@dmsdc-ai/aigentry-telepty 0.1.66 → 0.1.68

package/cli.js

@@ -15,6 +15,7 @@ const { attachInteractiveTerminal, getTerminalSize } = require('./interactive-te
 const { getRuntimeInfo } = require('./runtime-info');
 const { formatHostLabel, groupSessionsByHost, pickSessionTarget } = require('./session-routing');
 const { runInteractiveSkillInstaller } = require('./skill-installer');
+const crossMachine = require('./cross-machine');
 const args = process.argv.slice(2);
 let pendingTerminalInputError = null;
 let simulatedPromptErrorInjected = false;
@@ -208,30 +209,16 @@ function getDiscoveryHosts() {
     .filter(Boolean);
   extraHosts.forEach((host) => hosts.add(host));
 
-  // Also include relay peers for cross-machine session discovery
+  // Include relay peers for cross-machine session discovery
   const relayPeers = String(process.env.TELEPTY_RELAY_PEERS || '')
     .split(',')
     .map((host) => host.trim())
     .filter(Boolean);
   relayPeers.forEach((host) => hosts.add(host));
 
-  if (REMOTE_HOST && REMOTE_HOST !== '127.0.0.1') {
-    return Array.from(hosts);
-  }
-
-  try {
-    const tsStatus = execSync('tailscale status --json', { encoding: 'utf8', stdio: ['pipe', 'pipe', 'ignore'] });
-    const tsData = JSON.parse(tsStatus);
-    if (tsData && tsData.Peer) {
-      for (const peer of Object.values(tsData.Peer)) {
-        if (peer.Online && peer.TailscaleIPs && peer.TailscaleIPs.length > 0) {
-          hosts.add(peer.TailscaleIPs[0]);
-        }
-      }
-    }
-  } catch (e) {
-    // Tailscale not available or not running, ignore
-  }
+  // Include SSH tunnel-connected peers
+  const connectedHosts = crossMachine.getConnectedHosts();
+  connectedHosts.forEach((host) => hosts.add(host));
 
   return Array.from(hosts);
 }
@@ -242,7 +229,7 @@ async function discoverSessions(options = {}) {
   const allSessions = [];
 
   if (!options.silent) {
-    process.stdout.write('\x1b[36m🔍 Discovering active sessions across your Tailnet...\x1b[0m\n');
+    process.stdout.write('\x1b[36m🔍 Discovering active sessions across connected machines...\x1b[0m\n');
   }
 
   await Promise.all(hosts.map(async (host) => {
@@ -691,12 +678,27 @@ async function main() {
 
     await ensureDaemonRunning({ requiredCapabilities: ['wrapped-sessions'] });
 
+    // Detect terminal backend for session registration
+    function findKittySocketCli() {
+      try {
+        const files = require('fs').readdirSync('/tmp').filter(f => f.startsWith('kitty-sock'));
+        return files.length > 0;
+      } catch { return false; }
+    }
+    const detectedBackend = process.env.CMUX_WORKSPACE_ID ? 'cmux' : (findKittySocketCli() ? 'kitty' : 'pty');
+
     // Register session with daemon
     try {
       const res = await fetchWithAuth(`${DAEMON_URL}/api/sessions/register`, {
         method: 'POST',
         headers: { 'Content-Type': 'application/json' },
-        body: JSON.stringify({ session_id: sessionId, command, cwd: process.cwd() })
+        body: JSON.stringify({
+          session_id: sessionId,
+          command,
+          cwd: process.cwd(),
+          backend: detectedBackend,
+          cmux_workspace_id: process.env.CMUX_WORKSPACE_ID || null
+        })
       });
       const data = await res.json();
       if (!res.ok) {
@@ -769,7 +771,13 @@ async function main() {
           await fetchWithAuth(`${DAEMON_URL}/api/sessions/register`, {
             method: 'POST',
             headers: { 'Content-Type': 'application/json' },
-            body: JSON.stringify({ session_id: sessionId, command, cwd: process.cwd() })
+            body: JSON.stringify({
+              session_id: sessionId,
+              command,
+              cwd: process.cwd(),
+              backend: detectedBackend,
+              cmux_workspace_id: process.env.CMUX_WORKSPACE_ID || null
+            })
           });
         } catch (e) {
           // Registration may fail if session already exists or daemon not ready
@@ -1853,6 +1861,85 @@ Discuss the following topic from your project's perspective. Engage with other s
     return;
   }
 
+  // telepty connect <target> [--name <name>] [--port <port>]
+  if (cmd === 'connect') {
+    const target = args[1];
+    if (!target) {
+      console.error('❌ Usage: telepty connect <user@host> [--name <name>] [--port <port>]');
+      process.exit(1);
+    }
+    const nameFlag = args.indexOf('--name');
+    const portFlag = args.indexOf('--port');
+    const options = {};
+    if (nameFlag !== -1 && args[nameFlag + 1]) options.name = args[nameFlag + 1];
+    if (portFlag !== -1 && args[portFlag + 1]) options.port = Number(args[portFlag + 1]);
+
+    process.stdout.write(`\x1b[36m🔗 Connecting to ${target}...\x1b[0m\n`);
+    const result = await crossMachine.connect(target, options);
+    if (result.success) {
+      console.log(`\x1b[32m✅ Connected to ${result.name}\x1b[0m`);
+      console.log(`   Machine ID: ${result.machineId}`);
+      console.log(`   Local port: ${result.localPort}`);
+      console.log(`   Version: ${result.version}`);
+      console.log(`\nSessions on ${result.name} are now discoverable via \x1b[36mtelepty list\x1b[0m`);
+    } else {
+      console.error(`\x1b[31m❌ ${result.error}\x1b[0m`);
+      process.exit(1);
+    }
+    return;
+  }
+
+  // telepty disconnect [<name> | --all]
+  if (cmd === 'disconnect') {
+    if (args[1] === '--all') {
+      const result = crossMachine.disconnectAll();
+      console.log(`\x1b[32m✅ Disconnected from ${result.disconnected.length} peer(s)\x1b[0m`);
+    } else if (args[1]) {
+      const result = crossMachine.disconnect(args[1]);
+      if (result.success) {
+        console.log(`\x1b[32m✅ Disconnected from ${result.name}\x1b[0m`);
+      } else {
+        console.error(`\x1b[31m❌ ${result.error}\x1b[0m`);
+      }
+    } else {
+      console.error('❌ Usage: telepty disconnect <name> | --all');
+      process.exit(1);
+    }
+    return;
+  }
+
+  // telepty peers [--remove <name>]
+  if (cmd === 'peers') {
+    if (args[1] === '--remove' && args[2]) {
+      crossMachine.removePeer(args[2]);
+      console.log(`\x1b[32m✅ Removed peer ${args[2]}\x1b[0m`);
+      return;
+    }
+
+    const active = crossMachine.listActivePeers();
+    const known = crossMachine.listKnownPeers();
+
+    console.log('\x1b[1mConnected Peers:\x1b[0m');
+    if (active.length === 0) {
+      console.log('  (none)');
+    } else {
+      for (const peer of active) {
+        console.log(`  \x1b[32m●\x1b[0m ${peer.name} (${peer.target}) → localhost:${peer.localPort} [${peer.machineId}]`);
+      }
+    }
+
+    const knownNames = Object.keys(known);
+    const disconnected = knownNames.filter(n => !active.find(a => a.name === n));
+    if (disconnected.length > 0) {
+      console.log('\n\x1b[1mKnown Peers (disconnected):\x1b[0m');
+      for (const name of disconnected) {
+        const p = known[name];
+        console.log(`  \x1b[90m○\x1b[0m ${name} (${p.target}) — last: ${p.lastConnected || 'never'}`);
+      }
+    }
+    return;
+  }
+
   if (cmd === 'listen' || cmd === 'monitor') {
     await ensureDaemonRunning();
     
@@ -1938,6 +2025,9 @@ Usage:
   telepty multicast <id1[@host],id2[@host]> "<prompt>"  Inject text into multiple specific sessions
   telepty broadcast "<prompt>"                   Inject text into ALL active sessions
   telepty rename <old_id[@host]> <new_id>        Rename a session (updates terminal title too)
+  telepty connect <user@host> [--name N] [--port P]  Connect to a remote machine via SSH tunnel
+  telepty disconnect <name> | --all              Disconnect from a remote machine
+  telepty peers [--remove <name>]                List connected and known peers
   telepty listen                                 Listen to the event bus and print JSON to stdout
   telepty monitor                                Human-readable real-time billboard of bus events
   telepty update                                 Update telepty to the latest version

package/cross-machine.js

@@ -0,0 +1,221 @@
+'use strict';
+
+const { spawn } = require('child_process');
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+
+const PEERS_PATH = path.join(os.homedir(), '.telepty', 'peers.json');
+const BASE_LOCAL_PORT = 3849; // tunnels start at this port
+
+// In-memory active tunnels
+const activeTunnels = new Map(); // name -> { process, localPort, target, connectedAt, ... }
+
+function loadPeers() {
+  try {
+    if (!fs.existsSync(PEERS_PATH)) return { peers: {} };
+    return JSON.parse(fs.readFileSync(PEERS_PATH, 'utf8'));
+  } catch { return { peers: {} }; }
+}
+
+function savePeers(data) {
+  try {
+    fs.mkdirSync(path.dirname(PEERS_PATH), { recursive: true });
+    fs.writeFileSync(PEERS_PATH, JSON.stringify(data, null, 2));
+  } catch {}
+}
+
+function getNextLocalPort() {
+  const usedPorts = new Set([...activeTunnels.values()].map(t => t.localPort));
+  let port = BASE_LOCAL_PORT;
+  while (usedPorts.has(port)) port++;
+  return port;
+}
+
+/**
+ * Connect to a remote machine via SSH tunnel.
+ * @param {string} target - "user@host" or "host" (uses current user)
+ * @param {object} options - { name, port }
+ * @returns {Promise<object>} - { success, name, localPort, machineId, version } or { success: false, error }
+ */
+async function connect(target, options = {}) {
+  const remotePort = options.port || 3848;
+  const localPort = getNextLocalPort();
+
+  // Parse target
+  let sshTarget = target;
+  if (!target.includes('@')) {
+    sshTarget = `${os.userInfo().username}@${target}`;
+  }
+
+  const name = options.name || target.split('@').pop().split('.')[0]; // short hostname
+
+  // Check if already connected
+  if (activeTunnels.has(name)) {
+    const existing = activeTunnels.get(name);
+    return { success: false, error: `Already connected to ${name} on port ${existing.localPort}` };
+  }
+
+  // Create SSH tunnel
+  const tunnel = spawn('ssh', [
+    '-N',                                           // No remote command
+    '-L', `${localPort}:localhost:${remotePort}`,   // Local port forwarding
+    '-o', 'ServerAliveInterval=30',                 // Keep alive
+    '-o', 'ServerAliveCountMax=3',                  // Disconnect after 3 missed keepalives
+    '-o', 'ExitOnForwardFailure=yes',               // Fail if port forwarding fails
+    '-o', 'ConnectTimeout=10',                      // Connection timeout
+    '-o', 'StrictHostKeyChecking=accept-new',       // Auto-accept new host keys
+    sshTarget
+  ], {
+    stdio: ['ignore', 'pipe', 'pipe'],
+    detached: false
+  });
+
+  // Wait for tunnel to establish or fail
+  const result = await new Promise((resolve) => {
+    let stderr = '';
+    const timeout = setTimeout(() => {
+      // If process is still running after 5s, tunnel is up
+      if (!tunnel.killed && tunnel.exitCode === null) {
+        resolve({ success: true });
+      } else {
+        resolve({ success: false, error: stderr || 'Connection timeout' });
+      }
+    }, 5000);
+
+    tunnel.stderr.on('data', (data) => { stderr += data.toString(); });
+    tunnel.on('exit', (code) => {
+      clearTimeout(timeout);
+      if (code !== 0) {
+        resolve({ success: false, error: stderr || `SSH exited with code ${code}` });
+      }
+    });
+    tunnel.on('error', (err) => {
+      clearTimeout(timeout);
+      resolve({ success: false, error: err.message });
+    });
+  });
+
+  if (!result.success) {
+    tunnel.kill();
+    return result;
+  }
+
+  // Verify remote daemon is accessible through tunnel
+  try {
+    const res = await fetch(`http://127.0.0.1:${localPort}/api/meta`, {
+      signal: AbortSignal.timeout(3000)
+    });
+    if (!res.ok) throw new Error('Daemon not responding');
+    const meta = await res.json();
+
+    const peerInfo = {
+      process: tunnel,
+      localPort,
+      target: sshTarget,
+      name,
+      machineId: meta.machine_id || name,
+      version: meta.version || 'unknown',
+      connectedAt: new Date().toISOString()
+    };
+
+    activeTunnels.set(name, peerInfo);
+
+    // Persist peer for reconnection
+    const peers = loadPeers();
+    peers.peers[name] = {
+      target: sshTarget,
+      remotePort,
+      lastConnected: peerInfo.connectedAt,
+      machineId: peerInfo.machineId
+    };
+    savePeers(peers);
+
+    // Monitor tunnel health
+    tunnel.on('exit', () => {
+      console.log(`[PEER] SSH tunnel to ${name} disconnected`);
+      activeTunnels.delete(name);
+    });
+
+    return {
+      success: true,
+      name,
+      localPort,
+      machineId: peerInfo.machineId,
+      version: peerInfo.version
+    };
+  } catch (err) {
+    tunnel.kill();
+    return { success: false, error: `Remote daemon not accessible: ${err.message}` };
+  }
+}
+
+function disconnect(name) {
+  const tunnel = activeTunnels.get(name);
+  if (!tunnel) {
+    return { success: false, error: `Not connected to ${name}` };
+  }
+  tunnel.process.kill();
+  activeTunnels.delete(name);
+  return { success: true, name };
+}
+
+function disconnectAll() {
+  const names = [...activeTunnels.keys()];
+  names.forEach(name => disconnect(name));
+  return { disconnected: names };
+}
+
+function listActivePeers() {
+  return [...activeTunnels.entries()].map(([name, info]) => ({
+    name,
+    target: info.target,
+    localPort: info.localPort,
+    machineId: info.machineId,
+    connectedAt: info.connectedAt,
+    host: `127.0.0.1:${info.localPort}`
+  }));
+}
+
+function listKnownPeers() {
+  return loadPeers().peers;
+}
+
+/**
+ * Get all connected peer hosts for discovery.
+ * @returns {string[]} Array of "127.0.0.1:PORT" strings
+ */
+function getConnectedHosts() {
+  return [...activeTunnels.values()].map(t => `127.0.0.1:${t.localPort}`);
+}
+
+/**
+ * Get connected host for a specific peer.
+ * @param {string} name - Peer name
+ * @returns {string|null} "127.0.0.1:PORT" or null
+ */
+function getPeerHost(name) {
+  const tunnel = activeTunnels.get(name);
+  return tunnel ? `127.0.0.1:${tunnel.localPort}` : null;
+}
+
+function removePeer(name) {
+  disconnect(name); // disconnect if active
+  const peers = loadPeers();
+  delete peers.peers[name];
+  savePeers(peers);
+  return { success: true };
+}
+
+module.exports = {
+  connect,
+  disconnect,
+  disconnectAll,
+  listActivePeers,
+  listKnownPeers,
+  getConnectedHosts,
+  getPeerHost,
+  removePeer,
+  loadPeers,
+  PEERS_PATH
+};

package/daemon.js

@@ -19,7 +19,7 @@ function persistSessions() {
   try {
     const data = {};
     for (const [id, s] of Object.entries(sessions)) {
-      data[id] = { id, type: s.type, command: s.command, cwd: s.cwd, createdAt: s.createdAt, lastActivityAt: s.lastActivityAt || null };
+      data[id] = { id, type: s.type, command: s.command, cwd: s.cwd, backend: s.backend || null, cmuxWorkspaceId: s.cmuxWorkspaceId || null, createdAt: s.createdAt, lastActivityAt: s.lastActivityAt || null };
     }
     fs.mkdirSync(require('path').dirname(SESSION_PERSIST_PATH), { recursive: true });
     fs.writeFileSync(SESSION_PERSIST_PATH, JSON.stringify(data, null, 2));
@@ -91,14 +91,12 @@ function verifyJwt(token) {
 function isAllowedPeer(ip) {
   if (!ip) return false;
   const cleanIp = ip.replace('::ffff:', '');
-  // Localhost always allowed
+  // Localhost always allowed (includes SSH tunnel traffic)
   if (cleanIp === '127.0.0.1' || ip === '::1') return true;
-  // Tailscale range (100.x.y.z)
-  if (cleanIp.startsWith('100.')) return true;
   // Peer allowlist
   if (PEER_ALLOWLIST.length > 0) return PEER_ALLOWLIST.includes(cleanIp);
   // No allowlist = allow all authenticated
-  return false;
+  return true;
 }
 
 // Authentication Middleware
@@ -106,7 +104,7 @@ app.use((req, res, next) => {
   const clientIp = req.ip;
 
   if (isAllowedPeer(clientIp)) {
-    return next(); // Trust local, Tailscale, and allowlisted peers
+    return next(); // Trust local and allowlisted peers (SSH tunnels arrive as localhost)
   }
 
   const token = req.headers['x-telepty-token'] || req.query.token;
@@ -306,7 +304,7 @@ app.post('/api/sessions/spawn', (req, res) => {
 });
 
 app.post('/api/sessions/register', (req, res) => {
-  const { session_id, command, cwd = process.cwd() } = req.body;
+  const { session_id, command, cwd = process.cwd(), backend, cmux_workspace_id } = req.body;
   if (!session_id) return res.status(400).json({ error: 'session_id is required' });
   // Entitlement: check session limit for new registrations
   if (!sessions[session_id]) {
@@ -322,6 +320,8 @@ app.post('/api/sessions/register', (req, res) => {
     const existing = sessions[session_id];
     if (command) existing.command = command;
     if (cwd) existing.cwd = cwd;
+    if (backend) existing.backend = backend;
+    if (cmux_workspace_id) existing.cmuxWorkspaceId = cmux_workspace_id;
     console.log(`[REGISTER] Re-registered session ${session_id} (updated metadata)`);
     return res.status(200).json({ session_id, type: 'wrapped', command: existing.command, cwd: existing.cwd, reregistered: true });
   }
@@ -333,6 +333,8 @@ app.post('/api/sessions/register', (req, res) => {
     ownerWs: null,
     command: command || 'wrapped',
     cwd,
+    backend: backend || 'kitty',
+    cmuxWorkspaceId: cmux_workspace_id || null,
     createdAt: new Date().toISOString(),
     lastActivityAt: new Date().toISOString(),
     clients: new Set(),
@@ -389,6 +391,8 @@ app.get('/api/sessions', (req, res) => {
       type: session.type || 'spawned',
       command: session.command,
       cwd: session.cwd,
+      backend: session.backend || 'kitty',
+      cmuxWorkspaceId: session.cmuxWorkspaceId || null,
       createdAt: session.createdAt,
       lastActivityAt: session.lastActivityAt || null,
       idleSeconds,
@@ -432,10 +436,23 @@ app.get('/api/meta', (req, res) => {
     host: HOST,
     port: Number(PORT),
     machine_id: MACHINE_ID,
-    capabilities: ['sessions', 'wrapped-sessions', 'skill-installer', 'singleton-daemon', 'handoff-inbox', 'deliberation-threads']
+    capabilities: ['sessions', 'wrapped-sessions', 'skill-installer', 'singleton-daemon', 'handoff-inbox', 'deliberation-threads', 'cross-machine']
   });
 });
 
+// Peer management endpoint (for cross-machine module)
+app.get('/api/peers', (req, res) => {
+  try {
+    const crossMachine = require('./cross-machine');
+    res.json({
+      active: crossMachine.listActivePeers(),
+      known: crossMachine.listKnownPeers()
+    });
+  } catch {
+    res.json({ active: [], known: {} });
+  }
+});
+
 app.post('/api/sessions/multicast/inject', (req, res) => {
   const { session_ids, prompt } = req.body;
   if (!prompt) return res.status(400).json({ error: 'prompt is required' });
@@ -452,11 +469,13 @@ app.post('/api/sessions/multicast/inject', (req, res) => {
           if (session.ownerWs && session.ownerWs.readyState === 1) {
             session.ownerWs.send(JSON.stringify({ type: 'inject', data: prompt }));
             setTimeout(() => {
-              if (session.ownerWs && session.ownerWs.readyState === 1) {
+              if (session.backend === 'cmux' && session.cmuxWorkspaceId) {
+                submitViaCmux(id);
+              } else if (session.ownerWs && session.ownerWs.readyState === 1) {
                 session.ownerWs.send(JSON.stringify({ type: 'inject', data: '\r' }));
               }
             }, 300);
-            results.successful.push({ id, strategy: 'split_cr' });
+            results.successful.push({ id, strategy: session.backend === 'cmux' ? 'cmux_split_cr' : 'split_cr' });
           } else {
             results.failed.push({ id, error: 'Wrap process not connected' });
           }
@@ -502,11 +521,13 @@ app.post('/api/sessions/broadcast/inject', (req, res) => {
         if (session.ownerWs && session.ownerWs.readyState === 1) {
           session.ownerWs.send(JSON.stringify({ type: 'inject', data: prompt }));
           setTimeout(() => {
-            if (session.ownerWs && session.ownerWs.readyState === 1) {
+            if (session.backend === 'cmux' && session.cmuxWorkspaceId) {
+              submitViaCmux(id);
+            } else if (session.ownerWs && session.ownerWs.readyState === 1) {
               session.ownerWs.send(JSON.stringify({ type: 'inject', data: '\r' }));
             }
           }, 300);
-          results.successful.push({ id, strategy: 'split_cr' });
+          results.successful.push({ id, strategy: session.backend === 'cmux' ? 'cmux_split_cr' : 'split_cr' });
         } else {
           results.failed.push({ id, error: 'Wrap process not connected' });
         }
@@ -680,6 +701,22 @@ function submitViaOsascript(sessionId, keyCombo) {
   }
 }
 
+function submitViaCmux(sessionId) {
+  const { execSync } = require('child_process');
+  const session = sessions[sessionId];
+  if (!session || !session.cmuxWorkspaceId) return false;
+  try {
+    execSync(`cmux send-key --workspace ${session.cmuxWorkspaceId} return`, {
+      timeout: 5000, stdio: ['pipe', 'pipe', 'pipe']
+    });
+    console.log(`[SUBMIT] cmux send-key return for ${sessionId} (workspace ${session.cmuxWorkspaceId})`);
+    return true;
+  } catch (err) {
+    console.error(`[SUBMIT] cmux send-key failed for ${sessionId}:`, err.message);
+    return false;
+  }
+}
+
 // POST /api/sessions/:id/submit — CLI-aware submit
 app.post('/api/sessions/:id/submit', (req, res) => {
   const requestedId = req.params.id;
@@ -692,12 +729,18 @@ app.post('/api/sessions/:id/submit', (req, res) => {
   console.log(`[SUBMIT] Session ${id} (${session.command}) using strategy: ${strategy}`);
 
   let success = false;
-  if (strategy === 'pty_cr') {
-    success = submitViaPty(session);
-  } else if (strategy === 'osascript_cmd_enter') {
-    success = submitViaOsascript(id, 'cmd_enter');
-  } else {
-    success = submitViaPty(session); // fallback
+  // cmux backend takes priority
+  if (session.backend === 'cmux' && session.cmuxWorkspaceId) {
+    success = submitViaCmux(id);
+  }
+  if (!success) {
+    if (strategy === 'pty_cr') {
+      success = submitViaPty(session);
+    } else if (strategy === 'osascript_cmd_enter') {
+      success = submitViaOsascript(id, 'cmd_enter');
+    } else {
+      success = submitViaPty(session); // fallback
+    }
   }
 
   if (success) {
@@ -725,10 +768,16 @@ app.post('/api/sessions/submit-all', (req, res) => {
     const strategy = getSubmitStrategy(session.command);
     let success = false;
 
-    if (strategy === 'pty_cr') {
-      success = submitViaPty(session);
-    } else if (strategy === 'osascript_cmd_enter') {
-      success = submitViaOsascript(id, 'cmd_enter');
+    // cmux backend takes priority
+    if (session.backend === 'cmux' && session.cmuxWorkspaceId) {
+      success = submitViaCmux(id);
+    }
+    if (!success) {
+      if (strategy === 'pty_cr') {
+        success = submitViaPty(session);
+      } else if (strategy === 'osascript_cmd_enter') {
+        success = submitViaOsascript(id, 'cmd_enter');
+      }
     }
 
     if (success) {
@@ -818,14 +867,24 @@ app.post('/api/sessions/:id/inject', (req, res) => {
 
       if (!no_enter) {
         setTimeout(() => {
-          // Primary: osascript keystroke (reliable across all CLIs)
-          const submitStrategy = getSubmitStrategy(session.command);
-          const keyCombo = submitStrategy === 'osascript_cmd_enter' ? 'cmd_enter' : 'return_key';
-          const osascriptOk = submitViaOsascript(id, keyCombo);
-
-          if (!osascriptOk) {
-            // Fallback: kitty send-text → WS
-            console.log(`[INJECT] osascript submit failed for ${id}, trying fallback`);
+          let submitted = false;
+
+          // 1. cmux backend: use cmux send-key
+          if (session.backend === 'cmux' && session.cmuxWorkspaceId) {
+            submitted = submitViaCmux(id);
+            if (submitted) console.log(`[INJECT] cmux submit for ${id}`);
+          }
+
+          // 2. kitty/default backend: osascript primary
+          if (!submitted) {
+            const submitStrategy = getSubmitStrategy(session.command);
+            const keyCombo = submitStrategy === 'osascript_cmd_enter' ? 'cmd_enter' : 'return_key';
+            submitted = submitViaOsascript(id, keyCombo);
+          }
+
+          // 3. Fallback: kitty send-text → WS
+          if (!submitted) {
+            console.log(`[INJECT] submit fallback for ${id}`);
             if (wid && sock) {
               try {
                 require('child_process').execSync(`kitty @ --to unix:${sock} send-text --match id:${wid} $'\\r'`, {
@@ -839,7 +898,7 @@ app.post('/api/sessions/:id/inject', (req, res) => {
             }
           }
 
-          // Update tab title regardless of submit method
+          // Update tab title (kitty-specific, safe to fail)
           if (wid && sock) {
             try {
               require('child_process').execSync(`kitty @ --to unix:${sock} set-tab-title --match id:${wid} '⚡ telepty :: ${id}'`, {
@@ -848,7 +907,7 @@ app.post('/api/sessions/:id/inject', (req, res) => {
             } catch {}
           }
         }, 500);
-        submitResult = { deferred: true, strategy: 'osascript_with_fallback' };
+        submitResult = { deferred: true, strategy: session.backend === 'cmux' ? 'cmux_with_fallback' : 'osascript_with_fallback' };
       }
     } else {
       // Spawned sessions: direct PTY write
@@ -1023,6 +1082,14 @@ function busAutoRoute(msg) {
       delivered = true;
     } catch {}
   }
+  // cmux backend: use WS for text, cmux send-key for enter
+  if (!delivered && targetSession.backend === 'cmux' && targetSession.cmuxWorkspaceId) {
+    if (targetSession.type === 'wrapped' && targetSession.ownerWs && targetSession.ownerWs.readyState === 1) {
+      targetSession.ownerWs.send(JSON.stringify({ type: 'inject', data: prompt }));
+      setTimeout(() => submitViaCmux(targetId), 500);
+      delivered = true;
+    }
+  }
   if (!delivered) {
     if (targetSession.type === 'wrapped' && targetSession.ownerWs && targetSession.ownerWs.readyState === 1) {
       targetSession.ownerWs.send(JSON.stringify({ type: 'inject', data: prompt }));

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dmsdc-ai/aigentry-telepty",
-  "version": "0.1.66",
+  "version": "0.1.68",
   "main": "daemon.js",
   "bin": {
     "aigentry-telepty": "install.js",