@desplega.ai/agent-swarm 1.83.1 → 1.84.0

package/src/tests/kapso-client.test.ts

@@ -0,0 +1,94 @@
+import { afterEach, describe, expect, test } from "bun:test";
+import { sendKapsoText } from "../integrations/kapso/client";
+
+const originalFetch = globalThis.fetch;
+
+afterEach(() => {
+  globalThis.fetch = originalFetch;
+});
+
+function mockFetch(status: number, body: unknown) {
+  globalThis.fetch = (async () =>
+    new Response(JSON.stringify(body), {
+      status,
+      headers: { "Content-Type": "application/json" },
+    })) as typeof fetch;
+}
+
+describe("sendKapsoText", () => {
+  test("success → returns outbound wamid", async () => {
+    let captured: { url: string; body: unknown } | null = null;
+    globalThis.fetch = (async (url: string, init: RequestInit) => {
+      captured = { url, body: JSON.parse(init.body as string) };
+      return new Response(JSON.stringify({ messages: [{ id: "wamid.OUT123" }] }), { status: 200 });
+    }) as typeof fetch;
+
+    const result = await sendKapsoText({
+      apiBaseUrl: "https://api.kapso.ai",
+      apiKey: "k",
+      phoneNumberId: "1035039933036854",
+      to: "34679077777",
+      body: "hola",
+    });
+
+    expect(result.ok).toBe(true);
+    expect(result.messageId).toBe("wamid.OUT123");
+    expect(captured!.url).toBe(
+      "https://api.kapso.ai/meta/whatsapp/v24.0/1035039933036854/messages",
+    );
+    expect(captured!.body).toMatchObject({
+      messaging_product: "whatsapp",
+      to: "34679077777",
+      type: "text",
+      text: { body: "hola", preview_url: false },
+    });
+  });
+
+  test("quote-reply sets context.message_id", async () => {
+    let body: Record<string, unknown> | null = null;
+    globalThis.fetch = (async (_url: string, init: RequestInit) => {
+      body = JSON.parse(init.body as string);
+      return new Response(JSON.stringify({ messages: [{ id: "wamid.R" }] }), { status: 200 });
+    }) as typeof fetch;
+
+    await sendKapsoText({
+      apiBaseUrl: "https://api.kapso.ai",
+      apiKey: "k",
+      phoneNumberId: "p",
+      to: "34679077777",
+      body: "re",
+      contextMessageId: "wamid.IN999",
+    });
+
+    expect(body!.context).toEqual({ message_id: "wamid.IN999" });
+  });
+
+  test("24h-window error (code 131047) → sessionWindowExpired", async () => {
+    mockFetch(400, {
+      error: { code: 131047, message: "Message failed: more than 24 hours since last reply" },
+    });
+    const result = await sendKapsoText({
+      apiBaseUrl: "https://api.kapso.ai",
+      apiKey: "k",
+      phoneNumberId: "p",
+      to: "34679077777",
+      body: "late",
+    });
+    expect(result.ok).toBe(false);
+    expect(result.sessionWindowExpired).toBe(true);
+  });
+
+  test("generic error → not flagged as session-window", async () => {
+    mockFetch(401, { error: { code: 0, message: "Invalid API key" } });
+    const result = await sendKapsoText({
+      apiBaseUrl: "https://api.kapso.ai",
+      apiKey: "bad",
+      phoneNumberId: "p",
+      to: "34679077777",
+      body: "x",
+    });
+    expect(result.ok).toBe(false);
+    expect(result.sessionWindowExpired).toBe(false);
+    expect(result.errorMessage).toContain("Invalid API key");
+  });
+});

package/src/tests/kapso-inbound.test.ts

@@ -0,0 +1,198 @@
+import { afterAll, beforeAll, describe, expect, test } from "bun:test";
+import crypto from "node:crypto";
+import type { IncomingMessage, ServerResponse } from "node:http";
+import { closeDb, createAgent, getTaskById, initDb } from "../be/db";
+import { handleWebhooks } from "../http/webhooks";
+import { putKapsoNumberMapping } from "../integrations/kapso/config";
+import { routeKapsoInbound } from "../integrations/kapso/inbound";
+
+const TEST_DB_PATH = "./test-kapso-inbound.sqlite";
+const HMAC_SECRET = "kapso-test-hmac-secret";
+
+let agentId: string;
+
+function makePayload(opts: {
+  phoneNumberId: string;
+  messageId?: string;
+  direction?: string;
+  type?: string;
+  text?: string;
+  from?: string;
+  conversationId?: string;
+}) {
+  return {
+    message: {
+      id: opts.messageId ?? `wamid.${Math.random().toString(36).slice(2)}`,
+      from: opts.from ?? "34679077777",
+      type: opts.type ?? "text",
+      text: { body: opts.text ?? "hola" },
+      kapso: { direction: opts.direction ?? "inbound", content: opts.text ?? "hola" },
+    },
+    conversation: {
+      id: opts.conversationId ?? "conv-1",
+      phone_number: opts.from ?? "34679077777",
+      contact_name: "Taras",
+    },
+    phone_number_id: opts.phoneNumberId,
+  };
+}
+
+function sign(secret: string, body: string): string {
+  return crypto.createHmac("sha256", secret).update(body).digest("hex");
+}
+
+/** Minimal fake req/res to drive handleWebhooks without a live server. */
+function fakeReqRes(rawBody: string, headers: Record<string, string>) {
+  const req = {
+    method: "POST",
+    headers,
+    async *[Symbol.asyncIterator]() {
+      yield Buffer.from(rawBody);
+    },
+  } as unknown as IncomingMessage;
+
+  const captured = { status: 0, body: "" };
+  const res = {
+    writeHead(status: number) {
+      captured.status = status;
+      return this;
+    },
+    end(chunk?: string) {
+      if (chunk) captured.body = chunk;
+      return this;
+    },
+  } as unknown as ServerResponse;
+
+  return { req, res, captured };
+}
+
+const KAPSO_PATH = ["api", "integrations", "kapso", "webhook"];
+
+beforeAll(() => {
+  for (const suffix of ["", "-wal", "-shm"]) {
+    try {
+      require("node:fs").unlinkSync(`${TEST_DB_PATH}${suffix}`);
+    } catch {}
+  }
+  initDb(TEST_DB_PATH);
+  process.env.KAPSO_WEBHOOK_HMAC_SECRET = HMAC_SECRET;
+  const agent = createAgent({ name: "KapsoWorker", isLead: false, status: "idle" });
+  agentId = agent.id;
+});
+
+afterAll(() => {
+  closeDb();
+  delete process.env.KAPSO_WEBHOOK_HMAC_SECRET;
+  for (const suffix of ["", "-wal", "-shm"]) {
+    try {
+      require("node:fs").unlinkSync(`${TEST_DB_PATH}${suffix}`);
+    } catch {}
+  }
+});
+
+describe("routeKapsoInbound", () => {
+  test("mapping hit → dispatches a kapso-inbound task to the mapped agent", () => {
+    putKapsoNumberMapping({
+      phoneNumberId: "pn-task",
+      agentId,
+      createdAt: new Date().toISOString(),
+    });
+    const routing = routeKapsoInbound(makePayload({ phoneNumberId: "pn-task" }));
+    expect(routing.kind).toBe("task");
+    if (routing.kind !== "task") throw new Error("expected task");
+    const task = getTaskById(routing.taskId);
+    expect(task).not.toBeNull();
+    expect(task!.taskType).toBe("kapso-inbound");
+    expect(task!.agentId).toBe(agentId);
+    expect(task!.task).toContain("## Source: WhatsApp (Kapso)");
+  });
+
+  test("no mapping → no_mapping (does not break, no task)", () => {
+    const routing = routeKapsoInbound(makePayload({ phoneNumberId: "pn-unregistered" }));
+    expect(routing.kind).toBe("no_mapping");
+  });
+
+  test("workflow mapping → signals workflow dispatch", () => {
+    putKapsoNumberMapping({
+      phoneNumberId: "pn-wf",
+      workflowId: "11111111-1111-4111-8111-111111111111",
+      createdAt: new Date().toISOString(),
+    });
+    const routing = routeKapsoInbound(makePayload({ phoneNumberId: "pn-wf" }));
+    expect(routing.kind).toBe("workflow");
+    if (routing.kind !== "workflow") throw new Error("expected workflow");
+    expect(routing.workflowId).toBe("11111111-1111-4111-8111-111111111111");
+  });
+
+  test("non-inbound (outbound/status) → skip", () => {
+    const routing = routeKapsoInbound(
+      makePayload({ phoneNumberId: "pn-task", direction: "outbound" }),
+    );
+    expect(routing.kind).toBe("skip");
+  });
+
+  test("duplicate delivery of the same message id → second is deduped", () => {
+    putKapsoNumberMapping({
+      phoneNumberId: "pn-dup",
+      agentId,
+      createdAt: new Date().toISOString(),
+    });
+    const messageId = "wamid.DUPLICATE_TEST";
+    const first = routeKapsoInbound(makePayload({ phoneNumberId: "pn-dup", messageId }));
+    expect(first.kind).toBe("task");
+    const second = routeKapsoInbound(makePayload({ phoneNumberId: "pn-dup", messageId }));
+    expect(second.kind).toBe("duplicate");
+  });
+});
+
+describe("handleWebhooks — Kapso HMAC gate", () => {
+  test("valid HMAC + mapping hit → 200 and task routing", async () => {
+    putKapsoNumberMapping({
+      phoneNumberId: "pn-http",
+      agentId,
+      createdAt: new Date().toISOString(),
+    });
+    const rawBody = JSON.stringify(
+      makePayload({ phoneNumberId: "pn-http", messageId: "wamid.HTTP_OK" }),
+    );
+    const { req, res, captured } = fakeReqRes(rawBody, {
+      "x-webhook-signature": sign(HMAC_SECRET, rawBody),
+    });
+    const handled = await handleWebhooks(req, res, KAPSO_PATH);
+    expect(handled).toBe(true);
+    expect(captured.status).toBe(200);
+    expect(JSON.parse(captured.body)).toMatchObject({ received: true, routing: "task" });
+  });
+
+  test("valid HMAC + no mapping → 200 no_mapping (fallback, does not break)", async () => {
+    const rawBody = JSON.stringify(
+      makePayload({ phoneNumberId: "pn-http-unmapped", messageId: "wamid.HTTP_NOMAP" }),
+    );
+    const { req, res, captured } = fakeReqRes(rawBody, {
+      "x-webhook-signature": sign(HMAC_SECRET, rawBody),
+    });
+    await handleWebhooks(req, res, KAPSO_PATH);
+    expect(captured.status).toBe(200);
+    expect(JSON.parse(captured.body)).toMatchObject({ routing: "no_mapping" });
+  });
+
+  test("invalid HMAC → 401", async () => {
+    const rawBody = JSON.stringify(
+      makePayload({ phoneNumberId: "pn-http", messageId: "wamid.HTTP_BAD" }),
+    );
+    const { req, res, captured } = fakeReqRes(rawBody, {
+      "x-webhook-signature": sign("wrong-secret", rawBody),
+    });
+    await handleWebhooks(req, res, KAPSO_PATH);
+    expect(captured.status).toBe(401);
+  });
+
+  test("missing signature → 401", async () => {
+    const rawBody = JSON.stringify(
+      makePayload({ phoneNumberId: "pn-http", messageId: "wamid.HTTP_NOSIG" }),
+    );
+    const { req, res, captured } = fakeReqRes(rawBody, {});
+    await handleWebhooks(req, res, KAPSO_PATH);
+    expect(captured.status).toBe(401);
+  });
+});

package/src/tests/mcp-user-route.test.ts

@@ -0,0 +1,325 @@
+import { afterAll, beforeAll, beforeEach, describe, expect, test } from "bun:test";
+import { unlink } from "node:fs/promises";
+import {
+  createServer as createHttpServer,
+  type IncomingMessage,
+  type Server,
+  type ServerResponse,
+} from "node:http";
+import type { StreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/streamableHttp.js";
+import { closeDb, createTaskExtended, createUser, getDb, getTaskById, initDb } from "../be/db";
+import { type IdentityActor, mintToken, revokeToken } from "../be/users";
+import { handleCore } from "../http/core";
+import { handleMcp } from "../http/mcp";
+import { handleMcpUser } from "../http/mcp-user";
+
+const TEST_DB_PATH = "./test-mcp-user-route.sqlite";
+const API_KEY = "test-mcp-user-key";
+const ACTOR: IdentityActor = { kind: "operator", id: "test" };
+
+async function removeDbFiles(path: string): Promise<void> {
+  for (const suffix of ["", "-wal", "-shm"]) {
+    try {
+      await unlink(path + suffix);
+    } catch (error) {
+      if ((error as NodeJS.ErrnoException).code !== "ENOENT") throw error;
+    }
+  }
+}
+
+async function listen(server: Server): Promise<number> {
+  const port = 15173;
+  await new Promise<void>((resolve, reject) => {
+    server.once("error", reject);
+    server.listen(port, "127.0.0.1", () => {
+      server.off("error", reject);
+      resolve();
+    });
+  });
+  const addr = server.address();
+  if (!addr || typeof addr === "string") throw new Error("no port");
+  return addr.port;
+}
+
+function createTestServer(): Server {
+  const transports: Record<string, StreamableHTTPServerTransport> = {};
+  const transportsUser: Record<string, StreamableHTTPServerTransport> = {};
+  const sessionUsers: Record<string, string> = {};
+
+  return createHttpServer(async (req: IncomingMessage, res: ServerResponse) => {
+    const myAgentId = req.headers["x-agent-id"] as string | undefined;
+    if (await handleCore(req, res, myAgentId, API_KEY)) return;
+    if (await handleMcp(req, res, transports)) return;
+    if (await handleMcpUser(req, res, transportsUser, sessionUsers)) return;
+    res.writeHead(404);
+    res.end("Not Found");
+  });
+}
+
+let server: Server;
+let port: number;
+
+beforeAll(async () => {
+  await removeDbFiles(TEST_DB_PATH);
+  initDb(TEST_DB_PATH);
+  server = createTestServer();
+  port = await listen(server);
+});
+
+afterAll(async () => {
+  await new Promise<void>((resolve) => server.close(() => resolve()));
+  closeDb();
+  await removeDbFiles(TEST_DB_PATH);
+});
+
+beforeEach(() => {
+  // Clean slate between tests for deterministic token and task state.
+  const db = getDb();
+  db.run("DELETE FROM user_identity_events");
+  db.run("DELETE FROM user_tokens");
+  db.run("DELETE FROM agent_tasks");
+  db.run("DELETE FROM users");
+});
+
+function endpoint(path = "/mcp-user"): string {
+  return `http://localhost:${port}${path}`;
+}
+
+function parseMcpPayload(text: string): unknown {
+  const trimmed = text.trim();
+  if (!trimmed) return null;
+  if (trimmed.startsWith("event:") || trimmed.startsWith("data:")) {
+    const data = trimmed
+      .split("\n")
+      .filter((line) => line.startsWith("data:"))
+      .map((line) => line.slice("data:".length).trim())
+      .join("\n");
+    return JSON.parse(data);
+  }
+  return JSON.parse(trimmed);
+}
+
+async function mcpPost(
+  token: string | null,
+  body: Record<string, unknown>,
+  sessionId?: string,
+  path = "/mcp-user",
+  extraHeaders?: Record<string, string>,
+): Promise<{ response: Response; payload: unknown; text: string }> {
+  const headers: Record<string, string> = {
+    Accept: "application/json, text/event-stream",
+    "Content-Type": "application/json",
+    ...extraHeaders,
+  };
+  if (token) headers.Authorization = `Bearer ${token}`;
+  if (sessionId) headers["mcp-session-id"] = sessionId;
+
+  const response = await fetch(endpoint(path), {
+    method: "POST",
+    headers,
+    body: JSON.stringify(body),
+  });
+  const text = await response.text();
+  const payload = text ? parseMcpPayload(text) : null;
+  return { response, payload, text };
+}
+
+async function initialize(
+  token: string,
+  path = "/mcp-user",
+  extraHeaders?: Record<string, string>,
+): Promise<string> {
+  const { response, text } = await mcpPost(
+    token,
+    {
+      jsonrpc: "2.0",
+      id: 1,
+      method: "initialize",
+      params: {
+        protocolVersion: "2024-11-05",
+        clientInfo: { name: "test", version: "1" },
+        capabilities: {},
+      },
+    },
+    undefined,
+    path,
+    extraHeaders,
+  );
+  expect(response.status).toBe(200);
+  const sessionId = response.headers.get("mcp-session-id");
+  if (!sessionId) throw new Error(`missing mcp-session-id from initialize response: ${text}`);
+  return sessionId;
+}
+
+async function notifyInitialized(
+  token: string,
+  sessionId: string,
+  path = "/mcp-user",
+  extraHeaders?: Record<string, string>,
+): Promise<void> {
+  const { response } = await mcpPost(
+    token,
+    { jsonrpc: "2.0", method: "notifications/initialized" },
+    sessionId,
+    path,
+    extraHeaders,
+  );
+  expect([200, 202]).toContain(response.status);
+}
+
+describe("/mcp-user auth and tool surface", () => {
+  test("request to /mcp-user with no token returns 401", async () => {
+    const { response } = await mcpPost(null, {
+      jsonrpc: "2.0",
+      id: 1,
+      method: "initialize",
+      params: {
+        protocolVersion: "2024-11-05",
+        clientInfo: { name: "test", version: "1" },
+        capabilities: {},
+      },
+    });
+
+    expect(response.status).toBe(401);
+  });
+
+  test("request to /mcp-user with a revoked token returns 401", async () => {
+    const user = createUser({ name: "Revoked User" });
+    const token = mintToken(user.id, "revoked", ACTOR);
+    revokeToken(token.tokenId, ACTOR);
+
+    const { response } = await mcpPost(token.plaintext, {
+      jsonrpc: "2.0",
+      id: 1,
+      method: "initialize",
+      params: {
+        protocolVersion: "2024-11-05",
+        clientInfo: { name: "test", version: "1" },
+        capabilities: {},
+      },
+    });
+
+    expect(response.status).toBe(401);
+  });
+
+  test("request to /mcp-user with a suspended user's valid token returns 401", async () => {
+    const user = createUser({ name: "Suspended User", status: "suspended" });
+    const token = mintToken(user.id, "suspended", ACTOR);
+
+    const { response } = await mcpPost(token.plaintext, {
+      jsonrpc: "2.0",
+      id: 1,
+      method: "initialize",
+      params: {
+        protocolVersion: "2024-11-05",
+        clientInfo: { name: "test", version: "1" },
+        capabilities: {},
+      },
+    });
+
+    expect(response.status).toBe(401);
+  });
+
+  test("request with a different user token than the opening session returns 401", async () => {
+    const userA = createUser({ name: "Session A" });
+    const userB = createUser({ name: "Session B" });
+    const tokenA = mintToken(userA.id, "a", ACTOR).plaintext;
+    const tokenB = mintToken(userB.id, "b", ACTOR).plaintext;
+    const sessionId = await initialize(tokenA);
+
+    const { response } = await mcpPost(
+      tokenB,
+      { jsonrpc: "2.0", id: 2, method: "tools/list", params: {} },
+      sessionId,
+    );
+
+    expect(response.status).toBe(401);
+  });
+
+  test("valid active-user token initializes and tools/list returns exactly the 5 task tools", async () => {
+    const user = createUser({ name: "Active User" });
+    const token = mintToken(user.id, "active", ACTOR).plaintext;
+    const sessionId = await initialize(token);
+    await notifyInitialized(token, sessionId);
+
+    const { response, payload } = await mcpPost(
+      token,
+      { jsonrpc: "2.0", id: 2, method: "tools/list", params: {} },
+      sessionId,
+    );
+
+    expect(response.status).toBe(200);
+    const result = payload as { result: { tools: Array<{ name: string }> } };
+    const names = result.result.tools.map((tool) => tool.name).sort();
+    expect(names).toEqual(
+      ["cancel-task", "get-task-details", "get-tasks", "send-task", "task-action"].sort(),
+    );
+  });
+
+  test("send-task over /mcp-user records requestedByUserId and get-tasks returns only that user's tasks", async () => {
+    const user = createUser({ name: "Task Requester" });
+    const otherUser = createUser({ name: "Other Task Requester" });
+    const token = mintToken(user.id, "task", ACTOR).plaintext;
+    const sessionId = await initialize(token);
+    await notifyInitialized(token, sessionId);
+
+    const { response, payload } = await mcpPost(
+      token,
+      {
+        jsonrpc: "2.0",
+        id: 3,
+        method: "tools/call",
+        params: { name: "send-task", arguments: { task: "user mcp task" } },
+      },
+      sessionId,
+    );
+
+    expect(response.status).toBe(200);
+    const result = payload as { result: { structuredContent: { task: { id: string } } } };
+    const taskId = result.result.structuredContent.task.id;
+    expect(getTaskById(taskId)?.requestedByUserId).toBe(user.id);
+    const foreignTask = createTaskExtended("foreign user mcp task", {
+      requestedByUserId: otherUser.id,
+    });
+    createTaskExtended("owner-only task");
+
+    const listResponse = await mcpPost(
+      token,
+      {
+        jsonrpc: "2.0",
+        id: 4,
+        method: "tools/call",
+        params: { name: "get-tasks", arguments: { includeFull: true, limit: 50 } },
+      },
+      sessionId,
+    );
+
+    expect(listResponse.response.status).toBe(200);
+    const listResult = listResponse.payload as {
+      result: { structuredContent: { tasks: Array<{ id: string; task?: string }> } };
+    };
+    const ids = listResult.result.structuredContent.tasks.map((task) => task.id);
+    expect(ids).toContain(taskId);
+    expect(ids).not.toContain(foreignTask.id);
+    expect(listResult.result.structuredContent.tasks).toHaveLength(1);
+  });
+
+  test("owner /mcp path still initializes with swarm API key", async () => {
+    const ownerHeaders = { "X-Agent-ID": "00000000-0000-4000-8000-000000000001" };
+    const sessionId = await initialize(API_KEY, "/mcp", ownerHeaders);
+    await notifyInitialized(API_KEY, sessionId, "/mcp", ownerHeaders);
+
+    const { response, payload } = await mcpPost(
+      API_KEY,
+      { jsonrpc: "2.0", id: 2, method: "tools/list", params: {} },
+      sessionId,
+      "/mcp",
+      ownerHeaders,
+    );
+
+    expect(response.status).toBe(200);
+    const result = payload as { result: { tools: Array<{ name: string }> } };
+    const names = result.result.tools.map((tool) => tool.name);
+    expect(names).toContain("send-task");
+  });
+});

package/src/tests/opencode-adapter.test.ts

@@ -141,6 +141,81 @@ describe("OpencodeSession — SSE→ProviderEvent mapping", () => {
     expect(result.failureReason).toContain("provider overloaded");
   });
 
+  test("prompt Model not found refreshes OpenRouter cache and retries once", async () => {
+    const emitted: ProviderEvent[] = [];
+    const refreshCalls: Array<{ model?: string; configFilePath: string; dataHomePath: string }> =
+      [];
+    const fakeSessionId = "sess-abc-123";
+    let promptCalls = 0;
+    let resolveSecondPrompt!: () => void;
+    const secondPromptSent = new Promise<void>((resolve) => {
+      resolveSecondPrompt = resolve;
+    });
+
+    const fakeClient = {
+      session: {
+        create: async () => ({ data: { id: fakeSessionId }, error: undefined }),
+        prompt: async (args: unknown) => {
+          lastPromptArgs = args;
+          promptCalls += 1;
+          if (promptCalls === 1) {
+            throw new Error(
+              "Model not found: openrouter/x-ai/grok-4.3. Did you mean: x-ai/grok-4.3?",
+            );
+          }
+          resolveSecondPrompt();
+          return { data: {}, error: undefined };
+        },
+      },
+      event: {
+        subscribe: async () => ({
+          stream: (async function* (): AsyncGenerator<OpencodeEvent> {
+            await secondPromptSent;
+            yield { type: "session.idle", properties: { sessionID: fakeSessionId } };
+          })(),
+        }),
+      },
+    };
+    const fakeServer = { url: "http://127.0.0.1:12345", close: mock(() => {}) };
+
+    mock.module("@opencode-ai/sdk", () => ({
+      createOpencode: async () => ({ client: fakeClient, server: fakeServer }),
+    }));
+
+    const { OpencodeAdapter, _setOpenRouterModelCacheRefreshForTests } = await import(
+      "../providers/opencode-adapter"
+    );
+    _setOpenRouterModelCacheRefreshForTests(
+      async (opencodeConfig, configFilePath, dataHomePath) => {
+        refreshCalls.push({ model: opencodeConfig.model, configFilePath, dataHomePath });
+      },
+    );
+    try {
+      const adapter = new OpencodeAdapter();
+      const session = await adapter.createSession(
+        testConfig({ model: "openrouter/x-ai/grok-4.3", taskId: "task-refresh" }),
+      );
+      session.onEvent((e) => emitted.push(e));
+
+      const result = await session.waitForCompletion();
+
+      expect(result.isError).toBe(false);
+      expect(promptCalls).toBe(2);
+      expect(refreshCalls).toEqual([
+        {
+          model: "openrouter/x-ai/grok-4.3",
+          configFilePath: "/tmp/opencode-task-refresh.json",
+          dataHomePath: "/tmp/opencode-data-task-refresh",
+        },
+      ]);
+      expect(emitted.some((e) => e.type === "progress" && e.message.includes("refreshing"))).toBe(
+        true,
+      );
+    } finally {
+      _setOpenRouterModelCacheRefreshForTests(null);
+    }
+  });
+
   test("permission.updated → emits error (headless cannot approve)", async () => {
     const events: OpencodeEvent[] = [
       {