@agenticmail/mcp 0.3.0

package/dist/index.js

@@ -0,0 +1,2106 @@
+#!/usr/bin/env node
+
+// src/index.ts
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+
+// src/pending-followup.ts
+var STEP_DELAYS_MS = [
+  12 * 36e5,
+  //  0 → 12 hours
+  6 * 36e5,
+  //  1 →  6 hours
+  3 * 36e5,
+  //  2 →  3 hours
+  1 * 36e5
+  //  3 →  1 hour  (final before cooldown)
+];
+var COOLDOWN_MS = 3 * 24 * 36e5;
+var HEARTBEAT_INTERVAL_MS = 5 * 6e4;
+var tracked = /* @__PURE__ */ new Map();
+var queue = [];
+var heartbeatTimer = null;
+function scheduleFollowUp(pendingId, recipient, subject, checkFn) {
+  if (tracked.has(pendingId)) return;
+  arm(pendingId, recipient, subject, checkFn, 0, 0);
+  startHeartbeat();
+}
+function drainFollowUps() {
+  if (queue.length === 0) return [];
+  const items = [...queue];
+  queue.length = 0;
+  return items;
+}
+function cancelFollowUp(pendingId) {
+  const entry = tracked.get(pendingId);
+  if (entry) {
+    clearTimeout(entry.timer);
+    tracked.delete(pendingId);
+  }
+}
+function arm(pendingId, recipient, subject, checkFn, step, cycle) {
+  const delayMs = step < STEP_DELAYS_MS.length ? STEP_DELAYS_MS[step] : COOLDOWN_MS;
+  const timer = setTimeout(() => fire(pendingId), delayMs);
+  timer.unref();
+  tracked.set(pendingId, { pendingId, recipient, subject, checkFn, step, cycle, timer });
+}
+async function fire(pendingId) {
+  const entry = tracked.get(pendingId);
+  if (!entry) return;
+  try {
+    const stillPending = await entry.checkFn();
+    if (!stillPending) {
+      tracked.delete(pendingId);
+      return;
+    }
+  } catch {
+  }
+  const { recipient, subject, step, cycle, checkFn } = entry;
+  const isFinal = step === STEP_DELAYS_MS.length - 1;
+  const isPostCooldown = step >= STEP_DELAYS_MS.length;
+  let message;
+  if (isPostCooldown) {
+    const totalDays = 3 * (cycle + 1);
+    message = [
+      `[FOLLOW-UP REMINDER \u2014 cycle ${cycle + 2}]`,
+      `Your blocked email to ${recipient} (subject: "${subject}") has been pending for over ${totalDays} days.`,
+      `Starting a new follow-up cycle. Please remind your owner that this email still needs their review.`,
+      `Pending ID: ${pendingId}`
+    ].join("\n");
+  } else if (isFinal) {
+    message = [
+      `[FINAL FOLLOW-UP]`,
+      `Your blocked email to ${recipient} (subject: "${subject}") is STILL pending approval.`,
+      `This is the last reminder before a 3-day cooldown. Please urgently remind your owner.`,
+      `Let them know you will not follow up again for 3 days unless they respond.`,
+      `Pending ID: ${pendingId}`
+    ].join("\n");
+  } else {
+    const nextDelayH = STEP_DELAYS_MS[step + 1] / 36e5;
+    message = [
+      `[FOLLOW-UP REMINDER ${step + 1}/${STEP_DELAYS_MS.length}]`,
+      `Your blocked email to ${recipient} (subject: "${subject}") is still pending owner approval.`,
+      `Please follow up with your owner \u2014 ask if they've reviewed the notification email.`,
+      `Next reminder in ${nextDelayH} hour${nextDelayH !== 1 ? "s" : ""}.`,
+      `Pending ID: ${pendingId}`
+    ].join("\n");
+  }
+  queue.push({
+    pendingId,
+    recipient,
+    subject,
+    attempt: isPostCooldown ? 1 : step + 1,
+    isFinalBeforeCooldown: isFinal,
+    message
+  });
+  if (isPostCooldown) {
+    arm(pendingId, recipient, subject, checkFn, 0, cycle + 1);
+  } else {
+    arm(pendingId, recipient, subject, checkFn, step + 1, cycle);
+  }
+}
+function startHeartbeat() {
+  if (heartbeatTimer) return;
+  heartbeatTimer = setInterval(heartbeat, HEARTBEAT_INTERVAL_MS);
+  heartbeatTimer.unref();
+}
+function stopHeartbeat() {
+  if (heartbeatTimer) {
+    clearInterval(heartbeatTimer);
+    heartbeatTimer = null;
+  }
+}
+async function heartbeat() {
+  if (tracked.size === 0) {
+    stopHeartbeat();
+    return;
+  }
+  for (const [pendingId, entry] of tracked) {
+    try {
+      const stillPending = await entry.checkFn();
+      if (!stillPending) {
+        clearTimeout(entry.timer);
+        tracked.delete(pendingId);
+      }
+    } catch {
+    }
+  }
+  if (tracked.size === 0) stopHeartbeat();
+}
+
+// src/tools.ts
+var API_URL = process.env.AGENTICMAIL_API_URL ?? "http://127.0.0.1:3100";
+var API_KEY = process.env.AGENTICMAIL_API_KEY ?? "";
+var MASTER_KEY = process.env.AGENTICMAIL_MASTER_KEY ?? "";
+if (!API_KEY && !MASTER_KEY) {
+  console.error("[agenticmail-mcp] Warning: Neither AGENTICMAIL_API_KEY nor AGENTICMAIL_MASTER_KEY is set");
+}
+function makePendingCheck(pendingId) {
+  return async () => {
+    try {
+      const res = await fetch(`${API_URL}/api/agenticmail/mail/pending/${encodeURIComponent(pendingId)}`, {
+        headers: { "Authorization": `Bearer ${API_KEY}` },
+        signal: AbortSignal.timeout(1e4)
+      });
+      if (!res.ok) return false;
+      const data = await res.json();
+      return data?.status === "pending";
+    } catch {
+      return true;
+    }
+  };
+}
+function withReminders(text) {
+  const reminders = drainFollowUps();
+  if (reminders.length === 0) return text;
+  return text + "\n\n" + reminders.map((r) => r.message).join("\n\n");
+}
+async function apiRequest(method, path, body, useMasterKey = false, timeoutMs = 3e4) {
+  const key = useMasterKey && MASTER_KEY ? MASTER_KEY : API_KEY;
+  if (!key) {
+    throw new Error(useMasterKey ? "Master key is required for this operation. Set AGENTICMAIL_MASTER_KEY." : "API key is not configured. Set AGENTICMAIL_API_KEY.");
+  }
+  const headers = { "Authorization": `Bearer ${key}` };
+  if (body !== void 0) headers["Content-Type"] = "application/json";
+  const response = await fetch(`${API_URL}/api/agenticmail${path}`, {
+    method,
+    headers,
+    body: body ? JSON.stringify(body) : void 0,
+    signal: AbortSignal.timeout(timeoutMs)
+  });
+  if (!response.ok) {
+    let text;
+    try {
+      text = await response.text();
+    } catch {
+      text = "(could not read response body)";
+    }
+    throw new Error(`API error ${response.status}: ${text}`);
+  }
+  const contentType = response.headers.get("content-type");
+  if (contentType?.includes("application/json")) {
+    try {
+      return await response.json();
+    } catch {
+      throw new Error(`API returned invalid JSON from ${path}`);
+    }
+  }
+  return null;
+}
+var toolDefinitions = [
+  {
+    name: "send_email",
+    description: "Send an email from the agent's mailbox. External emails are scanned for sensitive content. HIGH severity detections are BLOCKED and held for owner approval. Your owner will be notified and must approve blocked emails. You CANNOT bypass the outbound guard.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        to: { type: "string", description: "Recipient email address" },
+        subject: { type: "string", description: "Email subject line" },
+        text: { type: "string", description: "Plain text body" },
+        html: { type: "string", description: "HTML body (optional)" },
+        cc: { type: "string", description: "CC recipients (optional)" },
+        inReplyTo: { type: "string", description: "Message-ID to reply to (optional)" },
+        references: {
+          type: "array",
+          items: { type: "string" },
+          description: "Message-IDs for threading (optional)"
+        },
+        attachments: {
+          type: "array",
+          items: {
+            type: "object",
+            properties: {
+              filename: { type: "string", description: "Attachment filename" },
+              content: { type: "string", description: "File content as text string (for text files) or base64-encoded string (for binary files)" },
+              contentType: { type: "string", description: "MIME type (e.g. text/plain, application/pdf)" },
+              encoding: { type: "string", description: 'Set to "base64" only if content is base64-encoded' }
+            },
+            required: ["filename", "content"]
+          },
+          description: "File attachments"
+        }
+      },
+      required: ["to", "subject"]
+    }
+  },
+  {
+    name: "list_inbox",
+    description: "List recent emails in the agent's inbox",
+    inputSchema: {
+      type: "object",
+      properties: {
+        limit: { type: "number", description: "Maximum number of messages to return (default: 20)" },
+        offset: { type: "number", description: "Number of messages to skip (default: 0)" }
+      }
+    }
+  },
+  {
+    name: "read_email",
+    description: "Read the full content of a specific email by its UID",
+    inputSchema: {
+      type: "object",
+      properties: {
+        uid: { type: "number", description: "The UID of the email to read" }
+      },
+      required: ["uid"]
+    }
+  },
+  {
+    name: "delete_email",
+    description: "Delete an email by its UID",
+    inputSchema: {
+      type: "object",
+      properties: {
+        uid: { type: "number", description: "The UID of the email to delete" }
+      },
+      required: ["uid"]
+    }
+  },
+  {
+    name: "search_emails",
+    description: "Search emails by criteria (from, to, subject, text, date range). By default searches the local inbox only. Set searchRelay=true to also search the connected Gmail/Outlook account \u2014 results include relay UIDs that can be imported with import_relay_email.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        from: { type: "string", description: "Filter by sender address" },
+        to: { type: "string", description: "Filter by recipient address" },
+        subject: { type: "string", description: "Filter by subject keyword" },
+        text: { type: "string", description: "Search body text" },
+        since: { type: "string", description: "Messages since date (ISO 8601)" },
+        before: { type: "string", description: "Messages before date (ISO 8601)" },
+        seen: { type: "boolean", description: "Filter by read/unread status" },
+        searchRelay: { type: "boolean", description: "Also search the connected Gmail/Outlook account (default: false). Use this to find past emails from the user's main inbox." }
+      }
+    }
+  },
+  {
+    name: "import_relay_email",
+    description: "Import an email from the connected Gmail/Outlook account into the agent's local inbox. This downloads the full message with all headers (Message-ID, In-Reply-To, References) so you can continue the thread using reply_email. Use search_emails with searchRelay=true first to find the relay UID.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        uid: { type: "number", description: "The relay UID of the email to import (from search_emails relay results)" }
+      },
+      required: ["uid"]
+    }
+  },
+  {
+    name: "reply_email",
+    description: "Reply to an email. Fetches the original message, auto-fills To, Subject (Re:), In-Reply-To, and References, then sends with quoted body. Outbound guard applies \u2014 HIGH severity content is held for review.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        uid: { type: "number", description: "UID of the email to reply to" },
+        text: { type: "string", description: "Your reply text" },
+        html: { type: "string", description: "HTML reply (optional)" },
+        replyAll: { type: "boolean", description: "Reply to all recipients (default: false)" }
+      },
+      required: ["uid", "text"]
+    }
+  },
+  {
+    name: "forward_email",
+    description: "Forward an email to another recipient. Outbound guard applies \u2014 HIGH severity content is held for review.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        uid: { type: "number", description: "UID of the email to forward" },
+        to: { type: "string", description: "Recipient to forward to" },
+        text: { type: "string", description: "Additional message (optional)" }
+      },
+      required: ["uid", "to"]
+    }
+  },
+  {
+    name: "move_email",
+    description: "Move an email to another folder (e.g., Trash, Archive)",
+    inputSchema: {
+      type: "object",
+      properties: {
+        uid: { type: "number", description: "UID of the email to move" },
+        to: { type: "string", description: "Destination folder (e.g., Trash, Archive)" },
+        from: { type: "string", description: "Source folder (default: INBOX)" }
+      },
+      required: ["uid", "to"]
+    }
+  },
+  {
+    name: "mark_unread",
+    description: "Mark an email as unread",
+    inputSchema: {
+      type: "object",
+      properties: {
+        uid: { type: "number", description: "UID of the email" }
+      },
+      required: ["uid"]
+    }
+  },
+  {
+    name: "mark_read",
+    description: "Mark an email as read",
+    inputSchema: {
+      type: "object",
+      properties: {
+        uid: { type: "number", description: "UID of the email" }
+      },
+      required: ["uid"]
+    }
+  },
+  {
+    name: "list_folders",
+    description: "List all mail folders/mailboxes",
+    inputSchema: {
+      type: "object",
+      properties: {}
+    }
+  },
+  {
+    name: "list_folder",
+    description: "List messages in a specific folder",
+    inputSchema: {
+      type: "object",
+      properties: {
+        folder: { type: "string", description: "Folder path (e.g., INBOX, Trash, Sent)" },
+        limit: { type: "number", description: "Max messages (default: 20)" },
+        offset: { type: "number", description: "Skip messages (default: 0)" }
+      },
+      required: ["folder"]
+    }
+  },
+  {
+    name: "batch_delete",
+    description: "Delete multiple emails by UIDs",
+    inputSchema: {
+      type: "object",
+      properties: {
+        uids: { type: "array", items: { type: "number" }, description: "Array of UIDs to delete" },
+        folder: { type: "string", description: "Folder (default: INBOX)" }
+      },
+      required: ["uids"]
+    }
+  },
+  {
+    name: "batch_mark_read",
+    description: "Mark multiple emails as read",
+    inputSchema: {
+      type: "object",
+      properties: {
+        uids: { type: "array", items: { type: "number" }, description: "Array of UIDs to mark as read" },
+        folder: { type: "string", description: "Folder (default: INBOX)" }
+      },
+      required: ["uids"]
+    }
+  },
+  {
+    name: "manage_contacts",
+    description: "List, add, or delete contacts",
+    inputSchema: {
+      type: "object",
+      properties: {
+        action: { type: "string", enum: ["list", "add", "delete"], description: "Action to perform" },
+        email: { type: "string", description: "Contact email (for add)" },
+        name: { type: "string", description: "Contact name (for add)" },
+        id: { type: "string", description: "Contact ID (for delete)" }
+      },
+      required: ["action"]
+    }
+  },
+  {
+    name: "manage_drafts",
+    description: "List, create, update, send, or delete drafts",
+    inputSchema: {
+      type: "object",
+      properties: {
+        action: { type: "string", enum: ["list", "create", "update", "send", "delete"], description: "Action to perform" },
+        id: { type: "string", description: "Draft ID (for update/send/delete)" },
+        to: { type: "string", description: "Recipient (for create/update)" },
+        subject: { type: "string", description: "Subject (for create/update)" },
+        text: { type: "string", description: "Body text (for create/update)" }
+      },
+      required: ["action"]
+    }
+  },
+  {
+    name: "manage_scheduled",
+    description: 'Manage scheduled emails: create a new scheduled email, list pending ones, or cancel one. Accepts flexible time formats for create: ISO 8601, relative ("in 30 minutes"), named ("tomorrow 8am"), day-based ("next monday 9am"), or human-friendly ("02-14-2026 3:30 PM EST").',
+    inputSchema: {
+      type: "object",
+      properties: {
+        action: { type: "string", enum: ["create", "list", "cancel"], description: "Action to perform (default: create)" },
+        to: { type: "string", description: "Recipient email (for create)" },
+        subject: { type: "string", description: "Email subject (for create)" },
+        text: { type: "string", description: "Body text (for create)" },
+        sendAt: { type: "string", description: "When to send (for create)" },
+        id: { type: "string", description: "Scheduled email ID (for cancel)" }
+      },
+      required: ["action"]
+    }
+  },
+  {
+    name: "create_folder",
+    description: "Create a new mail folder for organizing emails",
+    inputSchema: {
+      type: "object",
+      properties: {
+        name: { type: "string", description: "Folder name (e.g., Projects, Clients, Newsletters)" }
+      },
+      required: ["name"]
+    }
+  },
+  {
+    name: "manage_tags",
+    description: "Create, list, delete tags, tag/untag messages, get messages by tag, or get all tags for a specific message.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        action: { type: "string", enum: ["list", "create", "delete", "tag_message", "untag_message", "get_messages", "get_message_tags"], description: "Action to perform" },
+        name: { type: "string", description: "Tag name (for create)" },
+        color: { type: "string", description: "Tag color hex code (for create, e.g. #ff0000)" },
+        id: { type: "string", description: "Tag ID (for delete, tag_message, untag_message, get_messages)" },
+        uid: { type: "number", description: "Message UID (for tag_message, untag_message)" },
+        folder: { type: "string", description: "Folder the message is in (default: INBOX)" }
+      },
+      required: ["action"]
+    }
+  },
+  {
+    name: "create_account",
+    description: "Create a new agent email account (requires master API key)",
+    inputSchema: {
+      type: "object",
+      properties: {
+        name: { type: "string", description: "Agent name (will be used as email local part)" },
+        domain: { type: "string", description: "Email domain (default: localhost)" },
+        role: { type: "string", enum: ["secretary", "assistant", "researcher", "writer", "custom"], description: "Agent role (default: secretary)" }
+      },
+      required: ["name"]
+    }
+  },
+  {
+    name: "setup_email_relay",
+    description: "Configure Gmail/Outlook relay for sending real internet email (requires master API key). BEGINNER-FRIENDLY: Just needs a Gmail/Outlook email + app password. Agents send as user+agentname@gmail.com. Automatically creates a default agent (secretary) unless skipped. Best for: quick setup, personal use, no domain needed.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        provider: { type: "string", enum: ["gmail", "outlook", "custom"], description: "Email provider (gmail, outlook, or custom)" },
+        email: { type: "string", description: "Your real email address (e.g., user@gmail.com)" },
+        password: { type: "string", description: "App password (not your regular password)" },
+        smtpHost: { type: "string", description: "SMTP host (auto-filled for gmail/outlook)" },
+        smtpPort: { type: "number", description: "SMTP port (auto-filled for gmail/outlook)" },
+        imapHost: { type: "string", description: "IMAP host (auto-filled for gmail/outlook)" },
+        imapPort: { type: "number", description: "IMAP port (auto-filled for gmail/outlook)" },
+        agentName: { type: "string", description: "Name for the default agent (default: secretary). This becomes the email sub-address, e.g., user+secretary@gmail.com" },
+        agentRole: { type: "string", enum: ["secretary", "assistant", "researcher", "writer", "custom"], description: "Role for the default agent (default: secretary)" },
+        skipDefaultAgent: { type: "boolean", description: "Skip creating the default agent (default: false)" }
+      },
+      required: ["provider", "email", "password"]
+    }
+  },
+  {
+    name: "setup_email_domain",
+    description: "Set up a custom domain for real internet email via Cloudflare (requires master API key). ADVANCED: Requires Cloudflare account, API token, and a domain. Emails send from agent@yourdomain.com with full DKIM/SPF/DMARC. Optionally configures Gmail SMTP as outbound relay (recommended for residential IPs). After setup with gmailRelay, use setup_gmail_alias for each agent.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        cloudflareToken: { type: "string", description: "Cloudflare API token (Zone>Zone>Read, Zone>DNS>Edit, Zone>Email Routing Rules>Edit, Account>Cloudflare Tunnel>Edit, Account>Workers Scripts>Edit; optional: Account>Registrar: Domains>Edit for domain purchase)" },
+        cloudflareAccountId: { type: "string", description: "Cloudflare account ID" },
+        domain: { type: "string", description: "Domain to use (if already owned)" },
+        purchase: {
+          type: "object",
+          properties: {
+            keywords: { type: "array", items: { type: "string" }, description: "Keywords to search for available domains" },
+            tld: { type: "string", description: "Preferred TLD (e.g., .com, .io)" }
+          },
+          description: "Purchase a new domain (if domain not provided)"
+        },
+        gmailRelay: {
+          type: "object",
+          properties: {
+            email: { type: "string", description: "Gmail address for SMTP relay (e.g., you@gmail.com)" },
+            appPassword: { type: "string", description: "Gmail app password (from https://myaccount.google.com/apppasswords)" }
+          },
+          description: "Gmail SMTP relay for outbound delivery (recommended for residential IPs without PTR records)"
+        }
+      },
+      required: ["cloudflareToken", "cloudflareAccountId"]
+    }
+  },
+  {
+    name: "setup_guide",
+    description: "Get a comparison of email setup modes (Relay vs Domain) with difficulty levels, requirements, pros/cons, and step-by-step instructions. Show this to users who want to set up real internet email.",
+    inputSchema: {
+      type: "object",
+      properties: {}
+    }
+  },
+  {
+    name: "setup_gmail_alias",
+    description: 'Get step-by-step instructions (with exact field values) to add an agent email as a Gmail "Send mail as" alias. Returns the Gmail settings URL and all field values. Required after domain mode setup with gmailRelay to show correct From address. The agent can automate this via browser tools or present instructions to the user.',
+    inputSchema: {
+      type: "object",
+      properties: {
+        agentEmail: { type: "string", description: "Agent email to add as alias (e.g., secretary@yourdomain.com)" },
+        agentDisplayName: { type: "string", description: "Display name for the alias (defaults to agent name)" }
+      },
+      required: ["agentEmail"]
+    }
+  },
+  {
+    name: "setup_payment",
+    description: "Get instructions for adding a payment method to Cloudflare (required before purchasing domains). Returns Option A (self-service link) and Option B (browser automation steps). Card details go directly to Cloudflare \u2014 never stored by \u{1F380} AgenticMail.",
+    inputSchema: {
+      type: "object",
+      properties: {}
+    }
+  },
+  {
+    name: "purchase_domain",
+    description: "Search for available domains via Cloudflare Registrar (requires master API key). NOTE: Cloudflare API only supports READ access \u2014 domains must be purchased manually at https://dash.cloudflare.com or from another registrar (then point nameservers to Cloudflare).",
+    inputSchema: {
+      type: "object",
+      properties: {
+        keywords: { type: "array", items: { type: "string" }, description: 'Keywords to search for (e.g., ["mybot", "aimail"])' },
+        tld: { type: "string", description: "Preferred TLD (default: checks .com, .net, .io, .dev)" }
+      },
+      required: ["keywords"]
+    }
+  },
+  {
+    name: "check_gateway_status",
+    description: "Check the current email gateway status \u2014 relay mode, domain mode, or not configured",
+    inputSchema: {
+      type: "object",
+      properties: {}
+    }
+  },
+  {
+    name: "send_test_email",
+    description: "Send a test email through the gateway to verify configuration (requires master API key)",
+    inputSchema: {
+      type: "object",
+      properties: {
+        to: { type: "string", description: "Email address to send the test to" }
+      },
+      required: ["to"]
+    }
+  },
+  {
+    name: "list_agents",
+    description: "List all AI agents in the system with their email addresses and roles. Use this to discover which agents you can communicate with via message_agent.",
+    inputSchema: {
+      type: "object",
+      properties: {}
+    }
+  },
+  {
+    name: "message_agent",
+    description: "Send a message to another AI agent by name. The message is delivered to their email inbox. Use list_agents first to see available agents. This is the primary way for agents to coordinate and share information with each other.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        agent: { type: "string", description: 'Name of the recipient agent (e.g. "researcher", "writer")' },
+        subject: { type: "string", description: "Message subject \u2014 describe the purpose clearly" },
+        text: { type: "string", description: "Message body" },
+        priority: { type: "string", enum: ["normal", "high", "urgent"], description: "Priority level (default: normal)" }
+      },
+      required: ["agent", "subject", "text"]
+    }
+  },
+  {
+    name: "check_messages",
+    description: "Check for new unread messages from other agents or external senders. Returns a summary of pending communications. Use this to stay aware of requests and coordinate with other agents.",
+    inputSchema: {
+      type: "object",
+      properties: {}
+    }
+  },
+  {
+    name: "delete_agent",
+    description: "Delete an agent account. Archives all emails and generates a deletion report before removing the account permanently. Returns the deletion summary. Requires master API key.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        name: { type: "string", description: "Name of the agent to delete" },
+        reason: { type: "string", description: "Reason for deletion (optional)" }
+      },
+      required: ["name"]
+    }
+  },
+  {
+    name: "deletion_reports",
+    description: "List past agent deletion reports or retrieve a specific report by ID. Shows archived email summaries from deleted agents. Requires master API key.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        id: { type: "string", description: "Deletion report ID (omit to list all reports)" }
+      }
+    }
+  },
+  {
+    name: "manage_signatures",
+    description: "List, create, or delete email signatures",
+    inputSchema: {
+      type: "object",
+      properties: {
+        action: { type: "string", enum: ["list", "create", "delete"], description: "Action to perform" },
+        id: { type: "string", description: "Signature ID (for delete)" },
+        name: { type: "string", description: "Signature name (for create)" },
+        text: { type: "string", description: "Signature text content (for create)" },
+        isDefault: { type: "boolean", description: "Set as default signature (for create)" }
+      },
+      required: ["action"]
+    }
+  },
+  {
+    name: "manage_templates",
+    description: "List, create, or delete email templates",
+    inputSchema: {
+      type: "object",
+      properties: {
+        action: { type: "string", enum: ["list", "create", "delete"], description: "Action to perform" },
+        id: { type: "string", description: "Template ID (for delete)" },
+        name: { type: "string", description: "Template name (for create)" },
+        subject: { type: "string", description: "Template subject (for create)" },
+        text: { type: "string", description: "Template body text (for create)" }
+      },
+      required: ["action"]
+    }
+  },
+  {
+    name: "batch_mark_unread",
+    description: "Mark multiple emails as unread",
+    inputSchema: {
+      type: "object",
+      properties: {
+        uids: { type: "array", items: { type: "number" }, description: "Array of UIDs to mark as unread" },
+        folder: { type: "string", description: "Folder (default: INBOX)" }
+      },
+      required: ["uids"]
+    }
+  },
+  {
+    name: "batch_move",
+    description: "Move multiple emails to another folder",
+    inputSchema: {
+      type: "object",
+      properties: {
+        uids: { type: "array", items: { type: "number" }, description: "Array of UIDs to move" },
+        from: { type: "string", description: "Source folder (default: INBOX)" },
+        to: { type: "string", description: "Destination folder (e.g., Trash, Archive)" }
+      },
+      required: ["uids", "to"]
+    }
+  },
+  {
+    name: "whoami",
+    description: "Get the current agent's account info \u2014 name, email, role, and metadata",
+    inputSchema: {
+      type: "object",
+      properties: {}
+    }
+  },
+  {
+    name: "update_metadata",
+    description: "Update the current agent's metadata. Merges provided keys with existing metadata.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        metadata: { type: "object", description: "Metadata key-value pairs to set or update" }
+      },
+      required: ["metadata"]
+    }
+  },
+  {
+    name: "check_health",
+    description: "Check \u{1F380} AgenticMail server health status",
+    inputSchema: {
+      type: "object",
+      properties: {}
+    }
+  },
+  {
+    name: "wait_for_email",
+    description: "Wait for a new email or task notification using push notifications (SSE). Blocks until an email arrives, a task is assigned to you, or timeout is reached. Much more efficient than polling \u2014 use this when waiting for a reply or a task from another agent.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        timeout: { type: "number", description: "Max seconds to wait (default: 120, max: 300)" }
+      }
+    }
+  },
+  {
+    name: "batch_read",
+    description: "Read multiple emails at once by UIDs. Returns full parsed content for each message in a single call.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        uids: { type: "array", items: { type: "number" }, description: "Array of UIDs to read" },
+        folder: { type: "string", description: "Folder (default: INBOX)" }
+      },
+      required: ["uids"]
+    }
+  },
+  {
+    name: "inbox_digest",
+    description: "Get a compact inbox digest with subject, sender, date, flags and text preview for each message. More efficient than listing then reading individually.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        limit: { type: "number", description: "Max messages (default: 20, max: 50)" },
+        offset: { type: "number", description: "Skip messages (default: 0)" },
+        folder: { type: "string", description: "Folder (default: INBOX)" },
+        previewLength: { type: "number", description: "Preview text length (default: 200, max: 500)" }
+      }
+    }
+  },
+  {
+    name: "template_send",
+    description: "Send an email using a saved template with variable substitution. Variables like {{name}} are replaced.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        id: { type: "string", description: "Template ID" },
+        to: { type: "string", description: "Recipient email" },
+        variables: { type: "object", description: 'Variables to substitute: { name: "Alice" }' },
+        cc: { type: "string", description: "CC recipients" },
+        bcc: { type: "string", description: "BCC recipients" }
+      },
+      required: ["id", "to"]
+    }
+  },
+  {
+    name: "manage_rules",
+    description: "Manage server-side email rules that auto-process incoming messages (move, tag, mark read, delete).",
+    inputSchema: {
+      type: "object",
+      properties: {
+        action: { type: "string", enum: ["list", "create", "delete"], description: "Action to perform" },
+        id: { type: "string", description: "Rule ID (for delete)" },
+        name: { type: "string", description: "Rule name (for create)" },
+        priority: { type: "number", description: "Higher priority rules match first (for create)" },
+        conditions: { type: "object", description: "Match conditions: { from_contains?, subject_contains?, subject_regex?, to_contains?, has_attachment? }" },
+        actions: { type: "object", description: "Actions on match: { move_to?, mark_read?, delete?, add_tags? }" }
+      },
+      required: ["action"]
+    }
+  },
+  {
+    name: "cleanup_agents",
+    description: "List or remove inactive non-persistent agent accounts (requires master API key)",
+    inputSchema: {
+      type: "object",
+      properties: {
+        action: { type: "string", enum: ["list_inactive", "cleanup", "set_persistent"], description: "Action to perform" },
+        hours: { type: "number", description: "Inactivity threshold in hours (default: 24)" },
+        dryRun: { type: "boolean", description: "Preview without deleting (for cleanup)" },
+        agentId: { type: "string", description: "Agent ID (for set_persistent)" },
+        persistent: { type: "boolean", description: "Set persistent flag (for set_persistent)" }
+      },
+      required: ["action"]
+    }
+  },
+  {
+    name: "assign_task",
+    description: "Assign a task to another agent via the task queue",
+    inputSchema: {
+      type: "object",
+      properties: {
+        assignee: { type: "string", description: "Agent name to assign the task to" },
+        taskType: { type: "string", description: "Task category (default: generic)" },
+        payload: { type: "object", description: "Task data/instructions" },
+        expiresInSeconds: { type: "number", description: "Task expiry in seconds" }
+      },
+      required: ["assignee"]
+    }
+  },
+  {
+    name: "check_tasks",
+    description: "Check for pending tasks assigned to you (or a specific agent) or tasks you assigned to others",
+    inputSchema: {
+      type: "object",
+      properties: {
+        direction: { type: "string", enum: ["incoming", "outgoing"], description: "incoming (assigned to me) or outgoing (I assigned)" },
+        assignee: { type: "string", description: "Check tasks for a specific agent by name (only for incoming direction)" }
+      }
+    }
+  },
+  {
+    name: "claim_task",
+    description: "Claim a pending task assigned to you",
+    inputSchema: {
+      type: "object",
+      properties: {
+        id: { type: "string", description: "Task ID to claim" }
+      },
+      required: ["id"]
+    }
+  },
+  {
+    name: "submit_result",
+    description: "Submit the result for a claimed task, marking it as completed",
+    inputSchema: {
+      type: "object",
+      properties: {
+        id: { type: "string", description: "Task ID" },
+        result: { type: "object", description: "Task result data" }
+      },
+      required: ["id"]
+    }
+  },
+  {
+    name: "call_agent",
+    description: "Synchronous RPC: assign a task to another agent, notify them via email (wakes wait_for_email), and wait for the result. Times out after specified duration.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        target: { type: "string", description: "Name of the agent to call" },
+        task: { type: "string", description: "Task description" },
+        payload: { type: "object", description: "Additional data" },
+        timeout: { type: "number", description: "Max seconds to wait (default: 180, max: 300)" }
+      },
+      required: ["target", "task"]
+    }
+  },
+  {
+    name: "manage_spam",
+    description: "Manage spam: list spam folder, report a message as spam, mark as not-spam, or get the spam score of a message. Emails are auto-scored on arrival; high-scoring messages are moved to Spam automatically.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        action: { type: "string", enum: ["list", "report", "not_spam", "score"], description: "Action to perform" },
+        uid: { type: "number", description: "Message UID (for report, not_spam, score)" },
+        folder: { type: "string", description: "Source folder (for report/score, default: INBOX)" },
+        limit: { type: "number", description: "Max messages to list (for list, default: 20)" },
+        offset: { type: "number", description: "Skip messages (for list, default: 0)" }
+      },
+      required: ["action"]
+    }
+  },
+  {
+    name: "manage_pending_emails",
+    description: "Check the status of pending outbound emails blocked by the outbound guard. You can list all your pending emails or get details of a specific one. You CANNOT approve or reject \u2014 only the owner can do that.",
+    inputSchema: {
+      type: "object",
+      properties: {
+        action: { type: "string", enum: ["list", "get"], description: "Action to perform (list or get only \u2014 approve/reject require owner)" },
+        id: { type: "string", description: "Pending email ID (required for get)" }
+      },
+      required: ["action"]
+    }
+  }
+];
+var MASTER_KEY_TOOLS = /* @__PURE__ */ new Set([
+  "create_account",
+  "setup_email_relay",
+  "setup_email_domain",
+  "setup_guide",
+  "setup_gmail_alias",
+  "setup_payment",
+  "purchase_domain",
+  "check_gateway_status",
+  "send_test_email",
+  "delete_agent",
+  "deletion_reports",
+  "cleanup_agents"
+]);
+var MCP_EXEC_EXTS = /* @__PURE__ */ new Set([".exe", ".bat", ".cmd", ".ps1", ".sh", ".msi", ".scr", ".com", ".vbs", ".js", ".wsf", ".hta", ".cpl", ".jar", ".app", ".dmg", ".run"]);
+var MCP_ARCHIVE_EXTS = /* @__PURE__ */ new Set([".zip", ".rar", ".7z", ".tar", ".gz", ".bz2", ".xz", ".cab", ".iso"]);
+function mcpBuildSecuritySection(security, attachments) {
+  const lines = [];
+  if (security?.isSpam) {
+    lines.push(`[SPAM] Score: ${security.score}, Category: ${security.topCategory ?? security.category} \u2014 This email was flagged as spam`);
+  } else if (security?.isWarning) {
+    lines.push(`[WARNING] Score: ${security.score}, Category: ${security.topCategory ?? security.category} \u2014 Treat with caution`);
+  }
+  if (security?.sanitized && security.sanitizeDetections?.length) {
+    lines.push(`Content sanitized: ${security.sanitizeDetections.map((d) => d.type).join(", ")}`);
+  }
+  if (attachments?.length) {
+    for (const att of attachments) {
+      const name = att.filename ?? "unknown";
+      const lower = name.toLowerCase();
+      const ext = lower.includes(".") ? "." + lower.split(".").pop() : "";
+      const parts = lower.split(".");
+      if (parts.length > 2 && MCP_EXEC_EXTS.has("." + parts[parts.length - 1])) {
+        lines.push(`  [CRITICAL] "${name}": DOUBLE EXTENSION \u2014 Disguised executable`);
+      } else if (MCP_EXEC_EXTS.has(ext)) {
+        lines.push(`  [HIGH] "${name}": EXECUTABLE file \u2014 DO NOT open or trust`);
+      } else if (MCP_ARCHIVE_EXTS.has(ext)) {
+        lines.push(`  [MEDIUM] "${name}": ARCHIVE \u2014 May contain malware`);
+      } else if (ext === ".html" || ext === ".htm") {
+        lines.push(`  [HIGH] "${name}": HTML file \u2014 May contain phishing/scripts`);
+      }
+    }
+  }
+  const matches = security?.spamMatches ?? security?.matches ?? [];
+  for (const m of matches) {
+    if (m.ruleId === "ph_mismatched_display_url") lines.push("  [!] Mismatched display URL \u2014 PHISHING");
+    else if (m.ruleId === "ph_data_uri") lines.push("  [!] data: URI in link \u2014 may execute code");
+    else if (m.ruleId === "ph_homograph") lines.push("  [!] Homograph domain \u2014 mimicking legitimate domain");
+    else if (m.ruleId === "ph_spoofed_sender") lines.push("  [!] Spoofed brand sender");
+    else if (m.ruleId === "de_webhook_exfil") lines.push("  [!] Suspicious webhook URL \u2014 data exfiltration risk");
+    else if (m.ruleId === "pi_invisible_unicode") lines.push("  [!] Invisible unicode \u2014 hidden instructions");
+  }
+  if (lines.length === 0) return "";
+  return `
+--- Security ---
+${lines.join("\n")}`;
+}
+async function handleToolCall(name, args) {
+  const useMaster = MASTER_KEY_TOOLS.has(name);
+  switch (name) {
+    case "send_email": {
+      const sendBody = {
+        to: args.to,
+        subject: args.subject,
+        text: args.text ?? "",
+        html: args.html,
+        cc: args.cc,
+        inReplyTo: args.inReplyTo,
+        references: args.references
+      };
+      if (Array.isArray(args.attachments) && args.attachments.length > 0) {
+        sendBody.attachments = args.attachments.map((a) => ({
+          filename: a.filename,
+          content: a.content,
+          contentType: a.contentType,
+          ...a.encoding ? { encoding: a.encoding } : {}
+        }));
+      }
+      const result = await apiRequest("POST", "/mail/send", sendBody);
+      if (result?.blocked && result?.pendingId) {
+        scheduleFollowUp(result.pendingId, String(args.to), String(args.subject || "(no subject)"), makePendingCheck(result.pendingId));
+        return `Email NOT sent \u2014 blocked by outbound guard.
+${result.summary}
+
+Pending ID: ${result.pendingId}
+Your owner has been notified via email with the full content for review.
+
+You MUST now:
+1. Inform your owner in this conversation that the email was blocked and needs their approval.
+2. Mention the recipient, subject, and why it was flagged.
+3. If this email is urgent or has a deadline, tell your owner about the time sensitivity.
+4. Periodically check with manage_pending_emails(action='list') and follow up with your owner if still pending.`;
+      }
+      let response = `Email sent successfully. Message ID: ${result?.messageId ?? "unknown"}`;
+      if (result?.outboundWarnings?.length) {
+        response += `
+
+--- Outbound Guard ---
+[WARNING] ${result.outboundWarnings.length} potential issue(s):
+${result.outboundWarnings.map((w) => `  [${w.severity?.toUpperCase()}] ${w.description}: ${w.match}`).join("\n")}`;
+      }
+      return response;
+    }
+    case "list_inbox": {
+      const limit = Math.min(Math.max(Number(args.limit) || 20, 1), 100);
+      const offset = Math.max(Number(args.offset) || 0, 0);
+      const result = await apiRequest("GET", `/mail/inbox?limit=${limit}&offset=${offset}`);
+      if (!result?.messages?.length) {
+        return "Inbox is empty.";
+      }
+      const lines = result.messages.map(
+        (m, i) => `${i + 1}. [UID:${m.uid}] From: ${m.from?.[0]?.address ?? "unknown"} | Subject: ${m.subject} | Date: ${m.date}`
+      );
+      return `Inbox (${result.messages.length} messages):
+${lines.join("\n")}`;
+    }
+    case "read_email": {
+      const uid = Number(args.uid);
+      if (!uid || uid < 1 || !Number.isInteger(uid)) {
+        throw new Error("uid must be a positive integer");
+      }
+      const result = await apiRequest("GET", `/mail/messages/${uid}`);
+      if (!result) throw new Error("Email not found or empty response");
+      const lines = [
+        `From: ${result.from?.map((a) => a.address).join(", ") ?? "unknown"}`,
+        `To: ${result.to?.map((a) => a.address).join(", ") ?? "unknown"}`,
+        `Subject: ${result.subject}`,
+        `Date: ${result.date}`,
+        `Message-ID: ${result.messageId}`,
+        result.inReplyTo ? `In-Reply-To: ${result.inReplyTo}` : null,
+        "---",
+        result.text ?? result.html ?? "(no body)"
+      ];
+      if (result.attachments?.length) {
+        lines.push("---");
+        lines.push(`Attachments (${result.attachments.length}):`);
+        for (const att of result.attachments) {
+          lines.push(`  - ${att.filename} (${att.contentType}, ${Math.round(att.size / 1024)}KB)`);
+        }
+      }
+      const secSection = mcpBuildSecuritySection(result.security, result.attachments);
+      if (secSection) lines.push(secSection);
+      return lines.filter((line) => line !== null).join("\n");
+    }
+    case "delete_email": {
+      const uid = Number(args.uid);
+      if (!uid || uid < 1 || !Number.isInteger(uid)) {
+        throw new Error("uid must be a positive integer");
+      }
+      await apiRequest("DELETE", `/mail/messages/${uid}`);
+      return `Email UID ${uid} deleted successfully.`;
+    }
+    case "search_emails": {
+      const { from, to, subject, text, since, before, seen, searchRelay } = args;
+      const result = await apiRequest("POST", "/mail/search", { from, to, subject, text, since, before, seen, searchRelay });
+      const lines = [];
+      if (result?.uids?.length) {
+        lines.push(`Local inbox: ${result.uids.length} match${result.uids.length !== 1 ? "es" : ""}. UIDs: ${result.uids.join(", ")}`);
+      }
+      if (result?.relayResults?.length) {
+        lines.push(`
+Connected account (${result.relayResults[0].account}): ${result.relayResults.length} match${result.relayResults.length !== 1 ? "es" : ""}`);
+        for (const r of result.relayResults.slice(0, 20)) {
+          const fromAddr = r.from?.[0]?.address ?? "unknown";
+          const date = r.date ? new Date(r.date).toLocaleDateString() : "";
+          lines.push(`  [relay UID:${r.uid}] From: ${fromAddr} | Subject: ${r.subject} | Date: ${date}`);
+        }
+        lines.push("\nTo continue a thread from the connected account, use import_relay_email with the relay UID, then reply_email as normal.");
+      }
+      if (lines.length === 0) {
+        return searchRelay ? "No matching emails found in local inbox or connected account." : "No matching emails found. Tip: set searchRelay=true to also search your connected Gmail/Outlook account.";
+      }
+      return lines.join("\n");
+    }
+    case "import_relay_email": {
+      const uid = Number(args.uid);
+      if (!uid || uid < 1 || !Number.isInteger(uid)) {
+        throw new Error("uid must be a positive integer (relay UID from search results)");
+      }
+      const result = await apiRequest("POST", "/mail/import-relay", { uid });
+      return result?.ok ? "Email imported to local inbox. You can now use list_inbox to find it and reply_email to continue the thread." : `Import failed: ${result?.error || "unknown error"}`;
+    }
+    case "reply_email": {
+      const uid = Number(args.uid);
+      if (!uid || uid < 1) throw new Error("uid must be a positive integer");
+      const original = await apiRequest("GET", `/mail/messages/${uid}`);
+      if (!original) throw new Error("Original email not found");
+      const replyTo = original.replyTo?.[0]?.address || original.from?.[0]?.address;
+      if (!replyTo) throw new Error("Original email has no sender address \u2014 cannot reply");
+      const origSubject = original.subject ?? "";
+      const subject = origSubject.startsWith("Re:") ? origSubject : `Re: ${origSubject}`;
+      const refs = Array.isArray(original.references) ? [...original.references] : [];
+      if (original.messageId) refs.push(original.messageId);
+      const quotedBody = (original.text || "").split("\n").map((l) => `> ${l}`).join("\n");
+      const fullText = `${args.text}
+
+On ${original.date}, ${replyTo} wrote:
+${quotedBody}`;
+      let to = replyTo;
+      if (args.replyAll) {
+        const allTo = [...original.to || [], ...original.cc || []].map((a) => a.address).filter(Boolean);
+        to = [replyTo, ...allTo].filter((v, i, a) => v && a.indexOf(v) === i).join(", ");
+      }
+      const replySendBody = {
+        to,
+        subject,
+        text: fullText,
+        html: args.html,
+        inReplyTo: original.messageId,
+        references: refs
+      };
+      const sendResult = await apiRequest("POST", "/mail/send", replySendBody);
+      if (sendResult?.blocked && sendResult?.pendingId) {
+        scheduleFollowUp(sendResult.pendingId, to, String(replySendBody.subject || "(no subject)"), makePendingCheck(sendResult.pendingId));
+        return `Reply NOT sent \u2014 blocked by outbound guard.
+${sendResult.summary}
+
+Pending ID: ${sendResult.pendingId}
+Your owner has been notified via email with the full content for review.
+
+You MUST now:
+1. Inform your owner in this conversation that the reply was blocked and needs their approval.
+2. Mention the recipient, subject, and why it was flagged.
+3. If this reply is urgent or has a deadline, tell your owner about the time sensitivity.
+4. Periodically check with manage_pending_emails(action='list') and follow up with your owner if still pending.`;
+      }
+      let response = `Reply sent to ${to}. Message ID: ${sendResult?.messageId ?? "unknown"}`;
+      if (sendResult?.outboundWarnings?.length) {
+        response += `
+
+--- Outbound Guard ---
+${sendResult.outboundWarnings.map((w) => `  [${w.severity?.toUpperCase()}] ${w.description}`).join("\n")}`;
+      }
+      return response;
+    }
+    case "forward_email": {
+      const uid = Number(args.uid);
+      if (!uid || uid < 1) throw new Error("uid must be a positive integer");
+      const orig = await apiRequest("GET", `/mail/messages/${uid}`);
+      if (!orig) throw new Error("Email not found");
+      const fwdSubject = (orig.subject ?? "").startsWith("Fwd:") ? orig.subject : `Fwd: ${orig.subject}`;
+      const origFrom = orig.from?.[0]?.address ?? "unknown";
+      const origTo = (orig.to || []).map((a) => a.address).join(", ");
+      const fwdBody = `${args.text ? args.text + "\n\n" : ""}---------- Forwarded message ----------
+From: ${origFrom}
+To: ${origTo}
+Date: ${orig.date}
+Subject: ${orig.subject}
+
+${orig.text || ""}`;
+      const fwdSendBody = { to: args.to, subject: fwdSubject, text: fwdBody };
+      if (Array.isArray(orig.attachments) && orig.attachments.length > 0) {
+        fwdSendBody.attachments = orig.attachments.map((a) => ({
+          filename: a.filename,
+          content: a.content?.data ? Buffer.from(a.content.data).toString("base64") : a.content,
+          contentType: a.contentType,
+          encoding: "base64"
+        }));
+      }
+      const fwdResult = await apiRequest("POST", "/mail/send", fwdSendBody);
+      if (fwdResult?.blocked && fwdResult?.pendingId) {
+        scheduleFollowUp(fwdResult.pendingId, String(args.to), fwdSubject, makePendingCheck(fwdResult.pendingId));
+        return `Forward NOT sent \u2014 blocked by outbound guard.
+${fwdResult.summary}
+
+Pending ID: ${fwdResult.pendingId}
+Your owner has been notified via email with the full content for review.
+
+You MUST now:
+1. Inform your owner in this conversation that the forward was blocked and needs their approval.
+2. Mention the recipient, subject, and why it was flagged.
+3. If this forward is urgent or has a deadline, tell your owner about the time sensitivity.
+4. Periodically check with manage_pending_emails(action='list') and follow up with your owner if still pending.`;
+      }
+      let response = `Forwarded to ${args.to}. Message ID: ${fwdResult?.messageId ?? "unknown"}`;
+      if (fwdResult?.outboundWarnings?.length) {
+        response += `
+
+--- Outbound Guard ---
+${fwdResult.outboundWarnings.map((w) => `  [${w.severity?.toUpperCase()}] ${w.description}`).join("\n")}`;
+      }
+      return response;
+    }
+    case "move_email": {
+      const uid = Number(args.uid);
+      if (!uid || uid < 1) throw new Error("uid must be a positive integer");
+      await apiRequest("POST", `/mail/messages/${uid}/move`, { from: args.from || "INBOX", to: args.to });
+      return `Moved message UID ${uid} to ${args.to}`;
+    }
+    case "mark_unread": {
+      const uid = Number(args.uid);
+      if (!uid || uid < 1) throw new Error("uid must be a positive integer");
+      await apiRequest("POST", `/mail/messages/${uid}/unseen`);
+      return `Marked message UID ${uid} as unread`;
+    }
+    case "mark_read": {
+      const uid = Number(args.uid);
+      if (!uid || uid < 1) throw new Error("uid must be a positive integer");
+      await apiRequest("POST", `/mail/messages/${uid}/seen`);
+      return `Marked message UID ${uid} as read`;
+    }
+    case "list_folders": {
+      const result = await apiRequest("GET", "/mail/folders");
+      if (!result?.folders?.length) return "No folders found.";
+      return result.folders.map((f) => `${f.path}${f.specialUse ? ` (${f.specialUse})` : ""}`).join("\n");
+    }
+    case "list_folder": {
+      const folder = encodeURIComponent(String(args.folder));
+      const limit = Math.min(Math.max(Number(args.limit) || 20, 1), 100);
+      const offset = Math.max(Number(args.offset) || 0, 0);
+      const result = await apiRequest("GET", `/mail/folders/${folder}?limit=${limit}&offset=${offset}`);
+      if (!result?.messages?.length) return `Folder "${args.folder}" is empty.`;
+      const lines = result.messages.map((m, i) => `${i + 1}. [UID:${m.uid}] From: ${m.from?.[0]?.address ?? "unknown"} | Subject: ${m.subject} | Date: ${m.date}`);
+      return `${args.folder} (${result.total} total):
+${lines.join("\n")}`;
+    }
+    case "batch_delete": {
+      const uids = args.uids;
+      if (!Array.isArray(uids) || uids.length === 0) throw new Error("uids array required");
+      await apiRequest("POST", "/mail/batch/delete", { uids, folder: args.folder });
+      return `Deleted ${uids.length} messages.`;
+    }
+    case "batch_mark_read": {
+      const uids = args.uids;
+      if (!Array.isArray(uids) || uids.length === 0) throw new Error("uids array required");
+      await apiRequest("POST", "/mail/batch/seen", { uids, folder: args.folder });
+      return `Marked ${uids.length} messages as read.`;
+    }
+    case "manage_contacts": {
+      if (args.action === "list") {
+        const r = await apiRequest("GET", "/contacts");
+        if (!r?.contacts?.length) return "No contacts.";
+        return r.contacts.map((c) => `${c.name || "(no name)"} <${c.email}>`).join("\n");
+      }
+      if (args.action === "add") {
+        if (!args.email) throw new Error("email is required");
+        await apiRequest("POST", "/contacts", { email: args.email, name: args.name });
+        return `Contact added: ${args.name || ""} <${args.email}>`;
+      }
+      if (args.action === "delete") {
+        if (!args.id) throw new Error("id is required");
+        await apiRequest("DELETE", `/contacts/${args.id}`);
+        return "Contact deleted.";
+      }
+      throw new Error("Invalid action");
+    }
+    case "manage_drafts": {
+      if (args.action === "list") {
+        const r = await apiRequest("GET", "/drafts");
+        if (!r?.drafts?.length) return "No drafts.";
+        return r.drafts.map((d) => `[${d.id}] To: ${d.to_addr || "?"} | Subject: ${d.subject || "?"}`).join("\n");
+      }
+      if (args.action === "create") {
+        const r = await apiRequest("POST", "/drafts", { to: args.to, subject: args.subject, text: args.text });
+        return `Draft created: ${r?.id}`;
+      }
+      if (args.action === "update") {
+        if (!args.id) throw new Error("id is required");
+        await apiRequest("PUT", `/drafts/${args.id}`, { to: args.to, subject: args.subject, text: args.text });
+        return `Draft ${args.id} updated.`;
+      }
+      if (args.action === "send") {
+        if (!args.id) throw new Error("id is required");
+        const r = await apiRequest("POST", `/drafts/${args.id}/send`);
+        return `Draft sent. Message ID: ${r?.messageId ?? "unknown"}`;
+      }
+      if (args.action === "delete") {
+        if (!args.id) throw new Error("id is required");
+        await apiRequest("DELETE", `/drafts/${args.id}`);
+        return "Draft deleted.";
+      }
+      throw new Error("Invalid action");
+    }
+    case "manage_scheduled": {
+      const action = args.action || "create";
+      if (action === "list") {
+        const r2 = await apiRequest("GET", "/scheduled");
+        if (!r2?.scheduled?.length) return "No scheduled emails.";
+        return r2.scheduled.map(
+          (s) => `[${s.id}] To: ${s.to_addr} | Subject: ${s.subject} | Send at: ${s.send_at} | Status: ${s.status}`
+        ).join("\n");
+      }
+      if (action === "cancel") {
+        if (!args.id) throw new Error("id is required");
+        await apiRequest("DELETE", `/scheduled/${args.id}`);
+        return "Scheduled email cancelled.";
+      }
+      const r = await apiRequest("POST", "/scheduled", {
+        to: args.to,
+        subject: args.subject,
+        text: args.text,
+        sendAt: args.sendAt
+      });
+      return `Email scheduled for ${r?.sendAt}. ID: ${r?.id}`;
+    }
+    case "create_folder": {
+      if (!args.name) throw new Error("name is required");
+      await apiRequest("POST", "/mail/folders", { name: args.name });
+      return `Folder "${args.name}" created successfully.`;
+    }
+    case "manage_tags": {
+      const action = args.action;
+      if (action === "list") {
+        const r = await apiRequest("GET", "/tags");
+        if (!r?.tags?.length) return "No tags.";
+        return r.tags.map((t) => `[${t.id.slice(0, 8)}] ${t.name} (${t.color})`).join("\n");
+      }
+      if (action === "create") {
+        if (!args.name) throw new Error("name is required");
+        const r = await apiRequest("POST", "/tags", { name: args.name, color: args.color });
+        return `Tag "${args.name}" created (${r?.color}). ID: ${r?.id}`;
+      }
+      if (action === "delete") {
+        if (!args.id) throw new Error("id is required");
+        await apiRequest("DELETE", `/tags/${args.id}`);
+        return "Tag deleted.";
+      }
+      if (action === "tag_message") {
+        if (!args.id || !args.uid) throw new Error("id and uid are required");
+        await apiRequest("POST", `/tags/${args.id}/messages`, { uid: args.uid, folder: args.folder });
+        return `Tagged message UID ${args.uid} with tag ${args.id}`;
+      }
+      if (action === "untag_message") {
+        if (!args.id || !args.uid) throw new Error("id and uid are required");
+        const folder = args.folder || "INBOX";
+        await apiRequest("DELETE", `/tags/${args.id}/messages/${args.uid}?folder=${encodeURIComponent(folder)}`);
+        return `Removed tag from message UID ${args.uid} in ${folder}`;
+      }
+      if (action === "get_messages") {
+        if (!args.id) throw new Error("id is required");
+        const r = await apiRequest("GET", `/tags/${args.id}/messages`);
+        if (!r?.messages?.length) return `No messages with this tag.`;
+        return `Tag "${r.tag.name}" \u2014 ${r.messages.length} messages:
+${r.messages.map((m) => `  UID ${m.uid} (${m.folder})`).join("\n")}`;
+      }
+      if (action === "get_message_tags") {
+        if (!args.uid) throw new Error("uid is required");
+        const r = await apiRequest("GET", `/messages/${args.uid}/tags`);
+        if (!r?.tags?.length) return "No tags on this message.";
+        return r.tags.map((t) => `[${t.id.slice(0, 8)}] ${t.name} (${t.color})`).join("\n");
+      }
+      throw new Error("Invalid action");
+    }
+    case "create_account": {
+      const result = await apiRequest("POST", "/accounts", {
+        name: args.name,
+        domain: args.domain,
+        role: args.role
+      }, useMaster);
+      if (!result) throw new Error("No response from account creation");
+      return [
+        `Account created successfully!`,
+        `  Name: ${result.name}`,
+        `  Email: ${result.email}`,
+        `  Role: ${result.role}`,
+        `  API Key: ${result.apiKey}`,
+        `  ID: ${result.id}`
+      ].join("\n");
+    }
+    case "setup_email_relay": {
+      const result = await apiRequest("POST", "/gateway/relay", {
+        provider: args.provider,
+        email: args.email,
+        password: args.password,
+        smtpHost: args.smtpHost,
+        smtpPort: args.smtpPort,
+        imapHost: args.imapHost,
+        imapPort: args.imapPort,
+        agentName: args.agentName,
+        agentRole: args.agentRole,
+        skipDefaultAgent: args.skipDefaultAgent
+      }, useMaster);
+      if (!result) throw new Error("No response from relay setup");
+      const lines = [
+        `Email relay configured!`,
+        `  Mode: ${result.mode}`,
+        `  Provider: ${result.provider}`,
+        `  Email: ${result.email}`
+      ];
+      if (result.agent) {
+        lines.push(
+          `  Default agent: ${result.agent.name} (${result.agent.role})`,
+          `  Agent email: ${result.agent.subAddress}`,
+          `  Agent API Key: ${result.agent.apiKey}`
+        );
+      }
+      return lines.join("\n");
+    }
+    case "setup_email_domain": {
+      const result = await apiRequest("POST", "/gateway/domain", {
+        cloudflareToken: args.cloudflareToken,
+        cloudflareAccountId: args.cloudflareAccountId,
+        domain: args.domain,
+        purchase: args.purchase,
+        gmailRelay: args.gmailRelay
+      }, useMaster);
+      if (!result) throw new Error("No response from domain setup");
+      const lines = [
+        `Domain email configured!`,
+        `  Domain: ${result.domain}`,
+        `  DNS: ${result.dnsConfigured ? "configured" : "pending"}`,
+        `  Tunnel: ${result.tunnelId}`
+      ];
+      if (result.outboundRelay) {
+        lines.push(`  Outbound relay: ${result.outboundRelay.configured ? "configured" : "failed"} (${result.outboundRelay.provider})`);
+      }
+      if (result.nextSteps?.length) {
+        lines.push("", "Next steps:");
+        for (const step of result.nextSteps) {
+          lines.push(`  ${step}`);
+        }
+      }
+      return lines.join("\n");
+    }
+    case "setup_guide": {
+      const result = await apiRequest("GET", "/gateway/setup-guide", void 0, useMaster);
+      if (!result?.modes) throw new Error("No response from setup guide");
+      const lines = ["Email Setup Options:", ""];
+      for (const mode of result.modes) {
+        lines.push(`=== ${mode.mode.toUpperCase()} MODE (${mode.difficulty}) ===`);
+        lines.push(mode.description);
+        lines.push(`From address: ${mode.fromAddress}`);
+        lines.push("Requirements:");
+        for (const req of mode.requirements) lines.push(`  - ${req}`);
+        lines.push("Pros:");
+        for (const pro of mode.pros) lines.push(`  + ${pro}`);
+        lines.push("Cons:");
+        for (const con of mode.cons) lines.push(`  - ${con}`);
+        lines.push("");
+      }
+      return lines.join("\n");
+    }
+    case "setup_gmail_alias": {
+      const result = await apiRequest("POST", "/gateway/domain/alias-setup", {
+        agentEmail: args.agentEmail,
+        agentDisplayName: args.agentDisplayName
+      }, useMaster);
+      if (!result?.instructions) throw new Error("No response from alias setup");
+      const lines = [
+        result.instructions.summary,
+        "",
+        "Steps:"
+      ];
+      for (const step of result.instructions.steps) {
+        lines.push(`${step.step}. ${step.action}`);
+        if (step.fields) {
+          for (const [k, v] of Object.entries(step.fields)) {
+            lines.push(`   ${k}: ${v}`);
+          }
+        }
+        if (step.url) lines.push(`   URL: ${step.url}`);
+      }
+      return lines.join("\n");
+    }
+    case "setup_payment": {
+      const result = await apiRequest("GET", "/gateway/domain/payment-setup", void 0, useMaster);
+      if (!result?.instructions) throw new Error("No response from payment setup");
+      const lines = [result.instructions.summary, ""];
+      for (const opt of result.instructions.options) {
+        lines.push(`=== Option ${opt.option}: ${opt.label} ===`);
+        if (opt.securityNote) lines.push(`Security: ${opt.securityNote}`);
+        for (const step of opt.steps) {
+          lines.push(`  ${step.step}. ${step.action}`);
+          if (step.url) lines.push(`     URL: ${step.url}`);
+          if (step.note) lines.push(`     Note: ${step.note}`);
+        }
+        lines.push("");
+      }
+      return lines.join("\n");
+    }
+    case "purchase_domain": {
+      const result = await apiRequest("POST", "/gateway/domain/purchase", {
+        keywords: args.keywords,
+        tld: args.tld
+      }, useMaster);
+      if (!result?.domains?.length) return "No domains found.";
+      const lines = result.domains.map(
+        (d) => `  ${d.domain}: ${d.available ? "available" : "taken"}${d.price ? ` ($${d.price})` : ""}${d.premium ? " (premium)" : ""}`
+      );
+      return `Domain search results:
+${lines.join("\n")}`;
+    }
+    case "check_gateway_status": {
+      const result = await apiRequest("GET", "/gateway/status", void 0, useMaster);
+      if (!result) throw new Error("No response from gateway status");
+      const lines = [`Gateway mode: ${result.mode}`, `Healthy: ${result.healthy}`];
+      if (result.relay) {
+        lines.push(`Relay provider: ${result.relay.provider}`, `Relay email: ${result.relay.email}`, `Polling: ${result.relay.polling}`);
+      }
+      if (result.domain) {
+        lines.push(`Domain: ${result.domain.domain}`, `DNS: ${result.domain.dnsConfigured}`, `Tunnel: ${result.domain.tunnelActive}`);
+      }
+      return lines.join("\n");
+    }
+    case "send_test_email": {
+      const result = await apiRequest("POST", "/gateway/test", { to: args.to }, useMaster);
+      return `Test email sent! Message ID: ${result?.messageId ?? "unknown"}`;
+    }
+    case "list_agents": {
+      const result = await apiRequest("GET", "/accounts/directory");
+      const agents = result?.agents ?? [];
+      if (agents.length === 0) return "No agents found.";
+      const lines = agents.map((a) => `  ${a.name} (${a.email}) \u2014 ${a.role}`);
+      return `Agents in the system:
+${lines.join("\n")}`;
+    }
+    case "message_agent": {
+      const agentName = String(args.agent ?? "").toLowerCase().trim();
+      if (!agentName) throw new Error("agent name is required");
+      try {
+        await apiRequest("GET", `/accounts/directory/${encodeURIComponent(agentName)}`);
+      } catch {
+        throw new Error(`Agent "${agentName}" not found. Use list_agents to see available agents.`);
+      }
+      const to = `${agentName}@localhost`;
+      const priority = String(args.priority ?? "normal");
+      const subject = priority === "urgent" ? `[URGENT] ${args.subject}` : priority === "high" ? `[HIGH] ${args.subject}` : String(args.subject);
+      const result = await apiRequest("POST", "/mail/send", { to, subject, text: args.text });
+      return `Message sent to ${to}. Message ID: ${result?.messageId ?? "unknown"}`;
+    }
+    case "check_messages": {
+      const searchResult = await apiRequest("POST", "/mail/search", { seen: false });
+      const uids = searchResult?.uids ?? [];
+      if (uids.length === 0) return "No unread messages.";
+      const details = [];
+      for (const uid of uids.slice(0, 10)) {
+        try {
+          const email = await apiRequest("GET", `/mail/messages/${uid}`);
+          if (!email) continue;
+          const from = email.from?.[0]?.address ?? "unknown";
+          const subject = email.subject ?? "(no subject)";
+          const tag = from.endsWith("@localhost") ? "[agent]" : "[external]";
+          details.push(`  ${tag} UID ${uid}: from ${from} \u2014 "${subject}"`);
+        } catch {
+        }
+      }
+      const more = uids.length > 10 ? `
+  (${uids.length - 10} more not shown)` : "";
+      return `${uids.length} unread message(s):
+${details.join("\n")}${more}`;
+    }
+    case "delete_agent": {
+      const agentName = String(args.name ?? "").trim();
+      if (!agentName) throw new Error("name is required");
+      const agents = await apiRequest("GET", "/accounts", void 0, true);
+      const fullAgent = agents?.agents?.find((a) => a.name === agentName);
+      if (!fullAgent) throw new Error(`Agent "${agentName}" not found`);
+      const qs = new URLSearchParams({ archive: "true", deletedBy: "mcp-tool" });
+      if (args.reason) qs.set("reason", String(args.reason));
+      const report = await apiRequest("DELETE", `/accounts/${fullAgent.id}?${qs.toString()}`, void 0, true);
+      const lines = [
+        `Agent "${agentName}" deleted successfully.`,
+        `  Deletion ID: ${report?.id}`,
+        `  Emails archived: ${report?.summary?.totalEmails ?? 0}`,
+        `  Deleted at: ${report?.deletedAt}`
+      ];
+      if (report?.summary?.topCorrespondents?.length) {
+        lines.push(`  Top correspondents: ${report.summary.topCorrespondents.map((c) => c.address).join(", ")}`);
+      }
+      return lines.join("\n");
+    }
+    case "deletion_reports": {
+      if (args.id) {
+        const report = await apiRequest("GET", `/accounts/deletions/${encodeURIComponent(String(args.id))}`, void 0, true);
+        if (!report) throw new Error("Deletion report not found");
+        const lines2 = [
+          `Deletion Report: ${report.id}`,
+          `  Agent: ${report.agent.name} (${report.agent.email})`,
+          `  Role: ${report.agent.role}`,
+          `  Deleted: ${report.deletedAt}`,
+          `  By: ${report.deletedBy}`,
+          report.reason ? `  Reason: ${report.reason}` : null,
+          `  Total emails: ${report.summary.totalEmails}`,
+          `  Inbox: ${report.summary.inboxCount}, Sent: ${report.summary.sentCount}, Other: ${report.summary.otherCount}`
+        ];
+        if (report.summary.firstEmailDate) {
+          lines2.push(`  Date range: ${report.summary.firstEmailDate} \u2192 ${report.summary.lastEmailDate}`);
+        }
+        if (report.summary.topCorrespondents?.length) {
+          lines2.push(`  Top correspondents: ${report.summary.topCorrespondents.map((c) => `${c.address} (${c.count})`).join(", ")}`);
+        }
+        return lines2.filter(Boolean).join("\n");
+      }
+      const result = await apiRequest("GET", "/accounts/deletions", void 0, true);
+      const deletions = result?.deletions ?? [];
+      if (deletions.length === 0) return "No deletion reports found.";
+      const lines = deletions.map((d) => `  [${d.id}] ${d.agentName} (${d.agentEmail}) \u2014 deleted ${d.deletedAt}, ${d.emailCount} emails archived`);
+      return `Deletion reports:
+${lines.join("\n")}`;
+    }
+    case "manage_signatures": {
+      if (args.action === "list") {
+        const r = await apiRequest("GET", "/signatures");
+        if (!r?.signatures?.length) return "No signatures.";
+        return r.signatures.map((s) => `[${s.id}] ${s.name}${s.isDefault ? " (default)" : ""}: ${s.text}`).join("\n");
+      }
+      if (args.action === "create") {
+        if (!args.name || !args.text) throw new Error("name and text are required");
+        const r = await apiRequest("POST", "/signatures", { name: args.name, text: args.text, isDefault: args.isDefault });
+        return `Signature "${args.name}" created. ID: ${r?.id}`;
+      }
+      if (args.action === "delete") {
+        if (!args.id) throw new Error("id is required");
+        await apiRequest("DELETE", `/signatures/${args.id}`);
+        return "Signature deleted.";
+      }
+      throw new Error("Invalid action. Use: list, create, or delete");
+    }
+    case "manage_templates": {
+      if (args.action === "list") {
+        const r = await apiRequest("GET", "/templates");
+        if (!r?.templates?.length) return "No templates.";
+        return r.templates.map((t) => `[${t.id}] ${t.name}: ${t.subject}`).join("\n");
+      }
+      if (args.action === "create") {
+        if (!args.name || !args.subject || !args.text) throw new Error("name, subject, and text are required");
+        const r = await apiRequest("POST", "/templates", { name: args.name, subject: args.subject, text: args.text });
+        return `Template "${args.name}" created. ID: ${r?.id}`;
+      }
+      if (args.action === "delete") {
+        if (!args.id) throw new Error("id is required");
+        await apiRequest("DELETE", `/templates/${args.id}`);
+        return "Template deleted.";
+      }
+      throw new Error("Invalid action. Use: list, create, or delete");
+    }
+    case "batch_mark_unread": {
+      const uids = args.uids;
+      if (!Array.isArray(uids) || uids.length === 0) throw new Error("uids array required");
+      await apiRequest("POST", "/mail/batch/unseen", { uids, folder: args.folder });
+      return `Marked ${uids.length} messages as unread.`;
+    }
+    case "batch_move": {
+      const uids = args.uids;
+      if (!Array.isArray(uids) || uids.length === 0) throw new Error("uids array required");
+      await apiRequest("POST", "/mail/batch/move", { uids, from: args.from || "INBOX", to: args.to });
+      return `Moved ${uids.length} messages to ${args.to}.`;
+    }
+    case "whoami": {
+      const result = await apiRequest("GET", "/accounts/me");
+      if (!result) throw new Error("Could not retrieve agent info");
+      return [
+        `Name: ${result.name}`,
+        `Email: ${result.email}`,
+        `Role: ${result.role}`,
+        `ID: ${result.id}`,
+        `Created: ${result.createdAt}`,
+        result.metadata && Object.keys(result.metadata).length > 0 ? `Metadata: ${JSON.stringify(result.metadata)}` : null
+      ].filter(Boolean).join("\n");
+    }
+    case "update_metadata": {
+      if (!args.metadata || typeof args.metadata !== "object") throw new Error("metadata object is required");
+      const result = await apiRequest("PATCH", "/accounts/me", { metadata: args.metadata });
+      return `Metadata updated successfully. Agent: ${result?.name ?? "unknown"}`;
+    }
+    case "check_health": {
+      const result = await apiRequest("GET", "/health");
+      if (!result) throw new Error("No response from health check");
+      return `\u{1F380} AgenticMail server: ${result.status ?? "ok"}${result.stalwart ? `, Stalwart: ${result.stalwart}` : ""}`;
+    }
+    case "wait_for_email": {
+      const timeoutSec = Math.min(Math.max(Number(args.timeout) || 120, 5), 300);
+      const controller = new AbortController();
+      const timer = setTimeout(() => controller.abort(), timeoutSec * 1e3);
+      try {
+        const res = await fetch(`${API_URL}/api/agenticmail/events`, {
+          headers: { "Authorization": `Bearer ${API_KEY}`, "Accept": "text/event-stream" },
+          signal: controller.signal
+        });
+        if (!res.ok) {
+          clearTimeout(timer);
+          const search = await apiRequest("POST", "/mail/search", { seen: false });
+          const uids = search?.uids ?? [];
+          if (uids.length > 0) {
+            const email = await apiRequest("GET", `/mail/messages/${uids[0]}`);
+            return JSON.stringify({
+              arrived: true,
+              mode: "poll-fallback",
+              email: email ? {
+                uid: uids[0],
+                from: email.from?.[0]?.address ?? "",
+                subject: email.subject ?? "(no subject)",
+                date: email.date,
+                preview: (email.text ?? "").slice(0, 300)
+              } : null,
+              totalUnread: uids.length
+            });
+          }
+          return JSON.stringify({ arrived: false, reason: "SSE unavailable and no unread emails", timedOut: true });
+        }
+        if (!res.body) {
+          clearTimeout(timer);
+          return JSON.stringify({ arrived: false, reason: "SSE response has no body" });
+        }
+        const reader = res.body.getReader();
+        const decoder = new TextDecoder();
+        let buffer = "";
+        try {
+          while (true) {
+            const { done, value } = await reader.read();
+            if (done) break;
+            buffer += decoder.decode(value, { stream: true });
+            let boundary;
+            while ((boundary = buffer.indexOf("\n\n")) !== -1) {
+              const frame = buffer.slice(0, boundary);
+              buffer = buffer.slice(boundary + 2);
+              for (const line of frame.split("\n")) {
+                if (line.startsWith("data: ")) {
+                  try {
+                    const event = JSON.parse(line.slice(6));
+                    if (event.type === "task" && event.taskId) {
+                      clearTimeout(timer);
+                      try {
+                        reader.cancel();
+                      } catch {
+                      }
+                      return JSON.stringify({
+                        arrived: true,
+                        mode: "push",
+                        eventType: "task",
+                        task: {
+                          taskId: event.taskId,
+                          taskType: event.taskType,
+                          description: event.task,
+                          from: event.from
+                        },
+                        hint: 'You have a new task. Use check_tasks(action="pending") to see and claim it.'
+                      });
+                    }
+                    if (event.type === "new" && event.uid) {
+                      clearTimeout(timer);
+                      try {
+                        reader.cancel();
+                      } catch {
+                      }
+                      const email = await apiRequest("GET", `/mail/messages/${event.uid}`);
+                      const fromAddr = email?.from?.[0]?.address ?? "";
+                      return JSON.stringify({
+                        arrived: true,
+                        mode: "push",
+                        eventType: "email",
+                        email: email ? {
+                          uid: event.uid,
+                          from: fromAddr,
+                          fromName: email.from?.[0]?.name ?? fromAddr,
+                          subject: email.subject ?? "(no subject)",
+                          date: email.date,
+                          preview: (email.text ?? "").slice(0, 300),
+                          messageId: email.messageId,
+                          isInterAgent: fromAddr.endsWith("@localhost")
+                        } : null
+                      });
+                    }
+                  } catch {
+                  }
+                }
+              }
+            }
+          }
+        } finally {
+          try {
+            reader.cancel();
+          } catch {
+          }
+        }
+        clearTimeout(timer);
+        return JSON.stringify({ arrived: false, reason: "SSE connection closed", timedOut: false });
+      } catch (err) {
+        clearTimeout(timer);
+        if (err.name === "AbortError") {
+          return JSON.stringify({ arrived: false, reason: `No email received within ${timeoutSec}s`, timedOut: true });
+        }
+        return JSON.stringify({ arrived: false, reason: err.message });
+      }
+    }
+    case "batch_read": {
+      const uids = args.uids;
+      if (!Array.isArray(uids) || uids.length === 0) throw new Error("uids array required");
+      const result = await apiRequest("POST", "/mail/batch/read", { uids, folder: args.folder });
+      if (!result?.messages?.length) return "No messages found for the given UIDs.";
+      const lines = result.messages.map((m) => {
+        const from = m.from?.map((a) => a.address).join(", ") ?? "unknown";
+        return `[UID:${m.uid}] From: ${from} | Subject: ${m.subject}
+${(m.text ?? "").slice(0, 500)}`;
+      });
+      return `${result.count} messages:
+
+${lines.join("\n\n---\n\n")}`;
+    }
+    case "inbox_digest": {
+      const qs = new URLSearchParams();
+      if (args.limit) qs.set("limit", String(args.limit));
+      if (args.offset) qs.set("offset", String(args.offset));
+      if (args.folder) qs.set("folder", String(args.folder));
+      if (args.previewLength) qs.set("previewLength", String(args.previewLength));
+      const query = qs.toString();
+      const result = await apiRequest("GET", `/mail/digest${query ? "?" + query : ""}`);
+      if (!result?.messages?.length) return "Inbox is empty.";
+      const lines = result.messages.map((m, i) => {
+        const from = m.from?.[0]?.address ?? "unknown";
+        const flags = m.flags?.length ? ` [${m.flags.join(", ")}]` : "";
+        return `${i + 1}. [UID:${m.uid}] From: ${from} | Subject: ${m.subject}${flags}
+   ${m.preview || "(no preview)"}`;
+      });
+      return `Inbox digest (${result.count}/${result.total}):
+${lines.join("\n")}`;
+    }
+    case "template_send": {
+      const result = await apiRequest("POST", `/templates/${args.id}/send`, {
+        to: args.to,
+        variables: args.variables,
+        cc: args.cc,
+        bcc: args.bcc
+      });
+      return `Template email sent. Message ID: ${result?.messageId ?? "unknown"}`;
+    }
+    case "manage_rules": {
+      if (args.action === "list") {
+        const r = await apiRequest("GET", "/rules");
+        if (!r?.rules?.length) return "No email rules configured.";
+        return r.rules.map(
+          (rule) => `[${rule.id.slice(0, 8)}] ${rule.name} (priority: ${rule.priority}, enabled: ${rule.enabled})
+  Conditions: ${JSON.stringify(rule.conditions)}
+  Actions: ${JSON.stringify(rule.actions)}`
+        ).join("\n");
+      }
+      if (args.action === "create") {
+        const r = await apiRequest("POST", "/rules", {
+          name: args.name,
+          priority: args.priority,
+          conditions: args.conditions,
+          actions: args.actions
+        });
+        return `Rule "${r?.name}" created. ID: ${r?.id}`;
+      }
+      if (args.action === "delete") {
+        if (!args.id) throw new Error("id is required");
+        await apiRequest("DELETE", `/rules/${args.id}`);
+        return "Rule deleted.";
+      }
+      throw new Error("Invalid action. Use: list, create, or delete");
+    }
+    case "cleanup_agents": {
+      if (args.action === "list_inactive") {
+        const qs = args.hours ? `?hours=${args.hours}` : "";
+        const r = await apiRequest("GET", `/accounts/inactive${qs}`, void 0, true);
+        if (!r?.agents?.length) return "No inactive agents found. All agents are either active or persistent.";
+        return `${r.count} inactive agent(s):
+${r.agents.map(
+          (a) => `  ${a.name} (${a.email}) \u2014 last active: ${a.last_activity_at || "never"}, persistent: ${a.persistent}`
+        ).join("\n")}`;
+      }
+      if (args.action === "cleanup") {
+        const r = await apiRequest("POST", "/accounts/cleanup", { hours: args.hours, dryRun: args.dryRun }, true);
+        if (r?.dryRun) {
+          if (!r.count) return "No inactive agents to clean up. All agents are either active or persistent.";
+          return `Would delete ${r.count} agent(s): ${r.wouldDelete.map((a) => a.name).join(", ")}`;
+        }
+        if (!r?.count) return "No inactive agents to clean up. All agents are either active or persistent.";
+        return `Deleted ${r.count} agent(s): ${r.deleted.join(", ")}`;
+      }
+      if (args.action === "set_persistent") {
+        if (!args.agentId) throw new Error("agentId is required");
+        await apiRequest("PATCH", `/accounts/${args.agentId}/persistent`, { persistent: args.persistent !== false }, true);
+        return `Agent ${args.agentId} persistent flag set to ${args.persistent !== false}`;
+      }
+      throw new Error("Invalid action. Use: list_inactive, cleanup, or set_persistent");
+    }
+    case "assign_task": {
+      const result = await apiRequest("POST", "/tasks/assign", {
+        assignee: args.assignee,
+        taskType: args.taskType,
+        payload: args.payload,
+        expiresInSeconds: args.expiresInSeconds
+      });
+      return `Task assigned to ${result?.assignee}. Task ID: ${result?.id}`;
+    }
+    case "check_tasks": {
+      let endpoint = args.direction === "outgoing" ? "/tasks/assigned" : "/tasks/pending";
+      if (args.direction !== "outgoing" && args.assignee) {
+        endpoint += `?assignee=${encodeURIComponent(args.assignee)}`;
+      }
+      const r = await apiRequest("GET", endpoint);
+      if (!r?.tasks?.length) return args.direction === "outgoing" ? "No tasks assigned by you." : "No pending tasks.";
+      return `${r.count} tasks:
+${r.tasks.map(
+        (t) => `  [${t.id.slice(0, 8)}] ${t.taskType} \u2014 status: ${t.status}, payload: ${JSON.stringify(t.payload).slice(0, 100)}`
+      ).join("\n")}`;
+    }
+    case "claim_task": {
+      const r = await apiRequest("POST", `/tasks/${args.id}/claim`);
+      return `Task ${r?.id} claimed. Payload: ${JSON.stringify(r?.payload)}`;
+    }
+    case "submit_result": {
+      await apiRequest("POST", `/tasks/${args.id}/result`, { result: args.result });
+      return `Result submitted for task ${args.id}.`;
+    }
+    case "call_agent": {
+      const timeoutSec = Math.min(Math.max(Number(args.timeout) || 180, 5), 300);
+      const created = await apiRequest("POST", "/tasks/assign", {
+        assignee: args.target,
+        taskType: "rpc",
+        payload: { task: args.task, ...args.payload || {} }
+      });
+      if (!created?.id) throw new Error("Failed to create task");
+      const taskId = created.id;
+      const deadline = Date.now() + timeoutSec * 1e3;
+      while (Date.now() < deadline) {
+        await new Promise((r) => setTimeout(r, 2e3));
+        try {
+          const task = await apiRequest("GET", `/tasks/${taskId}`);
+          if (task?.status === "completed") return `RPC completed. Result: ${JSON.stringify(task.result)}`;
+          if (task?.status === "failed") return `RPC failed: ${task.error}`;
+        } catch {
+        }
+      }
+      return `RPC timed out. Task ID: ${taskId} \u2014 check later with check_tasks.`;
+    }
+    case "manage_spam": {
+      const action = args.action;
+      if (action === "list") {
+        const qs = new URLSearchParams();
+        if (args.limit) qs.set("limit", String(args.limit));
+        if (args.offset) qs.set("offset", String(args.offset));
+        const query = qs.toString();
+        const result = await apiRequest("GET", `/mail/spam${query ? "?" + query : ""}`);
+        if (!result?.messages?.length) return "Spam folder is empty.";
+        const lines = result.messages.map((m, i) => `${i + 1}. [UID:${m.uid}] From: ${m.from?.[0]?.address ?? "unknown"} | Subject: ${m.subject} | Date: ${m.date}`);
+        return `Spam folder (${result.count}/${result.total}):
+${lines.join("\n")}`;
+      }
+      if (action === "report") {
+        const uid = Number(args.uid);
+        if (!uid || uid < 1) throw new Error("uid is required");
+        await apiRequest("POST", `/mail/messages/${uid}/spam`, { folder: args.folder || "INBOX" });
+        return `Message UID ${uid} moved to Spam.`;
+      }
+      if (action === "not_spam") {
+        const uid = Number(args.uid);
+        if (!uid || uid < 1) throw new Error("uid is required");
+        await apiRequest("POST", `/mail/messages/${uid}/not-spam`);
+        return `Message UID ${uid} moved from Spam to INBOX.`;
+      }
+      if (action === "score") {
+        const uid = Number(args.uid);
+        if (!uid || uid < 1) throw new Error("uid is required");
+        const folder = args.folder || "INBOX";
+        const result = await apiRequest("GET", `/mail/messages/${uid}/spam-score?folder=${encodeURIComponent(folder)}`);
+        const lines = [
+          `Spam Score: ${result.score}/100 (${result.isSpam ? "SPAM" : result.isWarning ? "WARNING" : "CLEAN"})`,
+          result.topCategory ? `Top Category: ${result.topCategory}` : null
+        ];
+        if (result.matches?.length) {
+          lines.push("Matches:");
+          for (const m of result.matches) {
+            lines.push(`  [${m.ruleId}] +${m.score} \u2014 ${m.description}`);
+          }
+        }
+        return lines.filter(Boolean).join("\n");
+      }
+      throw new Error("Invalid action. Use: list, report, not_spam, or score");
+    }
+    case "manage_pending_emails": {
+      const action = String(args.action);
+      if (action === "list") {
+        const result = await apiRequest("GET", "/mail/pending");
+        if (result?.pending) {
+          for (const p of result.pending) {
+            if (p.status !== "pending") cancelFollowUp(p.id);
+          }
+        }
+        if (!result?.pending?.length) return withReminders("No pending outbound emails.");
+        const lines = result.pending.map((p, i) => `${i + 1}. [${p.id}] To: ${p.to} | Subject: ${p.subject} | Status: ${p.status} | Created: ${p.createdAt}`);
+        return withReminders(`Pending emails (${result.count}):
+${lines.join("\n")}`);
+      }
+      if (action === "get") {
+        if (!args.id) throw new Error("id is required");
+        const result = await apiRequest("GET", `/mail/pending/${encodeURIComponent(String(args.id))}`);
+        if (!result) throw new Error("Pending email not found");
+        if (result.status !== "pending") cancelFollowUp(String(args.id));
+        return withReminders(`Pending Email: ${result.id}
+To: ${result.mailOptions?.to}
+Subject: ${result.mailOptions?.subject}
+Status: ${result.status}
+Created: ${result.createdAt}
+Warnings:
+${result.summary}`);
+      }
+      if (action === "approve" || action === "reject") {
+        return withReminders(`You cannot ${action} pending emails. Only the owner (human) can approve or reject blocked emails. Please inform the owner and wait for their decision.`);
+      }
+      throw new Error("Invalid action. Use: list or get");
+    }
+    default:
+      throw new Error(`Unknown tool: ${name}`);
+  }
+}
+
+// src/resources.ts
+var API_URL2 = process.env.AGENTICMAIL_API_URL ?? "http://127.0.0.1:3100";
+var API_KEY2 = process.env.AGENTICMAIL_API_KEY ?? "";
+async function apiRequest2(path) {
+  if (!API_KEY2) {
+    throw new Error("API key is not configured. Set AGENTICMAIL_API_KEY.");
+  }
+  const response = await fetch(`${API_URL2}/api/agenticmail${path}`, {
+    headers: {
+      "Authorization": `Bearer ${API_KEY2}`
+    },
+    signal: AbortSignal.timeout(3e4)
+  });
+  if (!response.ok) {
+    let text;
+    try {
+      text = await response.text();
+    } catch {
+      text = "(could not read response body)";
+    }
+    throw new Error(`API error ${response.status}: ${text}`);
+  }
+  const contentType = response.headers.get("content-type");
+  if (contentType?.includes("application/json")) {
+    try {
+      return await response.json();
+    } catch {
+      throw new Error(`API returned invalid JSON from ${path}`);
+    }
+  }
+  return null;
+}
+var resourceDefinitions = [
+  {
+    uri: "agenticmail://inbox",
+    name: "Agent Inbox",
+    description: "Browse the current agent's email inbox",
+    mimeType: "text/plain"
+  }
+];
+async function handleResourceRead(uri) {
+  if (uri === "agenticmail://inbox") {
+    const result = await apiRequest2("/mail/inbox?limit=20");
+    if (!result?.messages?.length) {
+      return "Inbox is empty.";
+    }
+    const lines = result.messages.map(
+      (m, i) => `${i + 1}. [UID:${m.uid}] From: ${m.from?.[0]?.address ?? "unknown"} | Subject: ${m.subject} | ${m.date}`
+    );
+    return `Inbox:
+${lines.join("\n")}`;
+  }
+  throw new Error(`Unknown resource: ${uri}`);
+}
+
+// src/index.ts
+var server = new McpServer({
+  name: "\u{1F380} AgenticMail",
+  version: "0.2.26",
+  description: "\u{1F380} AgenticMail \u2014 Email infrastructure for AI agents. By Ope Olatunji (https://github.com/agenticmail/agenticmail)"
+});
+for (const tool of toolDefinitions) {
+  server.tool(
+    tool.name,
+    tool.description,
+    tool.inputSchema,
+    async ({ arguments: args }) => {
+      try {
+        const result = await handleToolCall(tool.name, args);
+        return { content: [{ type: "text", text: result }] };
+      } catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        return {
+          content: [{ type: "text", text: `Error: ${message}` }],
+          isError: true
+        };
+      }
+    }
+  );
+}
+for (const resource of resourceDefinitions) {
+  server.resource(
+    resource.name,
+    resource.uri,
+    { description: resource.description, mimeType: resource.mimeType },
+    async () => {
+      try {
+        const content = await handleResourceRead(resource.uri);
+        return {
+          contents: [{ uri: resource.uri, text: content, mimeType: resource.mimeType }]
+        };
+      } catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        return {
+          contents: [{ uri: resource.uri, text: `Error: ${message}`, mimeType: "text/plain" }]
+        };
+      }
+    }
+  );
+}
+var transport = new StdioServerTransport();
+try {
+  await server.connect(transport);
+} catch (err) {
+  console.error("[agenticmail-mcp] Failed to start:", err);
+  process.exit(1);
+}
+async function shutdown() {
+  try {
+    await server.close();
+  } catch {
+  }
+  process.exit(0);
+}
+process.on("SIGTERM", () => shutdown());
+process.on("SIGINT", () => shutdown());