@botcord/daemon 0.2.69 → 0.2.71

package/dist/agent-workspace.js

@@ -20,6 +20,7 @@ import { chmodSync, copyFileSync, cpSync, existsSync, lstatSync, mkdirSync, read
 import { createRequire } from "node:module";
 import { homedir } from "node:os";
 import path from "node:path";
+import { fileURLToPath } from "node:url";
 const require = createRequire(import.meta.url);
 // Accepted agent id pattern. Enforced at every path-builder entry so a
 // malicious / malformed agentId (e.g. "../../etc") cannot escape
@@ -357,8 +358,24 @@ export function ensureAgentHermesWorkspace(agentId, opts = {}) {
  * Seeded fresh per `ensureAgent*` call (force-overwrite) so daemon
  * upgrades propagate.
  */
-const BUNDLED_SKILLS = ["botcord", "botcord-user-guide"];
+const BUNDLED_SKILLS = ["botcord", "botcord-user-guide", "botcord_memory"];
+function resolveRepoCliSkillsRoot() {
+    let dir = path.dirname(fileURLToPath(import.meta.url));
+    for (let i = 0; i < 6; i += 1) {
+        const candidate = path.join(dir, "cli", "skills");
+        if (existsSync(candidate))
+            return candidate;
+        const parent = path.dirname(dir);
+        if (parent === dir)
+            break;
+        dir = parent;
+    }
+    return null;
+}
 function resolveBundledCliSkillsRoot() {
+    const repoRoot = resolveRepoCliSkillsRoot();
+    if (repoRoot)
+        return repoRoot;
     try {
         const pkgJsonPath = require.resolve("@botcord/cli/package.json");
         const root = path.join(path.dirname(pkgJsonPath), "skills");

package/dist/gateway/channels/feishu.js

@@ -8,6 +8,8 @@ import { splitText } from "./text-split.js";
 const FEISHU_PROVIDER = "feishu";
 const DEFAULT_SPLIT_AT = 4000;
 const MAX_SEEN_MESSAGES = 2048;
+const TYPING_EMOJI = "Typing";
+const TYPING_REACTION_TTL_MS = 20_000;
 function sdkDomain(domain) {
     const sdk = Lark;
     return domain === "lark" ? sdk.Domain?.Lark : sdk.Domain?.Feishu;
@@ -63,6 +65,7 @@ export function createFeishuChannel(opts) {
     let botOpenId;
     let botName;
     let liveSetStatus = null;
+    const activeTypingReactions = new Map();
     let statusSnapshot = {
         channel: opts.id,
         accountId: opts.accountId,
@@ -292,6 +295,45 @@ export function createFeishuChannel(opts) {
         return ((typeof res.data?.message_id === "string" ? res.data.message_id : undefined) ??
             (typeof res.message_id === "string" ? res.message_id : undefined));
     }
+    function resultReactionId(res) {
+        return ((typeof res.data?.reaction_id === "string" ? res.data.reaction_id : undefined) ??
+            (typeof res.reaction_id === "string" ? res.reaction_id : undefined) ??
+            null);
+    }
+    function messageIdFromTrace(traceId) {
+        if (!traceId.startsWith("feishu:"))
+            return null;
+        const messageId = traceId.slice("feishu:".length).trim();
+        return messageId.length > 0 ? messageId : null;
+    }
+    async function removeTypingReaction(messageId) {
+        const state = activeTypingReactions.get(messageId);
+        if (!state)
+            return;
+        activeTypingReactions.delete(messageId);
+        if (state.timer)
+            clearTimeout(state.timer);
+        if (!state.reactionId)
+            return;
+        try {
+            await callFeishu({
+                method: "DELETE",
+                url: `/open-apis/im/v1/messages/${encodeURIComponent(messageId)}/reactions/${encodeURIComponent(state.reactionId)}`,
+            });
+        }
+        catch (err) {
+            statusSnapshot.lastError = err instanceof Error ? err.message : String(err);
+        }
+    }
+    function scheduleTypingCleanup(messageId, state) {
+        if (state.timer)
+            clearTimeout(state.timer);
+        state.timer = setTimeout(() => {
+            void removeTypingReaction(messageId);
+        }, TYPING_REACTION_TTL_MS);
+        if (typeof state.timer.unref === "function")
+            state.timer.unref();
+    }
     function resultResourceKey(res, key) {
         const direct = res[key];
         if (typeof direct === "string")
@@ -422,14 +464,61 @@ export function createFeishuChannel(opts) {
                 replyInThread: Boolean(ctx.message.threadId),
             }) ?? providerMessageId;
         }
+        if (ctx.message.replyTo) {
+            void removeTypingReaction(ctx.message.replyTo);
+        }
+        if (ctx.message.threadId && ctx.message.threadId !== ctx.message.replyTo) {
+            void removeTypingReaction(ctx.message.threadId);
+        }
         markStatus({ lastSendAt: Date.now() });
         return { providerMessageId };
     }
     async function typing(ctx) {
-        ctx.log.debug("feishu typing ignored: no native bot typing API", {
-            channel: opts.id,
-            conversationId: ctx.conversationId,
-        });
+        const messageId = messageIdFromTrace(ctx.traceId);
+        if (!messageId) {
+            ctx.log.debug("feishu typing skipped: trace id has no message id", {
+                channel: opts.id,
+                conversationId: ctx.conversationId,
+                traceId: ctx.traceId,
+            });
+            return;
+        }
+        const existing = activeTypingReactions.get(messageId);
+        if (existing) {
+            scheduleTypingCleanup(messageId, existing);
+            return;
+        }
+        const state = { reactionId: null, timer: null };
+        activeTypingReactions.set(messageId, state);
+        scheduleTypingCleanup(messageId, state);
+        try {
+            const res = await callFeishu({
+                method: "POST",
+                url: `/open-apis/im/v1/messages/${encodeURIComponent(messageId)}/reactions`,
+                data: { reaction_type: { emoji_type: TYPING_EMOJI } },
+            });
+            const reactionId = resultReactionId(res);
+            if (activeTypingReactions.get(messageId) !== state) {
+                if (reactionId) {
+                    await callFeishu({
+                        method: "DELETE",
+                        url: `/open-apis/im/v1/messages/${encodeURIComponent(messageId)}/reactions/${encodeURIComponent(reactionId)}`,
+                    });
+                }
+                return;
+            }
+            state.reactionId = reactionId;
+        }
+        catch (err) {
+            activeTypingReactions.delete(messageId);
+            if (state.timer)
+                clearTimeout(state.timer);
+            ctx.log.warn("feishu typing reaction failed", {
+                channel: opts.id,
+                conversationId: ctx.conversationId,
+                err: err instanceof Error ? err.message : String(err),
+            });
+        }
     }
     async function stop(_ctx) {
         try {
@@ -439,6 +528,7 @@ export function createFeishuChannel(opts) {
             // best effort
         }
         wsClient = null;
+        await Promise.allSettled(Array.from(activeTypingReactions.keys()).map(removeTypingReaction));
         try {
             stateStore?.close();
         }

package/dist/gateway/dispatcher.d.ts

@@ -149,6 +149,7 @@ export declare class Dispatcher {
     private recomposeUserTurn;
     private runTurn;
     private sendReply;
+    private providerReplyTo;
     private emitInbound;
     private emitOutbound;
 }

package/dist/gateway/dispatcher.js

@@ -1098,7 +1098,7 @@ export class Dispatcher {
                         threadId: msg.conversation.threadId ?? null,
                         type: "error",
                         text: `⚠️ Runtime timeout after ${Math.round(this.turnTimeoutMs / 60000)} minute(s); aborted`,
-                        replyTo: msg.id,
+                        replyTo: this.providerReplyTo(msg),
                         traceId: msg.trace?.id ?? null,
                     }, turnId);
                 }
@@ -1144,7 +1144,7 @@ export class Dispatcher {
                         threadId: msg.conversation.threadId ?? null,
                         type: "error",
                         text: `⚠️ Runtime error: ${truncate(errMsg, 500)}`,
-                        replyTo: msg.id,
+                        replyTo: this.providerReplyTo(msg),
                         traceId: msg.trace?.id ?? null,
                     }, turnId);
                 }
@@ -1252,7 +1252,7 @@ export class Dispatcher {
                             threadId: msg.conversation.threadId ?? null,
                             type: "error",
                             text: `⚠️ Runtime error: ${truncate(result.error, 500)}`,
-                            replyTo: msg.id,
+                            replyTo: this.providerReplyTo(msg),
                             traceId: msg.trace?.id ?? null,
                         }, turnId);
                         this.emitOutbound({
@@ -1323,7 +1323,7 @@ export class Dispatcher {
                 conversationId: msg.conversation.id,
                 threadId: msg.conversation.threadId ?? null,
                 text: replyText,
-                replyTo: msg.id,
+                replyTo: this.providerReplyTo(msg),
                 traceId: msg.trace?.id ?? null,
             }, turnId);
             this.emitOutbound({
@@ -1388,6 +1388,9 @@ export class Dispatcher {
         }
         return { ok: true };
     }
+    providerReplyTo(msg) {
+        return msg.replyTo ?? msg.id;
+    }
     emitInbound(turnId, msg) {
         if (!this.transcript.enabled)
             return;

package/dist/gateway/gateway.d.ts

@@ -2,7 +2,7 @@ import { type ChannelBackoffOptions } from "./channel-manager.js";
 import { type RuntimeFactory } from "./dispatcher.js";
 import { type GatewayLogger } from "./log.js";
 import { type TranscriptWriter } from "./transcript.js";
-import type { ChannelAdapter, GatewayChannelConfig, GatewayConfig, GatewayInboundMessage, GatewayRoute, GatewayRuntimeSnapshot, InboundObserver, OutboundObserver, SystemContextBuilder, UserTurnBuilder } from "./types.js";
+import type { ChannelAdapter, GatewayChannelConfig, GatewayConfig, GatewayInboundMessage, GatewayOutboundMessage, GatewayRoute, GatewayRuntimeSnapshot, InboundObserver, OutboundObserver, SystemContextBuilder, UserTurnBuilder } from "./types.js";
 /** Constructor options for `Gateway`. */
 export interface GatewayBootOptions {
     config: GatewayConfig;
@@ -124,4 +124,12 @@ export declare class Gateway {
      * routing, queueing, transcript, and runtime behavior as channel messages.
      */
     injectInbound(message: GatewayInboundMessage): Promise<void>;
+    /**
+     * Send a daemon-control initiated outbound message through a registered
+     * channel. Used by proactive third-party gateway sends where the runtime
+     * explicitly targets an external provider conversation.
+     */
+    sendOutbound(message: GatewayOutboundMessage): Promise<{
+        providerMessageId?: string | null;
+    }>;
 }

package/dist/gateway/gateway.js

@@ -174,4 +174,16 @@ export class Gateway {
     async injectInbound(message) {
         await this.dispatcher.handle({ message });
     }
+    /**
+     * Send a daemon-control initiated outbound message through a registered
+     * channel. Used by proactive third-party gateway sends where the runtime
+     * explicitly targets an external provider conversation.
+     */
+    async sendOutbound(message) {
+        const channel = this.channelMap.get(message.channel);
+        if (!channel) {
+            throw new Error(`channel "${message.channel}" is not registered`);
+        }
+        return channel.send({ message, log: this.log });
+    }
 }

package/dist/gateway-control.d.ts

@@ -60,6 +60,13 @@ interface GatewayRecentSendersParams {
     accountId: string;
     timeoutSeconds?: number;
 }
+interface GatewaySendParams {
+    agentId: string;
+    gatewayId: string;
+    conversationId: string;
+    text: string;
+    idempotencyKey?: string;
+}
 export type { FetchLike };
 export interface GatewayControlContext {
     gateway: Gateway;
@@ -98,6 +105,7 @@ export declare function createGatewayControl(ctx: GatewayControlContext): {
     handleLoginStart: (params: GatewayLoginStartParams) => Promise<AckBody>;
     handleLoginStatus: (params: GatewayLoginStatusParams) => Promise<AckBody>;
     handleRecentSenders: (params: GatewayRecentSendersParams) => Promise<AckBody>;
+    handleSend: (params: GatewaySendParams) => Promise<AckBody>;
     /** Exposed for tests — direct access to the in-memory session map. */
     _sessions: LoginSessionStore;
 };

package/dist/gateway-control.js

@@ -731,6 +731,78 @@ export function createGatewayControl(ctx) {
             };
         }
     }
+    // --- gateway_send -------------------------------------------------------
+    async function handleSend(params) {
+        if (!params.agentId || typeof params.agentId !== "string") {
+            return badParams("gateway_send: agentId is required");
+        }
+        if (!params.gatewayId || typeof params.gatewayId !== "string") {
+            return badParams("gateway_send: gatewayId is required");
+        }
+        if (!params.conversationId || typeof params.conversationId !== "string") {
+            return badParams("gateway_send: conversationId is required");
+        }
+        if (typeof params.text !== "string" || params.text.length === 0) {
+            return badParams("gateway_send: text is required");
+        }
+        const cfg = cfgIO.load();
+        const profile = (cfg.thirdPartyGateways ?? []).find((g) => g.id === params.gatewayId);
+        if (!profile) {
+            return {
+                ok: false,
+                error: { code: "unknown_gateway", message: `no gateway with id "${params.gatewayId}"` },
+            };
+        }
+        if (profile.accountId !== params.agentId) {
+            return {
+                ok: false,
+                error: { code: "account_mismatch", message: "gateway is bound to a different agent" },
+            };
+        }
+        if (profile.enabled === false) {
+            return {
+                ok: false,
+                error: { code: "gateway_disabled", message: "gateway is disabled" },
+            };
+        }
+        if (profile.type === "wechat") {
+            return {
+                ok: false,
+                error: { code: "unsupported_provider", message: "wechat gateway_send requires an inbound context_token and is not supported" },
+            };
+        }
+        const conversationErr = validateOutboundConversation(profile, params.conversationId);
+        if (conversationErr)
+            return conversationErr;
+        try {
+            const sendResult = await ctx.gateway.sendOutbound({
+                channel: params.gatewayId,
+                accountId: params.agentId,
+                conversationId: params.conversationId,
+                text: params.text,
+                traceId: `gateway-send:${params.idempotencyKey ?? Date.now()}`,
+            });
+            const result = {
+                gatewayId: params.gatewayId,
+                conversationId: params.conversationId,
+                providerMessageId: sendResult.providerMessageId ?? null,
+            };
+            return { ok: true, result };
+        }
+        catch (err) {
+            const message = err instanceof Error ? err.message : String(err);
+            daemonLog.warn("gateway_send failed", {
+                gatewayId: params.gatewayId,
+                accountId: params.agentId,
+                conversationId: params.conversationId,
+                error: message,
+            });
+            return {
+                ok: false,
+                error: { code: "send_failed", message },
+            };
+        }
+    }
     return {
         handleList,
         handleUpsert,
@@ -739,6 +811,7 @@ export function createGatewayControl(ctx) {
         handleLoginStart,
         handleLoginStatus,
         handleRecentSenders,
+        handleSend,
         /** Exposed for tests — direct access to the in-memory session map. */
         _sessions: sessions,
     };
@@ -761,6 +834,50 @@ function validateUpsertParams(p) {
         return "upsert_gateway: accountId is required";
     return null;
 }
+function validateOutboundConversation(profile, conversationId) {
+    const chatId = chatIdFromConversation(profile.type, conversationId);
+    if (!chatId) {
+        return {
+            ok: false,
+            error: {
+                code: "bad_conversation",
+                message: `conversationId "${conversationId}" is not valid for ${profile.type}`,
+            },
+        };
+    }
+    const allowed = new Set((profile.allowedChatIds ?? []).map(String));
+    if (!allowed.has(chatId)) {
+        return {
+            ok: false,
+            error: {
+                code: "conversation_not_allowed",
+                message: "conversation is not in the gateway allowedChatIds list",
+            },
+        };
+    }
+    return null;
+}
+function chatIdFromConversation(provider, conversationId) {
+    if (provider === "telegram") {
+        if (conversationId.startsWith("telegram:user:")) {
+            return conversationId.slice("telegram:user:".length);
+        }
+        if (conversationId.startsWith("telegram:group:")) {
+            return conversationId.slice("telegram:group:".length);
+        }
+        return null;
+    }
+    if (provider === "feishu") {
+        if (conversationId.startsWith("feishu:user:")) {
+            return conversationId.slice("feishu:user:".length);
+        }
+        if (conversationId.startsWith("feishu:chat:")) {
+            return conversationId.slice("feishu:chat:".length);
+        }
+        return null;
+    }
+    return null;
+}
 function annotateProfile(p, status) {
     return {
         id: p.id,

package/dist/loop-risk.js

@@ -76,6 +76,12 @@ export function stripBotCordPromptScaffolding(text) {
             return false;
         if (line.startsWith("you do not reply to the group"))
             return false;
+        if (line.startsWith("Before replying NO_REPLY in a non-owner group room"))
+            return false;
+        if (line.startsWith("match a memory-backed monitoring rule"))
+            return false;
+        if (line.startsWith("or owner-approved workflow. If needed"))
+            return false;
         if (line.startsWith("[If the conversation has naturally concluded"))
             return false;
         if (line.startsWith("[You received a contact request"))

package/dist/provision.js

@@ -255,6 +255,14 @@ export function createProvisioner(opts) {
                     return v.ack;
                 return gatewayControl.handleRecentSenders(v.params);
             }
+            case "gateway_send": {
+                const v = validateGatewayParams(frame.params, {
+                    required: ["agentId", "gatewayId", "conversationId", "text"],
+                });
+                if (!v.ok)
+                    return v.ack;
+                return gatewayControl.handleSend(v.params);
+            }
             case "list_agent_files": {
                 const params = (frame.params ?? {});
                 if (!params.agentId) {
@@ -344,6 +352,8 @@ async function handleWakeAgent(gateway, raw) {
     }
     const runId = params.run_id || params.runId || `wake-${Date.now()}`;
     const scheduleId = params.schedule_id || params.scheduleId;
+    const scheduledFor = params.scheduled_for || params.scheduledFor;
+    const dispatchedAt = params.dispatched_at || params.dispatchedAt;
     const dedupeKey = params.dedupe_key || params.dedupeKey;
     const conversationId = `rm_schedule_${agentId}`;
     const msg = {
@@ -365,6 +375,8 @@ async function handleWakeAgent(gateway, raw) {
         raw: {
             source_type: "botcord_schedule",
             schedule_id: scheduleId,
+            scheduled_for: scheduledFor,
+            dispatched_at: dispatchedAt,
             run_id: runId,
             dedupe_key: dedupeKey,
         },

package/dist/turn-text.js

@@ -9,6 +9,10 @@ const GROUP_HINT = "[In group chats, do not send a message back to the current g
     "When a message matches an active monitoring rule, automation goal, working-memory task, " +
     "keyword, sender rule, or owner-approved workflow, perform the required action even if " +
     "you do not reply to the group.\n\n" +
+    "Before replying NO_REPLY in a non-owner group room, consider whether this message could " +
+    "match a memory-backed monitoring rule, automation goal, pending task, keyword, sender rule, " +
+    "or owner-approved workflow. If needed, use the botcord_memory skill to retrieve or update " +
+    "working memory.\n\n" +
     'If no group reply and no background action is needed, reply exactly "NO_REPLY".]';
 const DIRECT_HINT = '[If the conversation has naturally concluded or no response is needed, ' +
     'reply with exactly "NO_REPLY" and nothing else.]';
@@ -56,6 +60,31 @@ function appendConversationFields(fields, msg) {
         fields.push(`channel: ${sanitizeSenderName(msg.channel)}`);
     }
 }
+function formatScheduleContext(raw) {
+    const r = raw && typeof raw === "object" ? raw : {};
+    if (r.source_type !== "botcord_schedule")
+        return [];
+    const fields = [];
+    if (typeof r.schedule_id === "string" && r.schedule_id) {
+        fields.push(`schedule_id: ${sanitizeSenderName(r.schedule_id)}`);
+    }
+    if (typeof r.scheduled_for === "string" && r.scheduled_for) {
+        fields.push(`scheduled_for: ${sanitizeSenderName(r.scheduled_for)}`);
+    }
+    if (typeof r.dispatched_at === "string" && r.dispatched_at) {
+        fields.push(`dispatched_at: ${sanitizeSenderName(r.dispatched_at)}`);
+    }
+    if (typeof r.run_id === "string" && r.run_id) {
+        fields.push(`run_id: ${sanitizeSenderName(r.run_id)}`);
+    }
+    return fields.length > 0
+        ? [
+            "[BotCord Schedule]",
+            "This turn was triggered by a proactive schedule.",
+            fields.join(" | "),
+        ]
+        : ["[BotCord Schedule]", "This turn was triggered by a proactive schedule."];
+}
 /**
  * Read the `raw.batch` array emitted by the BotCord channel when inbox
  * drain groups multiple messages for the same `(room, topic)`. Returns the
@@ -179,6 +208,7 @@ export function composeBotCordUserTurn(msg) {
         : null;
     const lines = [
         headerFields.join(" | "),
+        ...formatScheduleContext(msg.raw),
         ...(isGroup ? formatRoomContext(msg.raw, { id: conversation.id, title: roomTitle }) : []),
         `<${tag} sender="${sanitizedSenderLabel}" sender_kind="${senderKindAttr}">`,
         trimmed,

package/package.json

@@ -1,10 +1,10 @@
 {
   "name": "@botcord/daemon",
-  "version": "0.2.69",
+  "version": "0.2.71",
   "description": "BotCord local daemon — bridges Hub inbox push to local Claude Code / Codex / Gemini CLIs",
   "type": "module",
   "bin": {
-    "botcord-daemon": "./dist/index.js"
+    "botcord-daemon": "dist/index.js"
   },
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -30,7 +30,7 @@
     "@botcord/cli": "^0.1.7",
     "@botcord/protocol-core": "^0.2.4",
     "@larksuiteoapi/node-sdk": "^1.63.1",
-    "ws": "^8.18.0"
+    "ws": "^8.20.1"
   },
   "overrides": {
     "axios": "^1.15.2"

package/src/__tests__/agent-workspace.test.ts

@@ -88,6 +88,7 @@ describe("ensureAgentWorkspace", () => {
     const skillsDir = path.join(agentWorkspaceDir("ag_skills"), ".claude", "skills");
     expect(existsSync(path.join(skillsDir, "botcord", "SKILL.md"))).toBe(true);
     expect(existsSync(path.join(skillsDir, "botcord-user-guide", "SKILL.md"))).toBe(true);
+    expect(existsSync(path.join(skillsDir, "botcord_memory", "SKILL.md"))).toBe(true);
   });
 
   it("re-seeds skills on a second call so daemon upgrades propagate", () => {
@@ -113,6 +114,7 @@ describe("ensureAgentWorkspace", () => {
     const skillsDir = path.join(agentCodexHomeDir("ag_codex_skills"), "skills");
     expect(existsSync(path.join(skillsDir, "botcord", "SKILL.md"))).toBe(true);
     expect(existsSync(path.join(skillsDir, "botcord-user-guide", "SKILL.md"))).toBe(true);
+    expect(existsSync(path.join(skillsDir, "botcord_memory", "SKILL.md"))).toBe(true);
   });
 
   it("re-seeds codex skills on subsequent ensureAgentCodexHome calls", () => {
@@ -137,6 +139,7 @@ describe("ensureAgentWorkspace", () => {
     const skillsDir = path.join(hermesHome, "skills");
     expect(existsSync(path.join(skillsDir, "botcord", "SKILL.md"))).toBe(true);
     expect(existsSync(path.join(skillsDir, "botcord-user-guide", "SKILL.md"))).toBe(true);
+    expect(existsSync(path.join(skillsDir, "botcord_memory", "SKILL.md"))).toBe(true);
   });
 
   it("re-seeds hermes skills on subsequent ensureAgentHermesWorkspace calls", () => {
@@ -164,6 +167,9 @@ describe("ensureAgentWorkspace", () => {
     expect(existsSync(path.join(profileHome, "skills", "botcord-user-guide", "SKILL.md"))).toBe(
       true,
     );
+    expect(existsSync(path.join(profileHome, "skills", "botcord_memory", "SKILL.md"))).toBe(
+      true,
+    );
     expect(existsSync(hermesWorkspace)).toBe(true);
     expect(existsSync(hermesHome)).toBe(false);
   });

package/src/__tests__/gateway-control.test.ts

@@ -43,6 +43,7 @@ interface FakeGateway {
   channels: Map<string, { id: string; status: Record<string, unknown> }>;
   addChannel: ReturnType<typeof vi.fn>;
   removeChannel: ReturnType<typeof vi.fn>;
+  sendOutbound: ReturnType<typeof vi.fn>;
   snapshot: () => { channels: Record<string, any>; turns: Record<string, any> };
 }
 
@@ -66,6 +67,7 @@ function makeFakeGateway(): FakeGateway {
     removeChannel: vi.fn(async (id: string) => {
       channels.delete(id);
     }),
+    sendOutbound: vi.fn(async () => ({ providerMessageId: "provider-msg-1" })),
     snapshot: () => ({
       channels: Object.fromEntries([...channels].map(([id, e]) => [id, e.status])),
       turns: {},
@@ -617,6 +619,75 @@ describe("list_gateways", () => {
   });
 });
 
+describe("gateway_send", () => {
+  it("sends through an enabled allowed telegram gateway", async () => {
+    const gw = makeFakeGateway();
+    const gwId = uniqId("send");
+    const { io } = makeConfigIO({
+      ...baseCfg(),
+      thirdPartyGateways: [
+        {
+          id: gwId,
+          type: "telegram",
+          accountId: "ag_alice",
+          enabled: true,
+          allowedChatIds: ["-1001"],
+        },
+      ],
+    });
+    const ctrl = createGatewayControl({ gateway: gw as any, configIO: io });
+
+    const ack = await ctrl.handleSend({
+      agentId: "ag_alice",
+      gatewayId: gwId,
+      conversationId: "telegram:group:-1001",
+      text: "hello",
+      idempotencyKey: "k1",
+    });
+
+    expect(ack.ok).toBe(true);
+    expect(gw.sendOutbound).toHaveBeenCalledWith(
+      expect.objectContaining({
+        channel: gwId,
+        accountId: "ag_alice",
+        conversationId: "telegram:group:-1001",
+        text: "hello",
+        traceId: "gateway-send:k1",
+      }),
+    );
+    expect((ack.result as any).providerMessageId).toBe("provider-msg-1");
+  });
+
+  it("rejects conversations outside allowedChatIds", async () => {
+    const gw = makeFakeGateway();
+    const gwId = uniqId("send-deny");
+    const { io } = makeConfigIO({
+      ...baseCfg(),
+      thirdPartyGateways: [
+        {
+          id: gwId,
+          type: "feishu",
+          accountId: "ag_alice",
+          enabled: true,
+          allowedChatIds: ["oc_allowed"],
+        },
+      ],
+    });
+    const ctrl = createGatewayControl({ gateway: gw as any, configIO: io });
+
+    const ack = await ctrl.handleSend({
+      agentId: "ag_alice",
+      gatewayId: gwId,
+      conversationId: "feishu:chat:oc_other",
+      text: "hello",
+    });
+
+    expect(ack.ok).toBe(false);
+    expect(ack.error?.code).toBe("conversation_not_allowed");
+    expect(gw.sendOutbound).not.toHaveBeenCalled();
+  });
+});
+
 describe("W4: handleLoginStatus accountId ownership check", () => {
   it("returns forbidden when accountId does not match the login session", async () => {
     const gw = makeFakeGateway();