@desplega.ai/agent-swarm 1.95.0 → 1.97.0

package/README.md

@@ -127,7 +127,7 @@ Check [our templates](https://templates.agent-swarm.dev) for a quick start.
 - **Workflow engine with Human-in-the-Loop** — DAG-based automation with approval gates, retries, and structured I/O. [Workflows →](https://docs.agent-swarm.dev/docs/concepts/workflows)
 - **Scheduled & recurring tasks** — cron-based automation for standing work. [Scheduling →](https://docs.agent-swarm.dev/docs/concepts/scheduling)
 - **Durable script workflows** — launch background script runs, inspect their journals, and track them from the dashboard when a one-shot `script-run` is too small. [Guide →](https://docs.agent-swarm.dev/docs/guides/script-workflow-runs)
-- **Harness & LLM agnostic** — run with Claude Code, Claude Bridge, OpenAI Codex, pi-mono, Devin, Claude Managed Agents, raw LLMs, or opencode. Tasks, schedules, and workflow agent-task nodes can use portable `modelTier` intent (`smol`, `regular`, `smart`, `ultra`) and resolve it per worker/provider at run time. [Harness config →](https://docs.agent-swarm.dev/docs/guides/harness-configuration) · [Add a new provider →](https://docs.agent-swarm.dev/docs/guides/harness-providers)
+- **Harness & LLM agnostic** — run with Claude Code, Claude Bridge, OpenAI Codex, pi-mono (Anthropic, OpenRouter, or Amazon Bedrock), Devin, Claude Managed Agents, raw LLMs, or opencode. Tasks, schedules, and workflow agent-task nodes can use portable `modelTier` intent (`smol`, `regular`, `smart`, `ultra`) and resolve it per worker/provider at run time. [Harness config →](https://docs.agent-swarm.dev/docs/guides/harness-configuration) · [Add a new provider →](https://docs.agent-swarm.dev/docs/guides/harness-providers)
 - **Follow-up continuity across all harnesses** — child tasks inherit a bounded prior-task context preamble built from the task chain, so continuity survives restarts and works the same across every provider. [Task lifecycle →](https://docs.agent-swarm.dev/docs/concepts/task-lifecycle)
 - **Skills & MCP servers** — reusable procedural knowledge, bundled skill reference files, and per-agent MCP servers with scope cascade. [MCP tools →](https://docs.agent-swarm.dev/docs/reference/mcp-tools)
 - **External tool-router access** — the `x` command and `swarm_x` MCP tool let humans and agents execute approved third-party routes such as Composio without baking bespoke MCP servers first. [CLI →](https://docs.agent-swarm.dev/docs/reference/cli) · [Composio →](https://docs.agent-swarm.dev/docs/integrations/composio)
@@ -140,7 +140,7 @@ Check [our templates](https://templates.agent-swarm.dev) for a quick start.
 
 Need help? Contact us at [contact@desplega.sh](mailto:contact@desplega.sh).
 
-**Prerequisites:** [Docker](https://docker.com) and a [Claude Code](https://docs.anthropic.com/en/docs/claude-code) OAuth token (`claude setup-token`).
+**Prerequisites:** [Docker](https://docker.com) and at least one supported harness credential. The default quick start assumes a [Claude Code](https://docs.anthropic.com/en/docs/claude-code) OAuth token (`claude setup-token`), but pi-mono / Bedrock, Codex, Devin, and other provider setups are also supported.
 
 The fastest way is the onboarding wizard — it collects credentials, picks presets, and generates a working `docker-compose.yml`:
 
@@ -154,7 +154,7 @@ Prefer manual setup? Clone and run with Docker Compose:
 git clone https://github.com/desplega-ai/agent-swarm.git
 cd agent-swarm
 cp .env.docker.example .env
-# edit .env — set API_KEY and CLAUDE_CODE_OAUTH_TOKEN
+# edit .env — set API_KEY plus the credential for your chosen harness (for example CLAUDE_CODE_OAUTH_TOKEN)
 docker compose -f docker-compose.example.yml --env-file .env up -d
 ```
 

package/openapi.json

@@ -2,7 +2,7 @@
   "openapi": "3.1.0",
   "info": {
     "title": "Agent Swarm API",
-    "version": "1.95.0",
+    "version": "1.97.0",
     "description": "Multi-agent orchestration API for Claude Code, Codex, and Gemini CLI. Enables task distribution, agent communication, and service discovery.\n\nMCP tools are documented separately in [MCP.md](./MCP.md)."
   },
   "servers": [
@@ -981,6 +981,51 @@
                           "post_task"
                         ],
                         "default": "boot"
+                      },
+                      "bedrock": {
+                        "type": [
+                          "object",
+                          "null"
+                        ],
+                        "properties": {
+                          "region": {
+                            "type": "string"
+                          },
+                          "probedAt": {
+                            "type": "number"
+                          },
+                          "ready": {
+                            "type": "boolean"
+                          },
+                          "models": {
+                            "type": "array",
+                            "items": {
+                              "type": "object",
+                              "properties": {
+                                "id": {
+                                  "type": "string"
+                                },
+                                "name": {
+                                  "type": "string"
+                                }
+                              },
+                              "required": [
+                                "id",
+                                "name"
+                              ]
+                            },
+                            "default": []
+                          },
+                          "error": {
+                            "type": "string"
+                          }
+                        },
+                        "default": null,
+                        "required": [
+                          "region",
+                          "probedAt",
+                          "ready"
+                        ]
                       }
                     },
                     "required": [
@@ -2538,6 +2583,96 @@
         }
       }
     },
+    "/api/keys/report-rate-limit-windows": {
+      "post": {
+        "summary": "Record provider-emitted rate-limit window telemetry for an API key",
+        "tags": [
+          "API Keys"
+        ],
+        "security": [
+          {
+            "bearerAuth": []
+          }
+        ],
+        "requestBody": {
+          "content": {
+            "application/json": {
+              "schema": {
+                "type": "object",
+                "properties": {
+                  "keyType": {
+                    "type": "string"
+                  },
+                  "keySuffix": {
+                    "type": "string",
+                    "minLength": 1,
+                    "maxLength": 10
+                  },
+                  "keyIndex": {
+                    "type": "integer",
+                    "minimum": 0
+                  },
+                  "windows": {
+                    "type": "object",
+                    "additionalProperties": {
+                      "type": "object",
+                      "properties": {
+                        "status": {
+                          "type": "string"
+                        },
+                        "utilization": {
+                          "type": "number"
+                        },
+                        "resetsAt": {
+                          "type": "number"
+                        },
+                        "isUsingOverage": {
+                          "type": "boolean"
+                        },
+                        "surpassedThreshold": {
+                          "type": "number"
+                        },
+                        "lastSeenAt": {
+                          "type": "string",
+                          "format": "date-time"
+                        }
+                      },
+                      "required": [
+                        "status",
+                        "lastSeenAt"
+                      ]
+                    }
+                  },
+                  "scope": {
+                    "type": "string"
+                  },
+                  "scopeId": {
+                    "type": "string"
+                  }
+                },
+                "required": [
+                  "keyType",
+                  "keySuffix",
+                  "keyIndex",
+                  "windows"
+                ]
+              }
+            }
+          }
+        },
+        "responses": {
+          "200": {
+            "description": "Rate-limit window telemetry recorded"
+          },
+          "400": {
+            "description": "Validation error"
+          },
+          "401": {
+            "description": "Unauthorized"
+          }
+        }
+      }
+    },
     "/api/keys/available": {
       "get": {
         "summary": "Get available (non-rate-limited) key indices for a credential type",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@desplega.ai/agent-swarm",
-  "version": "1.95.0",
+  "version": "1.97.0",
   "description": "Multi-agent orchestration for Claude Code, Codex, Gemini CLI, and other AI coding assistants",
   "license": "MIT",
   "author": "desplega.sh <contact@desplega.sh>",

package/src/be/boot-scrub-logs.ts

@@ -0,0 +1,76 @@
+/**
+ * One-time boot-scrub: retroactively sanitize session_logs rows that contain
+ * sensitive patterns (structural regex matches) which pre-date the defense-in-
+ * depth scrub added to createSessionLogs / task persistence paths.
+ *
+ * Idempotent: already-scrubbed rows are no-ops (scrubSecrets is idempotent).
+ * Uses seed_state to avoid re-scanning on subsequent boots.
+ */
+
+import { scrubSecrets } from "../utils/secret-scrubber";
+import { getDb } from "./db";
+
+const SCRUB_KEY = "boot-scrub-logs-v2";
+const BATCH_SIZE = 500;
+
+export async function runBootScrubLogs(): Promise<void> {
+  const db = getDb();
+
+  const done = db
+    .prepare<{ key: string }, [string, string]>(
+      "SELECT key FROM seed_state WHERE kind = ? AND key = ?",
+    )
+    .get("maintenance", SCRUB_KEY);
+
+  if (done) return;
+
+  // ESCAPE '!' makes ! the escape character so !_ matches a literal underscore
+  // instead of the LIKE single-char wildcard. Without this, '%npm_%' matches
+  // any row containing "npm" + any char (e.g. "npm install"), drowning real
+  // token rows when a LIMIT is applied.
+  const rows = db
+    .prepare<{ id: string; content: string }, []>(
+      `SELECT id, content FROM session_logs
+       WHERE content LIKE '%lin!_oauth!_%' ESCAPE '!'
+          OR content LIKE '%lin!_api!_%' ESCAPE '!'
+          OR content LIKE '%npm!_%' ESCAPE '!'
+          OR content LIKE '%ATATT%'`,
+    )
+    .all();
+
+  if (rows.length === 0) {
+    markDone(db);
+    return;
+  }
+
+  console.log(`[boot-scrub-logs] starting: ${rows.length} candidate rows`);
+
+  const update = db.prepare("UPDATE session_logs SET content = ? WHERE id = ?");
+  let scrubbed = 0;
+
+  for (let i = 0; i < rows.length; i += BATCH_SIZE) {
+    const batch = rows.slice(i, i + BATCH_SIZE);
+    const tx = db.transaction(() => {
+      for (const row of batch) {
+        const cleaned = scrubSecrets(row.content);
+        if (cleaned !== row.content) {
+          update.run(cleaned, row.id);
+          scrubbed++;
+        }
+      }
+    });
+    tx();
+  }
+
+  markDone(db);
+  console.log(`[boot-scrub-logs] complete: scanned=${rows.length} scrubbed=${scrubbed}`);
+}
+
+function markDone(db: ReturnType<typeof getDb>) {
+  db.run(
+    `INSERT INTO seed_state (kind, key, seededHash, seededAt)
+     VALUES ('maintenance', ?, 'done', datetime('now'))
+     ON CONFLICT (kind, key) DO UPDATE SET seededHash = 'done', seededAt = datetime('now')`,
+    [SCRUB_KEY],
+  );
+}

package/src/be/db.ts

@@ -102,6 +102,7 @@ import type {
 } from "../types";
 import { FollowUpConfigSchema, isTerminalTaskStatus } from "../types";
 import { deriveProviderFromKeyType } from "../utils/credentials";
+import type { RateLimitWindowTelemetry } from "../utils/error-tracker";
 import { getCurrentRequestUserId } from "../utils/request-auth-context";
 import { scrubSecrets } from "../utils/secret-scrubber";
 import { decryptSecret, encryptSecret, getEncryptionKey, resolveEncryptionKey } from "./crypto";
@@ -2100,7 +2101,7 @@ export function completeTask(id: string, output?: string): AgentTask | null {
   if (!row) return null;
 
   if (output) {
-    row = taskQueries.setOutput().get(output, id);
+    row = taskQueries.setOutput().get(scrubSecrets(output), id);
   }
 
   if (row && oldTask) {
@@ -2141,7 +2142,8 @@ export function failTask(id: string, reason: string): AgentTask | null {
   }
 
   const finishedAt = new Date().toISOString();
-  const row = taskQueries.setFailure().get(reason, finishedAt, id);
+  const scrubbedReason = scrubSecrets(reason);
+  const row = taskQueries.setFailure().get(scrubbedReason, finishedAt, id);
   if (row && oldTask) {
     try {
       createLogEntry({
@@ -2150,7 +2152,7 @@ export function failTask(id: string, reason: string): AgentTask | null {
         agentId: row.agentId ?? undefined,
         oldValue: oldTask.status,
         newValue: "failed",
-        metadata: { reason },
+        metadata: { reason: scrubbedReason },
       });
     } catch {}
     try {
@@ -2496,21 +2498,22 @@ export function deleteTask(id: string): boolean {
 }
 
 export function updateTaskProgress(id: string, progress: string): AgentTask | null {
-  const row = taskQueries.setProgress().get(progress, id);
+  const scrubbedProgress = scrubSecrets(progress);
+  const row = taskQueries.setProgress().get(scrubbedProgress, id);
   if (row) {
     try {
       createLogEntry({
         eventType: "task_progress",
         taskId: id,
         agentId: row.agentId ?? undefined,
-        newValue: progress,
+        newValue: scrubbedProgress,
       });
     } catch {}
     try {
       import("../workflows/event-bus").then(({ workflowEventBus }) => {
         workflowEventBus.emit("task.progress", {
           taskId: id,
-          progress,
+          progress: scrubbedProgress,
           agentId: row.agentId,
         });
       });
@@ -2791,6 +2794,7 @@ export function createLogEntry(entry: {
   metadata?: Record<string, unknown>;
 }): AgentLog {
   const id = crypto.randomUUID();
+  const metaJson = entry.metadata ? JSON.stringify(entry.metadata) : null;
   const row = logQueries
     .insert()
     .get(
@@ -2799,8 +2803,8 @@ export function createLogEntry(entry: {
       entry.agentId ?? null,
       entry.taskId ?? null,
       entry.oldValue ?? null,
-      entry.newValue ?? null,
-      entry.metadata ? JSON.stringify(entry.metadata) : null,
+      entry.newValue ? scrubSecrets(entry.newValue) : null,
+      metaJson ? scrubSecrets(metaJson) : null,
     );
   if (!row) throw new Error("Failed to create log entry");
   return rowToAgentLog(row);
@@ -9981,10 +9985,31 @@ export interface ApiKeyStatus {
   name: string | null;
   /** Auto-derived harness provider (claude/pi/codex) — see deriveProviderFromKeyType. */
   provider: string;
+  /** Latest provider-emitted rate-limit window snapshots, keyed by window type. */
+  rateLimitWindows: RateLimitWindowTelemetry;
   createdAt: string;
   updatedAt: string;
 }
 
+type ApiKeyStatusRow = Omit<ApiKeyStatus, "rateLimitWindows"> & { rateLimitWindows: string | null };
+
+function parseRateLimitWindowsJson(value: string | null | undefined): RateLimitWindowTelemetry {
+  if (!value) return {};
+  try {
+    const parsed = JSON.parse(value) as unknown;
+    if (parsed && typeof parsed === "object" && !Array.isArray(parsed)) {
+      return parsed as RateLimitWindowTelemetry;
+    }
+  } catch {
+    // Ignore malformed historical values; telemetry is best-effort.
+  }
+  return {};
+}
+
+function rowToApiKeyStatus(row: ApiKeyStatusRow): ApiKeyStatus {
+  return { ...row, rateLimitWindows: parseRateLimitWindowsJson(row.rateLimitWindows) };
+}
+
 /**
  * Get available (non-rate-limited) key indices for a credential type.
  * Automatically clears expired rate limits before returning.
@@ -10103,6 +10128,43 @@ export function markKeyRateLimited(
     );
 }
 
+export function recordKeyRateLimitWindows(
+  keyType: string,
+  keySuffix: string,
+  keyIndex: number,
+  windows: RateLimitWindowTelemetry,
+  scope = "global",
+  scopeId: string | null = null,
+): void {
+  if (Object.keys(windows).length === 0) return;
+
+  const now = new Date().toISOString();
+  const effectiveScopeId = scopeId ?? "";
+  const provider = deriveProviderFromKeyType(keyType);
+  const db = getDb();
+  const existing = db
+    .prepare<{ rateLimitWindows: string | null }, [string, string, string, string]>(
+      `SELECT rateLimitWindows FROM api_key_status
+       WHERE keyType = ? AND keySuffix = ? AND scope = ? AND scopeId = ?`,
+    )
+    .get(keyType, keySuffix, scope, effectiveScopeId);
+  const serialized = JSON.stringify({
+    ...parseRateLimitWindowsJson(existing?.rateLimitWindows),
+    ...windows,
+  });
+
+  db.prepare(
+    `INSERT INTO api_key_status (keyType, keySuffix, keyIndex, scope, scopeId, rateLimitWindows, provider, updatedAt)
+       VALUES (?, ?, ?, ?, ?, ?, ?, ?)
+       ON CONFLICT(keyType, keySuffix, scope, scopeId)
+       DO UPDATE SET
+         rateLimitWindows = excluded.rateLimitWindows,
+         keyIndex = excluded.keyIndex,
+         provider = excluded.provider,
+         updatedAt = excluded.updatedAt`,
+  ).run(keyType, keySuffix, keyIndex, scope, effectiveScopeId, serialized, provider, now);
+}
+
 /**
  * Set or clear the human-friendly `name` label on a pooled credential.
  * Identified by the natural key (keyType + keySuffix + scope + scopeId).
@@ -10174,8 +10236,9 @@ export function getKeyStatuses(
 
   const where = conditions.length > 0 ? `WHERE ${conditions.join(" AND ")}` : "";
   return db
-    .prepare<ApiKeyStatus, string[]>(`SELECT * FROM api_key_status ${where} ORDER BY keyIndex`)
-    .all(...params);
+    .prepare<ApiKeyStatusRow, string[]>(`SELECT * FROM api_key_status ${where} ORDER BY keyIndex`)
+    .all(...params)
+    .map(rowToApiKeyStatus);
 }
 
 export interface KeyCostSummary {

package/src/be/migrations/095_api_key_rate_limit_windows.sql

@@ -0,0 +1,5 @@
+-- Persist provider-emitted rate-limit window telemetry on credential rows.
+-- Shape is JSON keyed by provider window type, e.g.
+-- {"five_hour":{"status":"allowed_warning","utilization":0.82,"resetsAt":1781334000,"isUsingOverage":false,"surpassedThreshold":0.75,"lastSeenAt":"..."}}
+
+ALTER TABLE api_key_status ADD COLUMN rateLimitWindows TEXT NOT NULL DEFAULT '{}';