@controlflow-ai/daemon 0.1.1 → 0.1.3

package/src/daemon.ts

@@ -6,10 +6,14 @@ import { DEFAULT_DAEMON_PORT, DEFAULT_HOST, agentHomePath, defaultDaemonToken, d
 import { writeFailureMessage } from './failure-message.js';
 import { formatMessage } from './format.js';
 import { startLocalApi } from './local-api.js';
+import type { LocalApiAgentPrincipal } from './local-auth.js';
 import { loadOrCreateDaemonToken } from './token-file.js';
 import type { ComputerAgentAssignment, Message, MessageDelivery } from './types.js';
 import type { AgentRuntime } from './agent-runtime.js';
 import { knownRuntimeNames, resolveRuntimeDriver } from './runtime-registry.js';
+import { buildRuntimeLaunchContext, type AgentPermissionProfile } from './agent-permissions.js';
+import { hydrateRuntimeEnv, logEnvReport } from './runtime-env.js';
+import type { RuntimeAttachment } from './agent-runtime.js';
 
 interface DaemonState {
   daemonId: string;
@@ -23,11 +27,136 @@ interface DaemonState {
 interface ManagedAgent {
   agent: string;
   runtimeProvider: string;
+  runtimeModel: string | null;
   agentUuid: string;
   agentHome: string;
   projectCwd: string;
 }
 
+export interface SteeredDelivery {
+  id: string;
+  claimToken: string;
+}
+
+export interface ActiveRunHandle {
+  key: string;
+  agent: string;
+  chatId: string;
+  runId: string;
+  sessionId: string;
+  runtimeSessionId: string | null;
+  supportsSteer: boolean;
+  steeredDeliveries: SteeredDelivery[];
+  steer(message: Message): Promise<void>;
+}
+
+export type ActiveRunMap = Map<string, ActiveRunHandle>;
+
+export class RuntimeLocalTokenRegistry {
+  private readonly tokens = new Map<string, LocalApiAgentPrincipal>();
+
+  create(input: { agent: string; runId: string; chatId: string }): string {
+    const token = `palrt_${crypto.randomUUID()}`;
+    this.tokens.set(token, { kind: 'agent', agent: input.agent, runId: input.runId, chatId: input.chatId });
+    return token;
+  }
+
+  lookup(token: string): LocalApiAgentPrincipal | null {
+    return this.tokens.get(token) ?? null;
+  }
+
+  revoke(token: string): void {
+    this.tokens.delete(token);
+  }
+}
+
+export function activeRunKey(agent: string, chatId: string): string {
+  return `${agent}\0${chatId}`;
+}
+
+export function shouldStopDaemonForHeartbeatError(error: unknown): boolean {
+  const message = error instanceof Error ? error.message : String(error);
+  return message.includes('CONNECTION_REVOKED')
+    || message.includes('computer connection is not active')
+    || message.includes('connection auth is required')
+    || message.includes('invalid computer credential');
+}
+
+export function shouldRetryDaemonConnectError(error: unknown): boolean {
+  const message = error instanceof Error ? error.message : String(error);
+  return message.includes('fetch failed')
+    || message.includes('Unable to connect')
+    || message.includes('ECONNREFUSED')
+    || message.includes('ECONNRESET')
+    || message.includes('EPIPE')
+    || message.includes('UND_ERR')
+    || message.includes('Unexpected end of JSON input')
+    || message.includes('request failed: 502')
+    || message.includes('request failed: 503')
+    || message.includes('request failed: 504');
+}
+
+export function isDeliveryConnectionSuperseded(currentConnectionId: string | null | undefined, runConnectionId: string | null | undefined): boolean {
+  return Boolean(runConnectionId && currentConnectionId && runConnectionId !== currentConnectionId);
+}
+
+export interface RepeatedWarningState {
+  lastKey: string | null;
+  lastLoggedAtMs: number;
+  suppressed: number;
+}
+
+export function defaultRepeatedWarningState(): RepeatedWarningState {
+  return { lastKey: null, lastLoggedAtMs: 0, suppressed: 0 };
+}
+
+export function consumeRepeatedWarning(state: RepeatedWarningState, input: {
+  key: string;
+  nowMs: number;
+  minIntervalMs: number;
+}): { shouldLog: boolean; suppressed: number } {
+  const keyChanged = state.lastKey !== input.key;
+  const intervalElapsed = input.nowMs - state.lastLoggedAtMs >= input.minIntervalMs;
+  if (keyChanged || intervalElapsed) {
+    const suppressed = state.suppressed;
+    state.lastKey = input.key;
+    state.lastLoggedAtMs = input.nowMs;
+    state.suppressed = 0;
+    return { shouldLog: true, suppressed };
+  }
+  state.suppressed += 1;
+  return { shouldLog: false, suppressed: state.suppressed };
+}
+
+export type PendingDeliveryAction =
+  | { kind: 'start'; delivery: MessageDelivery; key: string }
+  | { kind: 'steer'; delivery: MessageDelivery; key: string; active: ActiveRunHandle }
+  | { kind: 'skip'; delivery: MessageDelivery; key: string; reason: 'starting' | 'active-no-steer' };
+
+const PENDING_DELIVERY_CANDIDATE_LIMIT = 100;
+
+export function planPendingDeliveryActions(agent: string, deliveries: MessageDelivery[], activeRuns: ActiveRunMap): PendingDeliveryAction[] {
+  const actions: PendingDeliveryAction[] = [];
+  const startingKeys = new Set<string>();
+  for (const delivery of deliveries) {
+    const key = activeRunKey(agent, delivery.chat_id);
+    const active = activeRuns.get(key);
+    if (active) {
+      actions.push(active.supportsSteer
+        ? { kind: 'steer', delivery, key, active }
+        : { kind: 'skip', delivery, key, reason: 'active-no-steer' });
+      continue;
+    }
+    if (startingKeys.has(key)) {
+      actions.push({ kind: 'skip', delivery, key, reason: 'starting' });
+      continue;
+    }
+    startingKeys.add(key);
+    actions.push({ kind: 'start', delivery, key });
+  }
+  return actions;
+}
+
 function usage(): string {
   return `pal daemon
 
@@ -37,6 +166,7 @@ Usage:
 
 The daemon connects one computer to the server, claims deliveries for assigned agents, and starts one agent run for each claimed delivery.
 Runs have no default timeout; use the web control page or API to kill/restart a run.
+Use --verbose or PAL_DAEMON_VERBOSE_TICKS=1 to log empty reconcile ticks.
 `;
 }
 
@@ -75,18 +205,224 @@ function writeState(path: string, state: DaemonState): void {
   writeFileSync(path, `${JSON.stringify(state, null, 2)}\n`);
 }
 
+function runtimeAttachmentsForMessage(input: {
+  message: Message;
+}): RuntimeAttachment[] {
+  const attachments = input.message.attachments ?? [];
+  if (attachments.length === 0) return [];
+  return attachments.map((attachment) => ({
+    id: attachment.id,
+    messageId: input.message.id,
+    kind: attachment.kind,
+    mimeType: attachment.mime_type,
+    filename: attachment.filename,
+    path: attachment.path,
+  }));
+}
+
 function sleep(ms: number): Promise<void> {
   return new Promise((resolve) => setTimeout(resolve, ms));
 }
 
-async function resolveRuntime(agent: string, serverUrl: string, agentUuid: string): Promise<AgentRuntime> {
+function deliveryWebSocketUrl(serverUrl: string): string {
+  const url = new URL(serverUrl);
+  url.protocol = url.protocol === 'https:' ? 'wss:' : 'ws:';
+  url.pathname = '/api/daemon/ws';
+  url.search = '';
+  return url.toString();
+}
+
+export interface DeliverySocketHandle {
+  stop(): void;
+  isOpen(): boolean;
+}
+
+const DELIVERY_WS_PING_INTERVAL_MS = 30_000;
+const DELIVERY_WS_PONG_TIMEOUT_MS = 10_000;
+
+export class DeliveryWakeQueue {
+  private pendingAgents = new Set<string>();
+  private pendingAll = false;
+  private timer: ReturnType<typeof setTimeout> | null = null;
+  private readonly delayMs: number;
+
+  constructor(
+    private readonly flush: (agent?: string) => void,
+    options: { delayMs?: number } = {},
+  ) {
+    this.delayMs = Math.max(0, options.delayMs ?? 0);
+  }
+
+  enqueue(agent?: string): void {
+    if (agent) {
+      if (!this.pendingAll) this.pendingAgents.add(agent);
+    } else {
+      this.pendingAll = true;
+      this.pendingAgents.clear();
+    }
+    if (this.timer) return;
+    this.timer = setTimeout(() => this.drain(), this.delayMs);
+  }
+
+  drainNow(): void {
+    if (this.timer) clearTimeout(this.timer);
+    this.drain();
+  }
+
+  stop(): void {
+    if (this.timer) clearTimeout(this.timer);
+    this.timer = null;
+    this.pendingAll = false;
+    this.pendingAgents.clear();
+  }
+
+  private drain(): void {
+    this.timer = null;
+    if (this.pendingAll) {
+      this.pendingAll = false;
+      this.pendingAgents.clear();
+      this.flush();
+      return;
+    }
+    const agents = Array.from(this.pendingAgents);
+    this.pendingAgents.clear();
+    for (const agent of agents) this.flush(agent);
+  }
+}
+
+export function startDeliveryWebSocket(input: {
+  serverUrl: string;
+  computerId: string;
+  connectionId: string;
+  token: string;
+  onDelivery(agent?: string): void;
+  pingIntervalMs?: number;
+  pongTimeoutMs?: number;
+}): DeliverySocketHandle {
+  let stopped = false;
+  let ws: WebSocket | null = null;
+  let reconnectTimer: ReturnType<typeof setTimeout> | null = null;
+  let pingTimer: ReturnType<typeof setInterval> | null = null;
+  let pongTimer: ReturnType<typeof setTimeout> | null = null;
+  let attempt = 0;
+  const pingIntervalMs = input.pingIntervalMs ?? DELIVERY_WS_PING_INTERVAL_MS;
+  const pongTimeoutMs = input.pongTimeoutMs ?? DELIVERY_WS_PONG_TIMEOUT_MS;
+
+  const clearKeepalive = () => {
+    if (pingTimer) clearInterval(pingTimer);
+    if (pongTimer) clearTimeout(pongTimer);
+    pingTimer = null;
+    pongTimer = null;
+  };
+
+  const closeUnhealthySocket = (reason: string) => {
+    const current = ws;
+    if (!current || current.readyState === WebSocket.CLOSED || current.readyState === WebSocket.CLOSING) return;
+    console.warn(`[daemon] delivery websocket ${reason}; reconnecting`);
+    current.close(4000, reason);
+  };
+
+  const sendPing = () => {
+    if (!ws || ws.readyState !== WebSocket.OPEN) return;
+    try {
+      ws.send('ping');
+    } catch {
+      closeUnhealthySocket('ping send failed');
+      return;
+    }
+    if (pongTimer) clearTimeout(pongTimer);
+    pongTimer = setTimeout(() => closeUnhealthySocket('pong timeout'), pongTimeoutMs);
+  };
+
+  const connect = () => {
+    if (stopped) return;
+    const url = deliveryWebSocketUrl(input.serverUrl);
+    try {
+      ws = new (WebSocket as unknown as { new(url: string, options: Bun.WebSocketOptions): WebSocket })(url, {
+        headers: {
+          'x-pal-computer-id': input.computerId,
+          'x-pal-connection-id': input.connectionId,
+          'x-pal-connection-token': input.token,
+        },
+      });
+    } catch (error) {
+      scheduleReconnect(error);
+      return;
+    }
+
+    ws.addEventListener('open', () => {
+      attempt = 0;
+      console.log(`[daemon] delivery websocket connected ${url}`);
+      clearKeepalive();
+      if (pingIntervalMs > 0) {
+        pingTimer = setInterval(sendPing, pingIntervalMs);
+        sendPing();
+      }
+    });
+    ws.addEventListener('message', (event) => {
+      let frame: { type?: string; agent?: string; delivery?: { agent?: string } };
+      try {
+        frame = JSON.parse(String(event.data));
+      } catch {
+        return;
+      }
+      if (frame.type === 'delivery') {
+        input.onDelivery(frame.delivery?.agent);
+      } else if (frame.type === 'pending') {
+        input.onDelivery(frame.agent);
+      } else if (frame.type === 'pong') {
+        if (pongTimer) clearTimeout(pongTimer);
+        pongTimer = null;
+      }
+    });
+    ws.addEventListener('close', () => {
+      clearKeepalive();
+      if (!stopped) scheduleReconnect();
+    });
+    ws.addEventListener('error', (event) => {
+      if (!stopped) console.log(`[daemon] delivery websocket error: ${String(event.type)}`);
+    });
+  };
+
+  const scheduleReconnect = (error?: unknown) => {
+    if (stopped || reconnectTimer) return;
+    if (error) {
+      console.warn(`[daemon] delivery websocket connect failed: ${error instanceof Error ? error.message : String(error)}`);
+    }
+    attempt += 1;
+    const delay = Math.min(10_000, 250 * 2 ** Math.min(attempt, 5));
+    reconnectTimer = setTimeout(() => {
+      reconnectTimer = null;
+      connect();
+    }, delay);
+  };
+
+  connect();
+  return {
+    stop() {
+      stopped = true;
+      if (reconnectTimer) clearTimeout(reconnectTimer);
+      reconnectTimer = null;
+      clearKeepalive();
+      ws?.close(1000, 'daemon stopping');
+      ws = null;
+    },
+    isOpen() {
+      return ws?.readyState === WebSocket.OPEN;
+    },
+  };
+}
+
+async function resolveRuntime(agent: string, serverUrl: string, agentUuid: string): Promise<{ runtime: AgentRuntime; runtimeModel: string | null }> {
   let configuredRuntime: string | null | undefined;
+  let configuredModel: string | null | undefined;
   try {
     const response = await fetch(`${serverUrl.replace(/\/$/, '')}/api/agents`);
     if (response.ok) {
-      const payload = await response.json() as { data?: { agents: Array<{ agent_key: string; runtime: string | null }> } };
+      const payload = await response.json() as { data?: { agents: Array<{ agent_key: string; runtime: string | null; model?: string | null }> } };
       const configured = payload.data?.agents.find((a) => a.agent_key === agent);
       configuredRuntime = configured?.runtime;
+      configuredModel = configured?.model;
     }
   } catch (error) {
     throw new Error(`Could not resolve runtime for agent '${agent}' from ${serverUrl}: ${error instanceof Error ? error.message : String(error)}`);
@@ -95,7 +431,114 @@ async function resolveRuntime(agent: string, serverUrl: string, agentUuid: strin
   if (!configuredRuntime) {
     throw new Error(`Agent '${agent}' has no runtime configured. Configure it via POST /api/agents or PATCH /api/agents/<key>. Supported runtimes: ${knownRuntimeNames().join(', ')}.`);
   }
-  return resolveRuntimeDriver(configuredRuntime, agentUuid);
+  return {
+    runtime: await resolveRuntimeDriver(configuredRuntime, agentUuid, configuredModel),
+    runtimeModel: configuredModel?.trim() || null,
+  };
+}
+
+async function fetchConfiguredRuntimeModel(agent: string, serverUrl: string): Promise<string | null> {
+  try {
+    const response = await fetch(`${serverUrl.replace(/\/$/, '')}/api/agents`);
+    if (!response.ok) return null;
+    const payload = await response.json() as { data?: { agents: Array<{ agent_key: string; model?: string | null }> } };
+    return payload.data?.agents.find((item) => item.agent_key === agent)?.model?.trim() || null;
+  } catch {
+    return null;
+  }
+}
+
+async function loadPermissionProfile(client: LockClient, agent: string): Promise<AgentPermissionProfile> {
+  const profile = await client.fetchPermissionProfile(agent);
+  return {
+    filesystemMode: profile.filesystem_mode,
+    extraWritableRoots: profile.extra_writable_roots,
+  };
+}
+
+async function ackSteeredDeliveries(
+  client: LockClient,
+  active: ActiveRunHandle,
+  options: { daemonId: string; connectionId?: string | null },
+  runId: string,
+): Promise<void> {
+  for (const steered of active.steeredDeliveries) {
+    await client.ackDelivery(steered.id, {
+      daemon_id: options.daemonId,
+      connection_id: options.connectionId,
+      claim_token: steered.claimToken,
+      run_id: runId,
+    }).catch((error) => {
+      console.warn(`[daemon] failed to ack steered delivery ${steered.id}: ${error instanceof Error ? error.message : String(error)}`);
+    });
+  }
+}
+
+async function failSteeredDeliveries(
+  client: LockClient,
+  active: ActiveRunHandle,
+  options: { daemonId: string; connectionId?: string | null },
+  runId: string,
+  error: string,
+): Promise<void> {
+  for (const steered of active.steeredDeliveries) {
+    await client.failDelivery(steered.id, {
+      daemon_id: options.daemonId,
+      connection_id: options.connectionId,
+      claim_token: steered.claimToken,
+      run_id: runId,
+      error,
+    }).catch((failError) => {
+      console.warn(`[daemon] failed to fail steered delivery ${steered.id}: ${failError instanceof Error ? failError.message : String(failError)}`);
+    });
+  }
+}
+
+async function ackCoveredPendingDeliveries(
+  client: LockClient,
+  input: {
+    agent: string;
+    chatId: string;
+    triggerMessageId: number;
+    maxCoveredMessageId: number;
+    daemonId: string;
+    connectionId?: string | null;
+    computerId?: string | null;
+    runId: string;
+  },
+): Promise<void> {
+  if (input.maxCoveredMessageId <= input.triggerMessageId) return;
+  const pending = await client.listDeliveries(input.agent, 'pending', PENDING_DELIVERY_CANDIDATE_LIMIT);
+  const covered = pending.filter((delivery) => (
+    delivery.chat_id === input.chatId
+    && delivery.message_id > input.triggerMessageId
+    && delivery.message_id <= input.maxCoveredMessageId
+  ));
+  for (const delivery of covered) {
+    try {
+      console.log(`[daemon] ack covered pending delivery=${delivery.id} run=${input.runId} message=${delivery.message_id}`);
+      const claimed = await client.claimDelivery(delivery.id, {
+        daemon_id: input.daemonId,
+        connection_id: input.connectionId,
+        computer_id: input.computerId,
+        steer_run_id: input.runId,
+      });
+      if (!claimed.claim_token) throw new Error(`covered delivery ${delivery.id} was claimed without a claim token`);
+      await client.ackDelivery(claimed.id, {
+        daemon_id: input.daemonId,
+        connection_id: input.connectionId,
+        claim_token: claimed.claim_token,
+        run_id: input.runId,
+      });
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      if (message.includes('pending delivery') && message.includes('was not found')) {
+        console.log(`[daemon] covered pending delivery already claimed delivery=${delivery.id}`);
+      } else {
+        console.warn(`[daemon] failed to ack covered pending delivery ${delivery.id}: ${message}`);
+      }
+    }
+  }
 }
 
 async function executeRun(client: LockClient, delivery: MessageDelivery, message: Message, options: {
@@ -114,12 +557,18 @@ async function executeRun(client: LockClient, delivery: MessageDelivery, message
   computerId?: string | null;
   connectionId?: string | null;
   runtimeProvider: string;
+  runtimeModel?: string | null;
+  permissionProfile: AgentPermissionProfile;
+  runtimeTokens?: RuntimeLocalTokenRegistry;
   isConnectionRevoked?: () => boolean;
   abortSignal?: AbortSignal;
+  runtimeEnv?: NodeJS.ProcessEnv;
+  activeRuns?: ActiveRunMap;
 }): Promise<'done' | 'restart'> {
   if (!delivery.claim_token) throw new Error(`delivery ${delivery.id} is not claimed`);
 
-  const runtime = await resolveRuntime(options.agent, options.serverUrl, options.agentUuid);
+  const runtimeModel = options.runtimeModel ?? await fetchConfiguredRuntimeModel(options.agent, options.serverUrl);
+  const runtime = await resolveRuntimeDriver(options.runtimeProvider, options.agentUuid, runtimeModel);
   const logPrefix = `[${runtime.name}]`;
 
   console.log(`${logPrefix} session getOrCreate chat=${message.chat_id} agent=${options.agent} daemon=${options.daemonId} agentHome=${options.agentHome} projectCwd=${options.projectCwd}`);
@@ -151,24 +600,83 @@ async function executeRun(client: LockClient, delivery: MessageDelivery, message
     delivery_id: delivery.id,
   });
   console.log(`${logPrefix} run=${run.id} status=${run.status}`);
+  const deliveryContext = await client.getDeliveryContext({
+    agent: options.agent,
+    chatId: message.chat_id,
+    messageId: message.id,
+    limit: 50,
+  }).catch((error) => {
+    console.warn(`${logPrefix} delivery context unavailable: ${error instanceof Error ? error.message : String(error)}`);
+    return null;
+  });
+  const runtimeLocalToken = options.runtimeTokens?.create({ agent: options.agent, runId: run.id, chatId: message.chat_id });
+  const key = activeRunKey(options.agent, message.chat_id);
+  const activeHandle: ActiveRunHandle = {
+    key,
+    agent: options.agent,
+    chatId: message.chat_id,
+    runId: run.id,
+    sessionId: session.id,
+    runtimeSessionId: session.runtime_session_id,
+    supportsSteer: runtime.capabilities.supportsSteer && typeof runtime.steerActiveRun === 'function',
+    steeredDeliveries: [],
+    steer: async (steerMessage) => {
+      if (!runtime.capabilities.supportsSteer || !runtime.steerActiveRun) {
+        throw new Error(`runtime ${runtime.name} does not support active steer`);
+      }
+      await runtime.steerActiveRun({
+        agent: options.agent,
+        serverUrl: options.serverUrl,
+        runId: run.id,
+        sessionId: session.id,
+        runtimeSessionId: activeHandle.runtimeSessionId,
+        message: steerMessage,
+        cwd: options.agentHome,
+        agentHome: options.agentHome,
+        projectCwd: options.projectCwd,
+        localDaemonUrl: options.localDaemonUrl,
+        localDaemonToken: runtimeLocalToken ?? options.localDaemonToken,
+        privateCliBinDir: options.privateCliBinDir,
+        palCliCommand: 'pal',
+        runtimeEnv: options.runtimeEnv,
+      });
+    },
+  };
+  options.activeRuns?.set(key, activeHandle);
+  console.log(`${logPrefix} active run key=${key.replace('\0', ':')} supportsSteer=${activeHandle.supportsSteer}`);
 
   const { runAgentRuntime } = await import('./agent-runtime.js');
-  const roomParticipants = await client.listRoomMembers(message.chat_id)
-    .then((result) => result.participants)
+  const roomSnapshot = await client.listRoomMembers(message.chat_id, options.agent)
+    .then((result) => result)
     .catch((error) => {
       console.warn(`${logPrefix} room participant snapshot unavailable: ${error instanceof Error ? error.message : String(error)}`);
-      return [];
+      return null;
     });
-  const recentMessages = await client.getMessages(new URLSearchParams({
-    chat_id: message.chat_id,
-    after: String(Math.max(0, message.id - 50)),
-    limit: '50',
-  })).catch((error) => {
-    console.warn(`${logPrefix} recent room history unavailable: ${error instanceof Error ? error.message : String(error)}`);
-    return [];
+  const roomParticipants = roomSnapshot?.participants ?? [];
+  const roomAgentSubscriptions = roomSnapshot?.agent_subscriptions ?? [];
+  const enabledSkills = roomSnapshot?.enabled_skills ?? [];
+  const roomProject = roomSnapshot?.room.project_id ? {
+    id: roomSnapshot.room.project_id,
+    name: roomSnapshot.room.project_name ?? roomSnapshot.room.project_id,
+    rootPath: roomSnapshot.room.project_root_path ?? '',
+    computerId: roomSnapshot.room.project_computer_id ?? '',
+    computerName: roomSnapshot.room.project_computer_name,
+  } : null;
+  const projectAccessible = Boolean(roomProject && options.computerId && roomProject.computerId === options.computerId);
+  const effectiveProjectCwd = projectAccessible && roomProject?.rootPath ? roomProject.rootPath : options.projectCwd;
+  const launchContext = buildRuntimeLaunchContext({
+    agent: options.agent,
+    serverUrl: options.serverUrl,
+    message,
+    cwd: options.agentHome,
+    agentHome: options.agentHome,
+    projectCwd: projectAccessible ? effectiveProjectCwd : undefined,
+    extraArgs: options.extraArgs,
   });
+  const maxCoveredMessageId = deliveryContext?.messages.reduce((max, item) => Math.max(max, item.id), message.id) ?? message.id;
 
   try {
+    const runtimeAttachments = runtimeAttachmentsForMessage({ message });
     console.log(`${logPrefix} spawn agent=${options.agent} chat=${message.chat_name} message=${message.id} dryRun=${options.dryRun}`);
     const result = await runAgentRuntime(runtime, {
       agent: options.agent,
@@ -176,21 +684,36 @@ async function executeRun(client: LockClient, delivery: MessageDelivery, message
       message,
       cwd: options.agentHome,
       agentHome: options.agentHome,
-      projectCwd: options.projectCwd,
+      projectCwd: effectiveProjectCwd,
+      launchContext,
+      permissionProfile: options.permissionProfile,
+      projectContext: roomProject ? {
+        ...roomProject,
+        accessible: projectAccessible,
+        currentComputerId: options.computerId,
+      } : undefined,
       extraArgs: options.extraArgs,
       localDaemonUrl: options.localDaemonUrl,
-      localDaemonToken: options.localDaemonToken,
+      localDaemonToken: runtimeLocalToken ?? options.localDaemonToken,
       privateCliBinDir: options.privateCliBinDir,
       palCliCommand: 'pal',
+      runtimeEnv: options.runtimeEnv,
       runtimeSessionId: session.runtime_session_id,
       roomParticipants,
-      recentMessages,
+      roomAgentSubscriptions,
+      roomMode: roomSnapshot?.room.mode ?? 'standard',
+      enabledSkills,
+      deliveryContext: deliveryContext ?? undefined,
+      runtimeAttachments,
       dryRun: options.dryRun,
       signal: options.abortSignal,
       onStart: async (pid) => {
         console.log(`${logPrefix} run=${run.id} pid=${pid}`);
         await client.updateRunPid(run.id, pid);
       },
+      onActivity: async (event) => {
+        await client.recordRunActivity(run.id, event);
+      },
       getAction: async () => {
         if (options.isConnectionRevoked?.()) return 'kill';
         const latest = await client.getRun(run.id);
@@ -204,6 +727,7 @@ async function executeRun(client: LockClient, delivery: MessageDelivery, message
     if (result.runtimeSessionId && result.runtimeSessionId !== session.runtime_session_id) {
       console.log(`${logPrefix} session=${session.id} runtime_session_id=${result.runtimeSessionId}`);
       await client.updateSessionRuntimeSessionId(session.id, { runtime_session_id: result.runtimeSessionId });
+      activeHandle.runtimeSessionId = result.runtimeSessionId;
     }
 
     console.log(`${logPrefix} run=${run.id} exitCode=${result.exitCode} stoppedByAction=${result.stoppedByAction ?? '-'} outputLen=${result.output.length}`);
@@ -226,6 +750,7 @@ async function executeRun(client: LockClient, delivery: MessageDelivery, message
     if (result.stoppedByAction === 'restart') {
       console.log(`${logPrefix} run=${run.id} finishing with restart`);
       await client.finishRun(run.id, { status: 'restarted', exit_code: result.exitCode, output: result.output });
+      await failSteeredDeliveries(client, activeHandle, options, run.id, 'active run restarted before completion');
       return 'restart';
     }
 
@@ -233,6 +758,7 @@ async function executeRun(client: LockClient, delivery: MessageDelivery, message
       console.log(`${logPrefix} run=${run.id} finishing with killed`);
       await client.finishRun(run.id, { status: 'killed', exit_code: result.exitCode, output: result.output });
       await client.ackDelivery(delivery.id, { daemon_id: options.daemonId, connection_id: options.connectionId, claim_token: delivery.claim_token, run_id: run.id });
+      await ackSteeredDeliveries(client, activeHandle, options, run.id);
       return 'done';
     }
 
@@ -240,6 +766,17 @@ async function executeRun(client: LockClient, delivery: MessageDelivery, message
       console.log(`${logPrefix} run=${run.id} finishing with completed`);
       await client.finishRun(run.id, { status: 'completed', exit_code: result.exitCode, output: result.output });
       await client.ackDelivery(delivery.id, { daemon_id: options.daemonId, connection_id: options.connectionId, claim_token: delivery.claim_token, run_id: run.id });
+      await ackCoveredPendingDeliveries(client, {
+        agent: options.agent,
+        chatId: message.chat_id,
+        triggerMessageId: message.id,
+        maxCoveredMessageId,
+        daemonId: options.daemonId,
+        connectionId: options.connectionId,
+        computerId: options.computerId,
+        runId: run.id,
+      });
+      await ackSteeredDeliveries(client, activeHandle, options, run.id);
       return 'done';
     }
 
@@ -247,6 +784,7 @@ async function executeRun(client: LockClient, delivery: MessageDelivery, message
     console.log(`${logPrefix} run=${run.id} finishing with failed: ${output.slice(0, 200)}`);
     await client.finishRun(run.id, { status: 'failed', exit_code: result.exitCode, output });
     await client.failDelivery(delivery.id, { daemon_id: options.daemonId, connection_id: options.connectionId, claim_token: delivery.claim_token, run_id: run.id, error: output });
+    await failSteeredDeliveries(client, activeHandle, options, run.id, output);
     await writeFailureMessage(client, message, options.agent, output);
     return 'done';
   } catch (error) {
@@ -258,8 +796,15 @@ async function executeRun(client: LockClient, delivery: MessageDelivery, message
     }
     await client.finishRun(run.id, { status: 'failed', output });
     await client.failDelivery(delivery.id, { daemon_id: options.daemonId, connection_id: options.connectionId, claim_token: delivery.claim_token, run_id: run.id, error: output });
+    await failSteeredDeliveries(client, activeHandle, options, run.id, output);
     await writeFailureMessage(client, message, options.agent, output);
     return 'done';
+  } finally {
+    if (runtimeLocalToken) options.runtimeTokens?.revoke(runtimeLocalToken);
+    if (options.activeRuns?.get(key) === activeHandle) {
+      options.activeRuns.delete(key);
+      console.log(`${logPrefix} inactive run key=${key.replace('\0', ':')}`);
+    }
   }
 }
 
@@ -278,8 +823,13 @@ async function handleDelivery(client: LockClient, delivery: MessageDelivery, opt
   computerId?: string | null;
   connectionId?: string | null;
   runtimeProvider: string;
+  runtimeModel?: string | null;
+  permissionProfile: AgentPermissionProfile;
+  runtimeTokens?: RuntimeLocalTokenRegistry;
   isConnectionRevoked?: () => boolean;
   abortSignal?: AbortSignal;
+  runtimeEnv?: NodeJS.ProcessEnv;
+  activeRuns?: ActiveRunMap;
 }): Promise<void> {
   console.log(`[daemon] handleDelivery delivery=${delivery.id} message=${delivery.message_id} attempts=${delivery.attempts}`);
   const message = await client.getMessage(delivery.message_id);
@@ -307,7 +857,54 @@ async function discoverDeliveries(client: LockClient, state: DaemonState, agent:
   }
 }
 
-async function processPendingDeliveries(client: LockClient, options: {
+async function steerDeliveryToActiveRun(
+  client: LockClient,
+  delivery: MessageDelivery,
+  active: ActiveRunHandle,
+  options: {
+    daemonId: string;
+    connectionId?: string | null;
+    computerId?: string | null;
+  },
+): Promise<void> {
+  let claimed: MessageDelivery | null = null;
+  try {
+    console.log(`[daemon] steerDelivery claim delivery=${delivery.id} activeRun=${active.runId}`);
+    claimed = await client.claimDelivery(delivery.id, {
+      daemon_id: options.daemonId,
+      connection_id: options.connectionId,
+      computer_id: options.computerId,
+      steer_run_id: active.runId,
+    });
+    if (!claimed.claim_token) throw new Error(`steered delivery ${delivery.id} was claimed without a claim token`);
+    const message = await client.getMessage(claimed.message_id);
+    await active.steer(message);
+    await client.markDeliveryProcessingCompleted(claimed.id, {
+      daemon_id: options.daemonId,
+      connection_id: options.connectionId,
+      claim_token: claimed.claim_token,
+      run_id: active.runId,
+    });
+    active.steeredDeliveries.push({ id: claimed.id, claimToken: claimed.claim_token });
+    console.log(`[daemon] steerDelivery accepted delivery=${delivery.id} activeRun=${active.runId}`);
+  } catch (error) {
+    const output = error instanceof Error ? error.message : String(error);
+    console.warn(`[daemon] steerDelivery failed delivery=${delivery.id}: ${output}`);
+    if (claimed?.claim_token) {
+      await client.failDelivery(claimed.id, {
+        daemon_id: options.daemonId,
+        connection_id: options.connectionId,
+        claim_token: claimed.claim_token,
+        run_id: active.runId,
+        error: output,
+      }).catch((failError) => {
+        console.warn(`[daemon] failed to mark steered delivery ${claimed?.id} failed: ${failError instanceof Error ? failError.message : String(failError)}`);
+      });
+    }
+  }
+}
+
+export async function processPendingDeliveries(client: LockClient, options: {
   agent: string;
   daemonId: string;
   serverUrl: string;
@@ -322,37 +919,85 @@ async function processPendingDeliveries(client: LockClient, options: {
   computerId?: string | null;
   connectionId?: string | null;
   runtimeProvider: string;
+  runtimeModel?: string | null;
+  permissionProfile: AgentPermissionProfile;
+  runtimeTokens?: RuntimeLocalTokenRegistry;
   isConnectionRevoked?: () => boolean;
   abortSignal?: AbortSignal;
-}): Promise<void> {
+  runtimeEnv?: NodeJS.ProcessEnv;
+  activeRuns: ActiveRunMap;
+}): Promise<Array<Promise<void>>> {
   console.log(`[daemon] processPendingDeliveries agent=${options.agent} daemon=${options.daemonId}`);
-  const deliveries = await client.listDeliveries(options.agent, 'pending', 20);
+  const deliveries = await client.listDeliveries(options.agent, 'pending', PENDING_DELIVERY_CANDIDATE_LIMIT, {
+    distinctChat: true,
+    excludeRunningComputerId: options.computerId,
+    connectionId: options.connectionId,
+  });
   console.log(`[daemon] processPendingDeliveries found ${deliveries.length} pending deliveries`);
-  for (const delivery of deliveries) {
-    try {
-      console.log(`[daemon] claimDelivery delivery=${delivery.id}`);
-      const claimed = await client.claimDelivery(delivery.id, { daemon_id: options.daemonId, connection_id: options.connectionId, computer_id: options.computerId });
-      console.log(`[daemon] claimDelivery success delivery=${claimed.id} token=${claimed.claim_token}`);
-      await handleDelivery(client, claimed, options);
-    } catch (error) {
-      console.warn(`[daemon] claimDelivery failed delivery=${delivery.id}: ${error instanceof Error ? error.message : String(error)}`);
+  const started: Array<Promise<void>> = [];
+  for (const action of planPendingDeliveryActions(options.agent, deliveries, options.activeRuns)) {
+    if (action.kind === 'steer') {
+      await steerDeliveryToActiveRun(client, action.delivery, action.active, options);
+      continue;
     }
+    if (action.kind === 'skip') {
+      const reason = action.reason === 'starting' ? 'run already starting' : 'active run does not support steer';
+      console.log(`[daemon] delivery=${action.delivery.id} remains pending; ${reason} key=${action.key.replace('\0', ':')}`);
+      continue;
+    }
+    const delivery = action.delivery;
+    const reservation: ActiveRunHandle = {
+      key: action.key,
+      agent: options.agent,
+      chatId: delivery.chat_id,
+      runId: `starting:${delivery.id}`,
+      sessionId: '',
+      runtimeSessionId: null,
+      supportsSteer: false,
+      steeredDeliveries: [],
+      steer: async () => {
+        throw new Error('run is still starting');
+      },
+    };
+    options.activeRuns.set(action.key, reservation);
+    const task = (async () => {
+      try {
+        console.log(`[daemon] claimDelivery delivery=${delivery.id}`);
+        const claimed = await client.claimDelivery(delivery.id, { daemon_id: options.daemonId, connection_id: options.connectionId, computer_id: options.computerId });
+        console.log(`[daemon] claimDelivery success delivery=${claimed.id} token=${claimed.claim_token}`);
+        await handleDelivery(client, claimed, options);
+      } catch (error) {
+        console.warn(`[daemon] claimDelivery failed delivery=${delivery.id}: ${error instanceof Error ? error.message : String(error)}`);
+      } finally {
+        if (options.activeRuns.get(action.key) === reservation) {
+          options.activeRuns.delete(action.key);
+        }
+      }
+    })();
+    started.push(task);
   }
+  return started;
 }
 
 async function buildManagedAgent(input: {
-  assignment: Pick<ComputerAgentAssignment, 'agent' | 'runtime' | 'cwd'>;
+  assignment: Pick<ComputerAgentAssignment, 'agent' | 'runtime' | 'model' | 'cwd'>;
   state: DaemonState;
   serverUrl: string;
   defaultCwd: string;
 }): Promise<ManagedAgent> {
   const agentUuid = ensureAgentUuid(input.state, input.assignment.agent);
-  const runtime = await resolveRuntime(input.assignment.agent, input.serverUrl, agentUuid);
+  const resolved = input.assignment.runtime
+    ? {
+        runtime: await resolveRuntimeDriver(input.assignment.runtime, agentUuid, input.assignment.model),
+        runtimeModel: input.assignment.model?.trim() || null,
+      }
+    : await resolveRuntime(input.assignment.agent, input.serverUrl, agentUuid);
   const agentHome = agentHomePath(agentUuid);
-  ensureAgentHome(agentHome, input.assignment.agent, runtime.name);
+  ensureAgentHome(agentHome, input.assignment.agent, resolved.runtime.name);
   return {
     agent: input.assignment.agent,
-    runtimeProvider: runtime.name,
+    runtimeProvider: resolved.runtime.name,
+    runtimeModel: resolved.runtimeModel,
     agentUuid,
     agentHome,
     projectCwd: input.assignment.cwd || input.defaultCwd,
@@ -363,7 +1008,7 @@ function daemonAgentPayload(managedAgents: Map<string, ManagedAgent>): Array<{ a
   return Array.from(managedAgents.values()).map((managed) => ({
     agent: managed.agent,
     cwd: managed.agentHome,
-    capabilities: { runtime: managed.runtimeProvider, agentHome: managed.agentHome, projectCwd: managed.projectCwd },
+    capabilities: { runtime: managed.runtimeProvider, model: managed.runtimeModel, agentHome: managed.agentHome, projectCwd: managed.projectCwd },
   }));
 }
 
@@ -377,8 +1022,10 @@ async function reconcileManagedAgents(input: {
   computerId: string;
   serverUrl: string;
   defaultCwd: string;
-}): Promise<void> {
+  localUrl?: string;
+}): Promise<string[]> {
   const desiredAssignedAgents = new Set(input.assignments.map((assignment) => assignment.agent));
+  const activatedAgents: string[] = [];
 
   for (const assignment of input.assignments) {
     if (!assignment.runtime) {
@@ -387,10 +1034,11 @@ async function reconcileManagedAgents(input: {
     }
     const existing = input.managedAgents.get(assignment.agent);
     const projectCwd = assignment.cwd || input.defaultCwd;
-    if (existing && existing.runtimeProvider === assignment.runtime && existing.projectCwd === projectCwd) continue;
+    if (existing && existing.runtimeProvider === assignment.runtime && existing.runtimeModel === assignment.model && existing.projectCwd === projectCwd) continue;
     const managed = await buildManagedAgent({ assignment, state: input.state, serverUrl: input.serverUrl, defaultCwd: input.defaultCwd });
     input.managedAgents.set(assignment.agent, managed);
-    console.log(`[daemon] agent active agent=${managed.agent} runtime=${managed.runtimeProvider} projectCwd=${managed.projectCwd}`);
+    activatedAgents.push(managed.agent);
+    console.log(`[daemon] agent active agent=${managed.agent} runtime=${managed.runtimeProvider} model=${managed.runtimeModel ?? '-'} projectCwd=${managed.projectCwd}`);
   }
 
   for (const agent of Array.from(input.managedAgents.keys())) {
@@ -403,9 +1051,11 @@ async function reconcileManagedAgents(input: {
   await input.client.registerDaemon({
     id: input.daemonId,
     name: input.computerId,
+    local_url: input.localUrl,
     server_url: input.serverUrl,
     agents: daemonAgentPayload(input.managedAgents),
   });
+  return activatedAgents;
 }
 
 async function main(): Promise<void> {
@@ -420,7 +1070,15 @@ async function main(): Promise<void> {
     return;
   }
 
-  const explicitAgent = flag(args.flags, 'agent') ?? process.env.PAL_AGENT;
+  const runtimeEnvReport = hydrateRuntimeEnv();
+  logEnvReport(runtimeEnvReport);
+  if (runtimeEnvReport.missing.length) {
+    const message = `[daemon] runtime env warnings: missing=[${runtimeEnvReport.missing.join(', ')}], runtime auth may fail`;
+    if (process.env.PAL_DAEMON_STRICT_ENV === '1') throw new Error(message);
+    console.log(message);
+  }
+
+  const explicitAgent = flag(args.flags, 'agent');
   const serverUrl = flag(args.flags, 'server-url') ?? flag(args.flags, 'server') ?? defaultServerUrl();
   const cwd = flag(args.flags, 'cwd') ?? process.cwd();
   const interval = numberFlag(args.flags, 'interval', 1500)!;
@@ -434,6 +1092,7 @@ async function main(): Promise<void> {
   const statePath = flag(args.flags, 'state') ?? defaultStatePath(explicitAgent ?? 'computer');
   const once = boolFlag(args.flags, 'once');
   const dryRun = boolFlag(args.flags, 'dry-run');
+  const verboseTicks = boolFlag(args.flags, 'verbose') || process.env.PAL_DAEMON_VERBOSE_TICKS === '1';
   const extraArgsRaw = flag(args.flags, 'neeko-args') ?? flag(args.flags, 'agent-args') ?? '';
   const extraArgs = extraArgsRaw ? extraArgsRaw.split(' ').filter(Boolean) : [];
   const privateCliBinDir = ensurePrivatePalCliBin();
@@ -442,16 +1101,19 @@ async function main(): Promise<void> {
 
   const apiKey = flag(args.flags, 'api-key') ?? process.env.PAL_API_KEY;
   const computerId = flag(args.flags, 'computer-id') ?? process.env.PAL_COMPUTER_ID;
+  const computerName = flag(args.flags, 'name') ?? flag(args.flags, 'computer-name') ?? process.env.PAL_COMPUTER_NAME;
   const computerSecret = flag(args.flags, 'computer-secret') ?? process.env.PAL_COMPUTER_SECRET;
   if (!apiKey?.trim() && !computerId?.trim()) throw new Error('--api-key, --computer-id, or PAL_COMPUTER_ID is required');
   if (!apiKey?.trim() && !computerSecret?.trim()) throw new Error('--api-key, --computer-secret, or PAL_COMPUTER_SECRET is required');
 
   const explicitAgents = new Set<string>();
   const managedAgents = new Map<string, ManagedAgent>();
+  const activeRuns: ActiveRunMap = new Map();
+  const runtimeTokens = new RuntimeLocalTokenRegistry();
   if (explicitAgent) {
     explicitAgents.add(explicitAgent);
     const managed = await buildManagedAgent({
-      assignment: { agent: explicitAgent, runtime: null, cwd },
+      assignment: { agent: explicitAgent, runtime: null, model: null, cwd },
       state,
       serverUrl,
       defaultCwd: cwd,
@@ -459,20 +1121,78 @@ async function main(): Promise<void> {
     managedAgents.set(explicitAgent, managed);
   }
 
-  const connected = await bootstrapClient.connectComputer({
-    computer_id: computerId,
-    secret: computerSecret,
-    api_key: apiKey,
-    name: computerId,
-    server_url: serverUrl,
-    agents: daemonAgentPayload(managedAgents),
-  });
-  state.computerId = connected.computer.id;
-  state.connectionId = connected.connection.id;
-  state.daemonId = connected.connection.id;
+  type ConnectedComputer = Awaited<ReturnType<LockClient['connectComputer']>>;
+  let connected!: ConnectedComputer;
+  let daemonAuth!: { computer_id: string; connection_id: string; token: string };
+  let client!: LockClient;
+  let deliverySocket!: DeliverySocketHandle;
+  let reconnecting = false;
+  let onDeliveryFrame: (agent?: string) => void = () => {};
+
+  const connectAndInstall = async (reason: 'startup' | 'reconnect'): Promise<void> => {
+    const previousConnectionId = reason === 'reconnect' ? connected.connection.id : null;
+    const next = await bootstrapClient.connectComputer({
+      computer_id: computerId,
+      secret: computerSecret,
+      api_key: apiKey,
+      name: computerName,
+      server_url: serverUrl,
+      agents: daemonAgentPayload(managedAgents),
+    });
+    connected = next;
+    state.computerId = next.computer.id;
+    state.connectionId = next.connection.id;
+    state.daemonId = next.connection.id;
+    daemonAuth = { computer_id: next.computer.id, connection_id: next.connection.id, token: next.token };
+    client = new LockClient(serverUrl, daemonAuth);
+    deliverySocket?.stop();
+    deliverySocket = startDeliveryWebSocket({
+      serverUrl,
+      computerId: next.computer.id,
+      connectionId: next.connection.id,
+      token: next.token,
+      onDelivery: (agent) => onDeliveryFrame(agent),
+    });
+    writeState(statePath, state);
+    if (reason === 'reconnect') {
+      console.log(`[daemon] reconnected computer=${next.computer.id} connection=${next.connection.id}${previousConnectionId ? ` previous=${previousConnectionId}` : ''}`);
+    }
+  };
 
-  const daemonAuth = { computer_id: connected.computer.id, connection_id: connected.connection.id, token: connected.token };
-  const client = new LockClient(serverUrl, daemonAuth);
+  let running = true;
+  const runtimeAbortController = new AbortController();
+  process.on('SIGINT', () => { running = false; runtimeAbortController.abort(); });
+  process.on('SIGTERM', () => { running = false; runtimeAbortController.abort(); });
+
+  const connectAndInstallWithRetry = async (reason: 'startup' | 'reconnect'): Promise<boolean> => {
+    let attempt = 0;
+    while (running) {
+      try {
+        await connectAndInstall(reason);
+        return true;
+      } catch (error) {
+        if (!shouldRetryDaemonConnectError(error)) throw error;
+        attempt += 1;
+        const delayMs = Math.min(10_000, 500 * 2 ** Math.min(attempt, 5));
+        const message = error instanceof Error ? error.message : String(error);
+        console.warn(`[daemon] ${reason} connection failed, will retry in ${delayMs}ms: ${message}`);
+        await sleep(delayMs);
+      }
+    }
+    return false;
+  };
+
+  if (!await connectAndInstallWithRetry('startup')) return;
+  const localServer = startLocalApi({
+    host: localHost,
+    port: localPort,
+    serverUrl,
+    token: localToken,
+    controlToken: () => connected.local_control_token,
+    daemonAuth: () => daemonAuth,
+    runtimeTokenLookup: (token) => runtimeTokens.lookup(token),
+  });
+  const localUrl = `http://${localServer.hostname}:${localServer.port}`;
   await reconcileManagedAgents({
     assignments: connected.agents ?? [],
     explicitAgents,
@@ -483,40 +1203,159 @@ async function main(): Promise<void> {
     computerId: connected.computer.id,
     serverUrl,
     defaultCwd: cwd,
+    localUrl,
   });
   if (managedAgents.size === 0) {
     console.log(`[daemon] no agents currently assigned to computer ${connected.computer.id}; waiting for assignments`);
   }
   writeState(statePath, state);
-  let connectionRevoked = false;
   const heartbeatMs = numberFlag(args.flags, 'heartbeat-interval', 5000)!;
+  const heartbeatWarningState = defaultRepeatedWarningState();
+  const heartbeatWarningIntervalMs = 30_000;
+  let heartbeatInFlight = false;
 
-  const localServer = startLocalApi({ host: localHost, port: localPort, serverUrl, token: localToken, daemonAuth });
+  const warnHeartbeatRetry = (message: string) => {
+    const decision = consumeRepeatedWarning(heartbeatWarningState, {
+      key: `${connected.connection.id}:${message}`,
+      nowMs: Date.now(),
+      minIntervalMs: heartbeatWarningIntervalMs,
+    });
+    if (!decision.shouldLog) return;
+    const suppressed = decision.suppressed > 0 ? ` suppressed_repeats=${decision.suppressed}` : '';
+    console.warn(`[daemon] heartbeat failed, will retry connection=${connected.connection.id}: ${message}${suppressed}`);
+  };
+  const runHeartbeat = async () => {
+    if (heartbeatInFlight) return null;
+    heartbeatInFlight = true;
+    try {
+      return await client.heartbeatComputer(connected.computer.id);
+    } finally {
+      heartbeatInFlight = false;
+    }
+  };
 
   console.log(`pal daemon computer=${connected.computer.id} connection=${connected.connection.id} agents=${Array.from(managedAgents.values()).map((managed) => `${managed.agent}:${managed.runtimeProvider}`).join(',') || 'none'} server=${serverUrl}`);
   console.log(`local api=http://${localServer.hostname}:${localServer.port} token=${localToken ? 'set' : 'missing'}`);
   console.log(`state=${statePath} lastSeenId=${state.lastSeenId}`);
   console.log(`private cli bin=${privateCliBinDir}`);
 
-  let running = true;
-  const runtimeAbortController = new AbortController();
-  process.on('SIGINT', () => { running = false; runtimeAbortController.abort(); });
-  process.on('SIGTERM', () => { running = false; runtimeAbortController.abort(); });
   const heartbeatTimer = setInterval(() => {
-    void client.heartbeatComputer(connected.computer.id).catch((error) => {
-      connectionRevoked = true;
-      running = false;
-      runtimeAbortController.abort();
-      console.warn(`[daemon] heartbeat failed, stopping connection=${connected.connection.id}: ${error instanceof Error ? error.message : String(error)}`);
+    void runHeartbeat().catch((error) => {
+      const message = error instanceof Error ? error.message : String(error);
+      if (shouldStopDaemonForHeartbeatError(error)) {
+        void reconnectConnection(message);
+      } else {
+        warnHeartbeatRetry(message);
+      }
     });
   }, heartbeatMs);
-
-  while (running) {
-    console.log(`[daemon] tick process deliveries interval=${interval}ms once=${once}`);
+  const processingAgents = new Set<string>();
+  const queuedProcessingAgents = new Set<string>();
+  const activeDeliveryTasks = new Set<Promise<void>>();
+  const scheduleDeliveryProcessing = (agent?: string) => {
+    for (const managed of managedAgents.values()) {
+      if (agent && managed.agent !== agent) continue;
+      if (processingAgents.has(managed.agent)) {
+        queuedProcessingAgents.add(managed.agent);
+        continue;
+      }
+      processingAgents.add(managed.agent);
+      const taskClient = client;
+      const taskConnection = connected;
+      const task = (async () => {
+        try {
+          if (process.env.PAL_DAEMON_DISCOVER_INBOX === '1') {
+            await discoverDeliveries(taskClient, state, managed.agent);
+            writeState(statePath, state);
+          }
+          const started = await processPendingDeliveries(taskClient, {
+            agent: managed.agent,
+            daemonId: taskConnection.connection.id,
+            serverUrl,
+            agentHome: managed.agentHome,
+            projectCwd: managed.projectCwd,
+            extraArgs,
+            dryRun,
+            agentUuid: managed.agentUuid,
+            computerId: taskConnection.computer.id,
+            connectionId: taskConnection.connection.id,
+            runtimeProvider: managed.runtimeProvider,
+            runtimeModel: managed.runtimeModel,
+            permissionProfile: await loadPermissionProfile(taskClient, managed.agent),
+            runtimeTokens,
+            isConnectionRevoked: () => isDeliveryConnectionSuperseded(connected.connection.id, taskConnection.connection.id),
+            abortSignal: runtimeAbortController.signal,
+            localDaemonUrl: `http://${localServer.hostname}:${localServer.port}`,
+            localDaemonToken: localToken,
+            privateCliBinDir,
+            runtimeEnv: runtimeEnvReport.effectiveEnv,
+            activeRuns,
+          });
+          for (const runTask of started) {
+            activeDeliveryTasks.add(runTask);
+            runTask.finally(() => activeDeliveryTasks.delete(runTask));
+          }
+        } catch (error) {
+          console.warn(`[daemon] delivery processing failed for agent=${managed.agent}; will retry: ${error instanceof Error ? error.message : String(error)}`);
+        } finally {
+          processingAgents.delete(managed.agent);
+          if (queuedProcessingAgents.delete(managed.agent)) {
+            setTimeout(() => scheduleDeliveryProcessing(managed.agent), 0);
+          }
+        }
+      })();
+      activeDeliveryTasks.add(task);
+      task.finally(() => activeDeliveryTasks.delete(task));
+    }
+  };
+  const schedulePendingDeliveryProcessing = async () => {
+    if (process.env.PAL_DAEMON_DISCOVER_INBOX === '1') {
+      scheduleDeliveryProcessing();
+      return;
+    }
     try {
-      const heartbeat = await client.heartbeatComputer(connected.computer.id);
+      const pendingAgents = await client.listPendingDeliveryAgents();
+      for (const { agent } of pendingAgents) scheduleDeliveryProcessing(agent);
+    } catch (error) {
+      console.warn(`[daemon] pending delivery agent probe failed; falling back to all agents: ${error instanceof Error ? error.message : String(error)}`);
+      scheduleDeliveryProcessing();
+    }
+  };
+  const reconcileFromHeartbeat = async (): Promise<void> => {
+    const heartbeat = await runHeartbeat();
+    if (!heartbeat) return;
+    await reconcileManagedAgents({
+      assignments: heartbeat.agents ?? [],
+      explicitAgents,
+      managedAgents,
+      state,
+      client,
+      daemonId: connected.connection.id,
+      computerId: connected.computer.id,
+      serverUrl,
+      defaultCwd: cwd,
+      localUrl,
+    });
+    writeState(statePath, state);
+  };
+  const handleDeliveryWake = async (agent?: string): Promise<void> => {
+    if (agent && !managedAgents.has(agent)) {
+      await reconcileFromHeartbeat().catch((error) => {
+        console.warn(`[daemon] delivery wake reconcile failed for agent=${agent}: ${error instanceof Error ? error.message : String(error)}`);
+      });
+    }
+    scheduleDeliveryProcessing(agent);
+  };
+  const deliveryWakeQueue = new DeliveryWakeQueue((agent) => { void handleDeliveryWake(agent); });
+  onDeliveryFrame = (agent) => deliveryWakeQueue.enqueue(agent);
+  const reconnectConnection = async (message: string): Promise<boolean> => {
+    if (reconnecting) return false;
+    reconnecting = true;
+    console.warn(`[daemon] connection ${connected.connection.id} is no longer active; reconnecting: ${message}`);
+    try {
+      if (!await connectAndInstallWithRetry('reconnect')) return false;
       await reconcileManagedAgents({
-        assignments: heartbeat.agents ?? [],
+        assignments: connected.agents ?? [],
         explicitAgents,
         managedAgents,
         state,
@@ -525,56 +1364,74 @@ async function main(): Promise<void> {
         computerId: connected.computer.id,
         serverUrl,
         defaultCwd: cwd,
+        localUrl,
       });
+      await schedulePendingDeliveryProcessing();
+      return true;
+    } catch (error) {
+      console.warn(`[daemon] reconnect failed, will retry: ${error instanceof Error ? error.message : String(error)}`);
+      return false;
+    } finally {
+      reconnecting = false;
+    }
+  };
+
+  while (running) {
+    if (verboseTicks) {
+      console.log(`[daemon] tick reconcile interval=${interval}ms once=${once} ws=${deliverySocket.isOpen() ? 'open' : 'closed'}`);
+    }
+    try {
+      const heartbeat = await runHeartbeat();
+      if (heartbeat) {
+        await reconcileManagedAgents({
+          assignments: heartbeat.agents ?? [],
+          explicitAgents,
+          managedAgents,
+          state,
+          client,
+          daemonId: connected.connection.id,
+          computerId: connected.computer.id,
+          serverUrl,
+          defaultCwd: cwd,
+          localUrl,
+        });
+      }
+      await schedulePendingDeliveryProcessing();
       writeState(statePath, state);
     } catch (error) {
-      connectionRevoked = true;
-      running = false;
-      runtimeAbortController.abort();
-      console.warn(`[daemon] heartbeat failed, stopping connection=${connected.connection.id}: ${error instanceof Error ? error.message : String(error)}`);
-      break;
+      const message = error instanceof Error ? error.message : String(error);
+      if (shouldStopDaemonForHeartbeatError(error)) {
+        await reconnectConnection(message);
+      } else {
+        warnHeartbeatRetry(message);
+      }
     }
     if (managedAgents.size === 0) {
       console.log(`[daemon] no assigned agents; idle`);
     }
-    for (const managed of managedAgents.values()) {
-      if (process.env.PAL_DAEMON_DISCOVER_INBOX === '1') {
-        await discoverDeliveries(client, state, managed.agent);
-        writeState(statePath, state);
-      }
-      await processPendingDeliveries(client, {
-        agent: managed.agent,
-        daemonId: connected.connection.id,
-        serverUrl,
-        agentHome: managed.agentHome,
-        projectCwd: managed.projectCwd,
-        extraArgs,
-        dryRun,
-        agentUuid: managed.agentUuid,
-        computerId: connected.computer.id,
-        connectionId: connected.connection.id,
-        runtimeProvider: managed.runtimeProvider,
-        isConnectionRevoked: () => connectionRevoked,
-        abortSignal: runtimeAbortController.signal,
-        localDaemonUrl: `http://${localServer.hostname}:${localServer.port}`,
-        localDaemonToken: localToken,
-        privateCliBinDir,
-      });
-    }
 
     if (once) {
+      if (activeDeliveryTasks.size) {
+        console.log(`[daemon] --once waiting for ${activeDeliveryTasks.size} active delivery task(s)`);
+        await Promise.allSettled(Array.from(activeDeliveryTasks));
+      }
       console.log(`[daemon] --once set, exiting loop`);
       break;
     }
-    console.log(`[daemon] sleep ${interval}ms`);
+    if (verboseTicks) console.log(`[daemon] sleep ${interval}ms`);
     await sleep(interval);
   }
 
   clearInterval(heartbeatTimer);
+  deliveryWakeQueue.stop();
+  deliverySocket.stop();
+  if (activeDeliveryTasks.size) await Promise.allSettled(Array.from(activeDeliveryTasks));
   localServer.stop(true);
 }
 
-main().catch((error) => {
-  console.error(error instanceof Error ? error.message : String(error));
-  process.exit(1);
-});
+if (import.meta.main) {
+  main().catch((error) => {
+    console.error(error instanceof Error ? error.message : String(error));
+    process.exit(1);
+  });
+}