?.type ?? null;
-		if (!senderRow) throw new NotFoundError(`Sender agent "${senderId}" not found`);
-		if (data.replyToInbox !== void 0 && data.replyToInbox !== null) {
-			if (senderRow.inboxId !== data.replyToInbox) throw new BadRequestError("replyToInbox must reference the sender's own inbox");
-		}
-		const incomingMeta = data.metadata ?? {};
-		const explicitMentionsRaw = incomingMeta.mentions;
-		const explicitMentions = Array.isArray(explicitMentionsRaw) ? explicitMentionsRaw.filter((m) => typeof m === "string") : [];
-		const contentText = typeof data.content === "string" ? data.content : "";
-		const resolved = contentText ? extractMentions(contentText, participants) : [];
-		const mergedMentions = [...new Set([...explicitMentions, ...resolved])];
-		const metadataToStore = mergedMentions.length > 0 ? {
-			...incomingMeta,
-			mentions: mergedMentions
-		} : incomingMeta;
-		if (options.enforceGroupMention && chatType === "group") {
-			if (mergedMentions.filter((id) => id !== senderId).length === 0) throw new BadRequestError("Sending to a group chat requires an explicit @mention. Use `agent send <name>` to message a single agent, or @<name> in the content to address one or more group members.");
-		}
-		let outboundContent = data.content;
-		if (options.normalizeMentionsInContent && typeof outboundContent === "string") {
-			const present = new Set(scanMentionTokens(outboundContent));
-			const missingNames = [];
-			for (const id of mergedMentions) {
-				if (id === senderId) continue;
-				const p = participants.find((q) => q.agentId === id);
-				if (!p?.name) continue;
-				if (present.has(p.name.toLowerCase())) continue;
-				missingNames.push(p.name);
-			}
-			if (missingNames.length > 0) {
-				const prefix = missingNames.map((n) => `@${n}`).join(" ");
-				outboundContent = outboundContent.length > 0 ? `${prefix} ${outboundContent}` : prefix;
-			}
-		}
-		const messageId = randomUUID();
-		const [msg] = await tx.insert(messages).values({
-			id: messageId,
-			chatId,
-			senderId,
-			format: data.format,
-			content: outboundContent,
-			metadata: metadataToStore,
-			replyToInbox: data.replyToInbox ?? null,
-			replyToChat: data.replyToChat ?? null,
-			inReplyTo: data.inReplyTo ?? null,
-			source: data.source ?? null
-		}).returning();
-		const mentionSet = new Set(mergedMentions);
-		const fanout = participants.filter((p) => p.agentId !== senderId).map((p) => ({
-			agentId: p.agentId,
-			inboxId: p.inboxId,
-			notify: p.mode !== "mention_only" || mentionSet.has(p.agentId)
-		}));
-		if (fanout.length > 0) await tx.insert(inboxEntries).values(fanout.map((f) => ({
-			inboxId: f.inboxId,
-			messageId,
-			chatId,
-			notify: f.notify
-		})));
-		const notified = fanout.filter((f) => f.notify);
-		const recipients = notified.map((f) => f.inboxId);
-		const recipientAgentIds = notified.map((f) => f.agentId);
-		if (data.inReplyTo) {
-			const [original] = await tx.select({
-				replyToInbox: messages.replyToInbox,
-				replyToChat: messages.replyToChat
-			}).from(messages).where(eq(messages.id, data.inReplyTo)).limit(1);
-			if (original?.replyToInbox && original?.replyToChat) {
-				await tx.insert(inboxEntries).values({
-					inboxId: original.replyToInbox,
-					messageId,
-					chatId: original.replyToChat
-				}).onConflictDoNothing();
-				if (!recipients.includes(original.replyToInbox)) recipients.push(original.replyToInbox);
-			}
-		}
-		await tx.update(chats).set({ updatedAt: /* @__PURE__ */ new Date() }).where(eq(chats.id, chatId));
-		if (!msg) throw new Error("Unexpected: INSERT RETURNING produced no row");
-		const previewText = typeof outboundContent === "string" ? outboundContent.trim() : "";
-		await applyAfterFanOut(tx, {
-			chatId,
-			messageId: msg.id,
-			senderId,
-			mentionedAgentIds: mergedMentions,
-			contentPreview: previewText,
-			messageCreatedAt: msg.createdAt
-		});
-		return {
-			message: msg,
-			recipients,
-			recipientAgentIds,
-			organizationId: senderRow.organizationId
-		};
-	});
-	const settled = await Promise.allSettled(txResult.recipientAgentIds.map((agentId) => upsertSessionState(db, agentId, chatId, "active", txResult.organizationId, void 0, { touchPresenceLastSeen: false })));
-	for (let i = 0; i < settled.length; i++) {
-		const r = settled[i];
-		if (r?.status === "rejected") log$4.error({
-			err: r.reason,
-			chatId,
-			agentId: txResult.recipientAgentIds[i]
-		}, "predictive session activation failed");
-	}
-	fireChatMessageKick(chatId, txResult.message.id);
-	return {
-		message: txResult.message,
-		recipients: txResult.recipients
-	};
-}
-async function sendToAgent$1(db, senderUuid, targetName, data) {
-	const [sender] = await db.select({
-		uuid: agents.uuid,
-		organizationId: agents.organizationId
-	}).from(agents).where(eq(agents.uuid, senderUuid)).limit(1);
-	if (!sender) throw new NotFoundError(`Agent "${senderUuid}" not found`);
-	const [target] = await db.select({ uuid: agents.uuid }).from(agents).where(and(eq(agents.organizationId, sender.organizationId), eq(agents.name, targetName), ne(agents.status, "deleted"))).limit(1);
-	if (!target) throw new NotFoundError(`Agent "${targetName}" not found${/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i.test(targetName) ? " — `agent send` expects an agent NAME, not a uuid. Run `first-tree-hub agent list` to see available names." : ""}`);
-	const chat = await findOrCreateDirectChat(db, senderUuid, target.uuid);
-	const incomingMeta = data.metadata ?? {};
-	const existingMentionsRaw = incomingMeta.mentions;
-	const existingMentions = Array.isArray(existingMentionsRaw) ? existingMentionsRaw.filter((m) => typeof m === "string") : [];
-	const mergedMentions = existingMentions.includes(target.uuid) ? existingMentions : [...existingMentions, target.uuid];
-	const metadata = {
-		...incomingMeta,
-		mentions: mergedMentions
-	};
-	return sendMessage(db, chat.id, senderUuid, {
-		format: data.format,
-		content: data.content,
-		metadata,
-		replyToInbox: data.replyToInbox,
-		replyToChat: data.replyToChat,
-		source: data.source
-	}, { normalizeMentionsInContent: true });
-}
-async function editMessage(db, chatId, messageId, senderId, data) {
-	const [msg] = await db.select().from(messages).where(eq(messages.id, messageId)).limit(1);
-	if (!msg) throw new NotFoundError(`Message "${messageId}" not found`);
-	if (msg.chatId !== chatId) throw new NotFoundError(`Message "${messageId}" not found in this chat`);
-	if (msg.senderId !== senderId) throw new ForbiddenError("Only the sender can edit a message");
-	const setClause = {};
-	if (data.format !== void 0) setClause.format = data.format;
-	if (data.content !== void 0) setClause.content = data.content;
-	const meta = msg.metadata ?? {};
-	meta.editedAt = (/* @__PURE__ */ new Date()).toISOString();
-	setClause.metadata = meta;
-	const [updated] = await db.update(messages).set(setClause).where(eq(messages.id, messageId)).returning();
-	if (!updated) throw new Error("Unexpected: UPDATE RETURNING produced no row");
-	return updated;
-}
-async function listMessages(db, chatId, limit, cursor) {
-	const where = cursor ? and(eq(messages.chatId, chatId), lt(messages.createdAt, new Date(cursor))) : eq(messages.chatId, chatId);
-	const rows = await db.select().from(messages).where(where).orderBy(desc(messages.createdAt)).limit(limit + 1);
-	const hasMore = rows.length > limit;
-	const items = hasMore ? rows.slice(0, limit) : rows;
-	const last = items[items.length - 1];
-	return {
-		items,
-		nextCursor: hasMore && last ? last.createdAt.toISOString() : null
-	};
-}
-const INBOX_CHANNEL = "inbox_notifications";
-const CONFIG_CHANNEL = "config_changes";
-const SESSION_STATE_CHANNEL = "session_state_changes";
-const RUNTIME_STATE_CHANNEL = "runtime_state_changes";
-/**
-* Chat-first workspace cross-process kick. Carries `<chatId>:<messageId>`.
-* Lets admin WS sockets translate every chat message (speaker AND watcher
-* audience) into a `chat:message` frame, without being coupled to the
-* inbox NOTIFY path that only reaches speakers.
-*/
-const CHAT_MESSAGE_CHANNEL = "chat_message_events";
-function createNotifier(listenClient) {
-	const subscriptions = /* @__PURE__ */ new Map();
-	const configChangeHandlers = [];
-	const sessionStateChangeHandlers = [];
-	const runtimeStateChangeHandlers = [];
-	const chatMessageHandlers = [];
-	let unlistenInboxFn = null;
-	let unlistenConfigFn = null;
-	let unlistenSessionStateFn = null;
-	let unlistenRuntimeStateFn = null;
-	let unlistenChatMessageFn = null;
-	function handleNotification(payload) {
-		const sepIdx = payload.indexOf(":");
-		if (sepIdx === -1) return;
-		const inboxId = payload.slice(0, sepIdx);
-		const messageId = payload.slice(sepIdx + 1);
-		const sockets = subscriptions.get(inboxId);
-		if (!sockets) return;
-		const doorbellFrame = JSON.stringify({
-			type: "new_message",
-			inboxId,
-			messageId
-		});
-		for (const [ws, pushHandler] of sockets) {
-			if (ws.readyState !== ws.OPEN) continue;
-			if (pushHandler) Promise.resolve(pushHandler(messageId)).catch(() => {});
-			else ws.send(doorbellFrame);
-		}
-	}
-	return {
-		subscribe(inboxId, ws, pushHandler) {
-			let map = subscriptions.get(inboxId);
-			if (!map) {
-				map = /* @__PURE__ */ new Map();
-				subscriptions.set(inboxId, map);
-			}
-			map.set(ws, pushHandler ?? null);
-		},
-		unsubscribe(inboxId, ws) {
-			const map = subscriptions.get(inboxId);
-			if (map) {
-				map.delete(ws);
-				if (map.size === 0) subscriptions.delete(inboxId);
-			}
-		},
-		async notify(inboxId, messageId) {
-			try {
-				await listenClient`SELECT pg_notify(${INBOX_CHANNEL}, ${`${inboxId}:${messageId}`})`;
-			} catch {}
-		},
-		async notifyConfigChange(configType) {
-			try {
-				await listenClient`SELECT pg_notify(${CONFIG_CHANNEL}, ${configType})`;
-			} catch {}
-		},
-		async notifySessionStateChange(agentId, chatId, state, organizationId) {
-			try {
-				await listenClient`SELECT pg_notify(${SESSION_STATE_CHANNEL}, ${`${agentId}:${chatId}:${state}:${organizationId}`})`;
-			} catch {}
-		},
-		async notifyRuntimeStateChange(agentId, state, organizationId) {
-			try {
-				await listenClient`SELECT pg_notify(${RUNTIME_STATE_CHANNEL}, ${`${agentId}:${state}:${organizationId}`})`;
-			} catch {}
-		},
-		async notifyChatMessage(chatId, messageId) {
-			try {
-				await listenClient`SELECT pg_notify(${CHAT_MESSAGE_CHANNEL}, ${`${chatId}:${messageId}`})`;
-			} catch {}
-		},
-		async pushFrameToInbox(inboxId, frame) {
-			const map = subscriptions.get(inboxId);
-			if (!map) return 0;
-			let queued = 0;
-			const pending = [];
-			for (const ws of map.keys()) {
-				if (ws.readyState !== ws.OPEN) continue;
-				pending.push(new Promise((resolve) => {
-					ws.send(frame, (err) => {
-						if (!err) queued += 1;
-						resolve();
-					});
-				}));
-			}
-			await Promise.all(pending);
-			return queued;
-		},
-		onConfigChange(handler) {
-			configChangeHandlers.push(handler);
-		},
-		onSessionStateChange(handler) {
-			sessionStateChangeHandlers.push(handler);
-		},
-		onRuntimeStateChange(handler) {
-			runtimeStateChangeHandlers.push(handler);
-		},
-		onChatMessage(handler) {
-			chatMessageHandlers.push(handler);
-		},
-		async start() {
-			unlistenInboxFn = (await listenClient.listen(INBOX_CHANNEL, (payload) => {
-				if (payload) handleNotification(payload);
-			})).unlisten;
-			unlistenConfigFn = (await listenClient.listen(CONFIG_CHANNEL, (payload) => {
-				if (payload) for (const handler of configChangeHandlers) handler(payload);
-			})).unlisten;
-			unlistenSessionStateFn = (await listenClient.listen(SESSION_STATE_CHANNEL, (payload) => {
-				if (payload) {
-					const firstSep = payload.indexOf(":");
-					const secondSep = payload.indexOf(":", firstSep + 1);
-					const thirdSep = payload.indexOf(":", secondSep + 1);
-					if (firstSep > 0 && secondSep > firstSep && thirdSep > secondSep) {
-						const agentId = payload.slice(0, firstSep);
-						const chatId = payload.slice(firstSep + 1, secondSep);
-						const state = payload.slice(secondSep + 1, thirdSep);
-						const organizationId = payload.slice(thirdSep + 1);
-						for (const handler of sessionStateChangeHandlers) handler({
-							agentId,
-							chatId,
-							state,
-							organizationId
-						});
-					}
-				}
-			})).unlisten;
-			unlistenRuntimeStateFn = (await listenClient.listen(RUNTIME_STATE_CHANNEL, (payload) => {
-				if (payload) {
-					const firstSep = payload.indexOf(":");
-					const secondSep = payload.indexOf(":", firstSep + 1);
-					if (firstSep > 0 && secondSep > firstSep) {
-						const agentId = payload.slice(0, firstSep);
-						const state = payload.slice(firstSep + 1, secondSep);
-						const organizationId = payload.slice(secondSep + 1);
-						for (const handler of runtimeStateChangeHandlers) handler({
-							agentId,
-							state,
-							organizationId
-						});
-					}
-				}
-			})).unlisten;
-			unlistenChatMessageFn = (await listenClient.listen(CHAT_MESSAGE_CHANNEL, (payload) => {
-				if (!payload) return;
-				const sep = payload.indexOf(":");
-				if (sep <= 0) return;
-				const chatId = payload.slice(0, sep);
-				const messageId = payload.slice(sep + 1);
-				for (const handler of chatMessageHandlers) try {
-					handler({
-						chatId,
-						messageId
-					});
-				} catch {}
-			})).unlisten;
-		},
-		async stop() {
-			if (unlistenInboxFn) {
-				await unlistenInboxFn();
-				unlistenInboxFn = null;
-			}
-			if (unlistenConfigFn) {
-				await unlistenConfigFn();
-				unlistenConfigFn = null;
-			}
-			if (unlistenSessionStateFn) {
-				await unlistenSessionStateFn();
-				unlistenSessionStateFn = null;
-			}
-			if (unlistenRuntimeStateFn) {
-				await unlistenRuntimeStateFn();
-				unlistenRuntimeStateFn = null;
-			}
-			if (unlistenChatMessageFn) {
-				await unlistenChatMessageFn();
-				unlistenChatMessageFn = null;
-			}
-		}
-	};
-}
-/** Fire-and-forget: notify all recipients that a new message is available. */
-function notifyRecipients(notifier, recipients, messageId) {
-	for (const inboxId of recipients) notifier.notify(inboxId, messageId).catch(() => {});
-}
 const log$3 = createLogger$1("AgentMessages");
 const editMessageSchema = z.object({
 	format: z.string().optional(),
@@ -15602,6 +14595,7 @@ async function transitionSessionState(db, agentId, chatId, target, from, organiz
 			totalSessions: counts?.total ?? 0,
 			lastSeenAt: now
 		}).where(eq(agentPresence.agentId, agentId));
+		if (target === "evicted") await markSupersededByChat(tx, chatId, "chat_archived");
 		finalState = target;
 		transitioned = true;
 	});
@@ -16088,6 +15082,28 @@ async function chatRoutes(app) {
 			createdAt: result.message.createdAt.toISOString()
 		});
 	});
+	/**
+	* POST /chats/:chatId/questions/:correlationId/answer — submit an answer
+	* to a pending agent-emitted question. Caller speaks as their human agent;
+	* the answer is fanned out as a `format=question_answer` message back to
+	* the original agent's inbox so the in-flight `canUseTool` callback can
+	* resolve. Returns 409 if already answered or superseded.
+	*/
+	app.post("/:chatId/questions/:correlationId/answer", { config: { otelRecordBody: false } }, async (request, reply) => {
+		const { scope } = await requireChatAccess(request, app.db);
+		const body = submitQuestionAnswerSchema.parse(request.body);
+		await ensureParticipant$1(app.db, request.params.chatId, scope.humanAgentId);
+		const result = await submitAnswer(app.db, app.notifier, {
+			correlationId: request.params.correlationId,
+			chatId: request.params.chatId,
+			submitterAgentId: scope.humanAgentId,
+			answers: body.answers
+		});
+		return reply.status(201).send({
+			correlationId: request.params.correlationId,
+			messageId: result.messageId
+		});
+	});
 	/** POST /chats/:chatId/read — chat-first-workspace read cursor. Idempotent. */
 	app.post("/:chatId/read", async (request) => {
 		const { scope } = await requireChatAccess(request, app.db);
@@ -16269,6 +15285,11 @@ function applyInputDelta(namespace, current, input, encryptionKey) {
 		const inp = input;
 		return { webhookSecretCipher: inp.webhookSecret === void 0 ? cur.webhookSecretCipher : inp.webhookSecret === null ? void 0 : ensureEncrypted(inp.webhookSecret, encryptionKey) };
 	}
+	if (namespace === "source_repos") {
+		const cur = current;
+		const inp = input;
+		return { repos: inp.repos === void 0 ? cur.repos : inp.repos };
+	}
 	return namespace;
 }
 /**
@@ -16292,6 +15313,7 @@ function toOutput(namespace, storage) {
 			webhookUrl: ""
 		};
 	}
+	if (namespace === "source_repos") return { repos: storage.repos };
 	return namespace;
 }
 /**
@@ -17460,7 +16482,7 @@ async function healthzRoutes(app) {
 * `api/orgs/invitations.ts` (Class B, admin-gated).
 */
 async function publicInvitationRoutes(app) {
-	const { previewInvitation } = await import("./invitation-C299fxkP-BR-niZyp.mjs");
+	const { previewInvitation } = await import("./invitation-C299fxkP-KyCNax4T.mjs");
 	app.get("/:token/preview", async (request, reply) => {
 		if (!request.params.token) throw new UnauthorizedError("Token required");
 		const preview = await previewInvitation(app.db, request.params.token);
@@ -17640,7 +16662,7 @@ async function meRoutes(app) {
 	*/
 	app.get("/me/pinned-agents", async (request) => {
 		const { userId } = requireUser(request);
-		const { listMyPinnedAgents } = await import("./client-D_TRJFZY-LbgJF47t.mjs");
+		const { listMyPinnedAgents } = await import("./client-BhCtO2df-BGOu-rRN.mjs");
 		return listMyPinnedAgents(app.db, { userId });
 	});
 	/**
@@ -18371,14 +17393,18 @@ async function orgSessionRoutes(app) {
 * adding a new config group only requires registering it there — no new
 * route file.
 *
-* All three verbs are admin-only. Even GET, because the masked output
-* still leaks "configured / not-configured" booleans for secret fields,
-* which we don't want to expose to non-admin members.
+* GET gating is per-namespace via `readPolicy` in the registry: namespaces
+* with no secret fields (`context_tree`, `source_repos`) are readable by
+* any active org member, so an invitee can see what tree and repos the
+* team is bound to before joining the chat. Namespaces whose masked output
+* still leaks a `…Configured` boolean (`github_integration`) stay
+* admin-only. PUT and DELETE are always admin-only regardless of
+* namespace — non-admins must never mutate org-wide config.
 */
 async function orgSettingsRoutes(app) {
 	app.get("/:namespace", async (request) => {
-		const scope = await requireOrgAdmin(request, app.db);
 		const namespace = parseNamespace(request.params.namespace);
+		const scope = ORG_SETTINGS_NAMESPACES$1[namespace].readPolicy === "member" ? await requireOrgMembership(request, app.db) : await requireOrgAdmin(request, app.db);
 		return enrichOutput(namespace, await getOrgSetting(app.db, scope.organizationId, namespace), scope.organizationId, app.config.server.publicUrl);
 	});
 	app.put("/:namespace", { config: { otelRecordBody: true } }, async (request) => {
@@ -19218,6 +18244,7 @@ var schema_exports = /* @__PURE__ */ __exportAll({
 	notifications: () => notifications,
 	organizationSettings: () => organizationSettings,
 	organizations: () => organizations,
+	pendingQuestions: () => pendingQuestions,
 	serverInstances: () => serverInstances,
 	sessionEvents: () => sessionEvents,
 	taskChats: () => taskChats,
@@ -20879,7 +19906,7 @@ async function startServer(options) {
 		instanceId: `srv_${randomUUID().slice(0, 8)}`,
 		commandVersion: COMMAND_VERSION
 	};
-	const { initTelemetry, shutdownTelemetry } = await import("./observability-CYsdAcoF.mjs");
+	const { initTelemetry, shutdownTelemetry } = await import("./observability-eLA9iNK_.mjs");
 	await initTelemetry(serverConfig.observability.tracing, config.instanceId);
 	const app = await buildApp(config);
 	const SHUTDOWN_FORCE_EXIT_MS = 8e3;