@chaaskit/server 0.1.0

package/dist/services/slack/notifications.js

@@ -0,0 +1,124 @@
+import { db } from '@chaaskit/db';
+import { getConfig } from '../../config/loader.js';
+import { SlackClient } from './client.js';
+/**
+ * Check if a notification event is enabled in config.
+ */
+function isEventEnabled(event) {
+    const config = getConfig();
+    if (!config.slack?.notifications?.events) {
+        return false;
+    }
+    const eventConfig = config.slack.notifications.events.find(e => e.event === event);
+    return eventConfig?.enabled ?? false;
+}
+/**
+ * Format notification message based on event type.
+ */
+function formatNotificationMessage(payload) {
+    const { event, data } = payload;
+    switch (event) {
+        case 'thread_shared':
+            return [
+                ':outbox_tray: *Thread Shared*',
+                `${data.userName || data.userEmail || 'Someone'} shared "${data.threadTitle || 'a thread'}"`,
+                data.shareUrl ? `View: ${data.shareUrl}` : '',
+            ].filter(Boolean).join('\n');
+        case 'message_liked':
+            return [
+                ':thumbsup: *Message Liked*',
+                `${data.userName || data.userEmail || 'Someone'} liked a response in "${data.threadTitle || 'a thread'}"`,
+            ].join('\n');
+        case 'team_member_joined':
+            return [
+                ':wave: *New Team Member*',
+                `${data.userName || data.userEmail || 'Someone'} joined ${data.teamName || 'the team'}`,
+            ].join('\n');
+        default:
+            return `Notification: ${event}`;
+    }
+}
+/**
+ * Send a notification to a team's Slack workspace.
+ */
+export async function sendSlackNotification(payload) {
+    const config = getConfig();
+    // Check if Slack is enabled
+    if (!config.slack?.enabled) {
+        return false;
+    }
+    // Check if this event type is enabled
+    if (!isEventEnabled(payload.event)) {
+        return false;
+    }
+    // Get the team's Slack integration
+    const integration = await db.slackIntegration.findUnique({
+        where: { teamId: payload.teamId },
+    });
+    if (!integration || integration.status !== 'active') {
+        return false;
+    }
+    // Must have a notification channel configured
+    if (!integration.notificationChannel) {
+        console.log('[Slack] No notification channel configured for team:', payload.teamId);
+        return false;
+    }
+    try {
+        const client = SlackClient.fromEncrypted(integration.encryptedTokens);
+        const message = formatNotificationMessage(payload);
+        const result = await client.postMessage(integration.notificationChannel, message);
+        if (!result.ok) {
+            console.error('[Slack] Failed to send notification:', result.error);
+            return false;
+        }
+        return true;
+    }
+    catch (error) {
+        console.error('[Slack] Error sending notification:', error);
+        return false;
+    }
+}
+/**
+ * Send notification when a thread is shared.
+ */
+export async function notifyThreadShared(teamId, userName, userEmail, threadTitle, shareUrl) {
+    await sendSlackNotification({
+        event: 'thread_shared',
+        teamId,
+        data: {
+            userName: userName || undefined,
+            userEmail,
+            threadTitle,
+            shareUrl,
+        },
+    });
+}
+/**
+ * Send notification when a message is liked.
+ */
+export async function notifyMessageLiked(teamId, userName, userEmail, threadTitle) {
+    await sendSlackNotification({
+        event: 'message_liked',
+        teamId,
+        data: {
+            userName: userName || undefined,
+            userEmail,
+            threadTitle,
+        },
+    });
+}
+/**
+ * Send notification when a team member joins.
+ */
+export async function notifyTeamMemberJoined(teamId, userName, userEmail, teamName) {
+    await sendSlackNotification({
+        event: 'team_member_joined',
+        teamId,
+        data: {
+            userName: userName || undefined,
+            userEmail,
+            teamName,
+        },
+    });
+}
+//# sourceMappingURL=notifications.js.map

package/dist/services/slack/notifications.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"notifications.js","sourceRoot":"","sources":["../../../src/services/slack/notifications.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,EAAE,EAAE,MAAM,cAAc,CAAC;AAClC,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AAEnD,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAc1C;;GAEG;AACH,SAAS,cAAc,CAAC,KAA6B;IACnD,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC;QACzC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,KAAK,CAAC,CAAC;IACnF,OAAO,WAAW,EAAE,OAAO,IAAI,KAAK,CAAC;AACvC,CAAC;AAED;;GAEG;AACH,SAAS,yBAAyB,CAAC,OAA4B;IAC7D,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC;IAEhC,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,eAAe;YAClB,OAAO;gBACL,+BAA+B;gBAC/B,GAAG,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,SAAS,IAAI,SAAS,YAAY,IAAI,CAAC,WAAW,IAAI,UAAU,GAAG;gBAC5F,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE;aAC9C,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAE/B,KAAK,eAAe;YAClB,OAAO;gBACL,4BAA4B;gBAC5B,GAAG,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,SAAS,IAAI,SAAS,yBAAyB,IAAI,CAAC,WAAW,IAAI,UAAU,GAAG;aAC1G,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEf,KAAK,oBAAoB;YACvB,OAAO;gBACL,0BAA0B;gBAC1B,GAAG,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,SAAS,IAAI,SAAS,WAAW,IAAI,CAAC,QAAQ,IAAI,UAAU,EAAE;aACxF,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEf;YACE,OAAO,iBAAiB,KAAK,EAAE,CAAC;IACpC,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,OAA4B;IACtE,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAE3B,4BAA4B;IAC5B,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,CAAC;QAC3B,OAAO,KAAK,CAAC;IACf,CAAC;IAED,sCAAsC;IACtC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACnC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,mCAAmC;IACnC,MAAM,WAAW,GAAG,MAAM,EAAE,CAAC,gBAAgB,CAAC,UAAU,CAAC;QACvD,KAAK,EAAE,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE;KAClC,CAAC,CAAC;IAEH,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;QACpD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,8CAA8C;IAC9C,IAAI,CAAC,WAAW,CAAC,mBAAmB,EAAE,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,sDAAsD,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;QACpF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,WAAW,CAAC,aAAa,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC;QACtE,MAAM,OAAO,GAAG,yBAAyB,CAAC,OAAO,CAAC,CAAC;QAEnD,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,WAAW,CAAC,mBAAmB,EAAE,OAAO,CAAC,CAAC;QAElF,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,sCAAsC,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;YACpE,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,qCAAqC,EAAE,KAAK,CAAC,CAAC;QAC5D,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,MAAc,EACd,QAAmC,EACnC,SAAiB,EACjB,WAAmB,EACnB,QAAgB;IAEhB,MAAM,qBAAqB,CAAC;QAC1B,KAAK,EAAE,eAAe;QACtB,MAAM;QACN,IAAI,EAAE;YACJ,QAAQ,EAAE,QAAQ,IAAI,SAAS;YAC/B,SAAS;YACT,WAAW;YACX,QAAQ;SACT;KACF,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,MAAc,EACd,QAAmC,EACnC,SAAiB,EACjB,WAAmB;IAEnB,MAAM,qBAAqB,CAAC;QAC1B,KAAK,EAAE,eAAe;QACtB,MAAM;QACN,IAAI,EAAE;YACJ,QAAQ,EAAE,QAAQ,IAAI,SAAS;YAC/B,SAAS;YACT,WAAW;SACZ;KACF,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,MAAc,EACd,QAAmC,EACnC,SAAiB,EACjB,QAAgB;IAEhB,MAAM,qBAAqB,CAAC;QAC1B,KAAK,EAAE,oBAAoB;QAC3B,MAAM;QACN,IAAI,EAAE;YACJ,QAAQ,EAAE,QAAQ,IAAI,SAAS;YAC/B,SAAS;YACT,QAAQ;SACT;KACF,CAAC,CAAC;AACL,CAAC"}

package/dist/services/slack/signature.js

@@ -0,0 +1,74 @@
+import crypto from 'crypto';
+import { getConfig } from '../../config/loader.js';
+/**
+ * Verify Slack request signature using HMAC-SHA256.
+ * See: https://api.slack.com/authentication/verifying-requests-from-slack
+ */
+export function verifySlackSignature(signature, timestamp, rawBody) {
+    if (!signature || !timestamp) {
+        return false;
+    }
+    const config = getConfig();
+    const signingSecretEnvVar = config.slack?.signingSecretEnvVar || 'SLACK_SIGNING_SECRET';
+    const signingSecret = process.env[signingSecretEnvVar];
+    if (!signingSecret) {
+        console.error('[Slack] Missing signing secret:', signingSecretEnvVar);
+        return false;
+    }
+    // Verify timestamp to prevent replay attacks (allow 5 minutes)
+    const requestTimestamp = parseInt(timestamp, 10);
+    const now = Math.floor(Date.now() / 1000);
+    if (Math.abs(now - requestTimestamp) > 300) {
+        console.warn('[Slack] Request timestamp too old:', requestTimestamp);
+        return false;
+    }
+    // Construct the base string
+    const baseString = `v0:${timestamp}:${rawBody}`;
+    // Compute HMAC-SHA256
+    const hmac = crypto.createHmac('sha256', signingSecret);
+    hmac.update(baseString);
+    const expectedSignature = `v0=${hmac.digest('hex')}`;
+    // Timing-safe comparison
+    try {
+        return crypto.timingSafeEqual(Buffer.from(signature), Buffer.from(expectedSignature));
+    }
+    catch {
+        // Buffers have different lengths
+        return false;
+    }
+}
+/**
+ * Verify internal secret for self-calling endpoints.
+ */
+export function verifyInternalSecret(headerValue) {
+    const config = getConfig();
+    const internalSecretEnvVar = config.slack?.internalSecretEnvVar || 'SLACK_INTERNAL_SECRET';
+    const internalSecret = process.env[internalSecretEnvVar];
+    if (!internalSecret) {
+        console.error('[Slack] Missing internal secret:', internalSecretEnvVar);
+        return false;
+    }
+    if (!headerValue) {
+        return false;
+    }
+    // Timing-safe comparison
+    try {
+        return crypto.timingSafeEqual(Buffer.from(headerValue), Buffer.from(internalSecret));
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Get the internal secret for self-calling endpoints.
+ */
+export function getInternalSecret() {
+    const config = getConfig();
+    const internalSecretEnvVar = config.slack?.internalSecretEnvVar || 'SLACK_INTERNAL_SECRET';
+    const internalSecret = process.env[internalSecretEnvVar];
+    if (!internalSecret) {
+        throw new Error(`Missing required environment variable: ${internalSecretEnvVar}`);
+    }
+    return internalSecret;
+}
+//# sourceMappingURL=signature.js.map

package/dist/services/slack/signature.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"signature.js","sourceRoot":"","sources":["../../../src/services/slack/signature.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AAEnD;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAClC,SAA6B,EAC7B,SAA6B,EAC7B,OAAe;IAEf,IAAI,CAAC,SAAS,IAAI,CAAC,SAAS,EAAE,CAAC;QAC7B,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,mBAAmB,GAAG,MAAM,CAAC,KAAK,EAAE,mBAAmB,IAAI,sBAAsB,CAAC;IACxF,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;IAEvD,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,OAAO,CAAC,KAAK,CAAC,iCAAiC,EAAE,mBAAmB,CAAC,CAAC;QACtE,OAAO,KAAK,CAAC;IACf,CAAC;IAED,+DAA+D;IAC/D,MAAM,gBAAgB,GAAG,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;IACjD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,gBAAgB,CAAC,GAAG,GAAG,EAAE,CAAC;QAC3C,OAAO,CAAC,IAAI,CAAC,oCAAoC,EAAE,gBAAgB,CAAC,CAAC;QACrE,OAAO,KAAK,CAAC;IACf,CAAC;IAED,4BAA4B;IAC5B,MAAM,UAAU,GAAG,MAAM,SAAS,IAAI,OAAO,EAAE,CAAC;IAEhD,sBAAsB;IACtB,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;IACxD,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IACxB,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;IAErD,yBAAyB;IACzB,IAAI,CAAC;QACH,OAAO,MAAM,CAAC,eAAe,CAC3B,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,EACtB,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAC/B,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,iCAAiC;QACjC,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,WAA+B;IAClE,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,oBAAoB,GAAG,MAAM,CAAC,KAAK,EAAE,oBAAoB,IAAI,uBAAuB,CAAC;IAC3F,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IAEzD,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,kCAAkC,EAAE,oBAAoB,CAAC,CAAC;QACxE,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,yBAAyB;IACzB,IAAI,CAAC;QACH,OAAO,MAAM,CAAC,eAAe,CAC3B,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EACxB,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAC5B,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB;IAC/B,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,oBAAoB,GAAG,MAAM,CAAC,KAAK,EAAE,oBAAoB,IAAI,uBAAuB,CAAC;IAC3F,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IAEzD,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,0CAA0C,oBAAoB,EAAE,CAAC,CAAC;IACpF,CAAC;IAED,OAAO,cAAc,CAAC;AACxB,CAAC"}

package/dist/services/slack/thread-context.js

@@ -0,0 +1,191 @@
+import { db } from '@chaaskit/db';
+/**
+ * Build thread context from Slack conversation history.
+ */
+export async function buildSlackThreadContext(client, channelId, threadTs, botUserId) {
+    // If not in a thread, no context to build
+    if (!threadTs) {
+        return null;
+    }
+    try {
+        const history = await client.getConversationHistory(channelId, {
+            threadTs,
+            limit: 20, // Get last 20 messages in thread
+        });
+        if (!history.ok || !history.messages) {
+            console.error('[Slack] Failed to get thread history:', history.error);
+            return null;
+        }
+        // Convert Slack messages to context format
+        // Messages come newest-first, so reverse them
+        const messages = history.messages
+            .slice()
+            .reverse()
+            .filter(msg => msg.text && msg.ts !== threadTs) // Exclude parent message
+            .map(msg => ({
+            role: (msg.bot_id || msg.user === botUserId ? 'assistant' : 'user'),
+            content: cleanSlackMessage(msg.text || '', botUserId),
+            slackUserId: msg.user,
+        }));
+        return {
+            messages,
+            slackThreadTs: threadTs,
+        };
+    }
+    catch (error) {
+        console.error('[Slack] Error building thread context:', error);
+        return null;
+    }
+}
+/**
+ * Find or create an internal thread for Slack context continuity.
+ */
+export async function findOrCreateInternalThread(teamId, slackChannelId, slackThreadTs) {
+    // If no thread timestamp, always create a new thread
+    if (!slackThreadTs) {
+        const thread = await db.thread.create({
+            data: {
+                title: 'Slack Chat',
+                teamId,
+            },
+        });
+        return thread.id;
+    }
+    // Look for existing event with same channel/thread that has an internal thread
+    const existingEvent = await db.slackMessageEvent.findFirst({
+        where: {
+            slackChannelId,
+            slackThreadTs,
+            internalThreadId: { not: null },
+        },
+        orderBy: { createdAt: 'desc' },
+        select: { internalThreadId: true },
+    });
+    if (existingEvent?.internalThreadId) {
+        // Verify thread still exists
+        const thread = await db.thread.findUnique({
+            where: { id: existingEvent.internalThreadId },
+        });
+        if (thread) {
+            return existingEvent.internalThreadId;
+        }
+    }
+    // Create new internal thread
+    const thread = await db.thread.create({
+        data: {
+            title: 'Slack Thread',
+            teamId,
+        },
+    });
+    return thread.id;
+}
+/**
+ * Get message history from internal thread.
+ */
+export async function getInternalThreadHistory(threadId) {
+    const messages = await db.message.findMany({
+        where: { threadId },
+        orderBy: { createdAt: 'asc' },
+        take: 20, // Last 20 messages
+        select: {
+            role: true,
+            content: true,
+        },
+    });
+    return messages
+        .filter(m => m.role === 'user' || m.role === 'assistant')
+        .map(m => ({
+        role: m.role,
+        content: m.content,
+    }));
+}
+/**
+ * Save a message to internal thread.
+ */
+export async function saveToInternalThread(threadId, role, content) {
+    await db.message.create({
+        data: {
+            threadId,
+            role,
+            content,
+        },
+    });
+    // Update thread's updatedAt
+    await db.thread.update({
+        where: { id: threadId },
+        data: { updatedAt: new Date() },
+    });
+}
+/**
+ * Clean Slack message text:
+ * - Remove @mentions of the bot
+ * - Convert user mentions to readable format
+ * - Handle formatting
+ */
+export function cleanSlackMessage(text, botUserId) {
+    // Remove bot mentions
+    const botMentionRegex = new RegExp(`<@${botUserId}>`, 'g');
+    let cleaned = text.replace(botMentionRegex, '').trim();
+    // Convert user mentions <@U123> to @user
+    cleaned = cleaned.replace(/<@([A-Z0-9]+)>/g, '@user');
+    // Convert links <url|text> to just text or url
+    cleaned = cleaned.replace(/<(https?:\/\/[^|>]+)\|([^>]+)>/g, '$2');
+    cleaned = cleaned.replace(/<(https?:\/\/[^>]+)>/g, '$1');
+    // Convert channel references <#C123|channel-name> to #channel-name
+    cleaned = cleaned.replace(/<#[A-Z0-9]+\|([^>]+)>/g, '#$1');
+    return cleaned.trim();
+}
+/**
+ * Format response for Slack mrkdwn:
+ * - Convert standard markdown to Slack mrkdwn syntax
+ * - Handle bold, italic, strikethrough, links
+ */
+export function formatForSlack(text) {
+    let result = text;
+    // Preserve code blocks first (we don't want to process inside them)
+    const codeBlocks = [];
+    result = result.replace(/```[\s\S]*?```/g, match => {
+        codeBlocks.push(match);
+        return `__CODE_BLOCK_${codeBlocks.length - 1}__`;
+    });
+    // Preserve inline code
+    const inlineCode = [];
+    result = result.replace(/`[^`]+`/g, match => {
+        inlineCode.push(match);
+        return `__INLINE_CODE_${inlineCode.length - 1}__`;
+    });
+    // Convert markdown links [text](url) to Slack format <url|text>
+    result = result.replace(/\[([^\]]+)\]\(([^)]+)\)/g, '<$2|$1>');
+    // Convert markdown bold **text** to Slack bold *text*
+    // Be careful not to convert already single asterisks
+    result = result.replace(/\*\*([^*]+)\*\*/g, '*$1*');
+    // Convert markdown strikethrough ~~text~~ to Slack ~text~
+    result = result.replace(/~~([^~]+)~~/g, '~$1~');
+    // Markdown italic with underscores _text_ already works in Slack
+    // Markdown italic with single asterisks *text* would conflict with Slack bold,
+    // but after converting **bold** to *bold*, remaining single asterisks should be fine
+    // Restore inline code
+    inlineCode.forEach((code, i) => {
+        result = result.replace(`__INLINE_CODE_${i}__`, code);
+    });
+    // Restore code blocks
+    codeBlocks.forEach((block, i) => {
+        result = result.replace(`__CODE_BLOCK_${i}__`, block);
+    });
+    return result;
+}
+/**
+ * System prompt suffix for Slack responses.
+ * Instructs the AI to format responses using Slack's mrkdwn syntax.
+ */
+export const SLACK_FORMAT_INSTRUCTIONS = `
+Format your responses using Slack's mrkdwn syntax:
+- Bold: *bold text*
+- Italic: _italic text_
+- Strikethrough: ~strikethrough~
+- Code: \`inline code\` or \`\`\`code block\`\`\`
+- Links: <https://example.com|link text>
+- Lists: Use - or • for bullets
+- Quotes: >quoted text
+Keep responses concise and well-formatted for chat.`.trim();
+//# sourceMappingURL=thread-context.js.map

package/dist/services/slack/thread-context.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"thread-context.js","sourceRoot":"","sources":["../../../src/services/slack/thread-context.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,EAAE,EAAE,MAAM,cAAc,CAAC;AAYlC;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,MAAmB,EACnB,SAAiB,EACjB,QAAuB,EACvB,SAAiB;IAEjB,0CAA0C;IAC1C,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,sBAAsB,CAAC,SAAS,EAAE;YAC7D,QAAQ;YACR,KAAK,EAAE,EAAE,EAAE,iCAAiC;SAC7C,CAAC,CAAC;QAEH,IAAI,CAAC,OAAO,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;YACrC,OAAO,CAAC,KAAK,CAAC,uCAAuC,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YACtE,OAAO,IAAI,CAAC;QACd,CAAC;QAED,2CAA2C;QAC3C,8CAA8C;QAC9C,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ;aAC9B,KAAK,EAAE;aACP,OAAO,EAAE;aACT,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,EAAE,KAAK,QAAQ,CAAC,CAAC,yBAAyB;aACxE,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACX,IAAI,EAAE,CAAC,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAyB;YAC3F,OAAO,EAAE,iBAAiB,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,EAAE,SAAS,CAAC;YACrD,WAAW,EAAE,GAAG,CAAC,IAAI;SACtB,CAAC,CAAC,CAAC;QAEN,OAAO;YACL,QAAQ;YACR,aAAa,EAAE,QAAQ;SACxB,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,wCAAwC,EAAE,KAAK,CAAC,CAAC;QAC/D,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAC9C,MAAc,EACd,cAAsB,EACtB,aAA4B;IAE5B,qDAAqD;IACrD,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC;YACpC,IAAI,EAAE;gBACJ,KAAK,EAAE,YAAY;gBACnB,MAAM;aACP;SACF,CAAC,CAAC;QACH,OAAO,MAAM,CAAC,EAAE,CAAC;IACnB,CAAC;IAED,+EAA+E;IAC/E,MAAM,aAAa,GAAG,MAAM,EAAE,CAAC,iBAAiB,CAAC,SAAS,CAAC;QACzD,KAAK,EAAE;YACL,cAAc;YACd,aAAa;YACb,gBAAgB,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE;SAChC;QACD,OAAO,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE;QAC9B,MAAM,EAAE,EAAE,gBAAgB,EAAE,IAAI,EAAE;KACnC,CAAC,CAAC;IAEH,IAAI,aAAa,EAAE,gBAAgB,EAAE,CAAC;QACpC,6BAA6B;QAC7B,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC;YACxC,KAAK,EAAE,EAAE,EAAE,EAAE,aAAa,CAAC,gBAAgB,EAAE;SAC9C,CAAC,CAAC;QACH,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,aAAa,CAAC,gBAAgB,CAAC;QACxC,CAAC;IACH,CAAC;IAED,6BAA6B;IAC7B,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC;QACpC,IAAI,EAAE;YACJ,KAAK,EAAE,cAAc;YACrB,MAAM;SACP;KACF,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC,EAAE,CAAC;AACnB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,QAAgB;IAEhB,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC;QACzC,KAAK,EAAE,EAAE,QAAQ,EAAE;QACnB,OAAO,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE;QAC7B,IAAI,EAAE,EAAE,EAAE,mBAAmB;QAC7B,MAAM,EAAE;YACN,IAAI,EAAE,IAAI;YACV,OAAO,EAAE,IAAI;SACd;KACF,CAAC,CAAC;IAEH,OAAO,QAAQ;SACZ,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,IAAI,CAAC,CAAC,IAAI,KAAK,WAAW,CAAC;SACxD,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACT,IAAI,EAAE,CAAC,CAAC,IAA4B;QACpC,OAAO,EAAE,CAAC,CAAC,OAAO;KACnB,CAAC,CAAC,CAAC;AACR,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,QAAgB,EAChB,IAA0B,EAC1B,OAAe;IAEf,MAAM,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC;QACtB,IAAI,EAAE;YACJ,QAAQ;YACR,IAAI;YACJ,OAAO;SACR;KACF,CAAC,CAAC;IAEH,4BAA4B;IAC5B,MAAM,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC;QACrB,KAAK,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE;QACvB,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,EAAE;KAChC,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,IAAY,EAAE,SAAiB;IAC/D,sBAAsB;IACtB,MAAM,eAAe,GAAG,IAAI,MAAM,CAAC,KAAK,SAAS,GAAG,EAAE,GAAG,CAAC,CAAC;IAC3D,IAAI,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IAEvD,yCAAyC;IACzC,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,iBAAiB,EAAE,OAAO,CAAC,CAAC;IAEtD,+CAA+C;IAC/C,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,iCAAiC,EAAE,IAAI,CAAC,CAAC;IACnE,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,uBAAuB,EAAE,IAAI,CAAC,CAAC;IAEzD,mEAAmE;IACnE,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;IAE3D,OAAO,OAAO,CAAC,IAAI,EAAE,CAAC;AACxB,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,cAAc,CAAC,IAAY;IACzC,IAAI,MAAM,GAAG,IAAI,CAAC;IAElB,oEAAoE;IACpE,MAAM,UAAU,GAAa,EAAE,CAAC;IAChC,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,iBAAiB,EAAE,KAAK,CAAC,EAAE;QACjD,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACvB,OAAO,gBAAgB,UAAU,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC;IACnD,CAAC,CAAC,CAAC;IAEH,uBAAuB;IACvB,MAAM,UAAU,GAAa,EAAE,CAAC;IAChC,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,UAAU,EAAE,KAAK,CAAC,EAAE;QAC1C,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACvB,OAAO,iBAAiB,UAAU,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,gEAAgE;IAChE,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,0BAA0B,EAAE,SAAS,CAAC,CAAC;IAE/D,sDAAsD;IACtD,qDAAqD;IACrD,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,kBAAkB,EAAE,MAAM,CAAC,CAAC;IAEpD,0DAA0D;IAC1D,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;IAEhD,iEAAiE;IACjE,+EAA+E;IAC/E,qFAAqF;IAErF,sBAAsB;IACtB,UAAU,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QAC7B,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,iBAAiB,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,sBAAsB;IACtB,UAAU,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;QAC9B,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAG;;;;;;;;;oDASW,CAAC,IAAI,EAAE,CAAC"}

package/dist/services/toolConfirmation.js

@@ -0,0 +1,55 @@
+/**
+ * Tool Confirmation Service
+ *
+ * Determines whether a tool call requires user confirmation based on:
+ * 1. Admin configuration (mode: none, all, whitelist, blacklist)
+ * 2. User's "always allow" settings
+ * 3. Thread-level allowances (tools allowed for this thread)
+ */
+import { getConfig } from '../config/loader.js';
+/**
+ * Check if a tool call requires user confirmation
+ */
+export function checkToolConfirmationRequired(params) {
+    const { serverId, toolName, userSettings, threadAllowedTools } = params;
+    const config = getConfig().mcp?.toolConfirmation;
+    const toolId = `${serverId}:${toolName}`;
+    // 1. Check admin config mode
+    if (!config || config.mode === 'none') {
+        return { required: false, autoApproveReason: 'config_none' };
+    }
+    // 2. Check whitelist mode (listed tools DON'T require confirmation)
+    if (config.mode === 'whitelist') {
+        const tools = config.tools || [];
+        if (tools.includes(toolId) || tools.includes(toolName)) {
+            return { required: false, autoApproveReason: 'whitelist' };
+        }
+        // In whitelist mode, if tool is not in whitelist, check other allowances
+    }
+    // 3. Check blacklist mode (listed tools DO require confirmation)
+    if (config.mode === 'blacklist') {
+        const tools = config.tools || [];
+        // If tool is NOT in the blacklist, it's auto-approved
+        if (!tools.includes(toolId) && !tools.includes(toolName)) {
+            return { required: false, autoApproveReason: 'config_none' };
+        }
+        // Tool is in blacklist, check other allowances below
+    }
+    // 4. Check user's "always allow" settings
+    if (userSettings?.allowedTools?.includes(toolId)) {
+        return { required: false, autoApproveReason: 'user_always' };
+    }
+    // 5. Check thread-level allowance
+    if (threadAllowedTools?.includes(toolId)) {
+        return { required: false, autoApproveReason: 'thread_allowed' };
+    }
+    // 6. If we got here, confirmation is required
+    return { required: true };
+}
+/**
+ * Format a tool result for denial
+ */
+export function createDenialToolResult(toolName) {
+    return `The user denied permission to execute the tool "${toolName}". Please respect their decision and continue the conversation without using this tool, or ask if they'd like to try a different approach.`;
+}
+//# sourceMappingURL=toolConfirmation.js.map

package/dist/services/toolConfirmation.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"toolConfirmation.js","sourceRoot":"","sources":["../../src/services/toolConfirmation.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAoBhD;;GAEG;AACH,MAAM,UAAU,6BAA6B,CAAC,MAA+B;IAC3E,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,kBAAkB,EAAE,GAAG,MAAM,CAAC;IACxE,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC,GAAG,EAAE,gBAAgB,CAAC;IACjD,MAAM,MAAM,GAAG,GAAG,QAAQ,IAAI,QAAQ,EAAE,CAAC;IAEzC,6BAA6B;IAC7B,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;QACtC,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,iBAAiB,EAAE,aAAa,EAAE,CAAC;IAC/D,CAAC;IAED,oEAAoE;IACpE,IAAI,MAAM,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;QAChC,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC;QACjC,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YACvD,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,iBAAiB,EAAE,WAAW,EAAE,CAAC;QAC7D,CAAC;QACD,yEAAyE;IAC3E,CAAC;IAED,iEAAiE;IACjE,IAAI,MAAM,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;QAChC,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC;QACjC,sDAAsD;QACtD,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzD,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,iBAAiB,EAAE,aAAa,EAAE,CAAC;QAC/D,CAAC;QACD,qDAAqD;IACvD,CAAC;IAED,0CAA0C;IAC1C,IAAI,YAAY,EAAE,YAAY,EAAE,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QACjD,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,iBAAiB,EAAE,aAAa,EAAE,CAAC;IAC/D,CAAC;IAED,kCAAkC;IAClC,IAAI,kBAAkB,EAAE,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QACzC,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,CAAC;IAClE,CAAC;IAED,8CAA8C;IAC9C,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;AAC5B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,QAAgB;IACrD,OAAO,mDAAmD,QAAQ,4IAA4I,CAAC;AACjN,CAAC"}