@agent-team-foundation/first-tree-hub 0.3.5 → 0.5.0

package/dist/{core-CHL_dgzu.mjs → core-jjk1xFW_.mjs}

@@ -1,4 +1,4 @@
-import { S as setConfigValue, a as getGitHubUsername, b as resolveConfigReadonly, c as DEFAULT_CONFIG_DIR, d as agentConfigSchema, f as clientConfigSchema, g as loadAgents, h as initConfig, p as collectMissingPrompts, r as checkBootstrapStatus, s as resolveServerUrl, t as bootstrapToken$1, u as DEFAULT_HOME_DIR$1, x as serverConfigSchema } from "./bootstrap-mhkpeOEc.mjs";
+import { S as setConfigValue, a as getGitHubUsername, b as resolveConfigReadonly, c as DEFAULT_CONFIG_DIR, d as agentConfigSchema, f as clientConfigSchema, g as loadAgents, h as initConfig, p as collectMissingPrompts, s as resolveServerUrl, t as bootstrapToken$1, u as DEFAULT_HOME_DIR$1, x as serverConfigSchema } from "./bootstrap-BU_7B03u.mjs";
 import { copyFileSync, existsSync, mkdirSync, readFileSync, readdirSync, renameSync, rmSync, statSync, writeFileSync } from "node:fs";
 import { dirname, join, resolve } from "node:path";
 import { EventEmitter } from "node:events";
@@ -45,18 +45,19 @@ var FirstTreeHubSDK = class {
 	async register() {
 		const agent = await this.requestJson("/api/v1/agent/me");
 		return {
-			agentId: agent.id,
+			agentId: agent.uuid,
 			inboxId: agent.inboxId,
 			status: agent.status,
 			displayName: agent.displayName,
 			type: agent.type,
 			delegateMention: agent.delegateMention ?? null,
+			profile: agent.profile ?? null,
 			metadata: agent.metadata ?? {}
 		};
 	}
-	/** Fetch Context Tree configuration from the server. */
+	/** Fetch Context Tree configuration from the server (public endpoint). */
 	async getContextTreeConfig() {
-		return this.requestJson("/api/v1/agent/context-tree");
+		return this.requestJson("/api/v1/context-tree/info");
 	}
 	/** Fetch pending inbox entries. */
 	async pull(limit = 10) {
@@ -78,8 +79,8 @@ var FirstTreeHubSDK = class {
 		});
 	}
 	/** Send a direct message to another agent. */
-	async sendToAgent(agentId, data) {
-		return this.requestJson(`/api/v1/agent/agents/${agentId}/messages`, {
+	async sendToAgent(agentName, data) {
+		return this.requestJson(`/api/v1/agent/agents/${agentName}/messages`, {
 			method: "POST",
 			body: JSON.stringify(data)
 		});
@@ -433,27 +434,23 @@ defineConfig({
 			secret: true
 		})
 	},
-	contextTree: {
+	contextTree: optional({
 		repo: field(z.string(), {
 			env: "FIRST_TREE_HUB_CONTEXT_TREE_REPO",
 			prompt: { message: "Context Tree repo URL (e.g. https://github.com/org/first-tree):" }
 		}),
-		branch: field(z.string().default("main")),
-		syncInterval: field(z.number().default(60))
-	},
+		branch: field(z.string().default("main"))
+	}),
 	github: {
-		token: field(z.string(), {
+		token: field(z.string().optional(), {
 			env: "FIRST_TREE_HUB_GITHUB_TOKEN",
-			secret: true,
-			prompt: {
-				message: "GitHub token (create at https://github.com/settings/tokens → repo scope):",
-				type: "password"
-			}
+			secret: true
 		}),
 		webhookSecret: field(z.string().optional(), {
 			env: "FIRST_TREE_HUB_GITHUB_WEBHOOK_SECRET",
 			secret: true
-		})
+		}),
+		allowedOrg: field(z.string().optional(), { env: "FIRST_TREE_HUB_GITHUB_ALLOWED_ORG" })
 	},
 	cors: optional({ origin: field(z.string(), { env: "FIRST_TREE_HUB_CORS_ORIGIN" }) }),
 	rateLimit: optional({
@@ -497,14 +494,13 @@ function bootstrapWorkspace(options) {
 		contextTreePath
 	};
 	writeFileSync(join(agentDir, "identity.json"), JSON.stringify(identityData, null, 2), "utf-8");
+	if (identity.profile) writeFileSync(join(contextDir, "self.md"), identity.profile, "utf-8");
 	if (contextTreePath) {
-		const selfNodePath = join(contextTreePath, "members", identity.agentId, "NODE.md");
-		if (existsSync(selfNodePath)) copyFileSync(selfNodePath, join(contextDir, "self.md"));
 		const agentMdPath = join(contextTreePath, "AGENT.md");
 		if (existsSync(agentMdPath)) copyFileSync(agentMdPath, join(contextDir, "agent-instructions.md"));
 		const rootNodePath = join(contextTreePath, "NODE.md");
 		if (existsSync(rootNodePath)) copyFileSync(rootNodePath, join(contextDir, "domain-map.md"));
-	} else writeFileSync(join(contextDir, "degraded.md"), "Context Tree is not available for this session.\nOrganizational context, domain structure, and ownership information are not loaded.\n", "utf-8");
+	}
 	writeFileSync(join(agentDir, "tools.md"), generateToolsDoc(), "utf-8");
 }
 function generateToolsDoc() {
@@ -842,10 +838,9 @@ const createClaudeCodeHandler = (config) => {
 /**
 * Generate a CLAUDE.md file from .agent/ bootstrap data.
 *
-* Layered Bootstrap:
-*   Layer 1 (always): Agent identity + member profile + AGENT.md operating instructions
-*   Layer 2 (if available): Organization domain map from root NODE.md
-*   Layer 3 (on-demand): Agent reads specific domain nodes via contextTreePath
+* Layer 1 (always): Agent identity + profile (from Hub)
+* Layer 2 (if Context Tree configured): Operating instructions + domain map
+* Layer 3 (if Context Tree configured): Context Tree location for on-demand reading
 */
 function generateClaudeMd(workspacePath, identity, contextTreePath) {
 	const sections = [];
@@ -857,25 +852,18 @@ function generateClaudeMd(workspacePath, identity, contextTreePath) {
 	if (existsSync(selfMdPath)) {
 		const selfContent = readFileSync(selfMdPath, "utf-8");
 		sections.push(`## Your Profile\n\n${selfContent}\n`);
-	} else sections.push("## Your Profile\n\nNo member profile available. Your responsibilities are not loaded from the Context Tree.\n");
+	}
 	const agentInstructionsPath = join(contextDir, "agent-instructions.md");
 	if (existsSync(agentInstructionsPath)) {
 		const instructions = readFileSync(agentInstructionsPath, "utf-8");
-		sections.push(`## Context Tree Operating Instructions\n\n${instructions}\n`);
-	} else sections.push("## Context Tree Operating Instructions\n\nContext Tree instructions unavailable. Organizational context is not loaded for this session.\n");
+		sections.push(`## Operating Instructions\n\n${instructions}\n`);
+	}
 	const domainMapPath = join(contextDir, "domain-map.md");
 	if (existsSync(domainMapPath)) {
 		const domainMap = readFileSync(domainMapPath, "utf-8");
 		sections.push(`## Organization Domain Map\n\n${domainMap}\n`);
 	}
 	if (contextTreePath) sections.push(`## Context Tree Location\n\nThe full Context Tree is available at: \`${contextTreePath}\`\n\nRead specific domain nodes as needed following the operating instructions above.\n`);
-	else {
-		const degradedPath = join(contextDir, "degraded.md");
-		if (existsSync(degradedPath)) {
-			const degradedMsg = readFileSync(degradedPath, "utf-8");
-			sections.push(`## Context Tree Location\n\nWARNING: ${degradedMsg}\nYou can still use the SDK tools below, but you lack organizational context for decisions.\n`);
-		}
-	}
 	const toolsPath = join(workspacePath, ".agent", "tools.md");
 	if (existsSync(toolsPath)) {
 		const toolsContent = readFileSync(toolsPath, "utf-8");
@@ -1299,6 +1287,7 @@ var AgentSlot = class {
 				displayName: agent.displayName,
 				type: agent.type,
 				delegateMention: agent.delegateMention,
+				profile: agent.profile,
 				metadata: agent.metadata
 			},
 			sdk: this.connection.sdk,
@@ -2058,14 +2047,32 @@ async function onboardCheck(args) {
 				key: "server_reachable",
 				label: "Server reachable",
 				status: res.ok ? "ok" : "error",
-				value: res.ok ? "yes" : `HTTP ${res.status}`
+				value: res.ok ? "healthy" : `HTTP ${res.status}`
 			});
+			if (res.ok) try {
+				const configRes = await fetch(`${serverUrl}/api/v1/bootstrap/config`);
+				if (configRes.ok) {
+					const config = await configRes.json();
+					if (config.allowedOrg) items.push({
+						key: "allowed_org",
+						label: "GitHub org",
+						status: "ok",
+						value: config.allowedOrg
+					});
+					else items.push({
+						key: "allowed_org",
+						label: "GitHub org",
+						status: "error",
+						hint: "FIRST_TREE_HUB_GITHUB_ALLOWED_ORG not configured on server"
+					});
+				}
+			} catch {}
 		} catch {
 			items.push({
 				key: "server_reachable",
 				label: "Server reachable",
 				status: "error",
-				value: "no"
+				hint: "Cannot connect to server"
 			});
 		}
 	} catch {
@@ -2073,126 +2080,32 @@ async function onboardCheck(args) {
 			key: "server",
 			label: "Server URL",
 			status: "missing_required",
-			hint: "--server <url> or FIRST_TREE_HUB_SERVER"
+			hint: "Provide via --server, FIRST_TREE_HUB_SERVER, or config"
 		});
 	}
-	const repoPath = await resolveContextTreeRepo(args.server);
-	if (repoPath) items.push({
-		key: "repo",
-		label: "Context Tree repo",
-		status: "ok",
-		value: repoPath
-	});
-	else {
-		const serverAvailable = items.some((i) => i.key === "server" && i.status === "ok");
-		items.push({
-			key: "repo",
-			label: "Context Tree repo",
-			status: "missing_required",
-			hint: serverAvailable ? "auto-clone failed (check server Context Tree config and gh auth)" : "configure --server first (repo will be auto-cloned from server)"
-		});
-	}
-	items.push(args.id ? {
+	if (args.id) items.push({
 		key: "id",
-		label: "id",
+		label: "Agent ID",
 		status: "ok",
 		value: args.id
-	} : {
+	});
+	else items.push({
 		key: "id",
-		label: "id",
+		label: "Agent ID",
 		status: "missing_required",
-		hint: "Member directory name"
+		hint: "Provide via --id"
 	});
-	items.push(args.type ? {
+	if (args.type) items.push({
 		key: "type",
-		label: "type",
+		label: "Agent type",
 		status: "ok",
 		value: args.type
-	} : {
-		key: "type",
-		label: "type",
-		status: "missing_required",
-		hint: "human | personal_assistant | autonomous_agent"
 	});
-	items.push(args.role ? {
-		key: "role",
-		label: "role",
-		status: "ok",
-		value: args.role
-	} : {
-		key: "role",
-		label: "role",
-		status: "missing_required",
-		hint: "e.g. \"Engineer\""
-	});
-	items.push(args.domains ? {
-		key: "domains",
-		label: "domains",
-		status: "ok",
-		value: args.domains
-	} : {
-		key: "domains",
-		label: "domains",
-		status: "missing_required",
-		hint: "Comma-separated, e.g. \"backend,infra\""
-	});
-	items.push(args.displayName ? {
-		key: "display_name",
-		label: "display-name",
-		status: "ok",
-		value: args.displayName
-	} : {
-		key: "display_name",
-		label: "display-name",
-		status: "missing_optional",
-		hint: `defaults to "${args.id ?? ""}"`
-	});
-	if (args.type === "human") items.push(args.assistant ? {
-		key: "assistant",
-		label: "assistant",
-		status: "ok",
-		value: args.assistant
-	} : {
-		key: "assistant",
-		label: "assistant",
-		status: "missing_optional",
-		hint: "Also create a personal_assistant"
-	});
-	if (args.type !== "human" || args.assistant) items.push(args.feishuBotAppId ? {
-		key: "feishu_bot",
-		label: "feishu-bot-app-id",
-		status: "ok",
-		value: args.feishuBotAppId
-	} : {
-		key: "feishu_bot",
-		label: "feishu-bot-app-id",
-		status: "missing_optional",
-		hint: "Feishu bot App ID"
-	});
-	if (args.id && repoPath) if (existsSync(join(repoPath, "members", args.id))) try {
-		execSync(`git ls-files --error-unmatch members/${args.id}/NODE.md`, {
-			cwd: repoPath,
-			stdio: "pipe"
-		});
-		items.push({
-			key: "conflict",
-			label: `ID "${args.id}" availability`,
-			status: "warning",
-			value: "already exists (will overwrite)"
-		});
-	} catch {
-		items.push({
-			key: "conflict",
-			label: `ID "${args.id}" availability`,
-			status: "ok",
-			value: "resuming (local files from previous run)"
-		});
-	}
 	else items.push({
-		key: "conflict",
-		label: `ID "${args.id}" availability`,
-		status: "ok",
-		value: "available"
+		key: "type",
+		label: "Agent type",
+		status: "missing_required",
+		hint: "Provide via --type"
 	});
 	return items;
 }
@@ -2207,330 +2120,74 @@ function formatCheckReport(items) {
 	return lines.join("\n");
 }
 async function onboardCreate(args) {
-	const repoPath = await resolveContextTreeRepo(args.server);
-	if (!repoPath) throw new Error("Context Tree repo not available. Ensure --server is configured and the server is running.");
-	if (args.assistant && args.type !== "human") throw new Error(`--assistant is only valid for human agents, not ${args.type}`);
-	const ghUsername = getGitHubUsername();
-	const githubField = args.type === "human" ? ghUsername : null;
-	const humanNodePath = join(repoPath, "members", args.id, "NODE.md");
-	if (existsSync(humanNodePath) && isTrackedByGit(repoPath, join("members", args.id, "NODE.md"))) {
-		process.stderr.write(`Member "${args.id}" already exists, skipping NODE.md creation.\n`);
-		if (args.assistant) {
-			const existingContent = readFileSync(humanNodePath, "utf-8");
-			if (!existingContent.includes("delegate_mention")) {
-				writeFileSync(humanNodePath, existingContent.replace(/^(---\n[\s\S]*?)(---)/m, `$1delegate_mention: ${args.assistant}\n$2`));
-				process.stderr.write(`Updated delegate_mention → ${args.assistant}\n`);
-			}
-		}
-	} else createMemberNodeMd(repoPath, {
-		id: args.id,
-		type: args.type,
-		displayName: args.displayName ?? args.id,
-		role: args.role,
-		domains: args.domains.split(",").map((d) => d.trim()),
-		owner: ghUsername,
-		github: githubField,
-		delegateMention: args.assistant ?? args.delegateMention ?? null
-	});
-	if (args.assistant) if (existsSync(join(repoPath, "members", args.id, args.assistant, "NODE.md")) && isTrackedByGit(repoPath, join("members", args.id, args.assistant, "NODE.md"))) process.stderr.write(`Assistant "${args.assistant}" already exists, skipping.\n`);
-	else createMemberNodeMd(repoPath, {
-		parentPath: join("members", args.id),
-		id: args.assistant,
-		type: "personal_assistant",
-		displayName: args.assistant,
-		role: `Personal Assistant to ${args.id}`,
-		domains: ["message triage", "task coordination"],
-		owner: ghUsername,
-		github: null,
-		delegateMention: null
-	});
+	const serverUrl = resolveServerUrl(args.server).replace(/\/+$/, "");
+	getGitHubUsername();
+	process.stderr.write(`Bootstrapping agent "${args.id}"...\n`);
+	const metadata = {};
+	if (args.role) metadata.role = args.role;
+	if (args.domains) metadata.domains = args.domains.split(",").map((d) => d.trim());
+	let token;
 	try {
-		execSync("npx -y first-tree verify", {
-			cwd: repoPath,
-			stdio: "pipe"
-		});
+		token = (await bootstrapToken$1(serverUrl, args.id, {
+			saveTo: "agent",
+			type: args.type,
+			displayName: args.displayName ?? args.id,
+			profile: args.profile,
+			delegateMention: args.assistant ?? args.delegateMention,
+			metadata: Object.keys(metadata).length > 0 ? metadata : void 0
+		})).token;
 	} catch (err) {
-		const stderr = err instanceof Error && "stderr" in err ? err.stderr.toString() : "";
-		const stdout = err instanceof Error && "stdout" in err ? err.stdout.toString() : "";
-		const output = stderr || stdout || String(err);
-		if (output.includes("VERSION") || output.includes("AGENT.md") || output.includes("Root NODE.md")) throw new Error("Context Tree repo is not properly initialized.\nRun 'context-tree init' in the repo first, or see:\n  https://github.com/agent-team-foundation/first-tree\n\n" + output);
-		throw new Error(`Verification failed:\n${output}`);
-	}
-	const baseBranch = `onboard/${args.id}`;
-	let branch = baseBranch;
-	const branchExists = (name) => {
-		try {
-			execSync(`git rev-parse --verify ${name}`, {
-				cwd: repoPath,
-				stdio: "pipe"
-			});
-			return true;
-		} catch {
-			return false;
-		}
-	};
-	if (branchExists(branch)) branch = `${baseBranch}-${Date.now().toString(36)}`;
-	try {
-		execSync("git checkout main", {
-			cwd: repoPath,
-			stdio: "pipe"
-		});
-	} catch {
-		try {
-			execSync("git checkout master", {
-				cwd: repoPath,
-				stdio: "pipe"
-			});
-		} catch {}
-	}
-	execSync(`git checkout -b ${branch}`, {
-		cwd: repoPath,
-		stdio: "pipe"
-	});
-	execSync(`git add members/${args.id}`, {
-		cwd: repoPath,
-		stdio: "pipe"
-	});
-	execFileSync("git", [
-		"commit",
-		"-m",
-		args.assistant ? `feat: onboard ${args.id} + ${args.assistant}` : `feat: onboard ${args.id}`
-	], {
-		cwd: repoPath,
-		stdio: "pipe"
-	});
-	const pushToken = execSync("gh auth token", {
-		encoding: "utf-8",
-		stdio: "pipe"
-	}).trim();
-	const cleanRemote = execSync("git remote get-url origin", {
-		cwd: repoPath,
-		encoding: "utf-8",
-		stdio: "pipe"
-	}).trim();
-	execSync(`git remote set-url origin "${cleanRemote.replace("https://github.com/", `https://x-access-token:${pushToken}@github.com/`)}"`, {
-		cwd: repoPath,
-		stdio: "pipe"
-	});
-	try {
-		execSync(`git push -u origin ${branch}`, {
-			cwd: repoPath,
-			stdio: "pipe"
-		});
-	} finally {
-		execSync(`git remote set-url origin "${cleanRemote}"`, {
-			cwd: repoPath,
-			stdio: "pipe"
-		});
+		const msg = err instanceof Error ? err.message : String(err);
+		if (msg.includes("already has") || msg.includes("409")) throw new Error(`Agent "${args.id}" already has an active token.\nAsk an admin to revoke the existing token in the Web UI, then re-run onboard.`);
+		throw err;
 	}
-	const prOutput = execSync(`gh pr create --title "${args.assistant ? `Onboard ${args.id} + assistant` : `Onboard ${args.id}`}" --body "Automated onboard via first-tree-hub CLI"`, {
-		cwd: repoPath,
-		encoding: "utf-8"
-	}).trim();
-	const state = {
-		args,
-		branch,
-		prUrl: prOutput
-	};
-	mkdirSync(DEFAULT_HOME_DIR$1, { recursive: true });
-	writeFileSync(STATE_FILE, JSON.stringify(state, null, 2));
-	return { prUrl: prOutput };
-}
-async function onboardContinue(args) {
-	let state = null;
-	try {
-		state = JSON.parse(readFileSync(STATE_FILE, "utf-8"));
-	} catch {}
-	if (!state && !args.id) throw new Error("No onboard in progress. Run 'first-tree-hub onboard' first to start a new onboard.");
-	const mergedArgs = {
-		...state?.args,
-		...stripUndefined(args)
-	};
-	const serverUrl = resolveServerUrl(mergedArgs.server).replace(/\/+$/, "");
-	const agentToBootstrap = mergedArgs.assistant ?? mergedArgs.id;
-	if (!agentToBootstrap) throw new Error("Cannot determine which agent to bootstrap. Provide --id or run onboard first.");
-	if (!mergedArgs.id) throw new Error("Cannot determine member ID. Provide --id or run onboard first.");
-	process.stderr.write(`Waiting for agent "${agentToBootstrap}" to be synced...\n`);
-	let synced = false;
-	for (let i = 0; i < 30; i++) {
+	process.stderr.write(`Agent "${args.id}" ready.\n`);
+	if (args.assistant) {
+		process.stderr.write(`Bootstrapping assistant "${args.assistant}"...\n`);
 		try {
-			const status = await checkBootstrapStatus(serverUrl, agentToBootstrap);
-			if (status.exists && status.status === "active") {
-				synced = true;
-				break;
-			}
+			token = (await bootstrapToken$1(serverUrl, args.assistant, {
+				saveTo: "agent",
+				type: "personal_assistant",
+				displayName: args.assistant,
+				metadata: {
+					role: `Personal Assistant to ${args.id}`,
+					domains: ["message triage", "task coordination"]
+				}
+			})).token;
+			process.stderr.write(`Assistant "${args.assistant}" ready.\n`);
 		} catch (err) {
-			if (i === 0) process.stderr.write(`  (check failed: ${err instanceof Error ? err.message : String(err)})\n`);
+			const msg = err instanceof Error ? err.message : String(err);
+			process.stderr.write(`Warning: Failed to bootstrap assistant "${args.assistant}": ${msg}\n`);
 		}
-		await sleep(2e3);
-	}
-	if (!synced) throw new Error(`Agent "${agentToBootstrap}" not found after 60s. Trigger sync manually or wait for auto-sync.`);
-	process.stderr.write(`Bootstrapping token for "${agentToBootstrap}"...\n`);
-	let token;
-	try {
-		token = (await bootstrapToken$1(serverUrl, agentToBootstrap, { saveTo: "agent" })).token;
-	} catch (err) {
-		const msg = err instanceof Error ? err.message : String(err);
-		if (msg.includes("already has") || msg.includes("409")) throw new Error(`Agent "${agentToBootstrap}" already has an active token.\nAsk an admin to revoke the existing token in the Web UI, then re-run:
-  first-tree-hub onboard --continue`);
-		throw err;
 	}
+	const agentToBootstrap = args.assistant ?? args.id;
 	process.stderr.write(`Token saved to ${DEFAULT_HOME_DIR$1}/config/agents/${agentToBootstrap}/agent.yaml\n`);
-	if (mergedArgs.feishuBotAppId && mergedArgs.feishuBotAppSecret) {
+	if (args.feishuBotAppId && args.feishuBotAppSecret) {
 		const { bindFeishuBot } = await import("./feishu-Y4m2zFc3.mjs").then((n) => n.r);
 		process.stderr.write("Binding Feishu bot...\n");
-		await bindFeishuBot(serverUrl, token, mergedArgs.feishuBotAppId, mergedArgs.feishuBotAppSecret);
+		await bindFeishuBot(serverUrl, token, args.feishuBotAppId, args.feishuBotAppSecret);
 		process.stderr.write("Feishu bot bound.\n");
 	}
+	setConfigValue(join(DEFAULT_CONFIG_DIR, "client.yaml"), "server.url", serverUrl);
 	try {
 		const { unlinkSync } = await import("node:fs");
 		unlinkSync(STATE_FILE);
 	} catch {}
-	const typeLabel = mergedArgs.type === "human" ? "Human" : mergedArgs.type === "autonomous_agent" ? "Agent" : "Assistant";
+	const typeLabel = args.type === "human" ? "Human" : args.type === "autonomous_agent" ? "Agent" : "Assistant";
 	process.stderr.write("\n✅ Onboard complete!\n\n");
-	process.stderr.write(`  ${typeLabel}:${" ".repeat(Math.max(1, 10 - typeLabel.length))}${mergedArgs.id}\n`);
-	if (mergedArgs.assistant) process.stderr.write(`  Assistant: ${mergedArgs.assistant}\n`);
+	process.stderr.write(`  ${typeLabel}:${" ".repeat(Math.max(1, 10 - typeLabel.length))}${args.id}\n`);
+	if (args.assistant) process.stderr.write(`  Assistant: ${args.assistant}\n`);
 	process.stderr.write(`  Token:     ${DEFAULT_HOME_DIR$1}/config/agents/${agentToBootstrap}/agent.yaml\n`);
-	if (mergedArgs.feishuBotAppId) process.stderr.write(`  Feishu:    bot bound (${mergedArgs.feishuBotAppId})\n`);
-	setConfigValue(join(DEFAULT_CONFIG_DIR, "client.yaml"), "server.url", serverUrl);
-	if (mergedArgs.type === "human") {
+	if (args.feishuBotAppId) process.stderr.write(`  Feishu:    bot bound (${args.feishuBotAppId})\n`);
+	if (args.type === "human") {
 		process.stderr.write("\n  Next step — bind your Feishu account:\n");
-		process.stderr.write(`    Send this message to the bot in Feishu:  /bind ${mergedArgs.id}\n`);
-		if (!mergedArgs.feishuBotAppId) process.stderr.write("    (requires a Feishu bot to be configured in the system)\n");
+		process.stderr.write(`    Send this message to the bot in Feishu:  /bind ${args.id}\n`);
+		if (!args.feishuBotAppId) process.stderr.write("    (requires a Feishu bot to be configured in the system)\n");
 	}
 	process.stderr.write("\n  Start the agent:\n");
 	process.stderr.write("    first-tree-hub client start\n");
 	process.stderr.write("\n");
 }
-function createMemberNodeMd(repoPath, data) {
-	const memberDir = join(repoPath, data.parentPath ?? "members", data.id);
-	mkdirSync(memberDir, { recursive: true });
-	const domainsList = data.domains.map((d) => `  - "${d}"`).join("\n");
-	const githubLine = data.github ? `\ngithub: ${data.github}` : "";
-	const delegateLine = data.delegateMention && data.type === "human" ? `\ndelegate_mention: ${data.delegateMention}` : "";
-	const bodySections = data.type === "autonomous_agent" ? `## About
-
-## Capabilities
-
-## Current Focus
-` : `## About
-
-## Current Focus
-`;
-	const content = `---
-title: "${data.displayName}"
-owners: [${data.owner}]
-type: ${data.type}
-role: "${data.role}"
-domains:
-${domainsList}${githubLine}${delegateLine}
----
-
-# ${data.displayName}
-
-${bodySections}`;
-	writeFileSync(join(memberDir, "NODE.md"), content);
-}
-function isTrackedByGit(repoPath, filePath) {
-	try {
-		execSync(`git ls-files --error-unmatch ${filePath}`, {
-			cwd: repoPath,
-			stdio: "pipe"
-		});
-		return true;
-	} catch {
-		return false;
-	}
-}
-const CONTEXT_TREE_DIR = join(DEFAULT_HOME_DIR$1, "context-tree");
-/**
-* Resolve Context Tree to a **local path** at $FIRST_TREE_HUB_HOME/context-tree/.
-*
-* Repo URL is obtained from the Hub server. The local clone is always
-* managed in the standard location — no custom paths allowed.
-*/
-async function resolveContextTreeRepo(serverUrl) {
-	const repoUrl = await fetchRepoUrlFromServer(serverUrl);
-	if (!repoUrl) return null;
-	let ghToken;
-	try {
-		ghToken = execSync("gh auth token", {
-			encoding: "utf-8",
-			stdio: "pipe"
-		}).trim();
-	} catch {
-		return null;
-	}
-	const gitEnv = {
-		...process.env,
-		GIT_ASKPASS: "echo",
-		GIT_TERMINAL_PROMPT: "0",
-		GH_TOKEN: ghToken,
-		GITHUB_TOKEN: ghToken
-	};
-	const gitConfigArgs = `-c url."https://x-access-token:${ghToken}@github.com/".insteadOf="https://github.com/"`;
-	if (existsSync(join(CONTEXT_TREE_DIR, ".git"))) {
-		try {
-			if (execSync("git remote get-url origin", {
-				cwd: CONTEXT_TREE_DIR,
-				encoding: "utf-8",
-				stdio: "pipe"
-			}).trim().includes(repoUrl.replace(/^https?:\/\/github\.com\//, "").replace(/\.git$/, ""))) {
-				process.stderr.write("Updating Context Tree...\n");
-				execSync("git checkout main 2>/dev/null || git checkout master", {
-					cwd: CONTEXT_TREE_DIR,
-					stdio: "pipe"
-				});
-				try {
-					execSync(`git ${gitConfigArgs} pull --ff-only`, {
-						cwd: CONTEXT_TREE_DIR,
-						stdio: "pipe",
-						env: gitEnv
-					});
-				} catch {}
-				return CONTEXT_TREE_DIR;
-			}
-		} catch {}
-		const safePrefix = DEFAULT_HOME_DIR$1;
-		if (!CONTEXT_TREE_DIR.startsWith(safePrefix) || CONTEXT_TREE_DIR === safePrefix) throw new Error(`Refusing to delete unsafe path: ${CONTEXT_TREE_DIR}`);
-		execSync(`rm -rf ${CONTEXT_TREE_DIR}`);
-	}
-	try {
-		process.stderr.write(`Cloning Context Tree to ${CONTEXT_TREE_DIR}...\n`);
-		mkdirSync(DEFAULT_HOME_DIR$1, { recursive: true });
-		execSync(`git ${gitConfigArgs} clone ${repoUrl} ${CONTEXT_TREE_DIR}`, {
-			stdio: "pipe",
-			env: gitEnv
-		});
-		return CONTEXT_TREE_DIR;
-	} catch {
-		return null;
-	}
-}
-/** Query server for Context Tree repo URL. */
-async function fetchRepoUrlFromServer(serverUrl) {
-	if (!serverUrl) try {
-		serverUrl = resolveServerUrl();
-	} catch {
-		return null;
-	}
-	try {
-		const url = `${serverUrl.replace(/\/+$/, "")}/api/v1/context-tree/info`;
-		const res = await fetch(url, { signal: AbortSignal.timeout(5e3) });
-		if (!res.ok) return null;
-		return (await res.json()).repo ?? null;
-	} catch {
-		return null;
-	}
-}
-function sleep(ms) {
-	return new Promise((resolve) => setTimeout(resolve, ms));
-}
-function stripUndefined(obj) {
-	const result = {};
-	for (const [key, value] of Object.entries(obj)) if (value !== void 0) result[key] = value;
-	return result;
-}
 //#endregion
 //#region src/core/prompt.ts
 /**
@@ -2750,38 +2407,30 @@ const AGENT_STATUSES = {
 	DELETED: "deleted"
 };
 z.enum(["active", "suspended"]);
-z.object({
-	id: z.string().min(1).max(100).regex(/^[a-z0-9_-]+$/, "Only lowercase alphanumeric, hyphens, and underscores").optional(),
+const createAgentSchema = z.object({
+	name: z.string().min(1).max(100).regex(/^[a-z0-9_-]+$/, "Only lowercase alphanumeric, hyphens, and underscores").optional(),
 	type: agentTypeSchema,
 	displayName: z.string().max(200).optional(),
+	delegateMention: z.string().max(100).optional(),
+	profile: z.string().optional(),
 	organizationId: z.string().max(100).optional(),
 	metadata: z.record(z.string(), z.unknown()).optional()
 });
-z.object({
-	syncedAt: z.string(),
-	treePath: z.string(),
-	summary: z.object({
-		created: z.number(),
-		updated: z.number(),
-		suspended: z.number(),
-		unchanged: z.number(),
-		errors: z.number()
-	}),
-	created: z.array(z.string()),
-	updated: z.array(z.string()),
-	suspended: z.array(z.string()),
-	errors: z.array(z.object({
-		memberId: z.string(),
-		error: z.string()
-	}))
+const updateAgentSchema = z.object({
+	type: agentTypeSchema.optional(),
+	displayName: z.string().max(200).nullable().optional(),
+	delegateMention: z.string().max(100).nullable().optional(),
+	profile: z.string().nullable().optional(),
+	metadata: z.record(z.string(), z.unknown()).optional()
 });
 z.object({
-	id: z.string(),
+	uuid: z.string(),
+	name: z.string().nullable(),
 	organizationId: z.string(),
 	type: agentTypeSchema,
 	displayName: z.string().nullable(),
 	delegateMention: z.string().nullable(),
-	treePath: z.string().nullable(),
+	profile: z.string().nullable(),
 	inboxId: z.string(),
 	status: z.string(),
 	metadata: z.record(z.string(), z.unknown()),
@@ -2789,15 +2438,21 @@ z.object({
 	createdAt: z.string(),
 	updatedAt: z.string()
 });
-const bootstrapTokenRequestSchema = z.object({ name: z.string().max(100).optional() });
+const bootstrapTokenRequestSchema = z.object({
+	name: z.string().max(100).optional(),
+	type: agentTypeSchema.optional(),
+	displayName: z.string().max(200).optional(),
+	delegateMention: z.string().max(100).optional(),
+	profile: z.string().optional(),
+	metadata: z.record(z.string(), z.unknown()).optional()
+});
 z.object({
 	exists: z.boolean(),
 	status: z.enum(["active", "suspended"]).nullable()
 });
 z.object({
-	repo: z.string(),
-	branch: z.string(),
-	lastSync: z.string().nullable()
+	repo: z.string().nullable(),
+	branch: z.string().nullable()
 });
 const createAgentTokenSchema = z.object({
 	name: z.string().max(100).optional(),
@@ -2919,7 +2574,7 @@ const SYSTEM_CONFIG_DEFAULTS = {
 	[SYSTEM_CONFIG_KEYS.PRESENCE_CLEANUP_SECONDS]: 60
 };
 //#endregion
-//#region ../server/dist/app-CurdzcN2.mjs
+//#region ../server/dist/app-dUnTcJpC.mjs
 var __defProp = Object.defineProperty;
 var __exportAll = (all, no_symbols) => {
 	let target = {};
@@ -2932,24 +2587,25 @@ var __exportAll = (all, no_symbols) => {
 };
 /** Agent registration. Each agent owns a unique inboxId for message delivery. */
 const agents = pgTable("agents", {
-	id: text("id").primaryKey(),
+	uuid: text("uuid").primaryKey(),
+	name: text("name"),
 	organizationId: text("organization_id").notNull().default("default"),
 	type: text("type").notNull(),
 	displayName: text("display_name"),
 	delegateMention: text("delegate_mention"),
-	treePath: text("tree_path"),
+	profile: text("profile"),
 	inboxId: text("inbox_id").unique().notNull(),
 	status: text("status").notNull().default("active"),
 	metadata: jsonb("metadata").$type().notNull().default({}),
 	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow(),
 	updatedAt: timestamp("updated_at", { withTimezone: true }).notNull().defaultNow()
-}, (table) => [index("idx_agents_org").on(table.organizationId)]);
+}, (table) => [index("idx_agents_org").on(table.organizationId), unique("uq_agents_org_name").on(table.organizationId, table.name)]);
 /** Maps external user identities to internal Agents. */
 const adapterAgentMappings = pgTable("adapter_agent_mappings", {
 	id: serial("id").primaryKey(),
 	platform: text("platform").notNull(),
 	externalUserId: text("external_user_id").notNull(),
-	agentId: text("agent_id").notNull().references(() => agents.id),
+	agentId: text("agent_id").notNull().references(() => agents.uuid),
 	boundVia: text("bound_via"),
 	displayName: text("display_name"),
 	metadata: jsonb("metadata").$type().notNull().default({}),
@@ -3007,7 +2663,7 @@ const chats = pgTable("chats", {
 /** Chat participants (M:N). */
 const chatParticipants = pgTable("chat_participants", {
 	chatId: text("chat_id").notNull().references(() => chats.id, { onDelete: "cascade" }),
-	agentId: text("agent_id").notNull().references(() => agents.id),
+	agentId: text("agent_id").notNull().references(() => agents.uuid),
 	role: text("role").notNull().default("member"),
 	mode: text("mode").notNull().default("full"),
 	joinedAt: timestamp("joined_at", { withTimezone: true }).notNull().defaultNow()
@@ -3124,7 +2780,7 @@ async function findOrCreateChatForChannel(db, data) {
 	const chatId = randomUUID();
 	const internalType = data.chatType === "p2p" ? "direct" : "group";
 	return db.transaction(async (tx) => {
-		const [botAgent] = await tx.select({ organizationId: agents.organizationId }).from(agents).where(eq(agents.id, data.botAgentId)).limit(1);
+		const [botAgent] = await tx.select({ organizationId: agents.organizationId }).from(agents).where(eq(agents.uuid, data.botAgentId)).limit(1);
 		const orgId = botAgent?.organizationId ?? "default";
 		await tx.insert(chats).values({
 			id: chatId,
@@ -3207,10 +2863,10 @@ async function adminAdapterMappingRoutes(app) {
 	app.post("/", async (request, reply) => {
 		const body = createAdapterMappingSchema.parse(request.body);
 		const [agent] = await app.db.select({
-			id: agents.id,
+			id: agents.uuid,
 			type: agents.type,
 			status: agents.status
-		}).from(agents).where(eq(agents.id, body.agentId)).limit(1);
+		}).from(agents).where(eq(agents.uuid, body.agentId)).limit(1);
 		if (!agent || agent.status === "deleted") throw new NotFoundError(`Agent "${body.agentId}" not found`);
 		if (agent.type !== "human") throw new BadRequestError("User bindings can only be created for human agents");
 		const row = await createAgentMapping(app.db, {
@@ -3246,7 +2902,7 @@ async function adminAdapterStatusRoutes(app) {
 const adapterConfigs = pgTable("adapter_configs", {
 	id: serial("id").primaryKey(),
 	platform: text("platform").notNull(),
-	agentId: text("agent_id").notNull().references(() => agents.id),
+	agentId: text("agent_id").notNull().references(() => agents.uuid),
 	credentials: jsonb("credentials").$type().notNull(),
 	status: text("status").notNull().default("active"),
 	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow(),
@@ -3308,9 +2964,9 @@ function requireEncryptionKey(key) {
 }
 async function validateAgentId(db, agentId) {
 	const [agent] = await db.select({
-		id: agents.id,
+		id: agents.uuid,
 		type: agents.type
-	}).from(agents).where(and(eq(agents.id, agentId), ne(agents.status, "deleted"))).limit(1);
+	}).from(agents).where(and(eq(agents.uuid, agentId), ne(agents.status, "deleted"))).limit(1);
 	if (!agent) throw new NotFoundError(`Agent "${agentId}" not found`);
 	if (agent.type === "human") throw new BadRequestError("Adapter configs can only be bound to non-human agents");
 }
@@ -3423,292 +3079,9 @@ async function adminAdapterRoutes(app) {
 		return reply.status(204).send();
 	});
 }
-const GRAPHQL_URL = "https://api.github.com/graphql";
-const REST_API_URL = "https://api.github.com";
-/** Parse "owner/repo" or "https://github.com/owner/repo" into { owner, name }. */
-function parseRepo(input) {
-	const urlMatch = /github\.com\/([^/]+)\/([^/.]+)/.exec(input);
-	if (urlMatch) return {
-		owner: urlMatch[1] ?? "",
-		name: urlMatch[2] ?? ""
-	};
-	const parts = input.split("/");
-	return {
-		owner: parts[0] ?? "",
-		name: parts[1] ?? ""
-	};
-}
-/** Step 1: Get the tree OID of the members/ directory via GraphQL. */
-async function fetchMembersTreeOid(owner, name, branch, token) {
-	const query = `
-    query($owner: String!, $name: String!, $expr: String!) {
-      repository(owner: $owner, name: $name) {
-        object(expression: $expr) {
-          ... on Tree { oid }
-        }
-      }
-    }
-  `;
-	const res = await fetch(GRAPHQL_URL, {
-		method: "POST",
-		headers: {
-			Authorization: `Bearer ${token}`,
-			"Content-Type": "application/json"
-		},
-		body: JSON.stringify({
-			query,
-			variables: {
-				owner,
-				name,
-				expr: `${branch}:members`
-			}
-		})
-	});
-	if (!res.ok) throw new Error(`GitHub API returned ${res.status}: ${await res.text()}`);
-	const json = await res.json();
-	if (json.errors) throw new Error(`GitHub GraphQL errors: ${json.errors.map((e) => e.message).join(", ")}`);
-	return json.data?.repository?.object?.oid ?? null;
-}
-/** Step 2: Recursively list all entries under the members/ tree via REST API. */
-async function fetchRecursiveTree(owner, name, treeSha, token) {
-	const url = `${REST_API_URL}/repos/${owner}/${name}/git/trees/${treeSha}?recursive=1`;
-	const res = await fetch(url, { headers: {
-		Authorization: `Bearer ${token}`,
-		Accept: "application/vnd.github+json"
-	} });
-	if (!res.ok) throw new Error(`GitHub REST API returned ${res.status}: ${await res.text()}`);
-	const json = await res.json();
-	if (json.truncated) throw new Error("[context-tree-sync] GitHub REST tree API returned truncated response — members/ subtree is too large. Sync aborted to prevent incorrect agent suspension from partial data.");
-	return json.tree;
-}
-/**
-* Step 3: Batch-fetch NODE.md content for all member directories via GraphQL aliases.
-* Each alias fetches one NODE.md file by expression.
-*/
-async function batchFetchNodeMd(owner, name, branch, memberPaths, token) {
-	if (memberPaths.length === 0) return /* @__PURE__ */ new Map();
-	const query = `
-    query($owner: String!, $name: String!) {
-      repository(owner: $owner, name: $name) {
-        ${memberPaths.map((p, i) => {
-		const expr = `${branch}:members/${p}/NODE.md`;
-		return `m${i}: object(expression: ${JSON.stringify(expr)}) { ... on Blob { text } }`;
-	}).join("\n        ")}
-      }
-    }
-  `;
-	const res = await fetch(GRAPHQL_URL, {
-		method: "POST",
-		headers: {
-			Authorization: `Bearer ${token}`,
-			"Content-Type": "application/json"
-		},
-		body: JSON.stringify({
-			query,
-			variables: {
-				owner,
-				name
-			}
-		})
-	});
-	if (!res.ok) throw new Error(`GitHub API returned ${res.status}: ${await res.text()}`);
-	const json = await res.json();
-	if (json.errors) throw new Error(`GitHub GraphQL errors: ${json.errors.map((e) => e.message).join(", ")}`);
-	const repo = json.data?.repository ?? {};
-	const result = /* @__PURE__ */ new Map();
-	for (let i = 0; i < memberPaths.length; i++) {
-		const blob = repo[`m${i}`];
-		const path = memberPaths[i];
-		if (blob?.text && path) result.set(path, blob.text);
-	}
-	return result;
-}
-/**
-* Extract member directory paths from a recursive tree listing.
-* A directory is a member if it contains a NODE.md blob.
-*/
-function extractMemberDirs(treeEntries) {
-	const nodeMdPaths = /* @__PURE__ */ new Set();
-	for (const entry of treeEntries) if (entry.type === "blob" && entry.path.endsWith("/NODE.md")) nodeMdPaths.add(entry.path);
-	const memberDirs = [];
-	for (const entry of treeEntries) {
-		if (entry.type !== "tree") continue;
-		if (nodeMdPaths.has(`${entry.path}/NODE.md`)) memberDirs.push(entry.path);
-	}
-	return memberDirs.sort();
-}
-/**
-* Fetch all members from a Context Tree repo via GitHub API.
-* Uses 3 API calls:
-*   1. GraphQL: get members/ tree OID
-*   2. REST: recursive tree listing (scoped to members/ only)
-*   3. GraphQL: batch-fetch all NODE.md contents via aliases
-*/
-async function fetchMembers(repo, branch, token) {
-	const { owner, name } = parseRepo(repo);
-	if (!owner || !name) throw new Error(`Invalid repo format: "${repo}" — expected "owner/repo" or a GitHub URL`);
-	const treeOid = await fetchMembersTreeOid(owner, name, branch, token);
-	if (!treeOid) {
-		console.warn("[context-tree-sync] members/ directory not found in repo");
-		return [];
-	}
-	const memberDirs = extractMemberDirs(await fetchRecursiveTree(owner, name, treeOid, token));
-	if (memberDirs.length === 0) {
-		console.warn("[context-tree-sync] No member directories with NODE.md found");
-		return [];
-	}
-	const nameMap = /* @__PURE__ */ new Map();
-	for (const dir of memberDirs) {
-		const dirName = dir.split("/").pop() ?? dir;
-		const existing = nameMap.get(dirName);
-		if (existing) throw new Error(`[context-tree-sync] Duplicate member directory name '${dirName}' found at 'members/${existing}' and 'members/${dir}' — directory names must be unique across all levels under members/. Fix this in the Context Tree repo.`);
-		nameMap.set(dirName, dir);
-	}
-	const nodeContents = await batchFetchNodeMd(owner, name, branch, memberDirs, token);
-	return memberDirs.map((dir) => ({
-		name: dir.split("/").pop() ?? dir,
-		treePath: dir,
-		nodeContent: nodeContents.get(dir) ?? null
-	}));
-}
-/** Parse NODE.md frontmatter for agent metadata. */
-function parseNodeMetadata(content) {
-	const match = /^---\n([\s\S]*?)\n---/.exec(content);
-	if (!match) return {
-		type: "autonomous_agent",
-		displayName: null,
-		delegateMention: null,
-		owners: [],
-		github: null
-	};
-	const frontmatter = match[1] ?? "";
-	const getValue = (key) => {
-		const lineMatch = new RegExp(`^${key}:\\s*(.+)$`, "m").exec(frontmatter);
-		return lineMatch ? lineMatch[1]?.trim().replace(/^["']|["']$/g, "") ?? null : null;
-	};
-	const ownersRaw = getValue("owners");
-	let owners = [];
-	if (ownersRaw) {
-		const listMatch = /^\[([^\]]*)\]$/.exec(ownersRaw);
-		if (listMatch?.[1]) owners = listMatch[1].split(",").map((s) => s.trim().replace(/^["']|["']$/g, "")).filter(Boolean);
-	}
-	return {
-		type: getValue("type") ?? "autonomous_agent",
-		displayName: getValue("display_name") ?? getValue("title") ?? getValue("name"),
-		delegateMention: getValue("delegate_mention"),
-		owners,
-		github: getValue("github")
-	};
-}
-/** Stored for the /status endpoint */
-let _lastSyncResult;
-function getLastGraphQLSyncResult() {
-	return _lastSyncResult;
-}
-/**
-* Sync agents from a GitHub Context Tree repo via GraphQL.
-*
-* Lifecycle semantics:
-* - Member in tree, not in DB → create (active)
-* - Member in tree, in DB as active, fields changed → update
-* - Member in tree, in DB as active, fields unchanged → unchanged
-* - Member in tree, in DB as suspended → reactivate (set active)
-* - Agent in DB as active, NOT in tree → suspend
-*/
-async function syncFromGitHub(db, repo, branch, githubToken) {
-	const members = await fetchMembers(repo, branch, githubToken);
-	const memberNames = new Set(members.map((m) => m.name));
-	const result = {
-		created: 0,
-		updated: 0,
-		suspended: 0,
-		reactivated: 0,
-		unchanged: 0,
-		errors: 0,
-		syncedAt: (/* @__PURE__ */ new Date()).toISOString()
-	};
-	for (const member of members) try {
-		const meta = member.nodeContent ? parseNodeMetadata(member.nodeContent) : {
-			type: "autonomous_agent",
-			displayName: null,
-			delegateMention: null,
-			owners: [],
-			github: null
-		};
-		const metadataJson = JSON.stringify({
-			owners: meta.owners,
-			github: meta.github
-		});
-		const existing = await db.execute(sql`SELECT id, status, type, display_name, delegate_mention, tree_path, metadata FROM agents WHERE id = ${member.name}`);
-		if (existing.length === 0) {
-			await db.execute(sql`
-          INSERT INTO agents (id, type, display_name, delegate_mention, tree_path, status, inbox_id, metadata)
-          VALUES (${member.name}, ${meta.type}, ${meta.displayName}, ${meta.delegateMention}, ${member.treePath}, 'active', ${`inbox_${member.name}`}, ${metadataJson}::jsonb)
-        `);
-			result.created++;
-		} else {
-			const agent = existing[0];
-			const existingMeta = agent.metadata ?? {};
-			const mergedMeta = JSON.stringify({
-				...existingMeta,
-				owners: meta.owners,
-				github: meta.github
-			});
-			if (agent.status === "suspended" || agent.status === "deleted") {
-				await db.execute(sql`
-            UPDATE agents SET status = 'active', type = ${meta.type}, display_name = ${meta.displayName}, delegate_mention = ${meta.delegateMention}, tree_path = ${member.treePath}, metadata = ${mergedMeta}::jsonb
-            WHERE id = ${member.name}
-          `);
-				result.reactivated++;
-			} else if (agent.type !== meta.type || agent.display_name !== meta.displayName || agent.delegate_mention !== meta.delegateMention || agent.tree_path !== member.treePath || JSON.stringify(existingMeta.owners) !== JSON.stringify(meta.owners) || (existingMeta.github ?? null) !== (meta.github ?? null)) {
-				await db.execute(sql`
-            UPDATE agents SET type = ${meta.type}, display_name = ${meta.displayName}, delegate_mention = ${meta.delegateMention}, tree_path = ${member.treePath}, metadata = ${mergedMeta}::jsonb
-            WHERE id = ${member.name}
-          `);
-				result.updated++;
-			} else result.unchanged++;
-		}
-	} catch (err) {
-		console.error(`[context-tree-sync] Failed to sync member "${member.name}" (path: members/${member.treePath}):`, err);
-		result.errors++;
-	}
-	try {
-		const activeAgents = await db.execute(sql`SELECT id FROM agents WHERE status = 'active' AND (metadata->>'managed')::boolean IS NOT TRUE`);
-		for (const row of activeAgents) {
-			const agent = row;
-			if (!memberNames.has(agent.id)) {
-				await db.execute(sql`UPDATE agents SET status = 'suspended' WHERE id = ${agent.id}`);
-				result.suspended++;
-			}
-		}
-	} catch (err) {
-		console.error("[context-tree-sync] Failed to suspend removed agents:", err);
-		result.errors++;
-	}
-	_lastSyncResult = result;
-	return result;
-}
-async function adminAgentSyncRoutes(app) {
-	app.post("/", async (_request, reply) => {
-		const { repo, branch } = app.config.contextTree;
-		const { token } = app.config.github;
-		try {
-			const result = await syncFromGitHub(app.db, repo, branch, token);
-			return reply.send({ summary: result });
-		} catch (error) {
-			const msg = error instanceof Error ? error.message : String(error);
-			app.log.error(error, "Context Tree sync failed");
-			return reply.status(502).send({ error: msg });
-		}
-	});
-	app.get("/status", async (_request, reply) => {
-		const lastSync = getLastGraphQLSyncResult();
-		return reply.send({ lastSync: lastSync ?? null });
-	});
-}
 /** Agent online status. Tracked via WebSocket connections; stale entries are cleaned up using server_instances heartbeat. */
 const agentPresence = pgTable("agent_presence", {
-	agentId: text("agent_id").primaryKey().references(() => agents.id, { onDelete: "cascade" }),
+	agentId: text("agent_id").primaryKey().references(() => agents.uuid, { onDelete: "cascade" }),
 	status: text("status").notNull().default("offline"),
 	instanceId: text("instance_id"),
 	connectedAt: timestamp("connected_at", { withTimezone: true }),
@@ -3717,7 +3090,7 @@ const agentPresence = pgTable("agent_presence", {
 /** Agent bearer tokens. Multiple tokens can coexist for zero-downtime rotation. */
 const agentTokens = pgTable("agent_tokens", {
 	id: text("id").primaryKey(),
-	agentId: text("agent_id").notNull().references(() => agents.id, { onDelete: "cascade" }),
+	agentId: text("agent_id").notNull().references(() => agents.uuid, { onDelete: "cascade" }),
 	tokenHash: text("token_hash").notNull(),
 	name: text("name"),
 	expiresAt: timestamp("expires_at", { withTimezone: true }),
@@ -3725,62 +3098,83 @@ const agentTokens = pgTable("agent_tokens", {
 	createdAt: timestamp("created_at", { withTimezone: true }).notNull().defaultNow(),
 	lastUsedAt: timestamp("last_used_at", { withTimezone: true })
 }, (table) => [index("idx_agent_tokens_agent").on(table.agentId), index("idx_agent_tokens_hash").on(table.tokenHash)]);
+/** Generate a UUID v7 (time-ordered). No external dependency. */
+function uuidv7() {
+	const now = BigInt(Date.now());
+	const bytes = new Uint8Array(16);
+	bytes[0] = Number(now >> 40n & 255n);
+	bytes[1] = Number(now >> 32n & 255n);
+	bytes[2] = Number(now >> 24n & 255n);
+	bytes[3] = Number(now >> 16n & 255n);
+	bytes[4] = Number(now >> 8n & 255n);
+	bytes[5] = Number(now & 255n);
+	const rand = randomBytes(10);
+	for (let i = 0; i < 10; i++) {
+		const b = rand[i];
+		if (b !== void 0) bytes[6 + i] = b;
+	}
+	bytes[6] = (bytes[6] ?? 0) & 15 | 112;
+	bytes[8] = (bytes[8] ?? 0) & 63 | 128;
+	const hex = Array.from(bytes, (b) => b.toString(16).padStart(2, "0")).join("");
+	return `${hex.slice(0, 8)}-${hex.slice(8, 12)}-${hex.slice(12, 16)}-${hex.slice(16, 20)}-${hex.slice(20)}`;
+}
 function hashToken$1(raw) {
 	return createHash("sha256").update(raw).digest("hex");
 }
 async function createAgent(db, data) {
-	const id = data.id ?? randomUUID();
-	const inboxId = `inbox_${id}`;
-	const [existing] = await db.select({
-		id: agents.id,
-		status: agents.status
-	}).from(agents).where(eq(agents.id, id)).limit(1);
-	if (existing) {
-		if (existing.status !== AGENT_STATUSES.DELETED) throw new ConflictError(`Agent "${id}" already exists`);
-		const [agent] = await db.update(agents).set({
-			organizationId: data.organizationId ?? "default",
+	const uuid = uuidv7();
+	const name = data.name ?? null;
+	const inboxId = `inbox_${uuid}`;
+	const orgId = data.organizationId ?? "default";
+	try {
+		const [agent] = await db.insert(agents).values({
+			uuid,
+			name,
+			organizationId: orgId,
 			type: data.type,
 			displayName: data.displayName ?? null,
-			status: "active",
-			metadata: data.metadata ?? {},
-			updatedAt: /* @__PURE__ */ new Date()
-		}).where(eq(agents.id, id)).returning();
-		if (!agent) throw new Error("Unexpected: UPDATE RETURNING produced no row");
+			delegateMention: data.delegateMention ?? null,
+			profile: data.profile ?? null,
+			inboxId,
+			metadata: data.metadata ?? {}
+		}).returning();
+		if (!agent) throw new Error("Unexpected: INSERT RETURNING produced no row");
 		return agent;
+	} catch (err) {
+		if ((err?.code ?? err?.cause?.code ?? "") === "23505" && name) throw new ConflictError(`Agent name "${name}" already exists in organization "${orgId}"`);
+		throw err;
 	}
-	const [agent] = await db.insert(agents).values({
-		id,
-		organizationId: data.organizationId ?? "default",
-		type: data.type,
-		displayName: data.displayName ?? null,
-		inboxId,
-		metadata: data.metadata ?? {}
-	}).returning();
-	if (!agent) throw new Error("Unexpected: INSERT RETURNING produced no row");
+}
+async function getAgent(db, uuid) {
+	const [agent] = await db.select().from(agents).where(and(eq(agents.uuid, uuid), ne(agents.status, AGENT_STATUSES.DELETED))).limit(1);
+	if (!agent) throw new NotFoundError(`Agent "${uuid}" not found`);
 	return agent;
 }
-async function getAgent(db, id) {
-	const [agent] = await db.select().from(agents).where(and(eq(agents.id, id), ne(agents.status, AGENT_STATUSES.DELETED))).limit(1);
-	if (!agent) throw new NotFoundError(`Agent "${id}" not found`);
+async function getAgentByName(db, orgId, name) {
+	const [agent] = await db.select().from(agents).where(and(eq(agents.organizationId, orgId), eq(agents.name, name), ne(agents.status, AGENT_STATUSES.DELETED))).limit(1);
+	if (!agent) throw new NotFoundError(`Agent "${name}" not found in organization "${orgId}"`);
 	return agent;
 }
-async function listAgents(db, limit, cursor) {
-	const notDeleted = ne(agents.status, AGENT_STATUSES.DELETED);
-	const where = cursor ? and(notDeleted, lt(agents.createdAt, new Date(cursor))) : notDeleted;
+async function listAgents(db, orgId, limit, cursor, type) {
+	const conditions = [ne(agents.status, AGENT_STATUSES.DELETED), eq(agents.organizationId, orgId)];
+	if (cursor) conditions.push(lt(agents.createdAt, new Date(cursor)));
+	if (type) conditions.push(eq(agents.type, type));
+	const where = and(...conditions);
 	const rows = await db.select({
-		id: agents.id,
+		uuid: agents.uuid,
+		name: agents.name,
 		organizationId: agents.organizationId,
 		type: agents.type,
 		displayName: agents.displayName,
 		delegateMention: agents.delegateMention,
-		treePath: agents.treePath,
+		profile: agents.profile,
 		inboxId: agents.inboxId,
 		status: agents.status,
 		metadata: agents.metadata,
 		createdAt: agents.createdAt,
 		updatedAt: agents.updatedAt,
 		presenceStatus: agentPresence.status
-	}).from(agents).leftJoin(agentPresence, eq(agents.id, agentPresence.agentId)).where(where).orderBy(desc(agents.createdAt)).limit(limit + 1);
+	}).from(agents).leftJoin(agentPresence, eq(agents.uuid, agentPresence.agentId)).where(where).orderBy(desc(agents.createdAt)).limit(limit + 1);
 	const hasMore = rows.length > limit;
 	const items = hasMore ? rows.slice(0, limit) : rows;
 	const last = items[items.length - 1];
@@ -3789,45 +3183,115 @@ async function listAgents(db, limit, cursor) {
 		nextCursor: hasMore && last ? last.createdAt.toISOString() : null
 	};
 }
+async function updateAgent(db, uuid, data) {
+	const agent = await getAgent(db, uuid);
+	const updates = { updatedAt: /* @__PURE__ */ new Date() };
+	if (data.type !== void 0) updates.type = data.type;
+	if (data.displayName !== void 0) updates.displayName = data.displayName;
+	if (data.delegateMention !== void 0) updates.delegateMention = data.delegateMention;
+	if (data.profile !== void 0) updates.profile = data.profile;
+	if (data.metadata !== void 0) updates.metadata = data.metadata;
+	const [updated] = await db.update(agents).set(updates).where(eq(agents.uuid, agent.uuid)).returning();
+	if (!updated) throw new Error("Unexpected: UPDATE RETURNING produced no row");
+	return updated;
+}
+/**
+* Reactivate a suspended agent.
+*/
+async function reactivateAgent(db, uuid) {
+	const [existing] = await db.select({
+		uuid: agents.uuid,
+		status: agents.status
+	}).from(agents).where(eq(agents.uuid, uuid)).limit(1);
+	if (!existing || existing.status === AGENT_STATUSES.DELETED) throw new NotFoundError(`Agent "${uuid}" not found`);
+	if (existing.status !== AGENT_STATUSES.SUSPENDED) throw new BadRequestError("Only suspended agents can be reactivated.");
+	const [agent] = await db.update(agents).set({
+		status: AGENT_STATUSES.ACTIVE,
+		updatedAt: /* @__PURE__ */ new Date()
+	}).where(eq(agents.uuid, uuid)).returning();
+	if (!agent) throw new Error("Unexpected: UPDATE RETURNING produced no row");
+	return agent;
+}
+/**
+* Suspend an agent. Revokes all active tokens so the agent can no longer authenticate.
+*/
+async function suspendAgent(db, uuid) {
+	const [agent] = await db.update(agents).set({
+		status: AGENT_STATUSES.SUSPENDED,
+		updatedAt: /* @__PURE__ */ new Date()
+	}).where(and(eq(agents.uuid, uuid), ne(agents.status, AGENT_STATUSES.DELETED))).returning();
+	if (!agent) throw new NotFoundError(`Agent "${uuid}" not found`);
+	await db.update(agentTokens).set({ revokedAt: /* @__PURE__ */ new Date() }).where(and(eq(agentTokens.agentId, uuid), isNull(agentTokens.revokedAt)));
+	return agent;
+}
 /**
-* Delete an agent. Only allowed when status is "suspended" (removed from tree).
+* Delete an agent. Only allowed when status is "suspended".
+* Suspend the agent first to revoke tokens, then delete.
+* Sets name to NULL to release the name for reuse.
 */
-async function deleteAgent(db, id) {
+async function deleteAgent(db, uuid) {
 	const [existing] = await db.select({
-		id: agents.id,
+		uuid: agents.uuid,
 		status: agents.status
-	}).from(agents).where(eq(agents.id, id)).limit(1);
-	if (!existing || existing.status === AGENT_STATUSES.DELETED) throw new NotFoundError(`Agent "${id}" not found`);
-	if (existing.status !== AGENT_STATUSES.SUSPENDED) throw new BadRequestError("Only suspended agents can be deleted. Active agents are managed by Context Tree.");
+	}).from(agents).where(eq(agents.uuid, uuid)).limit(1);
+	if (!existing || existing.status === AGENT_STATUSES.DELETED) throw new NotFoundError(`Agent "${uuid}" not found`);
+	if (existing.status !== AGENT_STATUSES.SUSPENDED) throw new BadRequestError("Only suspended agents can be deleted. Suspend the agent first.");
 	const [agent] = await db.update(agents).set({
 		status: AGENT_STATUSES.DELETED,
+		name: null,
 		updatedAt: /* @__PURE__ */ new Date()
-	}).where(eq(agents.id, id)).returning();
-	await db.update(agentTokens).set({ revokedAt: /* @__PURE__ */ new Date() }).where(and(eq(agentTokens.agentId, id), isNull(agentTokens.revokedAt)));
-	await db.delete(adapterConfigs).where(eq(adapterConfigs.agentId, id));
-	await db.delete(adapterAgentMappings).where(eq(adapterAgentMappings.agentId, id));
+	}).where(eq(agents.uuid, uuid)).returning();
+	await db.update(agentTokens).set({ revokedAt: /* @__PURE__ */ new Date() }).where(and(eq(agentTokens.agentId, uuid), isNull(agentTokens.revokedAt)));
+	await db.delete(adapterConfigs).where(eq(adapterConfigs.agentId, uuid));
+	await db.delete(adapterAgentMappings).where(eq(adapterAgentMappings.agentId, uuid));
 	if (!agent) throw new Error("Unexpected: UPDATE RETURNING produced no row");
 	return agent;
 }
+async function bootstrapToken(db, agentName, orgId, githubUsername, options) {
+	let agent;
+	try {
+		agent = await getAgentByName(db, orgId, agentName);
+	} catch (err) {
+		if (err instanceof NotFoundError) {
+			const metadata = {
+				...options?.metadata,
+				owners: [githubUsername]
+			};
+			agent = await createAgent(db, {
+				name: agentName,
+				type: options?.type ?? "autonomous_agent",
+				displayName: options?.displayName ?? agentName,
+				delegateMention: options?.delegateMention,
+				profile: options?.profile,
+				organizationId: orgId,
+				metadata
+			});
+		} else throw err;
+	}
+	if (!(Array.isArray(agent.metadata?.owners) ? agent.metadata.owners : []).includes(githubUsername)) throw new ForbiddenError(`GitHub user "${githubUsername}" is not in the owners list for agent "${agentName}"`);
+	const activeTokens = await db.select({ id: agentTokens.id }).from(agentTokens).where(and(eq(agentTokens.agentId, agent.uuid), isNull(agentTokens.revokedAt)));
+	if (activeTokens.length > 0) throw new ConflictError(`Agent "${agentName}" already has ${activeTokens.length} active token(s). Revoke all tokens first to re-bootstrap.`);
+	return createToken(db, agent.uuid, { name: options?.tokenName ?? "bootstrap" });
+}
 /**
-* Bootstrap a token for an agent using GitHub identity.
-* Only works when the agent has no active (non-revoked, non-expired) tokens.
+* Check if a GitHub user belongs to a specific organization.
 */
-async function bootstrapToken(db, agentId, githubUsername, tokenName) {
-	const agent = await getAgent(db, agentId);
-	if (!(Array.isArray(agent.metadata?.owners) ? agent.metadata.owners : []).includes(githubUsername)) throw new ForbiddenError(`GitHub user "${githubUsername}" is not in the owners list for agent "${agentId}"`);
-	const activeTokens = await db.select({ id: agentTokens.id }).from(agentTokens).where(and(eq(agentTokens.agentId, agentId), isNull(agentTokens.revokedAt)));
-	if (activeTokens.length > 0) throw new ConflictError(`Agent "${agentId}" already has ${activeTokens.length} active token(s). Revoke all tokens first to re-bootstrap.`);
-	return createToken(db, agentId, { name: tokenName ?? "bootstrap" });
-}
-async function createToken(db, agentId, data) {
-	await getAgent(db, agentId);
+async function checkGitHubOrgMembership(githubToken, org) {
+	const res = await fetch(`https://api.github.com/user/orgs`, { headers: {
+		Authorization: `Bearer ${githubToken}`,
+		Accept: "application/vnd.github+json"
+	} });
+	if (!res.ok) return false;
+	return (await res.json()).some((o) => o.login.toLowerCase() === org.toLowerCase());
+}
+async function createToken(db, agentUuid, data) {
+	await getAgent(db, agentUuid);
 	const raw = `aghub_${randomBytes(32).toString("hex")}`;
 	const tokenHash = hashToken$1(raw);
-	const tokenId = randomUUID();
+	const tokenId = uuidv7();
 	const [token] = await db.insert(agentTokens).values({
 		id: tokenId,
-		agentId,
+		agentId: agentUuid,
 		tokenHash,
 		name: data.name ?? null,
 		expiresAt: data.expiresAt ? new Date(data.expiresAt) : null
@@ -3844,7 +3308,7 @@ async function createToken(db, agentId, data) {
 		token: raw
 	};
 }
-async function listTokens(db, agentId) {
+async function listTokens(db, agentUuid) {
 	return db.select({
 		id: agentTokens.id,
 		agentId: agentTokens.agentId,
@@ -3853,10 +3317,10 @@ async function listTokens(db, agentId) {
 		revokedAt: agentTokens.revokedAt,
 		createdAt: agentTokens.createdAt,
 		lastUsedAt: agentTokens.lastUsedAt
-	}).from(agentTokens).where(eq(agentTokens.agentId, agentId)).orderBy(desc(agentTokens.createdAt));
+	}).from(agentTokens).where(eq(agentTokens.agentId, agentUuid)).orderBy(desc(agentTokens.createdAt));
 }
-async function revokeToken(db, agentId, tokenId) {
-	const [token] = await db.update(agentTokens).set({ revokedAt: /* @__PURE__ */ new Date() }).where(and(eq(agentTokens.id, tokenId), eq(agentTokens.agentId, agentId), isNull(agentTokens.revokedAt))).returning();
+async function revokeToken(db, agentUuid, tokenId) {
+	const [token] = await db.update(agentTokens).set({ revokedAt: /* @__PURE__ */ new Date() }).where(and(eq(agentTokens.id, tokenId), eq(agentTokens.agentId, agentUuid), isNull(agentTokens.revokedAt))).returning();
 	if (!token) throw new NotFoundError("Token not found or already revoked");
 	return token;
 }
@@ -3864,9 +3328,9 @@ async function createChat(db, creatorId, data) {
 	const chatId = randomUUID();
 	const allParticipantIds = new Set([creatorId, ...data.participantIds]);
 	const existingAgents = await db.select({
-		id: agents.id,
+		id: agents.uuid,
 		organizationId: agents.organizationId
-	}).from(agents).where(inArray(agents.id, [...allParticipantIds]));
+	}).from(agents).where(inArray(agents.uuid, [...allParticipantIds]));
 	if (existingAgents.length !== allParticipantIds.size) {
 		const found = new Set(existingAgents.map((a) => a.id));
 		throw new BadRequestError(`Agents not found: ${[...allParticipantIds].filter((id) => !found.has(id)).join(", ")}`);
@@ -3935,9 +3399,9 @@ async function addParticipant(db, chatId, requesterId, data) {
 	const chat = await getChat(db, chatId);
 	await assertParticipant(db, chatId, requesterId);
 	const [targetAgent] = await db.select({
-		id: agents.id,
+		id: agents.uuid,
 		organizationId: agents.organizationId
-	}).from(agents).where(eq(agents.id, data.agentId)).limit(1);
+	}).from(agents).where(eq(agents.uuid, data.agentId)).limit(1);
 	if (!targetAgent) throw new NotFoundError(`Agent "${data.agentId}" not found`);
 	if (targetAgent.organizationId !== chat.organizationId) throw new BadRequestError("Cannot add agent from different organization");
 	const [existing] = await db.select({ chatId: chatParticipants.chatId }).from(chatParticipants).where(and(eq(chatParticipants.chatId, chatId), eq(chatParticipants.agentId, data.agentId))).limit(1);
@@ -3965,7 +3429,7 @@ async function findOrCreateDirectChat(db, agentAId, agentBId) {
 		const directChats = await db.select().from(chats).where(and(inArray(chats.id, commonChatIds), eq(chats.type, "direct")));
 		if (directChats.length > 0 && directChats[0]) return directChats[0];
 	}
-	const [agentA] = await db.select({ organizationId: agents.organizationId }).from(agents).where(eq(agents.id, agentAId)).limit(1);
+	const [agentA] = await db.select({ organizationId: agents.organizationId }).from(agents).where(eq(agents.uuid, agentAId)).limit(1);
 	if (!agentA) throw new NotFoundError(`Agent "${agentAId}" not found`);
 	const chatId = randomUUID();
 	return db.transaction(async (tx) => {
@@ -4045,7 +3509,7 @@ async function sendMessage(db, chatId, senderId, data) {
 		const entries = (await tx.select({
 			agentId: chatParticipants.agentId,
 			inboxId: agents.inboxId
-		}).from(chatParticipants).innerJoin(agents, eq(chatParticipants.agentId, agents.id)).where(eq(chatParticipants.chatId, chatId))).filter((p) => p.agentId !== senderId).map((p) => ({
+		}).from(chatParticipants).innerJoin(agents, eq(chatParticipants.agentId, agents.uuid)).where(eq(chatParticipants.chatId, chatId))).filter((p) => p.agentId !== senderId).map((p) => ({
 			inboxId: p.inboxId,
 			messageId,
 			chatId
@@ -4074,18 +3538,15 @@ async function sendMessage(db, chatId, senderId, data) {
 		};
 	});
 }
-async function sendToAgent(db, senderId, targetAgentId, data) {
+async function sendToAgent(db, senderUuid, targetName, data) {
 	const [sender] = await db.select({
-		id: agents.id,
-		organizationId: agents.organizationId
-	}).from(agents).where(eq(agents.id, senderId)).limit(1);
-	if (!sender) throw new NotFoundError(`Agent "${senderId}" not found`);
-	const [target] = await db.select({
-		id: agents.id,
+		uuid: agents.uuid,
 		organizationId: agents.organizationId
-	}).from(agents).where(eq(agents.id, targetAgentId)).limit(1);
-	if (!target) throw new NotFoundError(`Agent "${targetAgentId}" not found`);
-	return sendMessage(db, (await findOrCreateDirectChat(db, senderId, targetAgentId)).id, senderId, {
+	}).from(agents).where(eq(agents.uuid, senderUuid)).limit(1);
+	if (!sender) throw new NotFoundError(`Agent "${senderUuid}" not found`);
+	const [target] = await db.select({ uuid: agents.uuid }).from(agents).where(and(eq(agents.organizationId, sender.organizationId), eq(agents.name, targetName), ne(agents.status, "deleted"))).limit(1);
+	if (!target) throw new NotFoundError(`Agent "${targetName}" not found`);
+	return sendMessage(db, (await findOrCreateDirectChat(db, senderUuid, target.uuid)).id, senderUuid, {
 		format: data.format,
 		content: data.content,
 		metadata: data.metadata,
@@ -4255,9 +3716,12 @@ function serializeDate$1(d) {
 	return d ? d.toISOString() : null;
 }
 async function adminAgentRoutes(app) {
+	const listAgentsFilterSchema = z.object({ type: agentTypeSchema.optional() });
 	app.get("/", async (request) => {
 		const query = paginationQuerySchema.parse(request.query);
-		const result = await listAgents(app.db, query.limit, query.cursor);
+		const { type } = listAgentsFilterSchema.parse(request.query);
+		const org = request.query.org ?? "default";
+		const result = await listAgents(app.db, org, query.limit, query.cursor, type);
 		return {
 			items: result.items.map((a) => ({
 				...a,
@@ -4268,17 +3732,35 @@ async function adminAgentRoutes(app) {
 			nextCursor: result.nextCursor
 		};
 	});
-	app.get("/:agentId", async (request) => {
-		const agent = await getAgent(app.db, request.params.agentId);
+	app.post("/", async (request, reply) => {
+		const body = createAgentSchema.parse(request.body);
+		const agent = await createAgent(app.db, body);
+		return reply.status(201).send({
+			...agent,
+			createdAt: agent.createdAt.toISOString(),
+			updatedAt: agent.updatedAt.toISOString()
+		});
+	});
+	app.patch("/:uuid", async (request) => {
+		const body = updateAgentSchema.parse(request.body);
+		const agent = await updateAgent(app.db, request.params.uuid, body);
 		return {
 			...agent,
 			createdAt: agent.createdAt.toISOString(),
 			updatedAt: agent.updatedAt.toISOString()
 		};
 	});
-	app.post("/:agentId/tokens", async (request, reply) => {
+	app.get("/:uuid", async (request) => {
+		const agent = await getAgent(app.db, request.params.uuid);
+		return {
+			...agent,
+			createdAt: agent.createdAt.toISOString(),
+			updatedAt: agent.updatedAt.toISOString()
+		};
+	});
+	app.post("/:uuid/tokens", async (request, reply) => {
 		const body = createAgentTokenSchema.parse(request.body);
-		const result = await createToken(app.db, request.params.agentId, body);
+		const result = await createToken(app.db, request.params.uuid, body);
 		return reply.status(201).send({
 			...result,
 			expiresAt: serializeDate$1(result.expiresAt),
@@ -4287,8 +3769,8 @@ async function adminAgentRoutes(app) {
 			lastUsedAt: serializeDate$1(result.lastUsedAt)
 		});
 	});
-	app.get("/:agentId/tokens", async (request) => {
-		return (await listTokens(app.db, request.params.agentId)).map((t) => ({
+	app.get("/:uuid/tokens", async (request) => {
+		return (await listTokens(app.db, request.params.uuid)).map((t) => ({
 			...t,
 			expiresAt: serializeDate$1(t.expiresAt),
 			revokedAt: serializeDate$1(t.revokedAt),
@@ -4296,39 +3778,55 @@ async function adminAgentRoutes(app) {
 			lastUsedAt: serializeDate$1(t.lastUsedAt)
 		}));
 	});
-	app.delete("/:agentId/tokens/:tokenId", async (request, reply) => {
-		await revokeToken(app.db, request.params.agentId, request.params.tokenId);
+	app.delete("/:uuid/tokens/:tokenId", async (request, reply) => {
+		await revokeToken(app.db, request.params.uuid, request.params.tokenId);
 		return reply.status(204).send();
 	});
-	app.post("/:agentId/disconnect", async (request, reply) => {
-		const { agentId } = request.params;
-		await getAgent(app.db, agentId);
-		const wasConnected = forceDisconnect(agentId);
-		await setOffline(app.db, agentId);
+	app.post("/:uuid/disconnect", async (request, reply) => {
+		const { uuid } = request.params;
+		await getAgent(app.db, uuid);
+		const wasConnected = forceDisconnect(uuid);
+		await setOffline(app.db, uuid);
 		return reply.status(200).send({ disconnected: wasConnected });
 	});
-	app.delete("/:agentId", async (request, reply) => {
-		await deleteAgent(app.db, request.params.agentId);
+	app.post("/:uuid/suspend", async (request) => {
+		const agent = await suspendAgent(app.db, request.params.uuid);
+		return {
+			...agent,
+			createdAt: agent.createdAt.toISOString(),
+			updatedAt: agent.updatedAt.toISOString()
+		};
+	});
+	app.post("/:uuid/reactivate", async (request) => {
+		const agent = await reactivateAgent(app.db, request.params.uuid);
+		return {
+			...agent,
+			createdAt: agent.createdAt.toISOString(),
+			updatedAt: agent.updatedAt.toISOString()
+		};
+	});
+	app.delete("/:uuid", async (request, reply) => {
+		await deleteAgent(app.db, request.params.uuid);
 		return reply.status(204).send();
 	});
-	app.post("/:agentId/test", async (request, reply) => {
-		const { agentId } = request.params;
-		const [, presence] = await Promise.all([getAgent(app.db, agentId), getPresence(app.db, agentId)]);
+	app.post("/:uuid/test", async (request, reply) => {
+		const { uuid } = request.params;
+		const [, presence] = await Promise.all([getAgent(app.db, uuid), getPresence(app.db, uuid)]);
 		if (!presence || presence.status !== "online") return reply.status(200).send({
 			status: "offline",
 			message: "Agent is not connected. Start the client first."
 		});
-		const [owner] = await app.db.select({ id: agents.id }).from(agents).where(and(eq(agents.delegateMention, agentId), eq(agents.status, "active"))).limit(1);
-		let senderId = owner?.id ?? null;
+		const [owner] = await app.db.select({ uuid: agents.uuid }).from(agents).where(and(eq(agents.delegateMention, uuid), eq(agents.status, "active"))).limit(1);
+		let senderId = owner?.uuid ?? null;
 		if (!senderId) {
-			const [other] = await app.db.select({ id: agents.id }).from(agents).where(and(ne(agents.id, agentId), eq(agents.status, "active"))).limit(1);
-			senderId = other?.id ?? null;
+			const [other] = await app.db.select({ uuid: agents.uuid }).from(agents).where(and(ne(agents.uuid, uuid), eq(agents.status, "active"))).limit(1);
+			senderId = other?.uuid ?? null;
 		}
 		if (!senderId) return reply.status(200).send({
 			status: "error",
 			message: "No suitable sender found. Need at least one other active agent."
 		});
-		const chat = await findOrCreateDirectChat(app.db, senderId, agentId);
+		const chat = await findOrCreateDirectChat(app.db, senderId, uuid);
 		const testContent = `[System Test] Verify your connection. Respond with your identity and role. Time: ${(/* @__PURE__ */ new Date()).toISOString()}`;
 		const result = await sendMessage(app.db, chat.id, senderId, {
 			format: "text",
@@ -4341,7 +3839,7 @@ async function adminAgentRoutes(app) {
 		const pollStart = Date.now();
 		while (Date.now() - pollStart < POLL_TIMEOUT) {
 			await new Promise((r) => setTimeout(r, POLL_INTERVAL));
-			const [response] = await app.db.select().from(messages).where(and(eq(messages.chatId, chat.id), eq(messages.senderId, agentId), gt(messages.createdAt, threshold))).limit(1);
+			const [response] = await app.db.select().from(messages).where(and(eq(messages.chatId, chat.id), eq(messages.senderId, uuid), gt(messages.createdAt, threshold))).limit(1);
 			if (response) {
 				const content = typeof response.content === "string" ? response.content.slice(0, 500) : JSON.stringify(response.content).slice(0, 500);
 				return reply.status(200).send({
@@ -4423,7 +3921,10 @@ async function adminChatRoutes(app) {
 	/** List chats with participant count */
 	app.get("/", async (request) => {
 		const query = paginationQuerySchema.parse(request.query);
-		const where = query.cursor ? lt(chats.createdAt, new Date(query.cursor)) : void 0;
+		const org = request.query.org ?? "default";
+		const conditions = [eq(chats.organizationId, org)];
+		if (query.cursor) conditions.push(lt(chats.createdAt, new Date(query.cursor)));
+		const where = and(...conditions);
 		const rows = await app.db.select({
 			id: chats.id,
 			organizationId: chats.organizationId,
@@ -4502,9 +4003,10 @@ async function adminChatRoutes(app) {
 	});
 }
 async function adminOverviewRoutes(app) {
-	app.get("/", async () => {
-		const [agentCount] = await app.db.select({ count: sql`count(*)::int` }).from(agents).where(ne(agents.status, "deleted"));
-		const [chatCount] = await app.db.select({ count: sql`count(*)::int` }).from(chats);
+	app.get("/", async (request) => {
+		const org = (request.query ?? {}).org ?? "default";
+		const [agentCount] = await app.db.select({ count: sql`count(*)::int` }).from(agents).where(and(ne(agents.status, "deleted"), eq(agents.organizationId, org)));
+		const [chatCount] = await app.db.select({ count: sql`count(*)::int` }).from(chats).where(eq(chats.organizationId, org));
 		const onlineCount = await getOnlineCount(app.db);
 		return {
 			agents: agentCount?.count ?? 0,
@@ -4657,7 +4159,7 @@ async function agentChatRoutes(app) {
 	app.post("/", async (request, reply) => {
 		const identity = requireAgent(request);
 		const body = createChatSchema.parse(request.body);
-		const result = await createChat(app.db, identity.id, body);
+		const result = await createChat(app.db, identity.uuid, body);
 		return reply.status(201).send({
 			...serializeChat(result),
 			participants: result.participants.map((p) => ({
@@ -4669,7 +4171,7 @@ async function agentChatRoutes(app) {
 	app.get("/", async (request) => {
 		const identity = requireAgent(request);
 		const query = paginationQuerySchema.parse(request.query);
-		const result = await listChats(app.db, identity.id, query.limit, query.cursor);
+		const result = await listChats(app.db, identity.uuid, query.limit, query.cursor);
 		return {
 			items: result.items.map(serializeChat),
 			nextCursor: result.nextCursor
@@ -4677,7 +4179,7 @@ async function agentChatRoutes(app) {
 	});
 	app.get("/:chatId", async (request) => {
 		const identity = requireAgent(request);
-		await assertParticipant(app.db, request.params.chatId, identity.id);
+		await assertParticipant(app.db, request.params.chatId, identity.uuid);
 		const detail = await getChatDetail(app.db, request.params.chatId);
 		return {
 			...serializeChat(detail),
@@ -4690,7 +4192,7 @@ async function agentChatRoutes(app) {
 	app.post("/:chatId/participants", async (request, reply) => {
 		const identity = requireAgent(request);
 		const body = addParticipantSchema.parse(request.body);
-		const participants = await addParticipant(app.db, request.params.chatId, identity.id, body);
+		const participants = await addParticipant(app.db, request.params.chatId, identity.uuid, body);
 		return reply.status(201).send(participants.map((p) => ({
 			...p,
 			joinedAt: p.joinedAt.toISOString()
@@ -4698,20 +4200,10 @@ async function agentChatRoutes(app) {
 	});
 	app.delete("/:chatId/participants/:agentId", async (request, reply) => {
 		const identity = requireAgent(request);
-		await removeParticipant(app.db, request.params.chatId, identity.id, request.params.agentId);
+		await removeParticipant(app.db, request.params.chatId, identity.uuid, request.params.agentId);
 		return reply.status(204).send();
 	});
 }
-async function agentContextTreeRoutes(app) {
-	app.get("/", async (_request, reply) => {
-		const { repo, branch } = app.config.contextTree;
-		if (!repo) return reply.status(404).send({ error: "Context Tree not configured" });
-		return reply.send({
-			repo,
-			branch
-		});
-	});
-}
 async function agentFeishuBotRoutes(app) {
 	/**
 	* PUT /agent/me/feishu-bot
@@ -4720,8 +4212,8 @@ async function agentFeishuBotRoutes(app) {
 	app.put("/me/feishu-bot", async (request, reply) => {
 		const identity = requireAgent(request);
 		const body = selfServiceFeishuBotSchema.parse(request.body);
-		if ((await getAgent(app.db, identity.id)).type === "human") throw new BadRequestError("Human agents cannot bind Feishu bots. Use bind-user instead.");
-		const current = (await listAdapterConfigs(app.db)).find((c) => c.agentId === identity.id && c.platform === "feishu");
+		if ((await getAgent(app.db, identity.uuid)).type === "human") throw new BadRequestError("Human agents cannot bind Feishu bots. Use bind-user instead.");
+		const current = (await listAdapterConfigs(app.db)).find((c) => c.agentId === identity.uuid && c.platform === "feishu");
 		let config;
 		if (current) config = await updateAdapterConfig(app.db, current.id, {
 			credentials: {
@@ -4732,7 +4224,7 @@ async function agentFeishuBotRoutes(app) {
 		}, app.config.secrets.encryptionKey);
 		else config = await createAdapterConfig(app.db, {
 			platform: "feishu",
-			agentId: identity.id,
+			agentId: identity.uuid,
 			credentials: {
 				app_id: body.appId,
 				app_secret: body.appSecret
@@ -4753,7 +4245,7 @@ async function agentFeishuBotRoutes(app) {
 	*/
 	app.delete("/me/feishu-bot", async (request, reply) => {
 		const identity = requireAgent(request);
-		const current = (await listAdapterConfigs(app.db)).find((c) => c.agentId === identity.id && c.platform === "feishu");
+		const current = (await listAdapterConfigs(app.db)).find((c) => c.agentId === identity.uuid && c.platform === "feishu");
 		if (!current) return reply.status(204).send();
 		await deleteAdapterConfig(app.db, current.id);
 		app.adapterManager.reload().catch((err) => app.log.error(err, "Adapter reload failed after self-service unbind"));
@@ -4772,7 +4264,7 @@ async function agentFeishuUserRoutes(app) {
 		const body = delegateFeishuUserSchema.parse(request.body);
 		const humanAgent = await getAgent(app.db, humanAgentId);
 		if (humanAgent.type !== "human") throw new BadRequestError(`Agent "${humanAgentId}" is not a human agent`);
-		if (humanAgent.delegateMention !== identity.id) throw new ForbiddenError(`Agent "${identity.id}" is not the delegate of "${humanAgentId}". Expected delegate_mention="${identity.id}" but found "${humanAgent.delegateMention ?? "(none)"}".`);
+		if (humanAgent.delegateMention !== identity.uuid) throw new ForbiddenError(`Agent "${identity.uuid}" is not the delegate of "${humanAgentId}". Expected delegate_mention="${identity.uuid}" but found "${humanAgent.delegateMention ?? "(none)"}".`);
 		const mapping = await createAgentMapping(app.db, {
 			platform: "feishu",
 			externalUserId: body.feishuUserId,
@@ -4797,7 +4289,7 @@ async function agentFeishuUserRoutes(app) {
 	app.delete("/:humanAgentId/feishu-user", async (request, reply) => {
 		const identity = requireAgent(request);
 		const { humanAgentId } = request.params;
-		if ((await getAgent(app.db, humanAgentId)).delegateMention !== identity.id) throw new ForbiddenError(`Agent "${identity.id}" is not the delegate of "${humanAgentId}"`);
+		if ((await getAgent(app.db, humanAgentId)).delegateMention !== identity.uuid) throw new ForbiddenError(`Agent "${identity.uuid}" is not the delegate of "${humanAgentId}"`);
 		await app.db.delete(adapterAgentMappings).where(and(eq(adapterAgentMappings.platform, "feishu"), eq(adapterAgentMappings.agentId, humanAgentId)));
 		return reply.status(204).send();
 	});
@@ -4906,7 +4398,7 @@ async function agentInboxRoutes(app) {
 async function agentMeRoutes(app) {
 	app.get("/me", async (request) => {
 		const identity = requireAgent(request);
-		const agent = await getAgent(app.db, identity.id);
+		const agent = await getAgent(app.db, identity.uuid);
 		return {
 			...agent,
 			createdAt: agent.createdAt.toISOString(),
@@ -4921,9 +4413,9 @@ const editMessageSchema = z.object({
 async function agentMessageRoutes(app) {
 	app.post("/:chatId/messages", async (request, reply) => {
 		const identity = requireAgent(request);
-		await assertParticipant(app.db, request.params.chatId, identity.id);
+		await assertParticipant(app.db, request.params.chatId, identity.uuid);
 		const body = sendMessageSchema.parse(request.body);
-		const { message: msg, recipients } = await sendMessage(app.db, request.params.chatId, identity.id, body);
+		const { message: msg, recipients } = await sendMessage(app.db, request.params.chatId, identity.uuid, body);
 		notifyRecipients(app.notifier, recipients, msg.id);
 		return reply.status(201).send({
 			...msg,
@@ -4932,9 +4424,9 @@ async function agentMessageRoutes(app) {
 	});
 	app.patch("/:chatId/messages/:messageId", async (request) => {
 		const identity = requireAgent(request);
-		await assertParticipant(app.db, request.params.chatId, identity.id);
+		await assertParticipant(app.db, request.params.chatId, identity.uuid);
 		const body = editMessageSchema.parse(request.body);
-		const msg = await editMessage(app.db, request.params.chatId, request.params.messageId, identity.id, body);
+		const msg = await editMessage(app.db, request.params.chatId, request.params.messageId, identity.uuid, body);
 		app.adapterManager.editOutboundMessage(msg.id, msg.format, msg.content).catch((err) => app.log.error({
 			err,
 			messageId: msg.id
@@ -4946,7 +4438,7 @@ async function agentMessageRoutes(app) {
 	});
 	app.get("/:chatId/messages", async (request) => {
 		const identity = requireAgent(request);
-		await assertParticipant(app.db, request.params.chatId, identity.id);
+		await assertParticipant(app.db, request.params.chatId, identity.uuid);
 		const query = paginationQuerySchema.parse(request.query);
 		const result = await listMessages(app.db, request.params.chatId, query.limit, query.cursor);
 		return {
@@ -4959,10 +4451,10 @@ async function agentMessageRoutes(app) {
 	});
 }
 async function agentSendToAgentRoutes(app) {
-	app.post("/:agentId/messages", async (request, reply) => {
+	app.post("/:name/messages", async (request, reply) => {
 		const identity = requireAgent(request);
 		const body = sendToAgentSchema.parse(request.body);
-		const { message: msg, recipients } = await sendToAgent(app.db, identity.id, request.params.agentId, body);
+		const { message: msg, recipients } = await sendToAgent(app.db, identity.uuid, request.params.name, body);
 		notifyRecipients(app.notifier, recipients, msg.id);
 		return reply.status(201).send({
 			...msg,
@@ -4978,35 +4470,54 @@ function agentWsRoutes(notifier, instanceId) {
 				socket.close(4001, "Unauthorized");
 				return;
 			}
-			if (hasActiveConnection(agent.id)) {
+			if (hasActiveConnection(agent.uuid)) {
 				socket.close(WS_CLOSE_ALREADY_CONNECTED, "Agent already connected");
 				return;
 			}
 			const inboxId = agent.inboxId;
-			await setOnline(app.db, agent.id, instanceId);
-			setConnection(agent.id, socket);
+			await setOnline(app.db, agent.uuid, instanceId);
+			setConnection(agent.uuid, socket);
 			notifier.subscribe(inboxId, socket);
 			socket.on("close", async () => {
 				notifier.unsubscribe(inboxId, socket);
-				if (removeConnection(agent.id, socket)) try {
-					await setOffline(app.db, agent.id);
+				if (removeConnection(agent.uuid, socket)) try {
+					await setOffline(app.db, agent.uuid);
 				} catch {}
 			});
 		});
 	};
 }
+async function bootstrapConfigRoutes(app) {
+	/** Public endpoint — returns bootstrap prerequisites for CLI auto-discovery. */
+	app.get("/config", async () => {
+		return { allowedOrg: app.config.github.allowedOrg ?? null };
+	});
+}
 async function bootstrapRoutes(app) {
 	/**
-	* POST /bootstrap/:agentId/token
+	* POST /bootstrap/:name/token
 	* GitHub identity → Agent token.
+	* Auto-creates the agent if it does not exist.
 	* Only works when the agent has no active tokens.
 	*/
-	app.post("/:agentId/token", async (request, reply) => {
-		const { agentId } = request.params;
+	app.post("/:name/token", async (request, reply) => {
+		const { name } = request.params;
 		const githubUser = request.githubUser;
 		if (!githubUser) throw new ForbiddenError("GitHub authentication required");
+		const allowedOrg = app.config.github.allowedOrg;
+		if (!allowedOrg) throw new ForbiddenError("FIRST_TREE_HUB_GITHUB_ALLOWED_ORG is not configured. Agent registration is disabled.");
+		const githubToken = request.headers["x-github-token"];
+		if (!githubToken || typeof githubToken !== "string") throw new ForbiddenError("Missing GitHub token for org membership check");
+		if (!await checkGitHubOrgMembership(githubToken, allowedOrg)) throw new ForbiddenError(`GitHub user "${githubUser.username}" is not a member of organization "${allowedOrg}"`);
 		const body = bootstrapTokenRequestSchema.parse(request.body ?? {});
-		const result = await bootstrapToken(app.db, agentId, githubUser.username, body.name);
+		const result = await bootstrapToken(app.db, name, "default", githubUser.username, {
+			tokenName: body.name,
+			type: body.type,
+			displayName: body.displayName,
+			delegateMention: body.delegateMention,
+			profile: body.profile,
+			metadata: body.metadata
+		});
 		return reply.status(201).send({
 			id: result.id,
 			agentId: result.agentId,
@@ -5017,16 +4528,16 @@ async function bootstrapRoutes(app) {
 		});
 	});
 	/**
-	* GET /bootstrap/:agentId/status
-	* Check if an agent exists and its status (for polling after PR merge + sync).
+	* GET /bootstrap/:name/status
+	* Check if an agent exists and its status (for polling).
 	*/
-	app.get("/:agentId/status", async (request) => {
-		const { agentId } = request.params;
+	app.get("/:name/status", async (request) => {
+		const { name } = request.params;
 		const githubUser = request.githubUser;
 		if (!githubUser) throw new ForbiddenError("GitHub authentication required");
 		try {
-			const agent = await getAgent(app.db, agentId);
-			if (!(Array.isArray(agent.metadata?.owners) ? agent.metadata.owners : []).includes(githubUser.username)) throw new ForbiddenError(`GitHub user "${githubUser.username}" is not in the owners list for agent "${agentId}"`);
+			const agent = await getAgentByName(app.db, "default", name);
+			if (!(Array.isArray(agent.metadata?.owners) ? agent.metadata.owners : []).includes(githubUser.username)) throw new ForbiddenError(`GitHub user "${githubUser.username}" is not in the owners list for agent "${name}"`);
 			return {
 				exists: true,
 				status: agent.status
@@ -5043,11 +4554,9 @@ async function bootstrapRoutes(app) {
 async function contextTreeInfoRoutes(app) {
 	/** Public endpoint — returns Context Tree repo metadata for CLI auto-discovery. */
 	app.get("/info", async () => {
-		const { repo, branch } = app.config.contextTree;
 		return {
-			repo,
-			branch,
-			lastSync: null
+			repo: app.config.contextTree?.repo ?? null,
+			branch: app.config.contextTree?.branch ?? null
 		};
 	});
 }
@@ -5093,34 +4602,35 @@ function verifySignature(secret, rawBody, signatureHeader) {
 	if (expectedBuf.length !== receivedBuf.length || !timingSafeEqual(expectedBuf, receivedBuf)) throw new UnauthorizedError("Invalid webhook signature");
 }
 async function ensureGitHubAdapterAgent(db) {
-	const [existing] = await db.select({ id: agents.id }).from(agents).where(eq(agents.id, GITHUB_ADAPTER_ID)).limit(1);
-	if (existing) return existing.id;
+	const [existing] = await db.select({ uuid: agents.uuid }).from(agents).where(and(eq(agents.organizationId, "default"), eq(agents.name, GITHUB_ADAPTER_ID))).limit(1);
+	if (existing) return existing.uuid;
 	try {
 		return (await createAgent(db, {
-			id: GITHUB_ADAPTER_ID,
+			name: GITHUB_ADAPTER_ID,
 			type: "autonomous_agent",
 			displayName: "GitHub Adapter",
 			metadata: {
 				source: "github",
 				managed: true
 			}
-		})).id;
+		})).uuid;
 	} catch (err) {
 		if (err instanceof ConflictError) {
-			const [created] = await db.select({ id: agents.id }).from(agents).where(eq(agents.id, GITHUB_ADAPTER_ID)).limit(1);
-			if (created) return created.id;
+			const [created] = await db.select({ uuid: agents.uuid }).from(agents).where(and(eq(agents.organizationId, "default"), eq(agents.name, GITHUB_ADAPTER_ID))).limit(1);
+			if (created) return created.uuid;
 		}
 		throw err;
 	}
 }
 async function findTargetAgent(db, repoFullName) {
 	const allAgents = await db.select({
-		id: agents.id,
+		id: agents.uuid,
+		name: agents.name,
 		metadata: agents.metadata,
 		type: agents.type
 	}).from(agents).where(eq(agents.status, "active"));
 	for (const agent of allAgents) {
-		if (agent.id === GITHUB_ADAPTER_ID) continue;
+		if (agent.name === GITHUB_ADAPTER_ID) continue;
 		const meta = agent.metadata;
 		if (meta && typeof meta === "object" && "github" in meta) {
 			const github = meta.github;
@@ -5155,27 +4665,29 @@ function extractMentions(text) {
 async function routeMentionDelegations(app, mentionedNames, ctx) {
 	if (mentionedNames.length === 0) return 0;
 	const delegates = await app.db.select({
-		id: agents.id,
+		id: agents.uuid,
+		name: agents.name,
 		delegateMention: agents.delegateMention,
 		status: agents.status
-	}).from(agents).where(and(inArray(agents.id, mentionedNames), isNotNull(agents.delegateMention)));
+	}).from(agents).where(and(inArray(agents.name, mentionedNames), isNotNull(agents.delegateMention)));
 	let routed = 0;
 	for (const agent of delegates) {
 		if (agent.status !== "active" || !agent.delegateMention) continue;
 		const [target] = await app.db.select({
-			id: agents.id,
+			id: agents.uuid,
 			status: agents.status
-		}).from(agents).where(eq(agents.id, agent.delegateMention)).limit(1);
+		}).from(agents).where(eq(agents.uuid, agent.delegateMention)).limit(1);
 		if (!target || target.status !== "active") {
-			app.log.warn(`delegate_mention target "${agent.delegateMention}" for "${agent.id}" is not active, skipping`);
+			app.log.warn(`delegate_mention target "${agent.delegateMention}" for "${agent.name}" is not active, skipping`);
 			continue;
 		}
 		try {
-			const { message: msg, recipients } = await sendToAgent(app.db, agent.id, agent.delegateMention, {
+			const chat = await findOrCreateDirectChat(app.db, agent.id, agent.delegateMention);
+			const { message: msg, recipients } = await sendMessage(app.db, chat.id, agent.id, {
 				format: "card",
 				content: {
 					type: "github_mention",
-					mentionedUser: agent.id,
+					mentionedUser: agent.name,
 					event: ctx.event,
 					repository: ctx.repository,
 					sender: ctx.sender,
@@ -5186,13 +4698,13 @@ async function routeMentionDelegations(app, mentionedNames, ctx) {
 				metadata: {
 					source: "github",
 					event: "mention_delegation",
-					mentionedUser: agent.id
+					mentionedUser: agent.name
 				}
 			});
 			notifyRecipients(app.notifier, recipients, msg.id);
 			routed++;
 		} catch (err) {
-			app.log.error(err, `Failed to route mention delegation from "${agent.id}" to "${agent.delegateMention}"`);
+			app.log.error(err, `Failed to route mention delegation from "${agent.name}" to "${agent.delegateMention}"`);
 		}
 	}
 	return routed;
@@ -5480,7 +4992,8 @@ async function handleIssuesEvent(app, eventType, payload, reply) {
 		event: "issues",
 		action: data.action
 	};
-	const { message: msg, recipients } = await sendToAgent(app.db, senderId, targetAgentId, {
+	const chat = await findOrCreateDirectChat(app.db, senderId, targetAgentId);
+	const { message: msg, recipients } = await sendMessage(app.db, chat.id, senderId, {
 		format: "card",
 		content,
 		metadata
@@ -5535,7 +5048,8 @@ async function handleIssueCommentEvent(app, eventType, payload, reply) {
 		event: "issue_comment",
 		action: data.action
 	};
-	const { message: msg, recipients } = await sendToAgent(app.db, senderId, targetAgentId, {
+	const chat = await findOrCreateDirectChat(app.db, senderId, targetAgentId);
+	const { message: msg, recipients } = await sendMessage(app.db, chat.id, senderId, {
 		format: "card",
 		content,
 		metadata
@@ -5609,10 +5123,11 @@ function agentAuthHook(db) {
 		const [tokenDetail] = await db.select({ expiresAt: agentTokens.expiresAt }).from(agentTokens).where(eq(agentTokens.id, tokenRow.tokenId)).limit(1);
 		if (tokenDetail?.expiresAt && tokenDetail.expiresAt < now) throw new UnauthorizedError("Token has expired");
 		const [agent] = await db.select({
-			id: agents.id,
+			uuid: agents.uuid,
+			name: agents.name,
 			organizationId: agents.organizationId,
 			inboxId: agents.inboxId
-		}).from(agents).where(and(eq(agents.id, tokenRow.agentId), eq(agents.status, "active"))).limit(1);
+		}).from(agents).where(and(eq(agents.uuid, tokenRow.agentId), eq(agents.status, "active"))).limit(1);
 		if (!agent) throw new UnauthorizedError("Agent is suspended or not found");
 		db.update(agentTokens).set({ lastUsedAt: now }).where(eq(agentTokens.id, tokenRow.tokenId)).then(() => {}, () => {});
 		request.agent = agent;
@@ -5971,10 +5486,10 @@ async function handleBindCommand(db, bot, event, agentId, log) {
 		return;
 	}
 	const [agent] = await db.select({
-		id: agents.id,
+		id: agents.uuid,
 		type: agents.type,
 		status: agents.status
-	}).from(agents).where(eq(agents.id, agentId)).limit(1);
+	}).from(agents).where(eq(agents.uuid, agentId)).limit(1);
 	if (!agent) {
 		await reply(`Agent "${agentId}" not found. Check the ID and try again.`);
 		return;
@@ -6030,7 +5545,7 @@ async function processFeishuOutbound(db, findBotByAgentId, log) {
     WHERE id IN (
       SELECT ie.id FROM inbox_entries ie
       JOIN agents a ON ie.inbox_id = a.inbox_id
-      JOIN adapter_agent_mappings aam ON a.id = aam.agent_id
+      JOIN adapter_agent_mappings aam ON a.uuid = aam.agent_id
       WHERE aam.platform = 'feishu' AND ie.status = 'pending'
       ORDER BY ie.created_at
       LIMIT ${OUTBOUND_BATCH_SIZE$1}
@@ -6221,8 +5736,8 @@ function createKaelRuntime(db, encryptionKey, kaelEndpoint, kaelApiKey, serverUr
 			}
 			const configs = await db.select().from(adapterConfigs).where(and(eq(adapterConfigs.platform, "kael"), eq(adapterConfigs.status, "active")));
 			const configAgentIds = configs.filter((c) => c.credentials).map((c) => c.agentId);
-			const agentRows = configAgentIds.length > 0 ? await db.execute(sql`SELECT id, inbox_id FROM agents WHERE id IN (${sql.join(configAgentIds.map((id) => sql`${id}`), sql`, `)}) AND status = 'active'`) : [];
-			const agentInboxMap = new Map(agentRows.map((a) => [a.id, a.inbox_id]));
+			const agentRows = configAgentIds.length > 0 ? await db.execute(sql`SELECT uuid, inbox_id FROM agents WHERE uuid IN (${sql.join(configAgentIds.map((id) => sql`${id}`), sql`, `)}) AND status = 'active'`) : [];
+			const agentInboxMap = new Map(agentRows.map((a) => [a.uuid, a.inbox_id]));
 			const seen = /* @__PURE__ */ new Set();
 			for (const config of configs) {
 				if (!config.credentials) continue;
@@ -6282,10 +5797,10 @@ function createKaelRuntime(db, encryptionKey, kaelEndpoint, kaelApiKey, serverUr
           WHERE id IN (
             SELECT ie.id FROM inbox_entries ie
             JOIN agents a ON ie.inbox_id = a.inbox_id
-            JOIN adapter_configs ac ON a.id = ac.agent_id
+            JOIN adapter_configs ac ON a.uuid = ac.agent_id
             WHERE ac.platform = 'kael' AND ac.status = 'active'
               AND ie.status = 'pending'
-              AND a.id IN (${sql.join(agentIds.map((id) => sql`${id}`), sql`, `)})
+              AND a.uuid IN (${sql.join(agentIds.map((id) => sql`${id}`), sql`, `)})
             ORDER BY ie.created_at
             LIMIT ${OUTBOUND_BATCH_SIZE}
             FOR UPDATE OF ie SKIP LOCKED
@@ -6420,6 +5935,7 @@ async function buildApp(config) {
 		await api.register(githubWebhookRoutes, { prefix: "/webhooks" });
 		await api.register(adminAuthRoutes, { prefix: "/admin/auth" });
 		await api.register(contextTreeInfoRoutes, { prefix: "/context-tree" });
+		await api.register(bootstrapConfigRoutes, { prefix: "/bootstrap" });
 		await api.register(async (bootstrapApp) => {
 			bootstrapApp.addHook("onRequest", githubAuth);
 			await bootstrapApp.register(bootstrapRoutes);
@@ -6428,10 +5944,6 @@ async function buildApp(config) {
 			adminApp.addHook("onRequest", adminAuth);
 			await adminApp.register(adminAgentRoutes);
 		}, { prefix: "/admin/agents" });
-		await api.register(async (adminApp) => {
-			adminApp.addHook("onRequest", adminAuth);
-			await adminApp.register(adminAgentSyncRoutes);
-		}, { prefix: "/admin/agents/sync" });
 		await api.register(async (adminApp) => {
 			adminApp.addHook("onRequest", adminAuth);
 			await adminApp.register(adminSystemConfigRoutes);
@@ -6467,7 +5979,6 @@ async function buildApp(config) {
 			await agentApp.register(agentMessageRoutes, { prefix: "/chats" });
 			await agentApp.register(agentSendToAgentRoutes, { prefix: "/agents" });
 			await agentApp.register(agentInboxRoutes, { prefix: "/inbox" });
-			await agentApp.register(agentContextTreeRoutes, { prefix: "/context-tree" });
 			await agentApp.register(agentFeishuBotRoutes);
 			await agentApp.register(agentFeishuUserRoutes, { prefix: "/delegated" });
 			await agentApp.register(agentWsRoutes(notifier, config.instanceId), { prefix: "/ws" });
@@ -6503,19 +6014,6 @@ async function buildApp(config) {
 		backgroundTasks.start();
 		await adapterManager.reload();
 		await kaelRuntime?.reload();
-		const { repo: ctRepo, branch: ctBranch, syncInterval } = config.contextTree;
-		const { token: ghToken } = config.github;
-		try {
-			const report = await syncFromGitHub(db, ctRepo, ctBranch, ghToken);
-			app.log.info(`Context Tree sync: created=${report.created} updated=${report.updated} unchanged=${report.unchanged} errors=${report.errors}`);
-		} catch (err) {
-			app.log.error(err, "Initial Context Tree sync failed");
-		}
-		const intervalMs = syncInterval * 1e3;
-		const timer = setInterval(() => {
-			syncFromGitHub(db, ctRepo, ctBranch, ghToken).catch((err) => app.log.error(err, "Periodic Context Tree sync failed"));
-		}, intervalMs);
-		app.addHook("onClose", async () => clearInterval(timer));
 	});
 	app.addHook("onClose", async () => {
 		backgroundTasks.stop();
@@ -6635,4 +6133,4 @@ function resolveWebDist() {
 	} catch {}
 }
 //#endregion
-export { ClientRuntime as A, checkWebSocket as C, ensurePostgres as D, status as E, SessionRegistry as F, cleanWorkspaces as I, hasAdminUser as M, FirstTreeHubSDK as N, isDockerAvailable as O, SdkError as P, checkServerReachable as S, blank as T, checkDocker as _, formatCheckReport as a, checkServerConfig as b, onboardContinue as c, runMigrations as d, checkAgentConfigs as f, checkDatabase as g, checkContextTreeRepo as h, promptMissingFields as i, createAdminUser$1 as j, stopPostgres as k, onboardCreate as l, checkClientConfig as m, isInteractive as n, loadOnboardState as o, checkAgentTokens as p, promptAddAgent as r, onboardCheck as s, startServer as t, saveOnboardState as u, checkGitHubToken as v, printResults as w, checkServerHealth as x, checkNodeVersion as y };
+export { createAdminUser$1 as A, printResults as C, isDockerAvailable as D, ensurePostgres as E, cleanWorkspaces as F, FirstTreeHubSDK as M, SdkError as N, stopPostgres as O, SessionRegistry as P, checkWebSocket as S, status as T, checkGitHubToken as _, formatCheckReport as a, checkServerHealth as b, onboardCreate as c, checkAgentConfigs as d, checkAgentTokens as f, checkDocker as g, checkDatabase as h, promptMissingFields as i, hasAdminUser as j, ClientRuntime as k, saveOnboardState as l, checkContextTreeRepo as m, isInteractive as n, loadOnboardState as o, checkClientConfig as p, promptAddAgent as r, onboardCheck as s, startServer as t, runMigrations as u, checkNodeVersion as v, blank as w, checkServerReachable as x, checkServerConfig as y };