@alfe.ai/openclaw-knowledge 0.0.6 → 0.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","names":["ChangelogAction","ChangelogActor","ChangelogEntry","ChangelogEntry$1","EncryptedEnvelopeV1","EncryptedEnvelopeV1$1","Field","FieldEnvelope","FieldEnvelope$1","FieldFormat","FieldFormat$1","FieldSensitivity","FieldSensitivity$1","FieldView","GeneratedDataKey","GeneratedDataKey$1","IntegrationConfigResult","IntegrationConfigResult$1","IntegrationConfigSchemaField","IntegrationInstall","IntegrationInstall$1","RegistryEntry","RegistryEntry$1","ScopeInfo","ScopeInfo$1","SecretAggregate","SecretAggregate$1","SecretCategory","SecretCategory$1","SecretMetadata","SecretMetadata$1","SecretScope","SecretScope$1","AgentApiClientConfig","RemoteSessionInfo","SyncAgentInfo","SyncManifestEntry","SyncManifest","Record","SyncPresignedUrl","SyncConfirmedUpload","SyncReconstructFile","SyncReconstructBundle","SyncAgentStats","SyncFileEntry","SyncSessionEntry","SyncSessionContent","SharedFileEntry","KnowledgeScopeType","KnowledgeScope","KnowledgeSearchHit","KnowledgeSearchResult","KnowledgeProfileLink","KnowledgeProfile","KnowledgeFact","KnowledgeDoc","AgentVoiceConfig","AgentSelf","AgentAvatarPresign","AgentVoice","VoiceTtsModel","VoiceTtsArgs","VoiceTtsResult","Buffer","VoiceSttArgs","Uint8Array","VoiceSttResult","AgentApiClient","Promise"],"sources":["../../agent-api-client/dist/index.d.ts","../src/types.ts"],"sourcesContent":["import { ChangelogAction, ChangelogActor, ChangelogEntry, ChangelogEntry as ChangelogEntry$1, EncryptedEnvelopeV1, EncryptedEnvelopeV1 as EncryptedEnvelopeV1$1, Field, FieldEnvelope, FieldEnvelope as FieldEnvelope$1, FieldFormat, FieldFormat as FieldFormat$1, FieldSensitivity, FieldSensitivity as FieldSensitivity$1, FieldView, GeneratedDataKey, GeneratedDataKey as GeneratedDataKey$1, IntegrationConfigResult, IntegrationConfigResult as IntegrationConfigResult$1, IntegrationConfigSchemaField, IntegrationInstall, IntegrationInstall as IntegrationInstall$1, RegistryEntry, RegistryEntry as RegistryEntry$1, ScopeInfo, ScopeInfo as ScopeInfo$1, SecretAggregate, SecretAggregate as SecretAggregate$1, SecretCategory, SecretCategory as SecretCategory$1, SecretMetadata, SecretMetadata as SecretMetadata$1, SecretScope, SecretScope as SecretScope$1 } from \"@alfe/types\";\n\n//#region src/index.d.ts\n\ninterface AgentApiClientConfig {\n apiKey: string;\n apiUrl: string;\n}\ninterface RemoteSessionInfo {\n sessionId: string;\n agentId: string;\n surface: \"browser\" | \"terminal\";\n status: \"agent_driving\" | \"awaiting_human\" | \"human_in_control\" | \"resuming\" | \"completed\" | \"expired\" | \"failed\";\n url?: string;\n instructions?: string;\n requestedAt?: string;\n}\ninterface SyncAgentInfo {\n agentId: string;\n tenantId: string;\n displayName: string;\n s3Prefix: string;\n status: \"stale\" | \"syncing\" | \"synced\";\n fileCount?: number;\n totalSize?: number;\n lastSync?: string;\n}\ninterface SyncManifestEntry {\n hash: string;\n size: number;\n modified: string;\n etag?: string;\n storageClass?: string;\n compressed?: boolean;\n}\ninterface SyncManifest {\n version: 1;\n agentId: string;\n lastSync: string;\n files: Record<string, SyncManifestEntry>;\n}\ninterface SyncPresignedUrl {\n path: string;\n url: string;\n expiresAt: string;\n}\ninterface SyncConfirmedUpload {\n filePath: string;\n hash: string;\n size: number;\n storageClass: \"STANDARD\" | \"GLACIER_IR\";\n syncedAt: string;\n}\ninterface SyncReconstructFile {\n path: string;\n size: number;\n url: string;\n storageClass?: string;\n compressed?: boolean;\n}\ninterface SyncReconstructBundle {\n agentId: string;\n mode: \"full\" | \"active\" | \"memory\";\n fileCount: number;\n totalSize: number;\n files: SyncReconstructFile[];\n expiresAt: string;\n}\ninterface SyncAgentStats {\n agentId: string;\n standardBytes: number;\n glacierBytes: number;\n fileCount: number;\n lastSyncAt: string | null;\n}\ninterface SyncFileEntry {\n filePath: string;\n size: number;\n modified: string;\n contentHash: string;\n storageClass?: string;\n compressed?: boolean;\n}\ninterface SyncSessionEntry {\n sessionId: string;\n size: number;\n lastModified: string;\n storageClass?: string;\n isArchived: boolean;\n}\ninterface SyncSessionContent {\n sessionId: string;\n content: string;\n compressed: boolean;\n}\ninterface SharedFileEntry {\n filePath: string;\n fileName: string;\n size: number;\n contentType?: string;\n}\ntype KnowledgeScopeType = \"org\" | \"team\" | \"project\";\ninterface KnowledgeScope {\n scopeType: KnowledgeScopeType;\n scopeId: string;\n name: string;\n}\ninterface KnowledgeSearchHit {\n id: string;\n text: string;\n /** Normalized relevance in (0,1]; higher = closer. */\n score: number;\n scopeType: KnowledgeScopeType;\n scopeId: string;\n source: \"doc\" | \"fact\";\n /** Present when `source === \"doc\"` — the canonical file under shared/<scope>/. */\n filePath?: string;\n /** Present when `source === \"fact\"`. */\n factId?: string;\n}\ninterface KnowledgeSearchResult {\n results: KnowledgeSearchHit[];\n /** True when fan-out breadth was capped (more member scopes than the cap). */\n truncatedScopes: boolean;\n}\ninterface KnowledgeProfileLink {\n label: string;\n url: string;\n}\ninterface KnowledgeProfile {\n scopeType: KnowledgeScopeType;\n scopeId: string;\n about: string | null;\n description: string | null;\n links: KnowledgeProfileLink[];\n updatedAt: string | null;\n updatedBy: string | null;\n}\ninterface KnowledgeFact {\n factId: string;\n scopeType: KnowledgeScopeType;\n scopeId: string;\n text: string;\n sourceType: string;\n createdBy: string;\n createdAt: string;\n updatedAt: string;\n}\ninterface KnowledgeDoc {\n filePath: string;\n fileName: string;\n contentType?: string;\n size: number;\n uploadedBy?: string;\n createdAt: string;\n updatedAt: string;\n}\n/** Voice settings — core agent config. Mirrors `VoiceConfig` in `@alfe/types`. */\ninterface AgentVoiceConfig {\n /** ElevenLabs voice ID; platform default when unset. */\n voiceId?: string;\n ttsModel?: string;\n enabled?: boolean;\n}\n/**\n * The agent's own public identity, as returned by `updateSelf`, `generateAvatar`,\n * `presignAvatar`'s finalize (`finalizeAvatar`). This is the public agent\n * projection; only the identity-relevant fields are typed here — the response\n * carries the full public agent record.\n */\ninterface AgentSelf {\n agentId: string;\n tenantId: string;\n name: string;\n avatarUrl?: string;\n voiceConfig?: AgentVoiceConfig;\n status: string;\n}\n/** Result of `presignAvatar` — the agent PUTs bytes to `uploadUrl`, then finalizes with `s3Key`. */\ninterface AgentAvatarPresign {\n /** Presigned PUT URL to upload the image bytes to. */\n uploadUrl: string;\n /** Object key — echoed back to `finalizeAvatar`. */\n s3Key: string;\n /** Stable public URL the avatar will be served from once finalized. */\n publicUrl: string;\n /** ISO expiry of the presigned PUT URL. */\n expiresAt: string;\n}\n/** A voice in the platform catalogue (ElevenLabs), from `listVoices`. */\ninterface AgentVoice {\n id: string;\n name: string;\n previewUrl: string;\n description: string;\n labels: Record<string, string>;\n category: string;\n}\n/** The ElevenLabs models with a pricing row — the TTS endpoint rejects any other value. */\ntype VoiceTtsModel = \"eleven_turbo_v2_5\" | \"eleven_multilingual_v2\";\ninterface VoiceTtsArgs {\n /** Text to synthesize (1–5000 chars — the endpoint enforces this). */\n text: string;\n /** ElevenLabs voice id; platform default when unset. */\n voiceId?: string;\n /** TTS model; `eleven_turbo_v2_5` (lower latency) when unset. */\n model?: VoiceTtsModel;\n}\n/** Raw synthesized audio plus its PCM framing (from the response headers). */\ninterface VoiceTtsResult {\n /** Raw little-endian PCM samples — no container. Wrap in WAV to make a playable file. */\n audio: Buffer;\n /** Samples per second (e.g. 24000). */\n sampleRate: number;\n /** Channel count (mono = 1). */\n channels: number;\n /** Bits per sample (e.g. 16). */\n bitDepth: number;\n}\ninterface VoiceSttArgs {\n /** Raw linear16 (16-bit little-endian) mono PCM samples — no WAV/container header. */\n audio: Uint8Array;\n /** Sample rate of `audio` in Hz (8000–48000). */\n sampleRate: number;\n}\ninterface VoiceSttResult {\n text: string;\n /** Deepgram confidence in (0,1]. */\n confidence: number;\n}\ndeclare class AgentApiClient {\n private readonly apiKey;\n private readonly apiUrl;\n constructor(config: AgentApiClientConfig);\n private request;\n syncRegister(args?: {\n displayName?: string;\n }): Promise<{\n agent: SyncAgentInfo;\n }>;\n syncGetManifest(): Promise<SyncManifest>;\n syncPresign(args: {\n files: {\n path: string;\n operation: \"put\" | \"get\";\n contentType?: string;\n }[];\n }): Promise<{\n urls: SyncPresignedUrl[];\n }>;\n syncConfirmUpload(args: {\n filePath: string;\n hash: string;\n size: number;\n storageClass?: \"STANDARD\" | \"GLACIER_IR\";\n }): Promise<SyncConfirmedUpload>;\n syncReconstruct(args: {\n mode: \"full\" | \"active\" | \"memory\";\n }): Promise<SyncReconstructBundle>;\n syncGetStats(): Promise<SyncAgentStats>;\n syncListFiles(args?: {\n prefix?: string;\n }): Promise<{\n files: SyncFileEntry[];\n }>;\n syncListSessions(): Promise<{\n sessions: SyncSessionEntry[];\n }>;\n syncGetSession(sessionId: string): Promise<SyncSessionContent>;\n syncDeleteFile(filePath: string): Promise<{\n removed: boolean;\n }>;\n sharedListFiles(args: {\n scope: \"org\" | \"team\" | \"project\";\n scopeId: string;\n }): Promise<{\n files: SharedFileEntry[];\n nextCursor: string | null;\n }>;\n sharedDownloadUrl(args: {\n scope: \"org\" | \"team\" | \"project\";\n scopeId: string;\n filePath: string;\n }): Promise<{\n downloadUrl: string;\n expiresIn: number;\n }>;\n listIntegrations(): Promise<IntegrationInstall$1[]>;\n getIntegrationConfig(integrationId: string): Promise<IntegrationConfigResult$1>;\n updateIntegrationConfig(integrationId: string, config: Record<string, unknown>): Promise<void>;\n installIntegration(integrationId: string, options?: {\n version?: string;\n config?: Record<string, unknown>;\n }): Promise<IntegrationInstall$1>;\n removeIntegration(integrationId: string): Promise<IntegrationInstall$1>;\n getOAuthUrl(provider: string, scopes?: string[]): Promise<{\n url: string;\n provider: string;\n expiresIn: number;\n }>;\n getOAuthStatus(provider: string): Promise<{\n provider: string;\n connected: boolean;\n config?: Record<string, string>;\n }>;\n getRegistry(): Promise<{\n integrations: RegistryEntry$1[];\n }>;\n /**\n * Returns every connected Google account for the agent. Multi-account by\n * design — the openclaw-google plugin requires the LLM to pass `email`\n * explicitly to `google_run_command` so an account is always selected\n * deliberately.\n *\n * 2026-05-14 (connections-redesign PR 1): the legacy flat shape (`email`,\n * `refreshToken`, `accessToken`, etc., populated from the default account)\n * is gone. Iterate over `accounts`.\n */\n getGoogleCredentials(): Promise<{\n accounts: {\n email: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n displayName?: string;\n connectedAt?: string;\n }[];\n }>;\n disconnectGoogleAccount(email: string): Promise<{\n accounts: {\n email: string;\n displayName?: string;\n connectedAt?: string;\n }[];\n }>;\n getGoogleChatCredentials(): Promise<{\n email: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n displayName?: string;\n }>;\n /**\n * Fetch decrypted credentials for ONE specific connection by its\n * stable connectionId (connection-scoped, vs the provider-scoped\n * `get<Provider>Credentials` helpers). Used by the daemon to resolve\n * a Custom Connection-driven integration's credentials from the\n * exact connection it was installed from — every custom connection\n * shares the `custom` provider id, so provider-scoping is ambiguous.\n *\n * For custom connections `accessToken` is the JSON-encoded secret\n * bundle (the daemon un-bundles it); non-secret fields are on\n * `providerMetadata`. The endpoint enforces that the connection is in\n * the calling agent's effective scope (403 otherwise).\n */\n getConnectionCredentials(connectionId: string): Promise<{\n provider: string;\n connectionId: string;\n accountIdentifier?: string;\n accessToken?: string;\n providerMetadata?: Record<string, unknown>;\n [key: string]: unknown;\n }>;\n /**\n * @deprecated Returns a single primary credential blob (legacy \"pick-the-\n * default-connection\" shape). Use `getGithubAccounts()` for the multi-\n * account shape required by Pattern A — explicit selector args on every\n * tool. Retained because the `@alfe.ai/github-mcp` proxy is the\n * only consumer that knows about Pattern A; legacy env-interpolation\n * callers will keep hitting `/credentials` until they move to the proxy.\n */\n getGithubCredentials(): Promise<{\n login: string;\n accessToken: string;\n }>;\n /**\n * Pattern A: multi-account credential fetch for GitHub.\n *\n * Returns every agent-scoped GitHub connection. The caller is expected\n * to require a `login` selector on every credential-touching tool and\n * look up the matching account at dispatch time.\n *\n * GitHub OAuth tokens have no expiry (`tokenLifecycle: \"no_expiry\"`),\n * so there is intentionally no `refreshGithubAccountToken` method — if\n * a token is revoked the user must re-run the OAuth flow.\n *\n * Returned `accounts[i].login` is the GitHub username — the stable\n * cross-session identifier the LLM should pass.\n */\n getGithubAccounts(): Promise<{\n accounts: {\n connectionId: string;\n accountIdentifier: string;\n displayName: string | null;\n connectedAt: string;\n accessToken: string;\n login: string;\n scopes: string;\n }[];\n }>;\n /**\n * @deprecated Returns a single primary credential blob (legacy \"pick-the-\n * default-connection\" shape). Use `getXeroAccounts()` for the multi-\n * account shape required by Pattern A — explicit selector args on every\n * tool. This method will be removed once all consumers migrate.\n */\n getXeroCredentials(): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n xeroTenantId: string;\n }>;\n /**\n * Pattern A: multi-account credential fetch for Xero. Returns every\n * agent-scoped Xero connection. The caller is expected to require a\n * selector arg (e.g. `xeroTenantId`) on every credential-touching tool\n * and look up the matching account by that selector at dispatch time.\n *\n * Returned `accounts[i].accountIdentifier` is the Xero tenantId — the\n * stable cross-session identifier the LLM should pass.\n */\n getXeroAccounts(): Promise<{\n accounts: {\n connectionId: string;\n accountIdentifier: string;\n displayName: string | null;\n connectedAt: string;\n accessToken: string;\n accessTokenExpiresAt: string;\n xeroTenantId: string;\n }[];\n }>;\n refreshXeroToken(): Promise<{\n accessToken: string;\n expiresAt: string;\n }>;\n /**\n * Pattern A: refresh a specific Xero connection by its `accountIdentifier`\n * (the Xero `tenantId`). The legacy `refreshXeroToken()` only refreshes\n * the *primary* connection, which is wrong for multi-tenant Xero where\n * each tenant has its own non-interchangeable access token.\n */\n refreshXeroAccountToken(xeroTenantId: string): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n expiresAt: string;\n }>;\n /**\n * @deprecated Returns a single primary credential blob (legacy \"pick-the-\n * default-connection\" shape). Use `getNotionAccounts()` for the multi-\n * account shape required by Pattern A.\n */\n getNotionCredentials(): Promise<{\n accessToken: string;\n workspaceId: string;\n workspaceName: string;\n }>;\n /**\n * Pattern A: multi-account credential fetch for Notion. Returns every\n * agent-scoped Notion connection. The caller is expected to require a\n * selector arg (e.g. `workspaceId`) on every credential-touching tool.\n *\n * Returned `accounts[i].accountIdentifier` is the Notion workspaceId.\n */\n getNotionAccounts(): Promise<{\n accounts: {\n connectionId: string;\n accountIdentifier: string;\n displayName: string | null;\n connectedAt: string;\n accessToken: string;\n workspaceId: string;\n workspaceName: string;\n }[];\n }>;\n /**\n * @deprecated Returns a single primary Atlassian Connection's credentials\n * (one OAuth user, one cloudId) — the legacy \"pick-the-default-connection\"\n * shape. Atlassian is multi-site by nature (each OAuth user may have\n * access to multiple Cloud sites), so Pattern A plugins MUST use\n * `getAtlassianAccounts()` to discover the full set and dispatch via\n * the `cloudId` selector arg.\n */\n getAtlassianCredentials(): Promise<{\n accessToken: string;\n refreshToken: string;\n accessTokenExpiresAt: string;\n cloudId: string;\n siteName: string;\n siteUrl: string;\n email: string;\n enabledProducts: string[];\n clientId: string;\n clientSecret: string;\n }>;\n refreshAtlassianToken(): Promise<{\n accessToken: string;\n expiresAt: string;\n }>;\n /**\n * Pattern A: multi-account / multi-site credential fetch for Atlassian.\n *\n * Returns every agent-scoped Atlassian Connection. Each Connection is\n * one OAuth user with a single access token and N accessible Cloud\n * sites (`availableSites`). The caller is expected to:\n *\n * 1. Flatten (connection × cloudId) into one MCP child per site.\n * 2. Require a `cloudId` selector on every credential-touching tool.\n * 3. Use the access token bound to the Connection that owns the\n * requested `cloudId` (Atlassian shares one access token across\n * all sites accessible to the OAuth user).\n *\n * Per-account token refresh uses `refreshAtlassianAccountToken(email)`\n * — refreshing one Connection rotates its single access token, which\n * then applies to every cloudId for that Connection.\n *\n * Returned `accounts[i].accountIdentifier` is the OAuth user's email\n * — the stable cross-session identifier for refresh purposes. The LLM\n * never sees this directly: it picks a site via the `cloudId` arg\n * instead.\n */\n getAtlassianAccounts(): Promise<{\n accounts: {\n connectionId: string;\n accountIdentifier: string;\n displayName: string | null;\n connectedAt: string;\n accessToken: string;\n accessTokenExpiresAt: string;\n clientId: string;\n clientSecret: string;\n cloudId: string;\n siteName: string;\n siteUrl: string;\n availableSites: {\n id: string;\n url: string;\n name: string;\n scopes?: string[];\n avatarUrl?: string;\n }[];\n }[];\n }>;\n /**\n * Pattern A: refresh a specific Atlassian Connection by `accountIdentifier`\n * (the OAuth user's email).\n *\n * Atlassian rotates refresh tokens (`rotatesRefreshToken: true`); the\n * server-side per-account refresh endpoint handles rotation and\n * persistence. Refreshing one Connection updates its single access\n * token, which applies to every accessible Cloud site (cloudId) for\n * that OAuth user.\n *\n * Returns the new access token + expiry. The proxy is responsible for\n * fanning the new token out to every child server it spawned for\n * cloudIds owned by this Connection.\n */\n refreshAtlassianAccountToken(accountIdentifier: string): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n expiresAt: string;\n }>;\n /**\n * @deprecated Returns a single primary credential blob (legacy \"pick-the-\n * default-connection\" shape). Use `getMYOBAccounts()` for the multi-\n * account shape required by Pattern A.\n */\n getMYOBCredentials(): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n myobBusinessId: string;\n clientId: string;\n }>;\n /**\n * Pattern A: multi-account credential fetch for MYOB. Returns every\n * agent-scoped MYOB connection. The caller is expected to require a\n * selector arg (e.g. `myobBusinessId` / `accountIdentifier`) on every\n * credential-touching tool.\n *\n * Returned `accounts[i].accountIdentifier` is the MYOB businessId.\n */\n getMYOBAccounts(): Promise<{\n accounts: {\n connectionId: string;\n accountIdentifier: string;\n displayName: string | null;\n connectedAt: string;\n accessToken: string;\n accessTokenExpiresAt: string;\n myobBusinessId: string;\n clientId: string;\n }[];\n }>;\n refreshMYOBToken(): Promise<{\n accessToken: string;\n expiresAt: string;\n }>;\n /**\n * @deprecated Returns a single primary credential blob. Use\n * `getSalesforceAccounts()` for the multi-account shape required by\n * Pattern A.\n */\n getSalesforceCredentials(): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n instanceUrl: string;\n orgId: string;\n }>;\n /**\n * Pattern A: multi-account credential fetch for Salesforce. Returns every\n * agent-scoped Salesforce connection. One OAuth grant maps to one org, so\n * `accounts[i].accountIdentifier` (and `orgId`) is the Salesforce org id —\n * the selector every credential-touching tool requires.\n */\n getSalesforceAccounts(): Promise<{\n accounts: {\n connectionId: string;\n accountIdentifier: string;\n displayName: string | null;\n connectedAt: string;\n accessToken: string;\n accessTokenExpiresAt: string;\n instanceUrl: string;\n orgId: string;\n }[];\n }>;\n /**\n * Refresh the access token for a specific Salesforce org. Salesforce\n * tokens aren't interchangeable across orgs, so the connection is targeted\n * by `accountIdentifier` (the org id) — mirrors `refreshXeroAccountToken`.\n */\n refreshSalesforceAccountToken(orgId: string): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n expiresAt: string;\n }>;\n /**\n * Microsoft 365 (delegated OAuth) credential fetch — single-account shape.\n *\n * @deprecated Use `getMicrosoftAccounts()` and dispatch via the `email`\n * selector once per-account plugins land. Retained because the existing\n * `integrations/connect/microsoft/hooks/post_activate.mjs` writes\n * `mgc` credentials for the single (default) Microsoft account.\n *\n * Returns the agent's effective Microsoft delegated-OAuth credentials.\n * Distinct from `getTeamsCredentials()` (Azure bot credentials for the\n * Teams adapter, which is admin-consent flow on services/microsoft, not\n * delegated OAuth on services/connect).\n */\n getMicrosoftCredentials(): Promise<{\n accessToken: string;\n accessTokenExpiresAt?: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n email?: string;\n microsoftTenantId?: string;\n workspaceDomain?: string;\n }>;\n /**\n * Pattern A: multi-account credential fetch for Microsoft 365.\n *\n * Returns every agent-scoped Microsoft connection. The caller is expected\n * to require an `email` selector on every credential-touching tool and\n * look up the matching account at dispatch time.\n *\n * Returned `accounts[i].accountIdentifier` is the user's primary email\n * (or the tid claim as fallback) — the stable cross-session identifier\n * the LLM should pass.\n *\n * Per-account token refresh is exposed via `refreshMicrosoftAccountToken`,\n * NOT `refreshXeroAccountToken` — Microsoft refresh tokens are not\n * interchangeable across (tenant, user) pairs.\n */\n getMicrosoftAccounts(): Promise<{\n accounts: {\n connectionId: string;\n accountIdentifier: string;\n displayName: string | null;\n connectedAt: string;\n accessToken: string;\n accessTokenExpiresAt: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n email: string;\n microsoftTenantId: string;\n workspaceDomain: string;\n }[];\n }>;\n /**\n * Pattern A: refresh a specific Microsoft 365 connection by its\n * `accountIdentifier`. For Microsoft, `accountIdentifier` is the user's\n * email when the Graph profile fetch succeeded at connect time, and the\n * Azure tenant id (`tid` claim) as fallback. Callers should pass the\n * value returned by `getMicrosoftAccounts()` rather than synthesising\n * an email locally.\n *\n * Microsoft refresh tokens are bound to a specific (tenant, user) pair —\n * they are NOT interchangeable across accounts, so per-account refresh\n * is mandatory. The generic /accounts/{accountIdentifier}/refresh\n * endpoint walks the agent's full visible scope chain to find a matching\n * connection (works for inherited team/project Microsoft connections).\n */\n refreshMicrosoftAccountToken(accountIdentifier: string): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n expiresAt: string;\n }>;\n getTeamsCredentials(): Promise<{\n agentId: string;\n tenantId: string;\n azureAppId: string;\n azureBotId: string;\n azureClientSecret: string;\n botDisplayName?: string;\n teamsTenantId?: string;\n serviceUrl?: string;\n }>;\n sendTeamsMessage(data: {\n conversationId: string;\n text?: string;\n adaptiveCard?: Record<string, unknown>;\n }): Promise<{\n ok: boolean;\n activityId: string;\n }>;\n listTeamsChannels(): Promise<{\n channels: {\n id: string;\n name: string;\n description?: string;\n }[];\n }>;\n presignAttachments(files: {\n filename: string;\n mimeType: string;\n size: number;\n }[]): Promise<{\n attachments: {\n id: string;\n uploadUrl: string;\n downloadUrl: string;\n s3Key: string;\n expiresAt: string;\n }[];\n }>;\n /**\n * Generate an image from a text prompt and get back a STABLE, public URL\n * (served from the agent-assets CDN — it does not expire). The image is\n * generated + stored server-side; embed the returned `imageUrl` in a reply as\n * markdown to show it to the user.\n *\n * Unlike most methods this reads the server's error body so a bad-request\n * detail (e.g. an unsupported `size`) reaches the caller instead of an opaque\n * \"request failed (400)\". Not retried — generation is expensive and\n * non-idempotent.\n */\n generateImage(args: {\n prompt: string;\n model?: string;\n size?: string;\n quality?: string;\n }): Promise<{\n imageUrl: string;\n model: string;\n }>;\n recordActivity(data: {\n userId?: string;\n channel: string;\n role: \"user\" | \"assistant\";\n }): Promise<{\n recorded: boolean;\n }>;\n /** Update the agent's own name and/or voice config. Returns the updated agent. */\n updateSelf(update: {\n name?: string;\n voiceConfig?: AgentVoiceConfig;\n }): Promise<AgentSelf>;\n /**\n * Generate the agent's own avatar from a text prompt. The image is generated,\n * stored, and set on the agent server-side; returns the updated agent.\n */\n generateAvatar(args: {\n prompt: string;\n }): Promise<AgentSelf>;\n /**\n * Get a presigned PUT URL to upload a new avatar image. Upload the bytes to\n * `uploadUrl`, then call `finalizeAvatar(s3Key)` to set it on the agent.\n */\n presignAvatar(args: {\n mimeType: string;\n size: number;\n }): Promise<AgentAvatarPresign>;\n /**\n * Finalize an avatar upload — validates ownership + size, then sets the\n * agent's `avatarUrl` server-side. Returns the updated agent.\n */\n finalizeAvatar(s3Key: string): Promise<AgentSelf>;\n /** List the platform voice catalogue (ElevenLabs) so the agent can pick its own voice. */\n listVoices(): Promise<{\n voices: AgentVoice[];\n }>;\n /**\n * Mint a fresh AES-256 data key for a specific (secret, field) pair. The\n * encryption context is rebuilt server-side from `auth.tenantId` + the body\n * fields including `fieldKey`; the agent cannot forge context for a scope\n * or field it doesn't own. Legacy single-envelope secrets are migrated to\n * `field#value` rows by the data migration, so call with `fieldKey: \"value\"`\n * to reach them.\n */\n generateSecretDataKey(args: {\n scope: SecretScope$1;\n scopeId: string;\n secretId: string;\n fieldKey: string;\n }): Promise<GeneratedDataKey$1>;\n /**\n * Unwrap a wrapped data key so the agent can decrypt the envelope locally.\n * `fieldKey` MUST match the value supplied when the data key was generated\n * (it's bound into KMS encryption context); mismatch fails with\n * `InvalidCiphertextException`.\n */\n decryptSecretDataKey(args: {\n scope: SecretScope$1;\n scopeId: string;\n secretId: string;\n fieldKey: string;\n dataKeyCiphertext: string;\n }): Promise<{\n plaintextKey: string;\n }>;\n /**\n * Create a new secret with one or more fields. Encrypted fields must arrive\n * pre-sealed (the agent has already obtained per-field data keys via\n * `generateSecretDataKey({ ..., fieldKey })` and AES-encrypted locally).\n * Plaintext fields ship the value inline.\n */\n createSecret(args: {\n scope: SecretScope$1;\n scopeId: string;\n secretId: string;\n secretName: string;\n category?: SecretCategory$1;\n description?: string;\n tags?: string[];\n fields: {\n key: string;\n format?: FieldFormat$1;\n sensitivity: FieldSensitivity$1;\n value?: string;\n envelope?: EncryptedEnvelopeV1$1;\n }[];\n reason?: string;\n }): Promise<SecretAggregate$1>;\n /** Fetch the secret aggregate plus per-field encrypted envelopes. */\n getSecret(args: {\n scope: SecretScope$1;\n scopeId: string;\n secretId: string;\n }): Promise<{\n aggregate: SecretAggregate$1;\n envelopes: FieldEnvelope$1[];\n }>;\n /** Fetch one field. Plaintext: value inline. Encrypted: envelope. */\n getSecretField(args: {\n scope: SecretScope$1;\n scopeId: string;\n secretId: string;\n fieldKey: string;\n }): Promise<{\n key: string;\n sensitivity: FieldSensitivity$1;\n format?: FieldFormat$1;\n value?: string;\n envelope?: EncryptedEnvelopeV1$1;\n rotatedAt?: string;\n createdAt: string;\n updatedAt: string;\n }>;\n /** Add OR rotate one field. */\n setSecretField(args: {\n scope: SecretScope$1;\n scopeId: string;\n secretId: string;\n fieldKey: string;\n sensitivity: FieldSensitivity$1;\n format?: FieldFormat$1;\n value?: string;\n envelope?: EncryptedEnvelopeV1$1;\n reason?: string;\n }): Promise<{\n fieldKey: string;\n rotated: boolean;\n }>;\n /** Remove one field. */\n removeSecretField(args: {\n scope: SecretScope$1;\n scopeId: string;\n secretId: string;\n fieldKey: string;\n }): Promise<void>;\n /** Update secret-level metadata (name/description/tags/category). */\n updateSecretMetadata(args: {\n scope: SecretScope$1;\n scopeId: string;\n secretId: string;\n secretName?: string;\n description?: string;\n tags?: string[];\n category?: SecretCategory$1;\n reason?: string;\n }): Promise<SecretAggregate$1>;\n /** List metadata for secrets in a scope. Optional filters route through the byFacet GSI. */\n listSecrets(args: {\n scope: SecretScope$1;\n scopeId: string;\n category?: SecretCategory$1;\n tag?: string;\n fieldKey?: string;\n }): Promise<SecretMetadata$1[]>;\n /** Bounded changelog read — metadata-only audit entries. */\n getSecretHistory(args: {\n scope: SecretScope$1;\n scopeId: string;\n secretId: string;\n limit?: number;\n cursor?: string;\n }): Promise<{\n entries: ChangelogEntry$1[];\n nextCursor?: string;\n }>;\n /** Delete a secret (and all its field rows + tag rows + changelog rows). */\n deleteSecret(args: {\n scope: SecretScope$1;\n scopeId: string;\n secretId: string;\n }): Promise<void>;\n /** Enumerate scopes (org/team/project/agent) this agent can access. */\n listSecretScopes(): Promise<ScopeInfo$1[]>;\n /**\n * Returns the calling agent's own identity context — `{ agentId, tenantId }`\n * decoded server-side from the agent API token. Used by the\n * `@alfe.ai/openclaw-identity` plugin to bootstrap context when the\n * OpenClaw daemon doesn't plumb `ctx.agentId` through to plugin hooks.\n * Plugins should cache this for the daemon's lifetime (single-agent-per-\n * process invariant). One HTTP round-trip per process activate; not for\n * per-call use.\n */\n whoami(): Promise<{\n agentId: string;\n tenantId: string;\n }>;\n resolveIdentity(args: {\n provider: string;\n platformId: string;\n kind?: \"user\" | \"agent\" | \"service\" | \"bot\" | \"workspace\";\n displayName?: string;\n }): Promise<{\n identityId: string | null;\n status: string;\n created?: boolean;\n reason?: string;\n /**\n * Flattened auriclabs permission strings for the resolved identity\n * (scope-prefixed where applicable). Empty array on miss / org service\n * outage — the runtime gate fails closed in that case.\n */\n permissions: string[];\n }>;\n searchIdentities(args?: {\n q?: string;\n status?: string;\n limit?: number;\n }): Promise<{\n identities: unknown[];\n }>;\n getIdentityContext(identityId: string): Promise<{\n context: unknown;\n }>;\n mergeIdentities(survivorId: string, args: {\n mergedId: string;\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n error?: string;\n }>;\n unmergeIdentity(identityId: string, args: {\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n error?: string;\n }>;\n addIdentityNote(identityId: string, args: {\n content: string;\n category?: string;\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n noteId: string | null;\n }>;\n tagIdentity(identityId: string, args: {\n tag: string;\n action: \"add\" | \"remove\";\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n }>;\n getIdentityChangelog(identityId: string, args?: {\n limit?: number;\n }): Promise<{\n entries: unknown[];\n }>;\n rollbackIdentity(identityId: string, args: {\n targetVersion: number;\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n entry?: unknown;\n }>;\n requestIdentityVerification(args: {\n claimedIdentityId: string;\n requestingIdentityId: string;\n requestingProvider: string;\n requestingPlatformId: string;\n preferredChannel?: \"mobile\" | \"email\";\n /**\n * Phase 2: agent-supplied contact endpoint. When provided, the top-level\n * `preferredChannel` is ignored — the contact's channel wins.\n */\n contact?: {\n channel: \"email\" | \"mobile\";\n value: string;\n };\n }): Promise<{\n verificationId: string;\n channel: string;\n deliveredTo: string;\n expiresAt: string;\n availableChannels: {\n channel: string;\n deliveredTo: string;\n }[];\n } | {\n error: string;\n }>;\n confirmIdentityVerification(args: {\n claimedIdentityId: string;\n verificationId: string;\n phrase: string;\n }): Promise<{\n verified: boolean;\n identityId?: string;\n /** Phase 2: how the confirm resolved — Scenario A vs B. */\n action?: \"merged\" | \"contact_verified\";\n error?: string;\n }>;\n /**\n * Update display-shape fields on an Identity. Body excludes `email` /\n * `phone` / `title` / `company` / `metadata` per Section D4 — contacts go\n * via the verify flow, title/company live on OrgMembership, metadata is\n * not agent-writable.\n */\n updateIdentity(identityId: string, args: {\n name?: string;\n avatarUrl?: string;\n timezone?: string;\n locale?: string;\n }): Promise<{\n ok: boolean;\n }>;\n /**\n * Phase 2 (Section H): server-side verification of a Google Chat sender via\n * the agent's existing Google OAuth credentials. Returns the resolved\n * identity (created or matched via Scenario-B email enrichment).\n */\n resolveGoogleChatSender(args: {\n senderUserId: string;\n spaceId?: string;\n }): Promise<{\n identityId: string | null;\n status: string;\n }>;\n memorySearch(query: string, opts?: {\n limit?: number;\n topic?: string;\n subtopic?: string;\n tag?: string;\n includeKnowledge?: boolean;\n }): Promise<{\n facts: {\n subject: string;\n predicate: string;\n object: string;\n since: string;\n confidence: number;\n }[];\n memories: {\n id: string;\n text: string;\n topic: string;\n subtopic: string;\n tag: string;\n importance: number;\n timestamp: number;\n score: number;\n }[];\n }>;\n memoryStore(text: string, opts?: {\n topic?: string;\n subtopic?: string;\n tag?: string;\n importance?: number;\n }): Promise<{\n memoryId: string;\n }>;\n memoryIngest(sessionKey: string, messages: {\n role: string;\n content: string;\n index: number;\n timestamp?: string;\n }[], metadata?: {\n channelId?: string;\n userId?: string;\n userName?: string;\n }): Promise<{\n queued: boolean;\n messageCount: number;\n }>;\n memoryLoadContext(tier?: number, topicHint?: string): Promise<{\n formatted: string;\n [key: string]: unknown;\n }>;\n memoryLookupEntity(subject: string): Promise<{\n subject: string;\n triples: {\n tripleId: string;\n predicate: string;\n object: string;\n validFrom: string;\n validTo?: string;\n confidence: number;\n }[];\n }>;\n memoryNavigate(): Promise<{\n topics: {\n name: string;\n tripleCount: number;\n subtopics: string[];\n }[];\n cursor: string | null;\n }>;\n memoryDelete(memoryId: string): Promise<{\n deleted: boolean;\n }>;\n memoryStats(): Promise<{\n vectorCount: number;\n tripleCount: number;\n storageEstimateBytes: number;\n lastIngestionAt?: string;\n }>;\n memoryLearn(args: {\n text: string;\n source?: string;\n sourceType?: \"file\" | \"url\" | \"inline\";\n metadata?: {\n sessionId?: string;\n channelId?: string;\n userName?: string;\n };\n }): Promise<{\n memoriesStored: number;\n triplesStored: number;\n chunks: number;\n source?: string;\n }>;\n memoryBootstrapStatus(): Promise<{\n synced: boolean;\n syncedAt?: string;\n }>;\n memoryBootstrapStatusMark(): Promise<{\n synced: true;\n syncedAt: string;\n }>;\n searchWeb(params: {\n query: string;\n count?: number;\n offset?: number;\n country?: string;\n freshness?: string;\n }): Promise<unknown>;\n searchImages(params: {\n query: string;\n count?: number;\n }): Promise<unknown>;\n searchNews(params: {\n query: string;\n count?: number;\n freshness?: string;\n }): Promise<unknown>;\n /**\n * Semantic search across the agent's member scopes. Fan-out is gated\n * server-side by `listScopes` set-inclusion (fail-closed). Pass\n * `scopeType` + `scopeId` to narrow to one scope; a non-member scope\n * yields empty results (never a cross-scope leak).\n */\n knowledgeSearch(query: string, opts?: {\n limit?: number;\n scopeType?: KnowledgeScopeType;\n scopeId?: string;\n }): Promise<KnowledgeSearchResult>;\n /** Enumerate the scopes (org + teams + projects) this agent belongs to. */\n listScopes(): Promise<{\n scopes: KnowledgeScope[];\n }>;\n /** Read a scope's structured knowledge profile (after membership check). */\n getScopeProfile(scopeType: KnowledgeScopeType, scopeId: string): Promise<KnowledgeProfile>;\n /** List a scope's facts (non-semantic, full enumeration). */\n listScopeFacts(scopeType: KnowledgeScopeType, scopeId: string, opts?: {\n limit?: number;\n cursor?: string;\n }): Promise<{\n facts: KnowledgeFact[];\n nextCursor: string | null;\n }>;\n /**\n * Publish a fact at a scope. This is the deliberate cross-agent learning\n * boundary — facts are attributable (the agent is recorded as author) and\n * never an automatic merge. Membership is enforced server-side (403 for a\n * non-member scope).\n */\n createScopeFact(scopeType: KnowledgeScopeType, scopeId: string, text: string): Promise<KnowledgeFact>;\n /** Delete a fact at a scope. */\n deleteScopeFact(scopeType: KnowledgeScopeType, scopeId: string, factId: string): Promise<{\n removed: boolean;\n }>;\n /** List a scope's docs (the org-files corpus; mirrored to shared/<scope>/). */\n listScopeDocs(scopeType: KnowledgeScopeType, scopeId: string, opts?: {\n limit?: number;\n cursor?: string;\n }): Promise<{\n files: KnowledgeDoc[];\n nextCursor: string | null;\n }>;\n /**\n * Read the full text of a scope doc. Resolves a presigned download URL\n * from `services/org`, then fetches the bytes directly from S3 (the one\n * legitimate raw fetch in a plugin — same pattern as sync).\n */\n readScopeDoc(scopeType: KnowledgeScopeType, scopeId: string, filePath: string): Promise<{\n filePath: string;\n text: string;\n }>;\n /**\n * Write (create or overwrite) a scope doc. Two-step presigned upload:\n * `services/org` returns a signed URL plus `requiredHeaders` (author /\n * authorKind / message as `x-amz-meta-*`) that MUST be sent verbatim on\n * the PUT, alongside the same `Content-Type` that was signed. Author and\n * authorKind are server-set from the agent token — never trusted here.\n */\n writeScopeDoc(scopeType: KnowledgeScopeType, scopeId: string, filePath: string, content: string, opts?: {\n contentType?: string;\n message?: string;\n }): Promise<{\n filePath: string;\n }>;\n registerDatabaseCredentials(): Promise<{\n connectionString: string;\n username: string;\n password: string;\n databases: string[];\n }>;\n reportDatabaseAudit(entry: {\n database: string;\n collection: string;\n operation: string;\n summary?: string;\n }): Promise<void>;\n requestBrowserTakeover(args: {\n instructions: string;\n url?: string;\n conversationId?: string;\n }): Promise<{\n sessionId: string;\n status: string;\n }>;\n getRemoteSession(sessionId: string): Promise<RemoteSessionInfo>;\n completeRemoteSession(sessionId: string): Promise<{\n ok: boolean;\n }>;\n /**\n * Issue a request that returns the raw `Response` (no JSON parsing, no\n * forced Content-Type). The caller sets `Content-Type`/`Accept` on `headers`\n * and reads the body itself (`arrayBuffer()` / `json()`).\n *\n * A single retry fires only on the same transient statuses `request()`\n * retries (authorizer-timeout 500 + LB 502/503/504) and transient network\n * errors — before the route handler runs — so re-issuing a POST does not\n * risk a duplicate side effect. Voice TTS/STT are effectively idempotent\n * (re-synthesize / re-transcribe) and meter server-side keyed on the\n * gateway requestId, so a retried transcription doesn't double-bill.\n */\n private rawFetch;\n /**\n * Text-to-speech. Returns raw PCM audio bytes plus their framing — the\n * voice service defaults to 24 kHz / mono / 16-bit. Wrap in a WAV container\n * to produce a playable file. Metered per character against the tenant\n * credit pool server-side; TTS completes regardless of metering outcome.\n */\n tts(args: VoiceTtsArgs): Promise<VoiceTtsResult>;\n /**\n * Speech-to-text. Accepts raw linear16 (16-bit LE) mono PCM — NOT a WAV or\n * other container (the endpoint transcribes with a fixed linear16 encoding,\n * so a container header would be transcribed as noise). Strip any WAV header\n * and pass `sampleRate` from it before calling. Metered by transcribed\n * duration against the tenant credit pool server-side.\n */\n stt(args: VoiceSttArgs): Promise<VoiceSttResult>;\n}\n//# sourceMappingURL=index.d.ts.map\n//#endregion\nexport { AgentApiClient, AgentApiClientConfig, AgentAvatarPresign, AgentSelf, AgentVoice, AgentVoiceConfig, type ChangelogAction, type ChangelogActor, type ChangelogEntry, type EncryptedEnvelopeV1, type Field, type FieldEnvelope, type FieldFormat, type FieldSensitivity, type FieldView, type GeneratedDataKey, type IntegrationConfigResult, type IntegrationConfigSchemaField, type IntegrationInstall, KnowledgeDoc, KnowledgeFact, KnowledgeProfile, KnowledgeProfileLink, KnowledgeScope, KnowledgeScopeType, KnowledgeSearchHit, KnowledgeSearchResult, type RegistryEntry, RemoteSessionInfo, type ScopeInfo, type SecretAggregate, type SecretCategory, type SecretMetadata, type SecretScope, SharedFileEntry, SyncAgentInfo, SyncAgentStats, SyncConfirmedUpload, SyncFileEntry, SyncManifest, SyncManifestEntry, SyncPresignedUrl, SyncReconstructBundle, SyncReconstructFile, SyncSessionContent, SyncSessionEntry, VoiceSttArgs, VoiceSttResult, VoiceTtsArgs, VoiceTtsModel, VoiceTtsResult };\n//# sourceMappingURL=index.d.ts.map"],"mappings":";;;;KAqGKgD,kBAAAA;UACKC,cAAAA;aACGD;;;;UAIHE,kBAAAA;;;;;aAKGF;;;;;;;;UAQHG,qBAAAA;WACCD;;;;UAIDE,oBAAAA;;;;UAIAC,gBAAAA;aACGL;;;;SAIJI;;;;UAICE,aAAAA;;aAEGN;;;;;;;;UAQHO,YAAAA;;;;;;;;;;;;UClIO,eAAA;EDmFZP;EACKC,aAAAA,EAAAA,OAAc;EAKdC;EAaAC,SAAAA,EAAAA,MAAAA;AACmB;AAIC;;;;;AASD;AAcnBI,UCrHO,YAAA,CDqHK;qCCrHL;;gBAGwB;IAhBxB,OAAA,CAAA,EAAA,MAAe;EAaf,CAAA,CAAA,EAIZ,OAJY,CAIJ,qBAJgB,CAAA;EAAA,UAAA,EAAA,EAMb,OANa,CAAA;IAGY,MAAA,EAGP,cAHO,EAAA;;iBACpC,CAAA,SAAA,EAIwB,kBAJxB,EAAA,OAAA,EAAA,MAAA,CAAA,EAI8D,OAJ9D,CAIsE,gBAJtE,CAAA;gBAE6B,CAAA,SAAA,EAKnB,kBALmB,EAAA,OAAA,EAAA,MAAA,EAAA,KAAA,EAAA;IAAlB,KAAA,CAAA,EAAA,MAAA;IAEa,MAAA,CAAA,EAAA,MAAA;MAMxB,OANsE,CAAA;IAAR,KAAA,EAM7C,aAN6C,EAAA;IAGpD,UAAA,EAAA,MAAA,GAAA,IAAA;;iBAGV,CAAA,SAAA,EAEwB,kBAFxB,EAAA,OAAA,EAAA,MAAA,EAAA,IAAA,EAAA,MAAA,CAAA,EAE4E,OAF5E,CAEoF,aAFpF,CAAA;iBAEwB,CAAA,SAAA,EAGd,kBAHc,EAAA,OAAA,EAAA,MAAA,EAAA,MAAA,EAAA,MAAA,CAAA,EAMxB,OANwB,CAAA;IAA4D,OAAA,EAAA,OAAA;;eAG1E,CAAA,SAAA,EAMA,kBANA,EAAA,OAAA,EAAA,MAAA,EAAA,KAAA,EAAA;IAGV,KAAA,CAAA,EAAA,MAAA;IAGU,MAAA,CAAA,EAAA,MAAA;MAGV,OAAiB,CAAA;IAAjB,KAAA,EAAiB,YAAjB,EAAA;IAGU,UAAA,EAAA,MAAA,GAAA,IAAA;;cAMA,CAAA,SAAA,EANA,kBAMA,EAAA,OAAA,EAAA,MAAA,EAAA,QAAA,EAAA,MAAA,CAAA,EAHV,OAGU,CAAA;IAKV,QAAA,EAAA,MAAA;IAAO,IAAA,EAAA,MAAA;;2BALG;;;MAKV"}
1
+ {"version":3,"file":"index.d.ts","names":["ChangelogAction","ChangelogActor","ChangelogEntry","ChangelogEntry$1","EncryptedEnvelopeV1","EncryptedEnvelopeV1$1","Field","FieldEnvelope","FieldEnvelope$1","FieldFormat","FieldFormat$1","FieldSensitivity","FieldSensitivity$1","FieldView","GeneratedDataKey","GeneratedDataKey$1","IntegrationConfigResult","IntegrationConfigResult$1","IntegrationConfigSchemaField","IntegrationInstall","IntegrationInstall$1","RegistryEntry","RegistryEntry$1","ScopeInfo","ScopeInfo$1","SecretAggregate","SecretAggregate$1","SecretCategory","SecretCategory$1","SecretMetadata","SecretMetadata$1","SecretScope","SecretScope$1","AgentApiClientConfig","RemoteSessionInfo","SyncAgentInfo","SyncManifestEntry","SyncManifest","Record","SyncPresignedUrl","SyncConfirmedUpload","SyncReconstructFile","SyncReconstructBundle","SyncAgentStats","SyncFileEntry","SyncSessionEntry","SyncSessionContent","SharedFileEntry","KnowledgeScopeType","KnowledgeScope","KnowledgeSearchHit","KnowledgeSearchResult","KnowledgeProfileLink","KnowledgeProfile","KnowledgeDoc","ChangeRequestResourceType","ChangeRequestOperation","ChangeRequestStatus","ChangeRequestActorKind","KnowledgeChangeRequest","ProposeScopeChangeInput","AgentVoiceConfig","AgentSelf","AgentAvatarPresign","AgentVoice","VoiceTtsModel","VoiceTtsArgs","VoiceTtsResult","Buffer","VoiceSttArgs","Uint8Array","VoiceSttResult","AgentApiClient","Promise"],"sources":["../../agent-api-client/dist/index.d.ts","../src/types.ts"],"sourcesContent":["import { ChangelogAction, ChangelogActor, ChangelogEntry, ChangelogEntry as ChangelogEntry$1, EncryptedEnvelopeV1, EncryptedEnvelopeV1 as EncryptedEnvelopeV1$1, Field, FieldEnvelope, FieldEnvelope as FieldEnvelope$1, FieldFormat, FieldFormat as FieldFormat$1, FieldSensitivity, FieldSensitivity as FieldSensitivity$1, FieldView, GeneratedDataKey, GeneratedDataKey as GeneratedDataKey$1, IntegrationConfigResult, IntegrationConfigResult as IntegrationConfigResult$1, IntegrationConfigSchemaField, IntegrationInstall, IntegrationInstall as IntegrationInstall$1, RegistryEntry, RegistryEntry as RegistryEntry$1, ScopeInfo, ScopeInfo as ScopeInfo$1, SecretAggregate, SecretAggregate as SecretAggregate$1, SecretCategory, SecretCategory as SecretCategory$1, SecretMetadata, SecretMetadata as SecretMetadata$1, SecretScope, SecretScope as SecretScope$1 } from \"@alfe/types\";\n\n//#region src/index.d.ts\n\ninterface AgentApiClientConfig {\n apiKey: string;\n apiUrl: string;\n}\ninterface RemoteSessionInfo {\n sessionId: string;\n agentId: string;\n surface: \"browser\" | \"terminal\";\n status: \"agent_driving\" | \"awaiting_human\" | \"human_in_control\" | \"resuming\" | \"completed\" | \"expired\" | \"failed\";\n url?: string;\n instructions?: string;\n requestedAt?: string;\n}\ninterface SyncAgentInfo {\n agentId: string;\n tenantId: string;\n displayName: string;\n s3Prefix: string;\n status: \"stale\" | \"syncing\" | \"synced\";\n fileCount?: number;\n totalSize?: number;\n lastSync?: string;\n}\ninterface SyncManifestEntry {\n hash: string;\n size: number;\n modified: string;\n etag?: string;\n storageClass?: string;\n compressed?: boolean;\n}\ninterface SyncManifest {\n version: 1;\n agentId: string;\n lastSync: string;\n files: Record<string, SyncManifestEntry>;\n}\ninterface SyncPresignedUrl {\n path: string;\n url: string;\n expiresAt: string;\n}\ninterface SyncConfirmedUpload {\n filePath: string;\n hash: string;\n size: number;\n storageClass: \"STANDARD\" | \"GLACIER_IR\";\n syncedAt: string;\n}\ninterface SyncReconstructFile {\n path: string;\n size: number;\n url: string;\n storageClass?: string;\n compressed?: boolean;\n}\ninterface SyncReconstructBundle {\n agentId: string;\n mode: \"full\" | \"active\" | \"memory\";\n fileCount: number;\n totalSize: number;\n files: SyncReconstructFile[];\n expiresAt: string;\n}\ninterface SyncAgentStats {\n agentId: string;\n standardBytes: number;\n glacierBytes: number;\n fileCount: number;\n lastSyncAt: string | null;\n}\ninterface SyncFileEntry {\n filePath: string;\n size: number;\n modified: string;\n contentHash: string;\n storageClass?: string;\n compressed?: boolean;\n}\ninterface SyncSessionEntry {\n sessionId: string;\n size: number;\n lastModified: string;\n storageClass?: string;\n isArchived: boolean;\n}\ninterface SyncSessionContent {\n sessionId: string;\n content: string;\n compressed: boolean;\n}\ninterface SharedFileEntry {\n filePath: string;\n fileName: string;\n size: number;\n contentType?: string;\n}\ntype KnowledgeScopeType = \"org\" | \"team\" | \"project\";\ninterface KnowledgeScope {\n scopeType: KnowledgeScopeType;\n scopeId: string;\n name: string;\n}\ninterface KnowledgeSearchHit {\n id: string;\n text: string;\n /** Normalized relevance in (0,1]; higher = closer. */\n score: number;\n scopeType: KnowledgeScopeType;\n scopeId: string;\n /**\n * Provenance of the hit. All live results are `\"doc\"`; `\"fact\"` only ever\n * appears for legacy vectors indexed before the facts primitive was removed\n * (the search index stays tolerant of them). Treat every hit as a doc.\n */\n source: \"doc\" | \"fact\";\n /** The canonical file under shared/<scope>/ (present on doc hits). */\n filePath?: string;\n /** Legacy-only: the id of a pre-removal fact vector. */\n factId?: string;\n}\ninterface KnowledgeSearchResult {\n results: KnowledgeSearchHit[];\n /** True when fan-out breadth was capped (more member scopes than the cap). */\n truncatedScopes: boolean;\n}\ninterface KnowledgeProfileLink {\n label: string;\n url: string;\n}\ninterface KnowledgeProfile {\n scopeType: KnowledgeScopeType;\n scopeId: string;\n about: string | null;\n description: string | null;\n links: KnowledgeProfileLink[];\n updatedAt: string | null;\n updatedBy: string | null;\n}\ninterface KnowledgeDoc {\n filePath: string;\n fileName: string;\n contentType?: string;\n size: number;\n uploadedBy?: string;\n createdAt: string;\n updatedAt: string;\n}\ntype ChangeRequestResourceType = \"doc\" | \"profile\";\ntype ChangeRequestOperation = \"create\" | \"update\" | \"delete\";\ntype ChangeRequestStatus = \"open\" | \"approved\" | \"rejected\" | \"withdrawn\" | \"superseded\";\ntype ChangeRequestActorKind = \"human\" | \"agent\";\n/** Public projection of a change request (mirrors `PublicChangeRequest` in services/org). */\ninterface KnowledgeChangeRequest {\n changeRequestId: string;\n scopeType: KnowledgeScopeType;\n scopeId: string;\n resourceType: ChangeRequestResourceType;\n operation: ChangeRequestOperation;\n targetPath: string | null;\n baseVersionId: string | null;\n proposedContentType: string | null;\n status: ChangeRequestStatus;\n proposerId: string;\n proposerKind: ChangeRequestActorKind;\n rationale: string;\n reviewerId: string | null;\n reviewerKind: ChangeRequestActorKind | null;\n reviewedAt: string | null;\n reviewNote: string | null;\n appliedRef: string | null;\n createdAt: string;\n updatedAt: string;\n}\n/** Per-type proposal payload for `proposeScopeChange`. */\ninterface ProposeScopeChangeInput {\n resourceType: ChangeRequestResourceType;\n operation: ChangeRequestOperation;\n /** Why the change is proposed — shown to the reviewer. */\n rationale: string;\n /** doc: the path the proposal applies to (e.g. designs/data-center.md). */\n targetPath?: string;\n /** doc create/update: the staged body to upload (markdown or other text). */\n content?: string;\n /** doc create/update: content type of the staged body (default text/markdown). */\n contentType?: string;\n /** profile: the proposed value ({ about, description, links }). */\n proposedValue?: unknown;\n}\n/** Voice settings — core agent config. Mirrors `VoiceConfig` in `@alfe/types`. */\ninterface AgentVoiceConfig {\n /** ElevenLabs voice ID; platform default when unset. */\n voiceId?: string;\n ttsModel?: string;\n enabled?: boolean;\n}\n/**\n * The agent's own public identity, as returned by `updateSelf`, `generateAvatar`,\n * `presignAvatar`'s finalize (`finalizeAvatar`). This is the public agent\n * projection; only the identity-relevant fields are typed here — the response\n * carries the full public agent record.\n */\ninterface AgentSelf {\n agentId: string;\n tenantId: string;\n name: string;\n avatarUrl?: string;\n voiceConfig?: AgentVoiceConfig;\n status: string;\n}\n/** Result of `presignAvatar` — the agent PUTs bytes to `uploadUrl`, then finalizes with `s3Key`. */\ninterface AgentAvatarPresign {\n /** Presigned PUT URL to upload the image bytes to. */\n uploadUrl: string;\n /** Object key — echoed back to `finalizeAvatar`. */\n s3Key: string;\n /** Stable public URL the avatar will be served from once finalized. */\n publicUrl: string;\n /** ISO expiry of the presigned PUT URL. */\n expiresAt: string;\n}\n/** A voice in the platform catalogue (ElevenLabs), from `listVoices`. */\ninterface AgentVoice {\n id: string;\n name: string;\n previewUrl: string;\n description: string;\n labels: Record<string, string>;\n category: string;\n}\n/** The ElevenLabs models with a pricing row — the TTS endpoint rejects any other value. */\ntype VoiceTtsModel = \"eleven_turbo_v2_5\" | \"eleven_multilingual_v2\";\ninterface VoiceTtsArgs {\n /** Text to synthesize (1–5000 chars — the endpoint enforces this). */\n text: string;\n /** ElevenLabs voice id; platform default when unset. */\n voiceId?: string;\n /** TTS model; `eleven_turbo_v2_5` (lower latency) when unset. */\n model?: VoiceTtsModel;\n}\n/** Raw synthesized audio plus its PCM framing (from the response headers). */\ninterface VoiceTtsResult {\n /** Raw little-endian PCM samples — no container. Wrap in WAV to make a playable file. */\n audio: Buffer;\n /** Samples per second (e.g. 24000). */\n sampleRate: number;\n /** Channel count (mono = 1). */\n channels: number;\n /** Bits per sample (e.g. 16). */\n bitDepth: number;\n}\ninterface VoiceSttArgs {\n /** Raw linear16 (16-bit little-endian) mono PCM samples — no WAV/container header. */\n audio: Uint8Array;\n /** Sample rate of `audio` in Hz (8000–48000). */\n sampleRate: number;\n}\ninterface VoiceSttResult {\n text: string;\n /** Deepgram confidence in (0,1]. */\n confidence: number;\n}\ndeclare class AgentApiClient {\n private readonly apiKey;\n private readonly apiUrl;\n constructor(config: AgentApiClientConfig);\n private request;\n syncRegister(args?: {\n displayName?: string;\n }): Promise<{\n agent: SyncAgentInfo;\n }>;\n syncGetManifest(): Promise<SyncManifest>;\n syncPresign(args: {\n files: {\n path: string;\n operation: \"put\" | \"get\";\n contentType?: string;\n }[];\n }): Promise<{\n urls: SyncPresignedUrl[];\n }>;\n syncConfirmUpload(args: {\n filePath: string;\n hash: string;\n size: number;\n storageClass?: \"STANDARD\" | \"GLACIER_IR\";\n }): Promise<SyncConfirmedUpload>;\n syncReconstruct(args: {\n mode: \"full\" | \"active\" | \"memory\";\n }): Promise<SyncReconstructBundle>;\n syncGetStats(): Promise<SyncAgentStats>;\n syncListFiles(args?: {\n prefix?: string;\n }): Promise<{\n files: SyncFileEntry[];\n }>;\n syncListSessions(): Promise<{\n sessions: SyncSessionEntry[];\n }>;\n syncGetSession(sessionId: string): Promise<SyncSessionContent>;\n syncDeleteFile(filePath: string): Promise<{\n removed: boolean;\n }>;\n sharedListFiles(args: {\n scope: \"org\" | \"team\" | \"project\";\n scopeId: string;\n }): Promise<{\n files: SharedFileEntry[];\n nextCursor: string | null;\n }>;\n sharedDownloadUrl(args: {\n scope: \"org\" | \"team\" | \"project\";\n scopeId: string;\n filePath: string;\n }): Promise<{\n downloadUrl: string;\n expiresIn: number;\n }>;\n listIntegrations(): Promise<IntegrationInstall$1[]>;\n getIntegrationConfig(integrationId: string): Promise<IntegrationConfigResult$1>;\n updateIntegrationConfig(integrationId: string, config: Record<string, unknown>): Promise<void>;\n installIntegration(integrationId: string, options?: {\n version?: string;\n config?: Record<string, unknown>;\n }): Promise<IntegrationInstall$1>;\n removeIntegration(integrationId: string): Promise<IntegrationInstall$1>;\n getOAuthUrl(provider: string, scopes?: string[]): Promise<{\n url: string;\n provider: string;\n expiresIn: number;\n }>;\n getOAuthStatus(provider: string): Promise<{\n provider: string;\n connected: boolean;\n config?: Record<string, string>;\n }>;\n getRegistry(): Promise<{\n integrations: RegistryEntry$1[];\n }>;\n /**\n * Returns every connected Google account for the agent. Multi-account by\n * design — the openclaw-google plugin requires the LLM to pass `email`\n * explicitly to `google_run_command` so an account is always selected\n * deliberately.\n *\n * 2026-05-14 (connections-redesign PR 1): the legacy flat shape (`email`,\n * `refreshToken`, `accessToken`, etc., populated from the default account)\n * is gone. Iterate over `accounts`.\n */\n getGoogleCredentials(): Promise<{\n accounts: {\n email: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n displayName?: string;\n connectedAt?: string;\n }[];\n }>;\n disconnectGoogleAccount(email: string): Promise<{\n accounts: {\n email: string;\n displayName?: string;\n connectedAt?: string;\n }[];\n }>;\n getGoogleChatCredentials(): Promise<{\n email: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n displayName?: string;\n }>;\n /**\n * Fetch decrypted credentials for ONE specific connection by its\n * stable connectionId (connection-scoped, vs the provider-scoped\n * `get<Provider>Credentials` helpers). Used by the daemon to resolve\n * a Custom Connection-driven integration's credentials from the\n * exact connection it was installed from — every custom connection\n * shares the `custom` provider id, so provider-scoping is ambiguous.\n *\n * For custom connections `accessToken` is the JSON-encoded secret\n * bundle (the daemon un-bundles it); non-secret fields are on\n * `providerMetadata`. The endpoint enforces that the connection is in\n * the calling agent's effective scope (403 otherwise).\n */\n getConnectionCredentials(connectionId: string): Promise<{\n provider: string;\n connectionId: string;\n accountIdentifier?: string;\n accessToken?: string;\n providerMetadata?: Record<string, unknown>;\n [key: string]: unknown;\n }>;\n /**\n * @deprecated Returns a single primary credential blob (legacy \"pick-the-\n * default-connection\" shape). Use `getGithubAccounts()` for the multi-\n * account shape required by Pattern A — explicit selector args on every\n * tool. Retained because the `@alfe.ai/github-mcp` proxy is the\n * only consumer that knows about Pattern A; legacy env-interpolation\n * callers will keep hitting `/credentials` until they move to the proxy.\n */\n getGithubCredentials(): Promise<{\n login: string;\n accessToken: string;\n }>;\n /**\n * Pattern A: multi-account credential fetch for GitHub.\n *\n * Returns every agent-scoped GitHub connection. The caller is expected\n * to require a `login` selector on every credential-touching tool and\n * look up the matching account at dispatch time.\n *\n * GitHub OAuth tokens have no expiry (`tokenLifecycle: \"no_expiry\"`),\n * so there is intentionally no `refreshGithubAccountToken` method — if\n * a token is revoked the user must re-run the OAuth flow.\n *\n * Returned `accounts[i].login` is the GitHub username — the stable\n * cross-session identifier the LLM should pass.\n */\n getGithubAccounts(): Promise<{\n accounts: {\n connectionId: string;\n accountIdentifier: string;\n displayName: string | null;\n connectedAt: string;\n accessToken: string;\n login: string;\n scopes: string;\n }[];\n }>;\n /**\n * @deprecated Returns a single primary credential blob (legacy \"pick-the-\n * default-connection\" shape). Use `getXeroAccounts()` for the multi-\n * account shape required by Pattern A — explicit selector args on every\n * tool. This method will be removed once all consumers migrate.\n */\n getXeroCredentials(): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n xeroTenantId: string;\n }>;\n /**\n * Pattern A: multi-account credential fetch for Xero. Returns every\n * agent-scoped Xero connection. The caller is expected to require a\n * selector arg (e.g. `xeroTenantId`) on every credential-touching tool\n * and look up the matching account by that selector at dispatch time.\n *\n * Returned `accounts[i].accountIdentifier` is the Xero tenantId — the\n * stable cross-session identifier the LLM should pass.\n */\n getXeroAccounts(): Promise<{\n accounts: {\n connectionId: string;\n accountIdentifier: string;\n displayName: string | null;\n connectedAt: string;\n accessToken: string;\n accessTokenExpiresAt: string;\n xeroTenantId: string;\n }[];\n }>;\n refreshXeroToken(): Promise<{\n accessToken: string;\n expiresAt: string;\n }>;\n /**\n * Pattern A: refresh a specific Xero connection by its `accountIdentifier`\n * (the Xero `tenantId`). The legacy `refreshXeroToken()` only refreshes\n * the *primary* connection, which is wrong for multi-tenant Xero where\n * each tenant has its own non-interchangeable access token.\n */\n refreshXeroAccountToken(xeroTenantId: string): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n expiresAt: string;\n }>;\n /**\n * @deprecated Returns a single primary credential blob (legacy \"pick-the-\n * default-connection\" shape). Use `getNotionAccounts()` for the multi-\n * account shape required by Pattern A.\n */\n getNotionCredentials(): Promise<{\n accessToken: string;\n workspaceId: string;\n workspaceName: string;\n }>;\n /**\n * Pattern A: multi-account credential fetch for Notion. Returns every\n * agent-scoped Notion connection. The caller is expected to require a\n * selector arg (e.g. `workspaceId`) on every credential-touching tool.\n *\n * Returned `accounts[i].accountIdentifier` is the Notion workspaceId.\n */\n getNotionAccounts(): Promise<{\n accounts: {\n connectionId: string;\n accountIdentifier: string;\n displayName: string | null;\n connectedAt: string;\n accessToken: string;\n workspaceId: string;\n workspaceName: string;\n }[];\n }>;\n /**\n * @deprecated Returns a single primary Atlassian Connection's credentials\n * (one OAuth user, one cloudId) — the legacy \"pick-the-default-connection\"\n * shape. Atlassian is multi-site by nature (each OAuth user may have\n * access to multiple Cloud sites), so Pattern A plugins MUST use\n * `getAtlassianAccounts()` to discover the full set and dispatch via\n * the `cloudId` selector arg.\n */\n getAtlassianCredentials(): Promise<{\n accessToken: string;\n refreshToken: string;\n accessTokenExpiresAt: string;\n cloudId: string;\n siteName: string;\n siteUrl: string;\n email: string;\n enabledProducts: string[];\n clientId: string;\n clientSecret: string;\n }>;\n refreshAtlassianToken(): Promise<{\n accessToken: string;\n expiresAt: string;\n }>;\n /**\n * Pattern A: multi-account / multi-site credential fetch for Atlassian.\n *\n * Returns every agent-scoped Atlassian Connection. Each Connection is\n * one OAuth user with a single access token and N accessible Cloud\n * sites (`availableSites`). The caller is expected to:\n *\n * 1. Flatten (connection × cloudId) into one MCP child per site.\n * 2. Require a `cloudId` selector on every credential-touching tool.\n * 3. Use the access token bound to the Connection that owns the\n * requested `cloudId` (Atlassian shares one access token across\n * all sites accessible to the OAuth user).\n *\n * Per-account token refresh uses `refreshAtlassianAccountToken(email)`\n * — refreshing one Connection rotates its single access token, which\n * then applies to every cloudId for that Connection.\n *\n * Returned `accounts[i].accountIdentifier` is the OAuth user's email\n * — the stable cross-session identifier for refresh purposes. The LLM\n * never sees this directly: it picks a site via the `cloudId` arg\n * instead.\n */\n getAtlassianAccounts(): Promise<{\n accounts: {\n connectionId: string;\n accountIdentifier: string;\n displayName: string | null;\n connectedAt: string;\n accessToken: string;\n accessTokenExpiresAt: string;\n clientId: string;\n clientSecret: string;\n cloudId: string;\n siteName: string;\n siteUrl: string;\n availableSites: {\n id: string;\n url: string;\n name: string;\n scopes?: string[];\n avatarUrl?: string;\n }[];\n }[];\n }>;\n /**\n * Pattern A: refresh a specific Atlassian Connection by `accountIdentifier`\n * (the OAuth user's email).\n *\n * Atlassian rotates refresh tokens (`rotatesRefreshToken: true`); the\n * server-side per-account refresh endpoint handles rotation and\n * persistence. Refreshing one Connection updates its single access\n * token, which applies to every accessible Cloud site (cloudId) for\n * that OAuth user.\n *\n * Returns the new access token + expiry. The proxy is responsible for\n * fanning the new token out to every child server it spawned for\n * cloudIds owned by this Connection.\n */\n refreshAtlassianAccountToken(accountIdentifier: string): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n expiresAt: string;\n }>;\n /**\n * @deprecated Returns a single primary credential blob (legacy \"pick-the-\n * default-connection\" shape). Use `getMYOBAccounts()` for the multi-\n * account shape required by Pattern A.\n */\n getMYOBCredentials(): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n myobBusinessId: string;\n clientId: string;\n }>;\n /**\n * Pattern A: multi-account credential fetch for MYOB. Returns every\n * agent-scoped MYOB connection. The caller is expected to require a\n * selector arg (e.g. `myobBusinessId` / `accountIdentifier`) on every\n * credential-touching tool.\n *\n * Returned `accounts[i].accountIdentifier` is the MYOB businessId.\n */\n getMYOBAccounts(): Promise<{\n accounts: {\n connectionId: string;\n accountIdentifier: string;\n displayName: string | null;\n connectedAt: string;\n accessToken: string;\n accessTokenExpiresAt: string;\n myobBusinessId: string;\n clientId: string;\n }[];\n }>;\n refreshMYOBToken(): Promise<{\n accessToken: string;\n expiresAt: string;\n }>;\n /**\n * @deprecated Returns a single primary credential blob. Use\n * `getSalesforceAccounts()` for the multi-account shape required by\n * Pattern A.\n */\n getSalesforceCredentials(): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n instanceUrl: string;\n orgId: string;\n }>;\n /**\n * Pattern A: multi-account credential fetch for Salesforce. Returns every\n * agent-scoped Salesforce connection. One OAuth grant maps to one org, so\n * `accounts[i].accountIdentifier` (and `orgId`) is the Salesforce org id —\n * the selector every credential-touching tool requires.\n */\n getSalesforceAccounts(): Promise<{\n accounts: {\n connectionId: string;\n accountIdentifier: string;\n displayName: string | null;\n connectedAt: string;\n accessToken: string;\n accessTokenExpiresAt: string;\n instanceUrl: string;\n orgId: string;\n }[];\n }>;\n /**\n * Refresh the access token for a specific Salesforce org. Salesforce\n * tokens aren't interchangeable across orgs, so the connection is targeted\n * by `accountIdentifier` (the org id) — mirrors `refreshXeroAccountToken`.\n */\n refreshSalesforceAccountToken(orgId: string): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n expiresAt: string;\n }>;\n /**\n * Microsoft 365 (delegated OAuth) credential fetch — single-account shape.\n *\n * @deprecated Use `getMicrosoftAccounts()` and dispatch via the `email`\n * selector once per-account plugins land. Retained because the existing\n * `integrations/connect/microsoft/hooks/post_activate.mjs` writes\n * `mgc` credentials for the single (default) Microsoft account.\n *\n * Returns the agent's effective Microsoft delegated-OAuth credentials.\n * Distinct from `getTeamsCredentials()` (Azure bot credentials for the\n * Teams adapter, which is admin-consent flow on services/microsoft, not\n * delegated OAuth on services/connect).\n */\n getMicrosoftCredentials(): Promise<{\n accessToken: string;\n accessTokenExpiresAt?: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n email?: string;\n microsoftTenantId?: string;\n workspaceDomain?: string;\n }>;\n /**\n * Pattern A: multi-account credential fetch for Microsoft 365.\n *\n * Returns every agent-scoped Microsoft connection. The caller is expected\n * to require an `email` selector on every credential-touching tool and\n * look up the matching account at dispatch time.\n *\n * Returned `accounts[i].accountIdentifier` is the user's primary email\n * (or the tid claim as fallback) — the stable cross-session identifier\n * the LLM should pass.\n *\n * Per-account token refresh is exposed via `refreshMicrosoftAccountToken`,\n * NOT `refreshXeroAccountToken` — Microsoft refresh tokens are not\n * interchangeable across (tenant, user) pairs.\n */\n getMicrosoftAccounts(): Promise<{\n accounts: {\n connectionId: string;\n accountIdentifier: string;\n displayName: string | null;\n connectedAt: string;\n accessToken: string;\n accessTokenExpiresAt: string;\n refreshToken: string;\n clientId: string;\n clientSecret: string;\n email: string;\n microsoftTenantId: string;\n workspaceDomain: string;\n }[];\n }>;\n /**\n * Pattern A: refresh a specific Microsoft 365 connection by its\n * `accountIdentifier`. For Microsoft, `accountIdentifier` is the user's\n * email when the Graph profile fetch succeeded at connect time, and the\n * Azure tenant id (`tid` claim) as fallback. Callers should pass the\n * value returned by `getMicrosoftAccounts()` rather than synthesising\n * an email locally.\n *\n * Microsoft refresh tokens are bound to a specific (tenant, user) pair —\n * they are NOT interchangeable across accounts, so per-account refresh\n * is mandatory. The generic /accounts/{accountIdentifier}/refresh\n * endpoint walks the agent's full visible scope chain to find a matching\n * connection (works for inherited team/project Microsoft connections).\n */\n refreshMicrosoftAccountToken(accountIdentifier: string): Promise<{\n accessToken: string;\n accessTokenExpiresAt: string;\n expiresAt: string;\n }>;\n getTeamsCredentials(): Promise<{\n agentId: string;\n tenantId: string;\n azureAppId: string;\n azureBotId: string;\n azureClientSecret: string;\n botDisplayName?: string;\n teamsTenantId?: string;\n serviceUrl?: string;\n }>;\n sendTeamsMessage(data: {\n conversationId: string;\n text?: string;\n adaptiveCard?: Record<string, unknown>;\n }): Promise<{\n ok: boolean;\n activityId: string;\n }>;\n listTeamsChannels(): Promise<{\n channels: {\n id: string;\n name: string;\n description?: string;\n }[];\n }>;\n presignAttachments(files: {\n filename: string;\n mimeType: string;\n size: number;\n }[]): Promise<{\n attachments: {\n id: string;\n uploadUrl: string;\n downloadUrl: string;\n s3Key: string;\n expiresAt: string;\n }[];\n }>;\n /**\n * Generate an image from a text prompt and get back a STABLE, public URL\n * (served from the agent-assets CDN — it does not expire). The image is\n * generated + stored server-side; embed the returned `imageUrl` in a reply as\n * markdown to show it to the user.\n *\n * Unlike most methods this reads the server's error body so a bad-request\n * detail (e.g. an unsupported `size`) reaches the caller instead of an opaque\n * \"request failed (400)\". Not retried — generation is expensive and\n * non-idempotent.\n */\n generateImage(args: {\n prompt: string;\n model?: string;\n size?: string;\n quality?: string;\n }): Promise<{\n imageUrl: string;\n model: string;\n }>;\n recordActivity(data: {\n userId?: string;\n channel: string;\n role: \"user\" | \"assistant\";\n }): Promise<{\n recorded: boolean;\n }>;\n /** Update the agent's own name and/or voice config. Returns the updated agent. */\n updateSelf(update: {\n name?: string;\n voiceConfig?: AgentVoiceConfig;\n }): Promise<AgentSelf>;\n /**\n * Generate the agent's own avatar from a text prompt. The image is generated,\n * stored, and set on the agent server-side; returns the updated agent.\n */\n generateAvatar(args: {\n prompt: string;\n }): Promise<AgentSelf>;\n /**\n * Get a presigned PUT URL to upload a new avatar image. Upload the bytes to\n * `uploadUrl`, then call `finalizeAvatar(s3Key)` to set it on the agent.\n */\n presignAvatar(args: {\n mimeType: string;\n size: number;\n }): Promise<AgentAvatarPresign>;\n /**\n * Finalize an avatar upload — validates ownership + size, then sets the\n * agent's `avatarUrl` server-side. Returns the updated agent.\n */\n finalizeAvatar(s3Key: string): Promise<AgentSelf>;\n /** List the platform voice catalogue (ElevenLabs) so the agent can pick its own voice. */\n listVoices(): Promise<{\n voices: AgentVoice[];\n }>;\n /**\n * Mint a fresh AES-256 data key for a specific (secret, field) pair. The\n * encryption context is rebuilt server-side from `auth.tenantId` + the body\n * fields including `fieldKey`; the agent cannot forge context for a scope\n * or field it doesn't own. Legacy single-envelope secrets are migrated to\n * `field#value` rows by the data migration, so call with `fieldKey: \"value\"`\n * to reach them.\n */\n generateSecretDataKey(args: {\n scope: SecretScope$1;\n scopeId: string;\n secretId: string;\n fieldKey: string;\n }): Promise<GeneratedDataKey$1>;\n /**\n * Unwrap a wrapped data key so the agent can decrypt the envelope locally.\n * `fieldKey` MUST match the value supplied when the data key was generated\n * (it's bound into KMS encryption context); mismatch fails with\n * `InvalidCiphertextException`.\n */\n decryptSecretDataKey(args: {\n scope: SecretScope$1;\n scopeId: string;\n secretId: string;\n fieldKey: string;\n dataKeyCiphertext: string;\n }): Promise<{\n plaintextKey: string;\n }>;\n /**\n * Create a new secret with one or more fields. Encrypted fields must arrive\n * pre-sealed (the agent has already obtained per-field data keys via\n * `generateSecretDataKey({ ..., fieldKey })` and AES-encrypted locally).\n * Plaintext fields ship the value inline.\n */\n createSecret(args: {\n scope: SecretScope$1;\n scopeId: string;\n secretId: string;\n secretName: string;\n category?: SecretCategory$1;\n description?: string;\n tags?: string[];\n fields: {\n key: string;\n format?: FieldFormat$1;\n sensitivity: FieldSensitivity$1;\n value?: string;\n envelope?: EncryptedEnvelopeV1$1;\n }[];\n reason?: string;\n }): Promise<SecretAggregate$1>;\n /** Fetch the secret aggregate plus per-field encrypted envelopes. */\n getSecret(args: {\n scope: SecretScope$1;\n scopeId: string;\n secretId: string;\n }): Promise<{\n aggregate: SecretAggregate$1;\n envelopes: FieldEnvelope$1[];\n }>;\n /** Fetch one field. Plaintext: value inline. Encrypted: envelope. */\n getSecretField(args: {\n scope: SecretScope$1;\n scopeId: string;\n secretId: string;\n fieldKey: string;\n }): Promise<{\n key: string;\n sensitivity: FieldSensitivity$1;\n format?: FieldFormat$1;\n value?: string;\n envelope?: EncryptedEnvelopeV1$1;\n rotatedAt?: string;\n createdAt: string;\n updatedAt: string;\n }>;\n /** Add OR rotate one field. */\n setSecretField(args: {\n scope: SecretScope$1;\n scopeId: string;\n secretId: string;\n fieldKey: string;\n sensitivity: FieldSensitivity$1;\n format?: FieldFormat$1;\n value?: string;\n envelope?: EncryptedEnvelopeV1$1;\n reason?: string;\n }): Promise<{\n fieldKey: string;\n rotated: boolean;\n }>;\n /** Remove one field. */\n removeSecretField(args: {\n scope: SecretScope$1;\n scopeId: string;\n secretId: string;\n fieldKey: string;\n }): Promise<void>;\n /** Update secret-level metadata (name/description/tags/category). */\n updateSecretMetadata(args: {\n scope: SecretScope$1;\n scopeId: string;\n secretId: string;\n secretName?: string;\n description?: string;\n tags?: string[];\n category?: SecretCategory$1;\n reason?: string;\n }): Promise<SecretAggregate$1>;\n /** List metadata for secrets in a scope. Optional filters route through the byFacet GSI. */\n listSecrets(args: {\n scope: SecretScope$1;\n scopeId: string;\n category?: SecretCategory$1;\n tag?: string;\n fieldKey?: string;\n }): Promise<SecretMetadata$1[]>;\n /** Bounded changelog read — metadata-only audit entries. */\n getSecretHistory(args: {\n scope: SecretScope$1;\n scopeId: string;\n secretId: string;\n limit?: number;\n cursor?: string;\n }): Promise<{\n entries: ChangelogEntry$1[];\n nextCursor?: string;\n }>;\n /** Delete a secret (and all its field rows + tag rows + changelog rows). */\n deleteSecret(args: {\n scope: SecretScope$1;\n scopeId: string;\n secretId: string;\n }): Promise<void>;\n /** Enumerate scopes (org/team/project/agent) this agent can access. */\n listSecretScopes(): Promise<ScopeInfo$1[]>;\n /**\n * Returns the calling agent's own identity context — `{ agentId, tenantId }`\n * decoded server-side from the agent API token. Used by the\n * `@alfe.ai/openclaw-identity` plugin to bootstrap context when the\n * OpenClaw daemon doesn't plumb `ctx.agentId` through to plugin hooks.\n * Plugins should cache this for the daemon's lifetime (single-agent-per-\n * process invariant). One HTTP round-trip per process activate; not for\n * per-call use.\n */\n whoami(): Promise<{\n agentId: string;\n tenantId: string;\n }>;\n resolveIdentity(args: {\n provider: string;\n platformId: string;\n kind?: \"user\" | \"agent\" | \"service\" | \"bot\" | \"workspace\";\n displayName?: string;\n }): Promise<{\n identityId: string | null;\n status: string;\n created?: boolean;\n reason?: string;\n /**\n * Flattened auriclabs permission strings for the resolved identity\n * (scope-prefixed where applicable). Empty array on miss / org service\n * outage — the runtime gate fails closed in that case.\n */\n permissions: string[];\n }>;\n searchIdentities(args?: {\n q?: string;\n status?: string;\n limit?: number;\n }): Promise<{\n identities: unknown[];\n }>;\n getIdentityContext(identityId: string): Promise<{\n context: unknown;\n }>;\n mergeIdentities(survivorId: string, args: {\n mergedId: string;\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n error?: string;\n }>;\n unmergeIdentity(identityId: string, args: {\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n error?: string;\n }>;\n addIdentityNote(identityId: string, args: {\n content: string;\n category?: string;\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n noteId: string | null;\n }>;\n tagIdentity(identityId: string, args: {\n tag: string;\n action: \"add\" | \"remove\";\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n }>;\n getIdentityChangelog(identityId: string, args?: {\n limit?: number;\n }): Promise<{\n entries: unknown[];\n }>;\n rollbackIdentity(identityId: string, args: {\n targetVersion: number;\n changedBy: {\n type: string;\n id: string;\n name?: string;\n };\n }): Promise<{\n ok: boolean;\n entry?: unknown;\n }>;\n requestIdentityVerification(args: {\n claimedIdentityId: string;\n requestingIdentityId: string;\n requestingProvider: string;\n requestingPlatformId: string;\n preferredChannel?: \"mobile\" | \"email\";\n /**\n * Phase 2: agent-supplied contact endpoint. When provided, the top-level\n * `preferredChannel` is ignored — the contact's channel wins.\n */\n contact?: {\n channel: \"email\" | \"mobile\";\n value: string;\n };\n }): Promise<{\n verificationId: string;\n channel: string;\n deliveredTo: string;\n expiresAt: string;\n availableChannels: {\n channel: string;\n deliveredTo: string;\n }[];\n } | {\n error: string;\n }>;\n confirmIdentityVerification(args: {\n claimedIdentityId: string;\n verificationId: string;\n phrase: string;\n }): Promise<{\n verified: boolean;\n identityId?: string;\n /** Phase 2: how the confirm resolved — Scenario A vs B. */\n action?: \"merged\" | \"contact_verified\";\n error?: string;\n }>;\n /**\n * Update display-shape fields on an Identity. Body excludes `email` /\n * `phone` / `title` / `company` / `metadata` per Section D4 — contacts go\n * via the verify flow, title/company live on OrgMembership, metadata is\n * not agent-writable.\n */\n updateIdentity(identityId: string, args: {\n name?: string;\n avatarUrl?: string;\n timezone?: string;\n locale?: string;\n }): Promise<{\n ok: boolean;\n }>;\n /**\n * Phase 2 (Section H): server-side verification of a Google Chat sender via\n * the agent's existing Google OAuth credentials. Returns the resolved\n * identity (created or matched via Scenario-B email enrichment).\n */\n resolveGoogleChatSender(args: {\n senderUserId: string;\n spaceId?: string;\n }): Promise<{\n identityId: string | null;\n status: string;\n }>;\n memorySearch(query: string, opts?: {\n limit?: number;\n topic?: string;\n subtopic?: string;\n tag?: string;\n includeKnowledge?: boolean;\n }): Promise<{\n facts: {\n subject: string;\n predicate: string;\n object: string;\n since: string;\n confidence: number;\n }[];\n memories: {\n id: string;\n text: string;\n topic: string;\n subtopic: string;\n tag: string;\n importance: number;\n timestamp: number;\n score: number;\n }[];\n }>;\n memoryStore(text: string, opts?: {\n topic?: string;\n subtopic?: string;\n tag?: string;\n importance?: number;\n }): Promise<{\n memoryId: string;\n }>;\n memoryIngest(sessionKey: string, messages: {\n role: string;\n content: string;\n index: number;\n timestamp?: string;\n }[], metadata?: {\n channelId?: string;\n userId?: string;\n userName?: string;\n }): Promise<{\n queued: boolean;\n messageCount: number;\n }>;\n memoryLoadContext(tier?: number, topicHint?: string): Promise<{\n formatted: string;\n [key: string]: unknown;\n }>;\n memoryLookupEntity(subject: string): Promise<{\n subject: string;\n triples: {\n tripleId: string;\n predicate: string;\n object: string;\n validFrom: string;\n validTo?: string;\n confidence: number;\n }[];\n }>;\n memoryNavigate(): Promise<{\n topics: {\n name: string;\n tripleCount: number;\n subtopics: string[];\n }[];\n cursor: string | null;\n }>;\n memoryDelete(memoryId: string): Promise<{\n deleted: boolean;\n }>;\n memoryStats(): Promise<{\n vectorCount: number;\n tripleCount: number;\n storageEstimateBytes: number;\n lastIngestionAt?: string;\n }>;\n memoryLearn(args: {\n text: string;\n source?: string;\n sourceType?: \"file\" | \"url\" | \"inline\";\n metadata?: {\n sessionId?: string;\n channelId?: string;\n userName?: string;\n };\n }): Promise<{\n memoriesStored: number;\n triplesStored: number;\n chunks: number;\n source?: string;\n }>;\n memoryBootstrapStatus(): Promise<{\n synced: boolean;\n syncedAt?: string;\n sessionsBackfillSynced?: boolean;\n sessionsBackfillSyncedAt?: string;\n }>;\n memoryBootstrapStatusMark(scope?: \"files\" | \"sessions\"): Promise<{\n synced: true;\n syncedAt: string;\n }>;\n searchWeb(params: {\n query: string;\n count?: number;\n offset?: number;\n country?: string;\n freshness?: string;\n }): Promise<unknown>;\n searchImages(params: {\n query: string;\n count?: number;\n }): Promise<unknown>;\n searchNews(params: {\n query: string;\n count?: number;\n freshness?: string;\n }): Promise<unknown>;\n /**\n * Semantic search across the agent's member scopes. Fan-out is gated\n * server-side by `listScopes` set-inclusion (fail-closed). Pass\n * `scopeType` + `scopeId` to narrow to one scope; a non-member scope\n * yields empty results (never a cross-scope leak).\n */\n knowledgeSearch(query: string, opts?: {\n limit?: number;\n scopeType?: KnowledgeScopeType;\n scopeId?: string;\n }): Promise<KnowledgeSearchResult>;\n /** Enumerate the scopes (org + teams + projects) this agent belongs to. */\n listScopes(): Promise<{\n scopes: KnowledgeScope[];\n }>;\n /** Read a scope's structured knowledge profile (after membership check). */\n getScopeProfile(scopeType: KnowledgeScopeType, scopeId: string): Promise<KnowledgeProfile>;\n /** List a scope's docs (the org-files corpus; mirrored to shared/<scope>/). */\n listScopeDocs(scopeType: KnowledgeScopeType, scopeId: string, opts?: {\n limit?: number;\n cursor?: string;\n }): Promise<{\n files: KnowledgeDoc[];\n nextCursor: string | null;\n }>;\n /**\n * Read the full text of a scope doc. Resolves a presigned download URL\n * from `services/org`, then fetches the bytes directly from S3 (the one\n * legitimate raw fetch in a plugin — same pattern as sync).\n */\n readScopeDoc(scopeType: KnowledgeScopeType, scopeId: string, filePath: string): Promise<{\n filePath: string;\n text: string;\n }>;\n /**\n * Write (create or overwrite) a scope doc. Two-step presigned upload:\n * `services/org` returns a signed URL plus `requiredHeaders` (author /\n * authorKind / message as `x-amz-meta-*`) that MUST be sent verbatim on\n * the PUT, alongside the same `Content-Type` that was signed. Author and\n * authorKind are server-set from the agent token — never trusted here.\n */\n writeScopeDoc(scopeType: KnowledgeScopeType, scopeId: string, filePath: string, content: string, opts?: {\n contentType?: string;\n message?: string;\n }): Promise<{\n filePath: string;\n }>;\n /**\n * Open a change request against a scope's knowledge resource. For a doc\n * create/update, `services/org` returns a presigned staging PUT; this method\n * uploads the proposed `content` to it (echoing the same Content-Type that\n * was signed), mirroring `writeScopeDoc`. The staged body is applied to the\n * canonical doc — attributed to this agent — only when a reviewer approves.\n */\n proposeScopeChange(scopeType: KnowledgeScopeType, scopeId: string, input: ProposeScopeChangeInput): Promise<KnowledgeChangeRequest>;\n /**\n * List the agent's OWN change requests in a scope (filtered server-side to\n * this agent as proposer). Pass `status` to narrow to open / approved / etc.\n */\n listScopeChangeRequests(scopeType: KnowledgeScopeType, scopeId: string, opts?: {\n status?: ChangeRequestStatus;\n limit?: number;\n cursor?: string;\n }): Promise<{\n changeRequests: KnowledgeChangeRequest[];\n nextCursor: string | null;\n }>;\n registerDatabaseCredentials(): Promise<{\n connectionString: string;\n username: string;\n password: string;\n databases: string[];\n }>;\n reportDatabaseAudit(entry: {\n database: string;\n collection: string;\n operation: string;\n summary?: string;\n }): Promise<void>;\n requestBrowserTakeover(args: {\n instructions: string;\n url?: string;\n conversationId?: string;\n }): Promise<{\n sessionId: string;\n status: string;\n }>;\n getRemoteSession(sessionId: string): Promise<RemoteSessionInfo>;\n completeRemoteSession(sessionId: string): Promise<{\n ok: boolean;\n }>;\n /**\n * Issue a request that returns the raw `Response` (no JSON parsing, no\n * forced Content-Type). The caller sets `Content-Type`/`Accept` on `headers`\n * and reads the body itself (`arrayBuffer()` / `json()`).\n *\n * A single retry fires only on the same transient statuses `request()`\n * retries (authorizer-timeout 500 + LB 502/503/504) and transient network\n * errors — before the route handler runs — so re-issuing a POST does not\n * risk a duplicate side effect. Voice TTS/STT are effectively idempotent\n * (re-synthesize / re-transcribe) and meter server-side keyed on the\n * gateway requestId, so a retried transcription doesn't double-bill.\n */\n private rawFetch;\n /**\n * Text-to-speech. Returns raw PCM audio bytes plus their framing — the\n * voice service defaults to 24 kHz / mono / 16-bit. Wrap in a WAV container\n * to produce a playable file. Metered per character against the tenant\n * credit pool server-side; TTS completes regardless of metering outcome.\n */\n tts(args: VoiceTtsArgs): Promise<VoiceTtsResult>;\n /**\n * Speech-to-text. Accepts raw linear16 (16-bit LE) mono PCM — NOT a WAV or\n * other container (the endpoint transcribes with a fixed linear16 encoding,\n * so a container header would be transcribed as noise). Strip any WAV header\n * and pass `sampleRate` from it before calling. Metered by transcribed\n * duration against the tenant credit pool server-side.\n */\n stt(args: VoiceSttArgs): Promise<VoiceSttResult>;\n}\n//# sourceMappingURL=index.d.ts.map\n//#endregion\nexport { AgentApiClient, AgentApiClientConfig, AgentAvatarPresign, AgentSelf, AgentVoice, AgentVoiceConfig, ChangeRequestActorKind, ChangeRequestOperation, ChangeRequestResourceType, ChangeRequestStatus, type ChangelogAction, type ChangelogActor, type ChangelogEntry, type EncryptedEnvelopeV1, type Field, type FieldEnvelope, type FieldFormat, type FieldSensitivity, type FieldView, type GeneratedDataKey, type IntegrationConfigResult, type IntegrationConfigSchemaField, type IntegrationInstall, KnowledgeChangeRequest, KnowledgeDoc, KnowledgeProfile, KnowledgeProfileLink, KnowledgeScope, KnowledgeScopeType, KnowledgeSearchHit, KnowledgeSearchResult, ProposeScopeChangeInput, type RegistryEntry, RemoteSessionInfo, type ScopeInfo, type SecretAggregate, type SecretCategory, type SecretMetadata, type SecretScope, SharedFileEntry, SyncAgentInfo, SyncAgentStats, SyncConfirmedUpload, SyncFileEntry, SyncManifest, SyncManifestEntry, SyncPresignedUrl, SyncReconstructBundle, SyncReconstructFile, SyncSessionContent, SyncSessionEntry, VoiceSttArgs, VoiceSttResult, VoiceTtsArgs, VoiceTtsModel, VoiceTtsResult };\n//# sourceMappingURL=index.d.ts.map"],"mappings":";;;;KAqGKgD,kBAAAA;UACKC,cAAAA;aACGD;;;;UAIHE,kBAAAA;;;;;aAKGF;;;;;;;;;;;;;UAaHG,qBAAAA;WACCD;;;;UAIDE,oBAAAA;;;;UAIAC,gBAAAA;aACGL;;;;SAIJI;;;;UAICE,YAAAA;;;;;;;;;;;UC/HO,eAAA;EDqFZN;EACKC,aAAAA,EAAAA,OAAc;EAKdC;EAkBAC,SAAAA,EAAAA,MAAAA;AACmB;AAIC;;;;;AASD;UC9GZ,YAAA;qCAAY;;IAbZ,SAAA,CAAA,EAgBwB,kBAhBT;IAaf,OAAA,CAAA,EAAA,MAAY;EAAA,CAAA,CAAA,EAIxB,OAJwB,CAIhB,qBAJgB,CAAA;YAGY,EAAA,EAGzB,OAHyB,CAAA;IAC5B,MAAA,EAEqB,cAFrB,EAAA;;iBAEqB,CAAA,SAAA,EAEL,kBAFK,EAAA,OAAA,EAAA,MAAA,CAAA,EAEiC,OAFjC,CAEyC,gBAFzC,CAAA;eAAlB,CAAA,SAAA,EAKD,kBALC,EAAA,OAAA,EAAA,MAAA,EAAA,KAAA,EAAA;IAEa,KAAA,CAAA,EAAA,MAAA;IAA8C,MAAA,CAAA,EAAA,MAAA;MAMtE,OAN8D,CAAA;IAGpD,KAAA,EAGO,YAHP,EAAA;IAGO,UAAA,EAAA,MAAA,GAAA,IAAA;;cAGP,CAAA,SAAA,EAAA,kBAAA,EAAA,OAAA,EAAA,MAAA,EAAA,QAAA,EAAA,MAAA,CAAA,EAGV,OAHU,CAAA;IAGV,QAAA,EAAA,MAAA;IAGU,IAAA,EAAA,MAAA;;EAKH,aAAA,CAAA,SAAA,EALG,kBAKH,EAAA,OAAA,EAAA,MAAA,EAAA,QAAA,EAAA,MAAA,EAAA,OAAA,EAAA,MAAA,EAAA,KAAA,EAAA;;;MAAP"}
package/dist/plugin.d.cts CHANGED
@@ -7,15 +7,27 @@
7
7
  * attributable, deliberate-publish knowledge that humans and other agents
8
8
  * read and contribute to.
9
9
  *
10
+ * Shared knowledge is curated DOCUMENTS (+ scope profiles). There is no
11
+ * free-floating "fact" primitive: an agent that learns something durable
12
+ * finds the right document and edits it in (search → read_doc → write_doc /
13
+ * propose_change). Quick or uncertain capture belongs in the agent's private
14
+ * per-agent memory, not shared knowledge.
15
+ *
10
16
  * Backed by:
11
- * - services/knowledge — RAG search (vector index over docs + facts)
17
+ * - services/knowledge — RAG search (vector index over docs)
12
18
  * - services/org — system of record + per-agent membership gate
13
- * (docs, facts, profile)
19
+ * (docs, profile)
14
20
  *
15
21
  * Registers:
16
22
  * - Tools: resource_search, resource_read_doc, resource_write_doc,
17
- * resource_write_fact, resource_get_profile, resource_list_scopes
23
+ * resource_get_profile, resource_list_scopes,
24
+ * resource_propose_change, resource_list_change_requests
18
25
  * - Lifecycle hook: before_agent_start (bounded org-profile + scope-list inject)
26
+ *
27
+ * NOTE: every tool name here MUST also appear in `openclaw.plugin.json`'s
28
+ * `contracts.tools` allowlist — OpenClaw (2026.5+) gates the model's tool
29
+ * payload on that strict-literal list, so a registered-but-unlisted tool is
30
+ * invisible to the LLM.
19
31
  */
20
32
  interface PluginApi {
21
33
  pluginConfig?: Record<string, unknown>;
@@ -1 +1 @@
1
- {"version":3,"file":"plugin.d.cts","names":[],"sources":["../src/plugin.ts"],"mappings":";;;;;;;;;;;;;AAsCoD;AAI/B;;;;;UAbX,SAAA,CAyBiE;EA8BrE,YAkOL,CAAA,EAxRgB,MA4DD,CAAA,MAAA,EAAS,OAAA,CAAA;UA3Df;;8BAEoB;+BACC;8BACD;+BACC;;gCAEC,gBAAgB;;;;;;;UAItC,WAAA;;;;;;UAOA,IAAA;;;;cAII;wCAC0B,4BAA4B;;cA8B9D;;;;;gBAMU"}
1
+ {"version":3,"file":"plugin.d.cts","names":[],"sources":["../src/plugin.ts"],"mappings":";;;;;;;;;;;;;AAkDoD;AAI/B;;;;;;AAYsD;;;;;;;;;;;UAzBjE,SAAA;iBACO;UACP;;8BAEoB;+BACC;8BACD;+BACC;;gCAEC,gBAAgB;;;;;;;UAItC,WAAA;;;;;;UAOA,IAAA;;;;cAII;wCAC0B,4BAA4B;;cA8B9D;;;;;gBAMU"}
package/dist/plugin.d.ts CHANGED
@@ -7,15 +7,27 @@
7
7
  * attributable, deliberate-publish knowledge that humans and other agents
8
8
  * read and contribute to.
9
9
  *
10
+ * Shared knowledge is curated DOCUMENTS (+ scope profiles). There is no
11
+ * free-floating "fact" primitive: an agent that learns something durable
12
+ * finds the right document and edits it in (search → read_doc → write_doc /
13
+ * propose_change). Quick or uncertain capture belongs in the agent's private
14
+ * per-agent memory, not shared knowledge.
15
+ *
10
16
  * Backed by:
11
- * - services/knowledge — RAG search (vector index over docs + facts)
17
+ * - services/knowledge — RAG search (vector index over docs)
12
18
  * - services/org — system of record + per-agent membership gate
13
- * (docs, facts, profile)
19
+ * (docs, profile)
14
20
  *
15
21
  * Registers:
16
22
  * - Tools: resource_search, resource_read_doc, resource_write_doc,
17
- * resource_write_fact, resource_get_profile, resource_list_scopes
23
+ * resource_get_profile, resource_list_scopes,
24
+ * resource_propose_change, resource_list_change_requests
18
25
  * - Lifecycle hook: before_agent_start (bounded org-profile + scope-list inject)
26
+ *
27
+ * NOTE: every tool name here MUST also appear in `openclaw.plugin.json`'s
28
+ * `contracts.tools` allowlist — OpenClaw (2026.5+) gates the model's tool
29
+ * payload on that strict-literal list, so a registered-but-unlisted tool is
30
+ * invisible to the LLM.
19
31
  */
20
32
  interface PluginApi {
21
33
  pluginConfig?: Record<string, unknown>;
@@ -1 +1 @@
1
- {"version":3,"file":"plugin.d.ts","names":[],"sources":["../src/plugin.ts"],"mappings":";;;;;;;;;;;;;AAsCoD;AAI/B;;;;;UAbX,SAAA,CAyBiE;EA8BrE,YAkOL,CAAA,EAxRgB,MA4DD,CAAA,MAAA,EAAS,OAAA,CAAA;UA3Df;;8BAEoB;+BACC;8BACD;+BACC;;gCAEC,gBAAgB;;;;;;;UAItC,WAAA;;;;;;UAOA,IAAA;;;;cAII;wCAC0B,4BAA4B;;cA8B9D;;;;;gBAMU"}
1
+ {"version":3,"file":"plugin.d.ts","names":[],"sources":["../src/plugin.ts"],"mappings":";;;;;;;;;;;;;AAkDoD;AAI/B;;;;;;AAYsD;;;;;;;;;;;UAzBjE,SAAA;iBACO;UACP;;8BAEoB;+BACC;8BACD;+BACC;;gCAEC,gBAAgB;;;;;;;UAItC,WAAA;;;;;;UAOA,IAAA;;;;cAII;wCAC0B,4BAA4B;;cA8B9D;;;;;gBAMU"}
package/dist/plugin2.cjs CHANGED
@@ -8,16 +8,17 @@ function snippet(text) {
8
8
  return clean.length > SNIPPET_MAX ? `${clean.slice(0, SNIPPET_MAX)}…` : clean;
9
9
  }
10
10
  /**
11
- * Format RAG search hits for a tool return. Each hit carries provenance so
12
- * the agent can follow up: docs point at a `filePath` (already mirrored to
13
- * `shared/<scope>/`), facts at a `factId`.
11
+ * Format RAG search hits for a tool return. Every live hit is a document and
12
+ * points at a `filePath` (already mirrored to `shared/<scope>/`) the agent can
13
+ * read or edit. (Legacy fact vectors may still carry no filePath — they render
14
+ * without a path rather than being special-cased.)
14
15
  */
15
16
  function formatSearchResults(result) {
16
17
  if (result.results.length === 0) return "No matching knowledge found in your scopes.";
17
18
  const lines = [];
18
19
  for (const hit of result.results) {
19
20
  const where = `${hit.scopeType}:${hit.scopeId}`;
20
- const ref = hit.source === "doc" ? `doc ${hit.filePath ?? "?"}` : `fact ${hit.factId ?? "?"}`;
21
+ const ref = `doc ${hit.filePath ?? "?"}`;
21
22
  lines.push(`- [${where}] (${ref}, score ${hit.score.toFixed(2)})\n ${snippet(hit.text)}`);
22
23
  }
23
24
  if (result.truncatedScopes) lines.push("(Note: you belong to more scopes than the search fan-out cap; narrow with scopeId to reach the rest.)");
@@ -101,15 +102,27 @@ var AutoContext = class {
101
102
  * attributable, deliberate-publish knowledge that humans and other agents
102
103
  * read and contribute to.
103
104
  *
105
+ * Shared knowledge is curated DOCUMENTS (+ scope profiles). There is no
106
+ * free-floating "fact" primitive: an agent that learns something durable
107
+ * finds the right document and edits it in (search → read_doc → write_doc /
108
+ * propose_change). Quick or uncertain capture belongs in the agent's private
109
+ * per-agent memory, not shared knowledge.
110
+ *
104
111
  * Backed by:
105
- * - services/knowledge — RAG search (vector index over docs + facts)
112
+ * - services/knowledge — RAG search (vector index over docs)
106
113
  * - services/org — system of record + per-agent membership gate
107
- * (docs, facts, profile)
114
+ * (docs, profile)
108
115
  *
109
116
  * Registers:
110
117
  * - Tools: resource_search, resource_read_doc, resource_write_doc,
111
- * resource_write_fact, resource_get_profile, resource_list_scopes
118
+ * resource_get_profile, resource_list_scopes,
119
+ * resource_propose_change, resource_list_change_requests
112
120
  * - Lifecycle hook: before_agent_start (bounded org-profile + scope-list inject)
121
+ *
122
+ * NOTE: every tool name here MUST also appear in `openclaw.plugin.json`'s
123
+ * `contracts.tools` allowlist — OpenClaw (2026.5+) gates the model's tool
124
+ * payload on that strict-literal list, so a registered-but-unlisted tool is
125
+ * invisible to the LLM.
113
126
  */
114
127
  const pkg = (0, node_module.createRequire)(require("url").pathToFileURL(__filename).href)("../package.json");
115
128
  const DEFAULT_CONFIG = {
@@ -137,7 +150,7 @@ function asScopeType(value) {
137
150
  const plugin = {
138
151
  id: "@alfe.ai/openclaw-knowledge",
139
152
  name: "Knowledge Resources",
140
- description: "Scoped, searchable org/team/project knowledge — docs, facts, and profiles",
153
+ description: "Scoped, searchable org/team/project knowledge — curated docs and profiles",
141
154
  version: pkg.version,
142
155
  register(api) {
143
156
  const config = resolvePluginConfig(api.pluginConfig);
@@ -151,7 +164,7 @@ const plugin = {
151
164
  api.registerTool(() => ({
152
165
  name: "resource_search",
153
166
  label: "Resource Search",
154
- description: "Semantically search shared knowledge (docs + facts) across the org, teams, and projects you belong to. Returns provenance: doc hits point at a filePath, fact hits at a factId. Docs are ALSO already synced to your workspace under shared/<scope>/, so for a small corpus just read those files directly — search earns its keep on LARGE doc corpora and on published facts. Pass scopeType+scopeId to narrow to one scope; omit to search all your scopes.",
167
+ description: "Semantically search shared knowledge documents across the org, teams, and projects you belong to. Each hit points at the doc's filePath so you can read or edit it. Docs are ALSO already synced to your workspace under shared/<scope>/, so for a small corpus just read those files directly — search earns its keep on LARGE doc corpora. Pass scopeType+scopeId to narrow to one scope; omit to search all your scopes.",
155
168
  parameters: {
156
169
  type: "object",
157
170
  properties: {
@@ -220,7 +233,7 @@ const plugin = {
220
233
  api.registerTool(() => ({
221
234
  name: "resource_write_doc",
222
235
  label: "Resource Write Doc",
223
- description: "Create or overwrite a knowledge DOC in a scope. Use a DOC for durable, reshaped, human-readable prose that grows and is curated over time — runbooks, designs, onboarding notes, an evolving description of a system. Use resource_write_fact instead for a single crisp atomic statement. Writing is a DELIBERATE publish into shared, attributable knowledge (not your private memory). Overwriting an existing path creates a new revision (history is kept).",
236
+ description: "Create or overwrite a knowledge DOC in a scope. Docs are the ONLY unit of shared knowledge: when you learn something durable, find the right existing doc (resource_search → resource_read_doc) and edit it in, or create a new one if none fits — do NOT scatter free-floating notes. Use a DOC for durable, reshaped, human-readable prose that grows and is curated over time — runbooks, designs, onboarding notes, an evolving description of a system. Writing is a DELIBERATE publish into shared, attributable knowledge; quick or uncertain capture belongs in your private memory instead. Overwriting an existing path creates a new revision (history is kept).",
224
237
  parameters: {
225
238
  type: "object",
226
239
  properties: {
@@ -260,39 +273,6 @@ const plugin = {
260
273
  }
261
274
  }
262
275
  }), { names: ["resource_write_doc"] });
263
- api.registerTool(() => ({
264
- name: "resource_write_fact",
265
- label: "Resource Write Fact",
266
- description: "Publish a single crisp FACT into a scope's shared knowledge. Use a FACT for one atomic, durable statement worth remembering across agents (e.g. 'The prod data center is in Hetzner FSN1', 'The billing owner is Kevin'). Use resource_write_doc instead for longer curated prose. This is a DELIBERATE, attributable cross-agent publish — it is NOT your private memory and is NOT an automatic merge. Keep it short and self-contained.",
267
- parameters: {
268
- type: "object",
269
- properties: {
270
- scopeType: SCOPE_TYPE_PROP,
271
- scopeId: {
272
- type: "string",
273
- description: "The scope's id (from resource_list_scopes)"
274
- },
275
- text: {
276
- type: "string",
277
- description: "The fact — one atomic, self-contained statement"
278
- }
279
- },
280
- required: [
281
- "scopeType",
282
- "scopeId",
283
- "text"
284
- ]
285
- },
286
- execute: async (_toolCallId, params) => {
287
- const scopeType = asScopeType(params.scopeType);
288
- if (!scopeType) return "Error: scopeType must be one of org, team, project.";
289
- try {
290
- return `Published fact ${(await client.createScopeFact(scopeType, params.scopeId, params.text)).factId} to ${scopeType}:${String(params.scopeId)}.`;
291
- } catch (err) {
292
- return `Error publishing fact: ${err instanceof Error ? err.message : String(err)}`;
293
- }
294
- }
295
- }), { names: ["resource_write_fact"] });
296
276
  api.registerTool(() => ({
297
277
  name: "resource_get_profile",
298
278
  label: "Resource Get Profile",
@@ -342,6 +322,148 @@ const plugin = {
342
322
  }
343
323
  }
344
324
  }), { names: ["resource_list_scopes"] });
325
+ api.registerTool(() => ({
326
+ name: "resource_propose_change",
327
+ label: "Resource Propose Change",
328
+ description: "Propose a change to a scope's shared knowledge (doc / profile) WITHOUT writing it directly. Use this ONLY as the contribution path to a scope you are NOT a member of — resource_write_doc will be refused there, but a proposal is always allowed. If you ARE a member of the scope (it appears in resource_list_scopes), just write directly instead; proposing would be redundant. A proposal is INERT: nothing changes until a reviewer with authority over the scope approves it, so this does not grant you any read access to the scope. Always give a clear `rationale` — the reviewer sees it.\nPayload by resourceType:\n • doc — set operation (create|update|delete), targetPath (e.g. designs/data-center.md); for create/update also pass the full markdown `content`.\n • profile — operation is always 'update'; pass any of about / description / links.",
329
+ parameters: {
330
+ type: "object",
331
+ properties: {
332
+ scopeType: SCOPE_TYPE_PROP,
333
+ scopeId: {
334
+ type: "string",
335
+ description: "The target scope's id (for 'org' this is the tenantId)"
336
+ },
337
+ resourceType: {
338
+ type: "string",
339
+ enum: ["doc", "profile"],
340
+ description: "Which knowledge resource the proposal targets"
341
+ },
342
+ operation: {
343
+ type: "string",
344
+ enum: [
345
+ "create",
346
+ "update",
347
+ "delete"
348
+ ],
349
+ description: "The proposed operation (profile supports 'update' only)"
350
+ },
351
+ rationale: {
352
+ type: "string",
353
+ description: "Why this change should be made — shown to the reviewer"
354
+ },
355
+ targetPath: {
356
+ type: "string",
357
+ description: "doc only: path within the scope, e.g. notes/runbook.md"
358
+ },
359
+ content: {
360
+ type: "string",
361
+ description: "doc create/update only: full markdown content of the proposed doc"
362
+ },
363
+ about: {
364
+ type: "string",
365
+ description: "profile update only: the scope's 'about' line"
366
+ },
367
+ description: {
368
+ type: "string",
369
+ description: "profile update only: the scope's longer description"
370
+ },
371
+ links: {
372
+ type: "array",
373
+ description: "profile update only: list of { label, url } links",
374
+ items: {
375
+ type: "object",
376
+ properties: {
377
+ label: { type: "string" },
378
+ url: { type: "string" }
379
+ },
380
+ required: ["label", "url"]
381
+ }
382
+ }
383
+ },
384
+ required: [
385
+ "scopeType",
386
+ "scopeId",
387
+ "resourceType",
388
+ "operation",
389
+ "rationale"
390
+ ]
391
+ },
392
+ execute: async (_toolCallId, params) => {
393
+ const scopeType = asScopeType(params.scopeType);
394
+ if (!scopeType) return "Error: scopeType must be one of org, team, project.";
395
+ const resourceType = params.resourceType;
396
+ if (resourceType !== "doc" && resourceType !== "profile") return "Error: resourceType must be one of doc, profile.";
397
+ const operation = params.operation;
398
+ if (operation !== "create" && operation !== "update" && operation !== "delete") return "Error: operation must be one of create, update, delete.";
399
+ const rationale = typeof params.rationale === "string" ? params.rationale : "";
400
+ if (!rationale) return "Error: rationale is required.";
401
+ let proposedValue;
402
+ if (resourceType === "profile") {
403
+ const links = Array.isArray(params.links) ? params.links : void 0;
404
+ proposedValue = {
405
+ about: typeof params.about === "string" ? params.about : void 0,
406
+ description: typeof params.description === "string" ? params.description : void 0,
407
+ links
408
+ };
409
+ }
410
+ try {
411
+ const cr = await client.proposeScopeChange(scopeType, params.scopeId, {
412
+ resourceType,
413
+ operation,
414
+ rationale,
415
+ targetPath: typeof params.targetPath === "string" ? params.targetPath : void 0,
416
+ content: typeof params.content === "string" ? params.content : void 0,
417
+ proposedValue
418
+ });
419
+ return `Proposed ${cr.resourceType} ${cr.operation} to ${scopeType}:${String(params.scopeId)} (change request ${cr.changeRequestId}, status ${cr.status}). It is inert until a scope reviewer approves it.`;
420
+ } catch (err) {
421
+ return `Error proposing change: ${err instanceof Error ? err.message : String(err)}`;
422
+ }
423
+ }
424
+ }), { names: ["resource_propose_change"] });
425
+ api.registerTool(() => ({
426
+ name: "resource_list_change_requests",
427
+ label: "Resource List Change Requests",
428
+ description: "List the change requests YOU have proposed in a scope, to track whether they are still open, approved, rejected, or withdrawn. Optionally filter by status. Only your own proposals are returned.",
429
+ parameters: {
430
+ type: "object",
431
+ properties: {
432
+ scopeType: SCOPE_TYPE_PROP,
433
+ scopeId: {
434
+ type: "string",
435
+ description: "The scope's id (for 'org' this is the tenantId)"
436
+ },
437
+ status: {
438
+ type: "string",
439
+ enum: [
440
+ "open",
441
+ "approved",
442
+ "rejected",
443
+ "withdrawn",
444
+ "superseded"
445
+ ],
446
+ description: "Optional: only return proposals in this status"
447
+ }
448
+ },
449
+ required: ["scopeType", "scopeId"]
450
+ },
451
+ execute: async (_toolCallId, params) => {
452
+ const scopeType = asScopeType(params.scopeType);
453
+ if (!scopeType) return "Error: scopeType must be one of org, team, project.";
454
+ const status = params.status;
455
+ try {
456
+ const { changeRequests } = await client.listScopeChangeRequests(scopeType, params.scopeId, { status: status === "open" || status === "approved" || status === "rejected" || status === "withdrawn" || status === "superseded" ? status : void 0 });
457
+ if (changeRequests.length === 0) return "You have no change requests in this scope.";
458
+ return changeRequests.map((cr) => {
459
+ const target = cr.targetPath ?? cr.resourceType;
460
+ return `- ${cr.changeRequestId} [${cr.status}] ${cr.resourceType} ${cr.operation} → ${target}`;
461
+ }).join("\n");
462
+ } catch (err) {
463
+ return `Error listing change requests: ${err instanceof Error ? err.message : String(err)}`;
464
+ }
465
+ }
466
+ }), { names: ["resource_list_change_requests"] });
345
467
  api.on("before_agent_start", async () => {
346
468
  const block = await autoContext.loadForPrompt();
347
469
  if (block) return { prependContext: block };