@botcord/daemon 0.2.92 → 0.2.93

package/dist/gateway/types.d.ts

@@ -285,6 +285,14 @@ export interface RuntimeRunOptions {
      * unspecified and the bundled CLI falls back to its own default.
      */
     hubUrl?: string;
+    /**
+     * Absolute path the spawned CLI should write a `botcord wait` park marker to,
+     * exposed to the subprocess as `BOTCORD_WAIT_FILE`. Scoped per queue by the
+     * dispatcher so concurrent group-room turns sharing one workspace don't
+     * clobber each other. Unset for non-deferrable rooms (owner-chat / DM /
+     * non-group), in which case `botcord wait` is a harmless no-op.
+     */
+    waitMarkerFile?: string;
     signal: AbortSignal;
     extraArgs?: string[];
     trustLevel: TrustLevel;

package/dist/gateway/wait-marker.d.ts

@@ -0,0 +1,32 @@
+/** Filename stem for park markers. */
+export declare const WAIT_MARKER_PREFIX = ".botcord-wait";
+/** Legacy unscoped marker name — the CLI's fallback when `BOTCORD_WAIT_FILE`
+ *  is unset. Never consumed by the dispatcher (which always scopes per queue),
+ *  so an unscoped write is a harmless no-op. */
+export declare const WAIT_MARKER_FILENAME = ".botcord-wait.json";
+/** Hard ceiling on a single park request (mirrors the CLI clamp). Also used by
+ *  the dispatcher as the total accumulated-park budget across consecutive
+ *  re-wakes on one queue. */
+export declare const MAX_WAIT_MS = 30000;
+export interface WaitMarker {
+    /** Absolute unix millis the agent wants to be re-woken by (already clamped). */
+    deadlineMs: number;
+    reason?: string;
+}
+/** Legacy unscoped path under `cwd` (CLI fallback / tests). */
+export declare function waitMarkerPath(cwd: string): string;
+/** Per-queue marker path under the agent workspace. */
+export declare function resolveWaitMarkerPath(cwd: string, queueKey: string): string;
+/** Best-effort delete of any pre-existing marker at `markerPath`. Called before
+ *  a turn runs so that whatever `botcord wait` writes during this turn is
+ *  unambiguously from this turn. */
+export declare function clearWaitMarker(markerPath: string): void;
+/**
+ * Read + delete the marker a turn may have written via `botcord wait`, and
+ * return the validated request (or null). Always removes the file so the next
+ * turn starts clean. `now` is injectable for tests.
+ *
+ * A deadline in the past — or beyond {@link MAX_WAIT_MS} — is clamped; a
+ * non-positive remaining wait yields null (treated as "no wait").
+ */
+export declare function consumeWaitMarker(markerPath: string, now?: number): WaitMarker | null;

package/dist/gateway/wait-marker.js

@@ -0,0 +1,96 @@
+/**
+ * Workspace park-marker transport for the agent-driven `botcord wait` defer.
+ *
+ * In non-owner BotCord group rooms the dispatcher discards the runtime's final
+ * text (the agent replies out-of-band via the `botcord send` CLI → Hub), so a
+ * "please re-wake me later" signal cannot ride back on the turn result. Instead
+ * the bundled `botcord wait <seconds>` CLI drops a tiny JSON marker into the
+ * agent's workspace; the dispatcher reads it at the turn boundary and schedules
+ * a re-wake. This keeps the *decision* to wait in the agent (it judges
+ * relevance/urgency) while the *timer* lives cheaply in the daemon — no runtime
+ * session is held open during the wait.
+ *
+ * The marker path is scoped per **queue** (channel:agent:room:thread): the
+ * dispatcher serializes turns within a queue but NOT across queues that share
+ * one agent workspace (`route.cwd`), so two concurrent group-room turns for the
+ * same agent would otherwise clobber each other's marker. The dispatcher passes
+ * the resolved path to the CLI subprocess via `BOTCORD_WAIT_FILE`.
+ *
+ * Local daemon-hosted agents only: the marker rides the shared filesystem of
+ * `route.cwd`. Cloud (sandboxed) agents need a networked transport — out of
+ * scope here.
+ */
+import fs from "node:fs";
+import path from "node:path";
+/** Filename stem for park markers. */
+export const WAIT_MARKER_PREFIX = ".botcord-wait";
+/** Legacy unscoped marker name — the CLI's fallback when `BOTCORD_WAIT_FILE`
+ *  is unset. Never consumed by the dispatcher (which always scopes per queue),
+ *  so an unscoped write is a harmless no-op. */
+export const WAIT_MARKER_FILENAME = `${WAIT_MARKER_PREFIX}.json`;
+/** Hard ceiling on a single park request (mirrors the CLI clamp). Also used by
+ *  the dispatcher as the total accumulated-park budget across consecutive
+ *  re-wakes on one queue. */
+export const MAX_WAIT_MS = 30_000;
+/** Legacy unscoped path under `cwd` (CLI fallback / tests). */
+export function waitMarkerPath(cwd) {
+    return path.join(cwd, WAIT_MARKER_FILENAME);
+}
+/** Per-queue marker path under the agent workspace. */
+export function resolveWaitMarkerPath(cwd, queueKey) {
+    const safe = queueKey.replace(/[^a-zA-Z0-9._-]/g, "_");
+    return path.join(cwd, `${WAIT_MARKER_PREFIX}.${safe}.json`);
+}
+/** Best-effort delete of any pre-existing marker at `markerPath`. Called before
+ *  a turn runs so that whatever `botcord wait` writes during this turn is
+ *  unambiguously from this turn. */
+export function clearWaitMarker(markerPath) {
+    try {
+        fs.rmSync(markerPath, { force: true });
+    }
+    catch {
+        // A leftover marker only costs one wasted park-check next turn — never
+        // let cleanup failure abort the dispatch path.
+    }
+}
+/**
+ * Read + delete the marker a turn may have written via `botcord wait`, and
+ * return the validated request (or null). Always removes the file so the next
+ * turn starts clean. `now` is injectable for tests.
+ *
+ * A deadline in the past — or beyond {@link MAX_WAIT_MS} — is clamped; a
+ * non-positive remaining wait yields null (treated as "no wait").
+ */
+export function consumeWaitMarker(markerPath, now = Date.now()) {
+    let raw;
+    try {
+        raw = fs.readFileSync(markerPath, "utf8");
+    }
+    catch {
+        return null; // no marker (ENOENT) or unreadable
+    }
+    try {
+        fs.rmSync(markerPath, { force: true });
+    }
+    catch {
+        // ignore — the pre-turn clear will catch it next time
+    }
+    let parsed;
+    try {
+        parsed = JSON.parse(raw);
+    }
+    catch {
+        return null;
+    }
+    if (!parsed || typeof parsed !== "object")
+        return null;
+    const obj = parsed;
+    const deadlineMs = typeof obj.deadlineMs === "number" ? obj.deadlineMs : NaN;
+    if (!Number.isFinite(deadlineMs))
+        return null;
+    const clamped = Math.min(deadlineMs, now + MAX_WAIT_MS);
+    if (clamped <= now)
+        return null;
+    const reason = typeof obj.reason === "string" ? obj.reason : undefined;
+    return reason !== undefined ? { deadlineMs: clamped, reason } : { deadlineMs: clamped };
+}

package/dist/gateway-control.d.ts

@@ -14,6 +14,7 @@ import { type DaemonConfig } from "./config.js";
 import { LoginSessionStore } from "./gateway/channels/login-session.js";
 import { getBotQrcode, getQrcodeStatus } from "./gateway/channels/wechat-login.js";
 import { pollFeishuRegistration, startFeishuRegistration } from "./gateway/channels/feishu-registration.js";
+import { discoverFeishuChats } from "./gateway/channels/feishu.js";
 import type { FetchLike } from "./gateway/channels/http-types.js";
 type AckBody = Omit<ControlAck, "id">;
 type GatewayProvider = "telegram" | "wechat" | "feishu";
@@ -89,6 +90,9 @@ export interface GatewayControlContext {
         startFeishuRegistration: typeof startFeishuRegistration;
         pollFeishuRegistration: typeof pollFeishuRegistration;
     };
+    feishuDiscoveryClient?: {
+        discoverChats: typeof discoverFeishuChats;
+    };
     /** Override the global fetch — used by `test_gateway` for Telegram getMe. */
     fetchImpl?: FetchLike;
 }

package/dist/gateway-control.js

@@ -13,6 +13,7 @@ import { deleteGatewaySecret, loadGatewaySecret, saveGatewaySecret, } from "./ga
 import { LoginSessionStore, maskTokenPreview, mintLoginId, } from "./gateway/channels/login-session.js";
 import { DEFAULT_WECHAT_BASE_URL, getBotQrcode, getQrcodeStatus, } from "./gateway/channels/wechat-login.js";
 import { pollFeishuRegistration, startFeishuRegistration, } from "./gateway/channels/feishu-registration.js";
+import { discoverFeishuChats, } from "./gateway/channels/feishu.js";
 import { WECHAT_BASE_INFO, wechatHeaders } from "./gateway/channels/wechat-http.js";
 import { assertSafeBaseUrl, UnsafeBaseUrlError } from "./gateway/channels/url-guard.js";
 import { log as daemonLog } from "./log.js";
@@ -26,6 +27,7 @@ export function createGatewayControl(ctx) {
     const sessions = ctx.loginSessions ?? new LoginSessionStore();
     const wechatLogin = ctx.wechatLoginClient ?? { getBotQrcode, getQrcodeStatus };
     const feishuLogin = ctx.feishuLoginClient ?? { startFeishuRegistration, pollFeishuRegistration };
+    const feishuDiscovery = ctx.feishuDiscoveryClient ?? { discoverChats: discoverFeishuChats };
     // W7: validate fetch availability at construction so a missing global is
     // diagnosed at startup, not during the first control frame. Tests inject
     // `ctx.fetchImpl` explicitly and bypass the global lookup entirely.
@@ -681,7 +683,7 @@ export function createGatewayControl(ctx) {
         if (!isProvider(params.provider)) {
             return badParams(`gateway_recent_senders: unknown provider "${String(params.provider)}"`);
         }
-        if (params.provider !== "wechat") {
+        if (params.provider !== "wechat" && params.provider !== "feishu") {
             return badParams(`gateway_recent_senders: provider "${params.provider}" not supported`);
         }
         if (!params.loginId) {
@@ -695,12 +697,12 @@ export function createGatewayControl(ctx) {
             return {
                 ok: false,
                 error: resolved.state === "missing"
-                    ? { code: "login_missing", message: `wechat login session "${params.loginId}" not found` }
-                    : { code: "login_expired", message: `wechat login session "${params.loginId}" expired` },
+                    ? { code: "login_missing", message: `${params.provider} login session "${params.loginId}" not found` }
+                    : { code: "login_expired", message: `${params.provider} login session "${params.loginId}" expired` },
             };
         }
         const session = resolved.session;
-        if (session.provider !== "wechat") {
+        if (session.provider !== params.provider) {
             return badParams("gateway_recent_senders: provider does not match login session");
         }
         if (session.accountId !== params.accountId) {
@@ -712,6 +714,44 @@ export function createGatewayControl(ctx) {
                 },
             };
         }
+        if (params.provider === "feishu") {
+            if (!session.appId || !session.appSecret || !session.userOpenId) {
+                return {
+                    ok: false,
+                    error: {
+                        code: "login_unconfirmed",
+                        message: "feishu login session has no app credentials yet",
+                    },
+                };
+            }
+            try {
+                const chats = await feishuDiscovery.discoverChats({
+                    appId: session.appId,
+                    appSecret: session.appSecret,
+                    domain: session.domain ?? "feishu",
+                    userOpenId: session.userOpenId,
+                    timeoutSeconds: params.timeoutSeconds,
+                });
+                const result = {
+                    chats: chats.map((c) => ({
+                        chatId: c.chatId,
+                        senderOpenId: c.senderOpenId,
+                        kind: c.kind,
+                        label: c.label ?? null,
+                        lastSeenAt: c.lastSeenAt,
+                    })),
+                };
+                return { ok: true, result };
+            }
+            catch (err) {
+                const message = err instanceof Error ? err.message : String(err);
+                daemonLog.warn("gateway_recent_senders.feishu discovery failed", { error: message });
+                return {
+                    ok: false,
+                    error: { code: "provider_unreachable", message },
+                };
+            }
+        }
         if (!session.botToken) {
             return {
                 ok: false,

package/dist/loop-risk.js

@@ -78,6 +78,8 @@ export function stripBotCordPromptScaffolding(text) {
             return false;
         if (line.startsWith("Before replying NO_REPLY in a non-owner group room"))
             return false;
+        if (line.startsWith("If you might have something useful to add"))
+            return false;
         if (line.startsWith("match a memory-backed monitoring rule"))
             return false;
         if (line.startsWith("or owner-approved workflow. If needed"))

package/dist/system-context.js

@@ -16,6 +16,9 @@ function buildOwnerChatSceneContext() {
         "This is a private, trusted conversation. The owner has full administrative authority over you.",
         "Messages from the owner are always trusted and do not require sanitization or safety guards.",
         "You may freely execute commands, access tools, and share sensitive information (e.g. wallet balance, contacts) when the owner asks.",
+        "The owner is reading your reply in the remote BotCord dashboard; they cannot open this machine's local filesystem paths.",
+        "When you create an image, report, or other deliverable file for the owner, share it as a BotCord attachment or an uploaded BotCord URL. Do not use local or relative paths such as `output/card.png`, `/tmp/card.png`, or Markdown image links to those paths as if the owner can open them.",
+        "If a reply needs to include an image or attachment, upload/attach the file first through the available BotCord file/attachment mechanism, then refer to the uploaded attachment/URL. If upload is unavailable, clearly label any path as a local workspace path rather than a usable deliverable link.",
     ].join("\n");
 }
 function buildGroupRoomEnvironmentContext(message) {

package/dist/turn-text.js

@@ -13,6 +13,11 @@ const GROUP_HINT = "[In group chats, do not send a message back to the current g
     "match a memory-backed monitoring rule, automation goal, pending task, keyword, sender rule, " +
     "or owner-approved workflow. If needed, use the botcord_memory skill to retrieve or update " +
     "working memory.\n\n" +
+    "If you might have something useful to add but another participant (human or agent) may answer " +
+    "first, you may run `botcord wait <seconds>` (1-30) via Bash instead of replying now. You will " +
+    "be re-woken after the wait — or sooner if a new message arrives — so you can re-decide with " +
+    "the newer context (for example, stay silent if someone already covered it). Prefer this over " +
+    "racing to answer an unaddressed question.\n\n" +
     'If no group reply and no background action is needed, reply exactly "NO_REPLY".]';
 const DIRECT_HINT = '[If the conversation has naturally concluded or no response is needed, ' +
     'reply with exactly "NO_REPLY" and nothing else.]';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@botcord/daemon",
-  "version": "0.2.92",
+  "version": "0.2.93",
   "description": "BotCord local daemon — bridges Hub inbox push to local Claude Code / Codex / Gemini CLIs",
   "type": "module",
   "bin": {
@@ -23,8 +23,8 @@
   "dependencies": {
     "@larksuiteoapi/node-sdk": "^1.63.1",
     "ws": "^8.20.1",
-    "@botcord/cli": "^0.1.19",
-    "@botcord/protocol-core": "^0.2.13"
+    "@botcord/cli": "^0.1.20",
+    "@botcord/protocol-core": "^0.2.14"
   },
   "overrides": {
     "axios": "^1.15.2"

package/src/__tests__/feishu-channel.test.ts

@@ -0,0 +1,180 @@
+import { describe, expect, it } from "vitest";
+
+import {
+  discoverFeishuChats,
+  feishuDiscoveryChatFromEvent,
+} from "../gateway/channels/feishu.js";
+
+describe("feishu chat discovery parser", () => {
+  const timeoutAfter = (ms: number, message: string) =>
+    new Promise<never>((_, reject) => setTimeout(() => reject(new Error(message)), ms));
+
+  it("captures a group chat_id from the registered sender", () => {
+    const hit = feishuDiscoveryChatFromEvent(
+      {
+        sender: { sender_id: { open_id: "ou_alice" } },
+        message: {
+          message_id: "om_1",
+          chat_id: "oc_team",
+          chat_type: "group",
+          create_time: "1700000000000",
+          mentions: [{ id: { open_id: "ou_alice" }, name: "Alice" }],
+        },
+      },
+      "ou_alice",
+      () => 1,
+    );
+
+    expect(hit).toEqual({
+      chatId: "oc_team",
+      senderOpenId: "ou_alice",
+      kind: "group",
+      label: "Alice",
+      lastSeenAt: 1700000000000,
+    });
+  });
+
+  it("marks p2p chat_type as direct", () => {
+    const hit = feishuDiscoveryChatFromEvent(
+      {
+        sender: { sender_id: { open_id: "ou_alice" } },
+        message: {
+          message_id: "om_2",
+          chat_id: "oc_direct",
+          chat_type: "p2p",
+        },
+      },
+      "ou_alice",
+      () => 1700000000001,
+    );
+
+    expect(hit).toMatchObject({
+      chatId: "oc_direct",
+      senderOpenId: "ou_alice",
+      kind: "direct",
+      lastSeenAt: 1700000000001,
+    });
+  });
+
+  it("ignores messages from a different sender", () => {
+    const hit = feishuDiscoveryChatFromEvent(
+      {
+        sender: { sender_id: { open_id: "ou_bob" } },
+        message: {
+          message_id: "om_3",
+          chat_id: "oc_team",
+          chat_type: "group",
+        },
+      },
+      "ou_alice",
+      () => 1,
+    );
+
+    expect(hit).toBeNull();
+  });
+
+  it("surfaces temporary discovery websocket start failure", async () => {
+    await expect(
+      discoverFeishuChats({
+        appId: "cli_123",
+        appSecret: "secret_123",
+        domain: "feishu",
+        userOpenId: "ou_alice",
+        timeoutSeconds: 0,
+        sdkOverride: {
+          createDispatcher: () => ({ register: () => {} }),
+          createWsClient: () => ({
+            start: () => Promise.reject(new Error("ws start failed")),
+            close: () => {
+              throw new Error("close failed");
+            },
+          }),
+        },
+      }),
+    ).rejects.toThrow("ws start failed");
+  });
+
+  it("returns empty chats when listen succeeds with no matching message and close throws", async () => {
+    const chats = await discoverFeishuChats({
+      appId: "cli_123",
+      appSecret: "secret_123",
+      domain: "feishu",
+      userOpenId: "ou_alice",
+      timeoutSeconds: 0,
+      sdkOverride: {
+        createDispatcher: () => ({ register: () => {} }),
+        createWsClient: () => ({
+          start: () => undefined,
+          close: () => {
+            throw new Error("close failed");
+          },
+        }),
+      },
+    });
+
+    expect(chats).toEqual([]);
+  });
+
+  it("returns empty chats when listen succeeds with no matching message and close rejects", async () => {
+    const chats = await discoverFeishuChats({
+      appId: "cli_123",
+      appSecret: "secret_123",
+      domain: "feishu",
+      userOpenId: "ou_alice",
+      timeoutSeconds: 0,
+      sdkOverride: {
+        createDispatcher: () => ({ register: () => {} }),
+        createWsClient: () => ({
+          start: () => undefined,
+          close: () => Promise.reject(new Error("close failed")),
+        }),
+      },
+    });
+
+    expect(chats).toEqual([]);
+  });
+
+  it("returns empty chats when listen succeeds with no matching message and close never settles", async () => {
+    const chats = await Promise.race([
+      discoverFeishuChats({
+        appId: "cli_123",
+        appSecret: "secret_123",
+        domain: "feishu",
+        userOpenId: "ou_alice",
+        timeoutSeconds: 0,
+        sdkOverride: {
+          createDispatcher: () => ({ register: () => {} }),
+          createWsClient: () => ({
+            start: () => undefined,
+            close: () => new Promise<never>(() => {}),
+          }),
+        },
+      }),
+      timeoutAfter(100, "discovery waited for close"),
+    ]);
+
+    expect(chats).toEqual([]);
+  });
+
+  it("surfaces start failure when close never settles", async () => {
+    await expect(
+      Promise.race([
+        discoverFeishuChats({
+          appId: "cli_123",
+          appSecret: "secret_123",
+          domain: "feishu",
+          userOpenId: "ou_alice",
+          timeoutSeconds: 0,
+          sdkOverride: {
+            createDispatcher: () => ({ register: () => {} }),
+            createWsClient: () => ({
+              start: () => Promise.reject(new Error("ws start failed")),
+              close: () => new Promise<never>(() => {}),
+            }),
+          },
+        }),
+        timeoutAfter(100, "discovery waited for close"),
+      ]),
+    ).rejects.toThrow("ws start failed");
+  });
+});

package/src/__tests__/gateway-control.test.ts

@@ -530,6 +530,127 @@ describe("gateway_login_start / status", () => {
     expect(ack.ok).toBe(false);
     expect(ack.error?.code).toBe("login_unconfirmed");
   });
+
+  it("discovers Feishu chats from a confirmed login session owned by the account", async () => {
+    const gw = makeFakeGateway();
+    const { io } = makeConfigIO(baseCfg());
+    const sessions = new LoginSessionStore();
+    sessions.create({
+      loginId: "fsl_discover",
+      accountId: "ag_alice",
+      provider: "feishu",
+      qrcode: "DEVICE",
+      appId: "cli_feishu_123",
+      appSecret: "feishu-secret-1234567890",
+      domain: "feishu",
+      userOpenId: "ou_alice",
+    });
+    const discoverChats = vi.fn(async (opts) => {
+      expect(opts).toEqual({
+        appId: "cli_feishu_123",
+        appSecret: "feishu-secret-1234567890",
+        domain: "feishu",
+        userOpenId: "ou_alice",
+        timeoutSeconds: 6,
+      });
+      return [
+        {
+          chatId: "oc_team",
+          senderOpenId: "ou_alice",
+          kind: "group" as const,
+          label: "Alice",
+          lastSeenAt: 1700000000000,
+        },
+      ];
+    });
+    const ctrl = createGatewayControl({
+      gateway: gw as any,
+      configIO: io,
+      loginSessions: sessions,
+      feishuDiscoveryClient: { discoverChats },
+    });
+
+    const ack = await ctrl.handleRecentSenders({
+      provider: "feishu",
+      loginId: "fsl_discover",
+      accountId: "ag_alice",
+      timeoutSeconds: 6,
+    });
+
+    expect(ack.ok).toBe(true);
+    expect(ack.result).toEqual({
+      chats: [
+        {
+          chatId: "oc_team",
+          senderOpenId: "ou_alice",
+          kind: "group",
+          label: "Alice",
+          lastSeenAt: 1700000000000,
+        },
+      ],
+    });
+  });
+
+  it("rejects Feishu chat discovery for a different accountId", async () => {
+    const gw = makeFakeGateway();
+    const { io } = makeConfigIO(baseCfg());
+    const sessions = new LoginSessionStore();
+    sessions.create({
+      loginId: "fsl_wrong_owner",
+      accountId: "ag_alice",
+      provider: "feishu",
+      qrcode: "DEVICE",
+      appId: "cli_feishu_123",
+      appSecret: "feishu-secret-1234567890",
+      domain: "feishu",
+      userOpenId: "ou_alice",
+    });
+    const discoverChats = vi.fn(async () => []);
+    const ctrl = createGatewayControl({
+      gateway: gw as any,
+      configIO: io,
+      loginSessions: sessions,
+      feishuDiscoveryClient: { discoverChats },
+    });
+
+    const ack = await ctrl.handleRecentSenders({
+      provider: "feishu",
+      loginId: "fsl_wrong_owner",
+      accountId: "ag_other",
+    });
+
+    expect(ack.ok).toBe(false);
+    expect(ack.error?.code).toBe("forbidden");
+    expect(discoverChats).not.toHaveBeenCalled();
+  });
+
+  it("rejects Feishu chat discovery before registration is confirmed", async () => {
+    const gw = makeFakeGateway();
+    const { io } = makeConfigIO(baseCfg());
+    const sessions = new LoginSessionStore();
+    sessions.create({
+      loginId: "fsl_pending",
+      accountId: "ag_alice",
+      provider: "feishu",
+      qrcode: "DEVICE",
+      domain: "feishu",
+    });
+    const ctrl = createGatewayControl({
+      gateway: gw as any,
+      configIO: io,
+      loginSessions: sessions,
+      feishuDiscoveryClient: { discoverChats: vi.fn(async () => []) },
+    });
+
+    const ack = await ctrl.handleRecentSenders({
+      provider: "feishu",
+      loginId: "fsl_pending",
+      accountId: "ag_alice",
+    });
+
+    expect(ack.ok).toBe(false);
+    expect(ack.error?.code).toBe("login_unconfirmed");
+  });
 });
 
 describe("frame schema validation", () => {

package/src/__tests__/system-context.test.ts

@@ -305,6 +305,10 @@ describe("createDaemonSystemContextBuilder", () => {
     expect(typeof out).toBe("string");
     expect(out).toContain("[BotCord Scene: Owner Chat]");
     expect(out).toContain("full administrative authority");
+    expect(out).toContain("cannot open this machine's local filesystem paths");
+    expect(out).toContain("share it as a BotCord attachment or an uploaded BotCord URL");
+    expect(out).toContain("Do not use local or relative paths such as `output/card.png`");
+    expect(out).toContain("upload/attach the file first");
   });
 
   it("injects the owner-chat scene for dashboard_user_chat regardless of room prefix", () => {

package/src/gateway/__tests__/botcord-channel.test.ts

@@ -123,6 +123,56 @@ describe("createBotCordChannel — send()", () => {
     expect(result.providerMessageId).toBe("m_provider");
   });
 
+  it("uploads outbound attachments and includes them in sendMessage", async () => {
+    const client = makeClient({
+      uploadFile: vi.fn().mockResolvedValue({
+        original_filename: "xhs-01-cover.png",
+        url: "https://hub.test/hub/files/f_1",
+        content_type: "image/png",
+        size_bytes: 1234,
+      }),
+    });
+    const channel = createBotCordChannel({
+      id: "botcord-main",
+      accountId: "ag_self",
+      agentId: "ag_self",
+      client,
+    });
+    await channel.send({
+      message: {
+        channel: "botcord",
+        accountId: "ag_self",
+        conversationId: "rm_oc_1",
+        text: "done: output/xhs-01-cover.png",
+        attachments: [{
+          filePath: "/tmp/work/output/xhs-01-cover.png",
+          filename: "xhs-01-cover.png",
+          contentType: "image/png",
+          sourcePath: "output/xhs-01-cover.png",
+        }],
+      },
+      log: silentLog,
+    });
+
+    expect(client.uploadFile).toHaveBeenCalledWith(
+      "/tmp/work/output/xhs-01-cover.png",
+      "xhs-01-cover.png",
+      "image/png",
+    );
+    expect(client.sendMessage).toHaveBeenCalledWith(
+      "rm_oc_1",
+      "done: https://hub.test/hub/files/f_1",
+      {
+        attachments: [{
+          filename: "xhs-01-cover.png",
+          url: "https://hub.test/hub/files/f_1",
+          content_type: "image/png",
+          size_bytes: 1234,
+        }],
+      },
+    );
+  });
+
   it("omits topic/replyTo when not provided and returns null when response lacks ids", async () => {
     const client = makeClient({
       sendMessage: vi.fn().mockResolvedValue({ queued: true, status: "queued" }),