@cgh567/agent 2.4.4 → 2.4.5

package/bin/helios-rpc-wrapper.sh

@@ -10,5 +10,8 @@
 source ~/.bashrc 2>/dev/null || true
 source ~/.profile 2>/dev/null || true
 
+# Canonical repo path — per AGENTS.md, always use Desktop path (not ~/helios-agent stale WSL copy)
+HELIOS_AGENT_ROOT="/mnt/c/Users/chiko/Desktop/Helios/helios-agent-main"
+
 # Delegate to bin/helios with all forwarded args
-exec ~/helios-agent/bin/helios "$@"
+exec "${HELIOS_AGENT_ROOT}/bin/helios" "$@"

package/daemon/helios-api.js

@@ -441,23 +441,24 @@ async function handleCreateTask(req, res, ctx) {
   const resolvedPriority = Number.isFinite(Number(priority)) ? Number(priority) : 2;
 
   try {
+    // HIGH-3: use MERGE when sourceId provided to prevent duplicate tasks on network-error retry
+    const _taskCypher = (sourceId && originKind)
+      ? `MERGE (t:Task {sourceId: \, companyId: \, originKind: \})
+         ON CREATE SET
+           t.id = \, t.title = \, t.status = 'todo', t.priority = toInteger(\),
+           t.assigneeAgentId = \, t.body = \,
+           t.executionPolicyJson = \, t.executionStateJson = \,
+           t.sourceType = \, t.projectId = \, t.createdAt = datetime()
+         ON MATCH SET t.updatedAt = datetime()`
+      : `CREATE (t:Task {
+           id: \, companyId: \, title: \, status: 'todo',
+           priority: toInteger(\), assigneeAgentId: \, body: \,
+           executionPolicyJson: \, executionStateJson: \,
+           sourceType: \, sourceId: \, originKind: \,
+           projectId: \, createdAt: datetime()
+         })`;
     await mgQuery(
-      `CREATE (t:Task {
-         id: $id,
-         companyId: $cid,
-         title: $title,
-         status: 'todo',
-         priority: toInteger($priority),
-         assigneeAgentId: $assigneeAgentId,
-         body: $body,
-         executionPolicyJson: $policyJson,
-         executionStateJson: $stateJson,
-         sourceType: $sourceType,
-         sourceId: $sourceId,
-         originKind: $originKind,
-         projectId: $projectId,
-         createdAt: datetime()
-       })`,
+      _taskCypher,
       {
         id: taskId,
         cid,
@@ -472,7 +473,7 @@ async function handleCreateTask(req, res, ctx) {
         originKind: originKind ? String(originKind) : null,
         projectId: projectId ? String(projectId) : null,
       }
-    );
+    ));
 
     // Phase 2.5-B: OI-P3 fix — write BELONGS_TO_PROJECT edge when projectId is provided
     if (projectId) {
@@ -1947,6 +1948,9 @@ async function handleReviseApproval(req, res, ctx, approvalId) {
     }
     broadcast({ type: 'approval.revised', approvalId, companyId: cid });
 
+    // Record revision in ActivityLogger so the activity feed shows it
+    ctx.activityLogger?.record({ action: 'approval.revise', actor: cid, entityId: approvalId, companyId: cid });
+
     // B-19 fix: create AgentReadySignal so the assigned agent wakes and processes the revision.
     // Without this, the agent that owns the approval's task never re-evaluates after revision.
     setImmediate(async () => {
@@ -1966,6 +1970,9 @@ async function handleReviseApproval(req, res, ctx, approvalId) {
              ON MATCH SET  s.status = 'pending', s.approvalId = $approvalId`,
             { taskId: taskRow.taskId, agentId: taskRow.agentId, cid, approvalId }
           );
+        } else {
+          // MED-8: B-19 — no [:FOR_TASK] edge found; agent not signaled
+          log('warn', 'B-19: no Task linked to approval via FOR_TASK edge -- agent not signaled', { approvalId, cid });
         }
       } catch (sigErr) {
         log('warn', 'B-19: AgentReadySignal creation failed after revision', { approvalId, err: sigErr.message });

package/daemon/helios-company-daemon.js

@@ -2424,7 +2424,8 @@ class AgentDispatcher {
       };
 
       // E-07: Capture stderr to crash log so silent failures become visible.
-      // Use ['ignore', 'ignore', 'pipe'] — stdin/stdout ignored, stderr captured.
+      // Use ['ignore', 'pipe', 'pipe'] — stdin ignored, stdout+stderr both captured for crash log.
+      // Previously used ['ignore', 'ignore', 'pipe'] — pi process may write errors to stdout.
       const transcriptsDir = path.join(__dirname, 'transcripts');
       try { fs.mkdirSync(transcriptsDir, { recursive: true }); } catch (_) {}
 
@@ -2432,13 +2433,13 @@ class AgentDispatcher {
 
       const child = spawnFn(spawnExe, spawnArgs, {
         detached: true,
-        stdio: ['ignore', 'ignore', 'pipe'],
+        stdio: ['ignore', 'pipe', 'pipe'],
         env: spawnEnv,
         windowsHide: true,
         shell: false,
       });
 
-      // Collect stderr chunks for crash log (64KB cap to prevent OOM from chatty workers)
+      // Collect stderr+stdout chunks for crash log (64KB cap per stream to prevent OOM from chatty workers)
       const stderrChunks = [];
       let _stderrBytes = 0;
       const MAX_STDERR_BYTES = 64 * 1024;
@@ -2453,6 +2454,18 @@ class AgentDispatcher {
         // (child.unref() alone is insufficient when a stderr pipe listener is attached)
         child.stderr.unref();
       }
+      // Also capture stdout (pi process may write errors/traces to stdout)
+      const stdoutChunks = [];
+      let _stdoutBytes = 0;
+      if (child.stdout) {
+        child.stdout.on('data', (chunk) => {
+          if (_stdoutBytes < MAX_STDERR_BYTES) {
+            stdoutChunks.push(chunk);
+            _stdoutBytes += chunk.length;
+          }
+        });
+        child.stdout.unref();
+      }
 
       child.on('error', (err) => {
         if (err.code === 'ENOENT') {
@@ -2465,6 +2478,7 @@ class AgentDispatcher {
         // E-07: Write crash log when worker exits with non-zero code
         if (code !== 0) {
           const stderr = stderrChunks.length > 0 ? Buffer.concat(stderrChunks).toString('utf8') : '(no stderr captured)';
+          const stdout = stdoutChunks.length > 0 ? Buffer.concat(stdoutChunks).toString('utf8') : '(no stdout captured)';
           const crashLogPath = path.join(transcriptsDir, `${taskId.replace(/[^a-zA-Z0-9_-]/g, '_')}.crash.log`);
           const crashContent = [
             `=== CRASH LOG: task ${taskId} ===`,
@@ -2477,6 +2491,8 @@ class AgentDispatcher {
             `HELIOS_COMPANY_ID: ${spawnEnv.HELIOS_COMPANY_ID}`,
             `--- stderr ---`,
             stderr,
+            `--- stdout ---`,
+            stdout,
           ].join('\n');
           try {
             fs.writeFileSync(crashLogPath, crashContent, 'utf8');

package/daemon/lib/headroom-proxy-manager.js

@@ -212,6 +212,16 @@ class HeadroomProxyManager {
       });
 
       child.on('exit', (code, signal) => {
+        // On Windows, Node.js reports abnormal OS termination as exit code 4294967295
+        // (0xFFFFFFFF — the unsigned 32-bit representation of -1).
+        // This indicates an OS-level process termination (e.g. OOM, crash).
+        if (code === 4294967295) {
+          process.stderr.write(
+            `[headroom-proxy-manager] WARN: compression server on port ${port} exited with abnormal code 0xFFFFFFFF (-1) — ` +
+            `likely an OOM kill or unhandled exception in the server process. ` +
+            `Scheduling restart with backoff.\n`
+          );
+        }
         appendLog({ event: 'exit', code, signal, port });
         this._child   = null;
         this._baseUrl = null;

package/daemon/routes/inbox.js

@@ -1157,7 +1157,7 @@ module.exports = function({ broadcast } = {}) {
     if (method === 'GET' && tasksMatch) {
       const sourceId = decodeURIComponent(tasksMatch[1]);
       try {
-        const companyId = ctx.companyId || process.env.HELIOS_COMPANY_ID || '';
+        const companyId = ctx.cid || process.env.HELIOS_COMPANY_ID || ''; // CRIT-2: ctx.cid (ctx.companyId always undefined)
         const mg5 = require('../../lib/safe-memgraph');
         // Look up tasks by sourceId (email messageId) — scoped to company
         const cypher = companyId
@@ -1192,6 +1192,49 @@ module.exports = function({ broadcast } = {}) {
       }
     }
 
+    // Phase 2-F: POST /api/inbox/inbound — bridge from helios-mail service
+    // Creates an InboxItem in the main inbox graph so inbound agent emails appear in the unified inbox.
+    // Called fire-and-forget from services/helios-mail after message is inserted into helios-mail DB.
+    if (method === 'POST' && pathname === '/api/inbox/inbound') {
+      let body;
+      try { body = await parseBody(req); } catch { return jsonResponse(res, 400, { error: 'Invalid JSON' }); }
+      const {
+        id, platform = 'helios-mail', senderName = '', senderHandle = '', subject = '',
+        snippet = '', threadId = null, replyChannel = 'helios-mail',
+        priority = 'P2', companyId,
+      } = body;
+      if (!id || typeof id !== 'string') {
+        return jsonResponse(res, 400, { error: 'id is required' });
+      }
+      const scopeCompanyId = companyId || ctx.cid || process.env.HELIOS_COMPANY_ID || '';
+      try {
+        const mg6 = require('../../lib/safe-memgraph');
+        await mg6.rawWrite(
+          MERGE (i:InboxItem {id: })
+           ON CREATE SET
+             i.platform = ,
+             i.senderName = ,
+             i.senderHandle = ,
+             i.subject = ,
+             i.snippet = ,
+             i.threadId = ,
+             i.replyChannel = ,
+             i.priority = ,
+             i.state = 'unread',
+             i.isRead = false,
+             i.companyId = ,
+             i.receivedAt = toString(datetime()),
+             i.createdAt = toString(datetime())
+           ON MATCH SET i.updatedAt = toString(datetime()),
+          { id, platform, senderName, senderHandle, subject, snippet, threadId,
+            replyChannel, priority, companyId: scopeCompanyId }
+        );
+        return jsonResponse(res, 201, { ok: true, id });
+      } catch (err) {
+        return jsonResponse(res, 500, { error: err.message || 'Failed to create inbox item' });
+      }
+    }
+
     // PATCH /api/inbox/:id — update item state (archive, snooze, delegate, read)
     const patchMatch = pathname.match(/^\/api\/inbox\/([^/]+)$/);
     if (method === 'PATCH' && patchMatch) {
@@ -1200,7 +1243,8 @@ module.exports = function({ broadcast } = {}) {
       try { body = await parseBody(req); } catch { jsonResponse(res, 400, { error: 'Invalid JSON' }); return true; }
 
       const { action, until, assignee } = body;
-      const VALID_ACTIONS = ['archive', 'snooze', 'read', 'delegate', 'dismiss', 'addLabel', 'removeLabel', 'assign', 'approve_draft', 'skip', 'send_later', 'cancel_send', 'unsubscribe', 'block_sender', 'send', 'star', 'mute', 'unread'];
+      if (!ctx.mgQuery) { return jsonResponse(res, 503, { error: 'Memgraph not connected' }); } // MED-9
+      const VALID_ACTIONS = ['archive', 'snooze', 'read', 'delegate', 'dismiss', 'addLabel', 'removeLabel', 'assign', 'approve_draft', 'skip', 'send_later', 'cancel_send', 'unsubscribe', 'block_sender', 'send', 'star', 'unstar', 'mute', 'unmute', 'unread'];
       if (!action || !VALID_ACTIONS.includes(action)) {
         jsonResponse(res, 400, { error: 'Invalid action. Supported: ' + VALID_ACTIONS.join(', ') });
         return true;
@@ -1363,13 +1407,18 @@ module.exports = function({ broadcast } = {}) {
         const newState = stateMap[action] || 'read';
 
         // P9B-02: approve_draft — dispatch the DraftAction content before archiving
+        let _draftSent = false;
+        let _draftNotFound = false; // MED-6/7: track when DraftAction not found
         // Previous behavior: just archived the item and discarded the draft.
         // Fixed behavior: look up DraftAction, dispatch via appropriate channel, mark approved, then archive.
         if (action === 'approve_draft') {
           try {
             // itemId format for draft items is "draft-{draftId}"
             const draftId = itemId.startsWith('draft-') ? itemId.slice('draft-'.length) : body.draftId;
-            if (draftId) {
+            if (!draftId) {
+              _draftNotFound = true; // MED-7: prefix-only or missing draftId
+              log('warn', '[approve_draft] no draftId resolvable for itemId: ' + itemId);
+            } else if (draftId) {
               const draftRows = await mg.safeRead(
                 'MATCH (d:DraftAction {id: $draftId}) RETURN d.content AS content, d.type AS type, d.personId AS personId',
                 { draftId }
@@ -1401,7 +1450,7 @@ module.exports = function({ broadcast } = {}) {
                 }
                 // Mark DraftAction as approved regardless of dispatch result
                 await mg.rawWrite(
-                  'MATCH (d:DraftAction {id: $draftId}) SET d.status = "approved", d.approvedAt = localdatetime()',
+                  'MATCH (d:DraftAction {id: $draftId}) WHERE d.status <> "approved" SET d.status = "approved", d.approvedAt = localdatetime()',
                   { draftId }
                 );
               }
@@ -1423,6 +1472,14 @@ module.exports = function({ broadcast } = {}) {
           jsonResponse(res, 200, { ok: true, id: itemId, action, isStarred: true });
           return true;
         }
+        if (action === 'unstar') {
+          await write(
+            'MATCH (i:InboxItem {id: $itemId}) SET i.isStarred = false, i.actionedAt = toString(localdatetime())',
+            { itemId }
+          );
+          jsonResponse(res, 200, { ok: true, id: itemId, action, isStarred: false });
+          return true;
+        }
         if (action === 'mute') {
           await write(
             'MATCH (i:InboxItem {id: $itemId}) SET i.isMuted = true, i.actionedAt = toString(localdatetime())',
@@ -1431,6 +1488,14 @@ module.exports = function({ broadcast } = {}) {
           jsonResponse(res, 200, { ok: true, id: itemId, action, isMuted: true });
           return true;
         }
+        if (action === 'unmute') {
+          await write(
+            'MATCH (i:InboxItem {id: $itemId}) SET i.isMuted = false, i.actionedAt = toString(localdatetime())',
+            { itemId }
+          );
+          jsonResponse(res, 200, { ok: true, id: itemId, action, isMuted: false });
+          return true;
+        }
         if (action === 'unread') {
           await write(
             'MATCH (i:InboxItem {id: $itemId}) SET i.isRead = false, i.actionedAt = toString(localdatetime())',
@@ -1477,7 +1542,7 @@ module.exports = function({ broadcast } = {}) {
         if (action === 'delegate') {
           try {
             // I4-09 fix: include companyId so task is visible in company-scoped queries
-            const delegateCompanyId = ctx.companyId || process.env.HELIOS_COMPANY_ID || '';
+            const delegateCompanyId = ctx.cid || process.env.HELIOS_COMPANY_ID || ''; // CRIT-2 fix
             const delegateRows = await mg.safeRead('MATCH (i:InboxItem {id: $itemId}) RETURN i.subject AS subject, i.priority AS priority', { itemId });
             const subject = (delegateRows && delegateRows[0] && delegateRows[0].subject) || 'inbox item';
             const priorityNum = (delegateRows && delegateRows[0] && delegateRows[0].priority === 'P0') ? 0 : 1;
@@ -1489,7 +1554,7 @@ module.exports = function({ broadcast } = {}) {
               "t.originKind = 'inbox_delegate', t.progressPropagated = false, t.createdAt = localdatetime() " +
               "WITH t " +
               "OPTIONAL MATCH (a:BusinessAgent {status: 'active'}) WHERE a.capabilities CONTAINS 'triage' " +
-              "WITH t, a LIMIT 1 " +
+              "WITH t, a LIMIT 1 WHERE a IS NOT NULL " + // HIGH-4
               "MERGE (s:AgentReadySignal {id: 'signal:inbox:' + a.id + ':' + t.id}) " +
               "ON CREATE SET " +
               "  s.agentId = a.id, " +
@@ -1503,7 +1568,9 @@ module.exports = function({ broadcast } = {}) {
           } catch (_) { /* fail-open: task creation optional */ }
         }
 
-        jsonResponse(res, 200, { ok: true, id: itemId, state: newState, action });
+        // MED-6/7: include draftNotFound in response for approve_draft
+        const _extraFields = action === 'approve_draft' ? { draftNotFound: _draftNotFound } : {};
+        jsonResponse(res, 200, { ok: true, id: itemId, state: newState, action, ..._extraFields });
       } catch (err) {
         jsonResponse(res, 500, { error: err.message || 'Failed to update item' });
       }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@cgh567/agent",
-  "version": "2.4.4",
+  "version": "2.4.5",
   "description": "Helios agent runtime — full stack: extensions, skills, daemon, brain-v2, HEMA, governance",
   "type": "commonjs",
   "bin": {