@aion0/forge 0.10.58 → 0.10.65

package/RELEASE_NOTES.md

@@ -1,8 +1,14 @@
-# Forge v0.10.58
+# Forge v0.10.65
 
 Released: 2026-06-10
 
-## Changes since v0.10.57
+## Changes since v0.10.64
 
+### Other
+- fix(connectors): cache-bust github_api manifest fetch
+- feat(chat): connector _files download channel + extract_archive + create_schedule prompt mode
+- feat(settings): ↻ refresh-models button — pull registry past the 24h cache
+- fix(publish): preflight gh with real API call + actionable 401 hint
 
-**Full Changelog**: https://github.com/aiwatching/forge/compare/v0.10.57...v0.10.58
+
+**Full Changelog**: https://github.com/aiwatching/forge/compare/v0.10.64...v0.10.65

package/app/chat/page.tsx

@@ -43,6 +43,17 @@ interface ChatSession extends Session {
   meta?: { kind?: 'main' | 'temp'; [k: string]: unknown };
 }
 
+// One configured API profile, as the header's quick-switcher lists them.
+// Mirrors settings.apiProfiles entries (apiKey is masked by /api/settings —
+// we never read it here, just id/name/provider/model to label the option).
+interface ProfileOption {
+  id: string;
+  name: string;
+  provider: string;
+  model: string;
+  enabled: boolean;
+}
+
 export default function ChatPage() {
   const [sessions, setSessions] = useState<ChatSession[]>([]);
   // Inline rename state — only one row edits at a time. editingId is the
@@ -63,6 +74,13 @@ export default function ChatPage() {
   const [memory, setMemory] = useState<MemoryStatus | null>(null);
   const [memoryOpen, setMemoryOpen] = useState(false);
   const [error, setError] = useState('');
+  // Configured API profiles + the header quick-switch dropdown's open state.
+  const [profiles, setProfiles] = useState<ProfileOption[]>([]);
+  const [switchOpen, setSwitchOpen] = useState(false);
+  // The model the backend ACTUALLY served on the last turn (from the
+  // provider response, not the model's self-description). Reset on session
+  // switch so it never shows a stale value from a different conversation.
+  const [servedModel, setServedModel] = useState('');
 
   const eventSrcRef = useRef<EventSource | null>(null);
   const scrollRef = useRef<HTMLDivElement>(null);
@@ -108,9 +126,32 @@ export default function ChatPage() {
   }, []);
 
   useEffect(() => {
+    setServedModel(''); // stale across sessions — cleared until next turn reports
     if (activeId) loadMessages(activeId);
   }, [activeId, loadMessages]);
 
+  // ─── Load configured API profiles (for the header quick-switcher) ──
+  // Served by next-server's /api/settings (same origin) with apiKeys masked.
+  useEffect(() => {
+    (async () => {
+      try {
+        const r = await fetch('/api/settings');
+        if (!r.ok) return;
+        const s = (await r.json()) as { apiProfiles?: Record<string, { name?: string; enabled?: boolean; provider?: string; model?: string }> };
+        const list: ProfileOption[] = Object.entries(s.apiProfiles || {})
+          .filter(([, p]) => p && p.enabled !== false)
+          .map(([id, p]) => ({
+            id,
+            name: p.name || id,
+            provider: p.provider || 'anthropic',
+            model: p.model || 'default',
+            enabled: p.enabled !== false,
+          }));
+        setProfiles(list);
+      } catch { /* non-fatal — header just falls back to plain text */ }
+    })();
+  }, []);
+
   // ─── SSE subscription ─────────────────────────────────────
   useEffect(() => {
     if (!activeId) return;
@@ -139,6 +180,7 @@ export default function ChatPage() {
         setStreaming(false);
         setStopRequested(false);
         setPartial('');
+        if (data.served_model) setServedModel(String(data.served_model));
         loadMessages(activeId);
         refreshSessions();
       } else if (type === 'watch_status') {
@@ -320,6 +362,32 @@ export default function ChatPage() {
     }
   }
 
+  // Switch the active session's API profile. session.provider holds the
+  // apiProfile id; session.model the (optional) override. We set both to the
+  // chosen profile's id + its configured model so the next turn uses it —
+  // updateSession merges with ?? semantics, so passing the model explicitly
+  // avoids carrying a stale model from the previous profile.
+  async function switchProfile(p: ProfileOption) {
+    setSwitchOpen(false);
+    if (!activeId) return;
+    if (activeSession?.provider === p.id) return; // already on it
+    try {
+      const r = await fetch(`${PROXY}/sessions/${activeId}`, {
+        method: 'PATCH',
+        headers: { 'content-type': 'application/json' },
+        body: JSON.stringify({ provider: p.id, model: p.model }),
+      });
+      if (!r.ok) {
+        const j = await r.json().catch(() => ({}));
+        setError(j.error || `switch failed (HTTP ${r.status})`);
+        return;
+      }
+      await refreshSessions();
+    } catch (e) {
+      setError(e instanceof Error ? e.message : String(e));
+    }
+  }
+
   async function clearMessages() {
     if (!activeId) return;
     if (!confirm('Clear all messages in this session?')) return;
@@ -497,10 +565,74 @@ export default function ChatPage() {
                 'No session'}
             </div>
             {activeSession && (
-              <div className="text-[11px] text-[var(--text-secondary)]">
-                {activeSession.provider || 'auto'} · {activeSession.model || 'default'}
+              <div className="relative inline-block">
+                <button
+                  type="button"
+                  onClick={() => setSwitchOpen((v) => !v)}
+                  disabled={profiles.length === 0}
+                  title={profiles.length ? 'Switch API profile for this conversation' : 'No API profiles configured'}
+                  className="flex items-center gap-1 text-[11px] text-[var(--text-secondary)] hover:text-[var(--text-primary)] disabled:cursor-default disabled:hover:text-[var(--text-secondary)] transition-colors"
+                >
+                  <span>
+                    {(() => {
+                      const cur = profiles.find((p) => p.id === activeSession.provider);
+                      const label = cur?.name || activeSession.provider || 'auto';
+                      return `${label} · ${activeSession.model || cur?.model || 'default'}`;
+                    })()}
+                  </span>
+                  {profiles.length > 0 && <span className="opacity-50 text-[9px]">▼</span>}
+                </button>
+                {switchOpen && profiles.length > 0 && (
+                  <>
+                    {/* click-away backdrop */}
+                    <div className="fixed inset-0 z-10" onClick={() => setSwitchOpen(false)} />
+                    <div className="absolute left-0 top-full mt-1 z-20 min-w-[200px] max-h-[60vh] overflow-y-auto rounded-md border border-[var(--border)] bg-[var(--bg-secondary)] shadow-lg py-1">
+                      {profiles.map((p) => {
+                        const active = p.id === activeSession.provider;
+                        return (
+                          <button
+                            key={p.id}
+                            type="button"
+                            onClick={() => switchProfile(p)}
+                            className={`w-full text-left px-3 py-1.5 text-[11px] hover:bg-[var(--bg-tertiary)] transition-colors ${
+                              active ? 'text-[var(--accent)]' : 'text-[var(--text-primary)]'
+                            }`}
+                          >
+                            <div className="flex items-center gap-1.5">
+                              {active && <span className="text-[9px]">✓</span>}
+                              <span className="font-medium truncate">{p.name}</span>
+                            </div>
+                            <div className="text-[10px] text-[var(--text-secondary)] truncate pl-0.5">
+                              {p.provider} · {p.model}
+                            </div>
+                          </button>
+                        );
+                      })}
+                    </div>
+                  </>
+                )}
               </div>
             )}
+            {servedModel && (() => {
+              // The honest backend identity. Tint amber when it differs from
+              // the configured model — that means the proxy (litellm) fell
+              // back server-side (e.g. qwen → claude), which is the usual
+              // cause of "why is everything claude".
+              const cur = profiles.find((p) => p.id === activeSession?.provider);
+              const requested = activeSession?.model || cur?.model || '';
+              const mismatch = requested && servedModel && servedModel !== requested;
+              return (
+                <div
+                  className="text-[10px] mt-0.5"
+                  style={{ color: mismatch ? '#fbbf24' : 'var(--text-secondary)' }}
+                  title={mismatch
+                    ? `Backend actually served "${servedModel}" — differs from the requested "${requested}". The proxy fell back server-side.`
+                    : `Backend-reported model for the last reply (trustworthy — not the model's self-description)`}
+                >
+                  served: {servedModel}{mismatch ? ` ⚠ (≠ ${requested})` : ''}
+                </div>
+              );
+            })()}
           </div>
           <button
             onClick={clearMessages}

package/components/SettingsModal.tsx

@@ -1799,7 +1799,7 @@ function MarketplaceProvidersSection() {
 }
 
 function AgentsSection({ settings, setSettings }: { settings: any; setSettings: (s: any) => void }) {
-  const { registry: modelsRegistry } = useModelsRegistry();
+  const { registry: modelsRegistry, refresh: refreshModels, loading: modelsLoading } = useModelsRegistry();
   const [agents, setAgents] = useState<AgentEntry[]>([]);
   const [loading, setLoading] = useState(true);
   const [expandedAgent, setExpandedAgent] = useState<string | null>(null);
@@ -2126,6 +2126,13 @@ function AgentsSection({ settings, setSettings }: { settings: any; setSettings:
                     {/* Preset models */}
                     <div className="flex items-center gap-1 mt-1.5 flex-wrap">
                       <span className="text-[8px] text-[var(--text-secondary)]">Presets:</span>
+                      <button
+                        type="button"
+                        onClick={() => { void refreshModels(); }}
+                        disabled={modelsLoading}
+                        title="Refresh model list from the public-info registry (bypasses the 24h cache)"
+                        className="text-[8px] px-1 py-0.5 rounded border border-[var(--border)] text-[var(--text-secondary)] hover:text-[var(--text-primary)] disabled:opacity-50"
+                      >{modelsLoading ? '…' : '↻'}</button>
                       {((() => {
                         const ct = (settings.agents?.[a.id] as any)?.cliType || (a.id === 'claude' ? 'claude-code' : a.id === 'codex' ? 'codex' : a.id === 'aider' ? 'aider' : 'generic');
                         // Models pulled from forge-public-info repo (lib/public-info/fetch.ts).

package/lib/chat/agent-loop.ts

@@ -773,6 +773,7 @@ export async function runTurn(args: RunTurnArgs): Promise<{ ok: boolean; error?:
 
   let iter = 0;
   let lastStop = '';
+  let lastServedModelId = '';
   let assistantBlocksAccum: ContentBlock[] = [];
 
   // beginTurn already ran at function entry (see top of runTurn). The
@@ -933,8 +934,9 @@ export async function runTurn(args: RunTurnArgs): Promise<{ ok: boolean; error?:
       // ── Real usage from the provider (when reported) ──
       if (result.usage) {
         const u = result.usage;
-        console.log(`[chat-tokens] session=${args.sessionId} turn=${iter} REAL in=${u.inputTokens ?? '?'} out=${u.outputTokens ?? '?'} cache_read=${u.cacheReadTokens ?? 0} cache_create=${u.cacheCreationTokens ?? 0} stop=${result.stopReason}`);
+        console.log(`[chat-tokens] session=${args.sessionId} turn=${iter} REAL in=${u.inputTokens ?? '?'} out=${u.outputTokens ?? '?'} cache_read=${u.cacheReadTokens ?? 0} cache_create=${u.cacheCreationTokens ?? 0} stop=${result.stopReason} served=${result.servedModelId ?? '?'}`);
       }
+      if (result.servedModelId) lastServedModelId = result.servedModelId;
 
       lastStop = result.stopReason;
       assistantBlocksAccum = result.content;
@@ -1008,7 +1010,7 @@ export async function runTurn(args: RunTurnArgs): Promise<{ ok: boolean; error?:
       cb({ type: 'error', data: { error: `iteration limit (${MAX_ITERATIONS}) exceeded` } });
     }
 
-    cb({ type: 'turn_done', data: { iterations: iter, stop_reason: lastStop } });
+    cb({ type: 'turn_done', data: { iterations: iter, stop_reason: lastStop, served_model: lastServedModelId || undefined, requested_model: provider.model, profile: provider.name } });
     return { ok: true };
   } catch (err) {
     let msg = err instanceof Error ? err.message : String(err);

package/lib/chat/llm/anthropic.ts

@@ -203,6 +203,10 @@ export const anthropicAdapter: LlmAdapter = {
         };
       }
     } catch {}
-    return { stopReason: mapStop(finishReason), content, usage };
+    // The model the backend ACTUALLY served — may differ from req.model
+    // when a litellm/relay proxy falls back (e.g. forti-coder → claude).
+    let servedModelId: string | undefined;
+    try { servedModelId = (await result.response)?.modelId; } catch {}
+    return { stopReason: mapStop(finishReason), content, usage, servedModelId };
   },
 };

package/lib/chat/llm/openai.ts

@@ -123,6 +123,10 @@ export const openaiAdapter: LlmAdapter = {
         };
       }
     } catch {}
-    return { stopReason: mapStop(finishReason), content, usage };
+    // The model the backend ACTUALLY served — may differ from req.model
+    // when a litellm/relay proxy falls back (e.g. forti-coder → claude).
+    let servedModelId: string | undefined;
+    try { servedModelId = (await result.response)?.modelId; } catch {}
+    return { stopReason: mapStop(finishReason), content, usage, servedModelId };
   },
 };

package/lib/chat/llm/types.ts

@@ -35,6 +35,12 @@ export interface LlmTurnResult {
   /** Token usage from the provider, if reported. May be partially-filled
    *  or absent for proxies that don't expose it. */
   usage?: LlmTurnUsage;
+  /** The model id the backend actually served, read from the response
+   *  (`response.modelId`). For litellm/relay proxies this can DIFFER from
+   *  the requested model — the proxy may silently fall back (e.g. qwen →
+   *  claude-sonnet-4-6). This is the only trustworthy identity, since the
+   *  model's own self-description in the text is often wrong. */
+  servedModelId?: string;
 }
 
 export interface LlmRequest {

package/lib/chat/tool-dispatcher.ts

@@ -116,6 +116,53 @@ async function resolveScratchRefsInArgs(args: Record<string, unknown>): Promise<
   }
 }
 
+// Download channel (mirror of the scratch:// upload path). A connector that
+// fetched a binary (e.g. owa.download_attachment) can't return the bytes
+// through the model — the 16KB tool-result cap would shred any base64. So it
+// returns `_files: [{ filename, content_base64, content_type }]` and we
+// materialize them HERE: decode → write to <dataDir>/tmp/ → strip the base64
+// and replace each entry with a small {filename, path, file_url, size_bytes}
+// pointer the model can hand to read_forge_file / extract_archive. Bytes
+// never reach the LLM. Generic — any protocol's result is scanned.
+async function materializeConnectorFiles(result: ToolResult): Promise<ToolResult> {
+  let parsed: unknown;
+  try { parsed = JSON.parse(result.content); } catch { return result; }
+  if (!parsed || typeof parsed !== 'object') return result;
+  const files = (parsed as { _files?: unknown })._files;
+  if (!Array.isArray(files) || files.length === 0) return result;
+
+  const { mkdir, writeFile } = await import('node:fs/promises');
+  const { dirname, basename } = await import('node:path');
+  const out: Array<Record<string, unknown>> = [];
+  for (const f of files) {
+    const e = (f && typeof f === 'object') ? f as Record<string, unknown> : {};
+    const b64 = typeof e.content_base64 === 'string' ? e.content_base64 : '';
+    const rawName = String(e.filename || e.name || 'download.bin');
+    // Bare, sanitized name under tmp/ — no traversal, no nesting (the cache
+    // janitor only sweeps top-level tmp/ files).
+    const safe = (basename(rawName).replace(/[\0/\\]/g, '_').replace(/^\.+/, '') || 'download.bin').slice(0, 200);
+    if (!b64) { out.push({ ...e, error: 'no content_base64' }); continue; }
+    try {
+      const buf = Buffer.from(b64, 'base64');
+      const target = await resolveTmpPath(safe);
+      await mkdir(dirname(target), { recursive: true });
+      await writeFile(target, buf);
+      out.push({
+        filename: safe,
+        path: `tmp/${safe}`,
+        local_path: target,
+        file_url: `file://${target}`,
+        size_bytes: buf.length,
+        ...(e.content_type ? { content_type: e.content_type } : {}),
+      });
+    } catch (err) {
+      out.push({ filename: safe, error: (err as Error).message });
+    }
+  }
+  const next = { ...(parsed as Record<string, unknown>), _files: out };
+  return { ...result, content: JSON.stringify(next) };
+}
+
 const BUILTINS: Record<string, BuiltinHandler> = {
   get_current_time: async () => new Date().toISOString(),
 
@@ -475,6 +522,82 @@ const BUILTINS: Record<string, BuiltinHandler> = {
     });
   },
 
+  // Extract a zip/tar/gz archive sitting in tmp/ (e.g. one a connector just
+  // downloaded via the _files channel) into tmp/<base>-extracted/, then
+  // return the file listing so the agent can read_forge_file each entry.
+  // The chat agent has no shell, so this shells out to system unzip/tar/
+  // gunzip on its behalf. Stays inside tmp/ on both ends.
+  extract_archive: async (input) => {
+    const params = (input as { filename?: string } | undefined) || {};
+    const raw = String(params.filename || '').trim().replace(/^tmp\//, '');
+    if (!raw) return JSON.stringify({ ok: false, error: 'filename is required (a tmp/ archive, e.g. "report.zip")' });
+    let archive: string;
+    try { archive = await resolveTmpPath(raw); }
+    catch (e) { return JSON.stringify({ ok: false, error: (e as Error).message }); }
+    const { existsSync } = await import('node:fs');
+    if (!existsSync(archive)) return JSON.stringify({ ok: false, error: `archive not found: tmp/${raw}` });
+
+    const lower = raw.toLowerCase();
+    const base = raw.replace(/\.(zip|tar\.gz|tgz|tar|gz)$/i, '');
+    const outRel = `${base}-extracted`;
+    let outDir: string;
+    try { outDir = await resolveTmpPath(outRel); }
+    catch (e) { return JSON.stringify({ ok: false, error: (e as Error).message }); }
+
+    const { execFile } = await import('node:child_process');
+    const { promisify } = await import('node:util');
+    const { mkdir, readdir, stat } = await import('node:fs/promises');
+    const { join, relative } = await import('node:path');
+    const run = promisify(execFile);
+    await mkdir(outDir, { recursive: true });
+
+    try {
+      if (lower.endsWith('.zip')) {
+        await run('unzip', ['-o', '-qq', archive, '-d', outDir], { timeout: 60000 });
+      } else if (lower.endsWith('.tar.gz') || lower.endsWith('.tgz') || lower.endsWith('.tar')) {
+        await run('tar', ['-xf', archive, '-C', outDir], { timeout: 60000 });
+      } else if (lower.endsWith('.gz')) {
+        // single-file gzip → decompress to the same basename inside outDir
+        const { createReadStream, createWriteStream } = await import('node:fs');
+        const { createGunzip } = await import('node:zlib');
+        const { pipeline } = await import('node:stream/promises');
+        const dest = join(outDir, base.split('/').pop() || 'file');
+        await pipeline(createReadStream(archive), createGunzip(), createWriteStream(dest));
+      } else {
+        return JSON.stringify({ ok: false, error: `unsupported archive type: ${raw} (supported: .zip .tar .tar.gz .tgz .gz)` });
+      }
+    } catch (e) {
+      return JSON.stringify({ ok: false, error: `extraction failed: ${(e as Error).message}` });
+    }
+
+    // Walk the extracted tree (capped) and return tmp-relative paths.
+    const files: Array<{ path: string; size_bytes: number }> = [];
+    const { getDataDir } = await import('../dirs');
+    const tmpRoot = join(getDataDir(), 'tmp');
+    async function walk(dir: string, depth: number): Promise<void> {
+      if (files.length >= 500 || depth > 8) return;
+      for (const ent of await readdir(dir, { withFileTypes: true })) {
+        if (files.length >= 500) break;
+        const full = join(dir, ent.name);
+        if (ent.isDirectory()) { await walk(full, depth + 1); continue; }
+        if (ent.isFile()) {
+          const s = await stat(full);
+          files.push({ path: `tmp/${relative(tmpRoot, full)}`, size_bytes: s.size });
+        }
+      }
+    }
+    try { await walk(outDir, 0); } catch { /* partial listing is fine */ }
+
+    return JSON.stringify({
+      ok: true,
+      archive: `tmp/${raw}`,
+      extracted_dir: `tmp/${outRel}`,
+      count: files.length,
+      files,
+      note: 'Read any entry with read_forge_file (pass its `path`). Extracted dir is NOT auto-swept by the cache janitor (it only sweeps top-level tmp/ files).',
+    });
+  },
+
   // List files anywhere under <dataDir>/ (Forge's own data dir).
   // Replaces the "dispatch a task just to `ls`" workaround. The `dir`
   // param is dataDir-relative — pass "tmp" / "scratch" / "flows" /
@@ -626,8 +749,11 @@ const BUILTINS: Record<string, BuiltinHandler> = {
     const p = (input as any) || {};
     const name = String(p.name || '').trim();
     const workflow = String(p.workflow || p.body_ref || '').trim();
+    const promptText = String(p.prompt || '').trim();
     if (!name) return JSON.stringify({ ok: false, error: 'name is required' });
-    if (!workflow) return JSON.stringify({ ok: false, error: 'workflow (pipeline name) is required' });
+    if (!workflow && !promptText) {
+      return JSON.stringify({ ok: false, error: 'provide either prompt (free-text instructions — dispatched as a one-shot Claude task WITH connector tools) or workflow (an existing pipeline name)' });
+    }
 
     // Trigger normalization: prefer every_minutes; accept at (once) or cron.
     let schedule_kind: 'period' | 'once' | 'cron' = 'period';
@@ -647,14 +773,36 @@ const BUILTINS: Record<string, BuiltinHandler> = {
       return JSON.stringify({ ok: false, error: 'one of every_minutes / at / cron is required' });
     }
 
+    // Body resolution. prompt mode (preferred for "run these instructions on
+    // a schedule") wins when both are somehow given — it dispatches a one-shot
+    // Claude task that HAS the full connector toolset (Teams/Mantis/etc.), so
+    // no pipeline YAML is needed. The prompt text is persisted to
+    // prompts/<slug>.yaml and the schedule row just references it by name.
+    let body_kind: 'pipeline' | 'prompt' = 'pipeline';
+    let body_ref = workflow;
+    const skills = Array.isArray(p.skills) ? p.skills : undefined;
+    if (promptText) {
+      const slug = (name.toLowerCase().replace(/[^a-z0-9._-]+/g, '-').replace(/^-+|-+$/g, '') || 'schedule').slice(0, 64);
+      try {
+        const { createPrompt, getPrompt, updatePrompt } = await import('../prompts/store');
+        const execu = skills ? { skills } : undefined;
+        if (getPrompt(slug)) updatePrompt(slug, { prompt: promptText, executor: execu });
+        else createPrompt({ name: slug, prompt: promptText, executor: execu });
+      } catch (e) {
+        return JSON.stringify({ ok: false, error: `failed to save prompt: ${(e as Error).message}` });
+      }
+      body_kind = 'prompt';
+      body_ref = slug;
+    }
+
     const { createSchedule, seedNextRunAt } = await import('../schedules/store');
     try {
       const s = createSchedule({
         name,
-        body_kind: 'pipeline',
-        body_ref: workflow,
+        body_kind,
+        body_ref,
         input: (p.input && typeof p.input === 'object') ? p.input : {},
-        skills: Array.isArray(p.skills) ? p.skills : undefined,
+        skills,
         enabled: p.enabled !== false,
         schedule_kind,
         schedule_interval_minutes,
@@ -889,6 +1037,17 @@ export const BUILTIN_TOOL_DEFS: BuiltinToolDef[] = [
       required: ['filename'],
     },
   },
+  {
+    name: 'extract_archive',
+    description: 'Unpack an archive sitting in tmp/ (e.g. one a connector just downloaded — owa.download_attachment etc.) into tmp/<base>-extracted/, and return the file listing. USE THIS when an attachment / download is a .zip / .tar / .tar.gz / .tgz / .gz and you need to read what is inside — you have no shell, this runs unzip/tar for you. Then read individual entries with read_forge_file using each returned `path`. Returns JSON {ok, extracted_dir, count, files:[{path,size_bytes}]}.',
+    input_schema: {
+      type: 'object',
+      properties: {
+        filename: { type: 'string', description: 'tmp/ archive to extract, e.g. "report.zip" or "tmp/logs.tar.gz". Must already be in tmp/ (a download lands there via the connector _files channel).' },
+      },
+      required: ['filename'],
+    },
+  },
   {
     name: 'list_forge_files',
     description: 'List files / subdirs anywhere under <dataDir>/ (Forge\'s own data dir). PREFER THIS over `dispatch_task` with `ls` — it\'s sync, in-process, no LLM detour. `dir` is dataDir-relative: pass "tmp" for chat-saved temp files, "scratch" for task workspaces, "flows" / "prompts" / "connectors" for configs. Omit `dir` to see the dataDir root. Each entry has `path` (dataDir-relative), `kind` (file/dir), and `file_url` (file://… opens in Chrome on localhost). Sensitive items (encrypt key, sqlite DBs, server log, *-tokens.json) are filtered out automatically.',
@@ -947,12 +1106,13 @@ export const BUILTIN_TOOL_DEFS: BuiltinToolDef[] = [
   },
   {
     name: 'create_schedule',
-    description: 'Create a recurring (or one-off) schedule that fires a Forge pipeline on a timer. NO HTTP, NO auth — runs in-process. Use this when the user says "every N minutes/hours" / "watch X" / "monitor Y" / "auto-run pipeline on schedule". REQUIRED args: name + workflow + ONE of {every_minutes, at, cron}. Returns { ok, schedule_id, next_run_at }.',
+    description: 'Create a recurring (or one-off) schedule on a timer. NO HTTP, NO auth — runs in-process. Use when the user says "every N minutes/hours" / "watch X" / "monitor Y" / "auto-run on schedule". TWO body modes — pick ONE:\n• prompt mode (PREFERRED for "do these instructions on a schedule"): pass `prompt` with free-text instructions. Each fire dispatches a one-shot Claude task that HAS THE FULL CONNECTOR TOOLSET (Teams/Mantis/GitLab/etc.) and your skills. No pipeline YAML needed — do NOT build a throwaway pipeline just to run a prompt on a timer.\n• pipeline mode: pass `workflow` (an existing pipeline name) for a structured multi-node DAG.\nREQUIRED: name + (prompt OR workflow) + ONE of {every_minutes, at, cron}. Returns { ok, schedule_id, next_run_at }.',
     input_schema: {
       type: 'object',
       properties: {
-        name: { type: 'string', description: 'Human-readable name shown in the Schedules UI.' },
-        workflow: { type: 'string', description: 'Pipeline workflow name (file basename of flows/<name>.yaml). Run trigger_pipeline() with NO args first if unsure what names are available.' },
+        name: { type: 'string', description: 'Human-readable name shown in the Schedules UI. Also used as the prompt slug in prompt mode.' },
+        prompt: { type: 'string', description: 'PROMPT MODE: free-text instructions run as a one-shot Claude task on each fire, with full connector tools + skills. Use this for "every hour check Teams channel X and notify me" style asks. Mutually exclusive with workflow.' },
+        workflow: { type: 'string', description: 'PIPELINE MODE: existing pipeline workflow name (basename of flows/<name>.yaml). Run trigger_pipeline() with NO args first to list. Mutually exclusive with prompt.' },
         input: { type: 'object', description: 'Pipeline input fields. Same shape as trigger_pipeline.input. OMIT optional fields to use defaults.' },
         skills: { type: 'array', items: { type: 'string' }, description: 'Skill names to inject into every Claude task this schedule spawns.' },
         every_minutes: { type: 'number', description: 'Period in minutes (e.g. 60 = hourly). Most common trigger.' },
@@ -961,7 +1121,7 @@ export const BUILTIN_TOOL_DEFS: BuiltinToolDef[] = [
         enabled: { type: 'boolean', description: 'Whether to start enabled. Default true.' },
         action: { type: 'string', enum: ['none', 'chat', 'email', 'telegram'], description: 'Post-run notification action. Default "none".' },
       },
-      required: ['name', 'workflow'],
+      required: ['name'],
     },
   },
   {
@@ -1374,6 +1534,14 @@ export async function dispatchTool(
         return { content: `unknown protocol "${protocol}" on tool ${call.name}`, is_error: true };
     }
 
+    // Download channel: materialize any `_files` base64 payload to tmp/ and
+    // strip the bytes before they reach the model (and before the watch
+    // below re-parses the result). No-op when the result has no _files.
+    if (!result.is_error) {
+      try { result = await materializeConnectorFiles(result); }
+      catch (e) { console.warn('[dispatch] materializeConnectorFiles failed', (e as Error).message); }
+    }
+
     // Async (long-task watch): if the tool declared an `async` block and
     // it ran without error, register a background watch that polls to
     // completion and reports back to the originating chat session. The

package/lib/connectors/sync.ts

@@ -335,11 +335,16 @@ export async function fetchSourceFile(source: SourceMeta, relPath: string): Prom
   // directly (no base64 decode needed). Works for private repos given
   // a Fine-grained PAT with Contents: read.
   const repo = (source.repo_url || '').replace(/^github\.com\//, '');
-  const url = `https://api.github.com/repos/${repo}/contents/${relPath}?ref=main`;
+  // &_t + no-cache: the GitHub contents API edge-caches the ?ref=main blob,
+  // so right after a push a plain fetch can return the STALE file — which
+  // made the marketplace keep showing old connector versions even after
+  // "↻ Sync all". The raw mode already busts via cacheBust(); match it here.
+  const url = `https://api.github.com/repos/${repo}/contents/${relPath}?ref=main&_t=${Date.now()}`;
   try {
     return await rawFetch(url, {
       Authorization: `Bearer ${source.github_pat}`,
       Accept: 'application/vnd.github.raw',
+      'Cache-Control': 'no-cache',
     });
   } catch (err) {
     // GitHub returns 404 (not 401) for private repos when the PAT

package/lib/help-docs/13-schedules.md

@@ -1,8 +1,20 @@
 # Schedules
 
-**Schedule = a pipeline + input + trigger.** Forge runs the named pipeline with
-your input whenever the trigger fires. The pipeline is the only execution unit;
-Schedule just decides *when* to fire.
+**Schedule = a body + trigger.** The trigger decides *when* to fire; the body
+decides *what* runs. There are two body kinds — pick whichever fits:
+
+- **Prompt** (simplest, most common) — free-text instructions run as a one-shot
+  Claude task on each fire. **The task has the full connector toolset
+  (Teams / Mantis / GitLab / etc.) plus any skills you attach** — so "every hour
+  check the FortiNAC Teams channel and message me anything new" is a single
+  prompt schedule. You do **not** need a pipeline for this. The prompt text is
+  saved to `prompts/<slug>.yaml` and the schedule row references it by name.
+- **Pipeline** — fires an existing pipeline (`flows/<name>.yaml`) with input.
+  Use when you need a structured multi-node DAG, `for_each:` iteration, or
+  per-node project/worktree control.
+
+> Don't build a throwaway pipeline just to run a prompt on a timer — use prompt
+> mode. The chat `create_schedule` tool accepts either `prompt` or `workflow`.
 
 **Note:** Jobs (the older subsystem) is deprecated — its UI is hidden and the
 scheduler no longer ticks. Any existing rows in the `jobs` table are inert.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aion0/forge",
-  "version": "0.10.58",
+  "version": "0.10.65",
   "description": "Unified AI workflow platform — multi-model task orchestration, persistent sessions, web terminal, remote access",
   "type": "module",
   "scripts": {

package/publish.sh

@@ -9,6 +9,20 @@
 
 set -e
 
+# Preflight: fail BEFORE any version bump / commit / tag / push if gh can't
+# actually talk to GitHub. We hit a real endpoint (gh api user) instead of
+# `gh auth status` — status only checks a token is STORED, not that it still
+# works; a stale/revoked keyring token passes status but 401s on every call.
+GH_LOGIN_HINT="gh auth login --hostname github.com --web --git-protocol ssh"
+if command -v gh &> /dev/null; then
+  gh api user &> /dev/null || {
+    echo "✗ gh can't authenticate to GitHub (token missing/expired/revoked)."
+    echo "  Re-auth, then re-run ./publish.sh:"
+    echo "    $GH_LOGIN_HINT"
+    exit 1
+  }
+fi
+
 VERSION_ARG=${1:-patch}
 CURRENT=$(node -p "require('./package.json').version")
 
@@ -137,8 +151,18 @@ git push origin "v$NEW_VERSION"
 if command -v gh &> /dev/null; then
   echo ""
   echo "Creating GitHub Release..."
-  gh release create "v$NEW_VERSION" --title "v$NEW_VERSION" --notes-file "$RELEASE_NOTES_FILE"
-  echo "✓ GitHub Release created: https://github.com/aiwatching/forge/releases/tag/v$NEW_VERSION"
+  if gh release create "v$NEW_VERSION" --title "v$NEW_VERSION" --notes-file "$RELEASE_NOTES_FILE"; then
+    echo "✓ GitHub Release created: https://github.com/aiwatching/forge/releases/tag/v$NEW_VERSION"
+  else
+    # The tag is already pushed at this point — re-auth and just create the
+    # release, no need to re-run the whole publish. A stale keyring token
+    # 401s here even though `gh auth status` claims you're logged in.
+    echo ""
+    echo "✗ GitHub Release failed (usually a stale gh token — 401). The tag v$NEW_VERSION is already pushed."
+    echo "  Fix: re-auth, then create just the release:"
+    echo "    $GH_LOGIN_HINT"
+    echo "    gh release create v$NEW_VERSION --title v$NEW_VERSION --notes-file $RELEASE_NOTES_FILE"
+  fi
 else
   echo ""
   echo "gh CLI not found. Create release manually:"