@askexenow/exe-os 0.9.299 → 0.9.301

package/dist/chunk-KGY5QIOJ.js

@@ -0,0 +1,1350 @@
+import {
+  ingest
+} from "./chunk-WCUZX7F7.js";
+import {
+  listWorkflowDefinitions,
+  runWorkflow,
+  startWorkflow
+} from "./chunk-SDPUWZP5.js";
+import {
+  initCRMBridge
+} from "./chunk-ONKIWA3R.js";
+import {
+  orgBus
+} from "./chunk-MP2AFCGL.js";
+
+// src/gateway/router.ts
+function matchesPlatform(msgPlatform, matchPlatform) {
+  if (!matchPlatform) return true;
+  const platforms = Array.isArray(matchPlatform) ? matchPlatform : [matchPlatform];
+  return platforms.includes(msgPlatform);
+}
+function matchesChannel(msgChannel, matchChannel) {
+  if (!matchChannel) return true;
+  const channels = Array.isArray(matchChannel) ? matchChannel : [matchChannel];
+  return channels.includes(msgChannel);
+}
+var MAX_REGEX_LENGTH = 200;
+function safeRegExp(pattern, flags) {
+  if (pattern.length > MAX_REGEX_LENGTH) return null;
+  try {
+    return new RegExp(pattern, flags);
+  } catch {
+    return null;
+  }
+}
+function matchesSender(msgSender, matchSender) {
+  if (!matchSender) return true;
+  const re = safeRegExp(matchSender);
+  return re ? re.test(msgSender) : false;
+}
+function matchesTextPattern(msgText, matchPattern) {
+  if (!matchPattern) return true;
+  const re = safeRegExp(matchPattern, "i");
+  return re ? re.test(msgText) : false;
+}
+function matchesRoute(msg, match) {
+  return matchesPlatform(msg.platform, match.platform) && matchesChannel(msg.channelId, match.channelId) && matchesSender(msg.senderId, match.senderId) && matchesTextPattern(msg.text, match.textPattern);
+}
+function routeMessage(msg, config) {
+  for (const route of config.routes) {
+    if (matchesRoute(msg, route.match)) {
+      return {
+        employee: route.target,
+        modelTier: route.modelTier,
+        permissions: route.permissions,
+        routeName: route.name
+      };
+    }
+  }
+  return {
+    employee: config.defaultRoute,
+    modelTier: config.defaultModelTier,
+    permissions: config.defaultPermissions,
+    routeName: "default"
+  };
+}
+function validateGatewayConfig(config) {
+  const warnings = [];
+  if (!config.routes.length) {
+    warnings.push("No routes configured \u2014 all messages will use default route");
+  }
+  if (!config.defaultRoute) {
+    warnings.push("No default route specified");
+  }
+  const names = /* @__PURE__ */ new Set();
+  for (const route of config.routes) {
+    if (names.has(route.name)) {
+      warnings.push(`Duplicate route name: "${route.name}"`);
+    }
+    names.add(route.name);
+    if (!route.target) {
+      warnings.push(`Route "${route.name}" has no target employee`);
+    }
+    if (route.match.senderId && !safeRegExp(route.match.senderId)) {
+      warnings.push(`Route "${route.name}" has invalid senderId regex: ${route.match.senderId}`);
+    }
+    if (route.match.textPattern && !safeRegExp(route.match.textPattern, "i")) {
+      warnings.push(`Route "${route.name}" has invalid textPattern regex: ${route.match.textPattern}`);
+    }
+    const isEmptyMatch = !route.match.platform && !route.match.channelId && !route.match.senderId && !route.match.textPattern;
+    if (isEmptyMatch && config.routes.indexOf(route) !== config.routes.length - 1) {
+      warnings.push(
+        `Route "${route.name}" matches everything but is not the last route \u2014 routes after it will never match`
+      );
+    }
+  }
+  return warnings;
+}
+
+// src/gateway/reliability.ts
+var DEFAULT_RETRY = {
+  maxRetries: 3,
+  baseDelayMs: 1e3,
+  maxDelayMs: 4e3
+};
+async function retryWithBackoff(fn, config = {}) {
+  const { maxRetries, baseDelayMs, maxDelayMs } = {
+    ...DEFAULT_RETRY,
+    ...config
+  };
+  let lastError;
+  for (let attempt = 0; attempt <= maxRetries; attempt++) {
+    try {
+      return await fn();
+    } catch (err) {
+      lastError = err instanceof Error ? err : new Error(String(err));
+      if (attempt < maxRetries) {
+        const delay = Math.min(baseDelayMs * 2 ** attempt, maxDelayMs);
+        await new Promise((r) => setTimeout(r, delay));
+      }
+    }
+  }
+  throw lastError;
+}
+var DEFAULT_CIRCUIT = {
+  windowMs: 6e4,
+  failureThreshold: 0.5,
+  minimumRequests: 5,
+  halfOpenAfterMs: 3e4
+};
+var CircuitBreaker = class {
+  state = "closed";
+  records = [];
+  lastStateChange = Date.now();
+  config;
+  name;
+  constructor(name, config = {}) {
+    this.name = name;
+    this.config = { ...DEFAULT_CIRCUIT, ...config };
+  }
+  /** Check if a request should be allowed through */
+  canRequest() {
+    this.pruneRecords();
+    if (this.state === "closed") return true;
+    if (this.state === "open") {
+      const elapsed = Date.now() - this.lastStateChange;
+      if (elapsed >= this.config.halfOpenAfterMs) {
+        this.transition("half-open");
+        return true;
+      }
+      return false;
+    }
+    return true;
+  }
+  /** Record a successful request */
+  recordSuccess() {
+    this.records.push({ timestamp: Date.now(), success: true });
+    if (this.state === "half-open") {
+      this.transition("closed");
+    }
+  }
+  /** Record a failed request */
+  recordFailure() {
+    this.records.push({ timestamp: Date.now(), success: false });
+    if (this.state === "half-open") {
+      this.transition("open");
+      return;
+    }
+    if (this.state === "closed") {
+      this.pruneRecords();
+      if (this.records.length >= this.config.minimumRequests) {
+        const failures = this.records.filter((r) => !r.success).length;
+        const rate = failures / this.records.length;
+        if (rate >= this.config.failureThreshold) {
+          this.transition("open");
+        }
+      }
+    }
+  }
+  /** Get current circuit state */
+  getState() {
+    if (this.state === "open") {
+      const elapsed = Date.now() - this.lastStateChange;
+      if (elapsed >= this.config.halfOpenAfterMs) {
+        this.transition("half-open");
+      }
+    }
+    return this.state;
+  }
+  /** Get failure rate in current window */
+  getFailureRate() {
+    this.pruneRecords();
+    if (this.records.length === 0) return 0;
+    const failures = this.records.filter((r) => !r.success).length;
+    return failures / this.records.length;
+  }
+  /** Reset the circuit breaker */
+  reset() {
+    this.records = [];
+    this.transition("closed");
+  }
+  transition(newState) {
+    this.state = newState;
+    this.lastStateChange = Date.now();
+  }
+  pruneRecords() {
+    const cutoff = Date.now() - this.config.windowMs;
+    while (this.records.length > 0 && this.records[0].timestamp < cutoff) {
+      this.records.shift();
+    }
+  }
+};
+function buildDegradationMessage() {
+  return "I'm having trouble right now. Let me get a human to help you.";
+}
+
+// src/gateway/types.ts
+var FULL_ACCESS = {
+  canRead: true,
+  canWrite: true,
+  canExecute: true
+};
+var READ_ONLY = {
+  canRead: true,
+  canWrite: false,
+  canExecute: false
+};
+var READ_TOOLS = [
+  "ask_team_memory",
+  "recall_my_memory",
+  "list_tasks",
+  "get_session_context",
+  "get_memory_by_id",
+  "list_reminders",
+  "query_conversations"
+];
+var WRITE_TOOLS = [
+  "create_task",
+  "update_task",
+  "send_message",
+  "store_memory",
+  "store_behavior",
+  "create_reminder",
+  "complete_reminder"
+];
+var EXECUTE_TOOLS = ["close_task"];
+
+// src/gateway/permission-guard.ts
+var TOOL_CLASSIFICATION = /* @__PURE__ */ new Map();
+for (const tool of READ_TOOLS) TOOL_CLASSIFICATION.set(tool, "canRead");
+for (const tool of WRITE_TOOLS) TOOL_CLASSIFICATION.set(tool, "canWrite");
+for (const tool of EXECUTE_TOOLS) TOOL_CLASSIFICATION.set(tool, "canExecute");
+function classifyTool(toolName) {
+  return TOOL_CLASSIFICATION.get(toolName) ?? null;
+}
+function checkToolPermission(toolName, permissions) {
+  const classification = classifyTool(toolName);
+  if (!classification) {
+    return {
+      allowed: false,
+      tool: toolName,
+      requiredPermission: "canExecute",
+      reason: `Unknown tool "${toolName}" is not in the allowed tool list`
+    };
+  }
+  const allowed = permissions[classification];
+  return {
+    allowed,
+    tool: toolName,
+    requiredPermission: classification,
+    reason: allowed ? void 0 : `Tool "${toolName}" requires ${classification} permission, which is not granted on this channel`
+  };
+}
+function guardToolUseBlocks(blocks, permissions) {
+  const allowed = [];
+  const blocked = [];
+  for (const block of blocks) {
+    const result = checkToolPermission(block.name, permissions);
+    if (result.allowed) {
+      allowed.push(block);
+    } else {
+      blocked.push({ block, check: result });
+    }
+  }
+  return { allowed, blocked };
+}
+function checkSenderAllowlist(senderId, config) {
+  if (!config || config.allowlist.length === 0) {
+    return { allowed: true, mode: "none" };
+  }
+  const normalizedSender = senderId.trim().toLowerCase();
+  const isAllowed = config.allowlist.some(
+    (id) => id.trim().toLowerCase() === normalizedSender
+  );
+  if (isAllowed) {
+    return { allowed: true, mode: config.allowlist_mode };
+  }
+  if (config.allowlist_mode === "log") {
+    console.warn(
+      `[sender-allowlist] Unknown sender "${senderId}" \u2014 logging (mode=log)`
+    );
+    return { allowed: true, mode: "log", reason: "Unknown sender (logged)" };
+  }
+  return {
+    allowed: false,
+    mode: "strict",
+    reason: config.reject_message ?? "This service is not available to you."
+  };
+}
+var BOUNDARY_MARKER = "--- EXTERNAL USER MESSAGE (untrusted input) ---";
+var INJECTION_PATTERNS = [
+  /ignore\s+(all\s+)?previous\s+instructions/gi,
+  /ignore\s+(all\s+)?prior\s+instructions/gi,
+  /you\s+are\s+now\b/gi,
+  /^system\s*:/gim,
+  /^ADMIN\s*:/gim,
+  /^DEVELOPER\s*:/gim,
+  /^ASSISTANT\s*:/gim,
+  /^HUMAN\s*:/gim,
+  /\bdo\s+not\s+follow\s+(your|the)\s+(rules|instructions|guidelines)\b/gi,
+  /\boverride\s+(your|all|the)\s+(rules|instructions|constraints)\b/gi,
+  /\bforget\s+(your|all|previous)\s+(rules|instructions|context)\b/gi,
+  /\bnew\s+instructions?\s*:/gi,
+  /\<\/?system\>/gi,
+  /\[\s*SYSTEM\s*\]/gi
+];
+function sanitizeInboundMessage(text) {
+  let sanitized = text;
+  for (const pattern of INJECTION_PATTERNS) {
+    pattern.lastIndex = 0;
+    sanitized = sanitized.replace(pattern, "[FILTERED]");
+  }
+  return `${BOUNDARY_MARKER}
+${sanitized}`;
+}
+var OutboundRateLimiter = class {
+  contacts = /* @__PURE__ */ new Map();
+  maxPerMinute;
+  constructor(maxPerMinute = 5) {
+    this.maxPerMinute = maxPerMinute;
+  }
+  /**
+   * Check if an outbound message to this contact is allowed.
+   * Returns true if under the rate limit.
+   */
+  check(contactId) {
+    const now = Date.now();
+    const windowMs = 6e4;
+    let entry = this.contacts.get(contactId);
+    if (!entry) {
+      entry = { timestamps: [] };
+      this.contacts.set(contactId, entry);
+    }
+    entry.timestamps = entry.timestamps.filter((t) => now - t < windowMs);
+    if (entry.timestamps.length >= this.maxPerMinute) {
+      return { allowed: false, remaining: 0 };
+    }
+    entry.timestamps.push(now);
+    return {
+      allowed: true,
+      remaining: this.maxPerMinute - entry.timestamps.length
+    };
+  }
+  /** Reset limiter state (for testing) */
+  reset() {
+    this.contacts.clear();
+  }
+};
+function buildPermissionContext(platform, permissions) {
+  if (permissions.canRead && permissions.canWrite && permissions.canExecute) {
+    return `[FULL ACCESS \u2014 you can read, write, and execute via ${platform}]`;
+  }
+  if (permissions.canRead && !permissions.canWrite && !permissions.canExecute) {
+    return `[READ-ONLY \u2014 this ${platform} channel cannot create tasks, send messages, or execute commands. Tell the founder to use Signal for commands.]`;
+  }
+  const parts = [];
+  if (permissions.canRead) parts.push("read");
+  if (permissions.canWrite) parts.push("write");
+  if (permissions.canExecute) parts.push("execute");
+  return `[${platform.toUpperCase()} \u2014 allowed: ${parts.join(", ")}]`;
+}
+
+// src/gateway/workflow-triggers.ts
+var _patterns = [];
+function matchPatterns(msg, eventType = "message.inbound") {
+  return _patterns.filter((p) => {
+    if (!p.enabled) return false;
+    if (p.eventType !== eventType && p.eventType !== "*") return false;
+    if (p.platformMatch && p.platformMatch !== msg.platform) return false;
+    if (p.senderMatch && p.senderMatch !== msg.senderId) return false;
+    if (p.textMatch && !msg.text.toLowerCase().includes(p.textMatch.toLowerCase())) return false;
+    return true;
+  });
+}
+async function processWorkflowTriggers(msg, eventType = "message.inbound") {
+  if (_patterns.length === 0) return 0;
+  const matches = matchPatterns(msg, eventType);
+  if (matches.length === 0) return 0;
+  let started = 0;
+  for (const pattern of matches) {
+    const defs = listWorkflowDefinitions();
+    const def = defs.find((d) => d.id === pattern.workflowDefinitionId);
+    if (!def) {
+      console.error(
+        `[workflow-triggers] Pattern "${pattern.name}" references unknown definition: ${pattern.workflowDefinitionId}`
+      );
+      continue;
+    }
+    try {
+      const instance = startWorkflow(pattern.workflowDefinitionId, {
+        platform: msg.platform,
+        senderId: msg.senderId,
+        senderName: msg.senderName,
+        text: msg.text,
+        channelId: msg.channelId,
+        messageId: msg.messageId,
+        timestamp: msg.timestamp ?? (/* @__PURE__ */ new Date()).toISOString(),
+        triggerId: pattern.id,
+        triggerName: pattern.name
+      });
+      await runWorkflow(instance.id);
+      started++;
+      console.log(
+        `[workflow-triggers] Started workflow "${def.name}" (${instance.id}) from trigger "${pattern.name}"`
+      );
+    } catch (err) {
+      console.error(
+        `[workflow-triggers] Failed to start workflow for trigger "${pattern.name}":`,
+        err instanceof Error ? err.message : err
+      );
+    }
+  }
+  return started;
+}
+
+// src/gateway/media-r2-bridge.ts
+import { readFileSync } from "fs";
+
+// src/lib/r2-media.ts
+import {
+  S3Client,
+  PutObjectCommand,
+  GetObjectCommand,
+  DeleteObjectCommand,
+  HeadObjectCommand
+} from "@aws-sdk/client-s3";
+import { getSignedUrl } from "@aws-sdk/s3-request-presigner";
+import { randomUUID } from "crypto";
+import path from "path";
+function loadR2Config() {
+  const bucket = process.env.R2_MEDIA_BUCKET?.trim();
+  const endpoint = process.env.R2_MEDIA_ENDPOINT?.trim();
+  const accessKeyId = process.env.R2_MEDIA_ACCESS_KEY?.trim();
+  const secretAccessKey = process.env.R2_MEDIA_SECRET_KEY?.trim();
+  if (!bucket || !endpoint || !accessKeyId || !secretAccessKey) return null;
+  return {
+    bucket,
+    endpoint,
+    accessKeyId,
+    secretAccessKey,
+    publicUrl: process.env.R2_MEDIA_PUBLIC_URL?.trim() || void 0
+  };
+}
+var _client = null;
+var _config = null;
+function getClient() {
+  if (_client && _config) return { client: _client, config: _config };
+  const config = loadR2Config();
+  if (!config) return null;
+  _client = new S3Client({
+    region: "auto",
+    endpoint: config.endpoint,
+    credentials: {
+      accessKeyId: config.accessKeyId,
+      secretAccessKey: config.secretAccessKey
+    }
+  });
+  _config = config;
+  return { client: _client, config: _config };
+}
+function isR2MediaConfigured() {
+  return loadR2Config() !== null;
+}
+async function uploadMedia(data, filename, product, contentType) {
+  const r2 = getClient();
+  if (!r2) return null;
+  const ext = path.extname(filename) || "";
+  const key = `media/${product}/${randomUUID()}${ext}`;
+  await r2.client.send(
+    new PutObjectCommand({
+      Bucket: r2.config.bucket,
+      Key: key,
+      Body: data,
+      ContentType: contentType || guessMimeType(ext)
+    })
+  );
+  const url = r2.config.publicUrl ? `${r2.config.publicUrl}/${key}` : await getPresignedUrl(key, 3600);
+  return { key, url, size: data.length };
+}
+async function getPresignedUrl(key, expiresIn = 3600) {
+  const r2 = getClient();
+  if (!r2) throw new Error("R2 media storage is not configured");
+  return getSignedUrl(
+    r2.client,
+    new GetObjectCommand({
+      Bucket: r2.config.bucket,
+      Key: key
+    }),
+    { expiresIn }
+  );
+}
+function guessMimeType(ext) {
+  const map = {
+    ".jpg": "image/jpeg",
+    ".jpeg": "image/jpeg",
+    ".png": "image/png",
+    ".gif": "image/gif",
+    ".webp": "image/webp",
+    ".svg": "image/svg+xml",
+    ".mp4": "video/mp4",
+    ".webm": "video/webm",
+    ".mp3": "audio/mpeg",
+    ".wav": "audio/wav",
+    ".pdf": "application/pdf",
+    ".json": "application/json",
+    ".txt": "text/plain"
+  };
+  return map[ext.toLowerCase()] || "application/octet-stream";
+}
+
+// src/gateway/media-r2-bridge.ts
+async function uploadMediaAttachments(msg) {
+  if (!isR2MediaConfigured()) return 0;
+  if (!msg.media || msg.media.length === 0) return 0;
+  let uploaded = 0;
+  for (const attachment of msg.media) {
+    if (attachment.url) continue;
+    if (!attachment.localPath) continue;
+    try {
+      const data = readFileSync(attachment.localPath);
+      const filename = attachment.fileName ?? `media.${attachment.type}`;
+      const result = await uploadMedia(data, filename, msg.platform);
+      if (result) {
+        attachment.url = result.url;
+        uploaded++;
+      }
+    } catch (err) {
+      console.error(
+        `[media-r2-bridge] Failed to upload ${attachment.localPath}:`,
+        err instanceof Error ? err.message : err
+      );
+    }
+  }
+  return uploaded;
+}
+
+// src/gateway/gateway.ts
+var Gateway = class {
+  config;
+  adapters = /* @__PURE__ */ new Map();
+  platformConfigs;
+  botRegistry;
+  rateLimiter;
+  sessionStore;
+  analytics;
+  alertMonitor;
+  failover;
+  customerStore;
+  startedAt = 0;
+  outboundLimiters = /* @__PURE__ */ new Map();
+  /** Queued outbound messages awaiting coordinator approval (Tier 3) */
+  outboundQueue = [];
+  constructor(options) {
+    this.config = options.config;
+    this.platformConfigs = options.platformConfigs;
+    this.botRegistry = options.botRegistry;
+    this.rateLimiter = options.rateLimiter;
+    this.sessionStore = options.sessionStore;
+    this.analytics = options.analytics;
+    this.alertMonitor = options.alertMonitor;
+    this.failover = options.failover;
+    this.customerStore = options.customerStore;
+  }
+  registerAdapter(adapter) {
+    this.adapters.set(adapter.platform, adapter);
+    adapter.onMessage((msg) => this.handleMessage(msg));
+  }
+  async start() {
+    this.startedAt = Date.now();
+    initCRMBridge();
+    const startPromises = [];
+    for (const [platform, adapter] of this.adapters) {
+      const config = this.platformConfigs.get(platform);
+      if (!config) {
+        console.error(`[gateway] No config for platform: ${platform}`);
+        continue;
+      }
+      console.log(`[gateway] Connecting ${platform}...`);
+      startPromises.push(
+        adapter.connect(config).then(() => {
+          console.log(`[gateway] ${platform} connected`);
+        }).catch((err) => {
+          console.error(`[gateway] ${platform} connection failed:`, err);
+          this.alertMonitor?.alertAdapterDisconnected(
+            platform,
+            err instanceof Error ? err.message : String(err)
+          );
+        })
+      );
+    }
+    await Promise.allSettled(startPromises);
+    console.log(
+      `[gateway] Started with ${this.botRegistry.list().length} bots: ${this.botRegistry.list().join(", ")}`
+    );
+  }
+  async stop() {
+    const stopPromises = [...this.adapters.values()].map(
+      (a) => a.disconnect()
+    );
+    await Promise.allSettled(stopPromises);
+    console.log("[gateway] Stopped");
+  }
+  async handleMessage(msg) {
+    const start = Date.now();
+    if (this.rateLimiter) {
+      const limitResult = this.rateLimiter.check(msg.senderId);
+      if (!limitResult.allowed) {
+        const adapter2 = this.adapters.get(msg.platform);
+        if (adapter2) {
+          await adapter2.sendText(msg.channelId, limitResult.reason ?? "Please slow down.");
+        }
+        return;
+      }
+    }
+    const platformConfig = this.platformConfigs.get(msg.platform);
+    const senderCheck = checkSenderAllowlist(
+      msg.senderId,
+      platformConfig?.senderAllowlist
+    );
+    if (!senderCheck.allowed) {
+      console.warn(
+        `[gateway] Sender rejected by allowlist: ${msg.senderId} on ${msg.platform}`
+      );
+      const adapter2 = this.adapters.get(msg.platform);
+      if (adapter2 && senderCheck.reason) {
+        await adapter2.sendText(msg.channelId, senderCheck.reason);
+      }
+      return;
+    }
+    msg.text = sanitizeInboundMessage(msg.text);
+    this.customerStore?.resolve(msg.platform, msg.senderId);
+    uploadMediaAttachments(msg).catch((err) => {
+      console.error("[gateway] Media R2 upload error:", err);
+    });
+    ingest(msg).catch((err) => {
+      console.error("[gateway] Pipeline inbound ingest error:", err);
+    });
+    processWorkflowTriggers(msg).catch((err) => {
+      console.error("[gateway] Workflow trigger error:", err);
+    });
+    const route = routeMessage(msg, this.config);
+    console.log(
+      `[gateway] ${msg.platform}/${msg.senderId} \u2192 ${route.employee} (${route.routeName})`
+    );
+    orgBus.emit({
+      type: "gateway_message",
+      platform: msg.platform,
+      senderId: msg.senderId,
+      botId: route.employee,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    });
+    const bot = this.botRegistry.get(route.employee);
+    if (!bot) {
+      console.error(`[gateway] No bot registered for target: ${route.employee}`);
+      const adapter2 = this.adapters.get(msg.platform);
+      if (adapter2) {
+        await adapter2.sendText(msg.channelId, "Sorry, I'm not available right now.");
+      }
+      return;
+    }
+    const adapter = this.adapters.get(msg.platform);
+    if (!adapter) return;
+    await adapter.sendTyping(msg.channelId);
+    const session = this.sessionStore?.getOrCreate(
+      msg.senderId,
+      route.employee,
+      msg.platform
+    );
+    if (session) {
+      this.sessionStore.addMessage(session.sessionId, {
+        role: "user",
+        content: msg.text
+      });
+    }
+    if (session?.messageCount === 1) {
+      this.analytics?.conversationStarted(msg.platform, route.employee);
+    }
+    try {
+      const response = await bot.processMessage(msg, route.permissions);
+      const latencyMs = Date.now() - start;
+      if (session) {
+        this.sessionStore.addMessage(session.sessionId, {
+          role: "assistant",
+          content: response
+        });
+      }
+      this.analytics?.responseRecorded(
+        msg.platform,
+        route.employee,
+        latencyMs,
+        0,
+        // Token counts not available from BotRuntime yet
+        0,
+        "anthropic",
+        true
+      );
+      this.alertMonitor?.recordEvent(latencyMs, true);
+      const outboundConfig = platformConfig?.outboundConfirm;
+      if (outboundConfig?.enabled) {
+        this.outboundQueue.push({
+          platform: msg.platform,
+          channelId: msg.channelId,
+          text: response,
+          replyToMessageId: msg.messageId,
+          queuedAt: Date.now()
+        });
+        console.log(
+          `[gateway] Outbound queued for approval (${this.outboundQueue.length} pending): ${msg.platform}/${msg.channelId}`
+        );
+      } else {
+        let limiter = this.outboundLimiters.get(msg.platform);
+        if (!limiter) {
+          const maxPerMin = outboundConfig?.rate_limit_per_minute ?? 5;
+          limiter = new OutboundRateLimiter(maxPerMin);
+          this.outboundLimiters.set(msg.platform, limiter);
+        }
+        const rateCheck = limiter.check(msg.senderId);
+        if (!rateCheck.allowed) {
+          console.warn(
+            `[gateway] Outbound rate-limited for ${msg.senderId} on ${msg.platform}`
+          );
+        }
+        await adapter.sendText(msg.channelId, response, {
+          replyToMessageId: msg.messageId
+        });
+      }
+      ingest(msg, response, route.employee).catch((err) => {
+        console.error("[gateway] Pipeline conversation ingest error:", err);
+      });
+    } catch (err) {
+      const latencyMs = Date.now() - start;
+      this.alertMonitor?.recordEvent(latencyMs, false);
+      this.analytics?.responseRecorded(
+        msg.platform,
+        route.employee,
+        latencyMs,
+        0,
+        0,
+        "anthropic",
+        false
+      );
+      console.error(`[gateway] Error processing message:`, err);
+      await adapter.sendText(
+        msg.channelId,
+        buildDegradationMessage()
+      );
+    }
+  }
+  /** Get pending outbound messages awaiting approval (Tier 3) */
+  getOutboundQueue() {
+    return this.outboundQueue.map((item, index) => ({
+      platform: item.platform,
+      channelId: item.channelId,
+      text: item.text,
+      queuedAt: item.queuedAt,
+      index
+    }));
+  }
+  /** Approve and send a queued outbound message (Tier 3) */
+  async approveOutbound(index) {
+    if (index < 0 || index >= this.outboundQueue.length) return false;
+    const item = this.outboundQueue[index];
+    const adapter = this.adapters.get(item.platform);
+    if (!adapter) return false;
+    await adapter.sendText(item.channelId, item.text, {
+      replyToMessageId: item.replyToMessageId
+    });
+    this.outboundQueue.splice(index, 1);
+    return true;
+  }
+  /** Reject a queued outbound message (Tier 3) */
+  rejectOutbound(index) {
+    if (index < 0 || index >= this.outboundQueue.length) return false;
+    this.outboundQueue.splice(index, 1);
+    return true;
+  }
+  /** Health check all adapters + provider health */
+  async healthCheck() {
+    const adapterHealth = /* @__PURE__ */ new Map();
+    for (const [platform, adapter] of this.adapters) {
+      adapterHealth.set(platform, await adapter.healthCheck());
+    }
+    return {
+      adapters: adapterHealth,
+      providers: this.failover?.getProviderHealth(),
+      bots: this.botRegistry.list(),
+      uptime: this.startedAt > 0 ? Date.now() - this.startedAt : 0,
+      sessions: this.sessionStore?.stats(),
+      alerts: this.alertMonitor?.getActiveAlerts().length
+    };
+  }
+};
+
+// src/gateway/bot-errors.ts
+var FatalBotError = class extends Error {
+  constructor(message, cause) {
+    super(message);
+    this.cause = cause;
+    this.name = "FatalBotError";
+  }
+  cause;
+  fatal = true;
+};
+var RecoverableBotError = class extends Error {
+  constructor(message, toolName, cause) {
+    super(message);
+    this.toolName = toolName;
+    this.cause = cause;
+    this.name = "RecoverableBotError";
+  }
+  toolName;
+  cause;
+  recoverable = true;
+};
+var MaxStepsError = class extends Error {
+  constructor(stepsTaken, maxSteps) {
+    super(
+      `Reached maximum steps (${stepsTaken}/${maxSteps}). Returning partial result.`
+    );
+    this.stepsTaken = stepsTaken;
+    this.maxSteps = maxSteps;
+    this.name = "MaxStepsError";
+  }
+  stepsTaken;
+  maxSteps;
+};
+function classifyError(err, toolName) {
+  if (err instanceof FatalBotError) return err;
+  if (err instanceof RecoverableBotError) return err;
+  const message = err instanceof Error ? err.message : String(err);
+  if (message.includes("401") || message.includes("403") || message.includes("authentication") || message.includes("rate_limit")) {
+    return new FatalBotError(message, err);
+  }
+  return new RecoverableBotError(message, toolName, err);
+}
+
+// src/gateway/bot-runtime.ts
+import Anthropic from "@anthropic-ai/sdk";
+var DEFAULT_MODEL = "claude-sonnet-4-20250514";
+var MAX_TURNS = 10;
+var MAX_HISTORY = 50;
+var DEFAULT_PLANNING_INTERVAL = 3;
+function buildExecAssistantSystemPrompt(platform, permissions) {
+  const permContext = buildPermissionContext(platform, permissions);
+  return `You are the founder's executive assistant (agent_id: "ea").
+
+You are a relay between the founder and their AI team. You have access to team memories, task lists, and session context. Your job is to answer the founder's questions by querying the team and presenting clear, synthesized answers.
+
+${permContext}
+
+Your personality:
+- Direct and concise \u2014 the founder is busy
+- Lead with the answer, not the process
+- When summarizing team work, be specific: names, counts, what shipped
+- If you don't know something, say so and suggest who might
+
+Your tools:
+- ask_team_memory: Query any employee's memories by their configured name
+- recall_my_memory: Search your own past conversations with the founder
+- list_tasks: See what's in progress across the org
+- get_session_context: Get context from a specific session
+- list_reminders: Check active reminders
+
+${permissions.canWrite ? "You also have write access: create_task, send_message, store_memory, etc." : "You are READ-ONLY on this channel. If the founder wants to create tasks or send commands, they should use Signal."}`;
+}
+function filterToolsForPermissions(tools, permissions) {
+  const allAllowed = /* @__PURE__ */ new Set();
+  if (permissions.canRead) {
+    for (const t of READ_TOOLS) allAllowed.add(t);
+  }
+  if (permissions.canWrite) {
+    for (const t of WRITE_TOOLS) allAllowed.add(t);
+  }
+  if (permissions.canExecute) {
+    for (const t of EXECUTE_TOOLS) allAllowed.add(t);
+  }
+  return tools.filter((t) => allAllowed.has(t.name));
+}
+var BotRuntime = class {
+  client;
+  config;
+  conversations = /* @__PURE__ */ new Map();
+  constructor(config) {
+    this.config = config;
+    this.client = new Anthropic({ apiKey: config.apiKey });
+  }
+  /**
+   * Process an incoming message and return the text response.
+   * Handles multi-turn tool use internally.
+   */
+  async processMessage(msg, permissions) {
+    const sessionKey = msg.chatType === "group" ? msg.channelId : msg.senderId;
+    const history = this.getHistory(sessionKey);
+    history.push({ role: "user", content: msg.text, frameType: "task" });
+    const systemPrompt = this.config.systemPrompt + "\n\n" + buildPermissionContext(msg.platform, permissions);
+    const allowedTools = filterToolsForPermissions(
+      this.config.tools,
+      permissions
+    );
+    const model = this.config.model ?? DEFAULT_MODEL;
+    const maxTurns = this.config.maxTurns ?? MAX_TURNS;
+    const planningInterval = this.config.planningInterval ?? DEFAULT_PLANNING_INTERVAL;
+    let turns = 0;
+    while (turns < maxTurns) {
+      turns++;
+      if (planningInterval > 0 && turns > 1 && turns % planningInterval === 1 && maxTurns - turns >= 2) {
+        history.push({
+          role: "user",
+          content: "[Planning checkpoint] Review what you know so far. What facts have you gathered? What is your plan for the remaining steps? Be concise.",
+          frameType: "planning"
+        });
+      }
+      let response;
+      try {
+        response = await this.client.messages.create({
+          model,
+          max_tokens: 4096,
+          system: systemPrompt,
+          messages: history.map((m) => ({
+            role: m.role,
+            content: m.content
+          })),
+          tools: allowedTools.map((t) => ({
+            name: t.name,
+            description: t.description,
+            input_schema: t.input_schema
+          }))
+        });
+      } catch (err) {
+        const classified = classifyError(err);
+        if (classified instanceof FatalBotError) {
+          const errorMsg = `Bot error: ${classified.message}`;
+          history.push({ role: "assistant", content: errorMsg, frameType: "error" });
+          this.trimHistory(sessionKey);
+          return errorMsg;
+        }
+        history.push({
+          role: "assistant",
+          content: `[API error \u2014 retrying] ${classified.message}`,
+          frameType: "error"
+        });
+        continue;
+      }
+      const toolUseBlocks = response.content.filter(
+        (b) => b.type === "tool_use"
+      );
+      if (toolUseBlocks.length === 0) {
+        const textContent = response.content.filter((b) => b.type === "text").map((b) => b.text).join("\n");
+        history.push({ role: "assistant", content: textContent, frameType: "assistant" });
+        this.trimHistory(sessionKey);
+        return textContent;
+      }
+      const { allowed, blocked } = guardToolUseBlocks(
+        toolUseBlocks,
+        permissions
+      );
+      history.push({
+        role: "assistant",
+        content: response.content,
+        frameType: "assistant"
+      });
+      const toolResults = [];
+      let hadFatalError = false;
+      for (const block of allowed) {
+        try {
+          const result = await this.config.toolExecutor(
+            block.name,
+            block.input
+          );
+          toolResults.push({
+            type: "tool_result",
+            tool_use_id: block.id,
+            content: result
+          });
+        } catch (err) {
+          const classified = classifyError(err, block.name);
+          if (classified instanceof FatalBotError) {
+            toolResults.push({
+              type: "tool_result",
+              tool_use_id: block.id,
+              content: `Fatal error: ${classified.message}`,
+              is_error: true
+            });
+            hadFatalError = true;
+          } else {
+            toolResults.push({
+              type: "tool_result",
+              tool_use_id: block.id,
+              content: `Error (recoverable): ${classified.message}`,
+              is_error: true
+            });
+          }
+        }
+      }
+      for (const { block, check } of blocked) {
+        toolResults.push({
+          type: "tool_result",
+          tool_use_id: block.id,
+          content: `Permission denied: ${check.reason}`,
+          is_error: true
+        });
+      }
+      history.push({
+        role: "user",
+        content: toolResults,
+        frameType: hadFatalError ? "error" : "tool_result"
+      });
+      if (hadFatalError) {
+        this.trimHistory(sessionKey);
+        return `A fatal error occurred during tool execution. The bot loop has been stopped.`;
+      }
+    }
+    const maxErr = new MaxStepsError(turns, maxTurns);
+    history.push({
+      role: "assistant",
+      content: maxErr.message,
+      frameType: "error"
+    });
+    this.trimHistory(sessionKey);
+    return maxErr.message;
+  }
+  getHistory(sessionKey) {
+    if (!this.conversations.has(sessionKey)) {
+      this.conversations.set(sessionKey, []);
+    }
+    return this.conversations.get(sessionKey);
+  }
+  trimHistory(sessionKey) {
+    const history = this.conversations.get(sessionKey);
+    if (!history || history.length <= MAX_HISTORY) return;
+    const firstTaskIdx = history.findIndex((m) => m.frameType === "task");
+    let trimmed = history.filter(
+      (m, i) => m.frameType !== "planning" || i >= history.length - MAX_HISTORY
+    );
+    if (trimmed.length > MAX_HISTORY) {
+      const tail = trimmed.slice(-MAX_HISTORY);
+      if (firstTaskIdx >= 0 && !tail.includes(history[firstTaskIdx])) {
+        tail[0] = history[firstTaskIdx];
+      }
+      trimmed = tail;
+    }
+    this.conversations.set(sessionKey, trimmed);
+  }
+  /** Clear conversation history for a session */
+  clearHistory(sessionKey) {
+    this.conversations.delete(sessionKey);
+  }
+};
+function buildExecAssistantTools() {
+  return [
+    {
+      name: "ask_team_memory",
+      description: "Search another employee's memories. Use this to find what a team member worked on, learned, or solved.",
+      input_schema: {
+        type: "object",
+        properties: {
+          team_member: {
+            type: "string",
+            description: "Configured name of the team member"
+          },
+          query: { type: "string", description: "What to search for" },
+          project_name: {
+            type: "string",
+            description: "Filter by project name"
+          },
+          limit: { type: "number", description: "Max results (default 10)" }
+        },
+        required: ["team_member", "query"]
+      }
+    },
+    {
+      name: "recall_my_memory",
+      description: "Search your own past memories using semantic search. Returns memory IDs; use get_memory_by_id for full long records.",
+      input_schema: {
+        type: "object",
+        properties: {
+          query: { type: "string", description: "What to search for" },
+          project_name: {
+            type: "string",
+            description: "Filter by project name"
+          },
+          limit: { type: "number", description: "Max results (default 10)" },
+          body_chars: { type: "number", description: "Max characters per memory body, up to 50000" }
+        },
+        required: ["query"]
+      }
+    },
+    {
+      name: "get_memory_by_id",
+      description: "Fetch one memory by ID with the full untruncated raw_text body.",
+      input_schema: {
+        type: "object",
+        properties: {
+          id: { type: "string", description: "Memory UUID from recall_my_memory" }
+        },
+        required: ["id"]
+      }
+    },
+    {
+      name: "list_tasks",
+      description: "List tasks across the organization.",
+      input_schema: {
+        type: "object",
+        properties: {
+          assigned_to: {
+            type: "string",
+            description: "Filter by assignee"
+          },
+          status: {
+            type: "string",
+            description: "Filter by status (open, in_progress, done)"
+          },
+          project_name: {
+            type: "string",
+            description: "Filter by project"
+          }
+        }
+      }
+    },
+    {
+      name: "get_session_context",
+      description: "Get context from a specific session.",
+      input_schema: {
+        type: "object",
+        properties: {
+          session_key: {
+            type: "string",
+            description: "Session key to look up"
+          }
+        },
+        required: ["session_key"]
+      }
+    },
+    {
+      name: "list_reminders",
+      description: "List active reminders.",
+      input_schema: {
+        type: "object",
+        properties: {
+          status: {
+            type: "string",
+            description: "Filter by status"
+          }
+        }
+      }
+    },
+    // Write tools (only available on Signal with full access)
+    {
+      name: "create_task",
+      description: "Create a new task and assign it to an employee.",
+      input_schema: {
+        type: "object",
+        properties: {
+          title: { type: "string", description: "Task title" },
+          description: { type: "string", description: "Task description" },
+          assigned_to: {
+            type: "string",
+            description: "Employee to assign to"
+          },
+          priority: {
+            type: "string",
+            enum: ["p0", "p1", "p2"],
+            description: "Task priority"
+          },
+          project_name: { type: "string", description: "Project name" }
+        },
+        required: ["title", "assigned_to"]
+      }
+    },
+    {
+      name: "send_message",
+      description: "Send a message to an employee.",
+      input_schema: {
+        type: "object",
+        properties: {
+          to: { type: "string", description: "Employee name" },
+          message: { type: "string", description: "Message content" }
+        },
+        required: ["to", "message"]
+      }
+    },
+    {
+      name: "store_memory",
+      description: "Store a memory for future reference.",
+      input_schema: {
+        type: "object",
+        properties: {
+          content: { type: "string", description: "Memory content" },
+          project_name: { type: "string", description: "Project name" }
+        },
+        required: ["content"]
+      }
+    },
+    {
+      name: "store_behavior",
+      description: "Store a behavioral directive.",
+      input_schema: {
+        type: "object",
+        properties: {
+          content: {
+            type: "string",
+            description: "Behavioral directive content"
+          }
+        },
+        required: ["content"]
+      }
+    },
+    {
+      name: "update_task",
+      description: "Update a task's status.",
+      input_schema: {
+        type: "object",
+        properties: {
+          task_id: { type: "string", description: "Task ID" },
+          status: {
+            type: "string",
+            enum: ["open", "in_progress", "done", "blocked", "cancelled"],
+            description: "New status"
+          },
+          result: { type: "string", description: "Result summary" }
+        },
+        required: ["task_id", "status"]
+      }
+    },
+    {
+      name: "create_reminder",
+      description: "Create a reminder.",
+      input_schema: {
+        type: "object",
+        properties: {
+          content: { type: "string", description: "Reminder content" },
+          due_at: { type: "string", description: "ISO 8601 due date" }
+        },
+        required: ["content"]
+      }
+    },
+    {
+      name: "complete_reminder",
+      description: "Mark a reminder as complete.",
+      input_schema: {
+        type: "object",
+        properties: {
+          reminder_id: { type: "string", description: "Reminder ID" }
+        },
+        required: ["reminder_id"]
+      }
+    },
+    {
+      name: "close_task",
+      description: "Reviewer-only: finalize a task after review. Only coordinators/reviewers can use this.",
+      input_schema: {
+        type: "object",
+        properties: {
+          task_id: { type: "string", description: "Task ID" },
+          result: { type: "string", description: "Completion summary" }
+        },
+        required: ["task_id"]
+      }
+    }
+  ];
+}
+
+// src/gateway/bot-registry.ts
+var BotRegistry = class {
+  bots = /* @__PURE__ */ new Map();
+  /** Register a bot from a template */
+  register(template, apiKey) {
+    const config = {
+      apiKey,
+      model: template.model,
+      agentId: template.agentId,
+      systemPrompt: template.systemPrompt,
+      tools: template.tools.map((t) => ({
+        name: t.name,
+        description: t.description ?? "",
+        input_schema: t.input_schema
+      })),
+      toolExecutor: async (name, input) => {
+        const handler = template.toolHandlers[name];
+        if (!handler) {
+          throw new Error(`No handler for tool "${name}"`);
+        }
+        const result = await handler(input);
+        return typeof result === "string" ? result : JSON.stringify(result);
+      },
+      maxTurns: template.maxTurns
+    };
+    this.bots.set(template.name, new BotRuntime(config));
+  }
+  /** Register a pre-configured BotRuntime directly */
+  registerRuntime(name, runtime) {
+    this.bots.set(name, runtime);
+  }
+  /** Look up a bot by route target name */
+  get(targetName) {
+    return this.bots.get(targetName);
+  }
+  /** List registered bot names */
+  list() {
+    return [...this.bots.keys()];
+  }
+  /** Check if a bot is registered */
+  has(targetName) {
+    return this.bots.has(targetName);
+  }
+};
+
+export {
+  routeMessage,
+  validateGatewayConfig,
+  retryWithBackoff,
+  CircuitBreaker,
+  FULL_ACCESS,
+  READ_ONLY,
+  READ_TOOLS,
+  WRITE_TOOLS,
+  EXECUTE_TOOLS,
+  checkToolPermission,
+  guardToolUseBlocks,
+  buildPermissionContext,
+  Gateway,
+  FatalBotError,
+  RecoverableBotError,
+  MaxStepsError,
+  classifyError,
+  buildExecAssistantSystemPrompt,
+  BotRuntime,
+  buildExecAssistantTools,
+  BotRegistry
+};