@agentprojectcontext/apx 1.7.0 → 1.8.1

package/src/daemon/project-config.js

@@ -15,7 +15,7 @@
 //     },
 //     "routines": [
 //       { "name": "morning-report", "schedule": "0 9 * * *", "agent": "sofia",
-//         "prompt": "Resumen del día anterior", "channel": "telegram" }
+//         "prompt": "Previous day summary", "channel": "telegram" }
 //     ]
 //   }
 //

package/src/daemon/routines.js

@@ -6,14 +6,15 @@
 // Kinds:
 //   heartbeat   — log a heartbeat message.   spec: { channel?, message? }
 //   exec_agent  — call an agent engine.       spec: { agent: slug, prompt }
+//   super_agent — call the APX super-agent.   spec: { prompt }
 //   telegram    — send a Telegram message.    spec: { channel?, chat_id?, text }
 //   shell       — run a shell command.        spec: { command, timeout_ms? }
 
 import { spawn } from "node:child_process";
-import path from "node:path";
-import fs from "node:fs";
 import { callEngine } from "./engines/index.js";
+import { runSuperAgent } from "./super-agent.js";
 import { readAgents } from "../core/parser.js";
+import { buildAgentSystem } from "../core/agent-system.js";
 import {
   listRoutines,
   getRoutine,
@@ -48,6 +49,8 @@ async function handleHeartbeat(ctx, routine) {
   project.logMessage({
     channel,
     direction: "out",
+    type: "system",
+    actor_id: "apx:routine",
     author: "apx",
     body: message,
     meta: { routine: routine.name },
@@ -66,17 +69,13 @@ async function handleExecAgent(ctx, routine) {
   const model = agent.fields.Model;
   if (!model) throw new Error(`agent ${slug} has no model`);
 
-  const f = agent.fields;
-  const parts = [];
-  if (f.Description) parts.push(f.Description);
-  if (f.Role) parts.push(`Role: ${f.Role}`);
-  const memPath = path.join(project.path, ".apc", "agents", slug, "memory.md");
-  if (fs.existsSync(memPath)) parts.push("## Memory\n" + fs.readFileSync(memPath, "utf8"));
-  parts.push(`You were invoked by routine "${routine.name}". Reply briefly, max 4 sentences.`);
-
   const result = await callEngine({
     modelId: model,
-    system: parts.join("\n\n"),
+    system: buildAgentSystem(project, agent, {
+      invocation: "routine",
+      routine: routine.name,
+      extraParts: [`Reply briefly, max 4 sentences.`],
+    }),
     messages: [{ role: "user", content: prompt }],
     config: project.config || globalConfig,
   });
@@ -85,6 +84,8 @@ async function handleExecAgent(ctx, routine) {
     agent_slug: slug,
     channel: "routine",
     direction: "out",
+    type: "agent",
+    actor_id: slug,
     author: slug,
     body: result.text,
     meta: { routine: routine.name, usage: result.usage },
@@ -92,6 +93,39 @@ async function handleExecAgent(ctx, routine) {
   return { status: "ok", reply: result.text };
 }
 
+async function handleSuperAgent(ctx, routine) {
+  const { project, globalConfig, projects, plugins, registries } = ctx;
+  const { prompt } = routine.spec;
+  if (!prompt) throw new Error("super_agent: spec needs { prompt }");
+
+  const cfg = structuredClone(globalConfig || {});
+  cfg.super_agent = {
+    ...(globalConfig?.super_agent || {}),
+    ...(routine.permission_mode ? { permission_mode: routine.permission_mode } : {}),
+    ...(Array.isArray(routine.allowed_tools) ? { allowed_tools: routine.allowed_tools } : {}),
+  };
+
+  const result = await runSuperAgent({
+    globalConfig: cfg,
+    projects,
+    plugins,
+    registries,
+    prompt,
+    contextNote: `You were invoked by APX routine "${routine.name}" in project ${project.path}. This is an autonomous scheduled run, not an interactive Telegram reply.`,
+  });
+
+  project.logMessage({
+    channel: "routine",
+    direction: "out",
+    type: "agent",
+    actor_id: result.name || "super_agent",
+    author: result.name || "super_agent",
+    body: result.text || "",
+    meta: { routine: routine.name, tool_trace: result.trace, usage: result.usage },
+  });
+  return { status: "ok", reply: result.text, trace: result.trace };
+}
+
 async function handleTelegram(ctx, routine) {
   const { plugins } = ctx;
   const tg = plugins?.get("telegram");
@@ -130,6 +164,7 @@ function handleShell(ctx, routine) {
 const HANDLERS = {
   heartbeat: handleHeartbeat,
   exec_agent: handleExecAgent,
+  super_agent: handleSuperAgent,
   telegram: handleTelegram,
   shell: handleShell,
 };
@@ -144,6 +179,10 @@ export async function runRoutineNow(ctx, routine) {
   let errMsg = null;
   try {
     result = await handler(ctx, routine);
+    if (result?.status === "error") {
+      status = "error";
+      errMsg = result.error || result.stderr || `routine ${routine.name} returned error status`;
+    }
   } catch (e) {
     status = "error";
     errMsg = e.message;
@@ -159,13 +198,25 @@ export async function runRoutineNow(ctx, routine) {
     next_run_at: next,
     disable: isOnce,
   });
+  ctx.project.logMessage?.({
+    channel: "routine",
+    direction: "out",
+    type: "system",
+    actor_id: "apx:routine",
+    author: "apx",
+    body: status === "ok"
+      ? `routine ${routine.name} ok`
+      : `routine ${routine.name} error: ${errMsg}`,
+    meta: { routine: routine.name, status, result },
+  });
   return { ...result, last_run_at: lastRun, next_run_at: next };
 }
 
 export class RoutineScheduler {
-  constructor({ projects, plugins, globalConfig, log }) {
+  constructor({ projects, plugins, registries, globalConfig, log }) {
     this.projects = projects;
     this.plugins = plugins;
+    this.registries = registries;
     this.globalConfig = globalConfig;
     this.log = log || (() => {});
     this._timer = null;
@@ -199,7 +250,13 @@ export class RoutineScheduler {
         for (const r of due) {
           this.log(`routine ${r.name} (${r.kind}) firing in project #${proj.id}`);
           await runRoutineNow(
-            { project: proj, plugins: this.plugins, globalConfig: this.globalConfig },
+            {
+              project: proj,
+              projects: this.projects,
+              plugins: this.plugins,
+              registries: this.registries,
+              globalConfig: this.globalConfig,
+            },
             r
           );
         }

package/src/daemon/super-agent-tools/helpers.js

@@ -1,5 +1,5 @@
-import fs from "node:fs";
 import path from "node:path";
+import { agentSkills, buildAgentSystem as buildCoreAgentSystem } from "../../core/agent-system.js";
 
 export function projectMeta(projects, entry) {
   const meta = projects.list().find((p) => p.id === entry.id);
@@ -61,8 +61,7 @@ export function safePathJoin(root, sub = ".") {
 }
 
 export function skillsFromFields(fields = {}) {
-  if (Array.isArray(fields.Skills)) return fields.Skills;
-  return (fields.Skills || "").split(",").map((s) => s.trim()).filter(Boolean);
+  return agentSkills({ fields });
 }
 
 export function agentRow(agent) {
@@ -76,36 +75,21 @@ export function agentRow(agent) {
   };
 }
 
-export function buildAgentSystem(project, agent) {
-  const parts = [];
-  if (agent.fields.Description) parts.push(agent.fields.Description);
-  if (agent.fields.Role) parts.push(`Role: ${agent.fields.Role}`);
-  if (agent.fields.Language) parts.push(`Default language: ${agent.fields.Language}`);
-
-  const memPath = path.join(project.path, ".apc", "agents", agent.slug, "memory.md");
-  if (fs.existsSync(memPath)) parts.push("## Memory\n" + fs.readFileSync(memPath, "utf8"));
-
-  const apxSkill = path.join(project.path, ".apc", "skills", "apx.md");
-  if (fs.existsSync(apxSkill)) parts.push("## APX\n" + fs.readFileSync(apxSkill, "utf8"));
-
-  for (const skill of skillsFromFields(agent.fields)) {
-    const skillPath = path.join(project.path, ".apc", "skills", `${skill}.md`);
-    if (fs.existsSync(skillPath)) parts.push(`## Skill: ${skill}\n` + fs.readFileSync(skillPath, "utf8"));
-  }
-
-  return parts.join("\n\n");
+export function buildAgentSystem(project, agent, opts = {}) {
+  return buildCoreAgentSystem(project, agent, opts);
 }
 
-export function createPermissionGuard(globalConfig = {}) {
+export function createPermissionGuard(globalConfig = {}, { implicitConfirmation = false } = {}) {
   const permissionMode = globalConfig.super_agent?.permission_mode || "automatico";
   const allowedTools = new Set(globalConfig.super_agent?.allowed_tools || []);
 
   return function requirePermission(tool, { dangerous = false, confirmed = false } = {}) {
+    const ok = confirmed || implicitConfirmation;
     if (permissionMode === "total") return;
-    if (permissionMode === "permiso" && !allowedTools.has(tool) && !confirmed) {
+    if (permissionMode === "permiso" && !allowedTools.has(tool) && !ok) {
       throw new Error(`requires_confirmation: permission_mode=permiso blocks ${tool}`);
     }
-    if (permissionMode === "automatico" && dangerous && !confirmed) {
+    if (permissionMode === "automatico" && dangerous && !ok) {
       throw new Error(`requires_confirmation: permission_mode=automatico requires confirmation for ${tool}`);
     }
   };

package/src/daemon/super-agent-tools/index.js

@@ -17,6 +17,7 @@ import callMcp from "./tools/call-mcp.js";
 import callRuntime from "./tools/call-runtime.js";
 import sendTelegram from "./tools/send-telegram.js";
 import setIdentity from "./tools/set-identity.js";
+import setPermissionMode from "./tools/set-permission-mode.js";
 import { createPermissionGuard } from "./helpers.js";
 
 const TOOLS = [
@@ -39,6 +40,7 @@ const TOOLS = [
   callRuntime,
   sendTelegram,
   setIdentity,
+  setPermissionMode,
 ];
 
 export const TOOL_SCHEMAS = TOOLS.map((tool) => tool.schema);
@@ -46,7 +48,9 @@ export const TOOL_SCHEMAS = TOOLS.map((tool) => tool.schema);
 export function makeToolHandlers(ctx) {
   const toolCtx = {
     ...ctx,
-    requirePermission: createPermissionGuard(ctx.globalConfig || {}),
+    requirePermission: createPermissionGuard(ctx.globalConfig || {}, {
+      implicitConfirmation: !!ctx.implicitConfirmation,
+    }),
   };
   return Object.fromEntries(TOOLS.map((tool) => [tool.name, tool.makeHandler(toolCtx)]));
 }

package/src/daemon/super-agent-tools/tools/call-agent.js

@@ -28,7 +28,10 @@ export default {
 
     const result = await callEngine({
       modelId: agent.fields.Model,
-      system: buildAgentSystem(p, agent),
+      system: buildAgentSystem(p, agent, {
+        invocation: "engine",
+        caller: "super_agent_tool",
+      }),
       messages: [{ role: "user", content: prompt }],
       config: p.config || globalConfig,
     });

package/src/daemon/super-agent-tools/tools/call-runtime.js

@@ -68,7 +68,11 @@ export default {
     }
 
     const r = await rt.run({
-      system: buildAgentSystem(p, agent),
+      system: buildAgentSystem(p, agent, {
+        invocation: "runtime",
+        runtime,
+        caller: "super_agent_tool",
+      }),
       prompt,
       cwd: p.path,
       timeoutMs: timeout_s * 1000,

package/src/daemon/super-agent-tools/tools/run-shell.js

@@ -21,6 +21,28 @@ function run(command, { cwd, timeoutMs }) {
   });
 }
 
+function isSafeShellCommand(command) {
+  const text = String(command || "").trim();
+  if (!text) return false;
+  if (/[`$<>]/.test(text)) return false;
+  if (/\b(rm|mv|cp|chmod|chown|mkdir|touch|tee|kill|pkill|npm\s+install|curl\s+-X|apx\s+routine\s+(add|remove|rm|enable|disable|run)|apx\s+config\s+set)\b/i.test(text)) {
+    return false;
+  }
+
+  const segments = text.split(/\s*(?:\||&&|\|\|)\s*/).filter(Boolean);
+  return segments.every((segment) => {
+    const cmd = segment.trim().split(/\s+/)[0];
+    if (["pwd", "ls", "find", "rg", "grep", "cat", "head", "tail", "sed", "wc", "date", "stat", "file", "du", "df", "whoami", "id", "uname", "echo"].includes(cmd)) {
+      return true;
+    }
+    if (cmd === "docker") return /^docker\s+ps\b/.test(segment.trim());
+    if (cmd === "apx") {
+      return /^apx\s+(--help|-h|help|status|daemon\s+status|routine\s+(list|ls|get|show)\b|project\s+(list|ls)\b|agent\s+(list|ls)\b|config\s+(show|ls)\b)/.test(segment.trim());
+    }
+    return false;
+  });
+}
+
 export default {
   name: "run_shell",
   schema: {
@@ -42,7 +64,7 @@ export default {
     },
   },
   makeHandler: ({ projects, requirePermission }) => async ({ project, cwd = ".", command, timeout_s = 60, confirmed = false }) => {
-    requirePermission("run_shell", { dangerous: true, confirmed });
+    requirePermission("run_shell", { dangerous: !isSafeShellCommand(command), confirmed });
     if (!command) throw new Error("run_shell: command required");
 
     const p = resolveProject(projects, project);

package/src/daemon/super-agent-tools/tools/search-messages.js

@@ -25,7 +25,9 @@ export default {
       ts: m.ts,
       channel: m.channel,
       direction: m.direction,
+      type: m.type,
       author: m.author,
+      actor_id: m.actor_id,
       body: m.body,
     }));
   },

package/src/daemon/super-agent-tools/tools/set-permission-mode.js

@@ -0,0 +1,32 @@
+import { readConfig, writeConfig } from "../../../core/config.js";
+import { confirmedProperty } from "../helpers.js";
+
+const MODES = new Set(["total", "automatico", "permiso"]);
+
+export default {
+  name: "set_permission_mode",
+  schema: {
+    type: "function",
+    function: {
+      name: "set_permission_mode",
+      description: "Set the super-agent permission mode in ~/.apx/config.json. Modes: total, automatico, permiso.",
+      parameters: {
+        type: "object",
+        properties: {
+          mode: { type: "string", enum: ["total", "automatico", "permiso"] },
+          confirmed: confirmedProperty("true only after explicit user confirmation for this exact permission-mode change"),
+        },
+        required: ["mode"],
+      },
+    },
+  },
+  makeHandler: ({ requirePermission }) => ({ mode, confirmed = false }) => {
+    requirePermission("set_permission_mode", { dangerous: true, confirmed });
+    if (!MODES.has(mode)) throw new Error("mode must be total, automatico, or permiso");
+    const cfg = readConfig();
+    cfg.super_agent = cfg.super_agent || {};
+    cfg.super_agent.permission_mode = mode;
+    writeConfig(cfg);
+    return { ok: true, mode };
+  },
+};

package/src/daemon/super-agent-tools/tools/tail-messages.js

@@ -30,7 +30,9 @@ export default {
       ts: m.ts,
       channel: m.channel,
       direction: m.direction,
+      type: m.type,
       author: m.author,
+      actor_id: m.actor_id,
       body: m.body,
     }));
   },

package/src/daemon/super-agent.js

@@ -30,6 +30,12 @@ APX is a local daemon + CLI for APC projects. User-level runtime state lives und
 
 APC projects are filesystem projects anywhere on disk with AGENTS.md and .apc/project.json. They contain agents, memories, skills, MCP hints, commands, and routines. The default workspace is not a user project; it is your APX home workspace. Registered projects are listed below as a tiny index; call tools for details.
 
+Useful CLI facts:
+- Permission mode: apx permission show; apx permission set total|automatico|permiso.
+- Routines: apx routine list|get|history|run|add. Autonomous super-agent routines use kind super_agent.
+- Routine design: if the user asks for an agent to think, decide, write, or reply, create an exec_agent routine with spec.agent and spec.prompt. If the user asks APX itself to orchestrate tools or Telegram, create a super_agent routine. If the request is only a deterministic command, create a shell routine. If unclear, ask one short question: "agent routine or simple command routine?"
+- Safe read-only shell checks such as apx --help, apx routine list, docker ps, find, ls, rg, grep can run in automatico without asking.
+
 Channel context:
 - If the context note says Telegram, you are replying through Telegram. Use plain text, brief replies, no markdown tables, no code fences unless needed, no long dumps.
 - If not Telegram, answer normally for the caller, still concise.
@@ -48,22 +54,37 @@ Available tools:
 - call_runtime                                   — spawn a separate claude-code/codex/opencode/aider session when the user wants an external runtime/chat
 - send_telegram                                  — send a message
 - set_identity                                   — update agent name, personality, owner, language (persists to disk)
+- set_permission_mode                            — set total/automatico/permiso in ~/.apx/config.json
 
 HARD RULES (do not deviate):
 1. NEVER invent project names, agent slugs, model ids, MCP names or paths. ALWAYS look them up via list_* first.
-2. If the user says "los agentes" / "lista" / "qué hay" without specifying a project, that means **all of them** — call the tool WITHOUT a project argument and the result will include every project.
+2. If the user asks for agents, lists, inventory, or "what exists" without specifying a project, that means **all of them** — call the tool WITHOUT a project argument and the result will include every project.
 3. NEVER answer "specify a project" — instead, just call the tool with no argument and you'll get the full picture.
 4. If a tool result has an error, retry with different arguments before falling back to asking the user.
-5. Respect permission mode. total = execute requested actions without confirmation. automatico = read/list/safe actions run directly; destructive, external, command/runtime, MCP calls, and filesystem/config mutations need explicit user confirmation. permiso = only allowed tools run directly; everything else needs confirmation.
-6. Default language: es-AR. Plain text, no markdown formatting (Telegram doesn't render it).
+5. Respect permission mode. total = execute requested actions without confirmation. automatico = read/list/safe shell actions run directly; destructive, external, runtime, MCP calls, outbound messages, config, and filesystem mutations need explicit user confirmation. permiso = only allowed tools run directly; everything else needs confirmation.
+6. Write in the user's language unless they request another language. The system prompt stays English. Plain text, no markdown formatting for Telegram.
 7. Stay brief: under 6 sentences unless asked for detail.
 8. You DO see recent prior turns of this chat as previous messages when applicable. **Use them ONLY to disambiguate references** (e.g. "el primero" → first project mentioned earlier). For ANY factual data — agent details, MCP details, file contents, memory — RE-CALL the tool. Past turns are context, not a cache. Models change, agents change, files change.
 9. /reset or /new from the user means "forget previous turns and answer this one fresh" — if you see those prefixes the operator already cleared the context for you.
 10. ACTION RULE: use direct tools for direct work. run_shell executes commands; write_file/edit_file modify files. call_runtime is only for spawning a separate external runtime/chat. call_mcp is only for an MCP server/tool.
-11. DISPATCH RULE: when the user says things like "que <agente> haga X", "iniciá una sesión con Claude/Codex", "que <agente> arranque <runtime>", "andá a <runtime> y hacé X" — that is a call_runtime request. Look up the agent slug with list_agents if needed, then call call_runtime({agent: <slug>, runtime: 'claude-code'|'codex'|'opencode'|'aider', prompt: <user's request>}). The agent's declared model (in AGENTS.md) is IGNORED in this case; the runtime supplies the model. Memory + skills of the agent become the system prompt of the runtime.
+11. DISPATCH RULE: when the user asks a named agent to work inside Claude, Codex, OpenCode, or Aider, that is a call_runtime request. Look up the agent slug with list_agents if needed, then call call_runtime({agent: <slug>, runtime: 'claude-code'|'codex'|'opencode'|'aider', prompt: <user's request>}). The agent's declared model (in AGENTS.md) is IGNORED in this case; the runtime supplies the model. Memory + skills of the agent become the system prompt of the runtime.
 12. PROJECT RULE: when the user gives no project, use project "default". Do not infer a non-default project from old chat history unless the user references it. If they mention a path or project name, look it up or add it with add_project.
 13. VAULT RULE: when the user wants a new existing agent/template, call list_vault_agents first. If a suitable vault agent exists, import_agent into the chosen project. If none fits, say briefly what is missing.
-14. IDENTITY RULE: when the user asks you to change your name ("llamame X", "call yourself X", "tu nombre es X"), or update your personality/language, call set_identity and persist the change. Then confirm with your new name.`;
+14. NO-PENDING RULE: never say "give me a second", "I will do it", or "I will try later" as a final answer. Either call the tool in this same turn or say what blocks you.
+15. IDENTITY RULE: when the user asks you to change your name, call yourself something, or update your personality/language, call set_identity and persist the change. Then confirm with your new name.`;
+
+function isShortConfirmation(text) {
+  return /^(yes|y|si|si dale|dale|ok|okay|confirm|confirmed|go|proceed|do it)\b/i
+    .test(String(text || "").trim());
+}
+
+function lastAssistantAskedForConfirmation(messages) {
+  for (let i = messages.length - 1; i >= 0; i--) {
+    if (messages[i]?.role !== "assistant") continue;
+    return /\b(confirm|confirmation|ok|okay|permission|allowed|proceed|do it|dale)\b/i.test(messages[i].content || "");
+  }
+  return false;
+}
 
 export function isSuperAgentEnabled(cfg) {
   return !!(cfg && cfg.super_agent && cfg.super_agent.enabled && cfg.super_agent.model);
@@ -117,6 +138,8 @@ export async function runSuperAgent({
     plugins,
     registries,
     globalConfig,
+    implicitConfirmation:
+      isShortConfirmation(prompt) && lastAssistantAskedForConfirmation(previousMessages),
   });
 
   // Agent loop: call model → if tool_calls, execute and feed back; repeat.

package/src/daemon/wakeup.js

@@ -11,20 +11,20 @@ function detectLanguage(identity) {
   const lang = process.env.LANG || process.env.LC_MESSAGES || process.env.LC_ALL || "";
   const code = lang.split(/[_\.]/)[0].toLowerCase();
   const map = {
-    es: "Spanish (Español)",
+    es: "Spanish",
     en: "English",
-    fr: "French (Français)",
-    pt: "Portuguese (Português)",
-    de: "German (Deutsch)",
-    it: "Italian (Italiano)",
-    nl: "Dutch (Nederlands)",
-    ru: "Russian (Русский)",
-    ja: "Japanese (日本語)",
-    zh: "Chinese (中文)",
-    ko: "Korean (한국어)",
-    ar: "Arabic (العربية)",
+    fr: "French",
+    pt: "Portuguese",
+    de: "German",
+    it: "Italian",
+    nl: "Dutch",
+    ru: "Russian",
+    ja: "Japanese",
+    zh: "Chinese",
+    ko: "Korean",
+    ar: "Arabic",
   };
-  return map[code] || "Spanish (Español)"; // default es-AR like the super-agent
+  return map[code] || "English";
 }
 
 async function generateMessage(identity, engineConfig) {