@cgh567/agent 2.4.3 → 2.4.4

package/daemon/routes/hed.js

@@ -0,0 +1,133 @@
+'use strict';
+
+const { HEDEngine } = require('../lib/hed-engine');
+
+/**
+ * HED API routes — /api/hed/*
+ * Follows the standard Helios router pattern: returns true if handled, false otherwise.
+ * Initialized lazily inside startApi() via createHedRoutes(mgQuery).
+ */
+
+function jsonOk(res, data, status = 200) {
+  res.writeHead(status, {
+    'Content-Type': 'application/json',
+    'Access-Control-Allow-Origin': '*',
+    'Access-Control-Allow-Methods': 'GET, POST, PATCH, OPTIONS',
+    'Access-Control-Allow-Headers': 'Content-Type, Accept',
+  });
+  res.end(JSON.stringify(data));
+}
+
+function jsonErr(res, status, message) {
+  res.writeHead(status, {
+    'Content-Type': 'application/json',
+    'Access-Control-Allow-Origin': '*',
+    'Access-Control-Allow-Methods': 'GET, POST, PATCH, OPTIONS',
+    'Access-Control-Allow-Headers': 'Content-Type, Accept',
+  });
+  res.end(JSON.stringify({ error: message }));
+}
+
+function readBody(req) {
+  return new Promise((resolve, reject) => {
+    let body = '';
+    req.on('data', chunk => { body += chunk; });
+    req.on('end', () => {
+      try { resolve(body ? JSON.parse(body) : {}); }
+      catch (e) { reject(new Error('Invalid JSON body')); }
+    });
+    req.on('error', reject);
+  });
+}
+
+function createHedRoutes(mgQuery) {
+  const engine = new HEDEngine(mgQuery);
+
+  return async function hedRoute(req, res, ctx, pathname, method) {
+    // Only handle /api/hed paths
+    if (!pathname.startsWith('/api/hed')) return false;
+
+    const mg = ctx?.mgQuery ?? mgQuery;
+    const _engine = ctx?.mgQuery ? new HEDEngine(ctx.mgQuery) : engine;
+
+    try {
+      // POST /api/hed — create a new HED
+      if (method === 'POST' && pathname === '/api/hed') {
+        const body = await readBody(req);
+        const { companyId, title, intent, worldStateSnapshot, operations, goalId } = body;
+        if (!companyId || !title || !operations?.length) {
+          jsonErr(res, 400, 'companyId, title, and operations are required');
+          return true;
+        }
+        const result = await _engine.createHED({ companyId, title, intent, worldStateSnapshot, operations, goalId });
+        jsonOk(res, result, 201);
+        return true;
+      }
+
+      // POST /api/hed/:id/approve — HITL approval
+      const approveMatch = method === 'POST' && pathname.match(/^\/api\/hed\/([^/]+)\/approve$/);
+      if (approveMatch) {
+        const hedId = approveMatch[1];
+        const body = await readBody(req);
+        const { approvedBy } = body;
+        await _engine.approveHED(hedId, approvedBy || 'human');
+        jsonOk(res, { hedId, approved: true });
+        return true;
+      }
+
+      // GET /api/hed/:id/review — aggregated review report
+      const reviewMatch = method === 'GET' && pathname.match(/^\/api\/hed\/([^/]+)\/review$/);
+      if (reviewMatch) {
+        const hedId = reviewMatch[1];
+        const operations = await _engine.getOperations(hedId);
+        const findings = operations.map(op => ({
+          opId: op.id,
+          status: op.status,
+          reviewVerdict: op.reviewVerdict || 'pending'
+        }));
+        const aligned = findings.filter(f => f.reviewVerdict === 'ALIGNED').length;
+        const deviated = findings.filter(f => f.reviewVerdict === 'DEVIATED').length;
+        const failed = findings.filter(f => f.reviewVerdict === 'FAILED').length;
+        jsonOk(res, {
+          hedId,
+          findings,
+          summary: { aligned, deviated, failed, pending: findings.length - aligned - deviated - failed }
+        });
+        return true;
+      }
+
+      // PATCH /api/hed/:hedId/operations/:opId — update operation status
+      const opPatchMatch = method === 'PATCH' && pathname.match(/^\/api\/hed\/([^/]+)\/operations\/([^/]+)$/);
+      if (opPatchMatch) {
+        const opId = opPatchMatch[2];
+        const body = await readBody(req);
+        const { status, summary, sessionKey, verdict } = body;
+        if (status === 'done' || status === 'completed') {
+          await _engine.completeOperation(opId, { summary, sessionKey, verdict });
+        }
+        jsonOk(res, { opId, updated: true });
+        return true;
+      }
+
+      // GET /api/hed/:id — get HED + all operations
+      const hedMatch = method === 'GET' && pathname.match(/^\/api\/hed\/([^/]+)$/);
+      if (hedMatch) {
+        const hedId = hedMatch[1];
+        const hed = await _engine.getHED(hedId);
+        if (!hed) { jsonErr(res, 404, 'HED not found'); return true; }
+        const operations = await _engine.getOperations(hedId);
+        jsonOk(res, { ...hed, operations });
+        return true;
+      }
+
+    } catch (err) {
+      console.error('[hed-routes] error:', err.message);
+      jsonErr(res, 500, err.message);
+      return true;
+    }
+
+    return false;
+  };
+}
+
+module.exports = { createHedRoutes };

package/daemon/routes/inbox.js

@@ -5,6 +5,7 @@ const path = require('path');
 const { homedir } = require('os');
 const { spawn } = require('child_process');
 const https = require('https');
+const http = require('http');
 const commitmentStore = require('../commitments/store');
 const { parseExtractionResponse } = require('../commitments/extractor');
 const { extractFromNormalizedBatch, BATCH_THRESHOLD } = require('../commitments/parallel-extractor');
@@ -17,6 +18,23 @@ const ACCOUNTS_JSON = path.join(GMAIL_ACCOUNTS_DIR, 'accounts.json');
 
 let _lastExtractedSet = new Set();
 
+// H4: SSRF guard — block private/loopback addresses in user-supplied URLs
+function isSafeUnsubscribeUrl(urlStr) {
+  try {
+    const u = new URL(urlStr);
+    if (u.protocol !== 'http:' && u.protocol !== 'https:') return false;
+    const h = u.hostname.toLowerCase();
+    // Block loopback, link-local, private ranges, metadata endpoints
+    if (h === 'localhost' || h === '127.0.0.1' || h === '::1') return false;
+    if (h === '0.0.0.0') return false;
+    if (/^169\.254\./.test(h)) return false;  // link-local (AWS metadata)
+    if (/^10\./.test(h)) return false;           // RFC1918
+    if (/^172\.(1[6-9]|2\d|3[01])\./.test(h)) return false;  // RFC1918
+    if (/^192\.168\./.test(h)) return false;    // RFC1918
+    return true;
+  } catch { return false; }
+}
+
 function extractCommitmentsFromItems(items, llmFn) {
   if (!Array.isArray(items)) return;
 
@@ -65,6 +83,63 @@ const EMPTY_STATE = {
 // ─── Triage Process State ───────────────────────────────────────────────────
 const TRIAGE_PID_FILE = path.join(HELIOS_ROOT, 'data', 'triage.pid');
 
+// SP helpers: raw Gmail API calls using the existing token pattern
+async function gmailModifyLabels(token, messageId, addLabels, removeLabels) {
+  const refreshed = await refreshGmailToken(token);
+  const accessToken = refreshed?.access_token || token.access_token;
+  return new Promise((resolve, reject) => {
+    const body = JSON.stringify({ addLabelIds: addLabels || [], removeLabelIds: removeLabels || [] });
+    const options = {
+      hostname: 'gmail.googleapis.com',
+      path: `/gmail/v1/users/me/messages/${encodeURIComponent(messageId)}/modify`,
+      method: 'POST',
+      headers: { 'Authorization': `Bearer ${accessToken}`, 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(body) },
+    };
+    const req = https.request(options, (res) => {
+      let data = '';
+      res.on('data', (c) => data += c);
+      res.on('end', () => { try { resolve(JSON.parse(data)); } catch { resolve({ status: res.statusCode }); } });
+    });
+    req.on('error', reject); req.write(body); req.end();
+  });
+}
+
+async function gmailCreateDraft(token, rawMime) {
+  const refreshed = await refreshGmailToken(token);
+  const accessToken = refreshed?.access_token || token.access_token;
+  const encoded = Buffer.from(rawMime).toString('base64url');
+  return new Promise((resolve, reject) => {
+    const body = JSON.stringify({ message: { raw: encoded } });
+    const options = {
+      hostname: 'gmail.googleapis.com',
+      path: '/gmail/v1/users/me/drafts',
+      method: 'POST',
+      headers: { 'Authorization': `Bearer ${accessToken}`, 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(body) },
+    };
+    const req = https.request(options, (res) => {
+      let data = '';
+      res.on('data', (c) => data += c);
+      res.on('end', () => { try { resolve(JSON.parse(data)); } catch { resolve({ status: res.statusCode }); } });
+    });
+    req.on('error', reject); req.write(body); req.end();
+  });
+}
+
+async function gmailDeleteDraft(token, draftId) {
+  const refreshed = await refreshGmailToken(token);
+  const accessToken = refreshed?.access_token || token.access_token;
+  return new Promise((resolve, reject) => {
+    const options = {
+      hostname: 'gmail.googleapis.com',
+      path: `/gmail/v1/users/me/drafts/${encodeURIComponent(draftId)}`,
+      method: 'DELETE',
+      headers: { 'Authorization': `Bearer ${accessToken}` },
+    };
+    const req = https.request(options, (res) => { res.resume(); res.on('end', resolve); });
+    req.on('error', reject); req.end();
+  });
+}
+
 function isTriageRunning() {
   try {
     const pidStr = require('fs').readFileSync(TRIAGE_PID_FILE, 'utf8').trim();
@@ -1004,15 +1079,15 @@ module.exports = function({ broadcast } = {}) {
       let gmailConnected = false;
       try {
         const acctPath = ACCOUNTS_JSON;
-        if (fs.existsSync(acctPath)) {
-          const accts = JSON.parse(fs.readFileSync(acctPath, "utf-8"));
+        if (existsSync(acctPath)) {
+          const accts = JSON.parse(readFileSync(acctPath, "utf-8"));
           const enabled = (accts.accounts || []).filter(a => a.enabled !== false);
           gmailConnected = enabled.some(a => {
             if (!a.tokenPath) return false;
             const tp = a.tokenPath.replace(/^~/, require("os").homedir());
-            if (!fs.existsSync(tp)) return false;
+            if (!existsSync(tp)) return false;
             try {
-              const tok = JSON.parse(fs.readFileSync(tp, 'utf-8'));
+              const tok = JSON.parse(readFileSync(tp, 'utf-8'));
               // Token is usable if it has a refresh_token (can be auto-refreshed)
               // OR if access_token has not expired yet
               if (tok.refresh_token) return true;
@@ -1030,10 +1105,93 @@ module.exports = function({ broadcast } = {}) {
         generatedAt,
         itemCount,
         gmailConnected,
+        imessageEnabled: process.platform === 'darwin',
+        imessageConnected: (() => {
+          if (process.platform !== 'darwin') return false;
+          try {
+            const chatDbPath = path.join(homedir(), 'Library', 'Messages', 'chat.db');
+            // Use existsSync as a lightweight proxy — actual FDA check happens in channels/imessage/setup
+            // Reading the file header confirms FDA access without loading the full DB
+            const fd = require('fs').openSync(chatDbPath, 'r');
+            require('fs').closeSync(fd);
+            return true;
+          } catch (_) {
+            return false;
+          }
+        })(),
       }));
       return true;
     }
 
+    // SP5: GET /api/inbox/blocked — blocked senders list
+    if (method === 'GET' && pathname === '/api/inbox/blocked') {
+      try {
+        const mg2 = require('../../lib/safe-memgraph');
+        const rows = await mg2.rawRead(`MATCH (bs:BlockedSender) RETURN bs.email AS email, bs.blockedAt AS blockedAt ORDER BY bs.blockedAt DESC`, {});
+        return jsonResponse(res, 200, { blocked: rows || [] });
+      } catch (err) {
+        return jsonResponse(res, 500, { error: err.message || 'Failed to list blocked senders' });
+      }
+    }
+
+    // SP2: GET /api/inbox/scheduled — scheduled sends list
+    if (method === 'GET' && pathname === '/api/inbox/scheduled') {
+      const { getPendingMessages } = (() => { try { return require('../../lib/triage-core/scheduled-sends.js'); } catch { return require('../lib/triage-core/scheduled-sends.js'); } })();
+      return jsonResponse(res, 200, { scheduled: getPendingMessages() || [] });
+    }
+
+    // SP5: DELETE /api/inbox/blocked/:email — unblock sender
+    if (method === 'DELETE' && pathname?.startsWith('/api/inbox/blocked/')) {
+      const email = decodeURIComponent(pathname.slice('/api/inbox/blocked/'.length));
+      try {
+        const mg3 = require('../../lib/safe-memgraph');
+        await mg3.rawWrite(`MATCH (bs:BlockedSender {email: $email}) DETACH DELETE bs`, { email });
+        return jsonResponse(res, 200, { success: true, unblocked: email });
+      } catch (err) {
+        return jsonResponse(res, 500, { error: err.message || 'Failed to unblock sender' });
+      }
+    }
+
+    // Phase 2.5-A: GET /api/inbox/:id/tasks — related tasks for a given sourceId
+    const tasksMatch = pathname?.match(/^\/api\/inbox\/([^\/]+)\/tasks$/);
+    if (method === 'GET' && tasksMatch) {
+      const sourceId = decodeURIComponent(tasksMatch[1]);
+      try {
+        const companyId = ctx.companyId || process.env.HELIOS_COMPANY_ID || '';
+        const mg5 = require('../../lib/safe-memgraph');
+        // Look up tasks by sourceId (email messageId) — scoped to company
+        const cypher = companyId
+          ? `MATCH (t:Task {sourceId: $sourceId, companyId: $cid})
+             RETURN t.id AS id, t.title AS title, t.status AS status,
+                    t.assigneeAgentId AS assigneeAgentId, t.priority AS priority
+             LIMIT 20`
+          : `MATCH (t:Task {sourceId: $sourceId})
+             RETURN t.id AS id, t.title AS title, t.status AS status,
+                    t.assigneeAgentId AS assigneeAgentId, t.priority AS priority
+             LIMIT 20`;
+        const params = companyId ? { sourceId, cid: companyId } : { sourceId };
+        const rows = await mg5.rawRead(cypher, params);
+        return jsonResponse(res, 200, { tasks: rows || [] });
+      } catch (err) {
+        // Fail open — never return 500 for task lookup
+        return jsonResponse(res, 200, { tasks: [] });
+      }
+    }
+
+    // SP3: GET /api/inbox/:id/opens — read receipt open count
+    const opensMatch = pathname?.match(/^\/api\/inbox\/([^\/]+)\/opens$/);
+    if (method === 'GET' && opensMatch) {
+      const emailId = opensMatch[1];
+      try {
+        const mg4 = require('../../lib/safe-memgraph');
+        const rows = await mg4.rawRead(`MATCH (e:Email {messageId: $id})-[:HAS_TRACKING]->(o:OpenEvent) RETURN o.count AS count, o.firstOpenedAt AS firstOpenedAt, o.lastOpenedAt AS lastOpenedAt`, { id: emailId });
+        const opens = rows?.length ? rows : await mg4.rawRead(`MATCH (o:OpenEvent {emailId: $id}) RETURN o.count AS count, o.firstOpenedAt AS firstOpenedAt, o.lastOpenedAt AS lastOpenedAt`, { id: emailId });
+        return jsonResponse(res, 200, { opens: opens || [] });
+      } catch (err) {
+        return jsonResponse(res, 500, { error: err.message || 'Failed to fetch opens' });
+      }
+    }
+
     // PATCH /api/inbox/:id — update item state (archive, snooze, delegate, read)
     const patchMatch = pathname.match(/^\/api\/inbox\/([^/]+)$/);
     if (method === 'PATCH' && patchMatch) {
@@ -1042,7 +1200,7 @@ module.exports = function({ broadcast } = {}) {
       try { body = await parseBody(req); } catch { jsonResponse(res, 400, { error: 'Invalid JSON' }); return true; }
 
       const { action, until, assignee } = body;
-      const VALID_ACTIONS = ['archive', 'snooze', 'read', 'delegate', 'dismiss', 'addLabel', 'removeLabel', 'assign', 'approve_draft', 'skip'];
+      const VALID_ACTIONS = ['archive', 'snooze', 'read', 'delegate', 'dismiss', 'addLabel', 'removeLabel', 'assign', 'approve_draft', 'skip', 'send_later', 'cancel_send', 'unsubscribe', 'block_sender', 'send', 'star', 'mute', 'unread'];
       if (!action || !VALID_ACTIONS.includes(action)) {
         jsonResponse(res, 400, { error: 'Invalid action. Supported: ' + VALID_ACTIONS.join(', ') });
         return true;
@@ -1056,6 +1214,16 @@ module.exports = function({ broadcast } = {}) {
         // optional fail-open operations (learning, delegate task creation).
         const write = ctx.mgQuery;
 
+        // C1 fix: look up the InboxItem so SP1/SP4/SP5 can read emailId + senderEmail
+        let triageItem = null;
+        try {
+          const triageRows = await mg.safeRead(
+            'MATCH (i:InboxItem {id: $id}) RETURN i.emailId AS emailId, i.from AS from LIMIT 1',
+            { id: itemId }
+          );
+          triageItem = triageRows && triageRows[0] ? { emailId: triageRows[0].emailId, from: triageRows[0].from } : null;
+        } catch { /* non-blocking — handlers fall back to itemId */ }
+
         // PAR-06: label mutation actions
         if (action === 'addLabel' || action === 'removeLabel') {
           const itemRows = await mg.safeRead('MATCH (i:InboxItem {id: $id}) RETURN i.labelsJson AS labelsJson', { id: itemId });
@@ -1084,9 +1252,194 @@ module.exports = function({ broadcast } = {}) {
           return true;
         }
 
-        const stateMap = { archive: 'archived', snooze: 'snoozed', read: 'read', delegate: 'delegated', dismiss: 'archived', approve_draft: 'archived', skip: 'read' };
+        // SP1: Snooze — apply SNOOZED label via Gmail API + store snoozeUntil
+        if (action === 'snooze' && body.snoozeUntil) {
+          const token = loadGmailToken();
+          if (token && triageItem && triageItem.emailId) {
+            try { await gmailModifyLabels(token, triageItem.emailId, ['SNOOZED'], ['INBOX']); } catch (e) { console.warn(`[inbox] snooze gmail label failed: ${e.message}`); }
+          }
+          await mg.rawWrite(`MATCH (e:Email {messageId: $mid}) SET e.snoozedUntil = $until, e.snoozed = true`, { mid: triageItem?.emailId || itemId, until: body.snoozeUntil });
+          return jsonResponse(res, 200, { success: true });
+        }
+
+        // SP2: Send Later — create Gmail draft + schedule via scheduled-sends
+        if (action === 'send_later') {
+          const token = loadGmailToken();
+          let draftId;
+          if (token && body.raw) { try { const d = await gmailCreateDraft(token, body.raw); draftId = d.id; } catch (e) { console.warn(`[inbox] send_later draft create failed: ${e.message}`); } }
+          const { scheduleMessage } = (() => { try { return require('../../lib/triage-core/scheduled-sends.js'); } catch { return require('../lib/triage-core/scheduled-sends.js'); } })();
+          const scheduled = scheduleMessage({ to: body.to || '', subject: body.subject || '', body: '', platform: 'email', scheduledAt: body.scheduledSendTime || body.scheduledAt, draftId, accountEmail: loadGmailToken()?.email || '' });
+          return jsonResponse(res, 200, { success: true, scheduled });
+        }
+
+        // SP2: Cancel Send — cancel a pending scheduled send
+        if (action === 'cancel_send') {
+          const { cancelScheduledSend } = (() => { try { return require('../../lib/triage-core/scheduled-sends.js'); } catch { return require('../lib/triage-core/scheduled-sends.js'); } })();
+          const token = loadGmailToken();
+          if (body.draftId && token) { try { await gmailDeleteDraft(token, body.draftId); } catch {} }
+          // M2: clear the in-process undo setTimeout to prevent orphan draft send
+          if (body.draftId && global._heliosUndoHandles) {
+            const undoHandle = global._heliosUndoHandles.get(body.draftId);
+            if (undoHandle) {
+              clearTimeout(undoHandle);
+              global._heliosUndoHandles.delete(body.draftId);
+            }
+          }
+          const cancelled = cancelScheduledSend(body.scheduledId || itemId);
+          return jsonResponse(res, 200, { success: true, cancelled });
+        }
+
+        // SP4: Unsubscribe — call List-Unsubscribe URL + archive
+        if (action === 'unsubscribe') {
+          let unsubUrl = null;
+          try {
+            const rows = await mg.rawRead(`MATCH (e:Email {messageId: $mid}) RETURN e.listUnsubscribeUrl AS url`, { mid: triageItem?.emailId || itemId });
+            unsubUrl = rows?.[0]?.url;
+          } catch {}
+          if (unsubUrl) {
+            if (!isSafeUnsubscribeUrl(unsubUrl)) {
+              console.warn('[inbox] unsubscribe URL blocked by SSRF guard:', unsubUrl);
+              return jsonResponse(res, 200, { success: false, error: 'Unsubscribe URL is not safe' });
+            }
+            try {
+              await new Promise((resolve) => {
+                const u = new URL(unsubUrl);
+                const reqModule = u.protocol === 'https:' ? https : http;
+                const options = { hostname: u.hostname, path: u.pathname + u.search, method: 'POST', headers: { 'Content-Length': 0 } };
+                const reqUnsub = reqModule.request(options, (r) => { r.resume(); r.on('end', resolve); }); reqUnsub.on('error', resolve); reqUnsub.end();
+              });
+            } catch {}
+            const token = loadGmailToken();
+            if (token && triageItem?.emailId) { try { await gmailModifyLabels(token, triageItem.emailId, [], ['INBOX']); } catch {} }
+            try { await mg.rawWrite(`MATCH (e:Email {messageId: $mid}) SET e.unsubscribed = true`, { mid: triageItem?.emailId || itemId }); } catch {}
+            return jsonResponse(res, 200, { success: true, unsubscribed: true });
+          }
+          return jsonResponse(res, 200, { success: false, error: 'No List-Unsubscribe header found' });
+        }
+
+        // SP5: Block Sender — move to TRASH + create BlockedSender node
+        if (action === 'block_sender') {
+          let senderEmail = body.senderEmail;
+          if (!senderEmail) { try { const rows = await mg.rawRead(`MATCH (e:Email {messageId: $mid}) RETURN e.from AS f`, { mid: triageItem?.emailId || itemId }); senderEmail = rows?.[0]?.f; } catch {} }
+          if (senderEmail) {
+            const token = loadGmailToken();
+            if (token && triageItem?.emailId) { try { await gmailModifyLabels(token, triageItem.emailId, ['TRASH'], ['INBOX', 'UNREAD']); } catch (e) { console.warn(`[inbox] block_sender trash failed: ${e.message}`); } }
+            try { await mg.rawWrite(`MERGE (bs:BlockedSender {email: $email}) ON CREATE SET bs.blockedAt = datetime(), bs.emailId = $eid`, { email: senderEmail, eid: triageItem?.emailId || itemId }); } catch {}
+            return jsonResponse(res, 200, { success: true, blocked: senderEmail });
+          }
+          return jsonResponse(res, 200, { success: false, error: 'Could not determine sender email' });
+        }
+
+        // SP7: Send with undo window — create draft, client shows 10s undo toast
+        if (action === 'send') {
+          const token = loadGmailToken();
+          if (!token || !body.raw) return jsonResponse(res, 400, { error: 'raw MIME and token required' });
+          const draftResult = await gmailCreateDraft(token, body.raw);
+          // Store in a short-lived in-process map for cancel; client must call cancel_send within 10s
+          const undoWindowMs = 10_000;
+          const draftId = draftResult.id;
+          // Fire send after undoWindowMs — use global map to allow cancellation
+          if (!global._heliosUndoHandles) global._heliosUndoHandles = new Map();
+          const handle = setTimeout(async () => {
+            global._heliosUndoHandles?.delete(draftId);
+            try {
+              const freshToken = loadGmailToken();
+              if (freshToken) {
+                const refreshed = await refreshGmailToken(freshToken);
+                const at = refreshed?.access_token || freshToken.access_token;
+                await new Promise((resolve, reject) => {
+                  const b = JSON.stringify({ id: draftId });
+                  const opts = { hostname: 'gmail.googleapis.com', path: '/gmail/v1/users/me/drafts/send', method: 'POST', headers: { 'Authorization': `Bearer ${at}`, 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(b) } };
+                  const req = https.request(opts, (r) => { r.resume(); r.on('end', resolve); }); req.on('error', reject); req.write(b); req.end();
+                });
+              }
+            } catch {}
+          }, undoWindowMs);
+          global._heliosUndoHandles.set(draftId, handle);
+          return jsonResponse(res, 200, { success: true, draftId, undoWindowMs });
+        }
+
+        const stateMap = { archive: 'archived', snooze: 'snoozed', read: 'read', delegate: 'delegated', dismiss: 'archived', approve_draft: 'archived', skip: 'read', star: 'starred', mute: 'muted', unread: 'unread' };
         const newState = stateMap[action] || 'read';
 
+        // P9B-02: approve_draft — dispatch the DraftAction content before archiving
+        // Previous behavior: just archived the item and discarded the draft.
+        // Fixed behavior: look up DraftAction, dispatch via appropriate channel, mark approved, then archive.
+        if (action === 'approve_draft') {
+          try {
+            // itemId format for draft items is "draft-{draftId}"
+            const draftId = itemId.startsWith('draft-') ? itemId.slice('draft-'.length) : body.draftId;
+            if (draftId) {
+              const draftRows = await mg.safeRead(
+                'MATCH (d:DraftAction {id: $draftId}) RETURN d.content AS content, d.type AS type, d.personId AS personId',
+                { draftId }
+              );
+              if (draftRows && draftRows[0]) {
+                const draftType = draftRows[0].type || 'email';
+                let draftContent = draftRows[0].content;
+                if (typeof draftContent === 'string') {
+                  try { draftContent = JSON.parse(draftContent); } catch { draftContent = {}; }
+                }
+                draftContent = draftContent || {};
+
+                if (draftType === 'email' && draftContent.to) {
+                  // Build fakeItem with all fields sendGmailReply(item, body) reads:
+                  //   item.senderHandle → To address
+                  //   item.subject → Reply subject line
+                  //   item.rawId → In-Reply-To message ID
+                  //   item.threadId → Gmail thread to append to
+                  const fakeItem = {
+                    senderHandle: draftContent.to,
+                    subject: draftContent.subject || '',
+                    rawId: draftContent.inReplyTo || null,
+                    threadId: draftContent.threadId || null,
+                  };
+                  await sendGmailReply(fakeItem, draftContent.body || draftContent.text || '');
+                } else if (draftType === 'slack' && draftContent.channel) {
+                  const fakeItem = { slack: { channel: draftContent.channel, ts: draftContent.ts || null } };
+                  await sendSlackReply(fakeItem, draftContent.body || draftContent.text || '');
+                }
+                // Mark DraftAction as approved regardless of dispatch result
+                await mg.rawWrite(
+                  'MATCH (d:DraftAction {id: $draftId}) SET d.status = "approved", d.approvedAt = localdatetime()',
+                  { draftId }
+                );
+              }
+            }
+          } catch (draftErr) {
+            // Fail-open: draft dispatch is best-effort — still archive the item
+            // Log so engineers can diagnose dispatch failures
+            (ctx.log || console).warn('[P9B-02] approve_draft dispatch failed:', draftErr.message);
+          }
+          // Fall through to archive the inbox item
+        }
+
+        // H1: star/mute/unread — targeted property writes, no state transition
+        if (action === 'star') {
+          await write(
+            'MATCH (i:InboxItem {id: $itemId}) SET i.isStarred = true, i.actionedAt = toString(localdatetime())',
+            { itemId }
+          );
+          jsonResponse(res, 200, { ok: true, id: itemId, action, isStarred: true });
+          return true;
+        }
+        if (action === 'mute') {
+          await write(
+            'MATCH (i:InboxItem {id: $itemId}) SET i.isMuted = true, i.actionedAt = toString(localdatetime())',
+            { itemId }
+          );
+          jsonResponse(res, 200, { ok: true, id: itemId, action, isMuted: true });
+          return true;
+        }
+        if (action === 'unread') {
+          await write(
+            'MATCH (i:InboxItem {id: $itemId}) SET i.isRead = false, i.actionedAt = toString(localdatetime())',
+            { itemId }
+          );
+          jsonResponse(res, 200, { ok: true, id: itemId, action, isRead: false });
+          return true;
+        }
+
         if (action === 'snooze' && until) {
           // BUG-INB-02 fix: persist snoozedUntil alongside state
           await write(
@@ -1123,6 +1476,8 @@ module.exports = function({ broadcast } = {}) {
         // PAR-09: delegate action — create Task + AgentReadySignal in Memgraph
         if (action === 'delegate') {
           try {
+            // I4-09 fix: include companyId so task is visible in company-scoped queries
+            const delegateCompanyId = ctx.companyId || process.env.HELIOS_COMPANY_ID || '';
             const delegateRows = await mg.safeRead('MATCH (i:InboxItem {id: $itemId}) RETURN i.subject AS subject, i.priority AS priority', { itemId });
             const subject = (delegateRows && delegateRows[0] && delegateRows[0].subject) || 'inbox item';
             const priorityNum = (delegateRows && delegateRows[0] && delegateRows[0].priority === 'P0') ? 0 : 1;
@@ -1130,6 +1485,7 @@ module.exports = function({ broadcast } = {}) {
               "MERGE (t:Task {id: 'inbox-delegate-' + $itemId}) " +
               "ON CREATE SET t.title = 'Review delegated inbox item: ' + $subject, " +
               "t.status = 'todo', t.priority = toInteger($priority), " +
+              "t.companyId = $companyId, " +
               "t.originKind = 'inbox_delegate', t.progressPropagated = false, t.createdAt = localdatetime() " +
               "WITH t " +
               "OPTIONAL MATCH (a:BusinessAgent {status: 'active'}) WHERE a.capabilities CONTAINS 'triage' " +
@@ -1142,7 +1498,7 @@ module.exports = function({ broadcast } = {}) {
               "  s.origin = 'inbox_action', " +
               "  s.taskId = t.id, " +
               "  s.createdAt = localdatetime()",
-              { itemId, subject, priority: priorityNum }
+              { itemId, subject, priority: priorityNum, companyId: delegateCompanyId }
             );
           } catch (_) { /* fail-open: task creation optional */ }
         }
@@ -1154,13 +1510,46 @@ module.exports = function({ broadcast } = {}) {
       return true;
     }
 
+    // POST /api/inbox/:id/feedback — F15 learning loop signal
+    if (method === 'POST' && /^\/api\/inbox\/[^/]+\/feedback$/.test(pathname)) {
+      const itemId = decodeURIComponent(pathname.split('/')[3]);
+      let body = '';
+      req.on('data', chunk => { body += chunk; });
+      req.on('end', () => {
+        try {
+          const { actualPriority, actualAction, suggestedPriority, senderHandle } = JSON.parse(body || '{}');
+          if (actualPriority) {
+            try {
+              const { recordDecision } = require('../../lib/triage-core/learning.js');
+              recordDecision({
+                messageId: itemId,
+                senderHandle: senderHandle || '',
+                platform: 'dashboard',
+                suggestedPriority: suggestedPriority || null,
+                actualPriority,
+                suggestedAction: null,
+                actualAction: actualAction || 'unknown',
+                agreedWithSuggestion: suggestedPriority ? actualPriority === suggestedPriority : false,
+                timestamp: new Date().toISOString(),
+              });
+            } catch (_) { /* fail-open */ }
+          }
+          jsonResponse(res, 200, { success: true });
+        } catch (err) {
+          jsonResponse(res, 400, { error: 'Invalid feedback payload' });
+        }
+      });
+      return true;
+    }
+
     // OPTIONS preflight
     if (method === 'OPTIONS' && (
       pathname === '/api/inbox' ||
       pathname === '/api/inbox/reply' ||
       pathname === '/api/inbox/refresh' ||
       pathname === '/api/inbox/status' ||
-      /^\/api\/inbox\/[^/]+$/.test(pathname)
+      /^\/api\/inbox\/[^/]+$/.test(pathname) ||
+      /^\/api\/inbox\/[^/]+\/feedback$/.test(pathname)
     )) {
       res.writeHead(204, makeCorsHeaders(req));
       res.end();