@controlflow-ai/daemon 0.1.1 → 0.1.3

package/src/app.ts

@@ -1,13 +1,95 @@
 import { artifactHeaders, artifactViewerHtml } from './artifacts.js';
-import { MessageStore } from './db.js';
+import { spawnSync } from 'node:child_process';
+import { existsSync, lstatSync, readdirSync, readFileSync, realpathSync, statSync } from 'node:fs';
+import { fileURLToPath } from 'node:url';
+import { basename, extname, isAbsolute, join, relative, resolve, sep } from 'node:path';
+import QRCode from 'qrcode';
+import { ALL_AGENTS_MENTION, MessageStore } from './db.js';
 import { failure, HttpError, json, numberParam, readJson, stringParam } from './http.js';
 import { assertServerAuth } from './server-auth.js';
-import { dashboardHtml } from './web.js';
-import type { RunAction, RunStatus } from './types.js';
+import type { AgentActivityKind, AgentRoomSubscriptionMode, Chat, RoomMode, RoomReminderStatus, RoomTaskStatus, RunAction, RunStatus, SkillBindingScope, SkillSource, WorkflowRunStatus } from './types.js';
 import { createLarkApiClient, sendTextMessage } from './lark/ws-daemon.js';
-import { boundAgents, defaultLarkConfigPath, loadLarkCredentials, type LarkCredentialStore } from './lark/credentials.js';
+import { boundAgents, defaultLarkConfigPath, loadLarkCredentials, saveLarkCredentials, type LarkCredentialStore, unbindCredentialAgent } from './lark/credentials.js';
 import { persistLarkCredential, resolveLarkBotInfo } from './lark/setup.js';
+import { beginLarkAppRegistration, pollLarkAppRegistration, type LarkRegistrationComplete } from './lark/app-registration.js';
+import { listRecentInboundEvents, repairInboundEventParseFailures } from './lark/inbound-events.js';
 import { tailscaleAddress } from './network.js';
+import { allRuntimeModelOptions, validateRuntimeModel } from './runtime-registry.js';
+import { validateAgentPermissionProfile, type AgentPermissionProfile as RuntimeAgentPermissionProfile } from './agent-permissions.js';
+import { uniqueAgentKeyFromDisplayName } from './agent-key.js';
+import { AgentWorkspaceFileError, listAgentWorkspaceFiles, updateAgentWorkspaceFile } from './agent-workspace.js';
+import type { AgentDeletionImpact, AgentDeletionLarkBindingImpact, ChannelAccount, Message, MessageDelivery, MessageFreshnessInput } from './types.js';
+import { buildMessagingHealth, buildMessagingStatus, emptyDeliveryWebSocketSummary, type DeliveryConnectionStats, type DeliveryWebSocketSummary, type LarkMessagingStatus } from './messaging-status.js';
+
+interface DeliveryNotifyResult {
+  deliveries: number;
+  target_connections: number;
+  open_sockets: number;
+  websocket_frames: number;
+}
+
+export interface AppRouteOptions {
+  deliveryNotifier?: {
+    notifyDeliveries(deliveries: MessageDelivery[]): DeliveryNotifyResult;
+    statsForConnection?(connectionId: string): DeliveryConnectionStats;
+    statsAllConnections?(): DeliveryWebSocketSummary;
+  };
+  larkStatusProvider?: () => LarkMessagingStatus[];
+}
+
+interface AgentWorkspaceFileUpdateBody {
+  path?: unknown;
+  content?: unknown;
+}
+
+interface HeldDraftReviseBody {
+  content?: unknown;
+}
+
+function logDeliveryNotifyResult(result: DeliveryNotifyResult | undefined): void {
+  if (!result || result.deliveries === 0) return;
+  console.log(`[delivery] notify deliveries=${result.deliveries} target_connections=${result.target_connections} open_sockets=${result.open_sockets} websocket_frames=${result.websocket_frames}`);
+}
+
+function notifyDeliveries(options: AppRouteOptions, deliveries: MessageDelivery[]): DeliveryNotifyResult {
+  const result = options.deliveryNotifier?.notifyDeliveries(deliveries) ?? {
+    deliveries: deliveries.filter((delivery) => delivery.status === 'pending').length,
+    target_connections: 0,
+    open_sockets: 0,
+    websocket_frames: 0,
+  };
+  logDeliveryNotifyResult(result);
+  return result;
+}
+
+function validateMessageMentions(store: MessageStore, roomId: string, batch: Array<{ mentions?: string[] }>): { invalid_mentions: string[]; available_mentions: string[] } | null {
+  const mentionables = store.listMentionableRoomParticipants(roomId);
+  const available = mentionables.map((participant) => participant.participant_id);
+  const valid = new Set(available);
+  valid.add(ALL_AGENTS_MENTION);
+  const invalid = new Set<string>();
+
+  for (const item of batch) {
+    for (const rawMention of item.mentions ?? []) {
+      const mention = typeof rawMention === 'string' ? rawMention.trim().replace(/^@/, '') : '';
+      if (!mention || valid.has(mention)) continue;
+      invalid.add(mention);
+    }
+  }
+
+  if (invalid.size === 0) return null;
+  return { invalid_mentions: [...invalid], available_mentions: available };
+}
+
+export function fireDueRoomRemindersForDelivery(
+  store: MessageStore,
+  options: AppRouteOptions,
+  input: { now?: string | Date | null; limit?: number } = {},
+) {
+  const result = store.fireDueRoomReminders(input);
+  const notify = notifyDeliveries(options, result.deliveries);
+  return { ...result, notify };
+}
 
 interface SendBody {
   chat?: string;
@@ -22,11 +104,277 @@ interface SendBody {
   type?: 'message' | 'system';
   idempotency_key?: string | null;
   mentions?: string[];
+  attachments?: AttachmentBody[];
+  messages?: Array<{
+    parent_id?: number;
+    channel_id?: string | null;
+    recipient?: string | null;
+    content?: string;
+    type?: 'message' | 'system';
+    idempotency_key?: string | null;
+    mentions?: string[];
+    attachments?: AttachmentBody[];
+  }>;
+  freshness?: MessageFreshnessInput;
+}
+
+interface AttachmentBody {
+  kind?: 'image' | 'file';
+  mime_type?: string;
+  filename?: string | null;
+  content_base64?: string;
+}
+
+interface AgentRoomReadBody {
+  message_id?: number;
+}
+
+interface AgentRoomSubscriptionBody {
+  mode?: AgentRoomSubscriptionMode;
+}
+
+const agentRoomSubscriptionModes: AgentRoomSubscriptionMode[] = ['all', 'periodic', 'mentions', 'muted', 'off'];
+const agentActivityKinds: AgentActivityKind[] = ['lifecycle', 'working', 'thinking', 'output', 'tool', 'error'];
+const roomTaskStatuses: RoomTaskStatus[] = ['todo', 'in_progress', 'in_review', 'done', 'closed'];
+const roomReminderStatuses: RoomReminderStatus[] = ['scheduled', 'fired', 'canceled'];
+const roomModes: RoomMode[] = ['standard', 'idea_development'];
+const skillBindingScopes: SkillBindingScope[] = ['project', 'room', 'agent'];
+const skillSources: SkillSource[] = ['system', 'user', 'project'];
+const workflowRunStatuses: WorkflowRunStatus[] = ['running', 'completed', 'failed'];
+
+function parseAgentRoomSubscriptionMode(value: unknown): AgentRoomSubscriptionMode {
+  if (typeof value !== 'string' || !agentRoomSubscriptionModes.includes(value as AgentRoomSubscriptionMode)) {
+    throw new HttpError(400, 'INVALID_SUBSCRIPTION_MODE', 'mode must be all, periodic, mentions, muted, or off');
+  }
+  return value as AgentRoomSubscriptionMode;
+}
+
+function parseRoomMode(value: unknown): RoomMode {
+  if (value === undefined || value === null || value === '') return 'standard';
+  if (typeof value !== 'string' || !roomModes.includes(value as RoomMode)) {
+    throw new HttpError(400, 'INVALID_ROOM_MODE', 'mode must be standard or idea_development');
+  }
+  return value as RoomMode;
+}
+
+function parseSkillBindingScope(value: unknown): SkillBindingScope {
+  if (typeof value !== 'string' || !skillBindingScopes.includes(value as SkillBindingScope)) {
+    throw new HttpError(400, 'INVALID_SKILL_BINDING_SCOPE', 'scope must be project, room, or agent');
+  }
+  return value as SkillBindingScope;
+}
+
+function parseSkillSource(value: unknown): SkillSource {
+  if (value === undefined || value === null || value === '') return 'user';
+  if (typeof value !== 'string' || !skillSources.includes(value as SkillSource)) {
+    throw new HttpError(400, 'INVALID_SKILL_SOURCE', 'source must be system, user, or project');
+  }
+  return value as SkillSource;
+}
+
+function parseRoomTaskStatus(value: unknown): RoomTaskStatus {
+  if (typeof value !== 'string' || !roomTaskStatuses.includes(value as RoomTaskStatus)) {
+    throw new HttpError(400, 'INVALID_TASK_STATUS', 'status must be todo, in_progress, in_review, done, or closed');
+  }
+  return value as RoomTaskStatus;
+}
+
+function parseRoomReminderStatus(value: unknown): RoomReminderStatus {
+  if (typeof value !== 'string' || !roomReminderStatuses.includes(value as RoomReminderStatus)) {
+    throw new HttpError(400, 'INVALID_REMINDER_STATUS', 'status must be scheduled, fired, or canceled');
+  }
+  return value as RoomReminderStatus;
+}
+
+function parseWorkflowRunStatus(value: unknown): WorkflowRunStatus {
+  if (typeof value !== 'string' || !workflowRunStatuses.includes(value as WorkflowRunStatus)) {
+    throw new HttpError(400, 'INVALID_WORKFLOW_RUN_STATUS', 'status must be running, completed, or failed');
+  }
+  return value as WorkflowRunStatus;
+}
+
+function skillStoreHttpError(error: unknown): HttpError | null {
+  const message = error instanceof Error ? error.message : String(error);
+  if (message === 'SKILL_ALREADY_EXISTS') return new HttpError(409, 'SKILL_ALREADY_EXISTS', 'skill key already exists');
+  if (message === 'SKILL_SOURCE_IMMUTABLE') return new HttpError(409, 'SKILL_SOURCE_IMMUTABLE', 'skill source cannot be changed');
+  if (message === 'SYSTEM_SKILL_OWNERSHIP_IMMUTABLE') return new HttpError(409, 'SYSTEM_SKILL_OWNERSHIP_IMMUTABLE', 'system skill ownership cannot be changed');
+  if (message === 'SKILL_OWNER_IMMUTABLE') return new HttpError(409, 'SKILL_OWNER_IMMUTABLE', 'skill owner cannot be changed');
+  if (message === 'SKILL_PROJECT_IMMUTABLE') return new HttpError(409, 'SKILL_PROJECT_IMMUTABLE', 'skill project cannot be changed');
+  if (message === 'SYSTEM_SKILL_CREATE_FORBIDDEN') return new HttpError(409, 'SYSTEM_SKILL_CREATE_FORBIDDEN', 'system skills are seeded by PAL migrations');
+  if (message === 'SYSTEM_SKILL_READ_ONLY') return new HttpError(409, 'SYSTEM_SKILL_READ_ONLY', 'system skill definitions are read-only');
+  if (message === 'INVALID_SKILL_KEY') return new HttpError(400, 'INVALID_SKILL_KEY', 'skill key must start with a letter or number and contain only letters, numbers, underscores, or hyphens');
+  if (message === 'owner_user_id is required for user skills') return new HttpError(400, 'MISSING_SKILL_OWNER', message);
+  if (message === 'project_id is required for project skills') return new HttpError(400, 'MISSING_SKILL_PROJECT', message);
+  return null;
+}
+
+async function readOptionalJson<T extends object>(request: Request): Promise<T> {
+  const text = await request.text();
+  if (!text.trim()) return {} as T;
+  try {
+    const value = JSON.parse(text) as unknown;
+    if (!value || typeof value !== 'object' || Array.isArray(value)) {
+      throw new HttpError(400, 'BAD_JSON', 'expected a JSON object');
+    }
+    return value as T;
+  } catch (error) {
+    if (error instanceof HttpError) throw error;
+    throw new HttpError(400, 'BAD_JSON', 'request body must be valid JSON');
+  }
+}
+
+function parseMessageAttachments(attachments: AttachmentBody[] | undefined) {
+  if (!attachments?.length) return [];
+  return attachments.map((attachment) => {
+    const kind = attachment.kind ?? 'file';
+    if (kind !== 'image' && kind !== 'file') throw new HttpError(400, 'UNSUPPORTED_ATTACHMENT_KIND', 'attachment kind must be image or file');
+    if (!attachment.mime_type?.trim()) throw new HttpError(400, 'MISSING_ATTACHMENT_MIME', 'attachment mime_type is required');
+    if (!attachment.content_base64) throw new HttpError(400, 'MISSING_ATTACHMENT_CONTENT', 'attachment content_base64 is required');
+    return {
+      kind,
+      mimeType: attachment.mime_type,
+      filename: attachment.filename,
+      content: Uint8Array.from(Buffer.from(attachment.content_base64, 'base64')),
+      sourceProvider: 'web' as const,
+    };
+  });
+}
+
+function taskNumberFromPath(value: string | undefined): number {
+  const taskNumber = Number(value);
+  if (!Number.isInteger(taskNumber) || taskNumber < 1) {
+    throw new HttpError(400, 'INVALID_TASK_NUMBER', 'task_number must be a positive integer');
+  }
+  return taskNumber;
+}
+
+function freshnessInput(value: unknown): MessageFreshnessInput | null {
+  if (!value || typeof value !== 'object') return null;
+  const candidate = value as Partial<MessageFreshnessInput>;
+  const baseMessageId = Number(candidate.base_message_id);
+  if (!Number.isInteger(baseMessageId) || baseMessageId < 0) {
+    throw new HttpError(400, 'INVALID_FRESHNESS', 'freshness.base_message_id must be a non-negative integer');
+  }
+  if (candidate.on_stale !== 'hold' && candidate.on_stale !== 'send_anyway') {
+    throw new HttpError(400, 'INVALID_FRESHNESS', 'freshness.on_stale must be hold or send_anyway');
+  }
+  return { base_message_id: baseMessageId, on_stale: candidate.on_stale };
+}
+
+interface ProbeDeliveryBody {
+  agent?: string;
+  room?: string;
+  sender?: string;
+  content?: string;
+  idempotency_key?: string | null;
 }
 
 interface CreateRoomBody {
   name?: string;
   kind?: 'group' | 'dm';
+  mode?: RoomMode;
+}
+
+interface HandoffRoomBody {
+  source_room_id?: string;
+  source_message_id?: number;
+  actor?: string;
+  purpose?: string;
+  name?: string;
+  team?: Array<{ agent?: string; mode?: string }>;
+  handoff_content?: string;
+}
+
+interface UpdateRoomBody {
+  status?: 'active' | 'archived';
+}
+
+interface CreateRoomTasksBody {
+  title?: string;
+  tasks?: Array<{ title?: string }>;
+  created_by?: string | null;
+  source_message_id?: number | null;
+}
+
+interface ClaimRoomTaskBody {
+  assignee?: string;
+}
+
+interface UpdateRoomTaskBody {
+  status?: RoomTaskStatus;
+}
+
+interface CreateRoomReminderBody {
+  msg_id?: number;
+  source_message_id?: number;
+  title?: string;
+  created_by?: string | null;
+  fire_at?: string | null;
+  delay_seconds?: number | null;
+  repeat?: string | null;
+}
+
+interface CreateRoomSavedMessageBody {
+  msg_id?: number;
+  source_message_id?: number;
+  saved_by?: string | null;
+  note?: string | null;
+}
+
+interface FireDueRoomRemindersBody {
+  now?: string | null;
+  limit?: number | null;
+}
+
+interface CreateProjectBody {
+  name?: string;
+  computer_id?: string;
+  root_path?: string;
+}
+
+interface UpdateProjectBody {
+  status?: 'active' | 'archived';
+}
+
+interface ProjectAgentDefaultsBody {
+  defaults?: Array<{ agent?: string; mode?: string }>;
+}
+
+interface UpsertSkillBody {
+  key?: string;
+  name?: string;
+  description?: string;
+  instruction_content?: string;
+  status?: 'active' | 'disabled';
+  source?: SkillSource;
+  owner_user_id?: string | null;
+  project_id?: string | null;
+  repository_path?: string | null;
+}
+
+interface SkillBindingBody {
+  scope?: SkillBindingScope;
+  scope_id?: string;
+  skill_key?: string;
+  enabled?: boolean;
+  priority?: number;
+}
+
+type PalContentFileType = 'markdown' | 'html';
+
+interface ProjectPalFileEntry {
+  name: string;
+  path: string;
+  type: 'directory' | 'file';
+  file_type?: PalContentFileType;
+  size_bytes?: number;
+  children?: ProjectPalFileEntry[];
+}
+
+interface ProjectPalGitCommitBody {
+  message?: string;
+  files?: string[];
+  expected_head?: string | null;
 }
 
 interface StartRunBody {
@@ -60,6 +408,20 @@ interface ProvisionComputerBody {
   package_name?: string;
 }
 
+interface UpdateComputerBody {
+  name?: string;
+}
+
+interface RegenerateComputerCommandBody {
+  server_url?: string;
+  package_name?: string;
+}
+
+interface DeleteComputerBody {
+  remove_projects?: boolean;
+  remove_agents?: boolean;
+}
+
 interface ConnectComputerBody {
   computer_id?: string;
   secret?: string;
@@ -71,6 +433,25 @@ interface ConnectComputerBody {
   agents?: Array<{ agent?: string; cwd?: string; capabilities?: Record<string, unknown> }>;
 }
 
+async function fetchDaemonJson<T>(input: { localUrl: string; token: string; path: string }): Promise<T> {
+  const base = input.localUrl.replace(/\/$/, '');
+  const response = await fetch(`${base}${input.path}`, {
+    headers: { authorization: `Bearer ${input.token}` },
+  });
+  const payload = await response.json().catch(() => ({})) as { ok?: boolean; data?: T; message?: string; code?: string };
+  if (!response.ok || payload.ok === false) {
+    throw new HttpError(response.status || 502, payload.code || 'DAEMON_REQUEST_FAILED', payload.message || 'daemon request failed');
+  }
+  return (payload.data ?? {}) as T;
+}
+
+async function validateRemoteProjectPath(store: MessageStore, computerId: string, rootPath: string): Promise<void> {
+  const control = store.getComputerLocalControl(computerId);
+  if (!control) throw new HttpError(409, 'COMPUTER_NOT_BROWSABLE', 'computer is not online or does not expose a local filesystem browser');
+  const params = new URLSearchParams({ path: rootPath, validate: 'directory', show_hidden: 'true' });
+  await fetchDaemonJson({ localUrl: control.daemon.local_url, token: control.token, path: `/local/files?${params}` });
+}
+
 interface AssignAgentBody {
   computer_id?: string;
 }
@@ -79,13 +460,26 @@ interface OnboardAgentBody {
   agent_key?: string;
   display_name?: string;
   runtime?: string | null;
+  model?: string | null;
   description?: string | null;
   computer_id?: string;
 }
 
+interface DeleteAgentBody {
+  confirm_delete?: boolean;
+  leave_rooms?: boolean;
+  unbind_lark?: boolean;
+}
+
+interface AgentPermissionsBody {
+  filesystemMode?: RuntimeAgentPermissionProfile['filesystemMode'];
+  extraWritableRoots?: string[];
+}
+
 interface LarkSetupBody {
   app_id?: string;
   app_secret?: string;
+  registration_id?: string;
   label?: string;
   agent?: string;
   config?: string;
@@ -96,6 +490,17 @@ interface LarkAuthorizedUserBody {
   display_name?: string | null;
 }
 
+async function checkedRuntimeModel(runtime: string | null | undefined, model: string | null | undefined): Promise<string | null> {
+  if (model?.trim() && !runtime?.trim()) {
+    throw new HttpError(400, 'MISSING_RUNTIME', 'runtime is required when model is configured');
+  }
+  try {
+    return await validateRuntimeModel(runtime ?? '', model);
+  } catch (error) {
+    throw new HttpError(400, 'INVALID_MODEL', error instanceof Error ? error.message : String(error));
+  }
+}
+
 interface CreateDeliveryBody {
   message_id?: number;
   agent?: string;
@@ -106,6 +511,7 @@ interface ClaimDeliveryBody {
   connection_id?: string | null;
   computer_id?: string | null;
   lease_ms?: number;
+  steer_run_id?: string | null;
 }
 
 interface SessionBody {
@@ -151,6 +557,13 @@ interface FinishRunBody {
   output?: string;
 }
 
+interface RecordRunActivityBody {
+  kind?: AgentActivityKind;
+  title?: string;
+  detail?: string | null;
+  metadata?: Record<string, unknown> | null;
+}
+
 export function resolveLarkOutboundRoute(store: MessageStore, credentials: LarkCredentialStore, sender: string, chatId: string) {
   for (const bot of credentials.bots) {
     if (!boundAgents(bot).includes(sender)) continue;
@@ -161,14 +574,469 @@ export function resolveLarkOutboundRoute(store: MessageStore, credentials: LarkC
   return null;
 }
 
+export function resolveLarkMentionTarget(store: MessageStore, account: ChannelAccount, recipient: string | null | undefined): { openId: string; displayName?: string | null } | null {
+  const target = recipient?.trim();
+  if (!target) return null;
+
+  const agentBot = store.db.query(`
+    SELECT bot_open_id, name
+    FROM channel_accounts
+    WHERE channel = 'lark'
+      AND status = 'active'
+      AND agent = ?
+      AND bot_open_id IS NOT NULL
+      AND bot_open_id != ''
+    LIMIT 1
+  `).get(target) as { bot_open_id: string; name: string | null } | null;
+  if (agentBot) return { openId: agentBot.bot_open_id, displayName: agentBot.name };
+
+  if (!account.provider_account_id) return null;
+  const identity = store.db.query(`
+    SELECT b.external_id, i.display_name
+    FROM pal_identities i
+    INNER JOIN provider_identity_bindings b ON b.identity_id = i.id
+    WHERE i.stable_handle = ?
+      AND b.provider = 'lark'
+      AND b.provider_account_id = ?
+      AND b.external_type IN ('user', 'bot')
+    LIMIT 1
+  `).get(target, account.provider_account_id) as { external_id: string; display_name: string | null } | null;
+  if (!identity) return null;
+  return { openId: identity.external_id, displayName: identity.display_name };
+}
+
 function routeNotFound(): Response {
   return Response.json({ ok: false, code: 'NOT_FOUND', message: 'not found' }, { status: 404 });
 }
 
+const projectPalSupportedExtensions = new Map<string, PalContentFileType>([
+  ['.md', 'markdown'],
+  ['.markdown', 'markdown'],
+  ['.html', 'html'],
+  ['.htm', 'html'],
+]);
+const projectPalMaxReadBytes = 1024 * 1024;
+const projectPalMaxTreeEntries = 500;
+const projectPalDiffMaxBytes = 512 * 1024;
+
+function isPathInside(basePath: string, targetPath: string): boolean {
+  const relativePath = relative(basePath, targetPath);
+  return relativePath === '' || (relativePath !== '..' && !relativePath.startsWith(`..${sep}`) && !isAbsolute(relativePath));
+}
+
+function normalizePalRelativePath(value: string | null | undefined): string {
+  const candidate = (value || '').trim().replace(/\\/g, '/');
+  if (!candidate || candidate.startsWith('/') || candidate.split('/').some((part) => !part || part === '.' || part === '..')) {
+    throw new HttpError(400, 'BAD_PAL_FILE_PATH', 'path must be a relative .pal file path');
+  }
+  return candidate;
+}
+
+function projectPalRoot(projectRootPath: string): { projectRoot: string; palRoot: string; exists: boolean } {
+  const projectRoot = realpathSync(projectRootPath);
+  const palPath = resolve(projectRootPath, '.pal');
+  if (!existsSync(palPath)) return { projectRoot, palRoot: palPath, exists: false };
+  const palRoot = realpathSync(palPath);
+  if (!isPathInside(projectRoot, palRoot)) {
+    throw new HttpError(403, 'PAL_ROOT_OUTSIDE_PROJECT', '.pal must resolve inside the project root');
+  }
+  const stat = statSync(palRoot);
+  if (!stat.isDirectory()) throw new HttpError(400, 'PAL_ROOT_NOT_DIRECTORY', '.pal is not a directory');
+  return { projectRoot, palRoot, exists: true };
+}
+
+function projectPalFileType(filePath: string): PalContentFileType | null {
+  return projectPalSupportedExtensions.get(extname(filePath).toLowerCase()) || null;
+}
+
+function isProjectPalMarkdownPath(filePath: string): boolean {
+  return projectPalFileType(filePath) === 'markdown';
+}
+
+function gitPathJoin(...parts: string[]): string {
+  return parts
+    .flatMap((part) => part.split(/[\\/]/))
+    .filter(Boolean)
+    .join('/');
+}
+
+function gitCommand(projectRootPath: string, args: string[], options?: { check?: boolean }) {
+  const result = spawnSync('git', ['-C', projectRootPath, ...args], { encoding: 'utf8' });
+  const stdout = result.stdout || '';
+  const stderr = result.stderr || '';
+  const status = result.status ?? 1;
+  if (options?.check !== false && status !== 0) {
+    const message = (stderr || stdout || `git ${args[0] || 'command'} failed`).trim();
+    throw new HttpError(409, 'GIT_COMMAND_FAILED', message);
+  }
+  return { stdout, stderr, status };
+}
+
+function projectPalGitInfo(projectRootPath: string) {
+  const root = projectPalRoot(projectRootPath);
+  const repoRootResult = gitCommand(root.projectRoot, ['rev-parse', '--show-toplevel'], { check: false });
+  if (repoRootResult.status !== 0) {
+    return {
+      root,
+      git: {
+        available: false,
+        repo_root: null,
+        head: null,
+        branch: null,
+        error: (repoRootResult.stderr || repoRootResult.stdout || 'project is not inside a Git repository').trim(),
+        dirty: false,
+      },
+      repoRoot: null,
+      palRepoPath: null,
+    };
+  }
+  const repoRoot = realpathSync(repoRootResult.stdout.trim());
+  if (!isPathInside(repoRoot, root.projectRoot)) {
+    throw new HttpError(403, 'PROJECT_OUTSIDE_GIT_REPO', 'project root must resolve inside its Git repository');
+  }
+  const headResult = gitCommand(root.projectRoot, ['rev-parse', 'HEAD'], { check: false });
+  const branchResult = gitCommand(root.projectRoot, ['branch', '--show-current'], { check: false });
+  const palRepoPath = gitPathJoin(relative(repoRoot, root.exists ? root.palRoot : resolve(root.projectRoot, '.pal')));
+  return {
+    root,
+    git: {
+      available: true,
+      repo_root: repoRoot,
+      head: headResult.status === 0 ? headResult.stdout.trim() : null,
+      branch: branchResult.status === 0 ? branchResult.stdout.trim() || null : null,
+      error: null,
+      dirty: false,
+    },
+    repoRoot,
+    palRepoPath,
+  };
+}
+
+function normalizeGitStatusPath(rawPath: string): string {
+  const renamedPath = rawPath.includes(' -> ') ? rawPath.split(' -> ').pop()! : rawPath;
+  return renamedPath.trim().replace(/\\/g, '/').replace(/^"|"$/g, '');
+}
+
+function projectPalRelativeFromRepoPath(repoPath: string, palRepoPath: string): string | null {
+  const normalizedPath = repoPath.replace(/\\/g, '/');
+  const normalizedRoot = palRepoPath.replace(/\\/g, '/').replace(/\/$/, '');
+  if (normalizedPath === normalizedRoot) return null;
+  const prefix = normalizedRoot ? `${normalizedRoot}/` : '';
+  if (!normalizedPath.startsWith(prefix)) return null;
+  const palRelativePath = normalizedPath.slice(prefix.length);
+  if (!palRelativePath || palRelativePath.split('/').some((part) => !part || part === '.' || part === '..')) return null;
+  return palRelativePath;
+}
+
+function syntheticNewFileDiff(repoPath: string, content: string): string {
+  const lines = content.length ? content.split(/\r?\n/) : [];
+  if (lines.length && lines[lines.length - 1] === '') lines.pop();
+  const body = lines.map((line) => `+${line}`).join('\n');
+  return [
+    `diff --git a/${repoPath} b/${repoPath}`,
+    'new file mode 100644',
+    'index 0000000..0000000',
+    '--- /dev/null',
+    `+++ b/${repoPath}`,
+    `@@ -0,0 +1,${lines.length} @@`,
+    body,
+  ].filter(Boolean).join('\n') + '\n';
+}
+
+function gitNumstatForPath(projectRootPath: string, repoPath: string): { additions: number; deletions: number } {
+  const result = gitCommand(projectRootPath, ['diff', '--numstat', 'HEAD', '--', repoPath], { check: false });
+  if (result.status !== 0 || !result.stdout.trim()) return { additions: 0, deletions: 0 };
+  const [additions, deletions] = result.stdout.trim().split(/\s+/);
+  return {
+    additions: Number.parseInt(additions || '0', 10) || 0,
+    deletions: Number.parseInt(deletions || '0', 10) || 0,
+  };
+}
+
+function projectPalGitChanges(projectRootPath: string, options?: { includeDiff?: boolean }) {
+  const info = projectPalGitInfo(projectRootPath);
+  if (!info.git.available || !info.repoRoot || !info.palRepoPath) {
+    return { git: info.git, files: [], file_count: 0, additions: 0, deletions: 0, diff: '' };
+  }
+
+  const statusResult = gitCommand(info.root.projectRoot, ['status', '--porcelain=v1', '--untracked-files=all', '--', info.palRepoPath], { check: false });
+  if (statusResult.status !== 0) {
+    throw new HttpError(409, 'GIT_STATUS_FAILED', (statusResult.stderr || statusResult.stdout || 'git status failed').trim());
+  }
+
+  const files: Array<{ path: string; repo_path: string; status: string; additions: number; deletions: number }> = [];
+  const diffableRepoPaths: string[] = [];
+  let diff = '';
+
+  for (const line of statusResult.stdout.split(/\r?\n/)) {
+    if (!line.trim()) continue;
+    const code = line.slice(0, 2);
+    const repoPath = normalizeGitStatusPath(line.slice(3));
+    const palRelativePath = projectPalRelativeFromRepoPath(repoPath, info.palRepoPath);
+    if (!palRelativePath || !isProjectPalMarkdownPath(palRelativePath)) continue;
+    let status = 'modified';
+    if (code.includes('?')) status = 'untracked';
+    else if (code.includes('D')) status = 'deleted';
+    else if (code.includes('A')) status = 'added';
+    else if (code.includes('R')) status = 'renamed';
+
+    let stats = gitNumstatForPath(info.root.projectRoot, repoPath);
+    if (status === 'untracked') {
+      const absolutePath = resolve(info.repoRoot, repoPath);
+      if (!existsSync(absolutePath) || lstatSync(absolutePath).isSymbolicLink()) continue;
+      const realFilePath = realpathSync(absolutePath);
+      if (!isPathInside(info.root.palRoot, realFilePath)) continue;
+      const content = readFileSync(realFilePath, 'utf8');
+      stats = { additions: content ? content.split(/\r?\n/).filter((_, index, lines) => !(index === lines.length - 1 && lines[index] === '')).length : 0, deletions: 0 };
+      if (options?.includeDiff) diff += syntheticNewFileDiff(repoPath, content);
+    } else {
+      diffableRepoPaths.push(repoPath);
+    }
+    files.push({ path: palRelativePath, repo_path: repoPath, status, additions: stats.additions, deletions: stats.deletions });
+  }
+
+  if (options?.includeDiff && diffableRepoPaths.length) {
+    const result = gitCommand(info.root.projectRoot, ['diff', '--no-color', 'HEAD', '--', ...diffableRepoPaths], { check: false });
+    if (result.status !== 0) throw new HttpError(409, 'GIT_DIFF_FAILED', (result.stderr || result.stdout || 'git diff failed').trim());
+    diff = `${result.stdout}${diff}`;
+  }
+  if (diff.length > projectPalDiffMaxBytes) {
+    diff = `${diff.slice(0, projectPalDiffMaxBytes)}\n... diff truncated at ${projectPalDiffMaxBytes} bytes ...\n`;
+  }
+
+  const additions = files.reduce((sum, file) => sum + file.additions, 0);
+  const deletions = files.reduce((sum, file) => sum + file.deletions, 0);
+  return {
+    git: { ...info.git, dirty: files.length > 0 },
+    files: files.sort((left, right) => left.path.localeCompare(right.path)),
+    file_count: files.length,
+    additions,
+    deletions,
+    diff,
+  };
+}
+
+function projectPalCommitPath(projectRootPath: string, requestedPath: string): string {
+  const info = projectPalGitInfo(projectRootPath);
+  if (!info.git.available || !info.repoRoot || !info.palRepoPath) throw new HttpError(409, 'GIT_NOT_AVAILABLE', info.git.error || 'project is not inside a Git repository');
+  const palRelativePath = normalizePalRelativePath(requestedPath);
+  if (!isProjectPalMarkdownPath(palRelativePath)) throw new HttpError(400, 'UNSUPPORTED_PAL_COMMIT_FILE', 'only .pal Markdown files can be committed');
+  return gitPathJoin(info.palRepoPath, palRelativePath);
+}
+
+function listProjectPalFiles(projectRootPath: string): { rootPath: string; entries: ProjectPalFileEntry[]; supportedFileCount: number; truncated: boolean } {
+  const root = projectPalRoot(projectRootPath);
+  if (!root.exists) return { rootPath: resolve(projectRootPath, '.pal'), entries: [], supportedFileCount: 0, truncated: false };
+
+  let visited = 0;
+  let supportedFileCount = 0;
+  const walk = (directory: string): ProjectPalFileEntry[] => {
+    if (visited >= projectPalMaxTreeEntries) return [];
+    const entries = readdirSync(directory, { withFileTypes: true });
+    const tree: ProjectPalFileEntry[] = [];
+    for (const entry of entries) {
+      if (visited >= projectPalMaxTreeEntries) break;
+      const absolutePath = resolve(directory, entry.name);
+      const entryStat = lstatSync(absolutePath);
+      if (entryStat.isSymbolicLink()) continue;
+      const realEntryPath = realpathSync(absolutePath);
+      if (!isPathInside(root.palRoot, realEntryPath)) continue;
+      visited += 1;
+      const relativePath = relative(root.palRoot, realEntryPath).split(sep).join('/');
+      if (entry.isDirectory()) {
+        const children = walk(realEntryPath);
+        if (children.length) tree.push({ name: entry.name, path: relativePath, type: 'directory', children });
+        continue;
+      }
+      if (!entry.isFile()) continue;
+      const fileType = projectPalFileType(entry.name);
+      if (!fileType) continue;
+      supportedFileCount += 1;
+      tree.push({ name: entry.name, path: relativePath, type: 'file', file_type: fileType, size_bytes: entryStat.size });
+    }
+    return tree.sort((left, right) => {
+      if (left.type !== right.type) return left.type === 'directory' ? -1 : 1;
+      return left.name.localeCompare(right.name);
+    });
+  };
+
+  return { rootPath: root.palRoot, entries: walk(root.palRoot), supportedFileCount, truncated: visited >= projectPalMaxTreeEntries };
+}
+
+function readProjectPalFile(projectRootPath: string, requestedPath: string | null | undefined) {
+  const root = projectPalRoot(projectRootPath);
+  if (!root.exists) throw new HttpError(404, 'PAL_ROOT_NOT_FOUND', '.pal directory was not found for this project');
+  const relativePath = normalizePalRelativePath(requestedPath);
+  const absolutePath = resolve(root.palRoot, relativePath);
+  if (!existsSync(absolutePath)) throw new HttpError(404, 'PAL_FILE_NOT_FOUND', '.pal file was not found');
+  if (lstatSync(absolutePath).isSymbolicLink()) throw new HttpError(403, 'PAL_FILE_SYMLINK', 'symbolic links are not readable from .pal');
+  const realFilePath = realpathSync(absolutePath);
+  if (!isPathInside(root.palRoot, realFilePath)) throw new HttpError(403, 'PAL_FILE_OUTSIDE_PROJECT', 'file must resolve inside the project .pal directory');
+  const fileStat = statSync(realFilePath);
+  if (!fileStat.isFile()) throw new HttpError(400, 'PAL_FILE_NOT_READABLE', 'path is not a readable file');
+  if (fileStat.size > projectPalMaxReadBytes) throw new HttpError(413, 'PAL_FILE_TOO_LARGE', '.pal file is too large to preview');
+  const fileType = projectPalFileType(realFilePath);
+  if (!fileType) throw new HttpError(400, 'UNSUPPORTED_PAL_FILE', 'only Markdown and HTML files can be previewed');
+  return {
+    name: basename(realFilePath),
+    path: relative(root.palRoot, realFilePath).split(sep).join('/'),
+    file_type: fileType,
+    mime_type: fileType === 'markdown' ? 'text/markdown; charset=utf-8' : 'text/html; charset=utf-8',
+    size_bytes: fileStat.size,
+    content: readFileSync(realFilePath, 'utf8'),
+  };
+}
+
 function html(body: string): Response {
   return new Response(body, { headers: { 'content-type': 'text/html; charset=utf-8' } });
 }
 
+const webDistDir = fileURLToPath(new URL('../web/app/dist/', import.meta.url));
+const projectRootDir = fileURLToPath(new URL('../', import.meta.url));
+let attemptedWebBuild = false;
+
+interface PendingLarkRegistration {
+  id: string;
+  deviceCode: string;
+  url: string;
+  qrDataUrl: string;
+  expiresAt: number;
+  interval: number;
+  completed?: LarkRegistrationComplete;
+}
+
+const larkRegistrations = new Map<string, PendingLarkRegistration>();
+
+function credentialBindingsForAgent(credentials: LarkCredentialStore, agentKey: string): AgentDeletionLarkBindingImpact[] {
+  return credentials.bots
+    .filter((bot) => bot.agent === agentKey)
+    .map((bot) => ({ source: 'credential' as const, app_id: bot.appId, label: bot.label ?? null }));
+}
+
+function mergeAgentDeletionImpact(storeImpact: AgentDeletionImpact, credentials: LarkCredentialStore, agentKey: string): AgentDeletionImpact {
+  const seen = new Set<string>();
+  const larkBindings: AgentDeletionLarkBindingImpact[] = [];
+  for (const binding of [...storeImpact.lark_bindings, ...credentialBindingsForAgent(credentials, agentKey)]) {
+    const key = `${binding.source}:${binding.app_id}`;
+    if (seen.has(key)) continue;
+    seen.add(key);
+    larkBindings.push(binding);
+  }
+  return { ...storeImpact, lark_bindings: larkBindings };
+}
+
+function agentDeletionImpact(store: MessageStore, agentKey: string, configPath: string): AgentDeletionImpact | null {
+  const storeImpact = store.getAgentDeletionImpact(agentKey);
+  if (!storeImpact) return null;
+  try {
+    return mergeAgentDeletionImpact(storeImpact, loadLarkCredentials(configPath), agentKey);
+  } catch {
+    return storeImpact;
+  }
+}
+
+function pruneLarkRegistrations(): void {
+  const now = Date.now();
+  for (const [id, registration] of larkRegistrations) {
+    if (registration.expiresAt < now - 60_000) larkRegistrations.delete(id);
+  }
+}
+
+function larkRegistrationPublic(entry: PendingLarkRegistration, status: 'pending' | 'complete' = entry.completed ? 'complete' : 'pending') {
+  return {
+    id: entry.id,
+    status,
+    url: entry.url,
+    qrDataUrl: entry.qrDataUrl,
+    expiresAt: new Date(entry.expiresAt).toISOString(),
+    interval: entry.interval,
+    appId: entry.completed?.appId ?? null,
+    tenantBrand: entry.completed?.tenantBrand ?? null,
+    userOpenId: entry.completed?.userOpenId ?? null,
+  };
+}
+
+async function pollStoredLarkRegistration(id: string): Promise<PendingLarkRegistration> {
+  pruneLarkRegistrations();
+  const entry = larkRegistrations.get(id);
+  if (!entry) throw new HttpError(404, 'LARK_REGISTRATION_NOT_FOUND', 'registration was not found or has expired');
+  if (entry.completed) return entry;
+  if (Date.now() > entry.expiresAt) {
+    larkRegistrations.delete(id);
+    throw new HttpError(410, 'LARK_REGISTRATION_EXPIRED', 'registration link expired');
+  }
+  const result = await pollLarkAppRegistration({ deviceCode: entry.deviceCode });
+  if (result.status === 'pending') return entry;
+  if (result.status === 'slow_down') {
+    entry.interval = Math.max(entry.interval + 5, result.interval);
+    return entry;
+  }
+  if (result.status === 'complete') {
+    entry.completed = result.registration;
+    return entry;
+  }
+  throw new HttpError(400, 'LARK_REGISTRATION_FAILED', result.message);
+}
+
+function webAssetContentType(pathname: string): string {
+  if (pathname.endsWith('.js')) return 'text/javascript; charset=utf-8';
+  if (pathname.endsWith('.css')) return 'text/css; charset=utf-8';
+  if (pathname.endsWith('.svg')) return 'image/svg+xml';
+  if (pathname.endsWith('.png')) return 'image/png';
+  if (pathname.endsWith('.jpg') || pathname.endsWith('.jpeg')) return 'image/jpeg';
+  if (pathname.endsWith('.webp')) return 'image/webp';
+  if (pathname.endsWith('.ico')) return 'image/x-icon';
+  return 'application/octet-stream';
+}
+
+function builtWebIndex(): Response | null {
+  ensureBuiltWeb();
+  const indexPath = join(webDistDir, 'index.html');
+  if (!existsSync(indexPath)) return null;
+  return new Response(Bun.file(indexPath), { headers: { 'content-type': 'text/html; charset=utf-8' } });
+}
+
+function ensureBuiltWeb(): void {
+  if (attemptedWebBuild || existsSync(join(webDistDir, 'index.html'))) return;
+  attemptedWebBuild = true;
+  const result = Bun.spawnSync(['bun', 'run', 'web:build'], {
+    cwd: projectRootDir,
+    stdout: 'pipe',
+    stderr: 'pipe',
+  });
+  if (result.exitCode !== 0) {
+    const stderr = new TextDecoder().decode(result.stderr).trim();
+    console.warn(`[web] React build failed${stderr ? `: ${stderr}` : ''}`);
+  }
+}
+
+function missingWebBuild(): Response {
+  return html(`<!doctype html>
+<html lang="en">
+<head>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1">
+  <title>Pal Web</title>
+</head>
+<body>
+  <main>
+    <h1>React web build not found</h1>
+    <p>Run <code>bun run web:build</code> or use <code>bun run web:dev</code> for the Pal web UI.</p>
+  </main>
+</body>
+</html>`);
+}
+
+function builtWebAsset(pathname: string): Response | null {
+  if (!pathname.startsWith('/assets/')) return null;
+  ensureBuiltWeb();
+  const relative = decodeURIComponent(pathname.slice('/assets/'.length));
+  if (!relative || relative.includes('..') || relative.includes('/') || relative.includes('\\')) return null;
+  const assetPath = join(webDistDir, 'assets', relative);
+  if (!existsSync(assetPath)) return null;
+  return new Response(Bun.file(assetPath), { headers: { 'content-type': webAssetContentType(assetPath) } });
+}
+
 function daemonAuthFromRequest(request: Request): { computerId: string; connectionId: string; token: string } | null {
   const computerId = request.headers.get('x-pal-computer-id')?.trim();
   const connectionId = request.headers.get('x-pal-connection-id')?.trim();
@@ -195,12 +1063,73 @@ function requireDaemonConnection(store: MessageStore, request: Request): { compu
   return connection;
 }
 
-export function route(store: MessageStore, request: Request): Promise<Response> | Response {
+function requireAgentScopedRead(store: MessageStore, request: Request, url: URL, roomId: string): void {
+  const agent = stringParam(url, 'agent_scope');
+  if (!agent) return;
+  const connection = requireDaemonConnection(store, request);
+  if (!store.daemonHasAgent(connection.connectionId, agent)) {
+    throw new HttpError(403, 'CONNECTION_AGENT_NOT_REGISTERED', 'connection has not registered this agent');
+  }
+  const room = store.getChatById(roomId);
+  if (!room) throw new HttpError(404, 'ROOM_NOT_FOUND', 'room not found');
+  if (!store.canAgentParticipateInRoom(agent, room)) {
+    throw new HttpError(403, 'ROOM_ACCESS_DENIED', 'agent cannot read this room');
+  }
+}
+
+async function publishMessageSideEffects(store: MessageStore, options: AppRouteOptions, message: Message, content: string): Promise<{ deliveries: MessageDelivery[]; notify: DeliveryNotifyResult }> {
+  const deliveries = store.resolveDeliveriesForMessage(message.id);
+  const notify = notifyDeliveries(options, deliveries);
+
+  const credentials = loadLarkCredentials();
+  const outboundRoute = resolveLarkOutboundRoute(store, credentials, message.sender, message.chat_id);
+  if (outboundRoute) {
+    const { conversation, bot } = outboundRoute;
+    try {
+      const client = createLarkApiClient(bot.appId, bot.appSecret);
+      const mention = resolveLarkMentionTarget(store, outboundRoute.account, message.recipient);
+      const result = await sendTextMessage({
+        client,
+        receiveIdType: 'chat_id',
+        receiveId: conversation.external_chat_id,
+        text: larkOutboundMessageText(message, content),
+        mention,
+      });
+      console.log(`[lark] forwarded message to chat=${conversation.external_chat_id} messageId=${result.messageId ?? '-'}`);
+    } catch (err) {
+      console.warn(`[lark] failed to forward message to chat=${conversation.external_chat_id}: ${err instanceof Error ? err.message : String(err)}`);
+    }
+  }
+
+  return { deliveries, notify };
+}
+
+export function larkOutboundMessageText(message: Message, content: string): string {
+  const attachments = message.attachments ?? [];
+  if (attachments.length === 0) return content;
+  const baseUrl = process.env.PAL_PUBLIC_BASE_URL ?? process.env.PAL_SERVER_PUBLIC_URL ?? '';
+  const lines = attachments.map((attachment) => {
+    const label = attachment.filename || attachment.id;
+    const url = baseUrl
+      ? `${baseUrl.replace(/\/+$/, '')}/api/message-attachments/${encodeURIComponent(attachment.id)}/content`
+      : `/api/message-attachments/${encodeURIComponent(attachment.id)}/content`;
+    return `- ${label} (${attachment.mime_type}, ${attachment.size_bytes} bytes): ${url}`;
+  });
+  const body = content.trim() || '[file]';
+  return `${body}\n\nAttachments:\n${lines.join('\n')}`;
+}
+
+export function route(store: MessageStore, request: Request, options: AppRouteOptions = {}): Promise<Response> | Response {
   const url = new URL(request.url);
   const { pathname } = url;
 
   if (request.method === 'GET' && pathname === '/') {
-    return html(dashboardHtml());
+    return builtWebIndex() ?? missingWebBuild();
+  }
+
+  if (request.method === 'GET') {
+    const asset = builtWebAsset(pathname);
+    if (asset) return asset;
   }
 
   if (request.method === 'GET' && pathname === '/health') {
@@ -222,6 +1151,71 @@ export function route(store: MessageStore, request: Request): Promise<Response>
     return json({ computers: store.listComputers(numberParam(url, 'limit', 50)) });
   }
 
+  const computerMatch = pathname.match(/^\/api\/computers\/([^/]+)$/);
+  if (request.method === 'PATCH' && computerMatch) {
+    return readJson<UpdateComputerBody>(request).then((body) => {
+      const name = body.name?.trim();
+      if (!name) throw new HttpError(400, 'MISSING_COMPUTER_NAME', 'name is required');
+      try {
+        const computer = store.updateComputerName(decodeURIComponent(computerMatch[1]!), name);
+        return json({ computer });
+      } catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        if (message === 'computer not found') throw new HttpError(404, 'COMPUTER_NOT_FOUND', 'computer not found');
+        throw error;
+      }
+    });
+  }
+
+  const computerReconnectCommandMatch = pathname.match(/^\/api\/computers\/([^/]+)\/reconnect-command$/);
+  if (request.method === 'POST' && computerReconnectCommandMatch) {
+    return readJson<RegenerateComputerCommandBody>(request).then((body) => {
+      try {
+        const result = store.regenerateComputerCommand(decodeURIComponent(computerReconnectCommandMatch[1]!), {
+          serverUrl: body.server_url,
+          packageName: body.package_name,
+        });
+        return json(result);
+      } catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        if (message === 'computer not found') throw new HttpError(404, 'COMPUTER_NOT_FOUND', 'computer not found');
+        throw error;
+      }
+    });
+  }
+
+  const computerDeleteImpactMatch = pathname.match(/^\/api\/computers\/([^/]+)\/delete-impact$/);
+  if (request.method === 'GET' && computerDeleteImpactMatch) {
+    const impact = store.getComputerDeletionImpact(decodeURIComponent(computerDeleteImpactMatch[1]!));
+    if (!impact) throw new HttpError(404, 'COMPUTER_NOT_FOUND', 'computer not found');
+    return json({ impact });
+  }
+
+  if (request.method === 'DELETE' && computerMatch) {
+    return readOptionalJson<DeleteComputerBody>(request).then((body) => {
+      try {
+        const deletion = store.deleteComputer(decodeURIComponent(computerMatch[1]!), {
+          removeProjects: body.remove_projects === true,
+          removeAssignments: body.remove_agents === true,
+        });
+        return json({ ...deletion, deleted: true });
+      } catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        if (message === 'computer not found') throw new HttpError(404, 'COMPUTER_NOT_FOUND', 'computer not found');
+        if (message === 'COMPUTER_HAS_PROJECTS') throw new HttpError(409, 'COMPUTER_HAS_PROJECTS', 'computer has projects');
+        if (message === 'COMPUTER_HAS_ASSIGNMENTS') throw new HttpError(409, 'COMPUTER_HAS_ASSIGNMENTS', 'computer has agent assignments');
+        throw error;
+      }
+    });
+  }
+
+  const computerWorkloadMatch = pathname.match(/^\/api\/computers\/([^/]+)\/workload$/);
+  if (request.method === 'GET' && computerWorkloadMatch) {
+    const workload = store.getComputerWorkload(decodeURIComponent(computerWorkloadMatch[1]!));
+    if (!workload) throw new HttpError(404, 'COMPUTER_NOT_FOUND', 'computer not found');
+    return json({ workload });
+  }
+
   if (request.method === 'POST' && pathname === '/api/computers/provision') {
     return readJson<ProvisionComputerBody>(request).then((body) => {
       const result = store.provisionComputer({
@@ -251,7 +1245,14 @@ export function route(store: MessageStore, request: Request): Promise<Response>
           capabilities: agent.capabilities,
         })),
       });
-      return json(result, 201);
+      return json({
+        computer: result.computer,
+        connection: result.connection,
+        token: result.token,
+        local_control_token: result.localControlToken,
+        daemon: result.daemon,
+        agents: result.agents,
+      }, 201);
     });
   }
 
@@ -306,35 +1307,418 @@ export function route(store: MessageStore, request: Request): Promise<Response>
         content,
         ttlSeconds: body.ttl_seconds,
       });
-      return json({ artifact: result.artifact, token: result.token, url: `/artifacts/${result.token}` }, 201);
+      return json({ artifact: result.artifact, token: result.token, url: `/artifacts/${result.token}` }, 201);
+    });
+  }
+
+  if (request.method === 'POST' && pathname === '/api/artifacts/cleanup') {
+    assertServerAuth(request);
+    return json({ deleted: store.cleanupArtifacts() });
+  }
+
+  const artifactRevokeMatch = pathname.match(/^\/api\/artifacts\/([^/]+)\/revoke$/);
+  if (request.method === 'POST' && artifactRevokeMatch) {
+    assertServerAuth(request);
+    return json({ artifact: store.revokeArtifact(artifactRevokeMatch[1]!) });
+  }
+
+  if (request.method === 'GET' && pathname === '/api/chats') {
+    return json({ chats: store.listChats() });
+  }
+
+  if (request.method === 'GET' && pathname === '/api/rooms') {
+    const scopedAgent = stringParam(url, 'agent_scope');
+    if (scopedAgent) {
+      const connection = requireDaemonConnection(store, request);
+      if (!store.daemonHasAgent(connection.connectionId, scopedAgent)) {
+        throw new HttpError(403, 'CONNECTION_AGENT_NOT_REGISTERED', 'connection has not registered this agent');
+      }
+      return json({ rooms: store.listChatsForAgent(scopedAgent) });
+    }
+    return json({ rooms: store.listChats() });
+  }
+
+  if (request.method === 'GET' && pathname === '/api/projects') {
+    return json({ projects: store.listProjects(numberParam(url, 'limit', 50)) });
+  }
+
+  if (request.method === 'POST' && pathname === '/api/projects') {
+    return readJson<CreateProjectBody>(request).then(async (body) => {
+      const name = body.name?.trim();
+      const computerId = body.computer_id?.trim();
+      const rootPath = body.root_path?.trim();
+      if (!name) throw new HttpError(400, 'MISSING_PROJECT_NAME', 'name is required');
+      if (!computerId) throw new HttpError(400, 'MISSING_COMPUTER_ID', 'computer_id is required');
+      if (!rootPath) throw new HttpError(400, 'MISSING_ROOT_PATH', 'root_path is required');
+      await validateRemoteProjectPath(store, computerId, rootPath);
+      const project = store.createProject({ name, computerId, rootPath });
+      return json({ project }, 201);
+    });
+  }
+
+  const projectMatch = pathname.match(/^\/api\/projects\/([^/]+)$/);
+  if (request.method === 'PATCH' && projectMatch) {
+    return readJson<UpdateProjectBody>(request).then((body) => {
+      const project = store.getProject(decodeURIComponent(projectMatch[1]!));
+      if (!project) throw new HttpError(404, 'PROJECT_NOT_FOUND', 'project not found');
+      if (body.status !== 'active' && body.status !== 'archived') throw new HttpError(400, 'BAD_PROJECT_STATUS', 'status must be active or archived');
+      return json({ project: store.updateProjectStatus(project.id, body.status) });
+    });
+  }
+
+  if (request.method === 'DELETE' && projectMatch) {
+    const project = store.getProject(decodeURIComponent(projectMatch[1]!));
+    if (!project) throw new HttpError(404, 'PROJECT_NOT_FOUND', 'project not found');
+    try {
+      const deleted = store.deleteProject(project.id);
+      return json({ project: deleted, deleted: true });
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      if (message.startsWith('PROJECT_NOT_ARCHIVED')) throw new HttpError(409, 'PROJECT_NOT_ARCHIVED', 'project must be archived before deletion');
+      throw error;
+    }
+  }
+
+  const projectAgentDefaultsMatch = pathname.match(/^\/api\/projects\/([^/]+)\/agent-defaults$/);
+  if (request.method === 'GET' && projectAgentDefaultsMatch) {
+    const project = store.getProject(decodeURIComponent(projectAgentDefaultsMatch[1]!));
+    if (!project) throw new HttpError(404, 'PROJECT_NOT_FOUND', 'project not found');
+    return json({ project, defaults: store.listProjectAgentDefaults(project.id) });
+  }
+
+  if (request.method === 'PUT' && projectAgentDefaultsMatch) {
+    return readJson<ProjectAgentDefaultsBody>(request).then((body) => {
+      const project = store.getProject(decodeURIComponent(projectAgentDefaultsMatch[1]!));
+      if (!project) throw new HttpError(404, 'PROJECT_NOT_FOUND', 'project not found');
+      const defaults = body.defaults;
+      if (!Array.isArray(defaults)) throw new HttpError(400, 'BAD_PROJECT_AGENT_DEFAULTS', 'defaults must be an array');
+      return json({
+        project,
+        defaults: store.setProjectAgentDefaults(project.id, defaults.map((item) => {
+          if (!item.agent?.trim()) throw new HttpError(400, 'MISSING_AGENT', 'agent is required');
+          return { agent: item.agent, mode: parseAgentRoomSubscriptionMode(item.mode ?? 'mentions') };
+        })),
+      });
+    });
+  }
+
+  const computerFilesMatch = pathname.match(/^\/api\/computers\/([^/]+)\/files$/);
+  if (request.method === 'GET' && computerFilesMatch) {
+    const computerId = decodeURIComponent(computerFilesMatch[1]!);
+    const control = store.getComputerLocalControl(computerId);
+    if (!control) throw new HttpError(409, 'COMPUTER_NOT_BROWSABLE', 'computer is not online or does not expose a local filesystem browser');
+    const params = new URLSearchParams();
+    const browsePath = stringParam(url, 'path');
+    if (browsePath) params.set('path', browsePath);
+    if (url.searchParams.get('show_hidden') === 'true') params.set('show_hidden', 'true');
+    return fetchDaemonJson({ localUrl: control.daemon.local_url, token: control.token, path: `/local/files${params.size ? `?${params}` : ''}` })
+      .then((data) => json(data));
+  }
+
+  if (request.method === 'POST' && pathname === '/api/rooms') {
+    return readJson<CreateRoomBody>(request).then((body) => {
+      if (!body.name?.trim()) throw new HttpError(400, 'MISSING_ROOM_NAME', 'name is required');
+      if (body.kind && body.kind !== 'group') throw new HttpError(400, 'BAD_ROOM_KIND', 'web rooms are always group rooms');
+      const existing = store.getChatByName(body.name);
+      if (existing) throw new HttpError(409, 'ROOM_NAME_EXISTS', `room name already exists: ${existing.name}`);
+      const room = store.getOrCreateChat(body.name, 'group');
+      return json({ room }, 201);
+    });
+  }
+
+  if (request.method === 'POST' && pathname === '/api/rooms/handoff') {
+    return readJson<HandoffRoomBody>(request).then(async (body) => {
+      const sourceRoomId = body.source_room_id?.trim();
+      const actor = body.actor?.trim();
+      const purpose = body.purpose?.trim();
+      const roomName = body.name?.trim();
+      if (!sourceRoomId) throw new HttpError(400, 'MISSING_SOURCE_ROOM', 'source_room_id is required');
+      if (!actor) throw new HttpError(400, 'MISSING_ACTOR', 'actor is required');
+      if (!purpose) throw new HttpError(400, 'MISSING_PURPOSE', 'purpose is required');
+      if (!roomName) throw new HttpError(400, 'MISSING_ROOM_NAME', 'name is required');
+      if (!store.getAgent(actor)) throw new HttpError(404, 'AGENT_NOT_FOUND', 'actor agent not found');
+
+      const sourceRoom = store.getChatById(sourceRoomId);
+      if (!sourceRoom) throw new HttpError(404, 'SOURCE_ROOM_NOT_FOUND', 'source room not found');
+      if (!store.canAgentParticipateInRoom(actor, sourceRoom)) {
+        throw new HttpError(403, 'ROOM_ACCESS_DENIED', 'actor cannot read the source room');
+      }
+      if (body.source_message_id !== undefined) {
+        const sourceMessage = store.getMessage(Number(body.source_message_id));
+        if (!sourceMessage || sourceMessage.chat_id !== sourceRoom.id) {
+          throw new HttpError(404, 'SOURCE_MESSAGE_NOT_FOUND', 'source message was not found in source room');
+        }
+      }
+
+      const teamWasExplicit = Array.isArray(body.team);
+      const team = teamWasExplicit
+        ? body.team!.map((item) => {
+          if (!item.agent?.trim()) throw new HttpError(400, 'MISSING_AGENT', 'team agent is required');
+          return { agent: item.agent.trim(), mode: parseAgentRoomSubscriptionMode(item.mode ?? 'mentions') };
+        })
+        : sourceRoom.project_id
+          ? null
+          : store.listAgentRoomSubscriptions(sourceRoom.id).map((item) => ({ agent: item.agent, mode: item.mode }));
+
+      let room: Chat | null;
+      if (sourceRoom.project_id) {
+        room = store.createProjectRoom({ projectId: sourceRoom.project_id, name: roomName, kind: 'group' });
+      } else {
+        if (store.getChatByName(roomName)) throw new HttpError(409, 'ROOM_NAME_EXISTS', `room name already exists: ${roomName}`);
+        room = store.getOrCreateChat(roomName, 'group');
+      }
+      if (!room) throw new HttpError(500, 'ROOM_CREATE_FAILED', 'room was not created');
+
+      if (teamWasExplicit || team) {
+        const desired = new Map((team ?? []).map((item) => [item.agent, item.mode]));
+        for (const existing of store.listAgentRoomSubscriptions(room.id)) {
+          if (!desired.has(existing.agent)) store.leaveAgentRoom({ roomId: room.id, agent: existing.agent });
+        }
+        for (const [agent, mode] of desired) {
+          store.inviteAgentToRoom({ roomId: room.id, agent, mode });
+        }
+      }
+
+      const content = body.handoff_content?.trim();
+      if (content) {
+        const message = store.createMessage({
+          chatId: room.id,
+          sender: 'system',
+          content,
+          type: 'system',
+          mentions: [actor],
+        });
+        const sideEffects = await publishMessageSideEffects(store, options, message, content);
+        return json({ room: store.getChatById(room.id), message, deliveries: sideEffects.deliveries, notify: sideEffects.notify }, 201);
+      }
+      return json({ room: store.getChatById(room.id), message: null, deliveries: [], notify: null }, 201);
+    });
+  }
+
+  const roomMatch = pathname.match(/^\/api\/rooms\/([^/]+)$/);
+  if (request.method === 'PATCH' && roomMatch) {
+    return readJson<UpdateRoomBody>(request).then((body) => {
+      const room = store.resolveRoom(decodeURIComponent(roomMatch[1]!));
+      if (!room) throw new HttpError(404, 'ROOM_NOT_FOUND', 'room not found');
+      if (room.provider !== 'web') throw new HttpError(403, 'EXTERNAL_ROOM_STATUS_READ_ONLY', 'external provider rooms cannot be archived from Web');
+      if (body.status !== 'active' && body.status !== 'archived') throw new HttpError(400, 'BAD_ROOM_STATUS', 'status must be active or archived');
+      return json({ room: store.updateRoomStatus(room.id, body.status) });
+    });
+  }
+
+  if (request.method === 'DELETE' && roomMatch) {
+    const room = store.resolveRoom(decodeURIComponent(roomMatch[1]!));
+    if (!room) throw new HttpError(404, 'ROOM_NOT_FOUND', 'room not found');
+    try {
+      const deleted = store.deleteRoom(room.id);
+      return json({ room: deleted, deleted: true });
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      if (message.startsWith('EXTERNAL_ROOM_DELETE_READ_ONLY')) throw new HttpError(403, 'EXTERNAL_ROOM_DELETE_READ_ONLY', 'external provider rooms cannot be deleted from Web');
+      if (message.startsWith('ROOM_NOT_ARCHIVED')) throw new HttpError(409, 'ROOM_NOT_ARCHIVED', 'room must be archived before deletion');
+      throw error;
+    }
+  }
+
+  const roomProjectPalMatch = pathname.match(/^\/api\/rooms\/([^/]+)\/project-pal$/);
+  if (request.method === 'GET' && roomProjectPalMatch) {
+    const room = store.resolveRoom(decodeURIComponent(roomProjectPalMatch[1]!));
+    if (!room) throw new HttpError(404, 'ROOM_NOT_FOUND', 'room not found');
+    if (!room.project_id || !room.project_root_path) throw new HttpError(404, 'ROOM_PROJECT_NOT_FOUND', 'room is not bound to a project');
+    const files = listProjectPalFiles(room.project_root_path);
+    return json({
+      room,
+      project: {
+        id: room.project_id,
+        name: room.project_name,
+        root_path: room.project_root_path,
+      },
+      pal_root_path: files.rootPath,
+      entries: files.entries,
+      supported_file_count: files.supportedFileCount,
+      truncated: files.truncated,
+    });
+  }
+
+  const roomProjectPalContentMatch = pathname.match(/^\/api\/rooms\/([^/]+)\/project-pal\/content$/);
+  if (request.method === 'GET' && roomProjectPalContentMatch) {
+    const room = store.resolveRoom(decodeURIComponent(roomProjectPalContentMatch[1]!));
+    if (!room) throw new HttpError(404, 'ROOM_NOT_FOUND', 'room not found');
+    if (!room.project_id || !room.project_root_path) throw new HttpError(404, 'ROOM_PROJECT_NOT_FOUND', 'room is not bound to a project');
+    return json({
+      room,
+      file: readProjectPalFile(room.project_root_path, stringParam(url, 'path')),
+    });
+  }
+
+  const roomProjectPalGitStatusMatch = pathname.match(/^\/api\/rooms\/([^/]+)\/project-pal\/git-status$/);
+  if (request.method === 'GET' && roomProjectPalGitStatusMatch) {
+    const room = store.resolveRoom(decodeURIComponent(roomProjectPalGitStatusMatch[1]!));
+    if (!room) throw new HttpError(404, 'ROOM_NOT_FOUND', 'room not found');
+    if (!room.project_id || !room.project_root_path) throw new HttpError(404, 'ROOM_PROJECT_NOT_FOUND', 'room is not bound to a project');
+    return json({
+      room,
+      changes: projectPalGitChanges(room.project_root_path),
+    });
+  }
+
+  const roomProjectPalGitDiffMatch = pathname.match(/^\/api\/rooms\/([^/]+)\/project-pal\/git-diff$/);
+  if (request.method === 'GET' && roomProjectPalGitDiffMatch) {
+    const room = store.resolveRoom(decodeURIComponent(roomProjectPalGitDiffMatch[1]!));
+    if (!room) throw new HttpError(404, 'ROOM_NOT_FOUND', 'room not found');
+    if (!room.project_id || !room.project_root_path) throw new HttpError(404, 'ROOM_PROJECT_NOT_FOUND', 'room is not bound to a project');
+    return json({
+      room,
+      changes: projectPalGitChanges(room.project_root_path, { includeDiff: true }),
+    });
+  }
+
+  const roomProjectPalGitCommitMatch = pathname.match(/^\/api\/rooms\/([^/]+)\/project-pal\/git-commit$/);
+  if (request.method === 'POST' && roomProjectPalGitCommitMatch) {
+    return readJson<ProjectPalGitCommitBody>(request).then((body) => {
+      const room = store.resolveRoom(decodeURIComponent(roomProjectPalGitCommitMatch[1]!));
+      if (!room) throw new HttpError(404, 'ROOM_NOT_FOUND', 'room not found');
+      if (!room.project_id || !room.project_root_path) throw new HttpError(404, 'ROOM_PROJECT_NOT_FOUND', 'room is not bound to a project');
+      const projectRootPath = room.project_root_path;
+      const message = body.message?.trim();
+      if (!message) throw new HttpError(400, 'MISSING_COMMIT_MESSAGE', 'commit message is required');
+
+      const info = projectPalGitInfo(projectRootPath);
+      if (!info.git.available || !info.git.head) throw new HttpError(409, 'GIT_NOT_AVAILABLE', info.git.error || 'project is not inside a Git repository with a HEAD commit');
+      const expectedHead = body.expected_head?.trim();
+      if (expectedHead && expectedHead !== info.git.head) throw new HttpError(409, 'GIT_HEAD_CHANGED', 'Git HEAD changed; refresh changes before committing');
+
+      const selectedPaths = body.files?.length
+        ? body.files
+        : projectPalGitChanges(projectRootPath).files.map((file) => file.path);
+      const repoPaths = Array.from(new Set(selectedPaths.map((filePath) => projectPalCommitPath(projectRootPath, filePath))));
+      if (!repoPaths.length) throw new HttpError(400, 'NO_COMMIT_FILES', 'no .pal Markdown files were selected');
+
+      const status = projectPalGitChanges(projectRootPath);
+      const dirtyRepoPaths = new Set(status.files.map((file) => file.repo_path));
+      const filteredRepoPaths = repoPaths.filter((repoPath) => dirtyRepoPaths.has(repoPath));
+      if (!filteredRepoPaths.length) throw new HttpError(409, 'NO_COMMIT_CHANGES', 'selected .pal Markdown files have no changes to commit');
+
+      gitCommand(projectRootPath, ['add', '--', ...filteredRepoPaths]);
+      gitCommand(projectRootPath, ['commit', '-m', message, '--', ...filteredRepoPaths]);
+      const committedHead = gitCommand(projectRootPath, ['rev-parse', 'HEAD']).stdout.trim();
+      return json({
+        room,
+        commit: {
+          previous_head: info.git.head,
+          head: committedHead,
+          message,
+          files: filteredRepoPaths,
+        },
+        changes: projectPalGitChanges(projectRootPath, { includeDiff: true }),
+      });
     });
   }
 
-  if (request.method === 'POST' && pathname === '/api/artifacts/cleanup') {
-    assertServerAuth(request);
-    return json({ deleted: store.cleanupArtifacts() });
+  const projectRoomsMatch = pathname.match(/^\/api\/projects\/([^/]+)\/rooms$/);
+  if (request.method === 'POST' && projectRoomsMatch) {
+    return readJson<CreateRoomBody>(request).then((body) => {
+      if (!body.name?.trim()) throw new HttpError(400, 'MISSING_ROOM_NAME', 'name is required');
+      if (body.kind && body.kind !== 'group') throw new HttpError(400, 'BAD_ROOM_KIND', 'web rooms are always group rooms');
+      const room = store.createProjectRoom({
+        projectId: decodeURIComponent(projectRoomsMatch[1]!),
+        name: body.name,
+        kind: 'group',
+        mode: parseRoomMode(body.mode),
+      });
+      return json({ room }, 201);
+    });
   }
 
-  const artifactRevokeMatch = pathname.match(/^\/api\/artifacts\/([^/]+)\/revoke$/);
-  if (request.method === 'POST' && artifactRevokeMatch) {
-    assertServerAuth(request);
-    return json({ artifact: store.revokeArtifact(artifactRevokeMatch[1]!) });
+  if (request.method === 'GET' && pathname === '/api/skills') {
+    const source = stringParam(url, 'source') as SkillSource | undefined;
+    const scope = stringParam(url, 'scope') as SkillBindingScope | undefined;
+    const scopeId = stringParam(url, 'scope_id');
+    return json({
+      skills: store.listSkillDefinitions({
+        source: source ? parseSkillSource(source) : undefined,
+        ownerUserId: url.searchParams.has('owner_user_id') ? stringParam(url, 'owner_user_id') : undefined,
+        projectId: url.searchParams.has('project_id') ? stringParam(url, 'project_id') : undefined,
+        includeDisabled: stringParam(url, 'include_disabled') === 'true',
+      }),
+      bindings: store.listSkillBindings({
+        scope: scope ? parseSkillBindingScope(scope) : undefined,
+        scopeId: scopeId ?? undefined,
+      }),
+      enabled_skills: store.listEnabledSkills({
+        projectId: stringParam(url, 'enabled_project_id'),
+        roomId: stringParam(url, 'enabled_room_id'),
+        agent: stringParam(url, 'enabled_agent'),
+      }),
+      native_runtime_warning: 'PAL-managed skills are injected by PAL for project, room, and agent context. Native runtime-discovered global skills from Codex, OpenCode, or other adapters may still be loaded by those runtimes and may not be fully blockable from PAL Web; keep native global skill directories minimal.',
+      activation_scopes: skillBindingScopes,
+      repository_sources: skillSources,
+    });
   }
 
-  if (request.method === 'GET' && pathname === '/api/chats') {
-    return json({ chats: store.listChats() });
+  if (request.method === 'POST' && pathname === '/api/skills') {
+    return readJson<UpsertSkillBody>(request).then((body) => {
+      try {
+        const source = parseSkillSource(body.source);
+        const skill = store.createSkillDefinition({
+          key: body.key ?? '',
+          name: body.name ?? '',
+          description: body.description ?? '',
+          instructionContent: body.instruction_content ?? '',
+          status: body.status,
+          source,
+          ownerUserId: source === 'user' ? body.owner_user_id ?? 'owner' : body.owner_user_id ?? null,
+          projectId: body.project_id ?? null,
+          repositoryPath: body.repository_path ?? null,
+        });
+        return json({ skill }, 201);
+      } catch (error) {
+        throw skillStoreHttpError(error) ?? error;
+      }
+    });
   }
 
-  if (request.method === 'GET' && pathname === '/api/rooms') {
-    return json({ rooms: store.listChats() });
+  const skillDefinitionMatch = pathname.match(/^\/api\/skills\/([^/]+)$/);
+  if (request.method === 'PATCH' && skillDefinitionMatch) {
+    return readJson<UpsertSkillBody>(request).then((body) => {
+      try {
+        const skill = store.updateSkillDefinition(decodeURIComponent(skillDefinitionMatch[1]!), {
+          name: body.name,
+          description: body.description,
+          instructionContent: body.instruction_content,
+          status: body.status,
+          ownerUserId: body.owner_user_id,
+          projectId: body.project_id,
+          repositoryPath: body.repository_path,
+        });
+        return json({ skill });
+      } catch (error) {
+        throw skillStoreHttpError(error) ?? error;
+      }
+    });
   }
 
-  if (request.method === 'POST' && pathname === '/api/rooms') {
-    return readJson<CreateRoomBody>(request).then((body) => {
-      if (!body.name?.trim()) throw new HttpError(400, 'MISSING_ROOM_NAME', 'name is required');
-      if (body.kind && body.kind !== 'group' && body.kind !== 'dm') throw new HttpError(400, 'BAD_ROOM_KIND', 'kind must be group or dm');
-      const room = store.getOrCreateChat(body.name, body.kind ?? 'group');
-      return json({ room }, 201);
+  if (request.method === 'PUT' && pathname === '/api/skill-bindings') {
+    return readJson<SkillBindingBody>(request).then((body) => {
+      const binding = store.upsertSkillBinding({
+        scope: parseSkillBindingScope(body.scope),
+        scopeId: body.scope_id ?? '',
+        skillKey: body.skill_key ?? '',
+        enabled: body.enabled,
+        priority: Number.isInteger(body.priority) ? body.priority : undefined,
+      });
+      return json({ binding });
+    });
+  }
+
+  if (request.method === 'DELETE' && pathname === '/api/skill-bindings') {
+    return readJson<SkillBindingBody>(request).then((body) => {
+      const deleted = store.deleteSkillBinding({
+        scope: parseSkillBindingScope(body.scope),
+        scopeId: body.scope_id ?? '',
+        skillKey: body.skill_key ?? '',
+      });
+      return json({ deleted });
     });
   }
 
@@ -345,6 +1729,12 @@ export function route(store: MessageStore, request: Request): Promise<Response>
     return json({
       room,
       participants: store.listRoomParticipants(room.id),
+      agent_subscriptions: store.listAgentRoomSubscriptions(room.id),
+      enabled_skills: store.listEnabledSkills({
+        projectId: room.project_id,
+        roomId: room.id,
+        agent: stringParam(url, 'agent'),
+      }),
       completeness: 'Human members come from lark_member_api snapshots. Bot members are known/observed only; Feishu member-list API filters bots.',
     });
   }
@@ -362,6 +1752,18 @@ export function route(store: MessageStore, request: Request): Promise<Response>
     });
   }
 
+  const roomAgentActivityMatch = pathname.match(/^\/api\/rooms\/([^/]+)\/agent-activity$/);
+  if (request.method === 'GET' && roomAgentActivityMatch) {
+    const room = store.resolveRoom(decodeURIComponent(roomAgentActivityMatch[1]!));
+    if (!room) throw new HttpError(404, 'ROOM_NOT_FOUND', 'room not found');
+    const agent = stringParam(url, 'agent');
+    return json({
+      room,
+      activity: store.listRoomAgentActivity(room.id),
+      events: agent ? store.listActivityForRoomAgent(room.id, agent, numberParam(url, 'limit', 80)) : [],
+    });
+  }
+
   const transcriptReadMatch = pathname.match(/^\/api\/transcripts\/([^/]+)\/messages$/);
   if (request.method === 'GET' && transcriptReadMatch) {
     return json({ messages: store.listTranscriptMessagesReadOnly(transcriptReadMatch[1]!, numberParam(url, 'limit', 50)) });
@@ -371,17 +1773,85 @@ export function route(store: MessageStore, request: Request): Promise<Response>
     return json({ agents: store.listAgents(numberParam(url, 'limit', 50)) });
   }
 
+  const agentWorkbenchMatch = pathname.match(/^\/api\/agents\/([^/]+)\/workbench$/);
+  if (request.method === 'GET' && agentWorkbenchMatch) {
+    const workbench = store.getAgentWorkbench(decodeURIComponent(agentWorkbenchMatch[1]!));
+    if (!workbench) throw new HttpError(404, 'AGENT_NOT_FOUND', 'agent not found');
+    return json({ workbench });
+  }
+
+  const agentWorkspaceFilesMatch = pathname.match(/^\/api\/agents\/([^/]+)\/workspace-files$/);
+  if (request.method === 'GET' && agentWorkspaceFilesMatch) {
+    const agent = store.getAgent(decodeURIComponent(agentWorkspaceFilesMatch[1]!));
+    if (!agent) throw new HttpError(404, 'AGENT_NOT_FOUND', 'agent not found');
+    return json({ files: listAgentWorkspaceFiles(agent) });
+  }
+
+  if (request.method === 'PUT' && agentWorkspaceFilesMatch) {
+    return readJson<AgentWorkspaceFileUpdateBody>(request).then((body) => {
+      const agent = store.getAgent(decodeURIComponent(agentWorkspaceFilesMatch[1]!));
+      if (!agent) throw new HttpError(404, 'AGENT_NOT_FOUND', 'agent not found');
+      if (typeof body.path !== 'string' || typeof body.content !== 'string') {
+        throw new HttpError(400, 'WORKSPACE_FILE_UPDATE_INVALID', 'workspace file update requires path and content');
+      }
+      try {
+        return json({ file: updateAgentWorkspaceFile(agent, body.path, body.content) });
+      } catch (err) {
+        if (err instanceof AgentWorkspaceFileError) {
+          throw new HttpError(err.status, err.code, err.message);
+        }
+        throw err;
+      }
+    });
+  }
+
+  const agentPermissionsMatch = pathname.match(/^\/api\/agents\/([^/]+)\/permissions$/);
+  if (request.method === 'GET' && agentPermissionsMatch) {
+    const agentKey = decodeURIComponent(agentPermissionsMatch[1]!);
+    if (!store.getAgent(agentKey)) throw new HttpError(404, 'AGENT_NOT_FOUND', `agent ${agentKey} not found`);
+    return json({ profile: store.getAgentPermissionProfile(agentKey) });
+  }
+
+  if (request.method === 'PUT' && agentPermissionsMatch) {
+    return readJson<AgentPermissionsBody>(request).then((body) => {
+      const agentKey = decodeURIComponent(agentPermissionsMatch[1]!);
+      if (!store.getAgent(agentKey)) throw new HttpError(404, 'AGENT_NOT_FOUND', `agent ${agentKey} not found`);
+      const validation = validateAgentPermissionProfile(body);
+      if (!validation.ok) {
+        throw new HttpError(400, 'PERMISSION_PROFILE_INVALID', validation.diagnostics.filter((diagnostic) => diagnostic.level === 'error').map((diagnostic) => diagnostic.message).join('; '));
+      }
+      const profile = store.upsertAgentPermissionProfile(agentKey, validation.profile);
+      return json({ profile, warnings: validation.warnings });
+    });
+  }
+
+  const agentPermissionsValidateMatch = pathname.match(/^\/api\/agents\/([^/]+)\/permissions\/validate$/);
+  if (request.method === 'POST' && agentPermissionsValidateMatch) {
+    return readJson<AgentPermissionsBody>(request).then((body) => {
+      const agentKey = decodeURIComponent(agentPermissionsValidateMatch[1]!);
+      if (!store.getAgent(agentKey)) throw new HttpError(404, 'AGENT_NOT_FOUND', `agent ${agentKey} not found`);
+      const validation = validateAgentPermissionProfile(body, { checkFilesystem: url.searchParams.get('check_filesystem') === '1' });
+      return json(validation);
+    });
+  }
+
+  if (request.method === 'GET' && pathname === '/api/runtime-models') {
+    return allRuntimeModelOptions().then((runtimes) => json({ runtimes }));
+  }
+
   if (request.method === 'POST' && pathname === '/api/agents/onboard') {
-    return readJson<OnboardAgentBody>(request).then((body) => {
-      const agentKey = body.agent_key?.trim();
+    return readJson<OnboardAgentBody>(request).then(async (body) => {
       const displayName = body.display_name?.trim();
-      if (!agentKey) throw new HttpError(400, 'MISSING_AGENT_KEY', 'agent_key is required');
       if (!displayName) throw new HttpError(400, 'MISSING_DISPLAY_NAME', 'display_name is required');
+      const agentKey = body.agent_key?.trim() || uniqueAgentKeyFromDisplayName(displayName, store);
+      if (store.getAgent(agentKey)) throw new HttpError(409, 'AGENT_KEY_EXISTS', `agent ${agentKey} already exists`);
+      const runtime = body.runtime ?? 'codex';
       const agent = store.upsertAgent({
         agent_key: agentKey,
         display_name: displayName,
         description: body.description ?? null,
-        runtime: body.runtime ?? 'codex',
+        runtime,
+        model: await checkedRuntimeModel(runtime, body.model),
       });
       const assignment = body.computer_id?.trim()
         ? store.assignAgentToComputer({ agent: agentKey, computerId: body.computer_id })
@@ -391,33 +1861,97 @@ export function route(store: MessageStore, request: Request): Promise<Response>
   }
 
   if (request.method === 'POST' && pathname === '/api/agents') {
-    return readJson<Record<string, unknown>>(request).then((body) => {
+    return readJson<Record<string, unknown>>(request).then(async (body) => {
       const validation = store.validateAgentSchema(body);
       if (!validation.ok) {
         throw new HttpError(400, 'VALIDATION_ERROR', validation.diagnostics.map((d) => `${d.code}: ${d.message}`).join('; '));
       }
+      if (store.getAgent(String(body.agent_key))) throw new HttpError(409, 'AGENT_KEY_EXISTS', `agent ${String(body.agent_key)} already exists`);
+      const runtime = body.runtime === null ? null : typeof body.runtime === 'string' ? body.runtime : null;
+      const model = body.model === null ? null : typeof body.model === 'string' ? body.model : null;
       const agent = store.upsertAgent({
         id: typeof body.id === 'string' ? body.id : undefined,
         agent_key: String(body.agent_key),
         display_name: String(body.display_name),
         description: body.description === null ? null : typeof body.description === 'string' ? body.description : null,
-        runtime: body.runtime === null ? null : typeof body.runtime === 'string' ? body.runtime : null,
+        runtime,
+        model: await checkedRuntimeModel(runtime, model),
       });
       return json({ agent }, 201);
     });
   }
 
+  const agentDmMatch = pathname.match(/^\/api\/agents\/([^/]+)\/dm$/);
+  if (request.method === 'POST' && agentDmMatch) {
+    const agentKey = decodeURIComponent(agentDmMatch[1]!);
+    if (!store.getAgent(agentKey)) throw new HttpError(404, 'AGENT_NOT_FOUND', `agent ${agentKey} not found`);
+    try {
+      return json({ room: store.getOrCreateAgentDm(agentKey) }, 201);
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      if (message.includes('already exists and is not a web DM')) throw new HttpError(409, 'ROOM_NAME_EXISTS', message);
+      throw error;
+    }
+  }
+
   const agentPatchMatch = pathname.match(/^\/api\/agents\/([^/]+)$/);
+  const agentDeleteImpactMatch = pathname.match(/^\/api\/agents\/([^/]+)\/delete-impact$/);
+  if (request.method === 'GET' && agentDeleteImpactMatch) {
+    const agentKey = decodeURIComponent(agentDeleteImpactMatch[1]!);
+    if (!store.getAgent(agentKey)) throw new HttpError(404, 'AGENT_NOT_FOUND', `agent ${agentKey} not found`);
+    const configPath = stringParam(url, 'lark_config') ?? stringParam(url, 'config') ?? defaultLarkConfigPath();
+    return json({ impact: agentDeletionImpact(store, agentKey, configPath) });
+  }
+
+  if (request.method === 'DELETE' && agentPatchMatch) {
+    return readJson<DeleteAgentBody>(request).then((body) => {
+      const agentKey = decodeURIComponent(agentPatchMatch[1]!);
+      if (!store.getAgent(agentKey)) throw new HttpError(404, 'AGENT_NOT_FOUND', `agent ${agentKey} not found`);
+      if (body.confirm_delete !== true) throw new HttpError(400, 'DELETE_CONFIRMATION_REQUIRED', 'agent deletion requires explicit confirmation');
+
+      const configPath = stringParam(url, 'lark_config') ?? stringParam(url, 'config') ?? defaultLarkConfigPath();
+      const impact = agentDeletionImpact(store, agentKey, configPath);
+      if (!impact) throw new HttpError(404, 'AGENT_NOT_FOUND', `agent ${agentKey} not found`);
+      if (impact.rooms.length > 0 && body.leave_rooms !== true) {
+        throw new HttpError(400, 'DELETE_CLEANUP_REQUIRED', 'agent deletion requires leave_rooms cleanup confirmation');
+      }
+      if (impact.lark_bindings.length > 0 && body.unbind_lark !== true) {
+        throw new HttpError(400, 'DELETE_CLEANUP_REQUIRED', 'agent deletion requires unbind_lark cleanup confirmation');
+      }
+      const deletion = store.deleteAgent(agentKey);
+      if (!deletion) throw new HttpError(404, 'AGENT_NOT_FOUND', `agent ${agentKey} not found`);
+
+      let lark: { changed: boolean; unbound?: { appId: string }; error?: string } = { changed: false };
+      try {
+        const credentials = loadLarkCredentials(configPath);
+        const unbound = unbindCredentialAgent(credentials, agentKey);
+        if (unbound.changed) saveLarkCredentials(unbound.store, configPath);
+        lark = { changed: unbound.changed, unbound: unbound.unbound };
+      } catch (error) {
+        lark = { changed: false, error: error instanceof Error ? error.message : String(error) };
+      }
+
+      return json({ impact, deletion, lark: { config_path: configPath, unbound: lark.changed, app_id: lark.unbound?.appId ?? null, error: lark.error ?? null } });
+    });
+  }
+
   if (request.method === 'PATCH' && agentPatchMatch) {
-    return readJson<Record<string, unknown>>(request).then((body) => {
-      const agentKey = agentPatchMatch[1]!;
+    return readJson<Record<string, unknown>>(request).then(async (body) => {
+      const agentKey = decodeURIComponent(agentPatchMatch[1]!);
       const existing = store.getAgent(agentKey);
       if (!existing) throw new HttpError(404, 'AGENT_NOT_FOUND', `agent ${agentKey} not found`);
 
-      if ('runtime' in body) {
+      if ('runtime' in body || 'model' in body) {
         const runtime = body.runtime === null ? null : typeof body.runtime === 'string' ? body.runtime : undefined;
-        if (runtime !== undefined) {
-          const updated = store.updateAgentRuntime(agentKey, runtime);
+        const model = body.model === null ? null : typeof body.model === 'string' ? body.model : undefined;
+        if (runtime !== undefined || model !== undefined) {
+          const nextRuntime = runtime ?? existing.runtime ?? '';
+          const runtimeChanged = runtime !== undefined && runtime !== existing.runtime;
+          const updated = store.updateAgentRuntimeConfig(agentKey, {
+            ...(runtime !== undefined ? { runtime } : {}),
+            ...(model !== undefined ? { model: await checkedRuntimeModel(nextRuntime, model) } : {}),
+            ...(model === undefined && runtimeChanged ? { model: null } : {}),
+          });
           return json({ agent: updated });
         }
       }
@@ -429,7 +1963,8 @@ export function route(store: MessageStore, request: Request): Promise<Response>
   const agentAssignmentMatch = pathname.match(/^\/api\/agents\/([^/]+)\/assignment$/);
   if (request.method === 'POST' && agentAssignmentMatch) {
     return readJson<AssignAgentBody>(request).then((body) => {
-      const agentKey = agentAssignmentMatch[1]!;
+      const agentKey = decodeURIComponent(agentAssignmentMatch[1]!);
+      if (!store.getAgent(agentKey)) throw new HttpError(404, 'AGENT_NOT_FOUND', `agent ${agentKey} not found`);
       if (!body.computer_id?.trim()) throw new HttpError(400, 'MISSING_COMPUTER_ID', 'computer_id is required');
       const assignment = store.assignAgentToComputer({
         agent: agentKey,
@@ -439,6 +1974,13 @@ export function route(store: MessageStore, request: Request): Promise<Response>
     });
   }
 
+  if (request.method === 'DELETE' && agentAssignmentMatch) {
+    const agentKey = decodeURIComponent(agentAssignmentMatch[1]!);
+    if (!store.getAgent(agentKey)) throw new HttpError(404, 'AGENT_NOT_FOUND', `agent ${agentKey} not found`);
+    const removed = store.unassignAgentFromComputer(agentKey);
+    return json({ assignment: null, removed });
+  }
+
   if (request.method === 'GET' && pathname === '/api/sessions') {
     return json({ sessions: store.listSessions(numberParam(url, 'limit', 50)) });
   }
@@ -459,6 +2001,37 @@ export function route(store: MessageStore, request: Request): Promise<Response>
     });
   }
 
+  if (request.method === 'POST' && pathname === '/api/lark/registration') {
+    return (async () => {
+      pruneLarkRegistrations();
+      const begin = await beginLarkAppRegistration({ source: 'pal-web' });
+      const id = crypto.randomUUID();
+      const qrDataUrl = await QRCode.toDataURL(begin.url, {
+        margin: 1,
+        width: 220,
+        color: { dark: '#181714', light: '#ffffff' },
+      });
+      const entry: PendingLarkRegistration = {
+        id,
+        deviceCode: begin.deviceCode,
+        url: begin.url,
+        qrDataUrl,
+        expiresAt: Date.now() + begin.expiresIn * 1000,
+        interval: begin.interval,
+      };
+      larkRegistrations.set(id, entry);
+      return json(larkRegistrationPublic(entry), 201);
+    })();
+  }
+
+  const larkRegistrationMatch = pathname.match(/^\/api\/lark\/registration\/([^/]+)$/);
+  if (request.method === 'GET' && larkRegistrationMatch) {
+    return (async () => {
+      const entry = await pollStoredLarkRegistration(decodeURIComponent(larkRegistrationMatch[1]!));
+      return json(larkRegistrationPublic(entry));
+    })();
+  }
+
   if (request.method === 'GET' && pathname === '/api/lark/authorized-users') {
     return json({ users: store.listLarkAuthorizedUsers() });
   }
@@ -482,11 +2055,21 @@ export function route(store: MessageStore, request: Request): Promise<Response>
 
   if (request.method === 'POST' && pathname === '/api/lark/setup') {
     return readJson<LarkSetupBody>(request).then(async (body) => {
-      const appId = body.app_id?.trim();
-      const appSecret = body.app_secret?.trim();
+      const registrationId = body.registration_id?.trim();
+      let appId = body.app_id?.trim();
+      let appSecret = body.app_secret?.trim();
       const agent = body.agent?.trim();
       const label = body.label?.trim();
       const configPath = body.config?.trim() || defaultLarkConfigPath();
+      if (registrationId) {
+        const registration = await pollStoredLarkRegistration(registrationId);
+        if (!registration.completed) throw new HttpError(409, 'LARK_REGISTRATION_PENDING', 'registration has not completed yet');
+        if (registration.completed.tenantBrand === 'lark') {
+          throw new HttpError(400, 'LARK_TENANT_UNSUPPORTED', 'Lark international tenants are not supported yet; use a Feishu tenant');
+        }
+        appId = registration.completed.appId;
+        appSecret = registration.completed.appSecret;
+      }
       if (!appId) throw new HttpError(400, 'MISSING_APP_ID', 'app_id is required');
       if (!appSecret) throw new HttpError(400, 'MISSING_APP_SECRET', 'app_secret is required');
       if (!agent) throw new HttpError(400, 'MISSING_AGENT', 'agent is required');
@@ -511,6 +2094,7 @@ export function route(store: MessageStore, request: Request): Promise<Response>
         botOpenId: botInfo.openId,
         agent,
       });
+      if (registrationId) larkRegistrations.delete(registrationId);
       return json({ ...result, appName: botInfo.appName ?? null, account }, 201);
     });
   }
@@ -532,6 +2116,241 @@ export function route(store: MessageStore, request: Request): Promise<Response>
     });
   }
 
+  const roomLeaveMatch = pathname.match(/^\/api\/rooms\/([^/]+)\/agents\/([^/]+)$/);
+  if (request.method === 'DELETE' && roomLeaveMatch) {
+    const room = store.resolveRoom(decodeURIComponent(roomLeaveMatch[1]!));
+    if (!room) throw new HttpError(404, 'ROOM_NOT_FOUND', 'room not found');
+    const agent = decodeURIComponent(roomLeaveMatch[2]!);
+    const result = store.leaveAgentRoom({ roomId: room.id, agent });
+    return json(result);
+  }
+
+  const roomAgentReadMatch = pathname.match(/^\/api\/rooms\/([^/]+)\/agents\/([^/]+)\/read$/);
+  if (request.method === 'POST' && roomAgentReadMatch) {
+    return readJson<AgentRoomReadBody>(request).then((body) => {
+      const room = store.resolveRoom(decodeURIComponent(roomAgentReadMatch[1]!));
+      if (!room) throw new HttpError(404, 'ROOM_NOT_FOUND', 'room not found');
+      const agent = decodeURIComponent(roomAgentReadMatch[2]!);
+      if (!store.getAgent(agent)) throw new HttpError(404, 'AGENT_NOT_FOUND', 'agent not found');
+      try {
+        const workbenchRoom = store.markAgentRoomRead({ roomId: room.id, agent, messageId: body.message_id });
+        return json({ room: workbenchRoom });
+      } catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        if (message === 'ROOM_ACCESS_DENIED') throw new HttpError(403, 'ROOM_ACCESS_DENIED', 'agent cannot read this room');
+        if (message === 'INVALID_READ_MESSAGE_ID') throw new HttpError(400, 'INVALID_READ_MESSAGE_ID', 'message_id must be a non-negative integer');
+        throw error;
+      }
+    });
+  }
+
+  const roomAgentRestartMatch = pathname.match(/^\/api\/rooms\/([^/]+)\/agents\/([^/]+)\/restart$/);
+  if (request.method === 'POST' && roomAgentRestartMatch) {
+    const room = store.resolveRoom(decodeURIComponent(roomAgentRestartMatch[1]!));
+    if (!room) throw new HttpError(404, 'ROOM_NOT_FOUND', 'room not found');
+    const agent = decodeURIComponent(roomAgentRestartMatch[2]!);
+    if (!store.getAgent(agent)) throw new HttpError(404, 'AGENT_NOT_FOUND', 'agent not found');
+    try {
+      const run = store.requestRoomAgentRunAction({ roomId: room.id, agent, action: 'restart' });
+      return json({ run });
+    } catch (error) {
+      const message = error instanceof Error ? error.message : String(error);
+      if (message.includes('running run for agent') && message.includes('was not found')) {
+        throw new HttpError(404, 'RUN_NOT_FOUND', 'no running runtime for this agent in this room');
+      }
+      throw error;
+    }
+  }
+
+  const roomAgentSubscriptionMatch = pathname.match(/^\/api\/rooms\/([^/]+)\/agents\/([^/]+)\/subscription$/);
+  if (request.method === 'PATCH' && roomAgentSubscriptionMatch) {
+    return readJson<AgentRoomSubscriptionBody>(request).then((body) => {
+      const room = store.resolveRoom(decodeURIComponent(roomAgentSubscriptionMatch[1]!));
+      if (!room) throw new HttpError(404, 'ROOM_NOT_FOUND', 'room not found');
+      const agent = decodeURIComponent(roomAgentSubscriptionMatch[2]!);
+      if (!store.getAgent(agent)) throw new HttpError(404, 'AGENT_NOT_FOUND', 'agent not found');
+      const mode = parseAgentRoomSubscriptionMode(body.mode);
+      try {
+        return json(store.updateAgentRoomSubscriptionMode({ roomId: room.id, agent, mode }));
+      } catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        if (message === 'ROOM_ACCESS_DENIED') throw new HttpError(403, 'ROOM_ACCESS_DENIED', 'agent cannot update this room subscription');
+        throw error;
+      }
+    });
+  }
+
+  const roomTasksMatch = pathname.match(/^\/api\/rooms\/([^/]+)\/tasks$/);
+  if (request.method === 'GET' && roomTasksMatch) {
+    const room = store.resolveRoom(decodeURIComponent(roomTasksMatch[1]!));
+    if (!room) throw new HttpError(404, 'ROOM_NOT_FOUND', 'room not found');
+    const statusParam = stringParam(url, 'status') ?? 'all';
+    const status = statusParam === 'all' ? 'all' : parseRoomTaskStatus(statusParam);
+    return json({ tasks: store.listRoomTasks(room.id, status, numberParam(url, 'limit', 50)) });
+  }
+
+  if (request.method === 'POST' && roomTasksMatch) {
+    return readJson<CreateRoomTasksBody>(request).then((body) => {
+      const room = store.resolveRoom(decodeURIComponent(roomTasksMatch[1]!));
+      if (!room) throw new HttpError(404, 'ROOM_NOT_FOUND', 'room not found');
+      const titles = body.tasks?.map((task) => task.title ?? '') ?? [body.title ?? ''];
+      try {
+        return json({
+          tasks: store.createRoomTasks({
+            roomId: room.id,
+            titles,
+            createdBy: body.created_by,
+            sourceMessageId: body.source_message_id,
+          }),
+        }, 201);
+      } catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        if (message === 'task title is required') throw new HttpError(400, 'MISSING_TASK_TITLE', 'task title is required');
+        if (message === 'INVALID_SOURCE_MESSAGE_ID') throw new HttpError(400, 'INVALID_SOURCE_MESSAGE_ID', 'source_message_id must be a positive integer');
+        if (message === 'SOURCE_MESSAGE_NOT_FOUND') throw new HttpError(404, 'SOURCE_MESSAGE_NOT_FOUND', 'source message not found in room');
+        throw error;
+      }
+    });
+  }
+
+  const roomTaskClaimMatch = pathname.match(/^\/api\/rooms\/([^/]+)\/tasks\/([^/]+)\/claim$/);
+  if (request.method === 'POST' && roomTaskClaimMatch) {
+    return readJson<ClaimRoomTaskBody>(request).then((body) => {
+      const room = store.resolveRoom(decodeURIComponent(roomTaskClaimMatch[1]!));
+      if (!room) throw new HttpError(404, 'ROOM_NOT_FOUND', 'room not found');
+      if (!body.assignee?.trim()) throw new HttpError(400, 'MISSING_ASSIGNEE', 'assignee is required');
+      const task = store.claimRoomTask({
+        roomId: room.id,
+        taskNumber: taskNumberFromPath(roomTaskClaimMatch[2]),
+        assignee: body.assignee,
+      });
+      if (!task) throw new HttpError(404, 'TASK_NOT_FOUND', 'task not found');
+      return json({ task });
+    });
+  }
+
+  const roomTaskUnclaimMatch = pathname.match(/^\/api\/rooms\/([^/]+)\/tasks\/([^/]+)\/unclaim$/);
+  if (request.method === 'POST' && roomTaskUnclaimMatch) {
+    const room = store.resolveRoom(decodeURIComponent(roomTaskUnclaimMatch[1]!));
+    if (!room) throw new HttpError(404, 'ROOM_NOT_FOUND', 'room not found');
+    const task = store.unclaimRoomTask(room.id, taskNumberFromPath(roomTaskUnclaimMatch[2]));
+    if (!task) throw new HttpError(404, 'TASK_NOT_FOUND', 'task not found');
+    return json({ task });
+  }
+
+  const roomTaskUpdateMatch = pathname.match(/^\/api\/rooms\/([^/]+)\/tasks\/([^/]+)$/);
+  if (request.method === 'PATCH' && roomTaskUpdateMatch) {
+    return readJson<UpdateRoomTaskBody>(request).then((body) => {
+      const room = store.resolveRoom(decodeURIComponent(roomTaskUpdateMatch[1]!));
+      if (!room) throw new HttpError(404, 'ROOM_NOT_FOUND', 'room not found');
+      const task = store.updateRoomTaskStatus({
+        roomId: room.id,
+        taskNumber: taskNumberFromPath(roomTaskUpdateMatch[2]),
+        status: parseRoomTaskStatus(body.status),
+      });
+      if (!task) throw new HttpError(404, 'TASK_NOT_FOUND', 'task not found');
+      return json({ task });
+    });
+  }
+
+  if (request.method === 'GET' && pathname === '/api/reminders') {
+    const statusParam = stringParam(url, 'status') ?? 'scheduled';
+    const status = statusParam === 'all' ? 'all' : parseRoomReminderStatus(statusParam);
+    return json({
+      reminders: store.listRoomReminders({
+        status,
+        createdBy: stringParam(url, 'created_by'),
+        roomId: stringParam(url, 'room_id') ?? stringParam(url, 'chat_id'),
+        limit: numberParam(url, 'limit', 50),
+      }),
+    });
+  }
+
+  if (request.method === 'POST' && pathname === '/api/reminders/fire-due') {
+    assertServerAuth(request);
+    return readJson<FireDueRoomRemindersBody>(request).then((body) => {
+      try {
+        return json(fireDueRoomRemindersForDelivery(store, options, {
+          now: body.now,
+          limit: body.limit ?? undefined,
+        }));
+      } catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        if (message === 'INVALID_REMINDER_TIME') throw new HttpError(400, 'INVALID_REMINDER_TIME', 'now must be a valid time');
+        throw error;
+      }
+    });
+  }
+
+  if (request.method === 'POST' && pathname === '/api/reminders') {
+    return readJson<CreateRoomReminderBody>(request).then((body) => {
+      const sourceMessageId = Number(body.msg_id ?? body.source_message_id);
+      try {
+        const reminder = store.createRoomReminder({
+          sourceMessageId,
+          title: body.title ?? '',
+          createdBy: body.created_by,
+          fireAt: body.fire_at,
+          delaySeconds: body.delay_seconds,
+          repeat: body.repeat,
+        });
+        return json({ reminder }, 201);
+      } catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        if (message === 'reminder title is required') throw new HttpError(400, 'MISSING_REMINDER_TITLE', 'title is required');
+        if (message === 'INVALID_REMINDER_TIME') throw new HttpError(400, 'INVALID_REMINDER_TIME', 'fire_at or delay_seconds must be a valid time');
+        if (message === 'INVALID_REMINDER_REPEAT') throw new HttpError(400, 'INVALID_REMINDER_REPEAT', 'repeat must be hourly, daily, weekly, or every:<number><s|m|h|d|w>');
+        if (message === 'INVALID_SOURCE_MESSAGE_ID') throw new HttpError(400, 'INVALID_SOURCE_MESSAGE_ID', 'msg_id must be a positive integer');
+        if (message === 'SOURCE_MESSAGE_NOT_FOUND') throw new HttpError(404, 'SOURCE_MESSAGE_NOT_FOUND', 'source message not found');
+        throw error;
+      }
+    });
+  }
+
+  const reminderCancelMatch = pathname.match(/^\/api\/reminders\/([^/]+)\/cancel$/);
+  if (request.method === 'POST' && reminderCancelMatch) {
+    const reminder = store.cancelRoomReminder(decodeURIComponent(reminderCancelMatch[1]!));
+    if (!reminder) throw new HttpError(404, 'REMINDER_NOT_FOUND', 'reminder not found');
+    return json({ reminder });
+  }
+
+  if (request.method === 'GET' && pathname === '/api/saved-messages') {
+    return json({
+      saved_messages: store.listRoomSavedMessages({
+        roomId: stringParam(url, 'room_id') ?? stringParam(url, 'chat_id'),
+        savedBy: stringParam(url, 'saved_by'),
+        limit: numberParam(url, 'limit', 50),
+      }),
+    });
+  }
+
+  if (request.method === 'POST' && pathname === '/api/saved-messages') {
+    return readJson<CreateRoomSavedMessageBody>(request).then((body) => {
+      const sourceMessageId = Number(body.msg_id ?? body.source_message_id);
+      try {
+        const result = store.saveRoomMessage({
+          sourceMessageId,
+          savedBy: body.saved_by ?? '',
+          note: body.note,
+        });
+        return json({ saved_message: result.savedMessage }, result.created ? 201 : 200);
+      } catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        if (message === 'saved_by is required') throw new HttpError(400, 'MISSING_SAVED_BY', 'saved_by is required');
+        if (message === 'INVALID_SOURCE_MESSAGE_ID') throw new HttpError(400, 'INVALID_SOURCE_MESSAGE_ID', 'msg_id must be a positive integer');
+        if (message === 'SOURCE_MESSAGE_NOT_FOUND') throw new HttpError(404, 'SOURCE_MESSAGE_NOT_FOUND', 'source message not found');
+        throw error;
+      }
+    });
+  }
+
+  const savedMessageDeleteMatch = pathname.match(/^\/api\/saved-messages\/([^/]+)\/delete$/);
+  if (request.method === 'POST' && savedMessageDeleteMatch) {
+    const savedMessage = store.removeRoomSavedMessage(decodeURIComponent(savedMessageDeleteMatch[1]!));
+    if (!savedMessage) throw new HttpError(404, 'SAVED_MESSAGE_NOT_FOUND', 'saved message not found');
+    return json({ saved_message: savedMessage });
+  }
+
   const roomTopicMatch = pathname.match(/^\/api\/rooms\/([^/]+)\/topics$/);
   if (request.method === 'POST' && roomTopicMatch) {
     return readJson<{ name?: string; created_by?: string | null }>(request).then((body) => {
@@ -544,17 +2363,37 @@ export function route(store: MessageStore, request: Request): Promise<Response>
   }
 
   if (request.method === 'GET' && pathname === '/api/messages') {
+    const chatName = stringParam(url, 'chat');
+    const chatId = stringParam(url, 'chat_id');
+    const scopedAgent = stringParam(url, 'agent_scope');
+    if (scopedAgent) {
+      const room = chatId ? store.getChatById(chatId) : chatName ? store.resolveRoom(chatName) : null;
+      if (!room) throw new HttpError(400, 'MISSING_ROOM_SCOPE', 'agent-scoped message reads require chat_id or chat');
+      requireAgentScopedRead(store, request, url, room.id);
+    }
     const messages = store.listMessages({
-      chatName: stringParam(url, 'chat'),
-      chatId: stringParam(url, 'chat_id'),
+      chatName,
+      chatId,
       parentId: numberParam(url, 'parent_id'),
       after: numberParam(url, 'after'),
+      before: numberParam(url, 'before'),
       limit: numberParam(url, 'limit', 50),
       q: stringParam(url, 'q'),
     });
     return json({ messages });
   }
 
+  if (request.method === 'GET' && pathname === '/api/messages/context') {
+    const agent = stringParam(url, 'agent');
+    const chatId = stringParam(url, 'chat_id');
+    const messageId = numberParam(url, 'message_id');
+    if (!agent) throw new HttpError(400, 'MISSING_AGENT', 'agent is required');
+    if (!chatId) throw new HttpError(400, 'MISSING_CHAT_ID', 'chat_id is required');
+    if (messageId === undefined) throw new HttpError(400, 'MISSING_MESSAGE_ID', 'message_id is required');
+    requireAgentScopedRead(store, request, new URL(`${url.origin}${url.pathname}?agent_scope=${encodeURIComponent(agent)}`), chatId);
+    return json({ context: store.getDeliveryContext({ agent, chatId, messageId, limit: numberParam(url, 'limit', 50) }) });
+  }
+
   if (request.method === 'GET' && pathname === '/api/inbox') {
     const agent = stringParam(url, 'agent');
     if (!agent) throw new HttpError(400, 'MISSING_AGENT', 'agent is required');
@@ -584,17 +2423,126 @@ export function route(store: MessageStore, request: Request): Promise<Response>
   if (request.method === 'GET' && pathname === '/api/deliveries') {
     const agent = stringParam(url, 'agent');
     if (agent) {
-      return json({ deliveries: store.listDeliveries(agent, stringParam(url, 'status') ?? 'pending', numberParam(url, 'limit', 50)) });
+      return json({
+        deliveries: store.listDeliveries(agent, stringParam(url, 'status') ?? 'pending', numberParam(url, 'limit', 50), {
+          distinctChat: url.searchParams.get('distinct_chat') === 'true',
+          excludeRunningComputerId: stringParam(url, 'exclude_running_computer_id'),
+          connectionId: stringParam(url, 'connection_id'),
+        }),
+      });
     }
     return json({ deliveries: store.listAllDeliveries(numberParam(url, 'limit', 50)) });
   }
 
+  if (request.method === 'GET' && pathname === '/api/deliveries/pending-agents') {
+    const connection = requireDaemonConnection(store, request);
+    return json({ agents: store.listPendingDeliveryAgentsForConnection(connection.connectionId) });
+  }
+
+  if (request.method === 'GET' && pathname === '/api/deliveries/backlog') {
+    const connection = requireDaemonConnection(store, request);
+    return json({ backlog: store.listDeliveryBacklogForConnection(connection.connectionId) });
+  }
+
+  if (request.method === 'GET' && pathname === '/api/daemon/ws/status') {
+    const connection = requireDaemonConnection(store, request);
+    const stats = options.deliveryNotifier?.statsForConnection?.(connection.connectionId) ?? {
+      connection_id: connection.connectionId,
+      computer_id: connection.computerId,
+      open_sockets: 0,
+      last_open_at: null,
+      last_close_at: null,
+      last_ping_at: null,
+      last_pong_at: null,
+      last_close_code: null,
+      last_close_reason: null,
+      pending_agents: store.listPendingDeliveryAgentsForConnection(connection.connectionId),
+      backlog: store.listDeliveryBacklogForConnection(connection.connectionId),
+    };
+    return json({ websocket: stats });
+  }
+
+  const deliveryGetMatch = pathname.match(/^\/api\/deliveries\/([^/]+)$/);
+  if (request.method === 'GET' && deliveryGetMatch) {
+    const delivery = store.getDelivery(deliveryGetMatch[1]!);
+    if (!delivery) throw new HttpError(404, 'DELIVERY_NOT_FOUND', 'delivery not found');
+    return json({ delivery });
+  }
+
+  if (request.method === 'GET' && pathname === '/api/messaging/status') {
+    const larkBots = options.larkStatusProvider?.() ?? [];
+    const deliveryWebSocket = options.deliveryNotifier?.statsAllConnections?.() ?? emptyDeliveryWebSocketSummary();
+    return json(buildMessagingStatus({ larkBots, deliveryWebSocket }));
+  }
+
+  if (request.method === 'GET' && pathname === '/api/messaging/health') {
+    const larkBots = options.larkStatusProvider?.() ?? [];
+    const deliveryWebSocket = options.deliveryNotifier?.statsAllConnections?.() ?? emptyDeliveryWebSocketSummary();
+    return json(buildMessagingHealth(buildMessagingStatus({ larkBots, deliveryWebSocket })));
+  }
+
+  if (request.method === 'POST' && pathname === '/api/messaging/probe-delivery') {
+    assertServerAuth(request);
+    return readJson<ProbeDeliveryBody>(request).then((body) => {
+      const agent = body.agent?.trim() || 'lock';
+      if (!store.getAgent(agent)) throw new HttpError(404, 'AGENT_NOT_FOUND', `agent not found: ${agent}`);
+      const roomName = body.room?.trim() || `pal-delivery-probe-${agent}`;
+      const sender = body.sender?.trim() || 'pal-probe';
+      if (sender === agent) throw new HttpError(400, 'PROBE_SENDER_AGENT_CONFLICT', 'probe sender must differ from agent');
+      const token = crypto.randomUUID();
+      const content = body.content?.trim() || `PAL delivery probe ${token}. Reply with probe-ok ${token}.`;
+      const idempotencyKey = body.idempotency_key?.trim() || `pal.probe.delivery:${agent}:${token}`;
+      const room = store.getOrCreateChat(roomName, 'group');
+      store.inviteAgentToRoom({ roomId: room.id, agent, mode: 'mentions' });
+      const message = store.createMessage({
+        chatId: room.id,
+        sender,
+        recipient: agent,
+        content,
+        idempotencyKey,
+        mentions: [agent],
+      });
+      const deliveries = store.resolveDeliveriesForMessage(message.id);
+      const notify = notifyDeliveries(options, deliveries);
+      return json({ message, deliveries, notify, probe: { token, agent, room: room.name } }, 201);
+    });
+  }
+
+  if (request.method === 'GET' && pathname === '/api/lark/events/recent') {
+    const limit = numberParam(url, 'limit', 20);
+    const rows = listRecentInboundEvents(store.db, limit);
+    return json({
+      events: rows.map((event) => ({
+        id: event.id,
+        received_at: event.received_at,
+        app_id: event.app_id,
+        event_type: event.event_type,
+        event_id: event.event_id,
+        parse_ok: event.parse_ok,
+        bytes: event.raw_body_bytes?.byteLength ?? 0,
+        is_probe: event.event_type.startsWith('pal.probe.') || event.event_id.startsWith('pal.probe:'),
+      })),
+    });
+  }
+
+  if (request.method === 'POST' && pathname === '/api/lark/events/repair-parse') {
+    assertServerAuth(request);
+    return readJson<{ app_id?: unknown; limit?: unknown; dry_run?: unknown }>(request).then(async (body) => {
+      const appId = typeof body.app_id === 'string' && body.app_id.trim() ? body.app_id.trim() : undefined;
+      const limit = typeof body.limit === 'number' && Number.isFinite(body.limit) ? body.limit : undefined;
+      const dryRun = body.dry_run === undefined ? true : body.dry_run !== false;
+      const result = await repairInboundEventParseFailures(store.db, { appId, limit, dryRun });
+      return json(result);
+    });
+  }
+
   if (request.method === 'POST' && pathname === '/api/deliveries') {
     return readJson<CreateDeliveryBody>(request).then((body) => {
       if (!body.message_id) throw new HttpError(400, 'MISSING_MESSAGE_ID', 'message_id is required');
       if (!body.agent?.trim()) throw new HttpError(400, 'MISSING_AGENT', 'agent is required');
       const delivery = store.createDelivery({ messageId: body.message_id, agent: body.agent });
-      return json({ delivery }, 201);
+      const notify = notifyDeliveries(options, [delivery]);
+      return json({ delivery, notify }, 201);
     });
   }
 
@@ -609,6 +2557,7 @@ export function route(store: MessageStore, request: Request): Promise<Response>
         connectionId: connection?.connectionId ?? body.connection_id,
         computerId: connection?.computerId ?? body.computer_id,
         leaseMs: body.lease_ms,
+        steerRunId: body.steer_run_id,
       });
       return json({ delivery });
     });
@@ -669,6 +2618,23 @@ export function route(store: MessageStore, request: Request): Promise<Response>
     });
   }
 
+  const deliveryProcessingMatch = pathname.match(/^\/api\/deliveries\/([^/]+)\/processing-completed$/);
+  if (request.method === 'POST' && deliveryProcessingMatch) {
+    return readJson<FinishDeliveryBody>(request).then((body) => {
+      const connection = requireDaemonConnection(store, request);
+      const ownerId = connection?.connectionId ?? body.connection_id ?? body.daemon_id;
+      if (!ownerId?.trim()) throw new HttpError(400, 'MISSING_DAEMON_ID', 'daemon_id or connection auth is required');
+      if (!body.claim_token?.trim()) throw new HttpError(400, 'MISSING_CLAIM_TOKEN', 'claim_token is required');
+      const delivery = store.markDeliveryProcessingCompleted(deliveryProcessingMatch[1]!, {
+        daemonId: ownerId,
+        connectionId: connection?.connectionId ?? body.connection_id,
+        claimToken: body.claim_token,
+        runId: body.run_id,
+      });
+      return json({ delivery });
+    });
+  }
+
   const deliveryFailMatch = pathname.match(/^\/api\/deliveries\/([^/]+)\/fail$/);
   if (request.method === 'POST' && deliveryFailMatch) {
     return readJson<FinishDeliveryBody>(request).then((body) => {
@@ -691,19 +2657,49 @@ export function route(store: MessageStore, request: Request): Promise<Response>
     return readJson<SendBody>(request).then(async (body) => {
       const connection = assertDaemonConnection(store, request);
       const sender = body.sender?.trim();
-      const content = body.content?.trim();
       if (!sender) throw new HttpError(400, 'MISSING_SENDER', 'sender is required');
-      if (!content) throw new HttpError(400, 'MISSING_CONTENT', 'content is required');
+      const batch = body.messages?.length
+        ? body.messages.map((item) => ({
+          parent_id: item.parent_id ?? body.parent_id,
+          channel_id: item.channel_id ?? body.channel_id,
+          recipient: item.recipient ?? body.recipient,
+          content: item.content?.trim() ?? '',
+          type: item.type ?? body.type,
+          idempotency_key: item.idempotency_key,
+          mentions: [...(body.mentions ?? []), ...(item.mentions ?? [])],
+          attachments: parseMessageAttachments(item.attachments ?? body.attachments),
+        }))
+        : [{
+          parent_id: body.parent_id,
+          channel_id: body.channel_id,
+          recipient: body.recipient,
+          content: body.content?.trim() ?? '',
+          type: body.type,
+          idempotency_key: body.idempotency_key,
+          mentions: body.mentions,
+          attachments: parseMessageAttachments(body.attachments),
+        }];
+      if (batch.length === 0 || batch.some((item) => !item.content && item.attachments.length === 0)) {
+        throw new HttpError(400, 'MISSING_CONTENT', 'content or attachments are required');
+      }
 
-      const targetRoom = body.parent_id !== undefined
-        ? store.getMessage(body.parent_id)?.chat_id
+      const firstParentId = batch.find((item) => item.parent_id !== undefined)?.parent_id;
+      const targetRoom = firstParentId !== undefined
+        ? store.getMessage(firstParentId)?.chat_id
         : body.room_id ?? body.chat_id;
       const target = targetRoom
         ? store.getChatById(targetRoom)
         : (body.room || body.chat) ? store.resolveRoom(body.room ?? body.chat ?? '') : null;
+      if (target?.status === 'archived') {
+        throw new HttpError(403, 'ROOM_ARCHIVED', 'archived rooms are read-only until restored');
+      }
       if (target && !store.canSendWebMessageToRoom({ room: target, sender })) {
         throw new HttpError(403, 'EXTERNAL_ROOM_READ_ONLY', 'external provider rooms are read-only for web human senders');
       }
+      if (target) {
+        const mentionValidation = validateMessageMentions(store, target.id, batch);
+        if (mentionValidation) return json(mentionValidation);
+      }
       if (store.getAgent(sender) || store.hasDaemonAgent(sender)) {
         if (!connection) throw new HttpError(401, 'CONNECTION_REVOKED', 'computer connection auth is required for agent-authored messages');
         if (!store.daemonHasAgent(connection.connectionId, sender)) {
@@ -711,47 +2707,108 @@ export function route(store: MessageStore, request: Request): Promise<Response>
         }
       }
 
-      const message = store.createMessage({
-        chatId: body.room_id ?? body.chat_id,
-        chatName: body.room ?? body.chat,
-        parentId: body.parent_id,
-        channelId: body.channel_id,
-        sender,
-        recipient: body.recipient,
-        content,
-        type: body.type,
-        idempotencyKey: body.idempotency_key,
-        mentions: body.mentions,
-      });
-      const deliveries = store.resolveDeliveriesForMessage(message.id);
-
-      // If this chat has a bound Lark channel, forward bound agent replies to Lark.
-      const credentials = loadLarkCredentials();
-      const outboundRoute = resolveLarkOutboundRoute(store, credentials, sender, message.chat_id);
-      if (outboundRoute) {
-        const { conversation, bot } = outboundRoute;
-        try {
-          const client = createLarkApiClient(bot.appId, bot.appSecret);
-          const result = await sendTextMessage({
-            client,
-            receiveIdType: 'chat_id',
-            receiveId: conversation.external_chat_id,
-            text: content,
+      const freshness = freshnessInput(body.freshness);
+      if (freshness?.on_stale === 'hold') {
+        if (!target) throw new HttpError(400, 'MISSING_ROOM_SCOPE', 'freshness hold requires an existing room or parent message');
+        if (!store.getAgent(sender)) throw new HttpError(400, 'FRESHNESS_AGENT_REQUIRED', 'freshness hold requires an agent sender');
+        const latestMessageId = store.getLatestMessageIdForFreshness(target.id, sender);
+        if (latestMessageId > freshness.base_message_id) {
+          const drafts = batch.map((item) => store.createHeldMessageDraft({
+            chatId: target.id,
+            agent: sender,
+            sender,
+            content: item.content,
+            mentions: item.mentions,
+            baseMessageId: freshness.base_message_id,
+            latestMessageIdAtHold: latestMessageId,
+            holdReason: 'stale_room',
+          }));
+          const interveningMessages = store.listInterveningMessagesForFreshness({
+            chatId: target.id,
+            baseMessageId: freshness.base_message_id,
+            sender,
+            limit: 50,
           });
-          console.log(`[lark] forwarded message to chat=${conversation.external_chat_id} messageId=${result.messageId ?? '-'}`);
-        } catch (err) {
-          console.warn(`[lark] failed to forward message to chat=${conversation.external_chat_id}: ${err instanceof Error ? err.message : String(err)}`);
+          return json({ draft: drafts[0], drafts, intervening_messages: interveningMessages }, 202);
         }
       }
 
-      return json({ message, deliveries }, 201);
+      const messages = [];
+      const deliveries = [];
+      const notify = [];
+      for (const item of batch) {
+        const message = store.createMessage({
+          chatId: body.room_id ?? body.chat_id,
+          chatName: body.room ?? body.chat,
+          parentId: item.parent_id,
+          channelId: item.channel_id,
+          sender,
+          recipient: item.recipient,
+          content: item.content,
+          type: item.type,
+          idempotencyKey: item.idempotency_key,
+          mentions: item.mentions,
+          attachments: item.attachments,
+        });
+        messages.push(message);
+        const sideEffects = await publishMessageSideEffects(store, options, message, item.content);
+        deliveries.push(...sideEffects.deliveries);
+        notify.push(sideEffects.notify);
+      }
+      return json({ message: messages[0], messages, deliveries, notify: batch.length === 1 ? notify[0] : notify }, 201);
     });
   }
 
+  const heldDraftMatch = pathname.match(/^\/api\/held-drafts\/([^/]+)\/(abandon|send-anyway|revise)$/);
+  if (request.method === 'POST' && heldDraftMatch) {
+    return (async () => {
+      const draftId = heldDraftMatch[1]!;
+      const action = heldDraftMatch[2]!;
+      try {
+        if (action === 'abandon') {
+          const draft = store.abandonHeldMessageDraft(draftId);
+          if (!draft) throw new HttpError(404, 'HELD_DRAFT_NOT_FOUND', 'held draft not found');
+          return json({ draft });
+        }
+        if (action === 'revise') {
+          const body = await readJson<HeldDraftReviseBody>(request);
+          const content = typeof body.content === 'string' ? body.content.trim() : '';
+          if (!content) throw new HttpError(400, 'MISSING_CONTENT', 'content is required');
+          const result = store.reviseHeldMessageDraft(draftId, content);
+          if (!result) throw new HttpError(404, 'HELD_DRAFT_NOT_FOUND', 'held draft not found');
+          const { deliveries, notify } = await publishMessageSideEffects(store, options, result.message, result.message.content);
+          return json({ draft: result.draft, message: result.message, deliveries, notify });
+        }
+        const result = store.sendHeldMessageDraftAnyway(draftId);
+        if (!result) throw new HttpError(404, 'HELD_DRAFT_NOT_FOUND', 'held draft not found');
+        const { deliveries, notify } = await publishMessageSideEffects(store, options, result.message, result.message.content);
+        return json({ draft: result.draft, message: result.message, deliveries, notify });
+      } catch (err) {
+        if (err instanceof Error && err.message === 'HELD_DRAFT_ALREADY_RESOLVED') {
+          throw new HttpError(409, 'HELD_DRAFT_ALREADY_RESOLVED', 'held draft is already resolved');
+        }
+        throw err;
+      }
+    })();
+  }
+
   if (request.method === 'GET' && pathname === '/api/runs') {
     return json({ runs: store.listRuns(numberParam(url, 'limit', 50)) });
   }
 
+  if (request.method === 'GET' && pathname === '/api/workflows') {
+    const statusParam = stringParam(url, 'status') ?? 'all';
+    const status = statusParam === 'all' ? 'all' : parseWorkflowRunStatus(statusParam);
+    return json({ workflows: store.listWorkflowRuns({ status, limit: numberParam(url, 'limit', 50) }) });
+  }
+
+  const workflowRecordMatch = pathname.match(/^\/api\/workflows\/([^/]+)$/);
+  if (request.method === 'GET' && workflowRecordMatch) {
+    const workflow = store.getWorkflowRunRecord(decodeURIComponent(workflowRecordMatch[1]!));
+    if (!workflow) throw new HttpError(404, 'WORKFLOW_RUN_NOT_FOUND', 'workflow run not found');
+    return json({ workflow });
+  }
+
   if (request.method === 'POST' && pathname === '/api/runs') {
     return readJson<StartRunBody>(request).then((body) => {
       const connection = requireDaemonConnection(store, request);
@@ -786,9 +2843,34 @@ export function route(store: MessageStore, request: Request): Promise<Response>
   if (request.method === 'GET' && messageMatch) {
     const message = store.getMessage(Number(messageMatch[1]));
     if (!message) throw new HttpError(404, 'MESSAGE_NOT_FOUND', 'message not found');
+    requireAgentScopedRead(store, request, url, message.chat_id);
     return json({ message });
   }
 
+  const messageAttachmentContentMatch = pathname.match(/^\/api\/message-attachments\/([^/]+)\/content$/);
+  if (request.method === 'GET' && messageAttachmentContentMatch) {
+    const attachment = store.getMessageAttachment(decodeURIComponent(messageAttachmentContentMatch[1]!));
+    if (!attachment) throw new HttpError(404, 'ATTACHMENT_NOT_FOUND', 'message attachment not found');
+    const message = store.getMessage(attachment.message_id);
+    if (!message) throw new HttpError(404, 'MESSAGE_NOT_FOUND', 'message not found');
+    requireAgentScopedRead(store, request, url, message.chat_id);
+    let content: Buffer;
+    try {
+      content = readFileSync(attachment.path);
+    } catch {
+      throw new HttpError(404, 'ATTACHMENT_FILE_NOT_FOUND', 'message attachment file not found');
+    }
+    const body = content.buffer.slice(content.byteOffset, content.byteOffset + content.byteLength) as ArrayBuffer;
+    return new Response(body, {
+      headers: {
+        'content-type': attachment.mime_type,
+        'content-length': String(attachment.size_bytes),
+        'content-disposition': `${url.searchParams.has('download') ? 'attachment' : 'inline'}; filename="${attachment.filename.replace(/"/g, '')}"`,
+        'cache-control': 'private, no-store',
+      },
+    });
+  }
+
   const runMatch = pathname.match(/^\/api\/runs\/([^/]+)$/);
   if (request.method === 'GET' && runMatch) {
     const run = store.getRun(runMatch[1]!);
@@ -825,6 +2907,28 @@ export function route(store: MessageStore, request: Request): Promise<Response>
     });
   }
 
+  const activityMatch = pathname.match(/^\/api\/runs\/([^/]+)\/activity$/);
+  if (request.method === 'POST' && activityMatch) {
+    return readJson<RecordRunActivityBody>(request).then((body) => {
+      const connection = requireDaemonConnection(store, request);
+      const runBefore = store.getRun(activityMatch[1]!);
+      if (!runBefore) throw new HttpError(404, 'RUN_NOT_FOUND', 'run not found');
+      if (connection && runBefore.connection_id !== connection.connectionId) throw new HttpError(403, 'RUN_CONNECTION_MISMATCH', 'run belongs to another connection');
+      if (!body.kind || !agentActivityKinds.includes(body.kind)) {
+        throw new HttpError(400, 'INVALID_ACTIVITY_KIND', `kind must be ${agentActivityKinds.join(', ')}`);
+      }
+      if (!body.title?.trim()) throw new HttpError(400, 'MISSING_TITLE', 'title is required');
+      const event = store.recordAgentActivity({
+        runId: runBefore.id,
+        kind: body.kind,
+        title: body.title,
+        detail: body.detail,
+        metadata: body.metadata,
+      });
+      return json({ event }, 201);
+    });
+  }
+
   const actionMatch = pathname.match(/^\/api\/runs\/([^/]+)\/(kill|restart)$/);
   if (request.method === 'POST' && actionMatch) {
     const run = store.requestRunAction(actionMatch[1]!, actionMatch[2] as RunAction);
@@ -834,9 +2938,9 @@ export function route(store: MessageStore, request: Request): Promise<Response>
   return routeNotFound();
 }
 
-export async function handleRequest(store: MessageStore, request: Request): Promise<Response> {
+export async function handleRequest(store: MessageStore, request: Request, options: AppRouteOptions = {}): Promise<Response> {
   try {
-    return await route(store, request);
+    return await route(store, request, options);
   } catch (error) {
     return failure(error);
   }