npm - @geminixiang/mama - Versions diffs - 0.2.0-beta.0 → 0.2.0-beta.2 - Mend

@geminixiang/mama 0.2.0-beta.0 → 0.2.0-beta.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (147) hide show

package/README.md +94 -27
package/dist/adapter.d.ts +9 -5
package/dist/adapter.d.ts.map +1 -1
package/dist/adapter.js.map +1 -1
package/dist/adapters/discord/bot.d.ts.map +1 -1
package/dist/adapters/discord/bot.js +9 -6
package/dist/adapters/discord/bot.js.map +1 -1
package/dist/adapters/discord/context.d.ts.map +1 -1
package/dist/adapters/discord/context.js +16 -13
package/dist/adapters/discord/context.js.map +1 -1
package/dist/adapters/slack/bot.d.ts +10 -2
package/dist/adapters/slack/bot.d.ts.map +1 -1
package/dist/adapters/slack/bot.js +196 -32
package/dist/adapters/slack/bot.js.map +1 -1
package/dist/adapters/slack/context.d.ts.map +1 -1
package/dist/adapters/slack/context.js +24 -17
package/dist/adapters/slack/context.js.map +1 -1
package/dist/adapters/telegram/bot.d.ts +2 -0
package/dist/adapters/telegram/bot.d.ts.map +1 -1
package/dist/adapters/telegram/bot.js +109 -29
package/dist/adapters/telegram/bot.js.map +1 -1
package/dist/adapters/telegram/context.d.ts.map +1 -1
package/dist/adapters/telegram/context.js +8 -43
package/dist/adapters/telegram/context.js.map +1 -1
package/dist/adapters/telegram/html.d.ts +3 -0
package/dist/adapters/telegram/html.d.ts.map +1 -0
package/dist/adapters/telegram/html.js +98 -0
package/dist/adapters/telegram/html.js.map +1 -0
package/dist/agent.d.ts +4 -9
package/dist/agent.d.ts.map +1 -1
package/dist/agent.js +141 -92
package/dist/agent.js.map +1 -1
package/dist/bindings.d.ts +44 -0
package/dist/bindings.d.ts.map +1 -0
package/dist/bindings.js +74 -0
package/dist/bindings.js.map +1 -0
package/dist/config.d.ts +7 -0
package/dist/config.d.ts.map +1 -1
package/dist/config.js +53 -12
package/dist/config.js.map +1 -1
package/dist/context.d.ts +7 -7
package/dist/context.d.ts.map +1 -1
package/dist/context.js +9 -9
package/dist/context.js.map +1 -1
package/dist/events.d.ts +14 -5
package/dist/events.d.ts.map +1 -1
package/dist/events.js +45 -10
package/dist/events.js.map +1 -1
package/dist/execution-resolver.d.ts +20 -0
package/dist/execution-resolver.d.ts.map +1 -0
package/dist/execution-resolver.js +49 -0
package/dist/execution-resolver.js.map +1 -0
package/dist/instrument.d.ts.map +1 -1
package/dist/instrument.js +2 -1
package/dist/instrument.js.map +1 -1
package/dist/link-server.d.ts +17 -0
package/dist/link-server.d.ts.map +1 -0
package/dist/link-server.js +899 -0
package/dist/link-server.js.map +1 -0
package/dist/link-token.d.ts +32 -0
package/dist/link-token.d.ts.map +1 -0
package/dist/link-token.js +68 -0
package/dist/link-token.js.map +1 -0
package/dist/log.d.ts +2 -2
package/dist/log.d.ts.map +1 -1
package/dist/log.js +7 -7
package/dist/log.js.map +1 -1
package/dist/login.d.ts +29 -0
package/dist/login.d.ts.map +1 -0
package/dist/login.js +164 -0
package/dist/login.js.map +1 -0
package/dist/main.d.ts.map +1 -1
package/dist/main.js +226 -55
package/dist/main.js.map +1 -1
package/dist/provisioner.d.ts +52 -0
package/dist/provisioner.d.ts.map +1 -0
package/dist/provisioner.js +291 -0
package/dist/provisioner.js.map +1 -0
package/dist/sandbox/container.d.ts +15 -0
package/dist/sandbox/container.d.ts.map +1 -0
package/dist/sandbox/container.js +122 -0
package/dist/sandbox/container.js.map +1 -0
package/dist/sandbox/errors.d.ts +6 -0
package/dist/sandbox/errors.d.ts.map +1 -0
package/dist/sandbox/errors.js +11 -0
package/dist/sandbox/errors.js.map +1 -0
package/dist/sandbox/firecracker.d.ts +16 -0
package/dist/sandbox/firecracker.d.ts.map +1 -0
package/dist/sandbox/firecracker.js +206 -0
package/dist/sandbox/firecracker.js.map +1 -0
package/dist/sandbox/host.d.ts +10 -0
package/dist/sandbox/host.d.ts.map +1 -0
package/dist/sandbox/host.js +85 -0
package/dist/sandbox/host.js.map +1 -0
package/dist/sandbox/image.d.ts +5 -0
package/dist/sandbox/image.d.ts.map +1 -0
package/dist/sandbox/image.js +30 -0
package/dist/sandbox/image.js.map +1 -0
package/dist/sandbox/index.d.ts +20 -0
package/dist/sandbox/index.d.ts.map +1 -0
package/dist/sandbox/index.js +51 -0
package/dist/sandbox/index.js.map +1 -0
package/dist/sandbox/types.d.ts +51 -0
package/dist/sandbox/types.d.ts.map +1 -0
package/dist/sandbox/types.js +2 -0
package/dist/sandbox/types.js.map +1 -0
package/dist/sandbox/utils.d.ts +4 -0
package/dist/sandbox/utils.d.ts.map +1 -0
package/dist/sandbox/utils.js +51 -0
package/dist/sandbox/utils.js.map +1 -0
package/dist/sandbox.d.ts +1 -39
package/dist/sandbox.d.ts.map +1 -1
package/dist/sandbox.js +1 -286
package/dist/sandbox.js.map +1 -1
package/dist/sentry.d.ts +1 -1
package/dist/sentry.d.ts.map +1 -1
package/dist/sentry.js +4 -2
package/dist/sentry.js.map +1 -1
package/dist/session-store.d.ts +2 -6
package/dist/session-store.d.ts.map +1 -1
package/dist/session-store.js +3 -10
package/dist/session-store.js.map +1 -1
package/dist/store.d.ts +1 -1
package/dist/store.d.ts.map +1 -1
package/dist/store.js +8 -8
package/dist/store.js.map +1 -1
package/dist/tools/event.d.ts +22 -0
package/dist/tools/event.d.ts.map +1 -0
package/dist/tools/event.js +104 -0
package/dist/tools/event.js.map +1 -0
package/dist/tools/index.d.ts +7 -1
package/dist/tools/index.d.ts.map +1 -1
package/dist/tools/index.js +5 -1
package/dist/tools/index.js.map +1 -1
package/dist/ui-copy.d.ts +12 -0
package/dist/ui-copy.d.ts.map +1 -0
package/dist/ui-copy.js +36 -0
package/dist/ui-copy.js.map +1 -0
package/dist/vault-routing.d.ts +9 -0
package/dist/vault-routing.d.ts.map +1 -0
package/dist/vault-routing.js +52 -0
package/dist/vault-routing.js.map +1 -0
package/dist/vault.d.ts +106 -0
package/dist/vault.d.ts.map +1 -0
package/dist/vault.js +389 -0
package/dist/vault.js.map +1 -0
package/package.json +12 -11

package/dist/main.js CHANGED Viewed

@@ -1,20 +1,29 @@
 #!/usr/bin/env node
 import "./instrument.js";
 import { join, resolve } from "path";
-import { readFileSync } from "fs";
+import { mkdirSync, readFileSync, statSync } from "fs";
+import { homedir } from "os";
 import { fileURLToPath } from "url";
 import { dirname, join as pathJoin } from "path";
 import { DiscordBot } from "./adapters/discord/index.js";
 import { TelegramBot } from "./adapters/telegram/index.js";
 import { SlackBot as SlackBotClass } from "./adapters/slack/index.js";
 import { createRunner } from "./agent.js";
-import { createManagedSessionFile, createManagedSessionFileAtPath, getSessionDir, getThreadSessionFile, } from "./session-store.js";
+import { createManagedSessionFile, createManagedSessionFileAtPath, getChannelSessionDir, getThreadSessionFile, } from "./session-store.js";
 import { downloadChannel } from "./download.js";
 import { createEventsWatcher } from "./events.js";
 import * as log from "./log.js";
-import { parseSandboxArg, validateSandbox } from "./sandbox.js";
+import { FileUserBindingStore } from "./bindings.js";
+import { startLinkServer } from "./link-server.js";
+import { parseLoginCommand } from "./login.js";
+import { InMemoryLinkTokenStore } from "./link-token.js";
+import { DockerContainerManager } from "./provisioner.js";
+import { SandboxError, parseSandboxArg, validateSandbox } from "./sandbox.js";
+import { FileVaultManager } from "./vault.js";
+import { createManagedVaultEntry, ensureSandboxVaultEntry, resolveActorVaultKey, } from "./vault-routing.js";
 import { addLifecycleBreadcrumb, applyRunScope } from "./sentry.js";
 import { ChannelStore } from "./store.js";
+import { formatNothingRunning, formatStopped, formatStopping } from "./ui-copy.js";
 import * as Sentry from "@sentry/node";
 // ============================================================================
 // Config
@@ -43,10 +52,17 @@ const MOM_SLACK_APP_TOKEN = process.env.MOM_SLACK_APP_TOKEN;
 const MOM_SLACK_BOT_TOKEN = process.env.MOM_SLACK_BOT_TOKEN;
 const MOM_TELEGRAM_BOT_TOKEN = process.env.MOM_TELEGRAM_BOT_TOKEN;
 const MOM_DISCORD_BOT_TOKEN = process.env.MOM_DISCORD_BOT_TOKEN;
+const MOM_LINK_URL = process.env.MOM_LINK_URL;
+const MOM_LINK_PORT = process.env.MOM_LINK_PORT
+    ? parseInt(process.env.MOM_LINK_PORT, 10)
+    : MOM_LINK_URL
+        ? 8181
+        : undefined;
 function parseArgs() {
     const args = process.argv.slice(2);
     let sandbox = { type: "host" };
     let workingDir;
+    let stateDirArg;
     let downloadChannelId;
     let showVersion = false;
     for (let i = 0; i < args.length; i++) {
@@ -60,6 +76,12 @@ function parseArgs() {
         else if (arg === "--sandbox") {
             sandbox = parseSandboxArg(args[++i] || "");
         }
+        else if (arg.startsWith("--state-dir=")) {
+            stateDirArg = arg.slice("--state-dir=".length);
+        }
+        else if (arg === "--state-dir") {
+            stateDirArg = args[++i];
+        }
         else if (arg.startsWith("--download=")) {
             downloadChannelId = arg.slice("--download=".length);
         }
@@ -72,12 +94,60 @@ function parseArgs() {
     }
     return {
         workingDir: workingDir ? resolve(workingDir) : undefined,
+        stateDir: stateDirArg ? resolve(stateDirArg) : undefined,
         sandbox,
         downloadChannel: downloadChannelId,
         showVersion,
     };
 }
-const parsedArgs = parseArgs();
+const WORLD_WRITABLE_MODE = 0o002;
+function ensureSecureStateDir(path) {
+    let stat;
+    try {
+        stat = statSync(path);
+    }
+    catch (err) {
+        const code = err.code;
+        if (code === "ENOENT") {
+            mkdirSync(path, { recursive: true, mode: 0o700 });
+            return;
+        }
+        console.error(`Error: cannot access --state-dir ${path}: ${err.message}`);
+        process.exit(1);
+    }
+    if (!stat.isDirectory()) {
+        console.error(`Error: --state-dir ${path} exists but is not a directory`);
+        process.exit(1);
+    }
+    if (stat.mode & WORLD_WRITABLE_MODE) {
+        console.error(`Error: --state-dir ${path} is world-writable (mode ${(stat.mode & 0o777).toString(8)}). ` +
+            `Credentials stored there would be exposed to other local users. ` +
+            `Fix with: chmod 0700 ${path}`);
+        process.exit(1);
+    }
+    const euid = typeof process.geteuid === "function" ? process.geteuid() : undefined;
+    if (euid !== undefined && stat.uid !== euid) {
+        console.error(`Error: --state-dir ${path} is owned by uid ${stat.uid} but mama is running as uid ${euid}. ` +
+            `Run mama as the directory owner or point --state-dir at a directory you own.`);
+        process.exit(1);
+    }
+}
+function handleStartupError(error) {
+    if (error instanceof SandboxError) {
+        for (const line of error.formatForCli()) {
+            console.error(line);
+        }
+        process.exit(1);
+    }
+    throw error;
+}
+let parsedArgs;
+try {
+    parsedArgs = parseArgs();
+}
+catch (error) {
+    handleStartupError(error);
+}
 // Handle --version
 if (parsedArgs.showVersion) {
     console.log(getVersion());
@@ -94,11 +164,14 @@ if (parsedArgs.downloadChannel) {
 }
 // Normal bot mode - require working dir
 if (!parsedArgs.workingDir) {
-    console.error("Usage: mama [--sandbox=host|docker:<name>|firecracker:<vm-id>:<host-path>] <working-directory>");
+    console.error("Usage: mama [--state-dir=<dir>] [--sandbox=host|container:<name>|image:<image>|firecracker:<vm-id>:<host-path>] <working-directory>");
     console.error("       mama --download <channel-id>");
     process.exit(1);
 }
 const { workingDir, sandbox } = { workingDir: parsedArgs.workingDir, sandbox: parsedArgs.sandbox };
+const stateDir = parsedArgs.stateDir ?? join(homedir(), ".mama");
+process.env.MAMA_STATE_DIR = stateDir;
+ensureSecureStateDir(stateDir);
 // Validate platform tokens
 const hasSlack = !!(MOM_SLACK_APP_TOKEN && MOM_SLACK_BOT_TOKEN);
 const hasTelegram = !!MOM_TELEGRAM_BOT_TOKEN;
@@ -110,8 +183,86 @@ if (!hasSlack && !hasTelegram && !hasDiscord) {
         "  Discord:  MOM_DISCORD_BOT_TOKEN");
     process.exit(1);
 }
-await validateSandbox(sandbox);
-const channelStates = new Map();
+try {
+    await validateSandbox(sandbox);
+}
+catch (error) {
+    handleStartupError(error);
+}
+const vaultManager = new FileVaultManager(stateDir);
+if (vaultManager.isEnabled()) {
+    console.log(sandbox.type === "container"
+        ? "  Vault system enabled. Container vault active."
+        : sandbox.type === "image" || sandbox.type === "firecracker"
+            ? "  Vault system enabled. Per-user credential routing active."
+            : "  Vault system enabled. Host mode will not inject vault env.");
+}
+const bindingStore = new FileUserBindingStore(stateDir);
+if (bindingStore.isEnabled()) {
+    console.log(sandbox.type === "container"
+        ? "  Binding store enabled. Container mode uses the container vault."
+        : sandbox.type === "image" || sandbox.type === "firecracker"
+            ? "  Binding store enabled. Platform user → vault routing active."
+            : "  Binding store enabled. Host mode will not inject vault env.");
+}
+const provisioner = sandbox.type === "image" ? new DockerContainerManager(sandbox.image, workingDir) : undefined;
+const linkTokenStore = new InMemoryLinkTokenStore();
+setInterval(() => linkTokenStore.purge(), 5 * 60 * 1000).unref();
+function normalizeLoginBaseUrl() {
+    if (MOM_LINK_URL) {
+        return MOM_LINK_URL.replace(/\/+$/, "");
+    }
+    if (MOM_LINK_PORT) {
+        return `http://localhost:${MOM_LINK_PORT}`;
+    }
+    return undefined;
+}
+function isPrivateConversation(event) {
+    return (event.conversationKind === "direct" ||
+        event.type === "dm" ||
+        event.sessionKey === event.conversationId);
+}
+function ensureLoginVault(platform, platformUserId) {
+    const vaultId = resolveActorVaultKey(sandbox, vaultManager, bindingStore, platform, platformUserId);
+    ensureSandboxVaultEntry(sandbox, vaultManager, platform, platformUserId, vaultId);
+    if (sandbox.type !== "container" && sandbox.type !== "image") {
+        vaultManager.addEntry(vaultId, createManagedVaultEntry(platform, platformUserId, vaultId));
+    }
+    return vaultId;
+}
+async function replyWithContext(responseCtx, text) {
+    await responseCtx.setTyping(false);
+    await responseCtx.setWorking(false);
+    await responseCtx.respond(text);
+}
+async function handleLoginCommand(platform, platformUserId, conversationId, responseCtx, commandText, privateConversation) {
+    const parsed = parseLoginCommand(commandText);
+    if (!parsed)
+        return false;
+    if (!privateConversation) {
+        await replyWithContext(responseCtx, "為了保護你的憑證，`/login` 只能在與機器人的私訊中使用。請先私訊機器人，再重新執行 `/login`。");
+        return true;
+    }
+    const baseUrl = normalizeLoginBaseUrl();
+    if (!baseUrl) {
+        await replyWithContext(responseCtx, "Login is not configured. Set `MOM_LINK_URL` or `MOM_LINK_PORT` on the server.");
+        return true;
+    }
+    let vaultId;
+    try {
+        vaultId = ensureLoginVault(platform, platformUserId);
+    }
+    catch (error) {
+        log.logWarning(`[${conversationId}] Failed to prepare login vault for ${platform}/${platformUserId}`, error instanceof Error ? error.message : String(error));
+        await replyWithContext(responseCtx, "Login setup failed on the server. 請稍後重試，或聯絡管理員檢查 vault 儲存權限。");
+        return true;
+    }
+    const token = linkTokenStore.create(platform, platformUserId, conversationId, vaultId, "");
+    const vaultLabel = sandbox.type === "container" ? `container vault (${vaultId})` : "your vault";
+    await replyWithContext(responseCtx, `Open this link to store credentials in ${vaultLabel} (expires in 15 minutes):\n${baseUrl}/link?token=${token.token}`);
+    return true;
+}
+const conversationStates = new Map();
 /** Track in-flight runs for graceful shutdown */
 const inFlightRuns = new Set();
 /** Flag to stop accepting new events during shutdown */
@@ -120,18 +271,25 @@ let isShuttingDown = false;
 const MAX_SESSIONS = 500;
 /** Idle timeout before a non-running session can be evicted (1 hour) */
 const IDLE_TIMEOUT_MS = 3600000;
-async function getState(channelId, sessionKey) {
-    const key = sessionKey ?? channelId;
-    let state = channelStates.get(key);
+/** Idle timeout for managed image containers (10 minutes) */
+const IMAGE_IDLE_TIMEOUT_MS = 10 * 60 * 1000;
+if (provisioner) {
+    await provisioner.reconcile();
+    await provisioner.stopIdle(IMAGE_IDLE_TIMEOUT_MS);
+    setInterval(() => provisioner.stopIdle(IMAGE_IDLE_TIMEOUT_MS), IMAGE_IDLE_TIMEOUT_MS).unref();
+}
+async function getState(conversationId, sessionKey) {
+    const key = sessionKey ?? conversationId;
+    let state = conversationStates.get(key);
     if (!state) {
-        const channelDir = join(workingDir, channelId);
+        const conversationDir = join(workingDir, conversationId);
         state = {
             running: false,
-            runner: await createRunner(sandbox, key, channelId, channelDir, workingDir),
+            runner: await createRunner(sandbox, key, conversationId, conversationDir, workingDir, vaultManager, bindingStore, provisioner),
             stopRequested: false,
             lastAccessedAt: Date.now(),
         };
-        channelStates.set(key, state);
+        conversationStates.set(key, state);
     }
     else {
         state.lastAccessedAt = Date.now();
@@ -139,27 +297,27 @@ async function getState(channelId, sessionKey) {
     return state;
 }
 /**
- * Evict idle sessions from channelStates to bound memory usage.
+ * Evict idle sessions from conversationStates to bound memory usage.
  * Called after each handleEvent completes.
  */
 function evictIdleSessions() {
     const now = Date.now();
-    for (const [key, state] of channelStates) {
+    for (const [key, state] of conversationStates) {
         if (!state.running && now - state.lastAccessedAt > IDLE_TIMEOUT_MS) {
-            channelStates.delete(key);
+            conversationStates.delete(key);
         }
     }
-    if (channelStates.size > MAX_SESSIONS) {
+    if (conversationStates.size > MAX_SESSIONS) {
         const idleSessions = [];
-        for (const [key, state] of channelStates) {
+        for (const [key, state] of conversationStates) {
             if (!state.running) {
                 idleSessions.push({ key, lastAccessedAt: state.lastAccessedAt });
             }
         }
         idleSessions.sort((a, b) => a.lastAccessedAt - b.lastAccessedAt);
-        const toEvict = channelStates.size - MAX_SESSIONS;
+        const toEvict = conversationStates.size - MAX_SESSIONS;
         for (let i = 0; i < toEvict && i < idleSessions.length; i++) {
-            channelStates.delete(idleSessions[i].key);
+            conversationStates.delete(idleSessions[i].key);
         }
     }
 }
@@ -168,12 +326,12 @@ function evictIdleSessions() {
 // ============================================================================
 const handler = {
     isRunning(sessionKey) {
-        const state = channelStates.get(sessionKey);
+        const state = conversationStates.get(sessionKey);
         return !!state?.running;
     },
     getRunningSessions() {
         const sessions = [];
-        for (const [sessionKey, state] of channelStates) {
+        for (const [sessionKey, state] of conversationStates) {
             if (state.running && state.startedAt) {
                 // Get current step from runner
                 const currentStep = state.runner.getCurrentStep();
@@ -187,20 +345,20 @@ const handler = {
         }
         return sessions;
     },
-    async handleStop(sessionKey, channelId, bot) {
-        const state = channelStates.get(sessionKey);
+    async handleStop(sessionKey, conversationId, bot) {
+        const state = conversationStates.get(sessionKey);
         if (state?.running) {
             state.stopRequested = true;
             state.runner.abort();
-            const ts = await bot.postMessage(channelId, "_Stopping..._");
+            const ts = await bot.postMessage(conversationId, formatStopping(bot));
             state.stopMessageTs = ts;
         }
         else {
-            await bot.postMessage(channelId, "_Nothing running_");
+            await bot.postMessage(conversationId, formatNothingRunning(bot));
         }
     },
     forceStop(sessionKey) {
-        const state = channelStates.get(sessionKey);
+        const state = conversationStates.get(sessionKey);
         if (state?.running) {
             log.logInfo(`[Force Stop] Force stopping session: ${sessionKey}`);
             state.stopRequested = true;
@@ -208,49 +366,53 @@ const handler = {
             state.running = false;
         }
     },
-    async handleNew(sessionKey, channelId, bot) {
-        const state = channelStates.get(sessionKey);
+    async handleNew(sessionKey, conversationId, bot) {
+        const state = conversationStates.get(sessionKey);
         if (state?.running) {
             state.stopRequested = true;
             state.runner.abort();
         }
-        // Channel sessions rotate via current pointer. Thread sessions reset in place.
-        const channelDir = join(workingDir, channelId);
+        // Conversation sessions rotate via current pointer. Thread sessions reset in place.
+        const conversationDir = join(workingDir, conversationId);
         if (sessionKey.includes(":")) {
-            createManagedSessionFileAtPath(getThreadSessionFile(channelDir, sessionKey), channelDir);
+            createManagedSessionFileAtPath(getThreadSessionFile(conversationDir, sessionKey), conversationDir);
         }
         else {
-            createManagedSessionFile(getSessionDir(channelDir, sessionKey), channelDir);
+            createManagedSessionFile(getChannelSessionDir(conversationDir), conversationDir);
         }
         // Remove from in-memory cache
-        channelStates.delete(sessionKey);
-        log.logInfo(`[${channelId}] Session reset: ${sessionKey}`);
-        await bot.postMessage(channelId, "Conversation reset. Send a new message to start fresh.");
+        conversationStates.delete(sessionKey);
+        log.logInfo(`[${conversationId}] Session reset: ${sessionKey}`);
+        await bot.postMessage(conversationId, "Conversation reset. Send a new message to start fresh.");
     },
     async handleEvent(event, bot, adapters, _isEvent) {
+        const conversationId = event.conversationId;
         // Don't accept new events during shutdown
         if (isShuttingDown) {
-            log.logInfo(`[${event.channel}] Rejected event during shutdown: ${event.text.substring(0, 50)}`);
+            log.logInfo(`[${conversationId}] Rejected event during shutdown: ${event.text.substring(0, 50)}`);
             return;
         }
-        const sessionKey = event.sessionKey ?? `${event.channel}:${event.thread_ts ?? event.ts}`;
-        const state = await getState(event.channel, sessionKey);
+        const sessionKey = event.sessionKey ?? `${conversationId}:${event.thread_ts ?? event.ts}`;
+        const handledLogin = await handleLoginCommand(adapters.platform.name, event.user, conversationId, adapters.responseCtx, event.text, isPrivateConversation(event));
+        if (handledLogin)
+            return;
+        const state = await getState(conversationId, sessionKey);
         // Start run
         state.running = true;
         state.stopRequested = false;
         state.startedAt = Date.now();
         state.lastActivityAt = Date.now();
-        log.logInfo(`[${event.channel}] Starting run: ${event.text.substring(0, 50)}`);
+        log.logInfo(`[${conversationId}] Starting run: ${event.text.substring(0, 50)}`);
         // Wrap in-flight run tracking
         Sentry.metrics.count("agent.run.started", 1, {
-            attributes: { channel: event.channel },
+            attributes: { channel: conversationId },
         });
         Sentry.metrics.gauge("agent.sessions.active", inFlightRuns.size + 1);
-        const runPromise = Sentry.startSpan({ name: "agent.run", op: "agent", attributes: { channelId: event.channel, sessionKey } }, async () => {
+        const runPromise = Sentry.startSpan({ name: "agent.run", op: "agent", attributes: { conversationId, sessionKey } }, async () => {
             return Sentry.withScope(async (scope) => {
                 const { message, responseCtx, platform } = adapters;
                 applyRunScope(scope, {
-                    channelId: event.channel,
+                    conversationId,
                     sessionKey,
                     messageId: message.id,
                     platform: platform.name,
@@ -260,7 +422,7 @@ const handler = {
                     isEvent: _isEvent,
                 });
                 addLifecycleBreadcrumb("agent.run.started", {
-                    channel_id: event.channel,
+                    channel_id: conversationId,
                     platform: platform.name,
                     has_attachments: (message.attachments?.length ?? 0) > 0,
                 });
@@ -273,37 +435,37 @@ const handler = {
                     Sentry.metrics.distribution("agent.run.duration", durationMs, {
                         unit: "millisecond",
                         attributes: {
-                            channel: event.channel,
+                            channel: conversationId,
                             platform: platform.name,
                             stop_reason: result.stopReason,
                         },
                     });
                     Sentry.metrics.count("agent.run.completed", 1, {
                         attributes: {
-                            channel: event.channel,
+                            channel: conversationId,
                             platform: platform.name,
                             stop_reason: result.stopReason,
                         },
                     });
                     addLifecycleBreadcrumb("agent.run.completed", {
-                        channel_id: event.channel,
+                        channel_id: conversationId,
                         platform: platform.name,
                         stop_reason: result.stopReason,
                         duration_ms: durationMs,
                     });
                     if (result.stopReason === "aborted" && state.stopRequested) {
                         if (state.stopMessageTs) {
-                            await bot.updateMessage(event.channel, state.stopMessageTs, "_Stopped_");
+                            await bot.updateMessage(conversationId, state.stopMessageTs, formatStopped(bot));
                             state.stopMessageTs = undefined;
                         }
                         else {
-                            await bot.postMessage(event.channel, "_Stopped_");
+                            await bot.postMessage(conversationId, formatStopped(bot));
                         }
                     }
                 }
                 catch (err) {
                     scope.setContext("agent_run_error", {
-                        channelId: event.channel,
+                        conversationId,
                         sessionKey,
                         platform: adapters.platform.name,
                         messageId: adapters.message.id,
@@ -311,9 +473,9 @@ const handler = {
                     });
                     Sentry.captureException(err);
                     Sentry.metrics.count("agent.run.errors", 1, {
-                        attributes: { channel: event.channel, platform: adapters.platform.name },
+                        attributes: { channel: conversationId, platform: adapters.platform.name },
                     });
-                    log.logWarning(`[${event.channel}] Run error`, err instanceof Error ? err.message : String(err));
+                    log.logWarning(`[${conversationId}] Run error`, err instanceof Error ? err.message : String(err));
                 }
                 finally {
                     state.running = false;
@@ -337,9 +499,11 @@ const handler = {
 // ============================================================================
 const sandboxDesc = sandbox.type === "host"
     ? "host"
-    : sandbox.type === "docker"
-        ? `docker:${sandbox.container}`
-        : `firecracker:${sandbox.vmId}`;
+    : sandbox.type === "container"
+        ? `container:${sandbox.container}`
+        : sandbox.type === "image"
+            ? `image:${sandbox.image}`
+            : `firecracker:${sandbox.vmId}`;
 log.logStartup(workingDir, sandboxDesc);
 // Create platform bots
 const bots = [];
@@ -374,6 +538,13 @@ if (hasDiscord) {
     botsByPlatform.discord = discordBot;
     log.logInfo("Platform: Discord");
 }
+if (MOM_LINK_PORT) {
+    startLinkServer(MOM_LINK_PORT, linkTokenStore, vaultManager, async (platform, conversationId, message) => {
+        const bot = botsByPlatform[platform];
+        if (bot)
+            await bot.postMessage(conversationId, message);
+    });
+}
 // Start events watcher with explicit platform routing
 const eventsWatcher = createEventsWatcher(workingDir, botsByPlatform);
 const slackBot = botsByPlatform.slack;