@agent-team-foundation/first-tree-hub 0.12.9 → 0.12.10

package/dist/{saas-connect-CXZhK485.mjs → saas-connect-Fgnnnola.mjs}

@@ -1,11 +1,11 @@
 import { a as __toCommonJS, o as __toESM, t as __commonJSMin } from "./chunk-BSw8zbkd.mjs";
 import { A as FIRST_TREE_HUB_ATTR, C as stampOrgScope, D as untrustedAttrs, E as startWsConnectionSpan, M as require_pino, O as withSpan, S as stampChatResource, _ as rootLogger$1, a as buildRateLimitError, c as currentTraceId, g as reportErrorToRoot, i as bodyCaptureOnSendHook, j as redactUrl, k as withWsMessageSpan, l as decodeJwtForTrace, m as observabilityPlugin, n as applyLoggerConfig, o as classifyJoseError, r as attachRequestContext, s as createLogger$1, t as adapterAttrs, u as endWsConnectionSpan, x as stampAgentResource, y as setWsConnectionAttrs } from "./observability-BAScT_5S-BcW9HgkG.mjs";
-import { C as resetConfigMeta, E as setConfigValue, S as resetConfig, T as serverConfigSchema, b as migrateLegacyHome, c as resolveServerUrl, d as DEFAULT_CONFIG_DIR, f as DEFAULT_DATA_DIR$1, g as collectMissingPrompts, h as clientConfigSchema, i as ensureFreshAccessToken, l as saveAgentConfig, m as agentConfigSchema, o as loadCredentials, p as DEFAULT_HOME_DIR$1, u as saveCredentials, v as initConfig, w as resolveConfigReadonly, y as loadAgents } from "./bootstrap-BCZC1ki6.mjs";
+import { C as resetConfigMeta, E as setConfigValue, S as resetConfig, T as serverConfigSchema, b as migrateLegacyHome, c as resolveServerUrl, d as DEFAULT_CONFIG_DIR, f as DEFAULT_DATA_DIR$1, g as collectMissingPrompts, h as clientConfigSchema, i as ensureFreshAccessToken, l as saveAgentConfig, m as agentConfigSchema, o as loadCredentials, p as DEFAULT_HOME_DIR$1, u as saveCredentials, v as initConfig, w as resolveConfigReadonly, y as loadAgents } from "./bootstrap-CW73oEYn.mjs";
 import { a as print, i as blank, n as CLI_USER_AGENT, r as COMMAND_VERSION, s as status, t as cliFetch } from "./cli-fetch--tiwKm5S.mjs";
-import { $ as patchOnboardingSchema, A as defaultRuntimeConfigPayload, B as inboxDeliverFrameSchema$1, C as createAdapterMappingSchema, Ct as updateOrganizationSchema, D as createMemberSchema, E as createMeChatSchema, F as githubCallbackQuerySchema, G as joinByInvitationSchema, H as isOrgSettingNamespace, I as githubDevCallbackQuerySchema, J as messageSourceSchema$1, K as listMeChatsQuerySchema, L as githubStartQuerySchema, M as dryRunAgentRuntimeConfigSchema, O as createOrgFromMeSchema, P as githubAppInstallationClaimBodySchema, Q as patchChatEngagementSchema, R as imageInlineContentSchema, S as createAdapterConfigSchema, St as updateMemberSchema, T as createChatSchema, U as isRedactedEnvValue, V as inboxPollQuerySchema, W as isReservedAgentName$1, X as onboardingEventSchema, Y as notificationQuerySchema, Z as paginationQuerySchema, _ as chatMetadataSchema$1, _t as updateAdapterConfigSchema, a as AGENT_VISIBILITY, at as safeRedirectPath, b as connectTokenExchangeSchema, bt as updateChatSchema, c as MENTION_REGEX, ct as sendMessageSchema, d as addMeChatParticipantsSchema, dt as sessionEventMessageSchema, f as addParticipantSchema, ft as sessionEventSchema$1, g as agentTypeSchema$1, gt as submitQuestionAnswerSchema, h as agentRuntimeConfigPayloadSchema$1, ht as stripCode, i as AGENT_STATUSES, it as runtimeStateMessageSchema, j as delegateFeishuUserSchema, l as ORG_SETTINGS_NAMESPACES$1, lt as sendToAgentSchema, m as agentPinnedMessageSchema$1, mt as sessionStateMessageSchema, n as AGENT_NAME_REGEX$1, nt as rebindAgentSchema, o as CHAT_ENGAGEMENT_STATUSES, p as agentBindRequestSchema, pt as sessionReconcileRequestSchema, q as loginSchema, r as AGENT_SELECTOR_HEADER$1, rt as refreshTokenSchema, st as selfServiceFeishuBotSchema, t as AGENT_BIND_REJECT_REASONS, u as WS_AUTH_FRAME_TIMEOUT_MS, ut as sessionCompletionMessageSchema, vt as updateAgentRuntimeConfigSchema, w as createAgentSchema, wt as wsAuthFrameSchema, x as contextTreeSnapshotSchema, xt as updateClientCapabilitiesSchema, y as clientRegisterSchema, yt as updateAgentSchema, z as inboxAckFrameSchema } from "./dist-CnjqakXS.mjs";
+import { $ as onboardingEventSchema, A as createOrgFromMeSchema, B as githubStartQuerySchema, C as contextTreeSnapshotSchema, Ct as updateClientCapabilitiesSchema, D as createChatSchema, E as createAgentSchema, Et as wsAuthFrameSchema, G as isOrgSettingNamespace, H as inboxAckFrameSchema, I as githubAppInstallationClaimBodySchema, J as joinByInvitationSchema, K as isRedactedEnvValue, L as githubAppInstallationPermissionsSchema$1, M as defaultRuntimeConfigPayload, N as delegateFeishuUserSchema, O as createMeChatSchema, P as dryRunAgentRuntimeConfigSchema, Q as notificationQuerySchema, R as githubCallbackQuerySchema, S as connectTokenExchangeSchema, St as updateChatSchema, T as createAdapterMappingSchema, Tt as updateOrganizationSchema, U as inboxDeliverFrameSchema$1, V as imageInlineContentSchema, W as inboxPollQuerySchema, X as loginSchema, Y as listMeChatsQuerySchema, Z as messageSourceSchema$1, _ as agentRuntimeConfigPayloadSchema$1, _t as stripCode, a as AGENT_TYPES, at as rebindAgentSchema, bt as updateAgentRuntimeConfigSchema, ct as safeRedirectPath, d as ORG_SETTINGS_NAMESPACES$1, dt as sendMessageSchema, et as paginationQuerySchema, f as WS_AUTH_FRAME_TIMEOUT_MS, ft as sendToAgentSchema, g as agentPinnedMessageSchema$1, gt as sessionStateMessageSchema, h as agentBindRequestSchema, ht as sessionReconcileRequestSchema, i as AGENT_STATUSES, k as createMemberSchema, l as MENTION_REGEX, m as addParticipantSchema, mt as sessionEventSchema$1, n as AGENT_NAME_REGEX$1, nt as patchOnboardingSchema, o as AGENT_VISIBILITY, ot as refreshTokenSchema, p as addMeChatParticipantsSchema, pt as sessionEventMessageSchema, q as isReservedAgentName$1, r as AGENT_SELECTOR_HEADER$1, s as CHAT_ENGAGEMENT_STATUSES, st as runtimeStateMessageSchema, t as AGENT_BIND_REJECT_REASONS, tt as patchChatEngagementSchema, u as NOTIFICATION_TYPES, ut as selfServiceFeishuBotSchema, v as agentTypeSchema$1, vt as submitQuestionAnswerSchema, w as createAdapterConfigSchema, wt as updateMemberSchema, x as clientRegisterSchema, xt as updateAgentSchema, y as chatMetadataSchema$1, yt as updateAdapterConfigSchema, z as githubDevCallbackQuerySchema } from "./dist-B1GHzMLc.mjs";
 import { a as ConflictError, c as UnauthorizedError, i as ClientUserMismatchError$1, l as organizations, n as BadRequestError, o as ForbiddenError, r as ClientOrgMismatchError$1, s as NotFoundError, t as AppError, u as users } from "./errors-CF5evtJt-B0NTIVPt.mjs";
 import { n as init_esm, r as trace, t as esm_exports } from "./esm-iadMkGbV.mjs";
-import { $ as notifyRecipients, A as getPresence, B as listAgentsManagedByUser, C as ensureParticipant, D as getChatDetail, E as getCachedAudience, F as joinAsParticipant, G as listClients, H as listChatParticipantsWithNames, I as joinChat, K as listClientsForOrgAdmin, L as leaveAsParticipant, M as heartbeatInstance, N as inboxEntries, O as getClient, P as invalidateChatAudience, Q as messages, R as leaveChat, S as ensureCanJoin, T as getActivityOverview, U as listChats, V as listAgentsWithRuntime, W as listChatsForMember, X as markSupersededByChat, Y as markStaleAgents, Z as members, _ as createChat, _t as unbindAgent, a as agentVisibilityCondition, at as registerClient, b as disconnectClient, c as assertParticipant, ct as resolveChatMembership, d as chatMembership, dt as sendToAgent$1, et as pendingQuestions, f as chats, ft as serverInstances, g as clients, gt as touchAgent, h as cleanupStalePresence, ht as submitAnswer, i as agentPresence, it as registerChatMessageDispatcher, j as heartbeatClient, k as getOnlineCount, l as bindAgent, lt as retireClient, m as cleanupStaleClients, mt as setRuntimeState, n as addParticipant, nt as recomputeWatchersForAgent, o as agents, ot as removeParticipant, p as claimClient, pt as setOffline, q as listMessages, r as agentChatSessions, rt as recomputeWatchersForMember, s as assertClientOwner, st as resetActivity, t as addChatParticipants, tt as recomputeChatWatchers, u as changeChatType, ut as sendMessage, v as createNotifier, vt as updateClientCapabilities, w as findOrCreateDirectChat, x as editMessage, y as deriveAuthState, yt as upsertSessionState, z as listActiveAgentsPinnedToClient } from "./client-OMwJMCQt-R1T06ZH6.mjs";
+import { $ as notifyRecipients, A as getPresence, B as listAgentsManagedByUser, C as ensureParticipant, D as getChatDetail, E as getCachedAudience, F as joinAsParticipant, G as listClients, H as listChatParticipantsWithNames, I as joinChat, K as listClientsForOrgAdmin, L as leaveAsParticipant, M as heartbeatInstance, N as inboxEntries, O as getClient, P as invalidateChatAudience, Q as messages, R as leaveChat, S as ensureCanJoin, T as getActivityOverview, U as listChats, V as listAgentsWithRuntime, W as listChatsForMember, X as markSupersededByChat, Y as markStaleAgents, Z as members, _ as createChat, _t as unbindAgent, a as agentVisibilityCondition, at as registerClient, b as disconnectClient, c as assertParticipant, ct as resolveChatMembership, d as chatMembership, dt as sendToAgent$1, et as pendingQuestions, f as chats, ft as serverInstances, g as clients, gt as touchAgent, h as cleanupStalePresence, ht as submitAnswer, i as agentPresence, it as registerChatMessageDispatcher, j as heartbeatClient, k as getOnlineCount, l as bindAgent, lt as retireClient, m as cleanupStaleClients, mt as setRuntimeState, n as addParticipant, nt as recomputeWatchersForAgent, o as agents, ot as removeParticipant, p as claimClient, pt as setOffline, q as listMessages, r as agentChatSessions, rt as recomputeWatchersForMember, s as assertClientOwner, st as resetActivity, t as addChatParticipants, tt as recomputeChatWatchers, u as changeChatType, ut as sendMessage, v as createNotifier, vt as updateClientCapabilities, w as findOrCreateDirectChat, x as editMessage, y as deriveAuthState, yt as upsertSessionState, z as listActiveAgentsPinnedToClient } from "./client-BViGcaUC-CZb2Svgh.mjs";
 import { a as invitationRedemptions, c as recordRedemption, i as getActiveInvitation, l as rotateInvitation, n as ensureActiveInvitation, o as invitations, r as findActiveByToken, t as buildInviteUrl, u as uuidv7 } from "./invitation-Bg0TRiyx-BsZH4GCS.mjs";
 import { createRequire } from "node:module";
 import { ZodError, z } from "zod";
@@ -759,11 +759,7 @@ const chatMetadataSchema = z.discriminatedUnion("source", [githubChatMetadataSch
 * sneak through `{ source: "github" }` without the required fields.
 */
 const optionalChatMetadataSchema = z.union([z.object({}).strict(), chatMetadataSchema]);
-const chatTypeSchema = z.enum([
-	"direct",
-	"group",
-	"thread"
-]);
+const chatTypeSchema = z.enum(["direct", "group"]);
 const chatEngagementStatusSchema = z.enum([
 	"active",
 	"archived",
@@ -1277,7 +1273,8 @@ const meChatRowSchema = z.object({
 	lastMessagePreview: z.string().nullable(),
 	unreadMentionCount: z.number().int(),
 	canReply: z.boolean(),
-	engagementStatus: chatEngagementStatusSchema
+	engagementStatus: chatEngagementStatusSchema,
+	workingAgentIds: z.array(z.string())
 });
 z.object({
 	rows: z.array(meChatRowSchema),
@@ -1377,15 +1374,101 @@ memberSchema.extend({
 	displayName: z.string(),
 	password: z.string()
 });
+/**
+* Origin of a normalized webhook event. After the GitHub App ingestion
+* cutover this is single-form (App installations only); the type stays
+* a structured object so future non-GitHub sources can be added by
+* widening it into a discriminated union without churning callers.
+*/
+const webhookSourceSchema = z.object({
+	kind: z.literal("github-app-installation"),
+	installationId: z.number().int(),
+	organizationId: z.string().min(1)
+});
+const involveReasonSchema = z.enum([
+	"mentioned",
+	"review_requested",
+	"assigned"
+]);
+const normalizedEventKindSchema = z.enum([
+	"opened",
+	"edited",
+	"closed",
+	"merged",
+	"reopened",
+	"commented",
+	"review_requested",
+	"reviewed",
+	"review_comment",
+	"synchronized",
+	"commit_commented",
+	"assigned",
+	"other"
+]);
+const normalizedEntitySchema = z.object({
+	type: githubEntityTypeSchema,
+	repo: z.string().min(1),
+	key: z.string().min(1),
+	title: z.string().optional(),
+	url: z.string().optional()
+});
+const normalizedActorSchema = z.object({
+	githubLogin: z.string().min(1),
+	isBot: z.boolean()
+});
+const normalizedInvolveSchema = z.object({
+	githubLogin: z.string().min(1),
+	reason: involveReasonSchema
+});
+const normalizedSurfaceSchema = z.object({
+	title: z.string(),
+	body: z.string(),
+	url: z.string()
+});
+const normalizedRelatedRefSchema = z.object({
+	type: z.literal("issue"),
+	key: z.string().min(1)
+});
+z.object({
+	source: webhookSourceSchema,
+	deliveryId: z.string().nullable(),
+	rawEventType: z.string().min(1),
+	rawAction: z.string().nullable(),
+	entity: normalizedEntitySchema,
+	actor: normalizedActorSchema,
+	kind: normalizedEventKindSchema,
+	involves: z.array(normalizedInvolveSchema),
+	surface: normalizedSurfaceSchema,
+	relatedRefs: z.array(normalizedRelatedRefSchema)
+});
+const githubEventCardReasonSchema = z.enum([
+	"mentioned",
+	"review_requested",
+	"assigned",
+	"subscribed"
+]);
+z.object({
+	type: z.literal("github_event"),
+	reason: githubEventCardReasonSchema,
+	event: z.string().min(1),
+	action: z.string().nullable(),
+	kind: normalizedEventKindSchema,
+	repository: z.string(),
+	sender: z.string(),
+	title: z.string(),
+	body: z.string(),
+	url: z.string(),
+	entity: z.object({
+		type: githubEntityTypeSchema,
+		key: z.string().min(1),
+		url: z.string().nullable()
+	}),
+	mentionedUser: z.string().optional()
+});
 const notificationTypeSchema = z.enum([
 	"agent_error",
-	"session_error",
-	"agent_needs_decision",
 	"agent_blocked",
-	"agent_stale",
-	"agent_disconnected",
-	"agent_connected",
-	"session_completed"
+	"agent_stale"
 ]);
 const notificationSeveritySchema = z.enum([
 	"high",
@@ -1502,12 +1585,6 @@ const orgContextTreeOutputSchema = z.object({
 	repo: z.string().optional(),
 	branch: z.string().optional()
 });
-const orgGithubIntegrationStorageSchema = z.object({ webhookSecretCipher: z.string().optional() });
-const orgGithubIntegrationInputSchema = z.object({ webhookSecret: z.string().min(1).nullish() });
-const orgGithubIntegrationOutputSchema = z.object({
-	webhookSecretConfigured: z.boolean(),
-	webhookUrl: z.string()
-});
 const orgSourceReposStorageSchema = z.object({ repos: z.array(z.object({
 	url: repoUrlSchema,
 	defaultBranch: z.string().optional()
@@ -1527,12 +1604,6 @@ const ORG_SETTINGS_NAMESPACES = {
 		output: orgContextTreeOutputSchema,
 		readPolicy: "member"
 	},
-	github_integration: {
-		storage: orgGithubIntegrationStorageSchema,
-		input: orgGithubIntegrationInputSchema,
-		output: orgGithubIntegrationOutputSchema,
-		readPolicy: "admin"
-	},
 	source_repos: {
 		storage: orgSourceReposStorageSchema,
 		input: orgSourceReposInputSchema,
@@ -1737,10 +1808,6 @@ z.object({
 	chatId: z.string(),
 	event: sessionEventSchema
 });
-z.object({
-	agentId: z.string(),
-	chatId: z.string()
-});
 z.object({
 	type: z.literal("session:reconcile"),
 	agentId: z.string().min(1),
@@ -1947,7 +2014,7 @@ defineConfig({
 	rateLimit: optional({
 		max: field(z.number().default(100), { env: "FIRST_TREE_HUB_RATE_LIMIT_MAX" }),
 		loginMax: field(z.number().default(5), { env: "FIRST_TREE_HUB_RATE_LIMIT_LOGIN_MAX" }),
-		webhookMax: field(z.number().default(60), { env: "FIRST_TREE_HUB_RATE_LIMIT_WEBHOOK_MAX" }),
+		webhookMax: field(z.number().default(600), { env: "FIRST_TREE_HUB_RATE_LIMIT_WEBHOOK_MAX" }),
 		contextTreeSnapshotMax: field(z.number().default(6), { env: "FIRST_TREE_HUB_RATE_LIMIT_CONTEXT_TREE_SNAPSHOT_MAX" }),
 		agentMessageMax: field(z.number().default(30), { env: "FIRST_TREE_HUB_RATE_LIMIT_AGENT_MESSAGE_MAX" })
 	}),
@@ -2538,14 +2605,6 @@ var ClientConnection = class extends EventEmitter {
 			event
 		}));
 	}
-	reportSessionCompletion(agentId, chatId) {
-		if (!this.ws || this.ws.readyState !== WebSocket.OPEN) return;
-		this.ws.send(JSON.stringify({
-			type: "session:completion",
-			agentId,
-			chatId
-		}));
-	}
 	/** Ask the server which of the supplied chatIds the client should drop. */
 	sendSessionReconcile(agentId, chatIds) {
 		if (!this.ws || this.ws.readyState !== WebSocket.OPEN) return;
@@ -4844,7 +4903,6 @@ const createClaudeCodeHandler = (config) => {
 									try {
 										await sessionCtx.forwardResult(resultText);
 										sessionCtx.log("Result forwarded to chat");
-										sessionCtx.reportSessionCompletion();
 										sessionCtx.emitEvent({
 											kind: "turn_end",
 											payload: { status: "success" }
@@ -5437,7 +5495,6 @@ const createCodexHandler = (config) => {
 			kind: "turn_end",
 			payload: { status: succeeded ? "success" : "error" }
 		});
-		if (succeeded && accumulated.trim()) sessionCtx.reportSessionCompletion();
 		sessionCtx.setRuntimeState("idle");
 		if (queuedMessages.length > 0 && !drainScheduled) {
 			drainScheduled = true;
@@ -6459,9 +6516,6 @@ var SessionManager = class {
 			emitEvent: (event) => {
 				this.config.onSessionEvent?.(chatId, event);
 			},
-			reportSessionCompletion: () => {
-				this.config.onSessionCompletion?.(chatId);
-			},
 			forwardResult,
 			buildAgentEnv: (parentEnv) => buildAgentEnv(parentEnv, envCtx),
 			formatInboundContent: (message) => formatInboundContent(message, participants),
@@ -6698,8 +6752,7 @@ var AgentSlot = class {
 			ackEntry,
 			onStateChange: (chatId, state) => this.reportSessionState(chatId, state),
 			onRuntimeStateChange: (state) => this.reportRuntimeState(state),
-			onSessionEvent: (chatId, event) => this.reportSessionEvent(chatId, event),
-			onSessionCompletion: (chatId) => this.reportSessionCompletion(chatId)
+			onSessionEvent: (chatId, event) => this.reportSessionEvent(chatId, event)
 		});
 		const onCommand = (cmd) => {
 			if (cmd.agentId === this.config.agentId && this.sessionManager) this.sessionManager.handleCommand(cmd.chatId, cmd.type).catch((err) => {
@@ -6747,9 +6800,6 @@ var AgentSlot = class {
 	reportSessionEvent(chatId, event) {
 		this.clientConnection.reportSessionEvent(this.config.agentId, chatId, event);
 	}
-	reportSessionCompletion(chatId) {
-		this.clientConnection.reportSessionCompletion(this.config.agentId, chatId);
-	}
 	fullStateSync() {
 		if (!this.sessionManager) return;
 		for (const { chatId, state } of this.sessionManager.getSessionStates()) this.clientConnection.reportSessionState(this.config.agentId, chatId, state);
@@ -9443,7 +9493,7 @@ async function onboardCreate(args) {
 	}
 	const runtimeAgent = args.type === "human" ? args.assistant : args.id;
 	if (args.feishuBotAppId && args.feishuBotAppSecret) {
-		const { bindFeishuBot } = await import("./feishu-DrnBbl8T.mjs").then((n) => n.r);
+		const { bindFeishuBot } = await import("./feishu-30vUx69l.mjs").then((n) => n.r);
 		const targetAgentUuid = args.type === "human" ? assistantUuid : primary.uuid;
 		if (!targetAgentUuid) print.line(`Warning: Cannot bind Feishu bot — no runtime agent available for "${args.id}".\n`);
 		else {
@@ -10656,7 +10706,7 @@ function createFeedbackHandler(config) {
 	return { handle };
 }
 //#endregion
-//#region ../server/dist/app-BpskScln.mjs
+//#region ../server/dist/app-B1wsm8zG.mjs
 var import_fastify_opentelemetry = /* @__PURE__ */ __toESM(require_fastify_opentelemetry(), 1);
 init_esm();
 var __defProp = Object.defineProperty;
@@ -11041,7 +11091,7 @@ async function deleteAdapterConfig(db, id) {
 	const [row] = await db.delete(adapterConfigs).where(eq(adapterConfigs.id, id)).returning();
 	if (!row) throw new NotFoundError(`Adapter config "${id}" not found`);
 }
-const log$6 = createLogger$1("Adapters");
+const log$7 = createLogger$1("Adapters");
 function parseId(raw) {
 	const id = Number(raw);
 	if (!Number.isInteger(id) || id <= 0) throw new BadRequestError(`Invalid adapter ID: "${raw}"`);
@@ -11067,7 +11117,7 @@ async function adapterRoutes(app) {
 		const existing = await getAdapterConfig(app.db, id);
 		await assertAgentManageableByUser(app.db, userId, existing.agentId);
 		const config = await updateAdapterConfig(app.db, id, body, app.config.secrets.encryptionKey);
-		app.adapterManager.reload().catch((err) => log$6.error({ err }, "adapter reload failed after update"));
+		app.adapterManager.reload().catch((err) => log$7.error({ err }, "adapter reload failed after update"));
 		app.notifier.notifyConfigChange("adapter_configs").catch(() => {});
 		return {
 			...config,
@@ -11081,7 +11131,7 @@ async function adapterRoutes(app) {
 		const existing = await getAdapterConfig(app.db, id);
 		await assertAgentManageableByUser(app.db, userId, existing.agentId);
 		await deleteAdapterConfig(app.db, id);
-		app.adapterManager.reload().catch((err) => log$6.error({ err }, "adapter reload failed after delete"));
+		app.adapterManager.reload().catch((err) => log$7.error({ err }, "adapter reload failed after delete"));
 		app.notifier.notifyConfigChange("adapter_configs").catch(() => {});
 		return reply.status(204).send();
 	});
@@ -11097,7 +11147,7 @@ function requireAgent(request) {
 	if (!agent) throw new UnauthorizedError("Agent authentication required");
 	return agent;
 }
-const log$5 = createLogger$1("AgentChatsRoute");
+const log$6 = createLogger$1("AgentChatsRoute");
 function serializeChat(chat) {
 	return {
 		...chat,
@@ -11160,7 +11210,7 @@ async function agentChatRoutes(app) {
 	app.post("/:chatId/participants", async (request, reply) => {
 		const identity = requireAgent(request);
 		if (request.body !== null && typeof request.body === "object" && "mode" in request.body) {
-			log$5.warn({
+			log$6.warn({
 				code: "MODE_FIELD_DEPRECATED",
 				chatId: request.params.chatId,
 				senderAgentId: identity.uuid,
@@ -11383,6 +11433,20 @@ async function validateDelegateMentionTarget(db, targetUuid, sourceOrgId) {
 	if (target.organizationId !== sourceOrgId) throw new BadRequestError("delegateMention target must belong to the same organization as the agent");
 }
 /**
+* Service-layer guard: `delegateMention` is only available for `human` agents.
+* Mirrors the Web UI in `identity-section.tsx`, which only renders the
+* delegate-mention selector when `agent.type === "human"`. Without this
+* server-side check, CLI / Admin API / internal scripts could write
+* delegateMention onto non-human rows, silently re-enabling the
+* autonomous-agent-self-mention path that resolveAudience would then fan
+* out. Called from `createAgent` / `updateAgent` before
+* `validateDelegateMentionTarget` so a wrong source type fails fast without
+* the target lookup round-trip.
+*/
+function assertDelegateMentionAllowed(sourceType) {
+	if (sourceType !== AGENT_TYPES.HUMAN) throw new BadRequestError("delegateMention can only be set on human agents");
+}
+/**
 * Pick the first admin member in the org for internal system agents. Throws
 * if the org has no admin — the caller should surface the error so an admin
 * is created before the system tries to register more agents.
@@ -11422,7 +11486,10 @@ async function createAgent(db, data, options = {}) {
 		type: data.type
 	});
 	await ensureClientSupportsRuntimeProvider(db, clientId, runtimeProvider, { force: options.force });
-	if (data.delegateMention) await validateDelegateMentionTarget(db, data.delegateMention, orgId);
+	if (data.delegateMention) {
+		assertDelegateMentionAllowed(data.type);
+		await validateDelegateMentionTarget(db, data.delegateMention, orgId);
+	}
 	const [org] = await db.select({ maxAgents: organizations.maxAgents }).from(organizations).where(eq(organizations.id, orgId)).limit(1);
 	if (org && org.maxAgents > 0) {
 		if (((await db.select({ value: count() }).from(agents).where(and(eq(agents.organizationId, orgId), ne(agents.status, AGENT_STATUSES.DELETED))))[0]?.value ?? 0) >= org.maxAgents) throw new ForbiddenError(`Organization "${orgId}" has reached its agent limit (${org.maxAgents}). Upgrade your plan or delete unused agents.`);
@@ -11567,10 +11634,16 @@ async function updateAgent(db, uuid, data) {
 		if (agent.clientId !== null && agent.clientId !== data.clientId) throw new BadRequestError("clientId is immutable through this entry — cross-client moves go through rebindAgent (PATCH /agents/:uuid/rebind), which runs owner / org / capability checks atomically.");
 	}
 	const updates = { updatedAt: /* @__PURE__ */ new Date() };
-	if (data.type !== void 0) updates.type = data.type;
+	if (data.type !== void 0) {
+		if (data.type !== AGENT_TYPES.HUMAN && agent.delegateMention !== null && data.delegateMention !== null) throw new BadRequestError("Cannot change type away from `human` while delegateMention is set — clear delegateMention in the same patch.");
+		updates.type = data.type;
+	}
 	if (data.displayName !== void 0) updates.displayName = data.displayName;
 	if (data.delegateMention !== void 0) {
-		if (data.delegateMention !== null) await validateDelegateMentionTarget(db, data.delegateMention, agent.organizationId);
+		if (data.delegateMention !== null) {
+			assertDelegateMentionAllowed(data.type ?? agent.type);
+			await validateDelegateMentionTarget(db, data.delegateMention, agent.organizationId);
+		}
 		updates.delegateMention = data.delegateMention;
 	}
 	if (data.visibility !== void 0) updates.visibility = data.visibility;
@@ -11681,7 +11754,7 @@ async function deleteAgent(db, uuid) {
 	if (!agent) throw new Error("Unexpected: UPDATE RETURNING produced no row");
 	return agent;
 }
-const log$4 = createLogger$1("AgentFeishuBot");
+const log$5 = createLogger$1("AgentFeishuBot");
 async function agentFeishuBotRoutes(app) {
 	/**
 	* PUT /agent/me/feishu-bot
@@ -11709,7 +11782,7 @@ async function agentFeishuBotRoutes(app) {
 			},
 			status: "active"
 		}, app.config.secrets.encryptionKey);
-		app.adapterManager.reload().catch((err) => log$4.error({ err }, "adapter reload failed after self-service bind"));
+		app.adapterManager.reload().catch((err) => log$5.error({ err }, "adapter reload failed after self-service bind"));
 		app.notifier.notifyConfigChange("adapter_configs").catch(() => {});
 		return reply.status(current ? 200 : 201).send({
 			...config,
@@ -11726,7 +11799,7 @@ async function agentFeishuBotRoutes(app) {
 		const current = (await listAdapterConfigs(app.db)).find((c) => c.agentId === identity.uuid && c.platform === "feishu");
 		if (!current) return reply.status(204).send();
 		await deleteAdapterConfig(app.db, current.id);
-		app.adapterManager.reload().catch((err) => log$4.error({ err }, "adapter reload failed after self-service unbind"));
+		app.adapterManager.reload().catch((err) => log$5.error({ err }, "adapter reload failed after self-service unbind"));
 		app.notifier.notifyConfigChange("adapter_configs").catch(() => {});
 		return reply.status(204).send();
 	});
@@ -12357,7 +12430,7 @@ async function collectTargetInboxes(db, chatId, inReplyTo) {
 	}
 	return [...set];
 }
-const log$3 = createLogger$1("AgentMessages");
+const log$4 = createLogger$1("AgentMessages");
 const editMessageSchema = z.object({
 	format: z.string().optional(),
 	content: z.unknown()
@@ -12385,7 +12458,7 @@ function agentMessageWriteRateLimit(max) {
 		keyGenerator: (req) => {
 			const agentId = req.agent?.uuid;
 			if (agentId) return `agent:${agentId}`;
-			log$3.warn({
+			log$4.warn({
 				ip: req.ip,
 				route: req.routeOptions?.url ?? req.url
 			}, "rate-limit keyGenerator fell back to IP — req.agent missing on a route under /agent (hook order regression?)");
@@ -12418,7 +12491,7 @@ async function agentMessageRoutes(app) {
 		await assertParticipant(app.db, request.params.chatId, identity.uuid);
 		const body = editMessageSchema.parse(request.body);
 		const msg = await editMessage(app.db, request.params.chatId, request.params.messageId, identity.uuid, body);
-		app.adapterManager.editOutboundMessage(msg.id, msg.format, msg.content).catch((err) => log$3.error({
+		app.adapterManager.editOutboundMessage(msg.id, msg.format, msg.content).catch((err) => log$4.error({
 			err,
 			messageId: msg.id
 		}, "failed to edit outbound message"));
@@ -12597,35 +12670,84 @@ const notifications = pgTable("notifications", {
 	chatId: text("chat_id"),
 	message: text("message").notNull(),
 	read: boolean("read").notNull().default(false),
+	dedupKey: text("dedup_key"),
 	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow()
 }, (table) => [
 	index("idx_notifications_org_created").on(table.organizationId, table.createdAt),
 	index("idx_notifications_agent").on(table.agentId),
-	index("idx_notifications_org_read").on(table.organizationId, table.read)
+	index("idx_notifications_org_read").on(table.organizationId, table.read),
+	uniqueIndex("uq_notifications_org_dedup_unread").on(table.organizationId, table.dedupKey).where(sql`read = false AND dedup_key IS NOT NULL`)
 ]);
-let registered = null;
+let localBroadcaster = null;
+let crossInstanceBroadcaster = null;
 function registerAdminBroadcaster(fn) {
-	registered = fn;
+	localBroadcaster = fn;
+}
+function registerCrossInstanceBroadcaster(fn) {
+	crossInstanceBroadcaster = fn;
 }
 function broadcastToAdmins(payload) {
-	if (!registered) return;
+	if (!localBroadcaster) return;
 	try {
-		registered(payload);
+		localBroadcaster(payload);
 	} catch {}
 }
-/** Create a notification, persist it, and fire-and-forget push to all channels. */
+/**
+* Fan out to every admin socket across every server instance via PG NOTIFY.
+* Falls back to single-instance fanout when no cross-instance broadcaster is
+* registered (e.g. unit tests that don't boot a notifier).
+*/
+function broadcastAdminsCrossInstance(payload) {
+	if (crossInstanceBroadcaster) {
+		try {
+			crossInstanceBroadcaster(payload);
+		} catch {}
+		return;
+	}
+	broadcastToAdmins(payload);
+}
+/**
+* Create a notification, persist it, and fire-and-forget push to all channels.
+*
+* Dedup contract (when `dedupKey` is set and an unread row already exists):
+*   - **severity escalates monotonically** — `high` never drops back to
+*     `medium`, `medium` never drops back to `low`. Prevents the bell badge
+*     from understating a degrading agent (stale=medium first, then
+*     error=high arriving — the row sticks at high).
+*   - **type and message take the latest event's values** — so the row
+*     reflects the most recent observation in the UI ("entered error state"
+*     replaces "is unresponsive" once the runtime starts reporting error).
+*   - **createdAt is preserved** so the bell ordering still tracks "when did
+*     this incident open" rather than "when was the last observation".
+*
+* Rows without a `dedupKey` never hit the partial unique index and keep the
+* legacy always-insert behaviour.
+*/
 async function createNotification(db, data) {
 	const id = uuidv7();
-	const [row] = await db.insert(notifications).values({
+	const row = (await db.insert(notifications).values({
 		id,
 		organizationId: data.organizationId,
 		type: data.type,
 		severity: data.severity,
 		agentId: data.agentId ?? null,
 		chatId: data.chatId ?? null,
-		message: data.message
-	}).returning();
-	if (!row) throw new Error("Unexpected: INSERT RETURNING produced no row");
+		message: data.message,
+		dedupKey: data.dedupKey ?? null
+	}).onConflictDoUpdate({
+		target: [notifications.organizationId, notifications.dedupKey],
+		set: {
+			severity: sql`CASE
+          WHEN ${notifications.severity} = 'high' OR excluded.severity = 'high' THEN 'high'
+          WHEN ${notifications.severity} = 'medium' OR excluded.severity = 'medium' THEN 'medium'
+          ELSE 'low'
+        END`,
+			type: sql`excluded.type`,
+			message: sql`excluded.message`
+		},
+		targetWhere: sql`${notifications.read} = false AND ${notifications.dedupKey} IS NOT NULL`
+	}).returning())[0];
+	if (!row) return null;
 	const notification = {
 		id: row.id,
 		organizationId: row.organizationId,
@@ -12658,18 +12780,15 @@ async function listNotifications(db, orgId, memberId, query) {
 		items: [],
 		nextCursor: null
 	};
-	const conditions = [eq(notifications.organizationId, orgId)];
+	const targetLimit = query.limit;
+	const conditions = [eq(notifications.organizationId, orgId), buildVisibilityCondition([...visibleAgents])];
 	if (query.cursor) conditions.push(lt(notifications.createdAt, new Date(query.cursor)));
 	if (query.severity) conditions.push(eq(notifications.severity, query.severity));
 	if (query.read !== void 0) conditions.push(eq(notifications.read, query.read));
 	if (query.agentId) conditions.push(eq(notifications.agentId, query.agentId));
-	const where = and(...conditions);
-	const overscanFactor = 4;
-	const targetLimit = query.limit;
-	const rawLimit = Math.min(targetLimit * overscanFactor + 1, 400);
-	const visible = (await db.select().from(notifications).where(where).orderBy(desc(notifications.createdAt)).limit(rawLimit)).filter((n) => n.agentId === null || visibleAgents.has(n.agentId));
-	const hasMore = visible.length > targetLimit;
-	const items = hasMore ? visible.slice(0, targetLimit) : visible;
+	const rows = await db.select().from(notifications).where(and(...conditions)).orderBy(desc(notifications.createdAt)).limit(targetLimit + 1);
+	const hasMore = rows.length > targetLimit;
+	const items = hasMore ? rows.slice(0, targetLimit) : rows;
 	const last = items[items.length - 1];
 	const nextCursor = hasMore && last ? last.createdAt.toISOString() : null;
 	return {
@@ -12680,6 +12799,16 @@ async function listNotifications(db, orgId, memberId, query) {
 		nextCursor
 	};
 }
+/**
+* Return the unread notification count for this member's visible agents.
+* Single `SELECT COUNT(*)` — no row fetch — so the topbar bell badge can
+* surface an accurate number (>100) without paying for a list query.
+*/
+async function unreadCount(db, orgId, memberId) {
+	const visibleAgents = await loadVisibleAgentIds$1(db, orgId, memberId);
+	const [row] = await db.select({ count: sql`count(*)` }).from(notifications).where(and(eq(notifications.organizationId, orgId), eq(notifications.read, false), buildVisibilityCondition([...visibleAgents])));
+	return Number(row?.count ?? "0");
+}
 /** Mark a single notification as read, scoped to organization + visible agents. */
 async function markRead(db, notificationId, orgId, memberId) {
 	const [existing] = await db.select({
@@ -12696,16 +12825,17 @@ async function markRead(db, notificationId, orgId, memberId) {
 /** Mark all notifications visible to this member as read. */
 async function markAllRead(db, orgId, memberId) {
 	const visible = await loadVisibleAgentIds$1(db, orgId, memberId);
-	const idsToMark = (await db.select({
-		id: notifications.id,
-		agentId: notifications.agentId
-	}).from(notifications).where(and(eq(notifications.organizationId, orgId), eq(notifications.read, false))).limit(1e3)).filter((n) => n.agentId === null || visible.has(n.agentId)).map((n) => n.id);
-	if (idsToMark.length === 0) return;
-	const batchSize = 200;
-	for (let i = 0; i < idsToMark.length; i += batchSize) {
-		const batch = idsToMark.slice(i, i + batchSize);
-		await db.update(notifications).set({ read: true }).where(and(eq(notifications.organizationId, orgId), eq(notifications.read, false), inArray(notifications.id, batch)));
-	}
+	await db.update(notifications).set({ read: true }).where(and(eq(notifications.organizationId, orgId), eq(notifications.read, false), buildVisibilityCondition([...visible])));
+}
+/**
+* SQL fragment matching every notification visible to a member: org-wide
+* (`agent_id IS NULL`) plus rows tied to an agent in the member's visible
+* set. Centralised so listNotifications, markAllRead, and unreadCount can
+* never drift apart.
+*/
+function buildVisibilityCondition(visibleAgentIds) {
+	if (visibleAgentIds.length === 0) return isNull(notifications.agentId);
+	return or(isNull(notifications.agentId), inArray(notifications.agentId, visibleAgentIds));
 }
 /**
 * Shared visibility predicate. Mirrors
@@ -12739,62 +12869,81 @@ async function resolveAgentContext(db, agentId) {
 		clientLabel
 	};
 }
-async function resolveChatContext(db, chatId) {
-	const [chat] = await db.select({ topic: chats.topic }).from(chats).where(eq(chats.id, chatId)).limit(1);
-	const shortId = chatId.slice(0, 8);
-	return { chatLabel: chat?.topic && chat.topic.trim().length > 0 ? chat.topic.trim() : `Chat ${shortId}` };
-}
 /**
-* Compose a human-readable message for each notification type.
-*
-* Keep subjects consistent with what the dashboard shows the member:
-*   - Session-scoped events → subject is the chat (topic / "Chat xxxxxxxx")
-*   - Client-scoped events  → subject is the computer (hostname / clientId)
-*   - Agent-scoped events   → subject is the agent display name
+* Compose a human-readable message for each notification type. The full set
+* is fault-scoped (error / blocked / stale) — completion events are not
+* notifications because the conversation list already surfaces them.
 */
-function composeMessage(type, agentCtx, chatCtx) {
+function composeMessage(type, agentCtx) {
 	const agent = agentCtx.agentName;
 	const computer = agentCtx.clientLabel ?? "Unknown computer";
-	const chat = chatCtx?.chatLabel ?? null;
 	switch (type) {
-		case "session_completed": return chat ? `${chat} completed` : `${agent} completed a task`;
-		case "session_error": return chat ? `${chat} hit an error` : `${agent} hit a session error`;
-		case "agent_disconnected": return `Computer ${computer} disconnected`;
-		case "agent_connected": return `Computer ${computer} reconnected`;
 		case "agent_stale": return `Computer ${computer} is unresponsive`;
 		case "agent_error": return `${agent} entered error state`;
 		case "agent_blocked": return `${agent} is blocked`;
-		case "agent_needs_decision": return chat ? `${agent} needs a decision in ${chat}` : `${agent} needs a decision`;
 		default: return `${agent} event`;
 	}
 }
 /**
-* Convenience: create a notification for an agent event, resolving org,
-* agent display name, computer hostname, and chat topic automatically.
-* Callers supply the event type and severity; the message text is generated
-* here so language/phrasing is centralized (see {@link composeMessage}).
+* Convenience: create a notification for an agent event, resolving org and
+* agent display name automatically. The message text is generated here so
+* language/phrasing is centralized (see {@link composeMessage}).
+*
+* Default dedup_key when none is supplied: `agent:{agentId}:fault`. All three
+* current fault types (error / blocked / stale) collapse onto one unread row
+* per agent — a single agent that goes error AND then stale should not double
+* the badge for the same underlying problem. Pair with
+* {@link markAgentFaultsResolved}, which closes the row when the agent
+* recovers.
 *
 * Fire-and-forget — errors are swallowed so event producers never fail just
 * because the notification pipeline is unhealthy.
 */
-async function notifyAgentEvent(db, agentId, type, severity, chatId) {
+async function notifyAgentEvent(db, agentId, type, severity, options = {}) {
 	try {
 		const agentCtx = await resolveAgentContext(db, agentId);
 		if (!agentCtx) return;
-		const message = composeMessage(type, agentCtx, chatId ? await resolveChatContext(db, chatId) : null);
+		const message = composeMessage(type, agentCtx);
+		const dedupKey = options.dedupKey === void 0 ? `agent:${agentId}:fault` : options.dedupKey;
 		await createNotification(db, {
 			organizationId: agentCtx.organizationId,
 			type,
 			severity,
 			agentId,
-			chatId: chatId ?? null,
 			clientId: agentCtx.clientId,
-			message
+			message,
+			dedupKey
 		});
 	} catch {}
 }
+/**
+* Mark every unread fault-scoped notification for this agent as read. Called
+* when the agent recovers — either by rebinding (offline → online) or by
+* reporting a healthy runtime state (error/blocked → idle/working). Without
+* this, a transient incident leaves its notification row in "unread" forever
+* and the badge never clears even though the underlying problem is gone.
+*
+* Fire-and-forget — same rationale as {@link notifyAgentEvent}: presence /
+* runtime-state callers must not fail just because notification bookkeeping
+* is unhealthy.
+*
+* Note on badge freshness: this UPDATEs the DB but does not push an event
+* across admin WS. The bell refetches on its own next push or reconnect, so
+* the badge may lag the actual state by up to one push cycle. Adding a
+* dedicated `notification:read` envelope was deferred — it adds a new event
+* shape on both sides for a sub-second cosmetic difference.
+*/
+async function markAgentFaultsResolved(db, agentId) {
+	try {
+		await db.update(notifications).set({ read: true }).where(and(eq(notifications.agentId, agentId), eq(notifications.read, false), inArray(notifications.type, [
+			NOTIFICATION_TYPES.AGENT_ERROR,
+			NOTIFICATION_TYPES.AGENT_BLOCKED,
+			NOTIFICATION_TYPES.AGENT_STALE
+		])));
+	} catch {}
+}
 function pushToAdminWs(notification) {
-	broadcastToAdmins({
+	broadcastAdminsCrossInstance({
 		type: "notification",
 		organizationId: notification.organizationId,
 		agentId: notification.agentId ?? null,
@@ -12938,35 +13087,6 @@ const wsMessageSchema = z.object({
 	agentId: z.string().optional(),
 	ref: z.string().optional()
 });
-/**
-* Client WebSocket: one WS per client, multiple agents multiplexed.
-*
-* Protocol (unified-user-token milestone):
-*   1. Client connects; server waits up to {@link WS_AUTH_FRAME_TIMEOUT_MS}
-*      for the first `auth` frame carrying a member access JWT.
-*      Failure ⇒ server sends `auth:rejected` and closes (code 4401).
-*   2. `client:register` — bind the client_id to the authenticated user.
-*   3. `agent:bind` — run Rule R-RUN (no token); populate presence.
-*   4. `session:state` / `runtime:state` / `session:event` / `session:completion` / `heartbeat`.
-*   5. `agent:unbind` — stop multiplexing for a specific agent.
-*
-* When the JWT is about to expire the server sends `auth:expired` so the
-* SDK can refresh and reconnect without silently half-opening the socket.
-*/
-/** Notification cooldown: prevents duplicate notifications for same (agentId, type) within window. */
-const NOTIFICATION_COOLDOWN_MS = 3e5;
-const notificationCooldowns = /* @__PURE__ */ new Map();
-function shouldNotify(agentId, notificationType) {
-	const key = `${agentId}:${notificationType}`;
-	const now = Date.now();
-	const lastSent = notificationCooldowns.get(key);
-	if (lastSent && now - lastSent < NOTIFICATION_COOLDOWN_MS) return false;
-	notificationCooldowns.set(key, now);
-	if (notificationCooldowns.size > 1e3) {
-		for (const [k, ts] of notificationCooldowns) if (now - ts > NOTIFICATION_COOLDOWN_MS) notificationCooldowns.delete(k);
-	}
-	return true;
-}
 function sendRejected(socket, ref, reason) {
 	socket.send(JSON.stringify({
 		type: "agent:bind:rejected",
@@ -13380,6 +13500,7 @@ function clientWsRoutes(notifier, instanceId) {
 								runtimeType: bindRequest.runtimeType,
 								runtimeVersion: bindRequest.runtimeVersion
 							});
+							markAgentFaultsResolved(app.db, agent.id).catch(() => {});
 							bindAgentToClient(clientId, agent.id);
 							boundAgents.set(agent.id, {
 								agentId: agent.id,
@@ -13489,8 +13610,9 @@ function clientWsRoutes(notifier, instanceId) {
 								organizationId: boundAgentInfo.organizationId,
 								notifier
 							});
-							if (payload.runtimeState === "error" && shouldNotify(agentId, "agent_error")) notifyAgentEvent(app.db, agentId, "agent_error", "high").catch(() => {});
-							else if (payload.runtimeState === "blocked" && shouldNotify(agentId, "agent_blocked")) notifyAgentEvent(app.db, agentId, "agent_blocked", "medium").catch(() => {});
+							if (payload.runtimeState === "error") notifyAgentEvent(app.db, agentId, "agent_error", "high").catch(() => {});
+							else if (payload.runtimeState === "blocked") notifyAgentEvent(app.db, agentId, "agent_blocked", "medium").catch(() => {});
+							else if (payload.runtimeState === "idle" || payload.runtimeState === "working") markAgentFaultsResolved(app.db, agentId).catch(() => {});
 						} else if (type === "session:event") {
 							const agentId = parsed.data.agentId;
 							if (!agentId || !boundAgents.has(agentId)) {
@@ -13511,17 +13633,6 @@ function clientWsRoutes(notifier, instanceId) {
 									}));
 								}
 							});
-						} else if (type === "session:completion") {
-							const agentId = parsed.data.agentId;
-							if (!agentId || !boundAgents.has(agentId)) {
-								socket.send(JSON.stringify({
-									type: "error",
-									message: "Agent not bound"
-								}));
-								return;
-							}
-							const payload = sessionCompletionMessageSchema.parse(msg);
-							if (shouldNotify(agentId, `session_completed:${payload.chatId}`)) notifyAgentEvent(app.db, agentId, "session_completed", "low", payload.chatId).catch(() => {});
 						} else if (type === "inbox:ack") {
 							const payloadResult = inboxAckFrameSchema.safeParse(msg);
 							if (!payloadResult.success) {
@@ -13575,7 +13686,6 @@ function clientWsRoutes(notifier, instanceId) {
 					notifier.unsubscribe(info.inboxId, socket);
 					if (getAgentClientId(agentId) === clientId) try {
 						await unbindAgent(app.db, agentId);
-						if (shouldNotify(agentId, "agent_disconnected")) notifyAgentEvent(app.db, agentId, "agent_disconnected", "medium").catch(() => {});
 					} catch {}
 				}
 				boundAgents.clear();
@@ -14611,6 +14721,83 @@ async function bindInstallationToOrg(db, installationId, hubOrganizationId) {
 	return true;
 }
 /**
+* Webhook handler for `installation: suspend`. Sets `suspended_at` to the
+* timestamp GitHub put on `installation.suspended_at`.
+*
+* Out-of-order safety (codex P1-7): GitHub doesn't guarantee delivery
+* order and redelivers on failure, so a *stale* `suspend` event could
+* arrive after a newer one. The conditional UPDATE only writes when the
+* row is currently unsuspended OR carries an *earlier* `suspended_at` —
+* a stale re-suspend with an older timestamp is a no-op.
+*
+* (Limitation: once an `unsuspend` has cleared `suspended_at` to NULL we
+* no longer know *when* that happened, so a stale `suspend` arriving after
+* an `unsuspend` would still re-suspend. Proper handling would need a
+* dedicated lifecycle-sequence column; in practice suspend/unsuspend are
+* minutes-apart human actions, well outside any realistic reorder window.)
+*/
+async function markInstallationSuspended(db, installationId, suspendedAt) {
+	await db.update(githubAppInstallations).set({
+		suspendedAt,
+		updatedAt: /* @__PURE__ */ new Date()
+	}).where(and(eq(githubAppInstallations.installationId, installationId), or(isNull(githubAppInstallations.suspendedAt), lt(githubAppInstallations.suspendedAt, suspendedAt))));
+}
+/**
+* Webhook handler for `installation: unsuspend`. Clears `suspended_at`.
+*
+* `unsuspendedAt` is the time we received the event (GitHub's `unsuspend`
+* payload, unlike `suspend`, carries no event timestamp). The conditional
+* UPDATE only clears when the current `suspended_at` predates that — i.e.
+* a stale `unsuspend` that lost the race to a newer `suspend` won't undo
+* it. A row that's already unsuspended (`suspended_at IS NULL`) is left
+* alone (the `< unsuspendedAt` comparison is NULL → no match), which is
+* the desired no-op.
+*/
+async function markInstallationUnsuspended(db, installationId, unsuspendedAt) {
+	await db.update(githubAppInstallations).set({
+		suspendedAt: null,
+		updatedAt: /* @__PURE__ */ new Date()
+	}).where(and(eq(githubAppInstallations.installationId, installationId), lt(githubAppInstallations.suspendedAt, unsuspendedAt)));
+}
+/**
+* Webhook handler for `installation: deleted`. Removes the row outright —
+* the user uninstalled the App from their account; the row has no value.
+*
+* The earlier 60-s `createdAt`-based grace window (added in C.12 codex P1-7
+* to guard against delayed `deleted` events clobbering fresh re-installs)
+* was reverted after a post-Phase-C codex challenge flagged a worse bug:
+* a real install + immediate uninstall (within 60 s) became permanent —
+* the handler returned a 200 no-op so GitHub never redelivered, and the
+* Hub-side row lived forever even though the App was gone upstream.
+*
+* The original race the grace was meant to solve doesn't actually exist:
+* GitHub mints a fresh `installation.id` per install, so a delayed
+* `deleted` for id N cannot wipe a fresh re-install (which has id M ≠ N).
+* Same-id replays are handled by the `processed_events` dedup table.
+*
+* The remaining "stale `created` after `deleted` resurrects the row" risk
+* is a pre-existing hole in `upsertInstallationFromMetadata` (not
+* introduced by Phase C). Tracked as a Phase D follow-up — the upsert
+* path needs a `last_lifecycle_event_at` column or tombstone to be
+* order-safe.
+*
+* Note: deleting the org on the Hub side is the inverse case — handled
+* by the `ON DELETE SET NULL` FK on `hub_organization_id`, which keeps
+* the installation row alive so a future rebind can recover.
+*/
+async function deleteInstallationByGithubId(db, installationId) {
+	await db.delete(githubAppInstallations).where(eq(githubAppInstallations.installationId, installationId));
+}
+/**
+* Lookup an installation by GitHub-side id. Used by the webhook router
+* to resolve `installation.id` → `hub_organization_id` so downstream
+* event handlers (issues, PRs) know which Hub team the event belongs to.
+*/
+async function findInstallationByGithubId(db, installationId) {
+	const [row] = await db.select().from(githubAppInstallations).where(eq(githubAppInstallations.installationId, installationId)).limit(1);
+	return row ?? null;
+}
+/**
 * Lookup the installation bound to a Hub team. Used by Settings →
 * Integrations to render the connected-account panel. Returns null when
 * no install is bound.
@@ -15266,10 +15453,9 @@ async function bootstrapConfigRoutes(_app) {
 	* Public endpoint — returns bootstrap prerequisites for CLI auto-discovery.
 	*
 	* `allowedOrg` used to surface here from the global `github.allowedOrg`
-	* config; it is now a per-org setting (see issue #255). A public bootstrap
-	* endpoint can't resolve an org without a caller, so the field is
-	* surfaced as `null` and consumers should fetch the per-org value via
-	* `/api/v1/orgs/:orgId/settings/github_integration` after auth.
+	* config; it is now per-installation state on `github_app_installations`
+	* (see issue #255). A public bootstrap endpoint can't resolve an
+	* installation without a caller, so the field is surfaced as `null`.
 	*/
 	_app.get("/config", async () => {
 		return { allowedOrg: null };
@@ -15602,7 +15788,7 @@ async function getCallerEngagement(db, chatId, agentId) {
 *     (speaker → "participant" / watcher → "watching"); the user
 *     state row supplies the unread counter (COALESCE → 0 when
 *     row is missing).
-*   - Filter `parent_chat_id IS NULL` (threads excluded in v1).
+*   - Filter `parent_chat_id IS NULL` (nested chats not surfaced in v1).
 *   - Filter `c.organization_id = ?` to defend against historical
 *     cross-org pollution rows that may still reference the caller
 *     (see fix/cross-org-direct-chat-pollution).
@@ -15670,9 +15856,11 @@ async function listMeChats(db, humanAgentId, organizationId, query) {
 		chatId: chatMembership.chatId,
 		agentId: chatMembership.agentId,
 		displayName: agents.displayName,
-		type: agents.type
-	}).from(chatMembership).innerJoin(agents, eq(chatMembership.agentId, agents.uuid)).where(and(inArray(chatMembership.chatId, chatIds), eq(chatMembership.accessMode, "speaker")));
+		type: agents.type,
+		runtimeState: agentPresence.runtimeState
+	}).from(chatMembership).innerJoin(agents, eq(chatMembership.agentId, agents.uuid)).leftJoin(agentPresence, eq(agentPresence.agentId, chatMembership.agentId)).where(and(inArray(chatMembership.chatId, chatIds), eq(chatMembership.accessMode, "speaker")));
 	const participantsByChat = /* @__PURE__ */ new Map();
+	const workingByChat = /* @__PURE__ */ new Map();
 	for (const p of participantRows) {
 		const list = participantsByChat.get(p.chatId) ?? [];
 		list.push({
@@ -15681,6 +15869,11 @@ async function listMeChats(db, humanAgentId, organizationId, query) {
 			type: p.type
 		});
 		participantsByChat.set(p.chatId, list);
+		if (p.runtimeState === "working") {
+			const working = workingByChat.get(p.chatId) ?? [];
+			working.push(p.agentId);
+			workingByChat.set(p.chatId, working);
+		}
 	}
 	const firstMessageRows = chatIds.length > 0 ? await db.selectDistinctOn([messages.chatId], {
 		chatId: messages.chatId,
@@ -15708,7 +15901,8 @@ async function listMeChats(db, humanAgentId, organizationId, query) {
 				lastMessagePreview: r.last_message_preview,
 				unreadMentionCount: r.unread_mention_count,
 				canReply: isSpeaker,
-				engagementStatus: r.engagement_status
+				engagementStatus: r.engagement_status,
+				workingAgentIds: workingByChat.get(r.chat_id) ?? []
 			};
 		}),
 		nextCursor
@@ -16156,15 +16350,13 @@ const organizationSettings = pgTable("organization_settings", {
 * registry of valid namespaces and their storage / input / output schemas
 * lives in `@agent-team-foundation/first-tree-hub-shared`.
 *
-* Read path:  storage row → decrypt secrets → output (mask)
-* Write path: input → validate → encrypt secrets → merge with current storage → upsert (in tx)
+* Read path:  storage row → output (mask)
+* Write path: input → validate → merge with current storage → upsert (in tx)
 *
-* The generic getter returns the masked output. Callers needing plaintext
-* for a specific secret use a purpose-built helper (e.g.
-* `getDecryptedGithubWebhookSecret`) rather than the generic storage shape
-* — this avoids a `…Cipher` field name silently holding plaintext at
-* call-sites and limits secret exposure to one explicit code path per
-* secret. (#4)
+* The generic getter returns the masked output. Per-namespace plaintext
+* accessors live alongside this module when a secret needs to leave the
+* encrypted-at-rest boundary (none today after the github_integration
+* webhook secret was retired — DP12).
 */
 function assertNamespace(ns) {
 	if (!isOrgSettingNamespace(ns)) throw new BadRequestError(`Unknown organization-settings namespace: "${ns}"`);
@@ -16177,19 +16369,15 @@ async function fetchStorageRow(db, orgId, namespace) {
 function emptyStorage(namespace) {
 	return ORG_SETTINGS_NAMESPACES$1[namespace].storage.parse({});
 }
-function ensureEncrypted(value, encryptionKey) {
-	return isEncryptedValue(value) ? value : encryptValue(value, encryptionKey);
-}
 /**
 * Merge a validated input into the current storage row for a namespace.
-* Secret fields are encrypted here.
 *
 * Input semantics per nullish field:
 *   `undefined` → unchanged
 *   `null`      → cleared
 *   value       → set / replace (already validated as non-empty by the input schema)
 */
-function applyInputDelta(namespace, current, input, encryptionKey) {
+function applyInputDelta(namespace, current, input) {
 	if (namespace === "context_tree") {
 		const cur = current;
 		const inp = input;
@@ -16198,11 +16386,6 @@ function applyInputDelta(namespace, current, input, encryptionKey) {
 			branch: inp.branch === void 0 ? cur.branch : inp.branch ?? "main"
 		};
 	}
-	if (namespace === "github_integration") {
-		const cur = current;
-		const inp = input;
-		return { webhookSecretCipher: inp.webhookSecret === void 0 ? cur.webhookSecretCipher : inp.webhookSecret === null ? void 0 : ensureEncrypted(inp.webhookSecret, encryptionKey) };
-	}
 	if (namespace === "source_repos") {
 		const cur = current;
 		const inp = input;
@@ -16212,9 +16395,7 @@ function applyInputDelta(namespace, current, input, encryptionKey) {
 }
 /**
 * Project the storage row into the API output for a namespace, masking
-* any secret fields. `webhookUrl` for `github_integration` is left as an
-* empty string here — the route layer enriches it with the resolved
-* `server.publicUrl` (the service stays config-agnostic).
+* any secret fields.
 */
 function toOutput(namespace, storage) {
 	if (namespace === "context_tree") {
@@ -16224,13 +16405,6 @@ function toOutput(namespace, storage) {
 			branch: s.branch
 		};
 	}
-	if (namespace === "github_integration") {
-		const s = storage;
-		return {
-			webhookSecretConfigured: typeof s.webhookSecretCipher === "string" && s.webhookSecretCipher.length > 0,
-			webhookUrl: ""
-		};
-	}
 	if (namespace === "source_repos") return { repos: storage.repos };
 	return namespace;
 }
@@ -16251,17 +16425,6 @@ async function getOrgContextTree(db, orgId) {
 	return await fetchStorageRow(db, orgId, "context_tree") ?? emptyStorage("context_tree");
 }
 /**
-* Decrypt and return the plaintext GitHub webhook secret for an org.
-* Returns `null` when the org has not configured one. The only intended
-* caller is the webhook route's signature verifier — the result must
-* never leak through HTTP responses or logs. (#4)
-*/
-async function getDecryptedGithubWebhookSecret(db, orgId, encryptionKey) {
-	const cipher = (await fetchStorageRow(db, orgId, "github_integration"))?.webhookSecretCipher;
-	if (!cipher) return null;
-	return isEncryptedValue(cipher) ? decryptValue(cipher, encryptionKey) : cipher;
-}
-/**
 * Upsert a setting. Returns the masked output of the resulting row.
 *
 * The fetch + merge + upsert sequence runs inside a single transaction so
@@ -16277,7 +16440,7 @@ async function putOrgSetting(db, orgId, namespace, rawInput, options) {
 		const txDb = tx;
 		const [org] = await txDb.select({ id: organizations.id }).from(organizations).where(eq(organizations.id, orgId)).limit(1);
 		if (!org) throw new NotFoundError(`Organization "${orgId}" not found`);
-		const merged = applyInputDelta(namespace, await fetchStorageRow(txDb, orgId, namespace) ?? emptyStorage(namespace), input, options.encryptionKey);
+		const merged = applyInputDelta(namespace, await fetchStorageRow(txDb, orgId, namespace) ?? emptyStorage(namespace), input);
 		const validated = ORG_SETTINGS_NAMESPACES$1[namespace].storage.parse(merged);
 		await tx.insert(organizationSettings).values({
 			organizationId: orgId,
@@ -17407,7 +17570,7 @@ async function healthzRoutes(app) {
 * `api/orgs/invitations.ts` (Class B, admin-gated).
 */
 async function publicInvitationRoutes(app) {
-	const { previewInvitation } = await import("./invitation-C299fxkP-KKslbta2.mjs");
+	const { previewInvitation } = await import("./invitation-C299fxkP-CZgGbsN_.mjs");
 	app.get("/:token/preview", async (request, reply) => {
 		if (!request.params.token) throw new UnauthorizedError("Token required");
 		const preview = await previewInvitation(app.db, request.params.token);
@@ -17673,7 +17836,7 @@ async function meRoutes(app) {
 	*/
 	app.get("/me/pinned-agents", async (request) => {
 		const { userId } = requireUser(request);
-		const { listMyPinnedAgents } = await import("./client-CjGIGddS-BrpazWa3.mjs");
+		const { listMyPinnedAgents } = await import("./client-DNiLcPEq-db3YS57z.mjs");
 		return listMyPinnedAgents(app.db, { userId });
 	});
 	/**
@@ -17925,7 +18088,7 @@ async function orgAdapterStatusRoutes(app) {
 		return app.adapterManager.getBotStatuses().filter((s) => visibleIds.has(s.configId));
 	});
 }
-const log$2 = createLogger$1("OrgAdapters");
+const log$3 = createLogger$1("OrgAdapters");
 /** Class B — `/api/v1/orgs/:orgId/adapters`. */
 async function orgAdapterRoutes(app) {
 	app.get("/", async (request) => {
@@ -17941,7 +18104,7 @@ async function orgAdapterRoutes(app) {
 		const body = createAdapterConfigSchema.parse(request.body);
 		await assertAgentManageableByUser(app.db, scope.userId, body.agentId);
 		const config = await createAdapterConfig(app.db, body, app.config.secrets.encryptionKey);
-		app.adapterManager.reload().catch((err) => log$2.error({ err }, "adapter reload failed after create"));
+		app.adapterManager.reload().catch((err) => log$3.error({ err }, "adapter reload failed after create"));
 		app.notifier.notifyConfigChange("adapter_configs").catch(() => {});
 		return reply.status(201).send({
 			...config,
@@ -18464,6 +18627,10 @@ async function orgNotificationRoutes(app) {
 		const query = notificationQuerySchema.parse(request.query);
 		return listNotifications(app.db, scope.organizationId, scope.memberId, query);
 	});
+	app.get("/unread-count", async (request) => {
+		const scope = await requireOrgMembership(request, app.db);
+		return { count: await unreadCount(app.db, scope.organizationId, scope.memberId) };
+	});
 	app.post("/:id/read", async (request) => {
 		const scope = await requireOrgMembership(request, app.db);
 		const result = await markRead(app.db, request.params.id, scope.organizationId, scope.memberId);
@@ -18524,24 +18691,20 @@ async function orgSessionRoutes(app) {
 * GET gating is per-namespace via `readPolicy` in the registry: namespaces
 * with no secret fields (`context_tree`, `source_repos`) are readable by
 * any active org member, so an invitee can see what tree and repos the
-* team is bound to before joining the chat. Namespaces whose masked output
-* still leaks a `…Configured` boolean (`github_integration`) stay
-* admin-only. PUT and DELETE are always admin-only regardless of
-* namespace — non-admins must never mutate org-wide config.
+* team is bound to before joining the chat. PUT and DELETE are always
+* admin-only regardless of namespace — non-admins must never mutate
+* org-wide config.
 */
 async function orgSettingsRoutes(app) {
 	app.get("/:namespace", async (request) => {
 		const namespace = parseNamespace(request.params.namespace);
 		const scope = ORG_SETTINGS_NAMESPACES$1[namespace].readPolicy === "member" ? await requireOrgMembership(request, app.db) : await requireOrgAdmin(request, app.db);
-		return enrichOutput(namespace, await getOrgSetting(app.db, scope.organizationId, namespace), scope.organizationId, app.config.server.publicUrl);
+		return getOrgSetting(app.db, scope.organizationId, namespace);
 	});
 	app.put("/:namespace", { config: { otelRecordBody: true } }, async (request) => {
 		const scope = await requireOrgAdmin(request, app.db);
 		const namespace = parseNamespace(request.params.namespace);
-		return enrichOutput(namespace, await putOrgSetting(app.db, scope.organizationId, namespace, request.body, {
-			updatedBy: scope.userId,
-			encryptionKey: app.config.secrets.encryptionKey
-		}), scope.organizationId, app.config.server.publicUrl);
+		return putOrgSetting(app.db, scope.organizationId, namespace, request.body, { updatedBy: scope.userId });
 	});
 	app.delete("/:namespace", async (request, reply) => {
 		const scope = await requireOrgAdmin(request, app.db);
@@ -18554,27 +18717,6 @@ function parseNamespace(raw) {
 	if (!isOrgSettingNamespace(raw)) throw new BadRequestError(`Unknown organization-settings namespace: "${raw}"`);
 	return raw;
 }
-/**
-* Resolve namespace-specific server-config-derived fields. The service
-* layer stays config-agnostic — namespace knowledge that needs `app.config`
-* lives here. Currently only `github_integration.webhookUrl` qualifies.
-*
-* If `server.publicUrl` is unset on the Hub, `webhookUrl` is left as `""`
-* so the UI can render a "contact your site administrator" notice rather
-* than fall back to `window.location.origin` (which is wrong behind a
-* reverse proxy). (#12)
-*/
-function enrichOutput(namespace, out, orgId, publicUrl) {
-	if (namespace === "github_integration") {
-		const o = out;
-		const webhookUrl = publicUrl ? `${publicUrl.replace(/\/+$/, "")}/api/v1/webhooks/github/${orgId}` : "";
-		return {
-			...o,
-			webhookUrl
-		};
-	}
-	return out;
-}
 async function loadVisibleAgentIds(db, organizationId, memberId) {
 	const rows = await db.select({ id: agents.uuid }).from(agents).where(and(eq(agents.organizationId, organizationId), ne(agents.status, AGENT_STATUSES.DELETED), or(eq(agents.visibility, AGENT_VISIBILITY.ORGANIZATION), eq(agents.managerId, memberId))));
 	return new Set(rows.map((r) => r.id));
@@ -18795,6 +18937,128 @@ async function sessionRoutes(app) {
 		});
 	});
 }
+/**
+* GitHub-specific webhook entity → chat clustering (Phase 0).
+*
+* Each `(organization, human_agent, delegate_agent, entity)` tuple resolves to
+* exactly one chat. Future external sources (Linear, Slack, …) get their own
+* tables — their entity models differ enough that a generic table would slip
+* back into untyped jsonb.
+*
+* `bound_via` distinguishes the first-touch row (`direct`) from a row written
+* by the `Fixes #N` linker (`fixes_link`). Routing logic ignores the
+* distinction; it exists for audit and future strategy tweaks.
+*/
+const githubEntityChatMappings = pgTable("github_entity_chat_mappings", {
+	organizationId: text("organization_id").notNull().references(() => organizations.id),
+	humanAgentId: text("human_agent_id").notNull().references(() => agents.uuid, { onDelete: "cascade" }),
+	delegateAgentId: text("delegate_agent_id").notNull().references(() => agents.uuid, { onDelete: "cascade" }),
+	entityType: text("entity_type").notNull(),
+	entityKey: text("entity_key").notNull(),
+	chatId: text("chat_id").notNull().references(() => chats.id, { onDelete: "cascade" }),
+	boundAt: timestamp("bound_at", { withTimezone: true }).notNull().defaultNow(),
+	boundVia: text("bound_via").notNull()
+}, (table) => [primaryKey({ columns: [
+	table.organizationId,
+	table.humanAgentId,
+	table.delegateAgentId,
+	table.entityType,
+	table.entityKey
+] }), index("idx_github_entity_chat_mappings_chat").on(table.chatId)]);
+function evaluateDelegateTarget(target, sourceOrgId) {
+	if (!target) return "not_found";
+	if (target.organizationId !== sourceOrgId) return "cross_org";
+	if (target.status !== "active") return "inactive";
+	return "ok";
+}
+async function identifyActor(db, organizationId, actor, appSlug) {
+	if (actor.isBot && appSlug && actor.githubLogin.toLowerCase() === `${appSlug.toLowerCase()}[bot]`) return { kind: "our-app-bot" };
+	const [agentRow] = await db.select({ uuid: agents.uuid }).from(agents).where(and(eq(agents.organizationId, organizationId), eq(sql`lower(${agents.name})`, actor.githubLogin.toLowerCase()))).limit(1);
+	if (agentRow) return {
+		kind: "agent",
+		agentId: agentRow.uuid
+	};
+	return { kind: "external" };
+}
+/**
+* Compute the Stage 2 audience for a normalized event.
+*
+*   audience = subscribed ∪ involved
+*
+* `subscribed` reads every `(human, delegate)` row already bound to
+* `(org, entity)` in `github_entity_chat_mappings`. `involved` walks
+* `event.involves` and for each login that resolves to an org-local
+* `delegate_mention`-configured agent whose target is eligible AND isn't
+* already subscribed, appends a `new` row.
+*
+* Echo filtering runs after the union: when the actor maps to an agent in
+* this org, rows where the actor is either the human or the delegate side
+* are dropped so the agent's own action doesn't bounce back. When the actor
+* is our App's bot user (DP13), the whole audience is suppressed.
+*/
+async function resolveAudience(db, event, appSlug) {
+	const organizationId = event.source.organizationId;
+	const subscribed = (await db.select({
+		humanAgentId: githubEntityChatMappings.humanAgentId,
+		delegateAgentId: githubEntityChatMappings.delegateAgentId,
+		chatId: githubEntityChatMappings.chatId
+	}).from(githubEntityChatMappings).where(and(eq(githubEntityChatMappings.organizationId, organizationId), eq(githubEntityChatMappings.entityType, event.entity.type), eq(githubEntityChatMappings.entityKey, event.entity.key)))).map((row) => ({
+		humanAgentId: row.humanAgentId,
+		delegateAgentId: row.delegateAgentId,
+		kind: "existing",
+		chatId: row.chatId,
+		involveReason: null,
+		involveLogin: null
+	}));
+	const subscribedKeys = new Set(subscribed.map((s) => `${s.humanAgentId} ${s.delegateAgentId}`));
+	const involved = [];
+	if (event.involves.length > 0) {
+		const candidateLogins = event.involves.map((i) => i.githubLogin.toLowerCase());
+		const reasonByLogin = /* @__PURE__ */ new Map();
+		for (const i of event.involves) reasonByLogin.set(i.githubLogin.toLowerCase(), i.reason);
+		const candidates = await db.select({
+			id: agents.uuid,
+			name: agents.name,
+			delegateMention: agents.delegateMention,
+			status: agents.status
+		}).from(agents).where(and(eq(agents.organizationId, organizationId), isNotNull(agents.delegateMention), inArray(sql`lower(${agents.name})`, candidateLogins)));
+		const delegateIds = /* @__PURE__ */ new Set();
+		for (const c of candidates) if (c.delegateMention) delegateIds.add(c.delegateMention);
+		const delegateRows = delegateIds.size > 0 ? await db.select({
+			id: agents.uuid,
+			organizationId: agents.organizationId,
+			status: agents.status
+		}).from(agents).where(inArray(agents.uuid, [...delegateIds])) : [];
+		const delegateById = /* @__PURE__ */ new Map();
+		for (const row of delegateRows) delegateById.set(row.id, {
+			organizationId: row.organizationId,
+			status: row.status
+		});
+		for (const c of candidates) {
+			if (c.status !== "active" || !c.delegateMention || !c.name) continue;
+			if (evaluateDelegateTarget(delegateById.get(c.delegateMention), organizationId) !== "ok") continue;
+			const key = `${c.id} ${c.delegateMention}`;
+			if (subscribedKeys.has(key)) continue;
+			const candidateLogin = c.name.toLowerCase();
+			const reason = reasonByLogin.get(candidateLogin);
+			if (!reason) continue;
+			involved.push({
+				humanAgentId: c.id,
+				delegateAgentId: c.delegateMention,
+				kind: "new",
+				chatId: null,
+				involveReason: reason,
+				involveLogin: candidateLogin
+			});
+		}
+	}
+	const audience = [...subscribed, ...involved];
+	if (audience.length === 0) return audience;
+	const actor = await identifyActor(db, organizationId, event.actor, appSlug);
+	if (actor.kind === "our-app-bot") return [];
+	if (actor.kind === "agent") return audience.filter((a) => a.kind === "new" || a.humanAgentId !== actor.agentId && a.delegateAgentId !== actor.agentId);
+	return audience;
+}
 function isRecord(value) {
 	return typeof value === "object" && value !== null && !Array.isArray(value);
 }
@@ -18804,10 +19068,10 @@ function repoFullName(payload) {
 	const repo = isRecord(payload.repository) ? payload.repository : null;
 	return typeof repo?.full_name === "string" && repo.full_name.length > 0 ? repo.full_name : null;
 }
-function readNumber(value) {
+function readNumber$1(value) {
 	return typeof value === "number" && Number.isFinite(value) ? value : null;
 }
-function readString(value) {
+function readString$1(value) {
 	return typeof value === "string" && value.length > 0 ? value : null;
 }
 /**
@@ -18828,51 +19092,68 @@ function extractEventEntity(eventType, payload) {
 	const repo = repoFullName(payload);
 	if (!repo) return null;
 	switch (eventType) {
-		case "issues":
+		case "issues": {
+			const issue = isRecord(payload.issue) ? payload.issue : null;
+			const number = readNumber$1(issue?.number);
+			if (number === null) return null;
+			return {
+				type: "issue",
+				key: `${repo}#${number}`,
+				title: readString$1(issue?.title) ?? void 0,
+				url: readString$1(issue?.html_url) ?? void 0
+			};
+		}
 		case "issue_comment": {
 			const issue = isRecord(payload.issue) ? payload.issue : null;
-			const number = readNumber(issue?.number);
+			const number = readNumber$1(issue?.number);
 			if (number === null) return null;
+			const prInfo = isRecord(issue?.pull_request) ? issue.pull_request : null;
+			if (prInfo) return {
+				type: "pull_request",
+				key: `${repo}#${number}`,
+				title: readString$1(issue?.title) ?? void 0,
+				url: readString$1(prInfo.html_url) ?? readString$1(issue?.html_url) ?? void 0
+			};
 			return {
 				type: "issue",
 				key: `${repo}#${number}`,
-				title: readString(issue?.title) ?? void 0,
-				url: readString(issue?.html_url) ?? void 0
+				title: readString$1(issue?.title) ?? void 0,
+				url: readString$1(issue?.html_url) ?? void 0
 			};
 		}
 		case "pull_request":
 		case "pull_request_review":
 		case "pull_request_review_comment": {
 			const pr = isRecord(payload.pull_request) ? payload.pull_request : null;
-			const number = readNumber(pr?.number);
+			const number = readNumber$1(pr?.number);
 			if (number === null) return null;
 			return {
 				type: "pull_request",
 				key: `${repo}#${number}`,
-				title: readString(pr?.title) ?? void 0,
-				url: readString(pr?.html_url) ?? void 0
+				title: readString$1(pr?.title) ?? void 0,
+				url: readString$1(pr?.html_url) ?? void 0
 			};
 		}
 		case "discussion":
 		case "discussion_comment": {
 			const disc = isRecord(payload.discussion) ? payload.discussion : null;
-			const number = readNumber(disc?.number);
+			const number = readNumber$1(disc?.number);
 			if (number === null) return null;
 			return {
 				type: "discussion",
 				key: `${repo}#discussion-${number}`,
-				title: readString(disc?.title) ?? void 0,
-				url: readString(disc?.html_url) ?? void 0
+				title: readString$1(disc?.title) ?? void 0,
+				url: readString$1(disc?.html_url) ?? void 0
 			};
 		}
 		case "commit_comment": {
 			const comment = isRecord(payload.comment) ? payload.comment : null;
-			const sha = readString(comment?.commit_id);
+			const sha = readString$1(comment?.commit_id);
 			if (!sha) return null;
 			return {
 				type: "commit",
 				key: `${repo}@${sha}`,
-				url: readString(comment?.html_url) ?? void 0
+				url: readString$1(comment?.html_url) ?? void 0
 			};
 		}
 		default: return null;
@@ -18959,92 +19240,6 @@ function formatEntityTitle(entity, eventType, action) {
 	if (entity.title && entity.title.length > 0) return `${head}: ${entity.title}`;
 	return head;
 }
-const SILENT_EVENT_TYPES = new Set([
-	"workflow_run",
-	"workflow_job",
-	"check_run",
-	"check_suite",
-	"status",
-	"push",
-	"create",
-	"delete",
-	"fork",
-	"watch",
-	"release",
-	"label",
-	"label_created",
-	"label_deleted",
-	"reaction",
-	"member",
-	"membership",
-	"team",
-	"team_add",
-	"organization",
-	"org_block",
-	"project",
-	"project_card",
-	"project_column"
-]);
-/**
-* Per-event-type action-level filters. Frequent low-signal actions that would
-* otherwise spam an entity chat. `synchronize` (PR branch push) is the most
-* common offender — it fires on every commit push to a PR branch and never
-* carries new conversation.
-*/
-const SILENT_ACTIONS = {
-	issues: new Set([
-		"labeled",
-		"unlabeled",
-		"milestoned",
-		"demilestoned",
-		"pinned",
-		"unpinned"
-	]),
-	pull_request: new Set([
-		"labeled",
-		"unlabeled",
-		"auto_merge_enabled",
-		"auto_merge_disabled",
-		"synchronize"
-	])
-};
-/** True iff the event should be silently 200-OKed without further routing. */
-function shouldSilent(eventType, payload) {
-	if (SILENT_EVENT_TYPES.has(eventType)) return true;
-	if (!isRecord(payload)) return false;
-	if (readString((isRecord(payload.sender) ? payload.sender : null)?.type) === "Bot") return true;
-	const action = readString(payload.action);
-	if (!action) return false;
-	return SILENT_ACTIONS[eventType]?.has(action) ?? false;
-}
-/**
-* GitHub-specific webhook entity → chat clustering (Phase 0).
-*
-* Each `(organization, human_agent, delegate_agent, entity)` tuple resolves to
-* exactly one chat. Future external sources (Linear, Slack, …) get their own
-* tables — their entity models differ enough that a generic table would slip
-* back into untyped jsonb.
-*
-* `bound_via` distinguishes the first-touch row (`direct`) from a row written
-* by the `Fixes #N` linker (`fixes_link`). Routing logic ignores the
-* distinction; it exists for audit and future strategy tweaks.
-*/
-const githubEntityChatMappings = pgTable("github_entity_chat_mappings", {
-	organizationId: text("organization_id").notNull().references(() => organizations.id),
-	humanAgentId: text("human_agent_id").notNull().references(() => agents.uuid, { onDelete: "cascade" }),
-	delegateAgentId: text("delegate_agent_id").notNull().references(() => agents.uuid, { onDelete: "cascade" }),
-	entityType: text("entity_type").notNull(),
-	entityKey: text("entity_key").notNull(),
-	chatId: text("chat_id").notNull().references(() => chats.id, { onDelete: "cascade" }),
-	boundAt: timestamp("bound_at", { withTimezone: true }).notNull().defaultNow(),
-	boundVia: text("bound_via").notNull()
-}, (table) => [primaryKey({ columns: [
-	table.organizationId,
-	table.humanAgentId,
-	table.delegateAgentId,
-	table.entityType,
-	table.entityKey
-] }), index("idx_github_entity_chat_mappings_chat").on(table.chatId)]);
 /**
 * Resolve which chat a GitHub event for (human, delegate, entity) belongs to.
 *
@@ -19162,160 +19357,693 @@ async function createEntityChat(db, humanAgentId, delegateAgentId, entity, event
 		metadata
 	})).id };
 }
-const log$1 = createLogger$1("GithubWebhook");
-function verifySignature(secret, rawBody, signatureHeader) {
-	const expected = `sha256=${createHmac("sha256", secret).update(rawBody).digest("hex")}`;
-	const expectedBuf = Buffer.from(expected, "utf8");
-	const receivedBuf = Buffer.from(signatureHeader, "utf8");
-	if (expectedBuf.length !== receivedBuf.length || !timingSafeEqual(expectedBuf, receivedBuf)) throw new UnauthorizedError("Invalid webhook signature");
+const log$2 = createLogger$1("GithubDelivery");
+/**
+* Stage 3 — actually emit one card per audience target.
+*
+* `existing` targets carry their chatId and short-circuit straight to the
+* send. `new` targets go through `resolveTargetChat` which performs the
+* §4.4 direct / fixes_link / fresh-chat lookup and writes the mapping row.
+* Each target's row is delivered + dispatched independently so a single
+* failure (e.g. cross-org rejection on chat creation) doesn't poison the
+* whole audience — the loop logs and continues.
+*
+* The card `reason` is `subscribed` for existing rows and the new target's
+* `involveReason` for involved rows; the surface event payload is the same
+* either way.
+*/
+async function deliverNormalizedEvent(app, event, audience) {
+	const stats = {
+		delivered: 0,
+		newChats: 0
+	};
+	for (const target of audience) try {
+		const resolved = await resolveChatFor(app, event, target);
+		if (resolved.created) stats.newChats += 1;
+		const card = buildCard(event, target);
+		const mentionedUser = card.mentionedUser ?? void 0;
+		const { message, recipients } = await sendMessage(app.db, resolved.chatId, target.humanAgentId, {
+			format: "card",
+			content: card,
+			metadata: {
+				source: "github",
+				event: event.rawEventType,
+				action: event.rawAction,
+				entityType: event.entity.type,
+				entityKey: event.entity.key,
+				reason: card.reason,
+				...mentionedUser ? { mentionedUser } : {}
+			}
+		});
+		notifyRecipients(app.notifier, recipients, message.id);
+		stats.delivered += 1;
+	} catch (err) {
+		log$2.error({
+			err,
+			humanAgent: target.humanAgentId,
+			delegateAgent: target.delegateAgentId,
+			entityType: event.entity.type,
+			entityKey: event.entity.key
+		}, "failed to deliver normalized github event to target");
+	}
+	return stats;
 }
-/** Extract unique @mentions from text. Returns lowercase usernames.
-* Excludes email patterns (user@example.com) and team mentions (@org/team). */
-function extractMentions$1(text) {
+async function resolveChatFor(app, event, target) {
+	if (target.kind === "existing") {
+		if (!target.chatId) throw new Error("audience target kind=existing must carry chatId");
+		return {
+			chatId: target.chatId,
+			created: false
+		};
+	}
+	const entity = {
+		type: event.entity.type,
+		key: event.entity.key,
+		title: event.entity.title,
+		url: event.entity.url
+	};
+	const relatedEntities = event.relatedRefs.map((ref) => ({
+		type: "issue",
+		key: ref.key
+	}));
+	const resolved = await resolveTargetChat(app.db, {
+		organizationId: event.source.organizationId,
+		humanAgentId: target.humanAgentId,
+		delegateAgentId: target.delegateAgentId,
+		entity,
+		relatedEntities,
+		eventType: event.rawEventType,
+		action: event.rawAction ?? ""
+	});
+	return {
+		chatId: resolved.chatId,
+		created: resolved.created
+	};
+}
+function buildCard(event, target) {
+	const card = {
+		type: "github_event",
+		reason: target.kind === "existing" ? "subscribed" : target.involveReason ?? "mentioned",
+		event: event.rawEventType,
+		action: event.rawAction,
+		kind: event.kind,
+		repository: event.entity.repo,
+		sender: event.actor.githubLogin,
+		title: event.surface.title,
+		body: event.surface.body,
+		url: event.surface.url,
+		entity: {
+			type: event.entity.type,
+			key: event.entity.key,
+			url: event.entity.url ?? null
+		}
+	};
+	if (target.involveLogin) card.mentionedUser = target.involveLogin;
+	return card;
+}
+const MENTION_REGEX$1 = /(?<!\w)@([a-zA-Z0-9][\w-]*)(\/)?/g;
+/** Lower-cased unique @mention logins from free-form text. Skips team
+* mentions (`@org/team`) to match the agent-name lookup downstream
+* (`agents.name` doesn't carry slashes). */
+function extractMentions$1(text) {
 	if (!text) return [];
-	const re = /(?<!\w)@([a-zA-Z0-9][\w-]*)(\/)?/g;
 	const names = /* @__PURE__ */ new Set();
-	for (const m of text.matchAll(re)) {
+	for (const m of text.matchAll(MENTION_REGEX$1)) {
 		if (m[2]) continue;
-		names.add(m[1].toLowerCase());
+		const login = m[1];
+		if (!login) continue;
+		names.add(login.toLowerCase());
 	}
 	return [...names];
 }
-/** Extract mentions from structural payload fields (not free-form text).
-* GitHub's `pull_request.review_requested` puts the targeted reviewer in
-* `requested_reviewer.login`, not in any text body — `extractMentions` would
-* miss it. Team requests use `requested_team` instead, which we deliberately
-* skip to stay consistent with `extractMentions` ignoring `@org/team`. */
-function extractStructuralMentions(eventType, payload) {
-	if (!isRecord(payload)) return [];
-	if (eventType !== "pull_request") return [];
-	if (payload.action !== "review_requested") return [];
-	const reviewer = isRecord(payload.requested_reviewer) ? payload.requested_reviewer : null;
-	const login = typeof reviewer?.login === "string" ? reviewer.login : null;
-	return login ? [login.toLowerCase()] : [];
-}
-const DELEGATE_VERDICT_MESSAGES = {
-	ok: "delegate_mention target eligible",
-	not_found: "delegate_mention target not found, skipping",
-	cross_org: "delegate_mention target belongs to another org, skipping",
-	inactive: "delegate_mention target not active, skipping"
-};
-function evaluateDelegateTarget(target, sourceOrgId) {
-	if (!target) return "not_found";
-	if (target.organizationId !== sourceOrgId) return "cross_org";
-	if (target.status !== "active") return "inactive";
-	return "ok";
+function readString(value) {
+	return typeof value === "string" && value.length > 0 ? value : null;
+}
+function readNumber(value) {
+	return typeof value === "number" && Number.isFinite(value) ? value : null;
+}
+function readStringArray(value) {
+	if (!Array.isArray(value)) return [];
+	const out = [];
+	for (const item of value) if (isRecord(item)) {
+		const login = readString(item.login);
+		if (login) out.push(login.toLowerCase());
+	}
+	return out;
+}
+function buildInvolves(items) {
+	const seen = /* @__PURE__ */ new Set();
+	const out = [];
+	for (const group of items) for (const login of group.logins) {
+		const key = login.toLowerCase();
+		if (seen.has(key)) continue;
+		seen.add(key);
+		out.push({
+			githubLogin: key,
+			reason: group.reason
+		});
+	}
+	return out;
+}
+function entitySurfacePrefix(entity) {
+	switch (entity.type) {
+		case "pull_request": return "PR";
+		case "issue": return "Issue";
+		case "discussion": return "Discussion";
+		case "commit": return "Commit";
+	}
+}
+function entitySurfaceTitle(entity, number) {
+	const prefix = entitySurfacePrefix(entity);
+	const head = number !== null ? `${prefix} #${number}` : prefix;
+	return entity.title ? `${head}: ${entity.title}` : head;
 }
 /**
-* Route @mentions to delegate agents.
+* Stage 1 — pure normalization. Returns the structured event for downstream
+* audience + delivery, or `null` for events we deliberately drop (silent /
+* out-of-scope event types and actions, malformed payloads, …).
 *
-* For each mentioned GitHub user who maps to an agent with `delegate_mention`
-* configured, resolve which chat the event belongs to (via §4.4's
-* entity-clustering rules) and post a card from the human-bound agent to its
-* delegate.
-*
-* The entity argument is the §4.2 entity for the current event; `relatedRefs`
-* is the parsed `Fixes #N` list (empty for non-PR events). Both are
-* pre-computed by the caller so the heavy parsing doesn't run once per
-* mention.
+* Pure function: no DB, no chat, no network. Caller is expected to hand the
+* raw payload, the wire event type from `x-github-event`, and the source +
+* deliveryId already resolved by the route handler.
 */
-async function routeMentionDelegations(app, organizationId, mentionedNames, ctx, entity, relatedRefs) {
-	if (mentionedNames.length === 0) return 0;
-	const delegates = await app.db.select({
-		id: agents.uuid,
-		name: agents.name,
-		delegateMention: agents.delegateMention,
-		status: agents.status
-	}).from(agents).where(and(eq(agents.organizationId, organizationId), inArray(agents.name, mentionedNames), isNotNull(agents.delegateMention)));
-	let routed = 0;
-	for (const agent of delegates) {
-		if (agent.status !== "active" || !agent.delegateMention) continue;
-		const [target] = await app.db.select({
-			id: agents.uuid,
-			status: agents.status,
-			organizationId: agents.organizationId
-		}).from(agents).where(eq(agents.uuid, agent.delegateMention)).limit(1);
-		const verdict = evaluateDelegateTarget(target, organizationId);
-		if (verdict !== "ok") {
-			log$1.warn({
-				targetAgent: agent.delegateMention,
-				sourceAgent: agent.name,
-				sourceOrg: organizationId,
-				targetOrg: target?.organizationId,
-				targetStatus: target?.status,
-				verdict
-			}, DELEGATE_VERDICT_MESSAGES[verdict]);
-			continue;
+function normalizeGithubEvent(eventType, payload, source, deliveryId) {
+	if (!isRecord(payload)) return null;
+	const senderRec = isRecord(payload.sender) ? payload.sender : null;
+	const senderLogin = readString(senderRec?.login);
+	if (!senderLogin) return null;
+	const senderIsBot = readString(senderRec?.type) === "Bot";
+	const repo = readString((isRecord(payload.repository) ? payload.repository : null)?.full_name);
+	if (!repo) return null;
+	const action = readString(payload.action);
+	const rule = buildRule(eventType, action, payload, repo);
+	if (!rule) return null;
+	return {
+		source,
+		deliveryId,
+		rawEventType: eventType,
+		rawAction: action,
+		entity: {
+			type: rule.entity.type,
+			repo,
+			key: rule.entity.key,
+			title: rule.entity.title,
+			url: rule.entity.url
+		},
+		actor: {
+			githubLogin: senderLogin,
+			isBot: senderIsBot
+		},
+		kind: rule.kind,
+		involves: rule.involves,
+		surface: rule.surface,
+		relatedRefs: rule.relatedRefs
+	};
+}
+function buildRule(eventType, action, payload, repo) {
+	switch (eventType) {
+		case "pull_request": return buildPullRequestRule(action, payload, repo);
+		case "pull_request_review": return buildPullRequestReviewRule(action, payload);
+		case "pull_request_review_comment": return buildPullRequestReviewCommentRule(action, payload);
+		case "issue_comment": return buildIssueCommentRule(action, payload);
+		case "issues": return buildIssuesRule(action, payload);
+		case "discussion": return buildDiscussionRule(action, payload);
+		case "discussion_comment": return buildDiscussionCommentRule(action, payload);
+		case "commit_comment": return buildCommitCommentRule(action, payload);
+		default: return null;
+	}
+}
+function buildPullRequestRule(action, payload, repo) {
+	const pr = isRecord(payload.pull_request) ? payload.pull_request : null;
+	if (!pr) return null;
+	const entity = extractEventEntity("pull_request", payload);
+	if (!entity) return null;
+	const number = readNumber(pr.number);
+	const body = readString(pr.body) ?? "";
+	const surface = {
+		title: entitySurfaceTitle(entity, number),
+		body,
+		url: readString(pr.html_url) ?? ""
+	};
+	switch (action) {
+		case "opened": {
+			const assigneeLogins = readStringArray(pr.assignees);
+			const mentionLogins = extractMentions$1(body);
+			return {
+				entity,
+				kind: "opened",
+				involves: buildInvolves([{
+					logins: assigneeLogins,
+					reason: "assigned"
+				}, {
+					logins: mentionLogins,
+					reason: "mentioned"
+				}]),
+				surface,
+				relatedRefs: parseFixesRefs(body, repo).map((ref) => ({
+					type: "issue",
+					key: ref.key
+				}))
+			};
 		}
-		try {
-			const resolved = await resolveTargetChat(app.db, {
-				organizationId,
-				humanAgentId: agent.id,
-				delegateAgentId: agent.delegateMention,
+		case "edited": return {
+			entity,
+			kind: "edited",
+			involves: buildInvolves([{
+				logins: extractMentions$1(body),
+				reason: "mentioned"
+			}]),
+			surface,
+			relatedRefs: []
+		};
+		case "review_requested": {
+			const reviewerLogin = readString((isRecord(payload.requested_reviewer) ? payload.requested_reviewer : null)?.login);
+			return {
 				entity,
-				relatedEntities: relatedRefs,
-				eventType: ctx.event,
-				action: ctx.action ?? ""
-			});
-			log$1.info({
-				chatId: resolved.chatId,
-				entityType: entity.type,
-				entityKey: entity.key,
-				boundVia: resolved.boundVia,
-				created: resolved.created,
-				humanAgent: agent.name
-			}, "resolved entity chat");
-			const { message: msg, recipients } = await sendMessage(app.db, resolved.chatId, agent.id, {
-				format: "card",
-				content: {
-					type: "github_mention",
-					mentionedUser: agent.name,
-					event: ctx.event,
-					action: ctx.action,
-					repository: ctx.repository,
-					sender: ctx.sender,
-					title: ctx.title,
-					body: ctx.body,
-					url: ctx.url,
-					entity: {
-						type: entity.type,
-						key: entity.key,
-						url: entity.url ?? null
-					}
+				kind: "review_requested",
+				involves: buildInvolves([{
+					logins: reviewerLogin ? [reviewerLogin.toLowerCase()] : [],
+					reason: "review_requested"
+				}]),
+				surface,
+				relatedRefs: []
+			};
+		}
+		case "ready_for_review": {
+			const reviewerLogins = readStringArray(pr.requested_reviewers);
+			if (reviewerLogins.length === 0) return null;
+			return {
+				entity,
+				kind: "review_requested",
+				involves: buildInvolves([{
+					logins: reviewerLogins,
+					reason: "review_requested"
+				}]),
+				surface,
+				relatedRefs: []
+			};
+		}
+		case "assigned": {
+			const assigneeLogin = readString((isRecord(payload.assignee) ? payload.assignee : null)?.login);
+			if (!assigneeLogin) return null;
+			return {
+				entity,
+				kind: "assigned",
+				involves: buildInvolves([{
+					logins: [assigneeLogin.toLowerCase()],
+					reason: "assigned"
+				}]),
+				surface,
+				relatedRefs: []
+			};
+		}
+		case "synchronize": return {
+			entity,
+			kind: "synchronized",
+			involves: [],
+			surface,
+			relatedRefs: []
+		};
+		default: return null;
+	}
+}
+function buildPullRequestReviewRule(action, payload) {
+	if (action !== "submitted" && action !== "dismissed" && action !== "edited") return null;
+	const pr = isRecord(payload.pull_request) ? payload.pull_request : null;
+	const review = isRecord(payload.review) ? payload.review : null;
+	if (!pr || !review) return null;
+	const entity = extractEventEntity("pull_request_review", payload);
+	if (!entity) return null;
+	const number = readNumber(pr.number);
+	const body = readString(review.body) ?? "";
+	return {
+		entity,
+		kind: "reviewed",
+		involves: buildInvolves([{
+			logins: extractMentions$1(body),
+			reason: "mentioned"
+		}]),
+		surface: {
+			title: entitySurfaceTitle(entity, number),
+			body,
+			url: readString(review.html_url) ?? ""
+		},
+		relatedRefs: []
+	};
+}
+function buildPullRequestReviewCommentRule(action, payload) {
+	if (action !== "created" && action !== "edited") return null;
+	const pr = isRecord(payload.pull_request) ? payload.pull_request : null;
+	const comment = isRecord(payload.comment) ? payload.comment : null;
+	if (!pr || !comment) return null;
+	const entity = extractEventEntity("pull_request_review_comment", payload);
+	if (!entity) return null;
+	const number = readNumber(pr.number);
+	const body = readString(comment.body) ?? "";
+	return {
+		entity,
+		kind: "review_comment",
+		involves: buildInvolves([{
+			logins: extractMentions$1(body),
+			reason: "mentioned"
+		}]),
+		surface: {
+			title: entitySurfaceTitle(entity, number),
+			body,
+			url: readString(comment.html_url) ?? ""
+		},
+		relatedRefs: []
+	};
+}
+function buildIssueCommentRule(action, payload) {
+	if (action !== "created" && action !== "edited") return null;
+	const issue = isRecord(payload.issue) ? payload.issue : null;
+	const comment = isRecord(payload.comment) ? payload.comment : null;
+	if (!issue || !comment) return null;
+	const entity = extractEventEntity("issue_comment", payload);
+	if (!entity) return null;
+	const number = readNumber(issue.number);
+	const body = readString(comment.body) ?? "";
+	return {
+		entity,
+		kind: "commented",
+		involves: buildInvolves([{
+			logins: extractMentions$1(body),
+			reason: "mentioned"
+		}]),
+		surface: {
+			title: entitySurfaceTitle(entity, number),
+			body,
+			url: readString(comment.html_url) ?? ""
+		},
+		relatedRefs: []
+	};
+}
+function buildIssuesRule(action, payload) {
+	const issue = isRecord(payload.issue) ? payload.issue : null;
+	if (!issue) return null;
+	const entity = extractEventEntity("issues", payload);
+	if (!entity) return null;
+	const number = readNumber(issue.number);
+	const body = readString(issue.body) ?? "";
+	const url = readString(issue.html_url) ?? "";
+	const title = entitySurfaceTitle(entity, number);
+	switch (action) {
+		case "opened": {
+			const assigneeLogins = readStringArray(issue.assignees);
+			const mentionLogins = extractMentions$1(body);
+			return {
+				entity,
+				kind: "opened",
+				involves: buildInvolves([{
+					logins: assigneeLogins,
+					reason: "assigned"
+				}, {
+					logins: mentionLogins,
+					reason: "mentioned"
+				}]),
+				surface: {
+					title,
+					body,
+					url
 				},
-				metadata: {
-					source: "github",
-					event: "mention_delegation",
-					mentionedUser: agent.name,
-					action: ctx.action,
-					entityType: entity.type,
-					entityKey: entity.key
-				}
-			});
-			notifyRecipients(app.notifier, recipients, msg.id);
-			routed++;
-		} catch (err) {
-			log$1.error({
-				err,
-				sourceAgent: agent.name,
-				targetAgent: agent.delegateMention
-			}, "failed to route mention delegation");
+				relatedRefs: []
+			};
+		}
+		case "edited": return {
+			entity,
+			kind: "edited",
+			involves: buildInvolves([{
+				logins: extractMentions$1(body),
+				reason: "mentioned"
+			}]),
+			surface: {
+				title,
+				body,
+				url
+			},
+			relatedRefs: []
+		};
+		case "assigned": {
+			const login = readString((isRecord(payload.assignee) ? payload.assignee : null)?.login);
+			if (!login) return null;
+			return {
+				entity,
+				kind: "assigned",
+				involves: buildInvolves([{
+					logins: [login.toLowerCase()],
+					reason: "assigned"
+				}]),
+				surface: {
+					title,
+					body,
+					url
+				},
+				relatedRefs: []
+			};
 		}
+		case "closed": return {
+			entity,
+			kind: "closed",
+			involves: [],
+			surface: {
+				title,
+				body,
+				url
+			},
+			relatedRefs: []
+		};
+		case "reopened": return {
+			entity,
+			kind: "reopened",
+			involves: [],
+			surface: {
+				title,
+				body,
+				url
+			},
+			relatedRefs: []
+		};
+		default: return null;
 	}
-	return routed;
 }
-async function githubWebhookRoutes(app) {
+function buildDiscussionRule(action, payload) {
+	const disc = isRecord(payload.discussion) ? payload.discussion : null;
+	if (!disc) return null;
+	const entity = extractEventEntity("discussion", payload);
+	if (!entity) return null;
+	const number = readNumber(disc.number);
+	const body = readString(disc.body) ?? "";
+	const url = readString(disc.html_url) ?? "";
+	const title = entitySurfaceTitle(entity, number);
+	switch (action) {
+		case "created": return {
+			entity,
+			kind: "opened",
+			involves: buildInvolves([{
+				logins: extractMentions$1(body),
+				reason: "mentioned"
+			}]),
+			surface: {
+				title,
+				body,
+				url
+			},
+			relatedRefs: []
+		};
+		case "edited": return {
+			entity,
+			kind: "edited",
+			involves: buildInvolves([{
+				logins: extractMentions$1(body),
+				reason: "mentioned"
+			}]),
+			surface: {
+				title,
+				body,
+				url
+			},
+			relatedRefs: []
+		};
+		case "closed": return {
+			entity,
+			kind: "closed",
+			involves: [],
+			surface: {
+				title,
+				body,
+				url
+			},
+			relatedRefs: []
+		};
+		case "reopened": return {
+			entity,
+			kind: "reopened",
+			involves: [],
+			surface: {
+				title,
+				body,
+				url
+			},
+			relatedRefs: []
+		};
+		case "answered":
+		case "unanswered": return {
+			entity,
+			kind: "other",
+			involves: [],
+			surface: {
+				title,
+				body,
+				url
+			},
+			relatedRefs: []
+		};
+		default: return null;
+	}
+}
+function buildDiscussionCommentRule(action, payload) {
+	if (action !== "created" && action !== "edited") return null;
+	const disc = isRecord(payload.discussion) ? payload.discussion : null;
+	const comment = isRecord(payload.comment) ? payload.comment : null;
+	if (!disc || !comment) return null;
+	const entity = extractEventEntity("discussion_comment", payload);
+	if (!entity) return null;
+	const number = readNumber(disc.number);
+	const body = readString(comment.body) ?? "";
+	return {
+		entity,
+		kind: "commented",
+		involves: buildInvolves([{
+			logins: extractMentions$1(body),
+			reason: "mentioned"
+		}]),
+		surface: {
+			title: entitySurfaceTitle(entity, number),
+			body,
+			url: readString(comment.html_url) ?? ""
+		},
+		relatedRefs: []
+	};
+}
+function buildCommitCommentRule(action, payload) {
+	if (action !== "created") return null;
+	const comment = isRecord(payload.comment) ? payload.comment : null;
+	if (!comment) return null;
+	const entity = extractEventEntity("commit_comment", payload);
+	if (!entity) return null;
+	const body = readString(comment.body) ?? "";
+	return {
+		entity,
+		kind: "commit_commented",
+		involves: buildInvolves([{
+			logins: extractMentions$1(body),
+			reason: "mentioned"
+		}]),
+		surface: {
+			title: entitySurfaceTitle(entity, null),
+			body,
+			url: readString(comment.html_url) ?? ""
+		},
+		relatedRefs: []
+	};
+}
+const log$1 = createLogger$1("GithubAppWebhook");
+function verifySignature(secret, rawBody, signatureHeader) {
+	const expected = `sha256=${createHmac("sha256", secret).update(rawBody).digest("hex")}`;
+	const expectedBuf = Buffer.from(expected, "utf8");
+	const receivedBuf = Buffer.from(signatureHeader, "utf8");
+	if (expectedBuf.length !== receivedBuf.length || !timingSafeEqual(expectedBuf, receivedBuf)) throw new UnauthorizedError("Invalid webhook signature");
+}
+function readInstallationId(payload) {
+	if (!isRecord(payload)) return null;
+	const id = (isRecord(payload.installation) ? payload.installation : null)?.id;
+	return typeof id === "number" && Number.isFinite(id) ? id : null;
+}
+function parseInstallationMetadata(installation) {
+	const id = installation.id;
+	if (typeof id !== "number" || !Number.isFinite(id)) return null;
+	const account = isRecord(installation.account) ? installation.account : null;
+	if (!account) return null;
+	const accountId = account.id;
+	const accountLogin = account.login;
+	const accountType = account.type;
+	if (typeof accountId !== "number" || typeof accountLogin !== "string") return null;
+	if (accountType !== "User" && accountType !== "Organization") return null;
+	const permissionsParsed = githubAppInstallationPermissionsSchema$1.safeParse(installation.permissions);
+	return {
+		id,
+		accountType,
+		accountLogin,
+		accountGithubId: accountId,
+		permissions: permissionsParsed.success ? permissionsParsed.data : {},
+		events: Array.isArray(installation.events) ? installation.events.filter((e) => typeof e === "string") : [],
+		suspendedAt: typeof installation.suspended_at === "string" ? installation.suspended_at : null
+	};
+}
+async function handleInstallationLifecycle(app, eventType, payload) {
+	if (!isRecord(payload)) return "ignored:malformed";
+	if (eventType === "installation_repositories") return "noop";
+	const action = typeof payload.action === "string" ? payload.action : null;
+	const installation = isRecord(payload.installation) ? payload.installation : null;
+	const installationId = installation && typeof installation.id === "number" ? installation.id : null;
+	if (!installation || installationId === null) return "ignored:malformed";
+	switch (action) {
+		case "created":
+		case "new_permissions_accepted": {
+			const metadata = parseInstallationMetadata(installation);
+			if (!metadata) return "ignored:malformed";
+			await upsertInstallationFromMetadata(app.db, { installation: metadata });
+			return action;
+		}
+		case "deleted":
+			await deleteInstallationByGithubId(app.db, installationId);
+			return "deleted";
+		case "suspend": {
+			const suspendedAtRaw = installation.suspended_at;
+			const suspendedAt = typeof suspendedAtRaw === "string" ? new Date(suspendedAtRaw) : /* @__PURE__ */ new Date();
+			await markInstallationSuspended(app.db, installationId, suspendedAt);
+			return "suspended";
+		}
+		case "unsuspend":
+			await markInstallationUnsuspended(app.db, installationId, /* @__PURE__ */ new Date());
+			return "unsuspended";
+		default: return "ignored:unknown-action";
+	}
+}
+/**
+* GitHub App webhook ingestion — single SaaS-wide endpoint. Replaces the
+* legacy `/webhooks/github/:orgId` per-org endpoint. Wiring:
+*
+*   1. HMAC verify (server-level App webhook secret, NOT per-org)
+*   2. ping → 200 fast-path
+*   3. installation / installation_repositories → lifecycle handler, NOT
+*      the normalize pipeline (these events shouldn't fan out as cards)
+*   4. other events → installation.id → hub_organization_id reverse-lookup,
+*      then Stage 1 normalize → claimEvent → Stage 2 audience → Stage 3
+*      deliver. unclaimEvent on handler failure so GitHub's retry has a
+*      chance to clear.
+*
+* Routes return 200 for "ignored" cases (no installation context, not
+* bound, suspended, duplicate delivery) so GitHub doesn't accumulate
+* retries for events the operator can't act on.
+*/
+async function githubAppWebhookRoutes(app) {
 	app.addContentTypeParser("application/json", { parseAs: "buffer" }, (_request, body, done) => {
 		done(null, body);
 	});
-	const webhookMax = app.config.rateLimit?.webhookMax ?? 60;
-	app.post("/github/:orgId", { config: { rateLimit: {
+	const appConfig = app.config.oauth?.githubApp;
+	if (!appConfig?.webhookSecret) {
+		app.post("/github-app", async (_request, reply) => reply.status(501).send({ error: "GitHub App webhook is not configured for this Hub deployment." }));
+		return;
+	}
+	const webhookSecret = appConfig.webhookSecret;
+	const appSlug = appConfig.slug ?? null;
+	const webhookMax = app.config.rateLimit?.webhookMax ?? 600;
+	app.post("/github-app", { config: { rateLimit: {
 		max: webhookMax,
 		timeWindow: "1 minute"
 	} } }, async (request, reply) => {
-		const { orgId } = request.params;
-		const webhookSecret = await getDecryptedGithubWebhookSecret(app.db, orgId, app.config.secrets.encryptionKey);
-		if (!webhookSecret) return reply.status(501).send({ error: "GitHub webhook is not configured for this organization. An admin must set the webhook secret in Team settings." });
 		const rawBody = request.body;
 		if (!Buffer.isBuffer(rawBody)) throw new BadRequestError("Expected raw body buffer");
 		const signatureHeader = request.headers["x-hub-signature-256"];
@@ -19333,19 +20061,73 @@ async function githubWebhookRoutes(app) {
 			ok: true,
 			event: "ping"
 		});
-		if (shouldSilent(eventType, payload)) return reply.status(200).send({
+		if (eventType === "installation" || eventType === "installation_repositories") {
+			const lifecycle = await handleInstallationLifecycle(app, eventType, payload);
+			return reply.status(200).send({
+				ok: true,
+				event: eventType,
+				lifecycle
+			});
+		}
+		const installationId = readInstallationId(payload);
+		if (installationId === null) return reply.status(200).send({
+			ok: true,
+			event: eventType,
+			ignored: "no installation context"
+		});
+		const installation = await findInstallationByGithubId(app.db, installationId);
+		if (!installation) {
+			log$1.warn({
+				installationId,
+				eventType
+			}, "installation not seen, skipping");
+			return reply.status(200).send({
+				ok: true,
+				event: eventType,
+				ignored: "installation not seen"
+			});
+		}
+		if (!installation.hubOrganizationId) {
+			log$1.warn({
+				installationId,
+				eventType
+			}, "installation not bound to any hub org, skipping");
+			return reply.status(200).send({
+				ok: true,
+				event: eventType,
+				ignored: "installation not bound"
+			});
+		}
+		if (installation.suspendedAt !== null) return reply.status(200).send({
 			ok: true,
 			event: eventType,
-			silent: true
+			ignored: "suspended"
 		});
+		const source = {
+			kind: "github-app-installation",
+			installationId,
+			organizationId: installation.hubOrganizationId
+		};
 		const deliveryHeader = request.headers["x-github-delivery"];
 		const deliveryId = typeof deliveryHeader === "string" && deliveryHeader.length > 0 ? deliveryHeader : null;
+		const event = normalizeGithubEvent(eventType, payload, source, deliveryId);
+		if (!event) {
+			log$1.debug({
+				eventType,
+				action: isRecord(payload) ? payload.action : null
+			}, "Stage 1 returned null");
+			return reply.status(200).send({
+				ok: true,
+				event: eventType,
+				handled: false
+			});
+		}
 		if (deliveryId) {
 			if (!await claimEvent(app.db, deliveryId, "github")) {
 				log$1.info({
 					deliveryId,
 					eventType
-				}, "duplicate GitHub delivery, skipping");
+				}, "duplicate delivery, skipping");
 				return reply.status(200).send({
 					ok: true,
 					event: eventType,
@@ -19354,217 +20136,36 @@ async function githubWebhookRoutes(app) {
 			}
 		}
 		try {
-			const action = isRecord(payload) && typeof payload.action === "string" ? payload.action : void 0;
-			const allowedActions = MENTION_ACTIONS[eventType];
-			if (!allowedActions || !action || !allowedActions.includes(action)) return reply.status(200).send({
-				ok: true,
-				event: eventType,
-				handled: false
-			});
-			const mentionsRouted = await handleMentionDelegation(app, orgId, eventType, payload);
+			const audience = await resolveAudience(app.db, event, appSlug);
+			if (audience.length === 0) {
+				log$1.info({
+					entityType: event.entity.type,
+					entityKey: event.entity.key,
+					actor: event.actor.githubLogin
+				}, "audience empty, skipping");
+				return reply.status(200).send({
+					ok: true,
+					event: eventType,
+					audience: 0
+				});
+			}
+			const stats = await deliverNormalizedEvent(app, event, audience);
 			return reply.status(200).send({
 				ok: true,
 				event: eventType,
-				mentionsRouted
+				...stats
 			});
 		} catch (err) {
 			if (deliveryId) await unclaimEvent(app.db, deliveryId, "github").catch((unclaimErr) => {
 				log$1.error({
 					err: unclaimErr,
 					deliveryId
-				}, "failed to unclaim GitHub delivery after handler error");
+				}, "failed to unclaim delivery after handler error");
 			});
 			throw err;
 		}
 	});
 }
-/** Extract text body from any GitHub webhook event for @mention scanning. */
-function extractEventText(eventType, payload) {
-	if (!isRecord(payload)) return null;
-	switch (eventType) {
-		case "issues": {
-			const issue = isRecord(payload.issue) ? payload.issue : null;
-			return typeof issue?.body === "string" ? issue.body : null;
-		}
-		case "issue_comment":
-		case "pull_request_review_comment":
-		case "commit_comment":
-		case "discussion_comment": {
-			const comment = isRecord(payload.comment) ? payload.comment : null;
-			return typeof comment?.body === "string" ? comment.body : null;
-		}
-		case "pull_request": {
-			const pr = isRecord(payload.pull_request) ? payload.pull_request : null;
-			return typeof pr?.body === "string" ? pr.body : null;
-		}
-		case "pull_request_review": {
-			const review = isRecord(payload.review) ? payload.review : null;
-			return typeof review?.body === "string" ? review.body : null;
-		}
-		case "discussion": {
-			const disc = isRecord(payload.discussion) ? payload.discussion : null;
-			return typeof disc?.body === "string" ? disc.body : null;
-		}
-		default: return null;
-	}
-}
-/** Extract context info from any GitHub webhook event for delegation messages. */
-function extractEventContext(eventType, payload) {
-	if (!isRecord(payload)) return null;
-	const repo = isRecord(payload.repository) ? payload.repository : null;
-	const sender = isRecord(payload.sender) ? payload.sender : null;
-	const repository = typeof repo?.full_name === "string" ? repo.full_name : "";
-	const senderLogin = typeof sender?.login === "string" ? sender.login : "";
-	const action = typeof payload.action === "string" ? payload.action : void 0;
-	switch (eventType) {
-		case "issues": {
-			const issue = isRecord(payload.issue) ? payload.issue : null;
-			if (!issue) return null;
-			return {
-				event: "issues",
-				action,
-				repository,
-				sender: senderLogin,
-				title: `Issue #${issue.number}: ${issue.title}`,
-				body: typeof issue.body === "string" ? issue.body : "",
-				url: typeof issue.html_url === "string" ? issue.html_url : ""
-			};
-		}
-		case "issue_comment": {
-			const issue = isRecord(payload.issue) ? payload.issue : null;
-			const comment = isRecord(payload.comment) ? payload.comment : null;
-			if (!issue || !comment) return null;
-			return {
-				event: "issue_comment",
-				action,
-				repository,
-				sender: senderLogin,
-				title: `Issue #${issue.number}: ${issue.title}`,
-				body: typeof comment.body === "string" ? comment.body : "",
-				url: typeof comment.html_url === "string" ? comment.html_url : ""
-			};
-		}
-		case "pull_request": {
-			const pr = isRecord(payload.pull_request) ? payload.pull_request : null;
-			if (!pr) return null;
-			return {
-				event: "pull_request",
-				action,
-				repository,
-				sender: senderLogin,
-				title: `PR #${pr.number}: ${pr.title}`,
-				body: typeof pr.body === "string" ? pr.body : "",
-				url: typeof pr.html_url === "string" ? pr.html_url : ""
-			};
-		}
-		case "pull_request_review": {
-			const pr = isRecord(payload.pull_request) ? payload.pull_request : null;
-			const review = isRecord(payload.review) ? payload.review : null;
-			if (!pr || !review) return null;
-			return {
-				event: "pull_request_review",
-				action,
-				repository,
-				sender: senderLogin,
-				title: `PR #${pr.number}: ${pr.title}`,
-				body: typeof review.body === "string" ? review.body : "",
-				url: typeof review.html_url === "string" ? review.html_url : ""
-			};
-		}
-		case "pull_request_review_comment": {
-			const pr = isRecord(payload.pull_request) ? payload.pull_request : null;
-			const comment = isRecord(payload.comment) ? payload.comment : null;
-			if (!pr || !comment) return null;
-			return {
-				event: "pull_request_review_comment",
-				action,
-				repository,
-				sender: senderLogin,
-				title: `PR #${pr.number}: ${pr.title}`,
-				body: typeof comment.body === "string" ? comment.body : "",
-				url: typeof comment.html_url === "string" ? comment.html_url : ""
-			};
-		}
-		case "discussion": {
-			const disc = isRecord(payload.discussion) ? payload.discussion : null;
-			if (!disc) return null;
-			return {
-				event: "discussion",
-				action,
-				repository,
-				sender: senderLogin,
-				title: typeof disc.title === "string" ? disc.title : "",
-				body: typeof disc.body === "string" ? disc.body : "",
-				url: typeof disc.html_url === "string" ? disc.html_url : ""
-			};
-		}
-		case "discussion_comment": {
-			const disc = isRecord(payload.discussion) ? payload.discussion : null;
-			const comment = isRecord(payload.comment) ? payload.comment : null;
-			if (!disc || !comment) return null;
-			return {
-				event: "discussion_comment",
-				action,
-				repository,
-				sender: senderLogin,
-				title: typeof disc.title === "string" ? disc.title : "",
-				body: typeof comment.body === "string" ? comment.body : "",
-				url: typeof comment.html_url === "string" ? comment.html_url : ""
-			};
-		}
-		case "commit_comment": {
-			const comment = isRecord(payload.comment) ? payload.comment : null;
-			if (!comment) return null;
-			return {
-				event: "commit_comment",
-				action,
-				repository,
-				sender: senderLogin,
-				title: "Commit comment",
-				body: typeof comment.body === "string" ? comment.body : "",
-				url: typeof comment.html_url === "string" ? comment.html_url : ""
-			};
-		}
-		default: return null;
-	}
-}
-/**
-* Run mention delegation for a given event type and payload.
-* Only called after action gating confirms this is a "new content" event.
-*/
-async function handleMentionDelegation(app, organizationId, eventType, payload) {
-	const textMentions = extractMentions$1(extractEventText(eventType, payload));
-	const structuralMentions = extractStructuralMentions(eventType, payload);
-	const mentions = [...new Set([...textMentions, ...structuralMentions])];
-	if (mentions.length === 0) return 0;
-	const ctx = extractEventContext(eventType, payload);
-	if (!ctx) return 0;
-	const entity = extractEventEntity(eventType, payload);
-	if (!entity) {
-		log$1.warn({ eventType }, "mention extracted but no entity resolvable; skipping fan-out");
-		return 0;
-	}
-	return routeMentionDelegations(app, organizationId, mentions, ctx, entity, eventType === "pull_request" && ctx.repository.length > 0 ? parseFixesRefs(ctx.body, ctx.repository) : []);
-}
-/** Actions that represent new/changed content (worth scanning for @mentions).
-* Note: `pull_request.review_requested` doesn't carry an @mention in any
-* text body — the reviewer is in `requested_reviewer.login`. We pick it up
-* via `extractStructuralMentions`. The complementary `review_request_removed`
-* is intentionally omitted to avoid notifying the reviewer twice. */
-const MENTION_ACTIONS = {
-	issues: ["opened", "edited"],
-	issue_comment: ["created"],
-	pull_request: [
-		"opened",
-		"edited",
-		"review_requested"
-	],
-	pull_request_review: ["submitted"],
-	pull_request_review_comment: ["created"],
-	discussion: ["created", "edited"],
-	discussion_comment: ["created"],
-	commit_comment: ["created"]
-};
 /**
 * Boot-time configuration sanity checks. Called from `buildApp` so BOTH
 * server entry points are covered:
@@ -21019,6 +21620,12 @@ async function buildApp(config) {
 		...sslOptions(config.database.url)
 	});
 	const notifier = createNotifier(listenClient);
+	registerCrossInstanceBroadcaster((payload) => {
+		notifier.notifyAdminBroadcast(payload).catch(() => {});
+	});
+	notifier.onAdminBroadcast((payload) => {
+		broadcastToAdmins(payload);
+	});
 	await app.register(websocket, { options: { maxPayload: config.ws?.maxPayload ?? 65536 } });
 	const corsOrigin = config.cors?.origin;
 	const isDev = process.env.NODE_ENV !== "production";
@@ -21098,7 +21705,7 @@ async function buildApp(config) {
 	await app.register(healthzRoutes);
 	await app.register(namePlugin("apiV1Scope", async (api) => {
 		await api.register(healthRoutes);
-		await api.register(githubWebhookRoutes, { prefix: "/webhooks" });
+		await api.register(githubAppWebhookRoutes, { prefix: "/webhooks" });
 		await api.register(authRoutes, { prefix: "/auth" });
 		await api.register(githubOauthRoutes, { prefix: "/auth/github" });
 		await api.register(publicInvitationRoutes, { prefix: "/invitations" });