@gguf/claw 2026.2.9 → 2026.2.13

package/dist/{gateway-cli-v4kSPsLE.js → gateway-cli-DIIJ9Z0Y.js}

@@ -1,94 +1,97 @@
-import { $ as DEFAULT_CHAT_CHANNEL, A as getChildLogger, B as resolveConfigPath, C as setVerbose, D as colorize, F as CONFIG_PATH, L as STATE_DIR, M as getResolvedLoggerSettings, O as isRich, R as isNixMode, U as resolveGatewayLockDir, W as resolveGatewayPort, X as resolveStateDir, Z as CHANNEL_IDS, dt as expandHomePrefix, j as getLogger, k as theme, l as setConsoleSubsystemFilter, n as isTruthyEnvValue, o as createSubsystemLogger, p as defaultRuntime, r as logAcceptedEnvOption, s as runtimeForLogger, st as getActivePluginRegistry, u as setConsoleTimestampPrefix } from "./entry.js";
-import { Ct as DEFAULT_CONTEXT_TOKENS, D as isCliProvider, E as getModelRefStatus, F as resolveHooksGmailModel, L as resolveThinkingDefault, N as resolveConfiguredModelRef, P as resolveDefaultModelForAgent, Tt as DEFAULT_PROVIDER, j as resolveAllowedModelRef, pt as normalizeSecretInput, wt as DEFAULT_MODEL } from "./auth-profiles-FJ3VY25a.js";
-import { t as formatCliCommand } from "./command-format-ayFsmwwz.js";
+import { $ as CHANNEL_IDS, A as theme, G as resolveGatewayPort, I as CONFIG_PATH, M as getLogger, N as getResolvedLoggerSettings, O as colorize, R as STATE_DIR, V as resolveConfigPath, W as resolveGatewayLockDir, Z as resolveStateDir, j as getChildLogger, k as isRich, l as setConsoleSubsystemFilter, lt as getActivePluginRegistry, n as isTruthyEnvValue, o as createSubsystemLogger, p as defaultRuntime, pt as expandHomePrefix, r as logAcceptedEnvOption, s as runtimeForLogger, tt as DEFAULT_CHAT_CHANNEL, u as setConsoleTimestampPrefix, w as setVerbose, z as isNixMode } from "./entry.js";
+import { At as DEFAULT_MODEL, D as getModelRefStatus, F as resolveDefaultModelForAgent, I as resolveHooksGmailModel, M as resolveAllowedModelRef, O as isCliProvider, P as resolveConfiguredModelRef, R as resolveThinkingDefault, jt as DEFAULT_PROVIDER, kt as DEFAULT_CONTEXT_TOKENS, mt as normalizeSecretInput } from "./auth-profiles-Cp9MtUdM.js";
+import { t as formatCliCommand } from "./command-format-Bxe0mWee.js";
 import { _ as isCronRunSessionKey, d as resolveAgentIdFromSessionKey, i as buildAgentMainSessionKey, l as normalizeAgentId, m as toAgentRequestSessionKey, n as DEFAULT_AGENT_ID, t as DEFAULT_ACCOUNT_ID, u as normalizeMainKey, v as isSubagentSessionKey, y as parseAgentSessionKey } from "./session-key-DVvxnFKg.js";
-import { E as truncateUtf16Safe, S as shortenHomePath, n as clamp, s as ensureDir, t as CONFIG_DIR, u as isPlainObject, y as resolveUserPath } from "./utils-Dk86IbEs.js";
-import { a as logDebug, c as logWarn, n as runExec, t as runCommandWithTimeout } from "./exec-B8JKbXKW.js";
-import { t as resolveOpenClawPackageRoot } from "./openclaw-root-9ILYSmJ9.js";
-import { T as resolveWorkspaceTemplateDir, _ as DEFAULT_MEMORY_FILENAME, b as DEFAULT_USER_FILENAME, c as resolveDefaultAgentId, d as DEFAULT_AGENTS_FILENAME, g as DEFAULT_MEMORY_ALT_FILENAME, h as DEFAULT_IDENTITY_FILENAME, i as resolveAgentModelFallbacksOverride, l as resolveSessionAgentId, m as DEFAULT_HEARTBEAT_FILENAME, n as resolveAgentConfig, p as DEFAULT_BOOTSTRAP_FILENAME, r as resolveAgentDir, s as resolveAgentWorkspaceDir, t as listAgentIds, v as DEFAULT_SOUL_FILENAME, w as resolveDefaultAgentWorkspaceDir, x as ensureAgentWorkspace, y as DEFAULT_TOOLS_FILENAME } from "./agent-scope-D3me2AZa.js";
-import "./github-copilot-token-SLWintYd.js";
-import "./pi-model-discovery-DzEIEgHL.js";
-import { A as resolveAgentMaxConcurrent, E as applyLegacyMigrations, M as VERSION, a as parseConfigJson5, c as writeConfigFile, g as parseDurationMs, i as loadConfig, j as resolveSubagentMaxConcurrent, l as validateConfigObjectWithPlugins, n as migrateLegacyConfig, o as readConfigFileSnapshot, r as createConfigIO, s as resolveConfigSnapshotHash, u as OpenClawSchema } from "./config-fCnPoWjU.js";
-import { s as isTestDefaultMemorySlotDisabled } from "./manifest-registry-D5SiA3xq.js";
-import { n as movePathToTrash } from "./server-context-lyNcqJYD.js";
-import { n as pickPrimaryTailnetIPv6, t as pickPrimaryTailnetIPv4 } from "./tailnet-CL5GtL7t.js";
-import { c as resolveGatewayBindHost, i as isTrustedProxyAddress, l as resolveGatewayClientIp, n as isLoopbackAddress, r as isLoopbackHost, t as rawDataToString, u as resolveGatewayListenHosts } from "./ws-C0k_dhCP.js";
-import { c as ensurePortAvailable, d as formatPortDiagnostics, l as inspectPortUsage } from "./chrome-B2UjqY-9.js";
-import { a as isErrno, n as formatErrorMessage } from "./errors-x4NYs-1P.js";
-import { n as createBrowserControlContext, r as startBrowserControlServiceFromConfig } from "./control-service-Djd_WI3_.js";
-import { t as ensureOpenClawCliOnPath } from "./path-env-CXWUFfFv.js";
-import { i as enableTailscaleServe, n as disableTailscaleServe, o as getTailnetHostname, r as enableTailscaleFunnel, t as disableTailscaleFunnel } from "./tailscale-DU6DgqVy.js";
-import { i as resolveGatewayAuth, n as authorizeGatewayConnect, r as isLocalDirectRequest, t as assertGatewayAuthConfigured } from "./auth-BcNHFK-i.js";
-import { $ as validateNodePairRequestParams, A as validateCronStatusParams, At as parseSessionLabel, B as validateExecApprovalsNodeGetParams, C as validateConfigSetParams, Ct as validateWizardNextParams, D as validateCronRemoveParams, Dt as ErrorCodes, E as validateCronListParams, Et as PROTOCOL_VERSION, F as validateDeviceTokenRevokeParams, Ft as normalizeDevicePublicKeyBase64Url, G as validateNodeDescribeParams, H as validateExecApprovalsSetParams, I as validateDeviceTokenRotateParams, It as verifyDeviceSignature, J as validateNodeInvokeResultParams, K as validateNodeEventParams, L as validateExecApprovalRequestParams, M as validateDevicePairApproveParams, N as validateDevicePairListParams, Nt as deriveDeviceIdFromPublicKey, O as validateCronRunParams, Ot as errorShape, P as validateDevicePairRejectParams, Q as validateNodePairRejectParams, R as validateExecApprovalResolveParams, S as validateConfigSchemaParams, St as validateWizardCancelParams, T as validateCronAddParams, Tt as validateWizardStatusParams, U as validateLogsTailParams, V as validateExecApprovalsNodeSetParams, W as validateModelsListParams, X as validateNodePairApproveParams, Y as validateNodeListParams, Z as validateNodePairListParams, _ as validateChatInjectParams, _t as validateTalkModeParams, a as validateAgentWaitParams, at as validateSessionsCompactParams, b as validateConfigGetParams, bt as validateWebLoginStartParams, c as validateAgentsFilesGetParams, ct as validateSessionsPatchParams, d as validateAgentsListParams, dt as validateSessionsResolveParams, et as validateNodePairVerifyParams, f as validateAgentsUpdateParams, ft as validateSessionsUsageParams, g as validateChatHistoryParams, gt as validateSkillsUpdateParams, h as validateChatAbortParams, ht as validateSkillsStatusParams, i as validateAgentParams, it as validateSendParams, j as validateCronUpdateParams, jt as buildDeviceAuthPayload, k as validateCronRunsParams, l as validateAgentsFilesListParams, lt as validateSessionsPreviewParams, m as validateChannelsStatusParams, mt as validateSkillsInstallParams, n as formatValidationErrors, nt as validatePollParams, o as validateAgentsCreateParams, ot as validateSessionsDeleteParams, p as validateChannelsLogoutParams, pt as validateSkillsBinsParams, q as validateNodeInvokeParams, r as validateAgentIdentityParams, rt as validateRequestFrame, s as validateAgentsDeleteParams, st as validateSessionsListParams, tt as validateNodeRenameParams, u as validateAgentsFilesSetParams, ut as validateSessionsResetParams, v as validateChatSendParams, vt as validateUpdateRunParams, w as validateConnectParams, wt as validateWizardStartParams, x as validateConfigPatchParams, xt as validateWebLoginWaitParams, y as validateConfigApplyParams, yt as validateWakeParams, z as validateExecApprovalsGetParams } from "./client-DMloFP_O.js";
-import { n as callGateway, o as loadGatewayTlsRuntime$1 } from "./call-CD2IZCHT.js";
-import { f as GATEWAY_CLIENT_CAPS, g as hasGatewayClientCap, h as GATEWAY_CLIENT_NAMES, i as isGatewayMessageChannel, l as normalizeMessageChannel, m as GATEWAY_CLIENT_MODES, n as isDeliverableMessageChannel, p as GATEWAY_CLIENT_IDS, r as isGatewayCliClient, s as isWebchatClient, t as INTERNAL_MESSAGE_CHANNEL } from "./message-channel-BlgPSDAh.js";
-import { t as formatDocsLink } from "./links-7M-j83As.js";
-import { r as buildChannelUiCatalog, t as applyPluginAutoEnable } from "./plugin-auto-enable-BROgMZcf.js";
-import { n as listChannelPlugins, r as normalizeChannelId, t as getChannelPlugin } from "./plugins-B7F0Ly9G.js";
-import "./logging-CfEk_PnX.js";
-import "./accounts-DbzMEfKN.js";
-import { $ as setSkillsRemoteRegistry, $n as isSystemEventContextChanged, A as resolveHeartbeatVisibility, An as authorizeGatewaySigusr1Restart, Ar as formatUserTime, At as waitForEmbeddedPiRunEnd, B as createReplyDispatcher, Br as createInternalHookEvent, Bt as resolveAgentTimeoutMs, C as buildControlUiAvatarUrl, Cn as resolveOutboundTarget, Cr as DEFAULT_HEARTBEAT_ACK_MAX_CHARS, Ct as extractImageContentFromSource, Dr as stripHeartbeatToken, Dt as stopSubagentsForRequester, En as resetDirectoryCache, Et as isAbortTrigger, Fn as consumeRestartSentinel, Fr as getMemorySearchManager, Ft as buildSafeExternalPrompt, Gn as normalizeOptionalAgentId, Gt as registerAgentRunContext, H as getCliSessionId, Hn as normalizeCronJobCreate, Hr as triggerInternalHook, Ht as emitAgentEvent, In as formatDoctorNonInteractiveHint, Ir as resolveMemoryBackendConfig, It as detectSuspiciousPatterns, J as getRemoteSkillEligibility, Jn as normalizeRequiredName, K as normalizeSendPolicy, Kn as normalizeOptionalText, Kt as runSubagentAnnounceFlow, L as getChannelActivity, Ln as formatRestartSentinelMessage, Lr as resolveAgentIdentity, Lt as getHookType, M as getLastHeartbeatEvent, Mn as isGatewaySigusr1RestartExternallyAllowed, Mr as resolveUserTimezone, N as onHeartbeatEvent, Nn as scheduleGatewaySigusr1Restart, Nt as registerUnhandledRejectionHandler, O as createReplyPrefixOptions, On as runWithModelFallback, Ot as runEmbeddedPiAgent, Pn as setGatewaySigusr1RestartPolicy, Pt as createOpenClawTools, Q as refreshRemoteNodeBins, Qn as enqueueSystemEvent, Rt as isExternalHookSession, S as CONTROL_UI_AVATAR_PREFIX, Sr as isDiagnosticsEnabled, St as extractFileContentFromSource, T as resolveAssistantAvatarUrl, Tt as formatZonedTimestamp, U as setCliSessionId, Un as normalizeCronJobPatch, Ut as getAgentRunContext, Vn as writeRestartSentinel, Vr as registerInternalHook, Vt as clearAgentRunContext, W as runCliAgent, Wn as inferLegacyName, Wt as onAgentEvent, X as recordRemoteNodeInfo, Xt as applyModelOverrideToSessionEntry, Y as primeRemoteSkillsCache, Yn as migrateLegacyCronPayload, Yt as loadModelCatalog, Z as refreshRemoteBinsForConnectedNodes, Zt as loadProviderUsageSummary, _t as DEFAULT_INPUT_MAX_REDIRECTS, an as resolveGatewaySessionStoreTarget, ar as OPENAI_TTS_VOICES, at as updatePairedNodeMetadata, br as startDiagnosticHeartbeat, bt as DEFAULT_INPUT_PDF_MIN_TEXT_CHARS, cn as capArrayByJsonBytes, cr as isTtsProviderConfigured, ct as registerSkillsChangeListener, d as handleReset, dn as resolveSessionTranscriptCandidates, dr as resolveTtsConfig, dt as parseVerboseOverride, et as approveNodePairing, fn as stripEnvelopeFromMessages, fr as resolveTtsPrefsPath, ft as DEFAULT_INPUT_FILE_MAX_BYTES, gn as normalizeGroupActivation, gr as textToSpeech, gt as DEFAULT_INPUT_IMAGE_MIMES, hn as clearSessionQueues, hr as setTtsProvider, ht as DEFAULT_INPUT_IMAGE_MAX_BYTES, in as loadSessionEntry, ir as OPENAI_TTS_MODELS, it as requestNodePairing, jn as consumeGatewaySigusr1RestartAuthorization, jr as resolveUserTimeFormat, k as buildHistoryContextFromEntries, kr as normalizePollInput, kt as abortEmbeddedPiRun, ln as readSessionMessages, lr as resolveTtsApiKey, mn as lookupContextTokens, mr as setTtsEnabled, mt as DEFAULT_INPUT_FILE_MIMES, n as handleSlackHttpRequest, nn as listSessionsFromStore, nt as rejectNodePairing, on as resolveSessionModelRef, or as getTtsProvider, ot as verifyNodeToken, pr as resolveTtsProviderOrder, pt as DEFAULT_INPUT_FILE_MAX_CHARS, q as resolveSendPolicy, qn as normalizePayloadToSystemText, qt as resolveAnnounceTargetFromKey, rn as loadCombinedSessionStoreForGateway, rr as getPluginToolMeta, rt as renamePairedNode, sn as archiveFileOnDisk, sr as isTtsEnabled, st as getSkillsSnapshotVersion, t as loadOpenClawPlugins, tn as listAgentsForGateway, tr as requestHeartbeatNow, tt as listNodePairing, un as readSessionPreviewItemsFromTranscript, ur as resolveTtsAutoMode, ut as applyVerboseOverride, vn as ensureOutboundSessionEntry, vr as setCommandLaneConcurrency, vt as DEFAULT_INPUT_PDF_MAX_PAGES, w as normalizeControlUiBasePath, wn as resolveSessionDeliveryTarget, wt as normalizeMimeList, xr as stopDiagnosticHeartbeat, xt as DEFAULT_INPUT_TIMEOUT_MS, yn as resolveOutboundSessionRoute, yr as CommandLane, yt as DEFAULT_INPUT_PDF_MAX_PIXELS, z as dispatchInboundMessage, zn as summarizeRestartSentinel, zr as clearInternalHooks, zt as initSubagentRegistry } from "./loader-BnzQyT31.js";
-import { n as withProgress } from "./progress-Da1ehW-x.js";
-import "./prompt-style-Dc0C5HC9.js";
-import "./note-Ci08TSbV.js";
-import { t as WizardCancelledError } from "./prompts-CXLLIBwP.js";
-import { t as resolveChannelDefaultAccountId } from "./helpers-DdwqKAAS.js";
-import "./onboard-channels-CtDnwaF5.js";
-import "./archive-D0z3LZDK.js";
-import "./skill-scanner-C_fQzVDu.js";
-import "./installs-89zeUsVn.js";
-import "./manager-CMFBuvVd.js";
-import { a as resolveSessionTranscriptsDirForAgent, n as resolveSessionFilePath, o as resolveStorePath, r as resolveSessionTranscriptPath } from "./paths-IivnSNkP.js";
-import "./sqlite-DODNHWJb.js";
-import { m as detectMime, r as saveMediaBuffer } from "./routes-9ygR0GOk.js";
-import { B as normalizeThinkLevel, F as formatXHighModelHint, H as normalizeVerboseLevel, P as formatThinkingLevels, R as normalizeElevatedLevel, V as normalizeUsageDisplay, W as supportsXHighThinking, z as normalizeReasoningLevel } from "./pi-embedded-helpers-7AjuNiiJ.js";
-import { o as normalizeReplyPayloadsForDelivery, t as deliverOutboundPayloads } from "./deliver-CD7-BhYD.js";
-import { $ as stripPluginOnlyAllowlist, F as resolveExplicitAgentSessionKey, I as resolveMainSessionKey, J as collectExplicitAllowlist, L as resolveMainSessionKeyFromConfig, P as resolveAgentMainSessionKey, Q as resolveToolProfilePolicy, S as mergeDeliveryContext, Y as expandPolicyWithPluginGroups, Z as normalizeToolName, b as deliveryContextFromSession, d as loadSessionStore, g as updateSessionStore, q as buildPluginToolGroups, w as normalizeSessionDeliveryFields, z as snapshotSessionOrigin } from "./sandbox-CPZiaKcS.js";
-import "./tui-formatters-BDP_71Xt.js";
-import { i as getMachineDisplayName, r as createBrowserRouteDispatcher } from "./wsl-rfIr_Sde.js";
-import { d as hasBinary, i as loadWorkspaceSkillEntries, r as buildWorkspaceSkillSnapshot } from "./skills-Ccsv3IQq.js";
-import "./image-ORs4LLwg.js";
-import { c as normalizeExecApprovals, g as saveExecApprovals, l as readExecApprovalsSnapshot, m as resolveExecApprovalsSocketPath, r as ensureExecApprovals } from "./exec-approvals-C9InMoAB.js";
-import "./redact-BHmk44DI.js";
-import "./tool-display-DUVhO36P.js";
-import { t as parseAbsoluteTimeMs } from "./parse-Cjiudy6x.js";
-import { n as resolveMessageChannelSelection } from "./channel-selection-DAHCVAX4.js";
-import { i as loadSessionUsageTimeSeries, l as deriveSessionTotalTokens, n as loadCostUsageSummary, r as loadSessionCostSummary, t as discoverAllSessions, u as hasNonzeroUsage } from "./session-cost-usage-CcCEQNuc.js";
-import { n as formatTokenCount, r as formatUsd } from "./usage-format-6Uar63S0.js";
-import { c as resolveSubagentToolPolicy, i as filterToolsByPolicy, o as resolveEffectiveToolPolicy, s as resolveGroupToolPolicy } from "./commands-BWHYcc83.js";
-import "./pairing-store-CO6umWFP.js";
-import "./login-qr-KUOtNJaQ.js";
-import { n as runCommandWithRuntime } from "./cli-utils-PlLcDZlM.js";
-import "./pairing-labels-CHxlh3tT.js";
-import { t as buildChannelAccountSnapshot } from "./status-Drziap9H.js";
-import "./channels-status-issues-DFhI_u0p.js";
-import "./register.subclis-Cm-VJ5nP.js";
-import "./completion-cli-D_0fx2O6.js";
-import { n as createOutboundSendDeps, t as createDefaultDeps } from "./deps-BDQ_K8zf.js";
-import "./daemon-runtime-CMqH8BUE.js";
-import "./service-DDPRbf8a.js";
-import "./systemd-BEWwfwn0.js";
-import "./shared-BDk_zC9p.js";
-import { a as runDaemonStop, i as runDaemonStart, n as runDaemonStatus, o as runDaemonUninstall, r as runDaemonRestart, s as runDaemonInstall } from "./daemon-cli-Xe22v7lZ.js";
-import "./service-audit-CVy00Ze_.js";
-import "./table-cCoGqLsk.js";
-import { n as resolveWideAreaDiscoveryDomain, r as writeWideAreaGatewayZone } from "./widearea-dns-CMIG6-74.js";
-import { a as toOptionString, i as parsePort$1, n as extractGatewayMiskeys, r as maybeExplainGatewayServiceStop, t as describeUnknownError } from "./shared-CagUDdmp.js";
-import { i as probeGateway } from "./audit-BFYy1qSw.js";
-import { g as discoverGatewayBeacons, n as installSkill } from "./onboard-skills-BnAcpzfX.js";
-import { a as resolveControlUiRootOverrideSync, c as getHealthSnapshot, d as runHeartbeatOnce, f as setHeartbeatsEnabled, n as ensureControlUiAssetsBuilt, o as resolveControlUiRootSync, p as startHeartbeatRunner, s as formatHealthChannelLines } from "./health-format-DDYtlkB9.js";
-import { S as normalizeUpdateChannel, _ as resolveNpmChannelTag, h as compareSemverStrings, m as checkUpdateStatus, t as runGatewayUpdate, y as DEFAULT_PACKAGE_CHANNEL } from "./update-runner-BIttRDyV.js";
-import "./github-copilot-auth-CQIWc0hC.js";
-import "./logging-DuK6YXuK.js";
-import { i as shouldIncludeHook, n as loadWorkspaceHookEntries, r as resolveHookConfig } from "./hooks-status-DRAVHSPg.js";
-import { a as findAgentEntryIndex, c as pruneAgentConfig, f as runOnboardingWizard, n as getStatusSummary, o as listAgentEntries, r as applyAgentConfig, s as loadAgentIdentity, u as loadAgentIdentityFromWorkspace } from "./status-CBGgwlTW.js";
-import { t as buildWorkspaceSkillStatus } from "./skills-status-Cp2ZFhIx.js";
-import "./tui-B9zLJxf6.js";
-import { i as setGatewayWsLogStyle, n as logWs, r as summarizeAgentEventForWsLog, t as formatForLog } from "./ws-log-cMNgAyLy.js";
-import { T as resolveGmailHookRuntimeConfig, _ as buildGogWatchServeArgs, i as ensureTailscaleEndpoint, v as buildGogWatchStartArgs } from "./gmail-setup-utils-CVNgLkXL.js";
-import { a as createOutboundSendDeps$1, i as resolveAgentOutboundTarget, r as resolveAgentDeliveryPlan, t as agentCommand } from "./agent-whSJT2Lk.js";
-import "./node-service-u8g85nD3.js";
-import { n as forceFreePortAndWait } from "./ports-kYsTYQdA.js";
+import { E as truncateUtf16Safe, S as shortenHomePath, n as clamp, s as ensureDir, t as CONFIG_DIR, u as isPlainObject, y as resolveUserPath } from "./utils-BLJAc3ZV.js";
+import { a as logDebug, c as logWarn, n as runExec, t as runCommandWithTimeout } from "./exec-DqZFMawz.js";
+import { t as resolveOpenClawPackageRoot } from "./openclaw-root-BKsZvO6K.js";
+import { T as resolveWorkspaceTemplateDir, _ as DEFAULT_MEMORY_FILENAME, b as DEFAULT_USER_FILENAME, c as resolveDefaultAgentId, d as DEFAULT_AGENTS_FILENAME, g as DEFAULT_MEMORY_ALT_FILENAME, h as DEFAULT_IDENTITY_FILENAME, i as resolveAgentModelFallbacksOverride, l as resolveSessionAgentId, m as DEFAULT_HEARTBEAT_FILENAME, n as resolveAgentConfig, p as DEFAULT_BOOTSTRAP_FILENAME, r as resolveAgentDir, s as resolveAgentWorkspaceDir, t as listAgentIds, v as DEFAULT_SOUL_FILENAME, w as resolveDefaultAgentWorkspaceDir, x as ensureAgentWorkspace, y as DEFAULT_TOOLS_FILENAME } from "./agent-scope-Bkr9fZtl.js";
+import "./github-copilot-token-C9W4SY9o.js";
+import "./pi-model-discovery-EhM2JAQo.js";
+import { D as applyLegacyMigrations, E as applyMergePatch, M as resolveAgentMaxConcurrent, N as resolveSubagentMaxConcurrent, P as VERSION, a as parseConfigJson5, c as writeConfigFile, g as parseDurationMs, h as sensitive, i as loadConfig, l as validateConfigObjectWithPlugins, n as migrateLegacyConfig, o as readConfigFileSnapshot, r as createConfigIO, s as resolveConfigSnapshotHash, u as OpenClawSchema } from "./config-B8v0zg48.js";
+import { c as isTestDefaultMemorySlotDisabled } from "./manifest-registry-CVsqjgX0.js";
+import { n as movePathToTrash } from "./server-context-FwqBRH3K.js";
+import { n as pickPrimaryTailnetIPv6, t as pickPrimaryTailnetIPv4 } from "./tailnet-uoFvUSsw.js";
+import { a as isTrustedProxyAddress, d as resolveGatewayListenHosts, i as isPrivateOrLoopbackAddress, l as resolveGatewayBindHost, n as isLoopbackAddress, r as isLoopbackHost, t as rawDataToString, u as resolveGatewayClientIp } from "./ws-MC-rTJLe.js";
+import { c as ensurePortAvailable, d as formatPortDiagnostics, l as inspectPortUsage } from "./chrome--Fe8F5Kf.js";
+import { a as AUTH_RATE_LIMIT_SCOPE_DEVICE_TOKEN, c as safeEqualSecret, d as enableTailscaleFunnel, f as enableTailscaleServe, i as resolveGatewayAuth, l as disableTailscaleFunnel, m as getTailnetHostname, n as authorizeGatewayConnect, o as AUTH_RATE_LIMIT_SCOPE_SHARED_SECRET, r as isLocalDirectRequest, s as createAuthRateLimiter, t as assertGatewayAuthConfigured, u as disableTailscaleServe } from "./auth-CLhyWwAU.js";
+import "./control-auth-BlWU-jBl.js";
+import { a as isErrno, n as formatErrorMessage } from "./errors-Cojm0Kl7.js";
+import { n as createBrowserControlContext, r as startBrowserControlServiceFromConfig } from "./control-service-COF59GQe.js";
+import { t as ensureOpenClawCliOnPath } from "./path-env-OJAyUeWW.js";
+import { $ as validateNodePairRequestParams, A as validateCronStatusParams, B as validateExecApprovalsNodeGetParams, Bt as verifyDeviceSignature, C as validateConfigSetParams, Ct as validateWizardCancelParams, D as validateCronRemoveParams, Dt as PROTOCOL_VERSION, E as validateCronListParams, Et as validateWizardStatusParams, F as validateDeviceTokenRevokeParams, Ft as buildDeviceAuthPayload, G as validateNodeDescribeParams, H as validateExecApprovalsSetParams, I as validateDeviceTokenRotateParams, J as validateNodeInvokeResultParams, K as validateNodeEventParams, L as validateExecApprovalRequestParams, Lt as deriveDeviceIdFromPublicKey, M as validateDevicePairApproveParams, N as validateDevicePairListParams, O as validateCronRunParams, Ot as ErrorCodes, P as validateDevicePairRejectParams, Pt as normalizeInputProvenance, Q as validateNodePairRejectParams, R as validateExecApprovalResolveParams, S as validateConfigSchemaParams, St as validateWebLoginWaitParams, T as validateCronAddParams, Tt as validateWizardStartParams, U as validateLogsTailParams, V as validateExecApprovalsNodeSetParams, W as validateModelsListParams, X as validateNodePairApproveParams, Y as validateNodeListParams, Z as validateNodePairListParams, _ as validateChatInjectParams, _t as validateTalkConfigParams, a as validateAgentWaitParams, at as validateSessionsCompactParams, b as validateConfigGetParams, bt as validateWakeParams, c as validateAgentsFilesGetParams, ct as validateSessionsPatchParams, d as validateAgentsListParams, dt as validateSessionsResolveParams, et as validateNodePairVerifyParams, f as validateAgentsUpdateParams, ft as validateSessionsUsageParams, g as validateChatHistoryParams, gt as validateSkillsUpdateParams, h as validateChatAbortParams, ht as validateSkillsStatusParams, i as validateAgentParams, it as validateSendParams, j as validateCronUpdateParams, jt as parseSessionLabel, k as validateCronRunsParams, kt as errorShape, l as validateAgentsFilesListParams, lt as validateSessionsPreviewParams, m as validateChannelsStatusParams, mt as validateSkillsInstallParams, n as formatValidationErrors, nt as validatePollParams, o as validateAgentsCreateParams, ot as validateSessionsDeleteParams, p as validateChannelsLogoutParams, pt as validateSkillsBinsParams, q as validateNodeInvokeParams, r as validateAgentIdentityParams, rt as validateRequestFrame, s as validateAgentsDeleteParams, st as validateSessionsListParams, tt as validateNodeRenameParams, u as validateAgentsFilesSetParams, ut as validateSessionsResetParams, v as validateChatSendParams, vt as validateTalkModeParams, w as validateConnectParams, wt as validateWizardNextParams, x as validateConfigPatchParams, xt as validateWebLoginStartParams, y as validateConfigApplyParams, yt as validateUpdateRunParams, z as validateExecApprovalsGetParams, zt as normalizeDevicePublicKeyBase64Url } from "./client-BhZjzrH2.js";
+import { n as callGateway, o as loadGatewayTlsRuntime$1 } from "./call-CjEdFGAf.js";
+import { f as GATEWAY_CLIENT_CAPS, g as hasGatewayClientCap, h as GATEWAY_CLIENT_NAMES, i as isGatewayMessageChannel, l as normalizeMessageChannel, m as GATEWAY_CLIENT_MODES, n as isDeliverableMessageChannel, p as GATEWAY_CLIENT_IDS, r as isGatewayCliClient, s as isWebchatClient, t as INTERNAL_MESSAGE_CHANNEL } from "./message-channel-DWcu72r7.js";
+import { t as formatDocsLink } from "./links-DpxpaKe1.js";
+import { r as buildChannelUiCatalog, t as applyPluginAutoEnable } from "./plugin-auto-enable-OO0eDINB.js";
+import { n as listChannelPlugins, r as normalizeChannelId, t as getChannelPlugin } from "./plugins-CxrdL_IZ.js";
+import "./logging-D-Jq2wIo.js";
+import "./accounts-Bvh0DFxS.js";
+import { $ as recordRemoteNodeInfo, $n as isSystemEventContextChanged, $t as loadCombinedSessionStoreForGateway, A as buildHistoryContextFromEntries, An as setGatewaySigusr1RestartPolicy, Ar as stripHeartbeatToken, At as stopSubagentsForRequester, B as getChannelActivity, Bn as inferLegacyName, Bt as getAgentRunContext, C as CONTROL_UI_AVATAR_PREFIX, Cr as startDiagnosticHeartbeat, Ct as DEFAULT_INPUT_PDF_MIN_TEXT_CHARS, Dn as consumeGatewaySigusr1RestartAuthorization, Dt as normalizeMimeList, E as resolveAssistantAvatarUrl, En as authorizeGatewaySigusr1Restart, Er as DEFAULT_HEARTBEAT_ACK_MAX_CHARS, Et as extractImageContentFromSource, Fn as summarizeRestartSentinel, Ft as createOpenClawTools, G as getCliSessionId, Gn as migrateLegacyCronPayload, H as dispatchInboundMessage, Hn as normalizeOptionalText, Hr as createInternalHookEvent, Ht as registerAgentRunContext, Ir as ToolInputError, It as initSubagentRegistry, Jn as buildSafeExternalPrompt, K as setCliSessionId, Kt as applyModelOverrideToSessionEntry, L as resolveCronStyleNow, Ln as writeRestartSentinel, Lr as getMemorySearchManager, Lt as resolveAgentTimeoutMs, Mn as formatDoctorNonInteractiveHint, Mr as normalizePollInput, Mt as abortEmbeddedPiRun, N as getLastHeartbeatEvent, Nn as formatRestartSentinelMessage, Nr as resolveUserTimezone, Nt as waitForEmbeddedPiRunEnd, On as isGatewaySigusr1RestartExternallyAllowed, Ot as formatZonedTimestamp, P as onHeartbeatEvent, Q as primeRemoteSkillsCache, Qn as enqueueSystemEvent, Qt as listSessionsFromStore, Rn as normalizeCronJobCreate, Rr as resolveMemoryBackendConfig, Rt as clearAgentRunContext, Sn as resetDirectoryCache, Sr as CommandLane, St as DEFAULT_INPUT_PDF_MAX_PIXELS, T as normalizeControlUiBasePath, Tr as isDiagnosticsEnabled, Tt as extractFileContentFromSource, U as createReplyDispatcher, Un as normalizePayloadToSystemText, Ur as registerInternalHook, Ut as runSubagentAnnounceFlow, Vn as normalizeOptionalAgentId, Vr as clearInternalHooks, Vt as onAgentEvent, Wn as normalizeRequiredName, Wr as triggerInternalHook, Wt as resolveAnnounceTargetFromKey, X as resolveSendPolicy, Xn as getHookType, Y as normalizeSendPolicy, Yn as detectSuspiciousPatterns, Z as getRemoteSkillEligibility, Zn as isExternalHookSession, Zt as listAgentsForGateway, _t as DEFAULT_INPUT_FILE_MIMES, an as readSessionMessages, ar as OPENAI_TTS_VOICES, at as rejectNodePairing, bn as resolveSessionDeliveryTarget, br as setCommandLaneConcurrency, bt as DEFAULT_INPUT_MAX_REDIRECTS, cn as stripEnvelopeFromMessages, cr as isTtsProviderConfigured, ct as updatePairedNodeMetadata, d as handleReset, dn as clearSessionQueues, dr as resolveTtsConfig, dt as registerSkillsChangeListener, en as loadSessionEntry, et as refreshRemoteBinsForConnectedNodes, fn as normalizeGroupActivation, fr as resolveTtsPrefsPath, gr as textToSpeech, gt as DEFAULT_INPUT_FILE_MAX_CHARS, hn as resolveOutboundSessionRoute, hr as setTtsProvider, ht as DEFAULT_INPUT_FILE_MAX_BYTES, in as capArrayByJsonBytes, ir as OPENAI_TTS_MODELS, it as listNodePairing, j as resolveHeartbeatVisibility, jn as consumeRestartSentinel, jt as runEmbeddedPiAgent, k as createReplyPrefixOptions, kn as scheduleGatewaySigusr1Restart, kt as isAbortTrigger, lr as resolveTtsApiKey, lt as verifyNodeToken, mn as ensureOutboundSessionEntry, mr as setTtsEnabled, mt as parseVerboseOverride, n as handleSlackHttpRequest, nn as resolveSessionModelRef, nt as setSkillsRemoteRegistry, on as readSessionPreviewItemsFromTranscript, or as getTtsProvider, ot as renamePairedNode, pr as resolveTtsProviderOrder, pt as applyVerboseOverride, q as runCliAgent, qt as loadProviderUsageSummary, rn as archiveFileOnDisk, rr as getPluginToolMeta, rt as approveNodePairing, sn as resolveSessionTranscriptCandidates, sr as isTtsEnabled, st as requestNodePairing, t as loadOpenClawPlugins, tn as resolveGatewaySessionStoreTarget, tr as requestHeartbeatNow, tt as refreshRemoteNodeBins, un as lookupContextTokens, ur as resolveTtsAutoMode, ut as getSkillsSnapshotVersion, vr as getActiveTaskCount, vt as DEFAULT_INPUT_IMAGE_MAX_BYTES, w as buildControlUiAvatarUrl, wn as runWithModelFallback, wr as stopDiagnosticHeartbeat, wt as DEFAULT_INPUT_TIMEOUT_MS, xr as waitForActiveTasks, xt as DEFAULT_INPUT_PDF_MAX_PAGES, yn as resolveOutboundTarget, yt as DEFAULT_INPUT_IMAGE_MIMES, zn as normalizeCronJobPatch, zr as resolveAgentIdentity, zt as emitAgentEvent } from "./loader-CS-5lMQa.js";
+import { n as withProgress } from "./progress-COHv-uNT.js";
+import "./prompt-style-Cf1r1L6k.js";
+import "./note-Duiadw1g.js";
+import { t as WizardCancelledError } from "./prompts-Dszjy1n_.js";
+import { t as resolveChannelDefaultAccountId } from "./helpers-ByYj2Aq5.js";
+import "./onboard-channels-C5uL3i8d.js";
+import "./archive-aSMUcOc6.js";
+import "./skill-scanner-BrGkh5K7.js";
+import "./installs-z69au9Te.js";
+import { J as getGlobalHookRunner, o as normalizeReplyPayloadsForDelivery, t as deliverOutboundPayloads } from "./deliver-BHNoC9Yk.js";
+import "./manager-ChW0jk7T.js";
+import { c as resolveStorePath, i as resolveSessionTranscriptPath, n as resolveSessionFilePath, r as resolveSessionFilePathOptions, s as resolveSessionTranscriptsDirForAgent } from "./paths-BZK4Ct0I.js";
+import "./sqlite-2UsPaJz5.js";
+import "./redact-UvkXqguc.js";
+import { p as detectMime, r as saveMediaBuffer } from "./routes-CaCvio4Q.js";
+import { B as normalizeElevatedLevel, H as normalizeThinkLevel, I as formatThinkingLevels, K as supportsXHighThinking, L as formatXHighModelHint, U as normalizeUsageDisplay, V as normalizeReasoningLevel, W as normalizeVerboseLevel } from "./pi-embedded-helpers-DpJb0kUk.js";
+import "./fetch-wuOZDzdT.js";
+import { $ as normalizeToolName, I as resolveAgentMainSessionKey, L as resolveExplicitAgentSessionKey, R as resolveMainSessionKey, S as mergeDeliveryContext, V as snapshotSessionOrigin, X as collectExplicitAllowlist, Y as buildPluginToolGroups, Z as expandPolicyWithPluginGroups, b as deliveryContextFromSession, d as loadSessionStore, et as resolveToolProfilePolicy, g as updateSessionStore, tt as stripPluginOnlyAllowlist, w as normalizeSessionDeliveryFields, z as resolveMainSessionKeyFromConfig } from "./sandbox-DNHDwHw8.js";
+import "./commands-registry-6NUFrejL.js";
+import { i as getMachineDisplayName, r as createBrowserRouteDispatcher } from "./wsl-BvTIzy-8.js";
+import { h as hasBinary, i as loadWorkspaceSkillEntries, r as buildWorkspaceSkillSnapshot } from "./skills-CE7by2IF.js";
+import "./image-D-5pUELC.js";
+import { c as normalizeExecApprovals, g as saveExecApprovals, l as readExecApprovalsSnapshot, m as resolveExecApprovalsSocketPath, r as ensureExecApprovals } from "./exec-approvals-C67V-ljH.js";
+import "./nodes-screen-CVL9363A.js";
+import "./tool-display-DbdMQFZx.js";
+import { t as parseAbsoluteTimeMs } from "./parse-Bw0oH-rT.js";
+import { n as resolveMessageChannelSelection } from "./channel-selection-BaW1xXEa.js";
+import { i as loadSessionUsageTimeSeries, l as deriveSessionTotalTokens, n as loadCostUsageSummary, r as loadSessionCostSummary, t as discoverAllSessions, u as hasNonzeroUsage } from "./session-cost-usage-B-tyjp76.js";
+import { n as formatTokenCount, r as formatUsd } from "./usage-format-Bhl_WCWP.js";
+import { _ as loadModelCatalog, h as registerUnhandledRejectionHandler } from "./runner-BEy5ZGFv.js";
+import { c as resolveSubagentToolPolicy, i as filterToolsByPolicy, o as resolveEffectiveToolPolicy, s as resolveGroupToolPolicy } from "./commands-gOiRcfoU.js";
+import "./pairing-store-Dz-ArTQS.js";
+import "./login-qr-BsYM2E1y.js";
+import { n as runCommandWithRuntime } from "./cli-utils-CodyYLHe.js";
+import "./pairing-labels-Dt2vXyI7.js";
+import { t as buildChannelAccountSnapshot } from "./status-DCkF_L3U.js";
+import "./channels-status-issues-kb-M2Fi0.js";
+import "./register.subclis-ifHtmF3e.js";
+import "./completion-cli-Drks7xRK.js";
+import { n as createOutboundSendDeps, t as createDefaultDeps } from "./deps-CP0dcOgD.js";
+import "./daemon-runtime-ZWXvLDxx.js";
+import "./service-DZN7KRok.js";
+import "./systemd-s3S2HVog.js";
+import "./shared-Csn6DLBA.js";
+import { a as runDaemonStop, i as runDaemonStart, n as runDaemonStatus, o as runDaemonUninstall, r as runDaemonRestart, s as runDaemonInstall } from "./daemon-cli-BLbzcTuD.js";
+import "./service-audit-B8KIOe8A.js";
+import "./table-Bvka_vkc.js";
+import { n as resolveWideAreaDiscoveryDomain, r as writeWideAreaGatewayZone } from "./widearea-dns-C4RnIR9O.js";
+import { a as toOptionString, i as parsePort$1, n as extractGatewayMiskeys, r as maybeExplainGatewayServiceStop, t as describeUnknownError } from "./shared-CsAwU6-q.js";
+import { a as resolveNodeCommandAllowlist, i as isNodeCommandAllowed, o as probeGateway } from "./audit-BYfhZ7LA.js";
+import { S as discoverGatewayBeacons, n as installSkill } from "./onboard-skills-BFxdI1Y1.js";
+import { a as resolveControlUiRootOverrideSync, c as getHealthSnapshot, d as runHeartbeatOnce, f as setHeartbeatsEnabled, n as ensureControlUiAssetsBuilt, o as resolveControlUiRootSync, p as startHeartbeatRunner, s as formatHealthChannelLines } from "./health-format-Nd0jcoqM.js";
+import { S as normalizeUpdateChannel, _ as resolveNpmChannelTag, h as compareSemverStrings, m as checkUpdateStatus, t as runGatewayUpdate, y as DEFAULT_PACKAGE_CHANNEL } from "./update-runner-BaLsla0c.js";
+import "./github-copilot-auth-BUqfX7hG.js";
+import "./logging-B3KnAryz.js";
+import { i as shouldIncludeHook, n as loadWorkspaceHookEntries, r as resolveHookConfig } from "./hooks-status-BbIz0zmm.js";
+import { a as findAgentEntryIndex, c as pruneAgentConfig, f as runOnboardingWizard, n as getStatusSummary, o as listAgentEntries, r as applyAgentConfig, s as loadAgentIdentity, u as loadAgentIdentityFromWorkspace } from "./status-Cm4q6o-I.js";
+import { t as buildWorkspaceSkillStatus } from "./skills-status-B99Us6yS.js";
+import "./tui-B40Z2jMa.js";
+import { i as setGatewayWsLogStyle, n as logWs, r as summarizeAgentEventForWsLog, t as formatForLog } from "./ws-log-WrJ4QYu7.js";
+import { T as resolveGmailHookRuntimeConfig, _ as buildGogWatchServeArgs, i as ensureTailscaleEndpoint, v as buildGogWatchStartArgs } from "./gmail-setup-utils-HvKMdooP.js";
+import { a as createOutboundSendDeps$1, i as resolveAgentOutboundTarget, r as resolveAgentDeliveryPlan, t as agentCommand } from "./agent-DjZxytiC.js";
+import "./node-service-C7f_uvx9.js";
+import { n as forceFreePortAndWait } from "./ports-C8YYHVlc.js";
 import { spawn, spawnSync } from "node:child_process";
 import path from "node:path";
 import os from "node:os";
@@ -862,7 +865,7 @@ function truncateCloseReason(reason, maxBytes = CLOSE_REASON_MAX_BYTES) {
 
 //#endregion
 //#region src/infra/exec-approval-forwarder.ts
-const log$3 = createSubsystemLogger("gateway/exec-approvals");
+const log$5 = createSubsystemLogger("gateway/exec-approvals");
 const DEFAULT_MODE = "session";
 function normalizeMode(mode) {
 	return mode ?? DEFAULT_MODE;
@@ -977,7 +980,7 @@ async function deliverToTargets(params) {
 				payloads: [{ text: params.text }]
 			});
 		} catch (err) {
-			log$3.error(`exec approvals: failed to deliver to ${channel}:${target.to}: ${String(err)}`);
+			log$5.error(`exec approvals: failed to deliver to ${channel}:${target.to}: ${String(err)}`);
 		}
 	});
 	await Promise.allSettled(deliveries);
@@ -1204,6 +1207,10 @@ const BASE_RELOAD_RULES = [
 	}
 ];
 const BASE_RELOAD_RULES_TAIL = [
+	{
+		prefix: "meta",
+		kind: "none"
+	},
 	{
 		prefix: "identity",
 		kind: "none"
@@ -2100,10 +2107,6 @@ function createAgentEventHandler({ broadcast, broadcastToConnIds, nodeSendToSess
 		const last = agentRunSeq.get(evt.runId) ?? 0;
 		const isToolEvent = evt.stream === "tool";
 		const toolVerbose = isToolEvent ? resolveToolVerboseLevel(evt.runId, sessionKey) : "off";
-		if (isToolEvent && toolVerbose === "off") {
-			agentRunSeq.set(evt.runId, evt.seq);
-			return;
-		}
 		const toolPayload = isToolEvent && toolVerbose !== "full" ? (() => {
 			const data = evt.data ? { ...evt.data } : {};
 			delete data.result;
@@ -2135,7 +2138,7 @@ function createAgentEventHandler({ broadcast, broadcastToConnIds, nodeSendToSess
 		} else broadcast("agent", agentPayload);
 		const lifecyclePhase = evt.stream === "lifecycle" && typeof evt.data?.phase === "string" ? evt.data.phase : null;
 		if (sessionKey) {
-			nodeSendToSession(sessionKey, "agent", isToolEvent ? toolPayload : agentPayload);
+			if (!isToolEvent || toolVerbose !== "off") nodeSendToSession(sessionKey, "agent", isToolEvent ? toolPayload : agentPayload);
 			if (!isAborted && evt.stream === "assistant" && typeof evt.data?.text === "string") emitChatDelta(sessionKey, clientRunId, evt.seq, evt.data.text);
 			else if (!isAborted && (lifecyclePhase === "end" || lifecyclePhase === "error")) if (chatLink) {
 				const finished = chatRunState.registry.shift(evt.runId);
@@ -2168,7 +2171,7 @@ function createAgentEventHandler({ broadcast, broadcastToConnIds, nodeSendToSess
 * Automatically starts `gog gmail watch serve` when the gateway starts,
 * if hooks.gmail is configured with an account.
 */
-const log$2 = createSubsystemLogger("gmail-watcher");
+const log$4 = createSubsystemLogger("gmail-watcher");
 const ADDRESS_IN_USE_RE = /address already in use|EADDRINUSE/i;
 function isAddressInUseError(line) {
 	return ADDRESS_IN_USE_RE.test(line);
@@ -2192,13 +2195,13 @@ async function startGmailWatch(cfg) {
 		const result = await runCommandWithTimeout(args, { timeoutMs: 12e4 });
 		if (result.code !== 0) {
 			const message = result.stderr || result.stdout || "gog watch start failed";
-			log$2.error(`watch start failed: ${message}`);
+			log$4.error(`watch start failed: ${message}`);
 			return false;
 		}
-		log$2.info(`watch started for ${cfg.account}`);
+		log$4.info(`watch started for ${cfg.account}`);
 		return true;
 	} catch (err) {
-		log$2.error(`watch start error: ${String(err)}`);
+		log$4.error(`watch start error: ${String(err)}`);
 		return false;
 	}
 }
@@ -2207,7 +2210,7 @@ async function startGmailWatch(cfg) {
 */
 function spawnGogServe(cfg) {
 	const args = buildGogWatchServeArgs(cfg);
-	log$2.info(`starting gog ${args.join(" ")}`);
+	log$4.info(`starting gog ${args.join(" ")}`);
 	let addressInUse = false;
 	const child = spawn("gog", args, {
 		stdio: [
@@ -2219,25 +2222,25 @@ function spawnGogServe(cfg) {
 	});
 	child.stdout?.on("data", (data) => {
 		const line = data.toString().trim();
-		if (line) log$2.info(`[gog] ${line}`);
+		if (line) log$4.info(`[gog] ${line}`);
 	});
 	child.stderr?.on("data", (data) => {
 		const line = data.toString().trim();
 		if (!line) return;
 		if (isAddressInUseError(line)) addressInUse = true;
-		log$2.warn(`[gog] ${line}`);
+		log$4.warn(`[gog] ${line}`);
 	});
 	child.on("error", (err) => {
-		log$2.error(`gog process error: ${String(err)}`);
+		log$4.error(`gog process error: ${String(err)}`);
 	});
 	child.on("exit", (code, signal) => {
 		if (shuttingDown) return;
 		if (addressInUse) {
-			log$2.warn("gog serve failed to bind (address already in use); stopping restarts. Another watcher is likely running. Set OPENCLAW_SKIP_GMAIL_WATCHER=1 or stop the other process.");
+			log$4.warn("gog serve failed to bind (address already in use); stopping restarts. Another watcher is likely running. Set OPENCLAW_SKIP_GMAIL_WATCHER=1 or stop the other process.");
 			watcherProcess = null;
 			return;
 		}
-		log$2.warn(`gog exited (code=${code}, signal=${signal}); restarting in 5s`);
+		log$4.warn(`gog exited (code=${code}, signal=${signal}); restarting in 5s`);
 		watcherProcess = null;
 		setTimeout(() => {
 			if (shuttingDown || !currentConfig) return;
@@ -2277,15 +2280,15 @@ async function startGmailWatcher(cfg) {
 			port: runtimeConfig.serve.port,
 			target: runtimeConfig.tailscale.target
 		});
-		log$2.info(`tailscale ${runtimeConfig.tailscale.mode} configured for port ${runtimeConfig.serve.port}`);
+		log$4.info(`tailscale ${runtimeConfig.tailscale.mode} configured for port ${runtimeConfig.serve.port}`);
 	} catch (err) {
-		log$2.error(`tailscale setup failed: ${String(err)}`);
+		log$4.error(`tailscale setup failed: ${String(err)}`);
 		return {
 			started: false,
 			reason: `tailscale setup failed: ${String(err)}`
 		};
 	}
-	if (!await startGmailWatch(runtimeConfig)) log$2.warn("gmail watch start failed, but continuing with serve");
+	if (!await startGmailWatch(runtimeConfig)) log$4.warn("gmail watch start failed, but continuing with serve");
 	shuttingDown = false;
 	watcherProcess = spawnGogServe(runtimeConfig);
 	const renewMs = runtimeConfig.renewEveryMinutes * 6e4;
@@ -2293,7 +2296,7 @@ async function startGmailWatcher(cfg) {
 		if (shuttingDown) return;
 		startGmailWatch(runtimeConfig);
 	}, renewMs);
-	log$2.info(`gmail watcher started for ${runtimeConfig.account} (renew every ${runtimeConfig.renewEveryMinutes}m)`);
+	log$4.info(`gmail watcher started for ${runtimeConfig.account} (renew every ${runtimeConfig.renewEveryMinutes}m)`);
 	return { started: true };
 }
 /**
@@ -2306,7 +2309,7 @@ async function stopGmailWatcher() {
 		renewInterval = null;
 	}
 	if (watcherProcess) {
-		log$2.info("stopping gmail watcher");
+		log$4.info("stopping gmail watcher");
 		watcherProcess.kill("SIGTERM");
 		await new Promise((resolve) => {
 			const timeout = setTimeout(() => {
@@ -2321,7 +2324,7 @@ async function stopGmailWatcher() {
 		watcherProcess = null;
 	}
 	currentConfig = null;
-	log$2.info("gmail watcher stopped");
+	log$4.info("gmail watcher stopped");
 }
 
 //#endregion
@@ -2551,6 +2554,8 @@ function resolveCronSession(params) {
 			thinkingLevel: entry?.thinkingLevel,
 			verboseLevel: entry?.verboseLevel,
 			model: entry?.model,
+			modelOverride: entry?.modelOverride,
+			providerOverride: entry?.providerOverride,
 			contextTokens: entry?.contextTokens,
 			sendPolicy: entry?.sendPolicy,
 			lastChannel: entry?.lastChannel,
@@ -2584,9 +2589,8 @@ async function runCronIsolatedAgentTurn(params) {
 	const defaultAgentId = resolveDefaultAgentId(params.cfg);
 	const requestedAgentId = typeof params.agentId === "string" && params.agentId.trim() ? params.agentId : typeof params.job.agentId === "string" && params.job.agentId.trim() ? params.job.agentId : void 0;
 	const normalizedRequested = requestedAgentId ? normalizeAgentId(requestedAgentId) : void 0;
-	const agentConfigOverride = normalizedRequested ? resolveAgentConfig(params.cfg, normalizedRequested) : void 0;
-	const { model: overrideModel, ...agentOverrideRest } = agentConfigOverride ?? {};
-	const agentId = agentConfigOverride ? normalizedRequested ?? defaultAgentId : defaultAgentId;
+	const { model: overrideModel, ...agentOverrideRest } = (normalizedRequested ? resolveAgentConfig(params.cfg, normalizedRequested) : void 0) ?? {};
+	const agentId = normalizedRequested ?? defaultAgentId;
 	const agentCfg = Object.assign({}, params.cfg.agents?.defaults, agentOverrideRest);
 	if (typeof overrideModel === "string") agentCfg.model = { primary: overrideModel };
 	else if (overrideModel) agentCfg.model = overrideModel;
@@ -2618,6 +2622,7 @@ async function runCronIsolatedAgentTurn(params) {
 		return catalog;
 	};
 	const isGmailHook = baseSessionKey.startsWith("hook:gmail:");
+	let hooksGmailModelApplied = false;
 	const hooksGmailModelRef = isGmailHook ? resolveHooksGmailModel({
 		cfg: params.cfg,
 		defaultProvider: DEFAULT_PROVIDER
@@ -2632,6 +2637,7 @@ async function runCronIsolatedAgentTurn(params) {
 		}).allowed) {
 			provider = hooksGmailModelRef.provider;
 			model = hooksGmailModelRef.model;
+			hooksGmailModelApplied = true;
 		}
 	}
 	const modelOverrideRaw = params.job.payload.kind === "agentTurn" ? params.job.payload.model : void 0;
@@ -2677,6 +2683,23 @@ async function runCronIsolatedAgentTurn(params) {
 		const labelSuffix = typeof params.job.name === "string" && params.job.name.trim() ? params.job.name.trim() : params.job.id;
 		cronSession.sessionEntry.label = `Cron: ${labelSuffix}`;
 	}
+	if (!modelOverride && !hooksGmailModelApplied) {
+		const sessionModelOverride = cronSession.sessionEntry.modelOverride?.trim();
+		if (sessionModelOverride) {
+			const sessionProviderOverride = cronSession.sessionEntry.providerOverride?.trim() || resolvedDefault.provider;
+			const resolvedSessionOverride = resolveAllowedModelRef({
+				cfg: cfgWithAgentDefaults,
+				catalog: await loadCatalog(),
+				raw: `${sessionProviderOverride}/${sessionModelOverride}`,
+				defaultProvider: resolvedDefault.provider,
+				defaultModel: resolvedDefault.model
+			});
+			if (!("error" in resolvedSessionOverride)) {
+				provider = resolvedSessionOverride.ref.provider;
+				model = resolvedSessionOverride.ref.model;
+			}
+		}
+	}
 	const hooksGmailThinking = isGmailHook ? normalizeThinkLevel(params.cfg.hooks?.gmail?.thinking) : void 0;
 	const thinkOverride = normalizeThinkLevel(agentCfg?.thinkingDefault);
 	let thinkLevel = normalizeThinkLevel((params.job.payload.kind === "agentTurn" ? params.job.payload.thinking : void 0) ?? void 0) ?? hooksGmailThinking ?? thinkOverride;
@@ -2701,10 +2724,7 @@ async function runCronIsolatedAgentTurn(params) {
 		channel: deliveryPlan.channel ?? "last",
 		to: deliveryPlan.to
 	});
-	const userTimezone = resolveUserTimezone(params.cfg.agents?.defaults?.userTimezone);
-	const userTimeFormat = resolveUserTimeFormat(params.cfg.agents?.defaults?.timeFormat);
-	const formattedTime = formatUserTime(new Date(now), userTimezone, userTimeFormat) ?? new Date(now).toISOString();
-	const timeLine = `Current time: ${formattedTime} (${userTimezone})`;
+	const { formattedTime, timeLine } = resolveCronStyleNow(params.cfg, now);
 	const base = `[cron:${params.job.id} ${params.job.name}] ${params.message}`.trim();
 	const isExternalHook = isExternalHookSession(baseSessionKey);
 	const allowUnsafeExternalContent = agentPayload?.allowUnsafeExternalContent === true || isGmailHook && params.cfg.hooks?.gmail?.allowUnsafeExternalContent === true;
@@ -2817,6 +2837,7 @@ async function runCronIsolatedAgentTurn(params) {
 	const payloads = runResult.payloads ?? [];
 	{
 		const usage = runResult.meta.agentMeta?.usage;
+		const promptTokens = runResult.meta.agentMeta?.promptTokens;
 		const modelUsed = runResult.meta.agentMeta?.model ?? fallbackModel ?? model;
 		const providerUsed = runResult.meta.agentMeta?.provider ?? fallbackProvider ?? provider;
 		const contextTokens = agentCfg?.contextTokens ?? lookupContextTokens(modelUsed) ?? DEFAULT_CONTEXT_TOKENS;
@@ -2830,12 +2851,15 @@ async function runCronIsolatedAgentTurn(params) {
 		if (hasNonzeroUsage(usage)) {
 			const input = usage.input ?? 0;
 			const output = usage.output ?? 0;
-			cronSession.sessionEntry.inputTokens = input;
-			cronSession.sessionEntry.outputTokens = output;
-			cronSession.sessionEntry.totalTokens = deriveSessionTotalTokens({
+			const totalTokens = deriveSessionTotalTokens({
 				usage,
-				contextTokens
+				contextTokens,
+				promptTokens
 			}) ?? input;
+			cronSession.sessionEntry.inputTokens = input;
+			cronSession.sessionEntry.outputTokens = output;
+			cronSession.sessionEntry.totalTokens = totalTokens;
+			cronSession.sessionEntry.totalTokensFresh = true;
 		}
 		await persistSessionEntry();
 	}
@@ -3052,10 +3076,10 @@ function computeNextRunAtMs(schedule, nowMs) {
 		catch: false
 	});
 	const nowSecondMs = Math.floor(nowMs / 1e3) * 1e3;
-	const next = cron.nextRun(/* @__PURE__ */ new Date(nowSecondMs - 1));
+	const next = cron.nextRun(new Date(nowSecondMs));
 	if (!next) return;
 	const nextMs = next.getTime();
-	return Number.isFinite(nextMs) && nextMs >= nowSecondMs ? nextMs : void 0;
+	return Number.isFinite(nextMs) && nextMs > nowSecondMs ? nextMs : void 0;
 }
 
 //#endregion
@@ -3098,6 +3122,8 @@ function computeJobNextRunAtMs(job, nowMs) {
 	}
 	return computeNextRunAtMs(job.schedule, nowMs);
 }
+/** Maximum consecutive schedule errors before auto-disabling a job. */
+const MAX_SCHEDULE_ERRORS = 3;
 function recomputeNextRuns(state) {
 	if (!state.store) return false;
 	let changed = false;
@@ -3128,12 +3154,82 @@ function recomputeNextRuns(state) {
 			changed = true;
 		}
 		const nextRun = job.state.nextRunAtMs;
-		if (nextRun === void 0 || now >= nextRun) {
+		if (nextRun === void 0 || now >= nextRun) try {
 			const newNext = computeJobNextRunAtMs(job, now);
 			if (job.state.nextRunAtMs !== newNext) {
 				job.state.nextRunAtMs = newNext;
 				changed = true;
 			}
+			if (job.state.scheduleErrorCount) {
+				job.state.scheduleErrorCount = void 0;
+				changed = true;
+			}
+		} catch (err) {
+			const errorCount = (job.state.scheduleErrorCount ?? 0) + 1;
+			job.state.scheduleErrorCount = errorCount;
+			job.state.nextRunAtMs = void 0;
+			job.state.lastError = `schedule error: ${String(err)}`;
+			changed = true;
+			if (errorCount >= MAX_SCHEDULE_ERRORS) {
+				job.enabled = false;
+				state.deps.log.error({
+					jobId: job.id,
+					name: job.name,
+					errorCount,
+					err: String(err)
+				}, "cron: auto-disabled job after repeated schedule errors");
+			} else state.deps.log.warn({
+				jobId: job.id,
+				name: job.name,
+				errorCount,
+				err: String(err)
+			}, "cron: failed to compute next run for job (skipping)");
+		}
+	}
+	return changed;
+}
+/**
+* Maintenance-only version of recomputeNextRuns that handles disabled jobs
+* and stuck markers, but does NOT recompute nextRunAtMs for enabled jobs
+* with existing values. Used during timer ticks when no due jobs were found
+* to prevent silently advancing past-due nextRunAtMs values without execution
+* (see #13992).
+*/
+function recomputeNextRunsForMaintenance(state) {
+	if (!state.store) return false;
+	let changed = false;
+	const now = state.deps.nowMs();
+	for (const job of state.store.jobs) {
+		if (!job.state) {
+			job.state = {};
+			changed = true;
+		}
+		if (!job.enabled) {
+			if (job.state.nextRunAtMs !== void 0) {
+				job.state.nextRunAtMs = void 0;
+				changed = true;
+			}
+			if (job.state.runningAtMs !== void 0) {
+				job.state.runningAtMs = void 0;
+				changed = true;
+			}
+			continue;
+		}
+		const runningAt = job.state.runningAtMs;
+		if (typeof runningAt === "number" && now - runningAt > STUCK_RUN_MS) {
+			state.deps.log.warn({
+				jobId: job.id,
+				runningAtMs: runningAt
+			}, "cron: clearing stuck running marker");
+			job.state.runningAtMs = void 0;
+			changed = true;
+		}
+		if (job.state.nextRunAtMs === void 0) {
+			const newNext = computeJobNextRunAtMs(job, now);
+			if (newNext !== void 0) {
+				job.state.nextRunAtMs = newNext;
+				changed = true;
+			}
 		}
 	}
 	return changed;
@@ -3793,7 +3889,7 @@ function applyJobResult(state, job, result) {
 	job.updatedAtMs = result.endedAt;
 	if (result.status === "error") job.state.consecutiveErrors = (job.state.consecutiveErrors ?? 0) + 1;
 	else job.state.consecutiveErrors = 0;
-	const shouldDelete = job.schedule.kind === "at" && result.status === "ok" && job.deleteAfterRun === true;
+	const shouldDelete = job.schedule.kind === "at" && job.deleteAfterRun === true && result.status === "ok";
 	if (!shouldDelete) if (job.schedule.kind === "at") {
 		job.enabled = false;
 		job.state.nextRunAtMs = void 0;
@@ -3854,7 +3950,17 @@ function armTimer(state) {
 	}, "cron: timer armed");
 }
 async function onTimer(state) {
-	if (state.running) return;
+	if (state.running) {
+		if (state.timer) clearTimeout(state.timer);
+		state.timer = setTimeout(async () => {
+			try {
+				await onTimer(state);
+			} catch (err) {
+				state.deps.log.error({ err: String(err) }, "cron: timer tick failed");
+			}
+		}, MAX_TIMER_DELAY_MS);
+		return;
+	}
 	state.running = true;
 	try {
 		const dueJobs = await locked(state, async () => {
@@ -3864,7 +3970,7 @@ async function onTimer(state) {
 			});
 			const due = findDueJobs(state);
 			if (due.length === 0) {
-				if (recomputeNextRuns(state)) await persist(state);
+				if (recomputeNextRunsForMaintenance(state)) await persist(state);
 				return [];
 			}
 			const now = state.deps.nowMs();
@@ -4000,7 +4106,7 @@ async function runMissedJobs(state) {
 		if (!j.enabled) return false;
 		if (typeof j.state.runningAtMs === "number") return false;
 		const next = j.state.nextRunAtMs;
-		if (j.schedule.kind === "at" && j.state.lastStatus === "ok") return false;
+		if (j.schedule.kind === "at" && j.state.lastStatus) return false;
 		return typeof next === "number" && now >= next;
 	});
 	if (missed.length > 0) {
@@ -4026,7 +4132,10 @@ async function executeJobCore(state, job) {
 			const waitStartedAt = state.deps.nowMs();
 			let heartbeatResult;
 			for (;;) {
-				heartbeatResult = await state.deps.runHeartbeatOnce({ reason });
+				heartbeatResult = await state.deps.runHeartbeatOnce({
+					reason,
+					agentId: job.agentId
+				});
 				if (heartbeatResult.status !== "skipped" || heartbeatResult.reason !== "requests-in-flight") break;
 				if (state.deps.nowMs() - waitStartedAt > maxWaitMs) {
 					state.deps.requestHeartbeatNow({ reason });
@@ -4405,9 +4514,12 @@ function buildGatewayCronService(params) {
 			},
 			requestHeartbeatNow,
 			runHeartbeatOnce: async (opts) => {
+				const runtimeConfig = loadConfig();
+				const agentId = opts?.agentId ? resolveCronAgent(opts.agentId).agentId : void 0;
 				return await runHeartbeatOnce({
-					cfg: loadConfig(),
+					cfg: runtimeConfig,
 					reason: opts?.reason,
+					agentId,
 					deps: {
 						...params.deps,
 						runtime: defaultRuntime
@@ -4788,8 +4900,8 @@ function abortChatRunsForSessionKey(ops, params) {
 
 //#endregion
 //#region src/gateway/server-constants.ts
-const MAX_PAYLOAD_BYTES = 512 * 1024;
-const MAX_BUFFERED_BYTES = 1.5 * 1024 * 1024;
+const MAX_PAYLOAD_BYTES = 8 * 1024 * 1024;
+const MAX_BUFFERED_BYTES = 16 * 1024 * 1024;
 const DEFAULT_MAX_CHAT_HISTORY_MESSAGES_BYTES = 6 * 1024 * 1024;
 let maxChatHistoryMessagesBytes = DEFAULT_MAX_CHAT_HISTORY_MESSAGES_BYTES;
 const getMaxChatHistoryMessagesBytes = () => maxChatHistoryMessagesBytes;
@@ -5241,6 +5353,7 @@ const BASE_METHODS = [
 	"wizard.next",
 	"wizard.cancel",
 	"wizard.status",
+	"talk.config",
 	"talk.mode",
 	"models.list",
 	"agents.list",
@@ -5502,7 +5615,7 @@ function ensureAgentRunListener() {
 		agentRunStarts.delete(evt.runId);
 		recordAgentRunSnapshot({
 			runId: evt.runId,
-			status: phase === "error" ? "error" : "ok",
+			status: phase === "error" ? "error" : evt.data?.aborted ? "timeout" : "ok",
 			startedAt,
 			endedAt,
 			error,
@@ -5544,7 +5657,7 @@ async function waitForAgentJob(params) {
 			const error = typeof evt.data?.error === "string" ? evt.data.error : void 0;
 			const snapshot = {
 				runId: evt.runId,
-				status: phase === "error" ? "error" : "ok",
+				status: phase === "error" ? "error" : evt.data?.aborted ? "timeout" : "ok",
 				startedAt,
 				endedAt,
 				error,
@@ -5629,6 +5742,7 @@ const agentHandlers = {
 		let resolvedGroupChannel = groupChannelRaw || void 0;
 		let resolvedGroupSpace = groupSpaceRaw || void 0;
 		let spawnedByValue = typeof request.spawnedBy === "string" ? request.spawnedBy.trim() : void 0;
+		const inputProvenance = normalizeInputProvenance(request.inputProvenance);
 		const cached = context.dedupe.get(`agent:${idem}`);
 		if (cached) {
 			respond(cached.ok, cached.payload, cached.error, { cached: true });
@@ -5765,7 +5879,10 @@ const agentHandlers = {
 		const runId = idem;
 		const connId = typeof client?.connId === "string" ? client.connId : void 0;
 		const wantsToolEvents = hasGatewayClientCap(client?.connect?.caps, GATEWAY_CLIENT_CAPS.TOOL_EVENTS);
-		if (connId && wantsToolEvents) context.registerToolEventRecipient(runId, connId);
+		if (connId && wantsToolEvents) {
+			context.registerToolEventRecipient(runId, connId);
+			for (const [activeRunId, active] of context.chatAbortControllers) if (activeRunId !== runId && active.sessionKey === requestedSessionKey) context.registerToolEventRecipient(activeRunId, connId);
+		}
 		const wantsDelivery = request.deliver === true;
 		const explicitTo = typeof request.replyTo === "string" && request.replyTo.trim() ? request.replyTo.trim() : typeof request.to === "string" && request.to.trim() ? request.to.trim() : void 0;
 		const explicitThreadId = typeof request.threadId === "string" && request.threadId.trim() ? request.threadId.trim() : void 0;
@@ -5832,7 +5949,8 @@ const agentHandlers = {
 			messageChannel: resolvedChannel,
 			runId,
 			lane: request.lane,
-			extraSystemPrompt: request.extraSystemPrompt
+			extraSystemPrompt: request.extraSystemPrompt,
+			inputProvenance
 		}, defaultRuntime, context.deps).then((result) => {
 			const payload = {
 				runId,
@@ -6246,143 +6364,6 @@ const agentsHandlers = {
 	}
 };
 
-//#endregion
-//#region src/gateway/node-command-policy.ts
-const CANVAS_COMMANDS = [
-	"canvas.present",
-	"canvas.hide",
-	"canvas.navigate",
-	"canvas.eval",
-	"canvas.snapshot",
-	"canvas.a2ui.push",
-	"canvas.a2ui.pushJSONL",
-	"canvas.a2ui.reset"
-];
-const CAMERA_COMMANDS = ["camera.list"];
-const CAMERA_DANGEROUS_COMMANDS = ["camera.snap", "camera.clip"];
-const SCREEN_DANGEROUS_COMMANDS = ["screen.record"];
-const LOCATION_COMMANDS = ["location.get"];
-const DEVICE_COMMANDS = ["device.info", "device.status"];
-const CONTACTS_COMMANDS = ["contacts.search"];
-const CONTACTS_DANGEROUS_COMMANDS = ["contacts.add"];
-const CALENDAR_COMMANDS = ["calendar.events"];
-const CALENDAR_DANGEROUS_COMMANDS = ["calendar.add"];
-const REMINDERS_COMMANDS = ["reminders.list"];
-const REMINDERS_DANGEROUS_COMMANDS = ["reminders.add"];
-const PHOTOS_COMMANDS = ["photos.latest"];
-const MOTION_COMMANDS = ["motion.activity", "motion.pedometer"];
-const SMS_DANGEROUS_COMMANDS = ["sms.send"];
-const IOS_SYSTEM_COMMANDS = ["system.notify"];
-const SYSTEM_COMMANDS = [
-	"system.run",
-	"system.which",
-	"system.notify",
-	"system.execApprovals.get",
-	"system.execApprovals.set",
-	"browser.proxy"
-];
-const DEFAULT_DANGEROUS_NODE_COMMANDS = [
-	...CAMERA_DANGEROUS_COMMANDS,
-	...SCREEN_DANGEROUS_COMMANDS,
-	...CONTACTS_DANGEROUS_COMMANDS,
-	...CALENDAR_DANGEROUS_COMMANDS,
-	...REMINDERS_DANGEROUS_COMMANDS,
-	...SMS_DANGEROUS_COMMANDS
-];
-const PLATFORM_DEFAULTS = {
-	ios: [
-		...CANVAS_COMMANDS,
-		...CAMERA_COMMANDS,
-		...LOCATION_COMMANDS,
-		...DEVICE_COMMANDS,
-		...CONTACTS_COMMANDS,
-		...CALENDAR_COMMANDS,
-		...REMINDERS_COMMANDS,
-		...PHOTOS_COMMANDS,
-		...MOTION_COMMANDS,
-		...IOS_SYSTEM_COMMANDS
-	],
-	android: [
-		...CANVAS_COMMANDS,
-		...CAMERA_COMMANDS,
-		...LOCATION_COMMANDS,
-		...DEVICE_COMMANDS,
-		...CONTACTS_COMMANDS,
-		...CALENDAR_COMMANDS,
-		...REMINDERS_COMMANDS,
-		...PHOTOS_COMMANDS,
-		...MOTION_COMMANDS
-	],
-	macos: [
-		...CANVAS_COMMANDS,
-		...CAMERA_COMMANDS,
-		...LOCATION_COMMANDS,
-		...DEVICE_COMMANDS,
-		...CONTACTS_COMMANDS,
-		...CALENDAR_COMMANDS,
-		...REMINDERS_COMMANDS,
-		...PHOTOS_COMMANDS,
-		...MOTION_COMMANDS,
-		...SYSTEM_COMMANDS
-	],
-	linux: [...SYSTEM_COMMANDS],
-	windows: [...SYSTEM_COMMANDS],
-	unknown: [
-		...CANVAS_COMMANDS,
-		...CAMERA_COMMANDS,
-		...LOCATION_COMMANDS,
-		...SYSTEM_COMMANDS
-	]
-};
-function normalizePlatformId(platform, deviceFamily) {
-	const raw = (platform ?? "").trim().toLowerCase();
-	if (raw.startsWith("ios")) return "ios";
-	if (raw.startsWith("android")) return "android";
-	if (raw.startsWith("mac")) return "macos";
-	if (raw.startsWith("darwin")) return "macos";
-	if (raw.startsWith("win")) return "windows";
-	if (raw.startsWith("linux")) return "linux";
-	const family = (deviceFamily ?? "").trim().toLowerCase();
-	if (family.includes("iphone") || family.includes("ipad") || family.includes("ios")) return "ios";
-	if (family.includes("android")) return "android";
-	if (family.includes("mac")) return "macos";
-	if (family.includes("windows")) return "windows";
-	if (family.includes("linux")) return "linux";
-	return "unknown";
-}
-function resolveNodeCommandAllowlist(cfg, node) {
-	const base = PLATFORM_DEFAULTS[normalizePlatformId(node?.platform, node?.deviceFamily)] ?? PLATFORM_DEFAULTS.unknown;
-	const extra = cfg.gateway?.nodes?.allowCommands ?? [];
-	const deny = new Set(cfg.gateway?.nodes?.denyCommands ?? []);
-	const allow = new Set([...base, ...extra].map((cmd) => cmd.trim()).filter(Boolean));
-	for (const blocked of deny) {
-		const trimmed = blocked.trim();
-		if (trimmed) allow.delete(trimmed);
-	}
-	return allow;
-}
-function isNodeCommandAllowed(params) {
-	const command = params.command.trim();
-	if (!command) return {
-		ok: false,
-		reason: "command required"
-	};
-	if (!params.allowlist.has(command)) return {
-		ok: false,
-		reason: "command not allowlisted"
-	};
-	if (Array.isArray(params.declaredCommands) && params.declaredCommands.length > 0) {
-		if (!params.declaredCommands.includes(command)) return {
-			ok: false,
-			reason: "command not declared by node"
-		};
-	} else return {
-		ok: false,
-		reason: "node did not declare commands"
-	};
-	return { ok: true };
-}
-
 //#endregion
 //#region src/gateway/server-methods/nodes.helpers.ts
 function respondInvalidParams(params) {
@@ -6753,9 +6734,13 @@ const channelsHandlers = {
 //#region src/gateway/server-methods/chat.ts
 function resolveTranscriptPath(params) {
 	const { sessionId, storePath, sessionFile } = params;
-	if (sessionFile) return sessionFile;
-	if (!storePath) return null;
-	return path.join(path.dirname(storePath), `${sessionId}.jsonl`);
+	if (!storePath && !sessionFile) return null;
+	try {
+		const sessionsDir = storePath ? path.dirname(storePath) : void 0;
+		return resolveSessionFilePath(sessionId, sessionFile ? { sessionFile } : void 0, sessionsDir ? { sessionsDir } : void 0);
+	} catch {
+		return null;
+	}
 }
 function ensureTranscriptFile(params) {
 	if (fs.existsSync(params.transcriptPath)) return { ok: true };
@@ -7119,7 +7104,10 @@ const chatHandlers = {
 						agentRunStarted = true;
 						const connId = typeof client?.connId === "string" ? client.connId : void 0;
 						const wantsToolEvents = hasGatewayClientCap(client?.connect?.caps, GATEWAY_CLIENT_CAPS.TOOL_EVENTS);
-						if (connId && wantsToolEvents) context.registerToolEventRecipient(runId, connId);
+						if (connId && wantsToolEvents) {
+							context.registerToolEventRecipient(runId, connId);
+							for (const [activeRunId, active] of context.chatAbortControllers) if (activeRunId !== runId && active.sessionKey === p.sessionKey) context.registerToolEventRecipient(activeRunId, connId);
+						}
 					},
 					onModelSelected
 				}
@@ -7252,491 +7240,30 @@ const chatHandlers = {
 };
 
 //#endregion
-//#region src/config/merge-patch.ts
-function applyMergePatch(base, patch) {
-	if (!isPlainObject(patch)) return patch;
-	const result = isPlainObject(base) ? { ...base } : {};
-	for (const [key, value] of Object.entries(patch)) {
-		if (value === null) {
-			delete result[key];
-			continue;
-		}
-		if (isPlainObject(value)) {
-			const baseValue = result[key];
-			result[key] = applyMergePatch(isPlainObject(baseValue) ? baseValue : {}, value);
-			continue;
-		}
-		result[key] = value;
-	}
-	return result;
-}
-
-//#endregion
-//#region src/config/redact-snapshot.ts
-/**
-* Sentinel value used to replace sensitive config fields in gateway responses.
-* Write-side handlers (config.set, config.apply, config.patch) detect this
-* sentinel and restore the original value from the on-disk config, so a
-* round-trip through the Web UI does not corrupt credentials.
-*/
-const REDACTED_SENTINEL = "__OPENCLAW_REDACTED__";
-/**
-* Patterns that identify sensitive config field names.
-* Aligned with the UI-hint logic in schema.ts.
-*/
-const SENSITIVE_KEY_PATTERNS = [
-	/token/i,
-	/password/i,
-	/secret/i,
-	/api.?key/i
-];
-function isSensitiveKey(key) {
-	return SENSITIVE_KEY_PATTERNS.some((pattern) => pattern.test(key));
-}
-/**
-* Deep-walk an object and replace values whose key matches a sensitive pattern
-* with the redaction sentinel.
-*/
-function redactObject(obj) {
-	if (obj === null || obj === void 0) return obj;
-	if (typeof obj !== "object") return obj;
-	if (Array.isArray(obj)) return obj.map(redactObject);
-	const result = {};
-	for (const [key, value] of Object.entries(obj)) if (isSensitiveKey(key) && value !== null && value !== void 0) result[key] = REDACTED_SENTINEL;
-	else if (typeof value === "object" && value !== null) result[key] = redactObject(value);
-	else result[key] = value;
-	return result;
-}
-function redactConfigObject(value) {
-	return redactObject(value);
-}
-/**
-* Collect all sensitive string values from a config object.
-* Used for text-based redaction of the raw JSON5 source.
-*/
-function collectSensitiveValues(obj) {
-	const values = [];
-	if (obj === null || obj === void 0 || typeof obj !== "object") return values;
-	if (Array.isArray(obj)) {
-		for (const item of obj) values.push(...collectSensitiveValues(item));
-		return values;
-	}
-	for (const [key, value] of Object.entries(obj)) if (isSensitiveKey(key) && typeof value === "string" && value.length > 0) values.push(value);
-	else if (typeof value === "object" && value !== null) values.push(...collectSensitiveValues(value));
-	return values;
-}
-/**
-* Replace known sensitive values in a raw JSON5 string with the sentinel.
-* Values are replaced longest-first to avoid partial matches.
-*/
-function redactRawText(raw, config) {
-	const sensitiveValues = collectSensitiveValues(config);
-	sensitiveValues.sort((a, b) => b.length - a.length);
-	let result = raw;
-	for (const value of sensitiveValues) {
-		const escaped = value.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
-		result = result.replace(new RegExp(escaped, "g"), REDACTED_SENTINEL);
-	}
-	result = result.replace(/(^|[{\s,])((["'])([^"']+)\3|([A-Za-z0-9_$.-]+))(\s*:\s*)(["'])([^"']*)\7/g, (match, prefix, keyExpr, _keyQuote, keyQuoted, keyBare, sep, valQuote, val) => {
-		const key = keyQuoted ?? keyBare;
-		if (!key || !isSensitiveKey(key)) return match;
-		if (val === REDACTED_SENTINEL) return match;
-		return `${prefix}${keyExpr}${sep}${valQuote}${REDACTED_SENTINEL}${valQuote}`;
-	});
-	return result;
-}
-/**
-* Returns a copy of the config snapshot with all sensitive fields
-* replaced by {@link REDACTED_SENTINEL}. The `hash` is preserved
-* (it tracks config identity, not content).
-*
-* Both `config` (the parsed object) and `raw` (the JSON5 source) are scrubbed
-* so no credential can leak through either path.
-*/
-function redactConfigSnapshot(snapshot) {
-	const redactedConfig = redactConfigObject(snapshot.config);
-	const redactedRaw = snapshot.raw ? redactRawText(snapshot.raw, snapshot.config) : null;
-	const redactedParsed = snapshot.parsed ? redactConfigObject(snapshot.parsed) : snapshot.parsed;
-	return {
-		...snapshot,
-		config: redactedConfig,
-		raw: redactedRaw,
-		parsed: redactedParsed
-	};
-}
-/**
-* Deep-walk `incoming` and replace any {@link REDACTED_SENTINEL} values
-* (on sensitive keys) with the corresponding value from `original`.
-*
-* This is called by config.set / config.apply / config.patch before writing,
-* so that credentials survive a Web UI round-trip unmodified.
-*/
-function restoreRedactedValues(incoming, original) {
-	if (incoming === null || incoming === void 0) return incoming;
-	if (typeof incoming !== "object") return incoming;
-	if (Array.isArray(incoming)) {
-		const origArr = Array.isArray(original) ? original : [];
-		return incoming.map((item, i) => restoreRedactedValues(item, origArr[i]));
-	}
-	const orig = original && typeof original === "object" && !Array.isArray(original) ? original : {};
-	const result = {};
-	for (const [key, value] of Object.entries(incoming)) if (isSensitiveKey(key) && value === REDACTED_SENTINEL) {
-		if (!(key in orig)) throw new Error(`config write rejected: "${key}" is redacted; set an explicit value instead of ${REDACTED_SENTINEL}`);
-		result[key] = orig[key];
-	} else if (typeof value === "object" && value !== null) result[key] = restoreRedactedValues(value, orig[key]);
-	else result[key] = value;
-	return result;
-}
-
-//#endregion
-//#region src/config/schema.ts
-const GROUP_LABELS = {
-	wizard: "Wizard",
-	update: "Update",
-	diagnostics: "Diagnostics",
-	logging: "Logging",
-	gateway: "Gateway",
-	nodeHost: "Node Host",
-	agents: "Agents",
-	tools: "Tools",
-	bindings: "Bindings",
-	audio: "Audio",
-	models: "Models",
-	messages: "Messages",
-	commands: "Commands",
-	session: "Session",
-	cron: "Cron",
-	hooks: "Hooks",
-	ui: "UI",
-	browser: "Browser",
-	talk: "Talk",
-	channels: "Messaging Channels",
-	skills: "Skills",
-	plugins: "Plugins",
-	discovery: "Discovery",
-	presence: "Presence",
-	voicewake: "Voice Wake"
+//#region src/config/schema.irc.ts
+const IRC_FIELD_LABELS = {
+	"channels.irc": "IRC",
+	"channels.irc.dmPolicy": "IRC DM Policy",
+	"channels.irc.nickserv.enabled": "IRC NickServ Enabled",
+	"channels.irc.nickserv.service": "IRC NickServ Service",
+	"channels.irc.nickserv.password": "IRC NickServ Password",
+	"channels.irc.nickserv.passwordFile": "IRC NickServ Password File",
+	"channels.irc.nickserv.register": "IRC NickServ Register",
+	"channels.irc.nickserv.registerEmail": "IRC NickServ Register Email"
 };
-const GROUP_ORDER = {
-	wizard: 20,
-	update: 25,
-	diagnostics: 27,
-	gateway: 30,
-	nodeHost: 35,
-	agents: 40,
-	tools: 50,
-	bindings: 55,
-	audio: 60,
-	models: 70,
-	messages: 80,
-	commands: 85,
-	session: 90,
-	cron: 100,
-	hooks: 110,
-	ui: 120,
-	browser: 130,
-	talk: 140,
-	channels: 150,
-	skills: 200,
-	plugins: 205,
-	discovery: 210,
-	presence: 220,
-	voicewake: 230,
-	logging: 900
-};
-const FIELD_LABELS = {
-	"meta.lastTouchedVersion": "Config Last Touched Version",
-	"meta.lastTouchedAt": "Config Last Touched At",
-	"update.channel": "Update Channel",
-	"update.checkOnStart": "Update Check on Start",
-	"diagnostics.enabled": "Diagnostics Enabled",
-	"diagnostics.flags": "Diagnostics Flags",
-	"diagnostics.otel.enabled": "OpenTelemetry Enabled",
-	"diagnostics.otel.endpoint": "OpenTelemetry Endpoint",
-	"diagnostics.otel.protocol": "OpenTelemetry Protocol",
-	"diagnostics.otel.headers": "OpenTelemetry Headers",
-	"diagnostics.otel.serviceName": "OpenTelemetry Service Name",
-	"diagnostics.otel.traces": "OpenTelemetry Traces Enabled",
-	"diagnostics.otel.metrics": "OpenTelemetry Metrics Enabled",
-	"diagnostics.otel.logs": "OpenTelemetry Logs Enabled",
-	"diagnostics.otel.sampleRate": "OpenTelemetry Trace Sample Rate",
-	"diagnostics.otel.flushIntervalMs": "OpenTelemetry Flush Interval (ms)",
-	"diagnostics.cacheTrace.enabled": "Cache Trace Enabled",
-	"diagnostics.cacheTrace.filePath": "Cache Trace File Path",
-	"diagnostics.cacheTrace.includeMessages": "Cache Trace Include Messages",
-	"diagnostics.cacheTrace.includePrompt": "Cache Trace Include Prompt",
-	"diagnostics.cacheTrace.includeSystem": "Cache Trace Include System",
-	"agents.list.*.identity.avatar": "Identity Avatar",
-	"agents.list.*.skills": "Agent Skill Filter",
-	"gateway.remote.url": "Remote Gateway URL",
-	"gateway.remote.sshTarget": "Remote Gateway SSH Target",
-	"gateway.remote.sshIdentity": "Remote Gateway SSH Identity",
-	"gateway.remote.token": "Remote Gateway Token",
-	"gateway.remote.password": "Remote Gateway Password",
-	"gateway.remote.tlsFingerprint": "Remote Gateway TLS Fingerprint",
-	"gateway.auth.token": "Gateway Token",
-	"gateway.auth.password": "Gateway Password",
-	"tools.media.image.enabled": "Enable Image Understanding",
-	"tools.media.image.maxBytes": "Image Understanding Max Bytes",
-	"tools.media.image.maxChars": "Image Understanding Max Chars",
-	"tools.media.image.prompt": "Image Understanding Prompt",
-	"tools.media.image.timeoutSeconds": "Image Understanding Timeout (sec)",
-	"tools.media.image.attachments": "Image Understanding Attachment Policy",
-	"tools.media.image.models": "Image Understanding Models",
-	"tools.media.image.scope": "Image Understanding Scope",
-	"tools.media.models": "Media Understanding Shared Models",
-	"tools.media.concurrency": "Media Understanding Concurrency",
-	"tools.media.audio.enabled": "Enable Audio Understanding",
-	"tools.media.audio.maxBytes": "Audio Understanding Max Bytes",
-	"tools.media.audio.maxChars": "Audio Understanding Max Chars",
-	"tools.media.audio.prompt": "Audio Understanding Prompt",
-	"tools.media.audio.timeoutSeconds": "Audio Understanding Timeout (sec)",
-	"tools.media.audio.language": "Audio Understanding Language",
-	"tools.media.audio.attachments": "Audio Understanding Attachment Policy",
-	"tools.media.audio.models": "Audio Understanding Models",
-	"tools.media.audio.scope": "Audio Understanding Scope",
-	"tools.media.video.enabled": "Enable Video Understanding",
-	"tools.media.video.maxBytes": "Video Understanding Max Bytes",
-	"tools.media.video.maxChars": "Video Understanding Max Chars",
-	"tools.media.video.prompt": "Video Understanding Prompt",
-	"tools.media.video.timeoutSeconds": "Video Understanding Timeout (sec)",
-	"tools.media.video.attachments": "Video Understanding Attachment Policy",
-	"tools.media.video.models": "Video Understanding Models",
-	"tools.media.video.scope": "Video Understanding Scope",
-	"tools.links.enabled": "Enable Link Understanding",
-	"tools.links.maxLinks": "Link Understanding Max Links",
-	"tools.links.timeoutSeconds": "Link Understanding Timeout (sec)",
-	"tools.links.models": "Link Understanding Models",
-	"tools.links.scope": "Link Understanding Scope",
-	"tools.profile": "Tool Profile",
-	"tools.alsoAllow": "Tool Allowlist Additions",
-	"agents.list[].tools.profile": "Agent Tool Profile",
-	"agents.list[].tools.alsoAllow": "Agent Tool Allowlist Additions",
-	"tools.byProvider": "Tool Policy by Provider",
-	"agents.list[].tools.byProvider": "Agent Tool Policy by Provider",
-	"tools.exec.applyPatch.enabled": "Enable apply_patch",
-	"tools.exec.applyPatch.allowModels": "apply_patch Model Allowlist",
-	"tools.exec.notifyOnExit": "Exec Notify On Exit",
-	"tools.exec.approvalRunningNoticeMs": "Exec Approval Running Notice (ms)",
-	"tools.exec.host": "Exec Host",
-	"tools.exec.security": "Exec Security",
-	"tools.exec.ask": "Exec Ask",
-	"tools.exec.node": "Exec Node Binding",
-	"tools.exec.pathPrepend": "Exec PATH Prepend",
-	"tools.exec.safeBins": "Exec Safe Bins",
-	"tools.message.allowCrossContextSend": "Allow Cross-Context Messaging",
-	"tools.message.crossContext.allowWithinProvider": "Allow Cross-Context (Same Provider)",
-	"tools.message.crossContext.allowAcrossProviders": "Allow Cross-Context (Across Providers)",
-	"tools.message.crossContext.marker.enabled": "Cross-Context Marker",
-	"tools.message.crossContext.marker.prefix": "Cross-Context Marker Prefix",
-	"tools.message.crossContext.marker.suffix": "Cross-Context Marker Suffix",
-	"tools.message.broadcast.enabled": "Enable Message Broadcast",
-	"tools.web.search.enabled": "Enable Web Search Tool",
-	"tools.web.search.provider": "Web Search Provider",
-	"tools.web.search.apiKey": "Brave Search API Key",
-	"tools.web.search.maxResults": "Web Search Max Results",
-	"tools.web.search.timeoutSeconds": "Web Search Timeout (sec)",
-	"tools.web.search.cacheTtlMinutes": "Web Search Cache TTL (min)",
-	"tools.web.fetch.enabled": "Enable Web Fetch Tool",
-	"tools.web.fetch.maxChars": "Web Fetch Max Chars",
-	"tools.web.fetch.timeoutSeconds": "Web Fetch Timeout (sec)",
-	"tools.web.fetch.cacheTtlMinutes": "Web Fetch Cache TTL (min)",
-	"tools.web.fetch.maxRedirects": "Web Fetch Max Redirects",
-	"tools.web.fetch.userAgent": "Web Fetch User-Agent",
-	"gateway.controlUi.basePath": "Control UI Base Path",
-	"gateway.controlUi.root": "Control UI Assets Root",
-	"gateway.controlUi.allowedOrigins": "Control UI Allowed Origins",
-	"gateway.controlUi.allowInsecureAuth": "Allow Insecure Control UI Auth",
-	"gateway.controlUi.dangerouslyDisableDeviceAuth": "Dangerously Disable Control UI Device Auth",
-	"gateway.http.endpoints.chatCompletions.enabled": "OpenAI Chat Completions Endpoint",
-	"gateway.reload.mode": "Config Reload Mode",
-	"gateway.reload.debounceMs": "Config Reload Debounce (ms)",
-	"gateway.nodes.browser.mode": "Gateway Node Browser Mode",
-	"gateway.nodes.browser.node": "Gateway Node Browser Pin",
-	"gateway.nodes.allowCommands": "Gateway Node Allowlist (Extra Commands)",
-	"gateway.nodes.denyCommands": "Gateway Node Denylist",
-	"nodeHost.browserProxy.enabled": "Node Browser Proxy Enabled",
-	"nodeHost.browserProxy.allowProfiles": "Node Browser Proxy Allowed Profiles",
-	"skills.load.watch": "Watch Skills",
-	"skills.load.watchDebounceMs": "Skills Watch Debounce (ms)",
-	"agents.defaults.workspace": "Workspace",
-	"agents.defaults.repoRoot": "Repo Root",
-	"agents.defaults.bootstrapMaxChars": "Bootstrap Max Chars",
-	"agents.defaults.envelopeTimezone": "Envelope Timezone",
-	"agents.defaults.envelopeTimestamp": "Envelope Timestamp",
-	"agents.defaults.envelopeElapsed": "Envelope Elapsed",
-	"agents.defaults.memorySearch": "Memory Search",
-	"agents.defaults.memorySearch.enabled": "Enable Memory Search",
-	"agents.defaults.memorySearch.sources": "Memory Search Sources",
-	"agents.defaults.memorySearch.extraPaths": "Extra Memory Paths",
-	"agents.defaults.memorySearch.experimental.sessionMemory": "Memory Search Session Index (Experimental)",
-	"agents.defaults.memorySearch.provider": "Memory Search Provider",
-	"agents.defaults.memorySearch.remote.baseUrl": "Remote Embedding Base URL",
-	"agents.defaults.memorySearch.remote.apiKey": "Remote Embedding API Key",
-	"agents.defaults.memorySearch.remote.headers": "Remote Embedding Headers",
-	"agents.defaults.memorySearch.remote.batch.concurrency": "Remote Batch Concurrency",
-	"agents.defaults.memorySearch.model": "Memory Search Model",
-	"agents.defaults.memorySearch.fallback": "Memory Search Fallback",
-	"agents.defaults.memorySearch.local.modelPath": "Local Embedding Model Path",
-	"agents.defaults.memorySearch.store.path": "Memory Search Index Path",
-	"agents.defaults.memorySearch.store.vector.enabled": "Memory Search Vector Index",
-	"agents.defaults.memorySearch.store.vector.extensionPath": "Memory Search Vector Extension Path",
-	"agents.defaults.memorySearch.chunking.tokens": "Memory Chunk Tokens",
-	"agents.defaults.memorySearch.chunking.overlap": "Memory Chunk Overlap Tokens",
-	"agents.defaults.memorySearch.sync.onSessionStart": "Index on Session Start",
-	"agents.defaults.memorySearch.sync.onSearch": "Index on Search (Lazy)",
-	"agents.defaults.memorySearch.sync.watch": "Watch Memory Files",
-	"agents.defaults.memorySearch.sync.watchDebounceMs": "Memory Watch Debounce (ms)",
-	"agents.defaults.memorySearch.sync.sessions.deltaBytes": "Session Delta Bytes",
-	"agents.defaults.memorySearch.sync.sessions.deltaMessages": "Session Delta Messages",
-	"agents.defaults.memorySearch.query.maxResults": "Memory Search Max Results",
-	"agents.defaults.memorySearch.query.minScore": "Memory Search Min Score",
-	"agents.defaults.memorySearch.query.hybrid.enabled": "Memory Search Hybrid",
-	"agents.defaults.memorySearch.query.hybrid.vectorWeight": "Memory Search Vector Weight",
-	"agents.defaults.memorySearch.query.hybrid.textWeight": "Memory Search Text Weight",
-	"agents.defaults.memorySearch.query.hybrid.candidateMultiplier": "Memory Search Hybrid Candidate Multiplier",
-	"agents.defaults.memorySearch.cache.enabled": "Memory Search Embedding Cache",
-	"agents.defaults.memorySearch.cache.maxEntries": "Memory Search Embedding Cache Max Entries",
-	memory: "Memory",
-	"memory.backend": "Memory Backend",
-	"memory.citations": "Memory Citations Mode",
-	"memory.qmd.command": "QMD Binary",
-	"memory.qmd.includeDefaultMemory": "QMD Include Default Memory",
-	"memory.qmd.paths": "QMD Extra Paths",
-	"memory.qmd.paths.path": "QMD Path",
-	"memory.qmd.paths.pattern": "QMD Path Pattern",
-	"memory.qmd.paths.name": "QMD Path Name",
-	"memory.qmd.sessions.enabled": "QMD Session Indexing",
-	"memory.qmd.sessions.exportDir": "QMD Session Export Directory",
-	"memory.qmd.sessions.retentionDays": "QMD Session Retention (days)",
-	"memory.qmd.update.interval": "QMD Update Interval",
-	"memory.qmd.update.debounceMs": "QMD Update Debounce (ms)",
-	"memory.qmd.update.onBoot": "QMD Update on Startup",
-	"memory.qmd.update.waitForBootSync": "QMD Wait for Boot Sync",
-	"memory.qmd.update.embedInterval": "QMD Embed Interval",
-	"memory.qmd.update.commandTimeoutMs": "QMD Command Timeout (ms)",
-	"memory.qmd.update.updateTimeoutMs": "QMD Update Timeout (ms)",
-	"memory.qmd.update.embedTimeoutMs": "QMD Embed Timeout (ms)",
-	"memory.qmd.limits.maxResults": "QMD Max Results",
-	"memory.qmd.limits.maxSnippetChars": "QMD Max Snippet Chars",
-	"memory.qmd.limits.maxInjectedChars": "QMD Max Injected Chars",
-	"memory.qmd.limits.timeoutMs": "QMD Search Timeout (ms)",
-	"memory.qmd.scope": "QMD Surface Scope",
-	"auth.profiles": "Auth Profiles",
-	"auth.order": "Auth Profile Order",
-	"auth.cooldowns.billingBackoffHours": "Billing Backoff (hours)",
-	"auth.cooldowns.billingBackoffHoursByProvider": "Billing Backoff Overrides",
-	"auth.cooldowns.billingMaxHours": "Billing Backoff Cap (hours)",
-	"auth.cooldowns.failureWindowHours": "Failover Window (hours)",
-	"agents.defaults.models": "Models",
-	"agents.defaults.model.primary": "Primary Model",
-	"agents.defaults.model.fallbacks": "Model Fallbacks",
-	"agents.defaults.imageModel.primary": "Image Model",
-	"agents.defaults.imageModel.fallbacks": "Image Model Fallbacks",
-	"agents.defaults.humanDelay.mode": "Human Delay Mode",
-	"agents.defaults.humanDelay.minMs": "Human Delay Min (ms)",
-	"agents.defaults.humanDelay.maxMs": "Human Delay Max (ms)",
-	"agents.defaults.cliBackends": "CLI Backends",
-	"commands.native": "Native Commands",
-	"commands.nativeSkills": "Native Skill Commands",
-	"commands.text": "Text Commands",
-	"commands.bash": "Allow Bash Chat Command",
-	"commands.bashForegroundMs": "Bash Foreground Window (ms)",
-	"commands.config": "Allow /config",
-	"commands.debug": "Allow /debug",
-	"commands.restart": "Allow Restart",
-	"commands.useAccessGroups": "Use Access Groups",
-	"commands.ownerAllowFrom": "Command Owners",
-	"commands.allowFrom": "Command Access Allowlist",
-	"ui.seamColor": "Accent Color",
-	"ui.assistant.name": "Assistant Name",
-	"ui.assistant.avatar": "Assistant Avatar",
-	"browser.evaluateEnabled": "Browser Evaluate Enabled",
-	"browser.snapshotDefaults": "Browser Snapshot Defaults",
-	"browser.snapshotDefaults.mode": "Browser Snapshot Mode",
-	"browser.remoteCdpTimeoutMs": "Remote CDP Timeout (ms)",
-	"browser.remoteCdpHandshakeTimeoutMs": "Remote CDP Handshake Timeout (ms)",
-	"session.dmScope": "DM Session Scope",
-	"session.agentToAgent.maxPingPongTurns": "Agent-to-Agent Ping-Pong Turns",
-	"messages.ackReaction": "Ack Reaction Emoji",
-	"messages.ackReactionScope": "Ack Reaction Scope",
-	"messages.inbound.debounceMs": "Inbound Message Debounce (ms)",
-	"talk.apiKey": "Talk API Key",
-	"channels.whatsapp": "WhatsApp",
-	"channels.telegram": "Telegram",
-	"channels.telegram.customCommands": "Telegram Custom Commands",
-	"channels.discord": "Discord",
-	"channels.slack": "Slack",
-	"channels.mattermost": "Mattermost",
-	"channels.signal": "Signal",
-	"channels.imessage": "iMessage",
-	"channels.bluebubbles": "BlueBubbles",
-	"channels.msteams": "MS Teams",
-	"channels.telegram.botToken": "Telegram Bot Token",
-	"channels.telegram.dmPolicy": "Telegram DM Policy",
-	"channels.telegram.streamMode": "Telegram Draft Stream Mode",
-	"channels.telegram.draftChunk.minChars": "Telegram Draft Chunk Min Chars",
-	"channels.telegram.draftChunk.maxChars": "Telegram Draft Chunk Max Chars",
-	"channels.telegram.draftChunk.breakPreference": "Telegram Draft Chunk Break Preference",
-	"channels.telegram.retry.attempts": "Telegram Retry Attempts",
-	"channels.telegram.retry.minDelayMs": "Telegram Retry Min Delay (ms)",
-	"channels.telegram.retry.maxDelayMs": "Telegram Retry Max Delay (ms)",
-	"channels.telegram.retry.jitter": "Telegram Retry Jitter",
-	"channels.telegram.network.autoSelectFamily": "Telegram autoSelectFamily",
-	"channels.telegram.timeoutSeconds": "Telegram API Timeout (seconds)",
-	"channels.telegram.capabilities.inlineButtons": "Telegram Inline Buttons",
-	"channels.whatsapp.dmPolicy": "WhatsApp DM Policy",
-	"channels.whatsapp.selfChatMode": "WhatsApp Self-Phone Mode",
-	"channels.whatsapp.debounceMs": "WhatsApp Message Debounce (ms)",
-	"channels.signal.dmPolicy": "Signal DM Policy",
-	"channels.imessage.dmPolicy": "iMessage DM Policy",
-	"channels.bluebubbles.dmPolicy": "BlueBubbles DM Policy",
-	"channels.discord.dm.policy": "Discord DM Policy",
-	"channels.discord.retry.attempts": "Discord Retry Attempts",
-	"channels.discord.retry.minDelayMs": "Discord Retry Min Delay (ms)",
-	"channels.discord.retry.maxDelayMs": "Discord Retry Max Delay (ms)",
-	"channels.discord.retry.jitter": "Discord Retry Jitter",
-	"channels.discord.maxLinesPerMessage": "Discord Max Lines Per Message",
-	"channels.discord.intents.presence": "Discord Presence Intent",
-	"channels.discord.intents.guildMembers": "Discord Guild Members Intent",
-	"channels.discord.pluralkit.enabled": "Discord PluralKit Enabled",
-	"channels.discord.pluralkit.token": "Discord PluralKit Token",
-	"channels.slack.dm.policy": "Slack DM Policy",
-	"channels.slack.allowBots": "Slack Allow Bot Messages",
-	"channels.discord.token": "Discord Bot Token",
-	"channels.slack.botToken": "Slack Bot Token",
-	"channels.slack.appToken": "Slack App Token",
-	"channels.slack.userToken": "Slack User Token",
-	"channels.slack.userTokenReadOnly": "Slack User Token Read Only",
-	"channels.slack.thread.historyScope": "Slack Thread History Scope",
-	"channels.slack.thread.inheritParent": "Slack Thread Parent Inheritance",
-	"channels.mattermost.botToken": "Mattermost Bot Token",
-	"channels.mattermost.baseUrl": "Mattermost Base URL",
-	"channels.mattermost.chatmode": "Mattermost Chat Mode",
-	"channels.mattermost.oncharPrefixes": "Mattermost Onchar Prefixes",
-	"channels.mattermost.requireMention": "Mattermost Require Mention",
-	"channels.signal.account": "Signal Account",
-	"channels.imessage.cliPath": "iMessage CLI Path",
-	"agents.list[].skills": "Agent Skill Filter",
-	"agents.list[].identity.avatar": "Agent Avatar",
-	"discovery.mdns.mode": "mDNS Discovery Mode",
-	"plugins.enabled": "Enable Plugins",
-	"plugins.allow": "Plugin Allowlist",
-	"plugins.deny": "Plugin Denylist",
-	"plugins.load.paths": "Plugin Load Paths",
-	"plugins.slots": "Plugin Slots",
-	"plugins.slots.memory": "Memory Plugin",
-	"plugins.entries": "Plugin Entries",
-	"plugins.entries.*.enabled": "Plugin Enabled",
-	"plugins.entries.*.config": "Plugin Config",
-	"plugins.installs": "Plugin Install Records",
-	"plugins.installs.*.source": "Plugin Install Source",
-	"plugins.installs.*.spec": "Plugin Install Spec",
-	"plugins.installs.*.sourcePath": "Plugin Install Source Path",
-	"plugins.installs.*.installPath": "Plugin Install Path",
-	"plugins.installs.*.version": "Plugin Install Version",
-	"plugins.installs.*.installedAt": "Plugin Install Time"
+const IRC_FIELD_HELP = {
+	"channels.irc.configWrites": "Allow IRC to write config in response to channel events/commands (default: true).",
+	"channels.irc.dmPolicy": "Direct message access control (\"pairing\" recommended). \"open\" requires channels.irc.allowFrom=[\"*\"].",
+	"channels.irc.nickserv.enabled": "Enable NickServ identify/register after connect (defaults to enabled when password is configured).",
+	"channels.irc.nickserv.service": "NickServ service nick (default: NickServ).",
+	"channels.irc.nickserv.password": "NickServ password used for IDENTIFY/REGISTER (sensitive).",
+	"channels.irc.nickserv.passwordFile": "Optional file path containing NickServ password.",
+	"channels.irc.nickserv.register": "If true, send NickServ REGISTER on every connect. Use once for initial registration, then disable.",
+	"channels.irc.nickserv.registerEmail": "Email used with NickServ REGISTER (required when register=true)."
 };
+
+//#endregion
+//#region src/config/schema.help.ts
 const FIELD_HELP = {
 	"meta.lastTouchedVersion": "Auto-set when OpenClaw writes the config.",
 	"meta.lastTouchedAt": "ISO timestamp of the last config write (auto-set).",
@@ -7810,6 +7337,7 @@ const FIELD_HELP = {
 	"channels.slack.allowBots": "Allow bot-authored messages to trigger Slack replies (default: false).",
 	"channels.slack.thread.historyScope": "Scope for Slack thread history context (\"thread\" isolates per thread; \"channel\" reuses channel history).",
 	"channels.slack.thread.inheritParent": "If true, Slack thread sessions inherit the parent channel transcript (default: false).",
+	"channels.slack.thread.initialHistoryLimit": "Maximum number of existing Slack thread messages to fetch when starting a new thread session (default: 20, set to 0 to disable).",
 	"channels.mattermost.botToken": "Bot token from Mattermost System Console -> Integrations -> Bot Accounts.",
 	"channels.mattermost.baseUrl": "Base URL for your Mattermost server (e.g., https://chat.example.com).",
 	"channels.mattermost.chatmode": "Reply to channel messages on mention (\"oncall\"), on trigger chars (\">\" or \"!\") (\"onchar\"), or on every message (\"onmessage\").",
@@ -7835,7 +7363,7 @@ const FIELD_HELP = {
 	"agents.defaults.memorySearch.remote.baseUrl": "Custom base URL for remote embeddings (OpenAI-compatible proxies or Gemini overrides).",
 	"agents.defaults.memorySearch.remote.apiKey": "Custom API key for the remote embedding provider.",
 	"agents.defaults.memorySearch.remote.headers": "Extra headers for remote embeddings (merged; remote overrides OpenAI headers).",
-	"agents.defaults.memorySearch.remote.batch.enabled": "Enable batch API for memory embeddings (OpenAI/Gemini/Voyage; default: false).",
+	"agents.defaults.memorySearch.remote.batch.enabled": "Enable batch API for memory embeddings (OpenAI/Gemini; default: true).",
 	"agents.defaults.memorySearch.remote.batch.wait": "Wait for batch completion when indexing (default: true).",
 	"agents.defaults.memorySearch.remote.batch.concurrency": "Max concurrent embedding batch jobs for memory indexing (default: 2).",
 	"agents.defaults.memorySearch.remote.batch.pollIntervalMs": "Polling interval in ms for batch status (default: 2000).",
@@ -7915,7 +7443,6 @@ const FIELD_HELP = {
 	"commands.restart": "Allow /restart and gateway restart tool actions (default: false).",
 	"commands.useAccessGroups": "Enforce access-group allowlists/policies for commands.",
 	"commands.ownerAllowFrom": "Explicit owner allowlist for owner-only tools/commands. Use channel-native IDs (optionally prefixed like \"whatsapp:+15551234567\"). '*' is ignored.",
-	"commands.allowFrom": "Per-provider allowlist restricting who can use slash commands. If set, overrides the channel's allowFrom for command authorization. Use '*' key for global default; provider-specific keys (e.g. 'discord') override the global. Example: { \"*\": [\"user1\"], \"discord\": [\"user:123\"] }.",
 	"session.dmScope": "DM session scoping: \"main\" keeps continuity; \"per-peer\", \"per-channel-peer\", or \"per-account-channel-peer\" isolates DM history (recommended for shared inboxes/multi-account).",
 	"session.identityLinks": "Map canonical identities to provider-prefixed peer IDs for DM session linking (example: telegram:123456).",
 	"channels.telegram.configWrites": "Allow Telegram to write config in response to channel events/commands (default: true).",
@@ -7926,6 +7453,7 @@ const FIELD_HELP = {
 	"channels.signal.configWrites": "Allow Signal to write config in response to channel events/commands (default: true).",
 	"channels.imessage.configWrites": "Allow iMessage to write config in response to channel events/commands (default: true).",
 	"channels.msteams.configWrites": "Allow Microsoft Teams to write config in response to channel events/commands (default: true).",
+	...IRC_FIELD_HELP,
 	"channels.discord.commands.native": "Override native commands for Discord (bool or \"auto\").",
 	"channels.discord.commands.nativeSkills": "Override native skill commands for Discord (bool or \"auto\").",
 	"channels.telegram.commands.native": "Override native commands for Telegram (bool or \"auto\").",
@@ -7966,6 +7494,361 @@ const FIELD_HELP = {
 	"channels.discord.pluralkit.token": "Optional PluralKit token for resolving private systems or members.",
 	"channels.slack.dm.policy": "Direct message access control (\"pairing\" recommended). \"open\" requires channels.slack.dm.allowFrom=[\"*\"]."
 };
+
+//#endregion
+//#region src/config/schema.labels.ts
+const FIELD_LABELS = {
+	"meta.lastTouchedVersion": "Config Last Touched Version",
+	"meta.lastTouchedAt": "Config Last Touched At",
+	"update.channel": "Update Channel",
+	"update.checkOnStart": "Update Check on Start",
+	"diagnostics.enabled": "Diagnostics Enabled",
+	"diagnostics.flags": "Diagnostics Flags",
+	"diagnostics.otel.enabled": "OpenTelemetry Enabled",
+	"diagnostics.otel.endpoint": "OpenTelemetry Endpoint",
+	"diagnostics.otel.protocol": "OpenTelemetry Protocol",
+	"diagnostics.otel.headers": "OpenTelemetry Headers",
+	"diagnostics.otel.serviceName": "OpenTelemetry Service Name",
+	"diagnostics.otel.traces": "OpenTelemetry Traces Enabled",
+	"diagnostics.otel.metrics": "OpenTelemetry Metrics Enabled",
+	"diagnostics.otel.logs": "OpenTelemetry Logs Enabled",
+	"diagnostics.otel.sampleRate": "OpenTelemetry Trace Sample Rate",
+	"diagnostics.otel.flushIntervalMs": "OpenTelemetry Flush Interval (ms)",
+	"diagnostics.cacheTrace.enabled": "Cache Trace Enabled",
+	"diagnostics.cacheTrace.filePath": "Cache Trace File Path",
+	"diagnostics.cacheTrace.includeMessages": "Cache Trace Include Messages",
+	"diagnostics.cacheTrace.includePrompt": "Cache Trace Include Prompt",
+	"diagnostics.cacheTrace.includeSystem": "Cache Trace Include System",
+	"agents.list.*.identity.avatar": "Identity Avatar",
+	"agents.list.*.skills": "Agent Skill Filter",
+	"gateway.remote.url": "Remote Gateway URL",
+	"gateway.remote.sshTarget": "Remote Gateway SSH Target",
+	"gateway.remote.sshIdentity": "Remote Gateway SSH Identity",
+	"gateway.remote.token": "Remote Gateway Token",
+	"gateway.remote.password": "Remote Gateway Password",
+	"gateway.remote.tlsFingerprint": "Remote Gateway TLS Fingerprint",
+	"gateway.auth.token": "Gateway Token",
+	"gateway.auth.password": "Gateway Password",
+	"tools.media.image.enabled": "Enable Image Understanding",
+	"tools.media.image.maxBytes": "Image Understanding Max Bytes",
+	"tools.media.image.maxChars": "Image Understanding Max Chars",
+	"tools.media.image.prompt": "Image Understanding Prompt",
+	"tools.media.image.timeoutSeconds": "Image Understanding Timeout (sec)",
+	"tools.media.image.attachments": "Image Understanding Attachment Policy",
+	"tools.media.image.models": "Image Understanding Models",
+	"tools.media.image.scope": "Image Understanding Scope",
+	"tools.media.models": "Media Understanding Shared Models",
+	"tools.media.concurrency": "Media Understanding Concurrency",
+	"tools.media.audio.enabled": "Enable Audio Understanding",
+	"tools.media.audio.maxBytes": "Audio Understanding Max Bytes",
+	"tools.media.audio.maxChars": "Audio Understanding Max Chars",
+	"tools.media.audio.prompt": "Audio Understanding Prompt",
+	"tools.media.audio.timeoutSeconds": "Audio Understanding Timeout (sec)",
+	"tools.media.audio.language": "Audio Understanding Language",
+	"tools.media.audio.attachments": "Audio Understanding Attachment Policy",
+	"tools.media.audio.models": "Audio Understanding Models",
+	"tools.media.audio.scope": "Audio Understanding Scope",
+	"tools.media.video.enabled": "Enable Video Understanding",
+	"tools.media.video.maxBytes": "Video Understanding Max Bytes",
+	"tools.media.video.maxChars": "Video Understanding Max Chars",
+	"tools.media.video.prompt": "Video Understanding Prompt",
+	"tools.media.video.timeoutSeconds": "Video Understanding Timeout (sec)",
+	"tools.media.video.attachments": "Video Understanding Attachment Policy",
+	"tools.media.video.models": "Video Understanding Models",
+	"tools.media.video.scope": "Video Understanding Scope",
+	"tools.links.enabled": "Enable Link Understanding",
+	"tools.links.maxLinks": "Link Understanding Max Links",
+	"tools.links.timeoutSeconds": "Link Understanding Timeout (sec)",
+	"tools.links.models": "Link Understanding Models",
+	"tools.links.scope": "Link Understanding Scope",
+	"tools.profile": "Tool Profile",
+	"tools.alsoAllow": "Tool Allowlist Additions",
+	"agents.list[].tools.profile": "Agent Tool Profile",
+	"agents.list[].tools.alsoAllow": "Agent Tool Allowlist Additions",
+	"tools.byProvider": "Tool Policy by Provider",
+	"agents.list[].tools.byProvider": "Agent Tool Policy by Provider",
+	"tools.exec.applyPatch.enabled": "Enable apply_patch",
+	"tools.exec.applyPatch.allowModels": "apply_patch Model Allowlist",
+	"tools.exec.notifyOnExit": "Exec Notify On Exit",
+	"tools.exec.approvalRunningNoticeMs": "Exec Approval Running Notice (ms)",
+	"tools.exec.host": "Exec Host",
+	"tools.exec.security": "Exec Security",
+	"tools.exec.ask": "Exec Ask",
+	"tools.exec.node": "Exec Node Binding",
+	"tools.exec.pathPrepend": "Exec PATH Prepend",
+	"tools.exec.safeBins": "Exec Safe Bins",
+	"tools.message.allowCrossContextSend": "Allow Cross-Context Messaging",
+	"tools.message.crossContext.allowWithinProvider": "Allow Cross-Context (Same Provider)",
+	"tools.message.crossContext.allowAcrossProviders": "Allow Cross-Context (Across Providers)",
+	"tools.message.crossContext.marker.enabled": "Cross-Context Marker",
+	"tools.message.crossContext.marker.prefix": "Cross-Context Marker Prefix",
+	"tools.message.crossContext.marker.suffix": "Cross-Context Marker Suffix",
+	"tools.message.broadcast.enabled": "Enable Message Broadcast",
+	"tools.web.search.enabled": "Enable Web Search Tool",
+	"tools.web.search.provider": "Web Search Provider",
+	"tools.web.search.apiKey": "Brave Search API Key",
+	"tools.web.search.maxResults": "Web Search Max Results",
+	"tools.web.search.timeoutSeconds": "Web Search Timeout (sec)",
+	"tools.web.search.cacheTtlMinutes": "Web Search Cache TTL (min)",
+	"tools.web.fetch.enabled": "Enable Web Fetch Tool",
+	"tools.web.fetch.maxChars": "Web Fetch Max Chars",
+	"tools.web.fetch.timeoutSeconds": "Web Fetch Timeout (sec)",
+	"tools.web.fetch.cacheTtlMinutes": "Web Fetch Cache TTL (min)",
+	"tools.web.fetch.maxRedirects": "Web Fetch Max Redirects",
+	"tools.web.fetch.userAgent": "Web Fetch User-Agent",
+	"gateway.controlUi.basePath": "Control UI Base Path",
+	"gateway.controlUi.root": "Control UI Assets Root",
+	"gateway.controlUi.allowedOrigins": "Control UI Allowed Origins",
+	"gateway.controlUi.allowInsecureAuth": "Allow Insecure Control UI Auth",
+	"gateway.controlUi.dangerouslyDisableDeviceAuth": "Dangerously Disable Control UI Device Auth",
+	"gateway.http.endpoints.chatCompletions.enabled": "OpenAI Chat Completions Endpoint",
+	"gateway.reload.mode": "Config Reload Mode",
+	"gateway.reload.debounceMs": "Config Reload Debounce (ms)",
+	"gateway.nodes.browser.mode": "Gateway Node Browser Mode",
+	"gateway.nodes.browser.node": "Gateway Node Browser Pin",
+	"gateway.nodes.allowCommands": "Gateway Node Allowlist (Extra Commands)",
+	"gateway.nodes.denyCommands": "Gateway Node Denylist",
+	"nodeHost.browserProxy.enabled": "Node Browser Proxy Enabled",
+	"nodeHost.browserProxy.allowProfiles": "Node Browser Proxy Allowed Profiles",
+	"skills.load.watch": "Watch Skills",
+	"skills.load.watchDebounceMs": "Skills Watch Debounce (ms)",
+	"agents.defaults.workspace": "Workspace",
+	"agents.defaults.repoRoot": "Repo Root",
+	"agents.defaults.bootstrapMaxChars": "Bootstrap Max Chars",
+	"agents.defaults.envelopeTimezone": "Envelope Timezone",
+	"agents.defaults.envelopeTimestamp": "Envelope Timestamp",
+	"agents.defaults.envelopeElapsed": "Envelope Elapsed",
+	"agents.defaults.memorySearch": "Memory Search",
+	"agents.defaults.memorySearch.enabled": "Enable Memory Search",
+	"agents.defaults.memorySearch.sources": "Memory Search Sources",
+	"agents.defaults.memorySearch.extraPaths": "Extra Memory Paths",
+	"agents.defaults.memorySearch.experimental.sessionMemory": "Memory Search Session Index (Experimental)",
+	"agents.defaults.memorySearch.provider": "Memory Search Provider",
+	"agents.defaults.memorySearch.remote.baseUrl": "Remote Embedding Base URL",
+	"agents.defaults.memorySearch.remote.apiKey": "Remote Embedding API Key",
+	"agents.defaults.memorySearch.remote.headers": "Remote Embedding Headers",
+	"agents.defaults.memorySearch.remote.batch.concurrency": "Remote Batch Concurrency",
+	"agents.defaults.memorySearch.model": "Memory Search Model",
+	"agents.defaults.memorySearch.fallback": "Memory Search Fallback",
+	"agents.defaults.memorySearch.local.modelPath": "Local Embedding Model Path",
+	"agents.defaults.memorySearch.store.path": "Memory Search Index Path",
+	"agents.defaults.memorySearch.store.vector.enabled": "Memory Search Vector Index",
+	"agents.defaults.memorySearch.store.vector.extensionPath": "Memory Search Vector Extension Path",
+	"agents.defaults.memorySearch.chunking.tokens": "Memory Chunk Tokens",
+	"agents.defaults.memorySearch.chunking.overlap": "Memory Chunk Overlap Tokens",
+	"agents.defaults.memorySearch.sync.onSessionStart": "Index on Session Start",
+	"agents.defaults.memorySearch.sync.onSearch": "Index on Search (Lazy)",
+	"agents.defaults.memorySearch.sync.watch": "Watch Memory Files",
+	"agents.defaults.memorySearch.sync.watchDebounceMs": "Memory Watch Debounce (ms)",
+	"agents.defaults.memorySearch.sync.sessions.deltaBytes": "Session Delta Bytes",
+	"agents.defaults.memorySearch.sync.sessions.deltaMessages": "Session Delta Messages",
+	"agents.defaults.memorySearch.query.maxResults": "Memory Search Max Results",
+	"agents.defaults.memorySearch.query.minScore": "Memory Search Min Score",
+	"agents.defaults.memorySearch.query.hybrid.enabled": "Memory Search Hybrid",
+	"agents.defaults.memorySearch.query.hybrid.vectorWeight": "Memory Search Vector Weight",
+	"agents.defaults.memorySearch.query.hybrid.textWeight": "Memory Search Text Weight",
+	"agents.defaults.memorySearch.query.hybrid.candidateMultiplier": "Memory Search Hybrid Candidate Multiplier",
+	"agents.defaults.memorySearch.cache.enabled": "Memory Search Embedding Cache",
+	"agents.defaults.memorySearch.cache.maxEntries": "Memory Search Embedding Cache Max Entries",
+	memory: "Memory",
+	"memory.backend": "Memory Backend",
+	"memory.citations": "Memory Citations Mode",
+	"memory.qmd.command": "QMD Binary",
+	"memory.qmd.includeDefaultMemory": "QMD Include Default Memory",
+	"memory.qmd.paths": "QMD Extra Paths",
+	"memory.qmd.paths.path": "QMD Path",
+	"memory.qmd.paths.pattern": "QMD Path Pattern",
+	"memory.qmd.paths.name": "QMD Path Name",
+	"memory.qmd.sessions.enabled": "QMD Session Indexing",
+	"memory.qmd.sessions.exportDir": "QMD Session Export Directory",
+	"memory.qmd.sessions.retentionDays": "QMD Session Retention (days)",
+	"memory.qmd.update.interval": "QMD Update Interval",
+	"memory.qmd.update.debounceMs": "QMD Update Debounce (ms)",
+	"memory.qmd.update.onBoot": "QMD Update on Startup",
+	"memory.qmd.update.waitForBootSync": "QMD Wait for Boot Sync",
+	"memory.qmd.update.embedInterval": "QMD Embed Interval",
+	"memory.qmd.update.commandTimeoutMs": "QMD Command Timeout (ms)",
+	"memory.qmd.update.updateTimeoutMs": "QMD Update Timeout (ms)",
+	"memory.qmd.update.embedTimeoutMs": "QMD Embed Timeout (ms)",
+	"memory.qmd.limits.maxResults": "QMD Max Results",
+	"memory.qmd.limits.maxSnippetChars": "QMD Max Snippet Chars",
+	"memory.qmd.limits.maxInjectedChars": "QMD Max Injected Chars",
+	"memory.qmd.limits.timeoutMs": "QMD Search Timeout (ms)",
+	"memory.qmd.scope": "QMD Surface Scope",
+	"auth.profiles": "Auth Profiles",
+	"auth.order": "Auth Profile Order",
+	"auth.cooldowns.billingBackoffHours": "Billing Backoff (hours)",
+	"auth.cooldowns.billingBackoffHoursByProvider": "Billing Backoff Overrides",
+	"auth.cooldowns.billingMaxHours": "Billing Backoff Cap (hours)",
+	"auth.cooldowns.failureWindowHours": "Failover Window (hours)",
+	"agents.defaults.models": "Models",
+	"agents.defaults.model.primary": "Primary Model",
+	"agents.defaults.model.fallbacks": "Model Fallbacks",
+	"agents.defaults.imageModel.primary": "Image Model",
+	"agents.defaults.imageModel.fallbacks": "Image Model Fallbacks",
+	"agents.defaults.humanDelay.mode": "Human Delay Mode",
+	"agents.defaults.humanDelay.minMs": "Human Delay Min (ms)",
+	"agents.defaults.humanDelay.maxMs": "Human Delay Max (ms)",
+	"agents.defaults.cliBackends": "CLI Backends",
+	"commands.native": "Native Commands",
+	"commands.nativeSkills": "Native Skill Commands",
+	"commands.text": "Text Commands",
+	"commands.bash": "Allow Bash Chat Command",
+	"commands.bashForegroundMs": "Bash Foreground Window (ms)",
+	"commands.config": "Allow /config",
+	"commands.debug": "Allow /debug",
+	"commands.restart": "Allow Restart",
+	"commands.useAccessGroups": "Use Access Groups",
+	"commands.ownerAllowFrom": "Command Owners",
+	"ui.seamColor": "Accent Color",
+	"ui.assistant.name": "Assistant Name",
+	"ui.assistant.avatar": "Assistant Avatar",
+	"browser.evaluateEnabled": "Browser Evaluate Enabled",
+	"browser.snapshotDefaults": "Browser Snapshot Defaults",
+	"browser.snapshotDefaults.mode": "Browser Snapshot Mode",
+	"browser.remoteCdpTimeoutMs": "Remote CDP Timeout (ms)",
+	"browser.remoteCdpHandshakeTimeoutMs": "Remote CDP Handshake Timeout (ms)",
+	"session.dmScope": "DM Session Scope",
+	"session.agentToAgent.maxPingPongTurns": "Agent-to-Agent Ping-Pong Turns",
+	"messages.ackReaction": "Ack Reaction Emoji",
+	"messages.ackReactionScope": "Ack Reaction Scope",
+	"messages.inbound.debounceMs": "Inbound Message Debounce (ms)",
+	"talk.apiKey": "Talk API Key",
+	"channels.whatsapp": "WhatsApp",
+	"channels.telegram": "Telegram",
+	"channels.telegram.customCommands": "Telegram Custom Commands",
+	"channels.discord": "Discord",
+	"channels.slack": "Slack",
+	"channels.mattermost": "Mattermost",
+	"channels.signal": "Signal",
+	"channels.imessage": "iMessage",
+	"channels.bluebubbles": "BlueBubbles",
+	"channels.msteams": "MS Teams",
+	...IRC_FIELD_LABELS,
+	"channels.telegram.botToken": "Telegram Bot Token",
+	"channels.telegram.dmPolicy": "Telegram DM Policy",
+	"channels.telegram.streamMode": "Telegram Draft Stream Mode",
+	"channels.telegram.draftChunk.minChars": "Telegram Draft Chunk Min Chars",
+	"channels.telegram.draftChunk.maxChars": "Telegram Draft Chunk Max Chars",
+	"channels.telegram.draftChunk.breakPreference": "Telegram Draft Chunk Break Preference",
+	"channels.telegram.retry.attempts": "Telegram Retry Attempts",
+	"channels.telegram.retry.minDelayMs": "Telegram Retry Min Delay (ms)",
+	"channels.telegram.retry.maxDelayMs": "Telegram Retry Max Delay (ms)",
+	"channels.telegram.retry.jitter": "Telegram Retry Jitter",
+	"channels.telegram.network.autoSelectFamily": "Telegram autoSelectFamily",
+	"channels.telegram.timeoutSeconds": "Telegram API Timeout (seconds)",
+	"channels.telegram.capabilities.inlineButtons": "Telegram Inline Buttons",
+	"channels.whatsapp.dmPolicy": "WhatsApp DM Policy",
+	"channels.whatsapp.selfChatMode": "WhatsApp Self-Phone Mode",
+	"channels.whatsapp.debounceMs": "WhatsApp Message Debounce (ms)",
+	"channels.signal.dmPolicy": "Signal DM Policy",
+	"channels.imessage.dmPolicy": "iMessage DM Policy",
+	"channels.bluebubbles.dmPolicy": "BlueBubbles DM Policy",
+	"channels.discord.dm.policy": "Discord DM Policy",
+	"channels.discord.retry.attempts": "Discord Retry Attempts",
+	"channels.discord.retry.minDelayMs": "Discord Retry Min Delay (ms)",
+	"channels.discord.retry.maxDelayMs": "Discord Retry Max Delay (ms)",
+	"channels.discord.retry.jitter": "Discord Retry Jitter",
+	"channels.discord.maxLinesPerMessage": "Discord Max Lines Per Message",
+	"channels.discord.intents.presence": "Discord Presence Intent",
+	"channels.discord.intents.guildMembers": "Discord Guild Members Intent",
+	"channels.discord.pluralkit.enabled": "Discord PluralKit Enabled",
+	"channels.discord.pluralkit.token": "Discord PluralKit Token",
+	"channels.slack.dm.policy": "Slack DM Policy",
+	"channels.slack.allowBots": "Slack Allow Bot Messages",
+	"channels.discord.token": "Discord Bot Token",
+	"channels.slack.botToken": "Slack Bot Token",
+	"channels.slack.appToken": "Slack App Token",
+	"channels.slack.userToken": "Slack User Token",
+	"channels.slack.userTokenReadOnly": "Slack User Token Read Only",
+	"channels.slack.thread.historyScope": "Slack Thread History Scope",
+	"channels.slack.thread.inheritParent": "Slack Thread Parent Inheritance",
+	"channels.slack.thread.initialHistoryLimit": "Slack Thread Initial History Limit",
+	"channels.mattermost.botToken": "Mattermost Bot Token",
+	"channels.mattermost.baseUrl": "Mattermost Base URL",
+	"channels.mattermost.chatmode": "Mattermost Chat Mode",
+	"channels.mattermost.oncharPrefixes": "Mattermost Onchar Prefixes",
+	"channels.mattermost.requireMention": "Mattermost Require Mention",
+	"channels.signal.account": "Signal Account",
+	"channels.imessage.cliPath": "iMessage CLI Path",
+	"agents.list[].skills": "Agent Skill Filter",
+	"agents.list[].identity.avatar": "Agent Avatar",
+	"discovery.mdns.mode": "mDNS Discovery Mode",
+	"plugins.enabled": "Enable Plugins",
+	"plugins.allow": "Plugin Allowlist",
+	"plugins.deny": "Plugin Denylist",
+	"plugins.load.paths": "Plugin Load Paths",
+	"plugins.slots": "Plugin Slots",
+	"plugins.slots.memory": "Memory Plugin",
+	"plugins.entries": "Plugin Entries",
+	"plugins.entries.*.enabled": "Plugin Enabled",
+	"plugins.entries.*.config": "Plugin Config",
+	"plugins.installs": "Plugin Install Records",
+	"plugins.installs.*.source": "Plugin Install Source",
+	"plugins.installs.*.spec": "Plugin Install Spec",
+	"plugins.installs.*.sourcePath": "Plugin Install Source Path",
+	"plugins.installs.*.installPath": "Plugin Install Path",
+	"plugins.installs.*.version": "Plugin Install Version",
+	"plugins.installs.*.installedAt": "Plugin Install Time"
+};
+
+//#endregion
+//#region src/config/schema.hints.ts
+const log$3 = createSubsystemLogger("config/schema");
+const GROUP_LABELS = {
+	wizard: "Wizard",
+	update: "Update",
+	diagnostics: "Diagnostics",
+	logging: "Logging",
+	gateway: "Gateway",
+	nodeHost: "Node Host",
+	agents: "Agents",
+	tools: "Tools",
+	bindings: "Bindings",
+	audio: "Audio",
+	models: "Models",
+	messages: "Messages",
+	commands: "Commands",
+	session: "Session",
+	cron: "Cron",
+	hooks: "Hooks",
+	ui: "UI",
+	browser: "Browser",
+	talk: "Talk",
+	channels: "Messaging Channels",
+	skills: "Skills",
+	plugins: "Plugins",
+	discovery: "Discovery",
+	presence: "Presence",
+	voicewake: "Voice Wake"
+};
+const GROUP_ORDER = {
+	wizard: 20,
+	update: 25,
+	diagnostics: 27,
+	gateway: 30,
+	nodeHost: 35,
+	agents: 40,
+	tools: 50,
+	bindings: 55,
+	audio: 60,
+	models: 70,
+	messages: 80,
+	commands: 85,
+	session: 90,
+	cron: 100,
+	hooks: 110,
+	ui: 120,
+	browser: 130,
+	talk: 140,
+	channels: 150,
+	skills: 200,
+	plugins: 205,
+	discovery: 210,
+	presence: 220,
+	voicewake: 230,
+	logging: 900
+};
 const FIELD_PLACEHOLDERS = {
 	"gateway.remote.url": "ws://host:18789",
 	"gateway.remote.tlsFingerprint": "sha256:ab12cd34…",
@@ -7976,15 +7859,430 @@ const FIELD_PLACEHOLDERS = {
 	"channels.mattermost.baseUrl": "https://chat.example.com",
 	"agents.list[].identity.avatar": "avatars/openclaw.png"
 };
-const SENSITIVE_PATTERNS = [
-	/token/i,
-	/password/i,
-	/secret/i,
-	/api.?key/i
-];
-function isSensitivePath(path) {
-	return SENSITIVE_PATTERNS.some((pattern) => pattern.test(path));
+/**
+* Non-sensitive field names that happen to match sensitive patterns.
+* These are explicitly excluded from redaction (plugin config) and
+* warnings about not being marked sensitive (base config).
+*/
+const SENSITIVE_KEY_WHITELIST = new Set([
+	"maxtokens",
+	"maxoutputtokens",
+	"maxinputtokens",
+	"maxcompletiontokens",
+	"contexttokens",
+	"totaltokens",
+	"tokencount",
+	"tokenlimit",
+	"tokenbudget",
+	"passwordFile"
+]);
+const SENSITIVE_PATTERNS = [
+	/token$/i,
+	/password/i,
+	/secret/i,
+	/api.?key/i
+];
+function isSensitiveConfigPath(path) {
+	return !Array.from(SENSITIVE_KEY_WHITELIST).some((suffix) => path.endsWith(suffix)) && SENSITIVE_PATTERNS.some((pattern) => pattern.test(path));
+}
+function buildBaseHints() {
+	const hints = {};
+	for (const [group, label] of Object.entries(GROUP_LABELS)) hints[group] = {
+		label,
+		group: label,
+		order: GROUP_ORDER[group]
+	};
+	for (const [path, label] of Object.entries(FIELD_LABELS)) {
+		const current = hints[path];
+		hints[path] = current ? {
+			...current,
+			label
+		} : { label };
+	}
+	for (const [path, help] of Object.entries(FIELD_HELP)) {
+		const current = hints[path];
+		hints[path] = current ? {
+			...current,
+			help
+		} : { help };
+	}
+	for (const [path, placeholder] of Object.entries(FIELD_PLACEHOLDERS)) {
+		const current = hints[path];
+		hints[path] = current ? {
+			...current,
+			placeholder
+		} : { placeholder };
+	}
+	return hints;
+}
+function applySensitiveHints(hints, allowedKeys) {
+	const next = { ...hints };
+	for (const key of Object.keys(next)) {
+		if (allowedKeys && !allowedKeys.has(key)) continue;
+		if (next[key]?.sensitive !== void 0) continue;
+		if (isSensitiveConfigPath(key)) next[key] = {
+			...next[key],
+			sensitive: true
+		};
+	}
+	return next;
+}
+function isUnwrappable(object) {
+	return !!object && typeof object === "object" && "unwrap" in object && typeof object.unwrap === "function" && !(object instanceof z.ZodArray);
+}
+function mapSensitivePaths(schema, path, hints) {
+	let next = { ...hints };
+	let currentSchema = schema;
+	let isSensitive = sensitive.has(currentSchema);
+	while (isUnwrappable(currentSchema)) {
+		currentSchema = currentSchema.unwrap();
+		isSensitive ||= sensitive.has(currentSchema);
+	}
+	if (isSensitive) next[path] = {
+		...next[path],
+		sensitive: true
+	};
+	else if (isSensitiveConfigPath(path) && !next[path]?.sensitive) log$3.warn(`possibly sensitive key found: (${path})`);
+	if (currentSchema instanceof z.ZodObject) {
+		const shape = currentSchema.shape;
+		for (const key in shape) {
+			const nextPath = path ? `${path}.${key}` : key;
+			next = mapSensitivePaths(shape[key], nextPath, next);
+		}
+	} else if (currentSchema instanceof z.ZodArray) {
+		const nextPath = path ? `${path}[]` : "[]";
+		next = mapSensitivePaths(currentSchema.element, nextPath, next);
+	} else if (currentSchema instanceof z.ZodRecord) {
+		const nextPath = path ? `${path}.*` : "*";
+		next = mapSensitivePaths(currentSchema._def.valueType, nextPath, next);
+	} else if (currentSchema instanceof z.ZodUnion || currentSchema instanceof z.ZodDiscriminatedUnion) for (const option of currentSchema.options) next = mapSensitivePaths(option, path, next);
+	else if (currentSchema instanceof z.ZodIntersection) {
+		next = mapSensitivePaths(currentSchema._def.left, path, next);
+		next = mapSensitivePaths(currentSchema._def.right, path, next);
+	}
+	return next;
+}
+
+//#endregion
+//#region src/config/redact-snapshot.ts
+const log$2 = createSubsystemLogger("config/redaction");
+const ENV_VAR_PLACEHOLDER_PATTERN = /^\$\{[^}]*\}$/;
+function isSensitivePath(path) {
+	if (path.endsWith("[]")) return isSensitiveConfigPath(path.slice(0, -2));
+	else return isSensitiveConfigPath(path);
+}
+function isEnvVarPlaceholder(value) {
+	return ENV_VAR_PLACEHOLDER_PATTERN.test(value.trim());
+}
+function isExtensionPath(path) {
+	return path === "plugins" || path.startsWith("plugins.") || path === "channels" || path.startsWith("channels.");
+}
+function isExplicitlyNonSensitivePath(hints, paths) {
+	if (!hints) return false;
+	return paths.some((path) => hints[path]?.sensitive === false);
+}
+/**
+* Sentinel value used to replace sensitive config fields in gateway responses.
+* Write-side handlers (config.set, config.apply, config.patch) detect this
+* sentinel and restore the original value from the on-disk config, so a
+* round-trip through the Web UI does not corrupt credentials.
+*/
+const REDACTED_SENTINEL = "__OPENCLAW_REDACTED__";
+function buildRedactionLookup(hints) {
+	let result = /* @__PURE__ */ new Set();
+	for (const [path, hint] of Object.entries(hints)) {
+		if (!hint.sensitive) continue;
+		const parts = path.split(".");
+		let joinedPath = parts.shift() ?? "";
+		result.add(joinedPath);
+		if (joinedPath.endsWith("[]")) result.add(joinedPath.slice(0, -2));
+		for (const part of parts) {
+			if (part.endsWith("[]")) result.add(`${joinedPath}.${part.slice(0, -2)}`);
+			joinedPath = `${joinedPath}.${part}`;
+			result.add(joinedPath);
+		}
+	}
+	if (result.size !== 0) result.add("");
+	return result;
+}
+/**
+* Deep-walk an object and replace string values at sensitive paths
+* with the redaction sentinel.
+*/
+function redactObject(obj, hints) {
+	if (hints) {
+		const lookup = buildRedactionLookup(hints);
+		return lookup.has("") ? redactObjectWithLookup(obj, lookup, "", [], hints) : redactObjectGuessing(obj, "", [], hints);
+	} else return redactObjectGuessing(obj, "", []);
+}
+/**
+* Collect all sensitive string values from a config object.
+* Used for text-based redaction of the raw JSON5 source.
+*/
+function collectSensitiveValues(obj, hints) {
+	const result = [];
+	if (hints) {
+		const lookup = buildRedactionLookup(hints);
+		if (lookup.has("")) redactObjectWithLookup(obj, lookup, "", result, hints);
+		else redactObjectGuessing(obj, "", result, hints);
+	} else redactObjectGuessing(obj, "", result);
+	return result;
+}
+/**
+* Worker for redactObject() and collectSensitiveValues().
+* Used when there are ConfigUiHints available.
+*/
+function redactObjectWithLookup(obj, lookup, prefix, values, hints) {
+	if (obj === null || obj === void 0) return obj;
+	if (Array.isArray(obj)) {
+		const path = `${prefix}[]`;
+		if (!lookup.has(path)) {
+			if (!isExtensionPath(prefix)) return obj;
+			return redactObjectGuessing(obj, prefix, values, hints);
+		}
+		return obj.map((item) => {
+			if (typeof item === "string" && !isEnvVarPlaceholder(item)) {
+				values.push(item);
+				return REDACTED_SENTINEL;
+			}
+			return redactObjectWithLookup(item, lookup, path, values, hints);
+		});
+	}
+	if (typeof obj === "object") {
+		const result = {};
+		for (const [key, value] of Object.entries(obj)) {
+			const path = prefix ? `${prefix}.${key}` : key;
+			const wildcardPath = prefix ? `${prefix}.*` : "*";
+			let matched = false;
+			for (const candidate of [path, wildcardPath]) {
+				result[key] = value;
+				if (lookup.has(candidate)) {
+					matched = true;
+					if (typeof value === "string" && !isEnvVarPlaceholder(value)) {
+						result[key] = REDACTED_SENTINEL;
+						values.push(value);
+					} else if (typeof value === "object" && value !== null) result[key] = redactObjectWithLookup(value, lookup, candidate, values, hints);
+					break;
+				}
+			}
+			if (!matched && isExtensionPath(path)) {
+				const markedNonSensitive = isExplicitlyNonSensitivePath(hints, [path, wildcardPath]);
+				if (typeof value === "string" && !markedNonSensitive && isSensitivePath(path) && !isEnvVarPlaceholder(value)) {
+					result[key] = REDACTED_SENTINEL;
+					values.push(value);
+				} else if (typeof value === "object" && value !== null) result[key] = redactObjectGuessing(value, path, values, hints);
+			}
+		}
+		return result;
+	}
+	return obj;
+}
+/**
+* Worker for redactObject() and collectSensitiveValues().
+* Used when ConfigUiHints are NOT available.
+*/
+function redactObjectGuessing(obj, prefix, values, hints) {
+	if (obj === null || obj === void 0) return obj;
+	if (Array.isArray(obj)) return obj.map((item) => {
+		const path = `${prefix}[]`;
+		if (!isExplicitlyNonSensitivePath(hints, [path]) && isSensitivePath(path) && typeof item === "string" && !isEnvVarPlaceholder(item)) {
+			values.push(item);
+			return REDACTED_SENTINEL;
+		}
+		return redactObjectGuessing(item, path, values, hints);
+	});
+	if (typeof obj === "object") {
+		const result = {};
+		for (const [key, value] of Object.entries(obj)) {
+			const dotPath = prefix ? `${prefix}.${key}` : key;
+			if (!isExplicitlyNonSensitivePath(hints, [dotPath, prefix ? `${prefix}.*` : "*"]) && isSensitivePath(dotPath) && typeof value === "string" && !isEnvVarPlaceholder(value)) {
+				result[key] = REDACTED_SENTINEL;
+				values.push(value);
+			} else if (typeof value === "object" && value !== null) result[key] = redactObjectGuessing(value, dotPath, values, hints);
+			else result[key] = value;
+		}
+		return result;
+	}
+	return obj;
+}
+/**
+* Replace known sensitive values in a raw JSON5 string with the sentinel.
+* Values are replaced longest-first to avoid partial matches.
+*/
+function redactRawText(raw, config, hints) {
+	const sensitiveValues = collectSensitiveValues(config, hints);
+	sensitiveValues.sort((a, b) => b.length - a.length);
+	let result = raw;
+	for (const value of sensitiveValues) result = result.replaceAll(value, REDACTED_SENTINEL);
+	return result;
+}
+/**
+* Returns a copy of the config snapshot with all sensitive fields
+* replaced by {@link REDACTED_SENTINEL}. The `hash` is preserved
+* (it tracks config identity, not content).
+*
+* Both `config` (the parsed object) and `raw` (the JSON5 source) are scrubbed
+* so no credential can leak through either path.
+*
+* When `uiHints` are provided, sensitivity is determined from the schema hints.
+* Without hints, falls back to regex-based detection via `isSensitivePath()`.
+*/
+/**
+* Redact sensitive fields from a plain config object (not a full snapshot).
+* Used by write endpoints (config.set, config.patch, config.apply) to avoid
+* leaking credentials in their responses.
+*/
+function redactConfigObject(value, uiHints) {
+	return redactObject(value, uiHints);
+}
+function redactConfigSnapshot(snapshot, uiHints) {
+	if (!snapshot.valid) return {
+		...snapshot,
+		config: {},
+		raw: null,
+		parsed: null,
+		resolved: {}
+	};
+	const redactedConfig = redactObject(snapshot.config, uiHints);
+	const redactedRaw = snapshot.raw ? redactRawText(snapshot.raw, snapshot.config, uiHints) : null;
+	const redactedParsed = snapshot.parsed ? redactObject(snapshot.parsed, uiHints) : snapshot.parsed;
+	const redactedResolved = redactConfigObject(snapshot.resolved);
+	return {
+		...snapshot,
+		config: redactedConfig,
+		raw: redactedRaw,
+		parsed: redactedParsed,
+		resolved: redactedResolved
+	};
+}
+/**
+* Deep-walk `incoming` and replace any {@link REDACTED_SENTINEL} values
+* (on sensitive paths) with the corresponding value from `original`.
+*
+* This is called by config.set / config.apply / config.patch before writing,
+* so that credentials survive a Web UI round-trip unmodified.
+*/
+function restoreRedactedValues(incoming, original, hints) {
+	if (incoming === null || incoming === void 0) return {
+		ok: false,
+		error: "no input"
+	};
+	if (typeof incoming !== "object") return {
+		ok: false,
+		error: "input not an object"
+	};
+	try {
+		if (hints) {
+			const lookup = buildRedactionLookup(hints);
+			if (lookup.has("")) return {
+				ok: true,
+				result: restoreRedactedValuesWithLookup(incoming, original, lookup, "", hints)
+			};
+			else return {
+				ok: true,
+				result: restoreRedactedValuesGuessing(incoming, original, "", hints)
+			};
+		} else return {
+			ok: true,
+			result: restoreRedactedValuesGuessing(incoming, original, "")
+		};
+	} catch (err) {
+		if (err instanceof RedactionError) return {
+			ok: false,
+			humanReadableMessage: `Sentinel value "${REDACTED_SENTINEL}" in key ${err.key} is not valid as real data`
+		};
+		throw err;
+	}
+}
+var RedactionError = class RedactionError extends Error {
+	constructor(key) {
+		super("internal error class---should never escape");
+		this.key = key;
+		this.name = "RedactionError";
+		Object.setPrototypeOf(this, RedactionError.prototype);
+	}
+};
+/**
+* Worker for restoreRedactedValues().
+* Used when there are ConfigUiHints available.
+*/
+function restoreRedactedValuesWithLookup(incoming, original, lookup, prefix, hints) {
+	if (incoming === null || incoming === void 0) return incoming;
+	if (typeof incoming !== "object") return incoming;
+	if (Array.isArray(incoming)) {
+		const path = `${prefix}[]`;
+		if (!lookup.has(path)) {
+			if (!isExtensionPath(prefix)) return incoming;
+			return restoreRedactedValuesGuessing(incoming, original, prefix, hints);
+		}
+		const origArr = Array.isArray(original) ? original : [];
+		if (incoming.length < origArr.length) log$2.warn(`Redacted config array key ${path} has been truncated`);
+		return incoming.map((item, i) => {
+			if (item === REDACTED_SENTINEL) return origArr[i];
+			return restoreRedactedValuesWithLookup(item, origArr[i], lookup, path, hints);
+		});
+	}
+	const orig = original && typeof original === "object" && !Array.isArray(original) ? original : {};
+	const result = {};
+	for (const [key, value] of Object.entries(incoming)) {
+		result[key] = value;
+		const path = prefix ? `${prefix}.${key}` : key;
+		const wildcardPath = prefix ? `${prefix}.*` : "*";
+		let matched = false;
+		for (const candidate of [path, wildcardPath]) if (lookup.has(candidate)) {
+			matched = true;
+			if (value === REDACTED_SENTINEL) if (key in orig) result[key] = orig[key];
+			else {
+				log$2.warn(`Cannot un-redact config key ${candidate} as it doesn't have any value`);
+				throw new RedactionError(candidate);
+			}
+			else if (typeof value === "object" && value !== null) result[key] = restoreRedactedValuesWithLookup(value, orig[key], lookup, candidate, hints);
+			break;
+		}
+		if (!matched && isExtensionPath(path)) {
+			if (!isExplicitlyNonSensitivePath(hints, [path, wildcardPath]) && isSensitivePath(path) && value === REDACTED_SENTINEL) if (key in orig) result[key] = orig[key];
+			else {
+				log$2.warn(`Cannot un-redact config key ${path} as it doesn't have any value`);
+				throw new RedactionError(path);
+			}
+			else if (typeof value === "object" && value !== null) result[key] = restoreRedactedValuesGuessing(value, orig[key], path, hints);
+		}
+	}
+	return result;
+}
+/**
+* Worker for restoreRedactedValues().
+* Used when ConfigUiHints are NOT available.
+*/
+function restoreRedactedValuesGuessing(incoming, original, prefix, hints) {
+	if (incoming === null || incoming === void 0) return incoming;
+	if (typeof incoming !== "object") return incoming;
+	if (Array.isArray(incoming)) {
+		const origArr = Array.isArray(original) ? original : [];
+		return incoming.map((item, i) => {
+			const path = `${prefix}[]`;
+			if (incoming.length < origArr.length) log$2.warn(`Redacted config array key ${path} has been truncated`);
+			if (!isExplicitlyNonSensitivePath(hints, [path]) && isSensitivePath(path) && item === REDACTED_SENTINEL) return origArr[i];
+			return restoreRedactedValuesGuessing(item, origArr[i], path, hints);
+		});
+	}
+	const orig = original && typeof original === "object" && !Array.isArray(original) ? original : {};
+	const result = {};
+	for (const [key, value] of Object.entries(incoming)) {
+		const path = prefix ? `${prefix}.${key}` : key;
+		if (!isExplicitlyNonSensitivePath(hints, [path, prefix ? `${prefix}.*` : "*"]) && isSensitivePath(path) && value === REDACTED_SENTINEL) if (key in orig) result[key] = orig[key];
+		else {
+			log$2.warn(`Cannot un-redact config key ${path} as it doesn't have any value`);
+			throw new RedactionError(path);
+		}
+		else if (typeof value === "object" && value !== null) result[key] = restoreRedactedValuesGuessing(value, orig[key], path, hints);
+		else result[key] = value;
+	}
+	return result;
 }
+
+//#endregion
+//#region src/config/schema.ts
 function cloneSchema(value) {
 	if (typeof structuredClone === "function") return structuredClone(value);
 	return JSON.parse(JSON.stringify(value));
@@ -8014,43 +8312,11 @@ function mergeObjectSchema(base, extension) {
 	if (additional !== void 0) merged.additionalProperties = additional;
 	return merged;
 }
-function buildBaseHints() {
-	const hints = {};
-	for (const [group, label] of Object.entries(GROUP_LABELS)) hints[group] = {
-		label,
-		group: label,
-		order: GROUP_ORDER[group]
-	};
-	for (const [path, label] of Object.entries(FIELD_LABELS)) {
-		const current = hints[path];
-		hints[path] = current ? {
-			...current,
-			label
-		} : { label };
-	}
-	for (const [path, help] of Object.entries(FIELD_HELP)) {
-		const current = hints[path];
-		hints[path] = current ? {
-			...current,
-			help
-		} : { help };
-	}
-	for (const [path, placeholder] of Object.entries(FIELD_PLACEHOLDERS)) {
-		const current = hints[path];
-		hints[path] = current ? {
-			...current,
-			placeholder
-		} : { placeholder };
-	}
-	return hints;
-}
-function applySensitiveHints(hints) {
-	const next = { ...hints };
-	for (const key of Object.keys(next)) if (isSensitivePath(key)) next[key] = {
-		...next[key],
-		sensitive: true
-	};
-	return next;
+function collectExtensionHintKeys(hints, plugins, channels) {
+	const pluginPrefixes = plugins.map((plugin) => plugin.id.trim()).filter(Boolean).map((id) => `plugins.entries.${id}`);
+	const channelPrefixes = channels.map((channel) => channel.id.trim()).filter(Boolean).map((id) => `channels.${id}`);
+	const prefixes = [...pluginPrefixes, ...channelPrefixes];
+	return new Set(Object.keys(hints).filter((key) => prefixes.some((prefix) => key === prefix || key.startsWith(`${prefix}.`))));
 }
 function applyPluginHints(hints, plugins) {
 	const next = { ...hints };
@@ -8200,7 +8466,7 @@ function buildBaseConfigSchema() {
 		unrepresentable: "any"
 	});
 	schema.title = "OpenClawConfig";
-	const hints = applySensitiveHints(buildBaseHints());
+	const hints = mapSensitivePaths(OpenClawSchema, "", buildBaseHints());
 	const next = {
 		schema: stripChannelSchema(schema),
 		uiHints: hints,
@@ -8215,7 +8481,8 @@ function buildConfigSchema(params) {
 	const plugins = params?.plugins ?? [];
 	const channels = params?.channels ?? [];
 	if (plugins.length === 0 && channels.length === 0) return base;
-	const mergedHints = applySensitiveHints(applyHeartbeatTargetHints(applyChannelHints(applyPluginHints(base.uiHints, plugins), channels), channels));
+	const mergedWithoutSensitiveHints = applyHeartbeatTargetHints(applyChannelHints(applyPluginHints(base.uiHints, plugins), channels), channels);
+	const mergedHints = applySensitiveHints(mergedWithoutSensitiveHints, collectExtensionHintKeys(mergedWithoutSensitiveHints, plugins, channels));
 	const mergedSchema = applyChannelSchemas(applyPluginSchemas(base.schema, plugins), channels);
 	return {
 		...base,
@@ -8250,45 +8517,49 @@ function requireConfigBaseHash(params, snapshot, respond) {
 	}
 	return true;
 }
+function loadSchemaWithPlugins() {
+	const cfg = loadConfig();
+	return buildConfigSchema({
+		plugins: loadOpenClawPlugins({
+			config: cfg,
+			cache: true,
+			workspaceDir: resolveAgentWorkspaceDir(cfg, resolveDefaultAgentId(cfg)),
+			logger: {
+				info: () => {},
+				warn: () => {},
+				error: () => {},
+				debug: () => {}
+			}
+		}).plugins.map((plugin) => ({
+			id: plugin.id,
+			name: plugin.name,
+			description: plugin.description,
+			configUiHints: plugin.configUiHints,
+			configSchema: plugin.configJsonSchema
+		})),
+		channels: listChannelPlugins().map((entry) => ({
+			id: entry.id,
+			label: entry.meta.label,
+			description: entry.meta.blurb,
+			configSchema: entry.configSchema?.schema,
+			configUiHints: entry.configSchema?.uiHints
+		}))
+	});
+}
 const configHandlers = {
 	"config.get": async ({ params, respond }) => {
 		if (!validateConfigGetParams(params)) {
 			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, `invalid config.get params: ${formatValidationErrors(validateConfigGetParams.errors)}`));
 			return;
 		}
-		respond(true, redactConfigSnapshot(await readConfigFileSnapshot()), void 0);
+		respond(true, redactConfigSnapshot(await readConfigFileSnapshot(), loadSchemaWithPlugins().uiHints), void 0);
 	},
 	"config.schema": ({ params, respond }) => {
 		if (!validateConfigSchemaParams(params)) {
 			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, `invalid config.schema params: ${formatValidationErrors(validateConfigSchemaParams.errors)}`));
 			return;
 		}
-		const cfg = loadConfig();
-		respond(true, buildConfigSchema({
-			plugins: loadOpenClawPlugins({
-				config: cfg,
-				workspaceDir: resolveAgentWorkspaceDir(cfg, resolveDefaultAgentId(cfg)),
-				logger: {
-					info: () => {},
-					warn: () => {},
-					error: () => {},
-					debug: () => {}
-				}
-			}).plugins.map((plugin) => ({
-				id: plugin.id,
-				name: plugin.name,
-				description: plugin.description,
-				configUiHints: plugin.configUiHints,
-				configSchema: plugin.configJsonSchema
-			})),
-			channels: listChannelPlugins().map((entry) => ({
-				id: entry.id,
-				label: entry.meta.label,
-				description: entry.meta.blurb,
-				configSchema: entry.configSchema?.schema,
-				configUiHints: entry.configSchema?.uiHints
-			}))
-		}), void 0);
+		respond(true, loadSchemaWithPlugins(), void 0);
 	},
 	"config.set": async ({ params, respond }) => {
 		if (!validateConfigSetParams(params)) {
@@ -8307,23 +8578,22 @@ const configHandlers = {
 			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, parsedRes.error));
 			return;
 		}
-		const validated = validateConfigObjectWithPlugins(parsedRes.parsed);
-		if (!validated.ok) {
-			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, "invalid config", { details: { issues: validated.issues } }));
+		const schemaSet = loadSchemaWithPlugins();
+		const restored = restoreRedactedValues(parsedRes.parsed, snapshot.config, schemaSet.uiHints);
+		if (!restored.ok) {
+			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, restored.humanReadableMessage ?? "invalid config"));
 			return;
 		}
-		let restored;
-		try {
-			restored = restoreRedactedValues(validated.config, snapshot.config);
-		} catch (err) {
-			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, String(err instanceof Error ? err.message : err)));
+		const validated = validateConfigObjectWithPlugins(restored.result);
+		if (!validated.ok) {
+			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, "invalid config", { details: { issues: validated.issues } }));
 			return;
 		}
-		await writeConfigFile(restored);
+		await writeConfigFile(validated.config);
 		respond(true, {
 			ok: true,
 			path: CONFIG_PATH,
-			config: redactConfigObject(restored)
+			config: redactConfigObject(validated.config, schemaSet.uiHints)
 		}, void 0);
 	},
 	"config.patch": async ({ params, respond }) => {
@@ -8352,14 +8622,13 @@ const configHandlers = {
 			return;
 		}
 		const merged = applyMergePatch(snapshot.config, parsedRes.parsed);
-		let restoredMerge;
-		try {
-			restoredMerge = restoreRedactedValues(merged, snapshot.config);
-		} catch (err) {
-			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, String(err instanceof Error ? err.message : err)));
+		const schemaPatch = loadSchemaWithPlugins();
+		const restoredMerge = restoreRedactedValues(merged, snapshot.config, schemaPatch.uiHints);
+		if (!restoredMerge.ok) {
+			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, restoredMerge.humanReadableMessage ?? "invalid config"));
 			return;
 		}
-		const validated = validateConfigObjectWithPlugins(applyLegacyMigrations(restoredMerge).next ?? restoredMerge);
+		const validated = validateConfigObjectWithPlugins(applyLegacyMigrations(restoredMerge.result).next ?? restoredMerge.result);
 		if (!validated.ok) {
 			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, "invalid config", { details: { issues: validated.issues } }));
 			return;
@@ -8394,7 +8663,7 @@ const configHandlers = {
 		respond(true, {
 			ok: true,
 			path: CONFIG_PATH,
-			config: redactConfigObject(validated.config),
+			config: redactConfigObject(validated.config, schemaPatch.uiHints),
 			restart,
 			sentinel: {
 				path: sentinelPath,
@@ -8419,19 +8688,18 @@ const configHandlers = {
 			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, parsedRes.error));
 			return;
 		}
-		const validated = validateConfigObjectWithPlugins(parsedRes.parsed);
-		if (!validated.ok) {
-			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, "invalid config", { details: { issues: validated.issues } }));
+		const schemaApply = loadSchemaWithPlugins();
+		const restored = restoreRedactedValues(parsedRes.parsed, snapshot.config, schemaApply.uiHints);
+		if (!restored.ok) {
+			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, restored.humanReadableMessage ?? "invalid config"));
 			return;
 		}
-		let restoredApply;
-		try {
-			restoredApply = restoreRedactedValues(validated.config, snapshot.config);
-		} catch (err) {
-			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, String(err instanceof Error ? err.message : err)));
+		const validated = validateConfigObjectWithPlugins(restored.result);
+		if (!validated.ok) {
+			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, "invalid config", { details: { issues: validated.issues } }));
 			return;
 		}
-		await writeConfigFile(restoredApply);
+		await writeConfigFile(validated.config);
 		const sessionKey = typeof params.sessionKey === "string" ? params.sessionKey?.trim() || void 0 : void 0;
 		const note = typeof params.note === "string" ? params.note?.trim() || void 0 : void 0;
 		const restartDelayMsRaw = params.restartDelayMs;
@@ -8461,7 +8729,7 @@ const configHandlers = {
 		respond(true, {
 			ok: true,
 			path: CONFIG_PATH,
-			config: redactConfigObject(restoredApply),
+			config: redactConfigObject(validated.config, schemaApply.uiHints),
 			restart,
 			sentinel: {
 				path: sentinelPath,
@@ -8906,7 +9174,7 @@ async function verifyDeviceToken(params) {
 			ok: false,
 			reason: "token-revoked"
 		};
-		if (entry.token !== params.token) return {
+		if (!safeEqualSecret(params.token, entry.token)) return {
 			ok: false,
 			reason: "token-mismatch"
 		};
@@ -9758,7 +10026,7 @@ const nodeHandlers = {
 		const p = params;
 		const payloadJSON = typeof p.payloadJSON === "string" ? p.payloadJSON : p.payload !== void 0 ? JSON.stringify(p.payload) : null;
 		await respondUnavailableOnThrow(respond, async () => {
-			const { handleNodeEvent } = await import("./server-node-events-V_G9BRRw.js");
+			const { handleNodeEvent } = await import("./server-node-events-BbHOZX3O.js");
 			const nodeId = client?.connect?.device?.id ?? client?.connect?.client?.id ?? "node";
 			await handleNodeEvent({
 				deps: context.deps,
@@ -9826,8 +10094,13 @@ const sendHandlers = {
 			return;
 		}
 		const to = request.to.trim();
-		const message = request.message.trim();
-		const mediaUrls = Array.isArray(request.mediaUrls) ? request.mediaUrls : void 0;
+		const message = typeof request.message === "string" ? request.message.trim() : "";
+		const mediaUrl = typeof request.mediaUrl === "string" && request.mediaUrl.trim().length > 0 ? request.mediaUrl.trim() : void 0;
+		const mediaUrls = Array.isArray(request.mediaUrls) ? request.mediaUrls.map((entry) => typeof entry === "string" ? entry.trim() : "").filter((entry) => entry.length > 0) : void 0;
+		if (!message && !mediaUrl && (mediaUrls?.length ?? 0) === 0) {
+			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, "invalid send params: text or media is required"));
+			return;
+		}
 		const channelInput = typeof request.channel === "string" ? request.channel : void 0;
 		const normalizedChannel = channelInput ? normalizeChannelId(channelInput) : null;
 		if (channelInput && !normalizedChannel) {
@@ -9859,7 +10132,7 @@ const sendHandlers = {
 				const outboundDeps = context.deps ? createOutboundSendDeps(context.deps) : void 0;
 				const mirrorPayloads = normalizeReplyPayloadsForDelivery([{
 					text: message,
-					mediaUrl: request.mediaUrl,
+					mediaUrl,
 					mediaUrls
 				}]);
 				const mirrorText = mirrorPayloads.map((payload) => payload.text).filter(Boolean).join("\n");
@@ -9887,7 +10160,7 @@ const sendHandlers = {
 					accountId,
 					payloads: [{
 						text: message,
-						mediaUrl: request.mediaUrl,
+						mediaUrl,
 						mediaUrls
 					}],
 					gifPlayback: request.gifPlayback,
@@ -10528,7 +10801,8 @@ const sessionsHandlers = {
 				skillsSnapshot: entry?.skillsSnapshot,
 				inputTokens: 0,
 				outputTokens: 0,
-				totalTokens: 0
+				totalTokens: 0,
+				totalTokensFresh: true
 			};
 			store[primaryKey] = nextEntry;
 			return nextEntry;
@@ -10672,6 +10946,7 @@ const sessionsHandlers = {
 			delete entryToUpdate.inputTokens;
 			delete entryToUpdate.outputTokens;
 			delete entryToUpdate.totalTokens;
+			delete entryToUpdate.totalTokensFresh;
 			entryToUpdate.updatedAt = Date.now();
 		});
 		respond(true, {
@@ -10909,23 +11184,70 @@ const systemHandlers = {
 
 //#endregion
 //#region src/gateway/server-methods/talk.ts
-const talkHandlers = { "talk.mode": ({ params, respond, context, client, isWebchatConnect }) => {
-	if (client && isWebchatConnect(client.connect) && !context.hasConnectedMobileNode()) {
-		respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, "talk disabled: no connected iOS/Android nodes"));
-		return;
-	}
-	if (!validateTalkModeParams(params)) {
-		respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, `invalid talk.mode params: ${formatValidationErrors(validateTalkModeParams.errors)}`));
-		return;
+const ADMIN_SCOPE$2 = "operator.admin";
+const TALK_SECRETS_SCOPE = "operator.talk.secrets";
+function canReadTalkSecrets(client) {
+	const scopes = Array.isArray(client?.connect?.scopes) ? client.connect.scopes : [];
+	return scopes.includes(ADMIN_SCOPE$2) || scopes.includes(TALK_SECRETS_SCOPE);
+}
+function normalizeTalkConfigSection(value) {
+	if (!value || typeof value !== "object" || Array.isArray(value)) return;
+	const source = value;
+	const talk = {};
+	if (typeof source.voiceId === "string") talk.voiceId = source.voiceId;
+	if (source.voiceAliases && typeof source.voiceAliases === "object" && !Array.isArray(source.voiceAliases)) {
+		const aliases = {};
+		for (const [alias, id] of Object.entries(source.voiceAliases)) {
+			if (typeof id !== "string") continue;
+			aliases[alias] = id;
+		}
+		if (Object.keys(aliases).length > 0) talk.voiceAliases = aliases;
+	}
+	if (typeof source.modelId === "string") talk.modelId = source.modelId;
+	if (typeof source.outputFormat === "string") talk.outputFormat = source.outputFormat;
+	if (typeof source.apiKey === "string") talk.apiKey = source.apiKey;
+	if (typeof source.interruptOnSpeech === "boolean") talk.interruptOnSpeech = source.interruptOnSpeech;
+	return Object.keys(talk).length > 0 ? talk : void 0;
+}
+const talkHandlers = {
+	"talk.config": async ({ params, respond, client }) => {
+		if (!validateTalkConfigParams(params)) {
+			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, `invalid talk.config params: ${formatValidationErrors(validateTalkConfigParams.errors)}`));
+			return;
+		}
+		const includeSecrets = Boolean(params.includeSecrets);
+		if (includeSecrets && !canReadTalkSecrets(client)) {
+			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, `missing scope: ${TALK_SECRETS_SCOPE}`));
+			return;
+		}
+		const snapshot = await readConfigFileSnapshot();
+		const configPayload = {};
+		const talk = normalizeTalkConfigSection(includeSecrets ? snapshot.config.talk : redactConfigObject(snapshot.config.talk));
+		if (talk) configPayload.talk = talk;
+		const sessionMainKey = snapshot.config.session?.mainKey;
+		if (typeof sessionMainKey === "string") configPayload.session = { mainKey: sessionMainKey };
+		const seamColor = snapshot.config.ui?.seamColor;
+		if (typeof seamColor === "string") configPayload.ui = { seamColor };
+		respond(true, { config: configPayload }, void 0);
+	},
+	"talk.mode": ({ params, respond, context, client, isWebchatConnect }) => {
+		if (client && isWebchatConnect(client.connect) && !context.hasConnectedMobileNode()) {
+			respond(false, void 0, errorShape(ErrorCodes.UNAVAILABLE, "talk disabled: no connected iOS/Android nodes"));
+			return;
+		}
+		if (!validateTalkModeParams(params)) {
+			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, `invalid talk.mode params: ${formatValidationErrors(validateTalkModeParams.errors)}`));
+			return;
+		}
+		const payload = {
+			enabled: params.enabled,
+			phase: params.phase ?? null,
+			ts: Date.now()
+		};
+		context.broadcast("talk.mode", payload, { dropIfSlow: true });
+		respond(true, payload, void 0);
 	}
-	const payload = {
-		enabled: params.enabled,
-		phase: params.phase ?? null,
-		ts: Date.now()
-	};
-	context.broadcast("talk.mode", payload, { dropIfSlow: true });
-	respond(true, payload, void 0);
-} };
+};
 
 //#endregion
 //#region src/gateway/server-methods/tts.ts
@@ -11258,7 +11580,7 @@ const usageHandlers = {
 		const limit = typeof p.limit === "number" && Number.isFinite(p.limit) ? p.limit : 50;
 		const includeContextWeight = p.includeContextWeight ?? false;
 		const specificKey = typeof p.key === "string" ? p.key.trim() : null;
-		const { store } = loadCombinedSessionStoreForGateway(config);
+		const { storePath, store } = loadCombinedSessionStoreForGateway(config);
 		const now = Date.now();
 		const mergedEntries = [];
 		if (specificKey) {
@@ -11278,7 +11600,16 @@ const usageHandlers = {
 			const resolvedStoreKey = storeMatch?.key ?? storeByIdMatch?.key ?? specificKey;
 			const storeEntry = storeMatch?.entry ?? storeByIdMatch?.entry;
 			const sessionId = storeEntry?.sessionId ?? keyRest;
-			const sessionFile = resolveSessionFilePath(sessionId, storeEntry, { agentId: agentIdFromKey });
+			let sessionFile;
+			try {
+				sessionFile = resolveSessionFilePath(sessionId, storeEntry, resolveSessionFilePathOptions({
+					storePath: storePath !== "(multiple)" ? storePath : void 0,
+					agentId: agentIdFromKey
+				}));
+			} catch {
+				respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, `Invalid session reference: ${specificKey}`));
+				return;
+			}
 			try {
 				const stats = fs.statSync(sessionFile);
 				if (stats.isFile()) mergedEntries.push({
@@ -11386,11 +11717,13 @@ const usageHandlers = {
 			target.missingCostEntries += source.missingCostEntries;
 		};
 		for (const merged of limitedEntries) {
+			const agentId = parseAgentSessionKey(merged.key)?.agentId;
 			const usage = await loadSessionCostSummary({
 				sessionId: merged.sessionId,
 				sessionEntry: merged.storeEntry,
 				sessionFile: merged.sessionFile,
 				config,
+				agentId,
 				startMs,
 				endMs
 			});
@@ -11407,7 +11740,6 @@ const usageHandlers = {
 				aggregateTotals.cacheWriteCost += usage.cacheWriteCost;
 				aggregateTotals.missingCostEntries += usage.missingCostEntries;
 			}
-			const agentId = parseAgentSessionKey(merged.key)?.agentId;
 			const channel = merged.storeEntry?.channel ?? merged.storeEntry?.origin?.provider;
 			const chatType = merged.storeEntry?.chatType ?? merged.storeEntry?.origin?.chatType;
 			if (usage) {
@@ -11604,15 +11936,27 @@ const usageHandlers = {
 			return;
 		}
 		const config = loadConfig();
-		const { entry } = loadSessionEntry(key);
+		const { entry, storePath } = loadSessionEntry(key);
 		const parsed = parseAgentSessionKey(key);
 		const agentId = parsed?.agentId;
 		const rawSessionId = parsed?.rest ?? key;
+		const sessionId = entry?.sessionId ?? rawSessionId;
+		let sessionFile;
+		try {
+			sessionFile = resolveSessionFilePath(sessionId, entry, resolveSessionFilePathOptions({
+				storePath,
+				agentId
+			}));
+		} catch {
+			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, `Invalid session key: ${key}`));
+			return;
+		}
 		const timeseries = await loadSessionUsageTimeSeries({
-			sessionId: entry?.sessionId ?? rawSessionId,
+			sessionId,
 			sessionEntry: entry,
-			sessionFile: entry?.sessionFile ?? resolveSessionFilePath(rawSessionId, entry, { agentId }),
+			sessionFile,
 			config,
+			agentId,
 			maxPoints: 200
 		});
 		if (!timeseries) {
@@ -11629,18 +11973,28 @@ const usageHandlers = {
 		}
 		const limit = typeof params?.limit === "number" && Number.isFinite(params.limit) ? Math.min(params.limit, 1e3) : 200;
 		const config = loadConfig();
-		const { entry } = loadSessionEntry(key);
+		const { entry, storePath } = loadSessionEntry(key);
 		const parsed = parseAgentSessionKey(key);
 		const agentId = parsed?.agentId;
 		const rawSessionId = parsed?.rest ?? key;
 		const sessionId = entry?.sessionId ?? rawSessionId;
-		const sessionFile = entry?.sessionFile ?? resolveSessionFilePath(rawSessionId, entry, { agentId });
-		const { loadSessionLogs } = await import("./session-cost-usage-CcCEQNuc.js").then((n) => n.a);
+		let sessionFile;
+		try {
+			sessionFile = resolveSessionFilePath(sessionId, entry, resolveSessionFilePathOptions({
+				storePath,
+				agentId
+			}));
+		} catch {
+			respond(false, void 0, errorShape(ErrorCodes.INVALID_REQUEST, `Invalid session key: ${key}`));
+			return;
+		}
+		const { loadSessionLogs } = await import("./session-cost-usage-B-tyjp76.js").then((n) => n.a);
 		respond(true, { logs: await loadSessionLogs({
 			sessionId,
 			sessionEntry: entry,
 			sessionFile,
 			config,
+			agentId,
 			limit
 		}) ?? [] }, void 0);
 	}
@@ -12069,7 +12423,9 @@ const READ_METHODS = new Set([
 	"last-heartbeat",
 	"node.list",
 	"node.describe",
-	"chat.history"
+	"chat.history",
+	"config.get",
+	"talk.config"
 ]);
 const WRITE_METHODS = new Set([
 	"send",
@@ -12457,6 +12813,7 @@ function normalizeHookMapping(mapping, index, transformsDir) {
 		action,
 		wakeMode,
 		name: mapping.name,
+		agentId: mapping.agentId?.trim() || void 0,
 		sessionKey: mapping.sessionKey,
 		messageTemplate: mapping.messageTemplate,
 		textTemplate: mapping.textTemplate,
@@ -12495,6 +12852,7 @@ function buildActionFromMapping(mapping, ctx) {
 			kind: "agent",
 			message: renderTemplate(mapping.messageTemplate ?? "", ctx),
 			name: renderOptional(mapping.name, ctx),
+			agentId: mapping.agentId,
 			wakeMode: mapping.wakeMode ?? "now",
 			sessionKey: renderOptional(mapping.sessionKey, ctx),
 			deliver: mapping.deliver,
@@ -12523,6 +12881,7 @@ function mergeAction(base, override, defaultAction) {
 		message: typeof override.message === "string" ? override.message : baseAgent?.message ?? "",
 		wakeMode: override.wakeMode === "next-heartbeat" ? "next-heartbeat" : baseAgent?.wakeMode ?? "now",
 		name: override.name ?? baseAgent?.name,
+		agentId: override.agentId ?? baseAgent?.agentId,
 		sessionKey: override.sessionKey ?? baseAgent?.sessionKey,
 		deliver: typeof override.deliver === "boolean" ? override.deliver : baseAgent?.deliver,
 		allowUnsafeExternalContent: typeof override.allowUnsafeExternalContent === "boolean" ? override.allowUnsafeExternalContent : baseAgent?.allowUnsafeExternalContent,
@@ -12635,13 +12994,76 @@ function resolveHooksConfig(cfg) {
 	const withSlash = rawPath.startsWith("/") ? rawPath : `/${rawPath}`;
 	const trimmed = withSlash.length > 1 ? withSlash.replace(/\/+$/, "") : withSlash;
 	if (trimmed === "/") throw new Error("hooks.path may not be '/'");
+	const maxBodyBytes = cfg.hooks?.maxBodyBytes && cfg.hooks.maxBodyBytes > 0 ? cfg.hooks.maxBodyBytes : DEFAULT_HOOKS_MAX_BODY_BYTES;
+	const mappings = resolveHookMappings(cfg.hooks);
+	const defaultAgentId = resolveDefaultAgentId(cfg);
+	const knownAgentIds = resolveKnownAgentIds(cfg, defaultAgentId);
+	const allowedAgentIds = resolveAllowedAgentIds(cfg.hooks?.allowedAgentIds);
+	const defaultSessionKey = resolveSessionKey$1(cfg.hooks?.defaultSessionKey);
+	const allowedSessionKeyPrefixes = resolveAllowedSessionKeyPrefixes(cfg.hooks?.allowedSessionKeyPrefixes);
+	if (defaultSessionKey && allowedSessionKeyPrefixes && !isSessionKeyAllowedByPrefix(defaultSessionKey, allowedSessionKeyPrefixes)) throw new Error("hooks.defaultSessionKey must match hooks.allowedSessionKeyPrefixes");
+	if (!defaultSessionKey && allowedSessionKeyPrefixes && !isSessionKeyAllowedByPrefix("hook:example", allowedSessionKeyPrefixes)) throw new Error("hooks.allowedSessionKeyPrefixes must include 'hook:' when hooks.defaultSessionKey is unset");
 	return {
 		basePath: trimmed,
 		token,
-		maxBodyBytes: cfg.hooks?.maxBodyBytes && cfg.hooks.maxBodyBytes > 0 ? cfg.hooks.maxBodyBytes : DEFAULT_HOOKS_MAX_BODY_BYTES,
-		mappings: resolveHookMappings(cfg.hooks)
+		maxBodyBytes,
+		mappings,
+		agentPolicy: {
+			defaultAgentId,
+			knownAgentIds,
+			allowedAgentIds
+		},
+		sessionPolicy: {
+			defaultSessionKey,
+			allowRequestSessionKey: cfg.hooks?.allowRequestSessionKey === true,
+			allowedSessionKeyPrefixes
+		}
 	};
 }
+function resolveKnownAgentIds(cfg, defaultAgentId) {
+	const known = new Set(listAgentIds(cfg));
+	known.add(defaultAgentId);
+	return known;
+}
+function resolveAllowedAgentIds(raw) {
+	if (!Array.isArray(raw)) return;
+	const allowed = /* @__PURE__ */ new Set();
+	let hasWildcard = false;
+	for (const entry of raw) {
+		const trimmed = entry.trim();
+		if (!trimmed) continue;
+		if (trimmed === "*") {
+			hasWildcard = true;
+			break;
+		}
+		allowed.add(normalizeAgentId(trimmed));
+	}
+	if (hasWildcard) return;
+	return allowed;
+}
+function resolveSessionKey$1(raw) {
+	const value = raw?.trim();
+	return value ? value : void 0;
+}
+function normalizeSessionKeyPrefix(raw) {
+	const value = raw.trim().toLowerCase();
+	return value ? value : void 0;
+}
+function resolveAllowedSessionKeyPrefixes(raw) {
+	if (!Array.isArray(raw)) return;
+	const set = /* @__PURE__ */ new Set();
+	for (const prefix of raw) {
+		const normalized = normalizeSessionKeyPrefix(prefix);
+		if (!normalized) continue;
+		set.add(normalized);
+	}
+	return set.size > 0 ? Array.from(set) : void 0;
+}
+function isSessionKeyAllowedByPrefix(sessionKey, prefixes) {
+	const normalized = sessionKey.trim().toLowerCase();
+	if (!normalized) return false;
+	return prefixes.some((prefix) => normalized.startsWith(prefix));
+}
 function extractHookToken(req) {
 	const auth = typeof req.headers.authorization === "string" ? req.headers.authorization.trim() : "";
 	if (auth.toLowerCase().startsWith("bearer ")) {
@@ -12723,20 +13145,71 @@ function normalizeWakePayload(payload) {
 		}
 	};
 }
-const listHookChannelValues = () => ["last", ...listChannelPlugins().map((plugin) => plugin.id)];
-const getHookChannelSet = () => new Set(listHookChannelValues());
-const getHookChannelError = () => `channel must be ${listHookChannelValues().join("|")}`;
-function resolveHookChannel(raw) {
-	if (raw === void 0) return "last";
-	if (typeof raw !== "string") return null;
-	const normalized = normalizeMessageChannel(raw);
-	if (!normalized || !getHookChannelSet().has(normalized)) return null;
-	return normalized;
-}
-function resolveHookDeliver(raw) {
-	return raw !== false;
-}
-function normalizeAgentPayload(payload, opts) {
+const listHookChannelValues = () => ["last", ...listChannelPlugins().map((plugin) => plugin.id)];
+const getHookChannelSet = () => new Set(listHookChannelValues());
+const getHookChannelError = () => `channel must be ${listHookChannelValues().join("|")}`;
+function resolveHookChannel(raw) {
+	if (raw === void 0) return "last";
+	if (typeof raw !== "string") return null;
+	const normalized = normalizeMessageChannel(raw);
+	if (!normalized || !getHookChannelSet().has(normalized)) return null;
+	return normalized;
+}
+function resolveHookDeliver(raw) {
+	return raw !== false;
+}
+function resolveHookTargetAgentId(hooksConfig, agentId) {
+	const raw = agentId?.trim();
+	if (!raw) return;
+	const normalized = normalizeAgentId(raw);
+	if (hooksConfig.agentPolicy.knownAgentIds.has(normalized)) return normalized;
+	return hooksConfig.agentPolicy.defaultAgentId;
+}
+function isHookAgentAllowed(hooksConfig, agentId) {
+	const raw = agentId?.trim();
+	if (!raw) return true;
+	const allowed = hooksConfig.agentPolicy.allowedAgentIds;
+	if (allowed === void 0) return true;
+	const resolved = resolveHookTargetAgentId(hooksConfig, raw);
+	return resolved ? allowed.has(resolved) : false;
+}
+const getHookAgentPolicyError = () => "agentId is not allowed by hooks.allowedAgentIds";
+const getHookSessionKeyRequestPolicyError = () => "sessionKey is disabled for external /hooks/agent payloads; set hooks.allowRequestSessionKey=true to enable";
+const getHookSessionKeyPrefixError = (prefixes) => `sessionKey must start with one of: ${prefixes.join(", ")}`;
+function resolveHookSessionKey(params) {
+	const requested = resolveSessionKey$1(params.sessionKey);
+	if (requested) {
+		if (params.source === "request" && !params.hooksConfig.sessionPolicy.allowRequestSessionKey) return {
+			ok: false,
+			error: getHookSessionKeyRequestPolicyError()
+		};
+		const allowedPrefixes = params.hooksConfig.sessionPolicy.allowedSessionKeyPrefixes;
+		if (allowedPrefixes && !isSessionKeyAllowedByPrefix(requested, allowedPrefixes)) return {
+			ok: false,
+			error: getHookSessionKeyPrefixError(allowedPrefixes)
+		};
+		return {
+			ok: true,
+			value: requested
+		};
+	}
+	const defaultSessionKey = params.hooksConfig.sessionPolicy.defaultSessionKey;
+	if (defaultSessionKey) return {
+		ok: true,
+		value: defaultSessionKey
+	};
+	const generated = `hook:${(params.idFactory ?? randomUUID)()}`;
+	const allowedPrefixes = params.hooksConfig.sessionPolicy.allowedSessionKeyPrefixes;
+	if (allowedPrefixes && !isSessionKeyAllowedByPrefix(generated, allowedPrefixes)) return {
+		ok: false,
+		error: getHookSessionKeyPrefixError(allowedPrefixes)
+	};
+	return {
+		ok: true,
+		value: generated
+	};
+}
+function normalizeAgentPayload(payload) {
 	const message = typeof payload.message === "string" ? payload.message.trim() : "";
 	if (!message) return {
 		ok: false,
@@ -12744,10 +13217,11 @@ function normalizeAgentPayload(payload, opts) {
 	};
 	const nameRaw = payload.name;
 	const name = typeof nameRaw === "string" && nameRaw.trim() ? nameRaw.trim() : "Hook";
+	const agentIdRaw = payload.agentId;
+	const agentId = typeof agentIdRaw === "string" && agentIdRaw.trim() ? agentIdRaw.trim() : void 0;
 	const wakeMode = payload.wakeMode === "next-heartbeat" ? "next-heartbeat" : "now";
 	const sessionKeyRaw = payload.sessionKey;
-	const idFactory = opts?.idFactory ?? randomUUID;
-	const sessionKey = typeof sessionKeyRaw === "string" && sessionKeyRaw.trim() ? sessionKeyRaw.trim() : `hook:${idFactory()}`;
+	const sessionKey = typeof sessionKeyRaw === "string" && sessionKeyRaw.trim() ? sessionKeyRaw.trim() : void 0;
 	const channel = resolveHookChannel(payload.channel);
 	if (!channel) return {
 		ok: false,
@@ -12770,6 +13244,7 @@ function normalizeAgentPayload(payload, opts) {
 		value: {
 			message,
 			name,
+			agentId,
 			wakeMode,
 			sessionKey,
 			deliver,
@@ -12787,7 +13262,7 @@ function normalizeAgentPayload(payload, opts) {
 async function startBrowserControlServerIfEnabled() {
 	if (isTruthyEnvValue(process.env.OPENCLAW_SKIP_BROWSER_CONTROL_SERVER)) return null;
 	const override = process.env.OPENCLAW_BROWSER_CONTROL_MODULE?.trim();
-	const mod = override ? await import(override) : await import("./control-service-Djd_WI3_.js").then((n) => n.t);
+	const mod = override ? await import(override) : await import("./control-service-COF59GQe.js").then((n) => n.t);
 	const start = typeof mod.startBrowserControlServiceFromConfig === "function" ? mod.startBrowserControlServiceFromConfig : mod.startBrowserControlServerFromConfig;
 	const stop = typeof mod.stopBrowserControlService === "function" ? mod.stopBrowserControlService : mod.stopBrowserControlServer;
 	if (!start) return null;
@@ -12931,6 +13406,62 @@ async function resolveGatewayRuntimeConfig(params) {
 	};
 }
 
+//#endregion
+//#region src/infra/fs-safe.ts
+var SafeOpenError = class extends Error {
+	constructor(code, message) {
+		super(message);
+		this.code = code;
+		this.name = "SafeOpenError";
+	}
+};
+const NOT_FOUND_CODES = new Set(["ENOENT", "ENOTDIR"]);
+const ensureTrailingSep = (value) => value.endsWith(path.sep) ? value : value + path.sep;
+const isNodeError = (err) => Boolean(err && typeof err === "object" && "code" in err);
+const isNotFoundError = (err) => isNodeError(err) && typeof err.code === "string" && NOT_FOUND_CODES.has(err.code);
+const isSymlinkOpenError = (err) => isNodeError(err) && (err.code === "ELOOP" || err.code === "EINVAL" || err.code === "ENOTSUP");
+async function openFileWithinRoot(params) {
+	let rootReal;
+	try {
+		rootReal = await fs$1.realpath(params.rootDir);
+	} catch (err) {
+		if (isNotFoundError(err)) throw new SafeOpenError("not-found", "root dir not found");
+		throw err;
+	}
+	const rootWithSep = ensureTrailingSep(rootReal);
+	const resolved = path.resolve(rootWithSep, params.relativePath);
+	if (!resolved.startsWith(rootWithSep)) throw new SafeOpenError("invalid-path", "path escapes root");
+	const supportsNoFollow = process.platform !== "win32" && "O_NOFOLLOW" in constants;
+	const flags = constants.O_RDONLY | (supportsNoFollow ? constants.O_NOFOLLOW : 0);
+	let handle;
+	try {
+		handle = await fs$1.open(resolved, flags);
+	} catch (err) {
+		if (isNotFoundError(err)) throw new SafeOpenError("not-found", "file not found");
+		if (isSymlinkOpenError(err)) throw new SafeOpenError("invalid-path", "symlink open blocked");
+		throw err;
+	}
+	try {
+		if ((await fs$1.lstat(resolved).catch(() => null))?.isSymbolicLink()) throw new SafeOpenError("invalid-path", "symlink not allowed");
+		const realPath = await fs$1.realpath(resolved);
+		if (!realPath.startsWith(rootWithSep)) throw new SafeOpenError("invalid-path", "path escapes root");
+		const stat = await handle.stat();
+		if (!stat.isFile()) throw new SafeOpenError("invalid-path", "not a file");
+		const realStat = await fs$1.stat(realPath);
+		if (stat.ino !== realStat.ino || stat.dev !== realStat.dev) throw new SafeOpenError("invalid-path", "path mismatch");
+		return {
+			handle,
+			realPath,
+			stat
+		};
+	} catch (err) {
+		await handle.close().catch(() => {});
+		if (err instanceof SafeOpenError) throw err;
+		if (isNotFoundError(err)) throw new SafeOpenError("not-found", "file not found");
+		throw err;
+	}
+}
+
 //#endregion
 //#region src/canvas-host/a2ui.ts
 const A2UI_PATH = "/__openclaw__/a2ui";
@@ -12970,24 +13501,29 @@ function normalizeUrlPath$1(rawPath) {
 	const normalized = path.posix.normalize(decoded);
 	return normalized.startsWith("/") ? normalized : `/${normalized}`;
 }
-async function resolveA2uiFilePath(rootReal, urlPath) {
+async function resolveA2uiFile(rootReal, urlPath) {
 	const normalized = normalizeUrlPath$1(urlPath);
 	const rel = normalized.replace(/^\/+/, "");
 	if (rel.split("/").some((p) => p === "..")) return null;
-	let candidate = path.join(rootReal, rel);
-	if (normalized.endsWith("/")) candidate = path.join(candidate, "index.html");
+	const tryOpen = async (relative) => {
+		try {
+			return await openFileWithinRoot({
+				rootDir: rootReal,
+				relativePath: relative
+			});
+		} catch (err) {
+			if (err instanceof SafeOpenError) return null;
+			throw err;
+		}
+	};
+	if (normalized.endsWith("/")) return await tryOpen(path.posix.join(rel, "index.html"));
+	const candidate = path.join(rootReal, rel);
 	try {
-		if ((await fs$1.stat(candidate)).isDirectory()) candidate = path.join(candidate, "index.html");
+		const st = await fs$1.lstat(candidate);
+		if (st.isSymbolicLink()) return null;
+		if (st.isDirectory()) return await tryOpen(path.posix.join(rel, "index.html"));
 	} catch {}
-	const rootPrefix = rootReal.endsWith(path.sep) ? rootReal : `${rootReal}${path.sep}`;
-	try {
-		if ((await fs$1.lstat(candidate)).isSymbolicLink()) return null;
-		const real = await fs$1.realpath(candidate);
-		if (!real.startsWith(rootPrefix)) return null;
-		return real;
-	} catch {
-		return null;
-	}
+	return await tryOpen(rel);
 }
 function injectCanvasLiveReload(html) {
 	const snippet = `
@@ -13063,80 +13599,33 @@ async function handleA2uiHttpRequest(req, res) {
 		res.end("A2UI assets not found");
 		return true;
 	}
-	const filePath = await resolveA2uiFilePath(a2uiRootReal, url.pathname.slice(basePath.length) || "/");
-	if (!filePath) {
+	const result = await resolveA2uiFile(a2uiRootReal, url.pathname.slice(basePath.length) || "/");
+	if (!result) {
 		res.statusCode = 404;
 		res.setHeader("Content-Type", "text/plain; charset=utf-8");
 		res.end("not found");
 		return true;
 	}
-	const lower = filePath.toLowerCase();
-	const mime = lower.endsWith(".html") || lower.endsWith(".htm") ? "text/html" : await detectMime({ filePath }) ?? "application/octet-stream";
-	res.setHeader("Cache-Control", "no-store");
-	if (mime === "text/html") {
-		const html = await fs$1.readFile(filePath, "utf8");
-		res.setHeader("Content-Type", "text/html; charset=utf-8");
-		res.end(injectCanvasLiveReload(html));
-		return true;
-	}
-	res.setHeader("Content-Type", mime);
-	res.end(await fs$1.readFile(filePath));
-	return true;
-}
-
-//#endregion
-//#region src/infra/fs-safe.ts
-var SafeOpenError = class extends Error {
-	constructor(code, message) {
-		super(message);
-		this.code = code;
-		this.name = "SafeOpenError";
-	}
-};
-const NOT_FOUND_CODES = new Set(["ENOENT", "ENOTDIR"]);
-const ensureTrailingSep = (value) => value.endsWith(path.sep) ? value : value + path.sep;
-const isNodeError = (err) => Boolean(err && typeof err === "object" && "code" in err);
-const isNotFoundError = (err) => isNodeError(err) && typeof err.code === "string" && NOT_FOUND_CODES.has(err.code);
-const isSymlinkOpenError = (err) => isNodeError(err) && (err.code === "ELOOP" || err.code === "EINVAL" || err.code === "ENOTSUP");
-async function openFileWithinRoot(params) {
-	let rootReal;
-	try {
-		rootReal = await fs$1.realpath(params.rootDir);
-	} catch (err) {
-		if (isNotFoundError(err)) throw new SafeOpenError("not-found", "root dir not found");
-		throw err;
-	}
-	const rootWithSep = ensureTrailingSep(rootReal);
-	const resolved = path.resolve(rootWithSep, params.relativePath);
-	if (!resolved.startsWith(rootWithSep)) throw new SafeOpenError("invalid-path", "path escapes root");
-	const supportsNoFollow = process.platform !== "win32" && "O_NOFOLLOW" in constants;
-	const flags = constants.O_RDONLY | (supportsNoFollow ? constants.O_NOFOLLOW : 0);
-	let handle;
-	try {
-		handle = await fs$1.open(resolved, flags);
-	} catch (err) {
-		if (isNotFoundError(err)) throw new SafeOpenError("not-found", "file not found");
-		if (isSymlinkOpenError(err)) throw new SafeOpenError("invalid-path", "symlink open blocked");
-		throw err;
-	}
 	try {
-		if ((await fs$1.lstat(resolved).catch(() => null))?.isSymbolicLink()) throw new SafeOpenError("invalid-path", "symlink not allowed");
-		const realPath = await fs$1.realpath(resolved);
-		if (!realPath.startsWith(rootWithSep)) throw new SafeOpenError("invalid-path", "path escapes root");
-		const stat = await handle.stat();
-		if (!stat.isFile()) throw new SafeOpenError("invalid-path", "not a file");
-		const realStat = await fs$1.stat(realPath);
-		if (stat.ino !== realStat.ino || stat.dev !== realStat.dev) throw new SafeOpenError("invalid-path", "path mismatch");
-		return {
-			handle,
-			realPath,
-			stat
-		};
-	} catch (err) {
-		await handle.close().catch(() => {});
-		if (err instanceof SafeOpenError) throw err;
-		if (isNotFoundError(err)) throw new SafeOpenError("not-found", "file not found");
-		throw err;
+		const lower = result.realPath.toLowerCase();
+		const mime = lower.endsWith(".html") || lower.endsWith(".htm") ? "text/html" : await detectMime({ filePath: result.realPath }) ?? "application/octet-stream";
+		res.setHeader("Cache-Control", "no-store");
+		if (req.method === "HEAD") {
+			res.setHeader("Content-Type", mime === "text/html" ? "text/html; charset=utf-8" : mime);
+			res.end();
+			return true;
+		}
+		if (mime === "text/html") {
+			const buf = await result.handle.readFile({ encoding: "utf8" });
+			res.setHeader("Content-Type", "text/html; charset=utf-8");
+			res.end(injectCanvasLiveReload(buf));
+			return true;
+		}
+		res.setHeader("Content-Type", mime);
+		res.end(await result.handle.readFile());
+		return true;
+	} finally {
+		await result.handle.close().catch(() => {});
 	}
 }
 
@@ -13289,7 +13778,7 @@ async function prepareCanvasRoot(rootDir) {
 	return rootReal;
 }
 function resolveDefaultCanvasRoot() {
-	const candidates = [path.join(STATE_DIR, "canvas")];
+	const candidates = [path.join(resolveStateDir(), "canvas")];
 	return candidates.find((dir) => {
 		try {
 			return fsSync.statSync(dir).isDirectory();
@@ -13833,6 +14322,20 @@ function sendUnauthorized(res) {
 		type: "unauthorized"
 	} });
 }
+function sendRateLimited(res, retryAfterMs) {
+	if (retryAfterMs && retryAfterMs > 0) res.setHeader("Retry-After", String(Math.ceil(retryAfterMs / 1e3)));
+	sendJson$1(res, 429, { error: {
+		message: "Too many failed authentication attempts. Please try again later.",
+		type: "rate_limited"
+	} });
+}
+function sendGatewayAuthFailure(res, authResult) {
+	if (authResult.rateLimited) {
+		sendRateLimited(res, authResult.retryAfterMs);
+		return;
+	}
+	sendUnauthorized(res);
+}
 function sendInvalidRequest(res, message) {
 	sendJson$1(res, 400, { error: {
 		message,
@@ -13992,16 +14495,18 @@ async function handleOpenAiHttpRequest(req, res, opts) {
 		return true;
 	}
 	const token = getBearerToken(req);
-	if (!(await authorizeGatewayConnect({
+	const authResult = await authorizeGatewayConnect({
 		auth: opts.auth,
 		connectAuth: {
 			token,
 			password: token
 		},
 		req,
-		trustedProxies: opts.trustedProxies
-	})).ok) {
-		sendUnauthorized(res);
+		trustedProxies: opts.trustedProxies,
+		rateLimiter: opts.rateLimiter
+	});
+	if (!authResult.ok) {
+		sendGatewayAuthFailure(res, authResult);
 		return true;
 	}
 	const body = await readJsonBodyOrError(req, res, opts.maxBodyBytes ?? 1024 * 1024);
@@ -14060,8 +14565,9 @@ async function handleOpenAiHttpRequest(req, res, opts) {
 				}
 			});
 		} catch (err) {
+			logWarn(`openai-compat: chat completion failed: ${String(err)}`);
 			sendJson$1(res, 500, { error: {
-				message: String(err),
+				message: "internal error",
 				type: "api_error"
 			} });
 		}
@@ -14162,6 +14668,7 @@ async function handleOpenAiHttpRequest(req, res, opts) {
 				});
 			}
 		} catch (err) {
+			logWarn(`openai-compat: streaming chat completion failed: ${String(err)}`);
 			if (closed) return;
 			writeSse(res, {
 				id: runId,
@@ -14170,7 +14677,7 @@ async function handleOpenAiHttpRequest(req, res, opts) {
 				model,
 				choices: [{
 					index: 0,
-					delta: { content: `Error: ${String(err)}` },
+					delta: { content: "Error: internal error" },
 					finish_reason: "stop"
 				}]
 			});
@@ -14438,6 +14945,7 @@ const OutputTextDoneEventSchema = z.object({
 //#endregion
 //#region src/gateway/openresponses-http.ts
 const DEFAULT_BODY_BYTES$1 = 20 * 1024 * 1024;
+const DEFAULT_MAX_URL_PARTS = 8;
 function writeSseEvent(res, event) {
 	res.write(`event: ${event.type}\n`);
 	res.write(`data: ${JSON.stringify(event)}\n\n`);
@@ -14450,13 +14958,20 @@ function extractTextContent(content) {
 		return "";
 	}).filter(Boolean).join("\n");
 }
+function normalizeHostnameAllowlist(values) {
+	if (!values || values.length === 0) return;
+	const normalized = values.map((value) => value.trim()).filter((value) => value.length > 0);
+	return normalized.length > 0 ? normalized : void 0;
+}
 function resolveResponsesLimits(config) {
 	const files = config?.files;
 	const images = config?.images;
 	return {
 		maxBodyBytes: config?.maxBodyBytes ?? DEFAULT_BODY_BYTES$1,
+		maxUrlParts: typeof config?.maxUrlParts === "number" ? Math.max(0, Math.floor(config.maxUrlParts)) : DEFAULT_MAX_URL_PARTS,
 		files: {
 			allowUrl: files?.allowUrl ?? true,
+			urlAllowlist: normalizeHostnameAllowlist(files?.urlAllowlist),
 			allowedMimes: normalizeMimeList(files?.allowedMimes, DEFAULT_INPUT_FILE_MIMES),
 			maxBytes: files?.maxBytes ?? DEFAULT_INPUT_FILE_MAX_BYTES,
 			maxChars: files?.maxChars ?? DEFAULT_INPUT_FILE_MAX_CHARS,
@@ -14470,6 +14985,7 @@ function resolveResponsesLimits(config) {
 		},
 		images: {
 			allowUrl: images?.allowUrl ?? true,
+			urlAllowlist: normalizeHostnameAllowlist(images?.urlAllowlist),
 			allowedMimes: normalizeMimeList(images?.allowedMimes, DEFAULT_INPUT_IMAGE_MIMES),
 			maxBytes: images?.maxBytes ?? DEFAULT_INPUT_IMAGE_MAX_BYTES,
 			maxRedirects: images?.maxRedirects ?? DEFAULT_INPUT_MAX_REDIRECTS,
@@ -14621,16 +15137,18 @@ async function handleOpenResponsesHttpRequest(req, res, opts) {
 		return true;
 	}
 	const token = getBearerToken(req);
-	if (!(await authorizeGatewayConnect({
+	const authResult = await authorizeGatewayConnect({
 		auth: opts.auth,
 		connectAuth: {
 			token,
 			password: token
 		},
 		req,
-		trustedProxies: opts.trustedProxies
-	})).ok) {
-		sendUnauthorized(res);
+		trustedProxies: opts.trustedProxies,
+		rateLimiter: opts.rateLimiter
+	});
+	if (!authResult.ok) {
+		sendGatewayAuthFailure(res, authResult);
 		return true;
 	}
 	const limits = resolveResponsesLimits(opts.config);
@@ -14651,6 +15169,11 @@ async function handleOpenResponsesHttpRequest(req, res, opts) {
 	const user = payload.user;
 	let images = [];
 	let fileContexts = [];
+	let urlParts = 0;
+	const markUrlPart = () => {
+		urlParts += 1;
+		if (urlParts > limits.maxUrlParts) throw new Error(`Too many URL-based input sources: ${urlParts} (limit: ${limits.maxUrlParts})`);
+	};
 	try {
 		if (Array.isArray(payload.input)) {
 			for (const item of payload.input) if (item.type === "message" && typeof item.content !== "string") for (const part of item.content) {
@@ -14658,6 +15181,7 @@ async function handleOpenResponsesHttpRequest(req, res, opts) {
 					const source = part.source;
 					const sourceType = source.type === "base64" || source.type === "url" ? source.type : void 0;
 					if (!sourceType) throw new Error("input_image must have 'source.url' or 'source.data'");
+					if (sourceType === "url") markUrlPart();
 					const image = await extractImageContentFromSource({
 						type: sourceType,
 						url: source.url,
@@ -14671,6 +15195,7 @@ async function handleOpenResponsesHttpRequest(req, res, opts) {
 					const source = part.source;
 					const sourceType = source.type === "base64" || source.type === "url" ? source.type : void 0;
 					if (!sourceType) throw new Error("input_file must have 'source.url' or 'source.data'");
+					if (sourceType === "url") markUrlPart();
 					const file = await extractFileContentFromSource({
 						source: {
 							type: sourceType,
@@ -14688,8 +15213,9 @@ async function handleOpenResponsesHttpRequest(req, res, opts) {
 			}
 		}
 	} catch (err) {
+		logWarn(`openresponses: request parsing failed: ${String(err)}`);
 		sendJson$1(res, 400, { error: {
-			message: String(err),
+			message: "invalid request",
 			type: "invalid_request_error"
 		} });
 		return true;
@@ -14705,8 +15231,9 @@ async function handleOpenResponsesHttpRequest(req, res, opts) {
 		resolvedClientTools = toolChoiceResult.tools;
 		toolChoicePrompt = toolChoiceResult.extraSystemPrompt;
 	} catch (err) {
+		logWarn(`openresponses: tool configuration failed: ${String(err)}`);
 		sendJson$1(res, 400, { error: {
-			message: String(err),
+			message: "invalid tool configuration",
 			type: "invalid_request_error"
 		} });
 		return true;
@@ -14787,6 +15314,7 @@ async function handleOpenResponsesHttpRequest(req, res, opts) {
 				usage
 			}));
 		} catch (err) {
+			logWarn(`openresponses: non-stream response failed: ${String(err)}`);
 			sendJson$1(res, 500, createResponseResource({
 				id: responseId,
 				model,
@@ -14794,7 +15322,7 @@ async function handleOpenResponsesHttpRequest(req, res, opts) {
 				output: [],
 				error: {
 					code: "api_error",
-					message: String(err)
+					message: "internal error"
 				}
 			}));
 		}
@@ -15025,6 +15553,7 @@ async function handleOpenResponsesHttpRequest(req, res, opts) {
 				});
 			}
 		} catch (err) {
+			logWarn(`openresponses: streaming response failed: ${String(err)}`);
 			if (closed) return;
 			finalUsage = finalUsage ?? createEmptyUsage();
 			writeSseEvent(res, {
@@ -15036,7 +15565,7 @@ async function handleOpenResponsesHttpRequest(req, res, opts) {
 					output: [],
 					error: {
 						code: "api_error",
-						message: String(err)
+						message: "internal error"
 					},
 					usage: finalUsage
 				})
@@ -15061,6 +15590,17 @@ async function handleOpenResponsesHttpRequest(req, res, opts) {
 //#region src/gateway/tools-invoke-http.ts
 const DEFAULT_BODY_BYTES = 2 * 1024 * 1024;
 const MEMORY_TOOL_NAMES = new Set(["memory_search", "memory_get"]);
+/**
+* Tools denied via HTTP /tools/invoke regardless of session policy.
+* Prevents RCE and privilege escalation from HTTP API surface.
+* Configurable via gateway.tools.{deny,allow} in openclaw.json.
+*/
+const DEFAULT_GATEWAY_HTTP_TOOL_DENY = [
+	"sessions_spawn",
+	"sessions_send",
+	"gateway",
+	"whatsapp_login"
+];
 function resolveSessionKeyFromBody(body) {
 	if (typeof body.sessionKey === "string" && body.sessionKey.trim()) return body.sessionKey.trim();
 }
@@ -15088,6 +15628,15 @@ function mergeActionIntoArgsIfSupported(params) {
 		action
 	};
 }
+function getErrorMessage(err) {
+	if (err instanceof Error) return err.message || String(err);
+	if (typeof err === "string") return err;
+	return String(err);
+}
+function isToolInputError(err) {
+	if (err instanceof ToolInputError) return true;
+	return typeof err === "object" && err !== null && "name" in err && err.name === "ToolInputError";
+}
 async function handleToolsInvokeHttpRequest(req, res, opts) {
 	if (new URL(req.url ?? "/", `http://${req.headers.host ?? "localhost"}`).pathname !== "/tools/invoke") return false;
 	if (req.method !== "POST") {
@@ -15096,16 +15645,18 @@ async function handleToolsInvokeHttpRequest(req, res, opts) {
 	}
 	const cfg = loadConfig();
 	const token = getBearerToken(req);
-	if (!(await authorizeGatewayConnect({
+	const authResult = await authorizeGatewayConnect({
 		auth: opts.auth,
 		connectAuth: token ? {
 			token,
 			password: token
 		} : null,
 		req,
-		trustedProxies: opts.trustedProxies ?? cfg.gateway?.trustedProxies
-	})).ok) {
-		sendUnauthorized(res);
+		trustedProxies: opts.trustedProxies ?? cfg.gateway?.trustedProxies,
+		rateLimiter: opts.rateLimiter
+	});
+	if (!authResult.ok) {
+		sendGatewayAuthFailure(res, authResult);
 		return true;
 	}
 	const bodyUnknown = await readJsonBodyOrError(req, res, opts.maxBodyBytes ?? DEFAULT_BODY_BYTES);
@@ -15199,7 +15750,11 @@ async function handleToolsInvokeHttpRequest(req, res, opts) {
 	const agentFiltered = agentPolicyExpanded ? filterToolsByPolicy(globalProviderFiltered, agentPolicyExpanded) : globalProviderFiltered;
 	const agentProviderFiltered = agentProviderExpanded ? filterToolsByPolicy(agentFiltered, agentProviderExpanded) : agentFiltered;
 	const groupFiltered = groupPolicyExpanded ? filterToolsByPolicy(agentProviderFiltered, groupPolicyExpanded) : agentProviderFiltered;
-	const tool = (subagentPolicyExpanded ? filterToolsByPolicy(groupFiltered, subagentPolicyExpanded) : groupFiltered).find((t) => t.name === toolName);
+	const subagentFiltered = subagentPolicyExpanded ? filterToolsByPolicy(groupFiltered, subagentPolicyExpanded) : groupFiltered;
+	const gatewayToolsCfg = cfg.gateway?.tools;
+	const gatewayDenyNames = DEFAULT_GATEWAY_HTTP_TOOL_DENY.filter((name) => !gatewayToolsCfg?.allow?.includes(name)).concat(Array.isArray(gatewayToolsCfg?.deny) ? gatewayToolsCfg.deny : []);
+	const gatewayDenySet = new Set(gatewayDenyNames);
+	const tool = subagentFiltered.filter((t) => !gatewayDenySet.has(t.name)).find((t) => t.name === toolName);
 	if (!tool) {
 		sendJson$1(res, 404, {
 			ok: false,
@@ -15221,11 +15776,22 @@ async function handleToolsInvokeHttpRequest(req, res, opts) {
 			result: await tool.execute?.(`http-${Date.now()}`, toolArgs)
 		});
 	} catch (err) {
-		sendJson$1(res, 400, {
+		if (isToolInputError(err)) {
+			sendJson$1(res, 400, {
+				ok: false,
+				error: {
+					type: "tool_error",
+					message: getErrorMessage(err) || "invalid tool arguments"
+				}
+			});
+			return true;
+		}
+		logWarn(`tools-invoke: tool execution failed: ${String(err)}`);
+		sendJson$1(res, 500, {
 			ok: false,
 			error: {
 				type: "tool_error",
-				message: err instanceof Error ? err.message : String(err)
+				message: "tool execution failed"
 			}
 		});
 	}
@@ -15234,6 +15800,9 @@ async function handleToolsInvokeHttpRequest(req, res, opts) {
 
 //#endregion
 //#region src/gateway/server-http.ts
+const HOOK_AUTH_FAILURE_LIMIT = 20;
+const HOOK_AUTH_FAILURE_WINDOW_MS = 6e4;
+const HOOK_AUTH_FAILURE_TRACK_MAX = 2048;
 function sendJson(res, status, body) {
 	res.statusCode = status;
 	res.setHeader("Content-Type", "application/json; charset=utf-8");
@@ -15247,11 +15816,12 @@ function hasAuthorizedWsClientForIp(clients, clientIp) {
 	return false;
 }
 async function authorizeCanvasRequest(params) {
-	const { req, auth, trustedProxies, clients } = params;
-	if (isLocalDirectRequest(req, trustedProxies)) return true;
+	const { req, auth, trustedProxies, clients, rateLimiter } = params;
+	if (isLocalDirectRequest(req, trustedProxies)) return { ok: true };
+	let lastAuthFailure = null;
 	const token = getBearerToken(req);
 	if (token) {
-		if ((await authorizeGatewayConnect({
+		const authResult = await authorizeGatewayConnect({
 			auth: {
 				...auth,
 				allowTailscale: false
@@ -15261,8 +15831,11 @@ async function authorizeCanvasRequest(params) {
 				password: token
 			},
 			req,
-			trustedProxies
-		})).ok) return true;
+			trustedProxies,
+			rateLimiter
+		});
+		if (authResult.ok) return authResult;
+		lastAuthFailure = authResult;
 	}
 	const clientIp = resolveGatewayClientIp({
 		remoteAddr: req.socket?.remoteAddress ?? "",
@@ -15270,11 +15843,65 @@ async function authorizeCanvasRequest(params) {
 		realIp: getHeader(req, "x-real-ip"),
 		trustedProxies
 	});
-	if (!clientIp) return false;
-	return hasAuthorizedWsClientForIp(clients, clientIp);
+	if (!clientIp) return lastAuthFailure ?? {
+		ok: false,
+		reason: "unauthorized"
+	};
+	if (!isPrivateOrLoopbackAddress(clientIp)) return lastAuthFailure ?? {
+		ok: false,
+		reason: "unauthorized"
+	};
+	if (hasAuthorizedWsClientForIp(clients, clientIp)) return { ok: true };
+	return lastAuthFailure ?? {
+		ok: false,
+		reason: "unauthorized"
+	};
+}
+function writeUpgradeAuthFailure(socket, auth) {
+	if (auth.rateLimited) {
+		const retryAfterSeconds = auth.retryAfterMs && auth.retryAfterMs > 0 ? Math.ceil(auth.retryAfterMs / 1e3) : void 0;
+		socket.write([
+			"HTTP/1.1 429 Too Many Requests",
+			retryAfterSeconds ? `Retry-After: ${retryAfterSeconds}` : void 0,
+			"Content-Type: application/json; charset=utf-8",
+			"Connection: close",
+			"",
+			JSON.stringify({ error: {
+				message: "Too many failed authentication attempts. Please try again later.",
+				type: "rate_limited"
+			} })
+		].filter(Boolean).join("\r\n"));
+		return;
+	}
+	socket.write("HTTP/1.1 401 Unauthorized\r\nConnection: close\r\n\r\n");
 }
 function createHooksRequestHandler(opts) {
 	const { getHooksConfig, bindHost, port, logHooks, dispatchAgentHook, dispatchWakeHook } = opts;
+	const hookAuthFailures = /* @__PURE__ */ new Map();
+	const resolveHookClientKey = (req) => {
+		return req.socket?.remoteAddress?.trim() || "unknown";
+	};
+	const recordHookAuthFailure = (clientKey, nowMs) => {
+		if (!hookAuthFailures.has(clientKey) && hookAuthFailures.size >= HOOK_AUTH_FAILURE_TRACK_MAX) hookAuthFailures.clear();
+		const current = hookAuthFailures.get(clientKey);
+		const next = !current || nowMs - current.windowStartedAtMs >= HOOK_AUTH_FAILURE_WINDOW_MS ? {
+			count: 1,
+			windowStartedAtMs: nowMs
+		} : {
+			count: current.count + 1,
+			windowStartedAtMs: current.windowStartedAtMs
+		};
+		hookAuthFailures.set(clientKey, next);
+		if (next.count <= HOOK_AUTH_FAILURE_LIMIT) return { throttled: false };
+		const retryAfterMs = Math.max(1, next.windowStartedAtMs + HOOK_AUTH_FAILURE_WINDOW_MS - nowMs);
+		return {
+			throttled: true,
+			retryAfterSeconds: Math.ceil(retryAfterMs / 1e3)
+		};
+	};
+	const clearHookAuthFailure = (clientKey) => {
+		hookAuthFailures.delete(clientKey);
+	};
 	return async (req, res) => {
 		const hooksConfig = getHooksConfig();
 		if (!hooksConfig) return false;
@@ -15288,12 +15915,24 @@ function createHooksRequestHandler(opts) {
 			return true;
 		}
 		const token = extractHookToken(req);
-		if (!token || token !== hooksConfig.token) {
+		const clientKey = resolveHookClientKey(req);
+		if (!safeEqualSecret(token, hooksConfig.token)) {
+			const throttle = recordHookAuthFailure(clientKey, Date.now());
+			if (throttle.throttled) {
+				const retryAfter = throttle.retryAfterSeconds ?? 1;
+				res.statusCode = 429;
+				res.setHeader("Retry-After", String(retryAfter));
+				res.setHeader("Content-Type", "text/plain; charset=utf-8");
+				res.end("Too Many Requests");
+				logHooks.warn(`hook auth throttled for ${clientKey}; retry-after=${retryAfter}s`);
+				return true;
+			}
 			res.statusCode = 401;
 			res.setHeader("Content-Type", "text/plain; charset=utf-8");
 			res.end("Unauthorized");
 			return true;
 		}
+		clearHookAuthFailure(clientKey);
 		if (req.method !== "POST") {
 			res.statusCode = 405;
 			res.setHeader("Allow", "POST");
@@ -15343,9 +15982,32 @@ function createHooksRequestHandler(opts) {
 				});
 				return true;
 			}
+			if (!isHookAgentAllowed(hooksConfig, normalized.value.agentId)) {
+				sendJson(res, 400, {
+					ok: false,
+					error: getHookAgentPolicyError()
+				});
+				return true;
+			}
+			const sessionKey = resolveHookSessionKey({
+				hooksConfig,
+				source: "request",
+				sessionKey: normalized.value.sessionKey
+			});
+			if (!sessionKey.ok) {
+				sendJson(res, 400, {
+					ok: false,
+					error: sessionKey.error
+				});
+				return true;
+			}
 			sendJson(res, 202, {
 				ok: true,
-				runId: dispatchAgentHook(normalized.value)
+				runId: dispatchAgentHook({
+					...normalized.value,
+					sessionKey: sessionKey.value,
+					agentId: resolveHookTargetAgentId(hooksConfig, normalized.value.agentId)
+				})
 			});
 			return true;
 		}
@@ -15388,13 +16050,33 @@ function createHooksRequestHandler(opts) {
 					});
 					return true;
 				}
+				if (!isHookAgentAllowed(hooksConfig, mapped.action.agentId)) {
+					sendJson(res, 400, {
+						ok: false,
+						error: getHookAgentPolicyError()
+					});
+					return true;
+				}
+				const sessionKey = resolveHookSessionKey({
+					hooksConfig,
+					source: "mapping",
+					sessionKey: mapped.action.sessionKey
+				});
+				if (!sessionKey.ok) {
+					sendJson(res, 400, {
+						ok: false,
+						error: sessionKey.error
+					});
+					return true;
+				}
 				sendJson(res, 202, {
 					ok: true,
 					runId: dispatchAgentHook({
 						message: mapped.action.message,
 						name: mapped.action.name ?? "Hook",
+						agentId: resolveHookTargetAgentId(hooksConfig, mapped.action.agentId),
 						wakeMode: mapped.action.wakeMode,
-						sessionKey: mapped.action.sessionKey ?? "",
+						sessionKey: sessionKey.value,
 						deliver: resolveHookDeliver(mapped.action.deliver),
 						channel,
 						to: mapped.action.to,
@@ -15421,7 +16103,7 @@ function createHooksRequestHandler(opts) {
 	};
 }
 function createGatewayHttpServer(opts) {
-	const { canvasHost, clients, controlUiEnabled, controlUiBasePath, controlUiRoot, openAiChatCompletionsEnabled, openResponsesEnabled, openResponsesConfig, handleHooksRequest, handlePluginRequest, resolvedAuth } = opts;
+	const { canvasHost, clients, controlUiEnabled, controlUiBasePath, controlUiRoot, openAiChatCompletionsEnabled, openResponsesEnabled, openResponsesConfig, handleHooksRequest, handlePluginRequest, resolvedAuth, rateLimiter } = opts;
 	const httpServer = opts.tlsOptions ? createServer$1(opts.tlsOptions, (req, res) => {
 		handleRequest(req, res);
 	}) : createServer((req, res) => {
@@ -15432,35 +16114,60 @@ function createGatewayHttpServer(opts) {
 		try {
 			const configSnapshot = loadConfig();
 			const trustedProxies = configSnapshot.gateway?.trustedProxies ?? [];
+			const requestPath = new URL(req.url ?? "/", "http://localhost").pathname;
 			if (await handleHooksRequest(req, res)) return;
 			if (await handleToolsInvokeHttpRequest(req, res, {
 				auth: resolvedAuth,
-				trustedProxies
+				trustedProxies,
+				rateLimiter
 			})) return;
 			if (await handleSlackHttpRequest(req, res)) return;
-			if (handlePluginRequest && await handlePluginRequest(req, res)) return;
+			if (handlePluginRequest) {
+				if (requestPath.startsWith("/api/channels/")) {
+					const token = getBearerToken(req);
+					const authResult = await authorizeGatewayConnect({
+						auth: resolvedAuth,
+						connectAuth: token ? {
+							token,
+							password: token
+						} : null,
+						req,
+						trustedProxies,
+						rateLimiter
+					});
+					if (!authResult.ok) {
+						sendGatewayAuthFailure(res, authResult);
+						return;
+					}
+				}
+				if (await handlePluginRequest(req, res)) return;
+			}
 			if (openResponsesEnabled) {
 				if (await handleOpenResponsesHttpRequest(req, res, {
 					auth: resolvedAuth,
 					config: openResponsesConfig,
-					trustedProxies
+					trustedProxies,
+					rateLimiter
 				})) return;
 			}
 			if (openAiChatCompletionsEnabled) {
 				if (await handleOpenAiHttpRequest(req, res, {
 					auth: resolvedAuth,
-					trustedProxies
+					trustedProxies,
+					rateLimiter
 				})) return;
 			}
 			if (canvasHost) {
-				if (isCanvasPath(new URL(req.url ?? "/", "http://localhost").pathname)) {
-					if (!await authorizeCanvasRequest({
+				if (isCanvasPath(requestPath)) {
+					const ok = await authorizeCanvasRequest({
 						req,
 						auth: resolvedAuth,
 						trustedProxies,
-						clients
-					})) {
-						sendUnauthorized(res);
+						clients,
+						rateLimiter
+					});
+					if (!ok.ok) {
+						sendGatewayAuthFailure(res, ok);
 						return;
 					}
 				}
@@ -15490,18 +16197,20 @@ function createGatewayHttpServer(opts) {
 	return httpServer;
 }
 function attachGatewayUpgradeHandler(opts) {
-	const { httpServer, wss, canvasHost, clients, resolvedAuth } = opts;
+	const { httpServer, wss, canvasHost, clients, resolvedAuth, rateLimiter } = opts;
 	httpServer.on("upgrade", (req, socket, head) => {
 		(async () => {
 			if (canvasHost) {
 				if (new URL(req.url ?? "/", "http://localhost").pathname === CANVAS_WS_PATH) {
-					if (!await authorizeCanvasRequest({
+					const ok = await authorizeCanvasRequest({
 						req,
 						auth: resolvedAuth,
 						trustedProxies: loadConfig().gateway?.trustedProxies ?? [],
-						clients
-					})) {
-						socket.write("HTTP/1.1 401 Unauthorized\r\nConnection: close\r\n\r\n");
+						clients,
+						rateLimiter
+					});
+					if (!ok.ok) {
+						writeUpgradeAuthFailure(socket, ok);
 						socket.destroy();
 						return;
 					}
@@ -15527,12 +16236,13 @@ function createGatewayHooksRequestHandler(params) {
 		if (value.mode === "now") requestHeartbeatNow({ reason: "hook:wake" });
 	};
 	const dispatchAgentHook = (value) => {
-		const sessionKey = value.sessionKey.trim() ? value.sessionKey.trim() : `hook:${randomUUID()}`;
+		const sessionKey = value.sessionKey.trim();
 		const mainSessionKey = resolveMainSessionKeyFromConfig();
 		const jobId = randomUUID();
 		const now = Date.now();
 		const job = {
 			id: jobId,
+			agentId: value.agentId,
 			name: value.name,
 			enabled: true,
 			createdAtMs: now,
@@ -15860,6 +16570,7 @@ async function createGatewayRuntimeState(params) {
 			handleHooksRequest,
 			handlePluginRequest,
 			resolvedAuth: params.resolvedAuth,
+			rateLimiter: params.rateLimiter,
 			tlsOptions: params.gatewayTls?.enabled ? params.gatewayTls.tlsOptions : void 0
 		});
 		try {
@@ -15886,7 +16597,8 @@ async function createGatewayRuntimeState(params) {
 		wss,
 		canvasHost,
 		clients,
-		resolvedAuth: params.resolvedAuth
+		resolvedAuth: params.resolvedAuth,
+		rateLimiter: params.rateLimiter
 	});
 	const agentRunSeq = /* @__PURE__ */ new Map();
 	const dedupe = /* @__PURE__ */ new Map();
@@ -15980,11 +16692,15 @@ function logGatewayStartup(params) {
 * console.log(`Loaded ${count} hook handlers`);
 * ```
 */
-async function loadInternalHooks(cfg, workspaceDir) {
+async function loadInternalHooks(cfg, workspaceDir, opts) {
 	if (!cfg.hooks?.internal?.enabled) return 0;
 	let loadedCount = 0;
 	try {
-		const eligible = loadWorkspaceHookEntries(workspaceDir, { config: cfg }).filter((entry) => shouldIncludeHook({
+		const eligible = loadWorkspaceHookEntries(workspaceDir, {
+			config: cfg,
+			managedHooksDir: opts?.managedHooksDir,
+			bundledHooksDir: opts?.bundledHooksDir
+		}).filter((entry) => shouldIncludeHook({
 			entry,
 			config: cfg
 		}));
@@ -16408,6 +17124,8 @@ function formatGatewayAuthFailureMessage(params) {
 		case "tailscale_proxy_missing": return "unauthorized: tailscale proxy headers missing (use Tailscale Serve or gateway token/password)";
 		case "tailscale_whois_failed": return "unauthorized: tailscale identity check failed (use Tailscale Serve auth or gateway token/password)";
 		case "tailscale_user_mismatch": return "unauthorized: tailscale identity mismatch (use Tailscale Serve auth or gateway token/password)";
+		case "rate_limited": return "unauthorized: too many failed authentication attempts (retry later)";
+		case "device_token_mismatch": return "unauthorized: device token mismatch (rotate/reissue device token)";
 		default: break;
 	}
 	if (authMode === "token" && authProvided === "none") return `unauthorized: gateway token missing (${tokenHint})`;
@@ -16415,7 +17133,7 @@ function formatGatewayAuthFailureMessage(params) {
 	return "unauthorized";
 }
 function attachGatewayWsMessageHandler(params) {
-	const { socket, upgradeReq, connId, remoteAddr, forwardedFor, realIp, requestHost, requestOrigin, requestUserAgent, canvasHostUrl, connectNonce, resolvedAuth, gatewayMethods, events, extraHandlers, buildRequestContext, send, close, isClosed, clearHandshakeTimer, getClient, setClient, setHandshakeState, setCloseCause, setLastFrameMeta, logGateway, logHealth, logWsControl } = params;
+	const { socket, upgradeReq, connId, remoteAddr, forwardedFor, realIp, requestHost, requestOrigin, requestUserAgent, canvasHostUrl, connectNonce, resolvedAuth, rateLimiter, gatewayMethods, events, extraHandlers, buildRequestContext, send, close, isClosed, clearHandshakeTimer, getClient, setClient, setHandshakeState, setCloseCause, setLastFrameMeta, logGateway, logHealth, logWsControl } = params;
 	const configSnapshot = loadConfig();
 	const trustedProxies = configSnapshot.gateway?.trustedProxies ?? [];
 	const clientIp = resolveGatewayClientIp({
@@ -16518,8 +17236,7 @@ function attachGatewayWsMessageHandler(params) {
 					close(1008, "invalid role");
 					return;
 				}
-				const requestedScopes = Array.isArray(connectParams.scopes) ? connectParams.scopes : [];
-				const scopes = requestedScopes.length > 0 ? requestedScopes : role === "operator" ? ["operator.admin"] : [];
+				const scopes = Array.isArray(connectParams.scopes) ? connectParams.scopes : [];
 				connectParams.role = role;
 				connectParams.scopes = scopes;
 				const isControlUi = connectParams.client.id === GATEWAY_CLIENT_IDS.CONTROL_UI;
@@ -16561,12 +17278,26 @@ function attachGatewayWsMessageHandler(params) {
 				const disableControlUiDeviceAuth = isControlUi && configSnapshot.gateway?.controlUi?.dangerouslyDisableDeviceAuth === true;
 				const allowControlUiBypass = allowInsecureControlUi || disableControlUiDeviceAuth;
 				const device = disableControlUiDeviceAuth ? null : deviceRaw;
-				const authResult = await authorizeGatewayConnect({
+				const hasDeviceTokenCandidate = Boolean(connectParams.auth?.token && device);
+				let authResult = await authorizeGatewayConnect({
 					auth: resolvedAuth,
 					connectAuth: connectParams.auth,
 					req: upgradeReq,
-					trustedProxies
+					trustedProxies,
+					rateLimiter: hasDeviceTokenCandidate ? void 0 : rateLimiter,
+					clientIp,
+					rateLimitScope: AUTH_RATE_LIMIT_SCOPE_SHARED_SECRET
 				});
+				if (hasDeviceTokenCandidate && authResult.ok && rateLimiter && (authResult.method === "token" || authResult.method === "password")) {
+					const sharedRateCheck = rateLimiter.check(clientIp, AUTH_RATE_LIMIT_SCOPE_SHARED_SECRET);
+					if (!sharedRateCheck.allowed) authResult = {
+						ok: false,
+						reason: "rate_limited",
+						rateLimited: true,
+						retryAfterMs: sharedRateCheck.retryAfterMs
+					};
+					else rateLimiter.reset(clientIp, AUTH_RATE_LIMIT_SCOPE_SHARED_SECRET);
+				}
 				let authOk = authResult.ok;
 				let authMethod = authResult.method ?? (resolvedAuth.mode === "password" ? "password" : "token");
 				const sharedAuthResult = hasSharedAuth ? await authorizeGatewayConnect({
@@ -16576,23 +17307,24 @@ function attachGatewayWsMessageHandler(params) {
 					},
 					connectAuth: connectParams.auth,
 					req: upgradeReq,
-					trustedProxies
+					trustedProxies,
+					rateLimitScope: AUTH_RATE_LIMIT_SCOPE_SHARED_SECRET
 				}) : null;
 				const sharedAuthOk = sharedAuthResult?.ok === true && (sharedAuthResult.method === "token" || sharedAuthResult.method === "password");
-				const rejectUnauthorized = () => {
+				const rejectUnauthorized = (failedAuth) => {
 					setHandshakeState("failed");
-					logWsControl.warn(`unauthorized conn=${connId} remote=${remoteAddr ?? "?"} client=${clientLabel} ${connectParams.client.mode} v${connectParams.client.version} reason=${authResult.reason ?? "unknown"}`);
+					logWsControl.warn(`unauthorized conn=${connId} remote=${remoteAddr ?? "?"} client=${clientLabel} ${connectParams.client.mode} v${connectParams.client.version} reason=${failedAuth.reason ?? "unknown"}`);
 					const authProvided = connectParams.auth?.token ? "token" : connectParams.auth?.password ? "password" : "none";
 					const authMessage = formatGatewayAuthFailureMessage({
 						authMode: resolvedAuth.mode,
 						authProvided,
-						reason: authResult.reason,
+						reason: failedAuth.reason,
 						client: connectParams.client
 					});
 					setCloseCause("unauthorized", {
 						authMode: resolvedAuth.mode,
 						authProvided,
-						authReason: authResult.reason,
+						authReason: failedAuth.reason,
 						allowTailscale: resolvedAuth.allowTailscale,
 						client: connectParams.client.id,
 						clientDisplayName: connectParams.client.displayName,
@@ -16629,7 +17361,7 @@ function attachGatewayWsMessageHandler(params) {
 					}
 					if (!canSkipDevice) {
 						if (!authOk && hasSharedAuth) {
-							rejectUnauthorized();
+							rejectUnauthorized(authResult);
 							return;
 						}
 						setHandshakeState("failed");
@@ -16723,7 +17455,7 @@ function attachGatewayWsMessageHandler(params) {
 						clientId: connectParams.client.id,
 						clientMode: connectParams.client.mode,
 						role,
-						scopes: requestedScopes,
+						scopes,
 						signedAtMs: signedAt,
 						token: connectParams.auth?.token ?? null,
 						nonce: providedNonce || void 0,
@@ -16736,7 +17468,7 @@ function attachGatewayWsMessageHandler(params) {
 							clientId: connectParams.client.id,
 							clientMode: connectParams.client.mode,
 							role,
-							scopes: requestedScopes,
+							scopes,
 							signedAtMs: signedAt,
 							token: connectParams.auth?.token ?? null,
 							version: "v1"
@@ -16792,7 +17524,16 @@ function attachGatewayWsMessageHandler(params) {
 					}
 				}
 				if (!authOk && connectParams.auth?.token && device) {
-					if ((await verifyDeviceToken({
+					if (rateLimiter) {
+						const deviceRateCheck = rateLimiter.check(clientIp, AUTH_RATE_LIMIT_SCOPE_DEVICE_TOKEN);
+						if (!deviceRateCheck.allowed) authResult = {
+							ok: false,
+							reason: "rate_limited",
+							rateLimited: true,
+							retryAfterMs: deviceRateCheck.retryAfterMs
+						};
+					}
+					if (!authResult.rateLimited) if ((await verifyDeviceToken({
 						deviceId: device.id,
 						token: connectParams.auth.token,
 						role,
@@ -16800,10 +17541,17 @@ function attachGatewayWsMessageHandler(params) {
 					})).ok) {
 						authOk = true;
 						authMethod = "device-token";
+						rateLimiter?.reset(clientIp, AUTH_RATE_LIMIT_SCOPE_DEVICE_TOKEN);
+					} else {
+						authResult = {
+							ok: false,
+							reason: "device_token_mismatch"
+						};
+						rateLimiter?.recordFailure(clientIp, AUTH_RATE_LIMIT_SCOPE_DEVICE_TOKEN);
 					}
 				}
 				if (!authOk) {
-					rejectUnauthorized();
+					rejectUnauthorized(authResult);
 					return;
 				}
 				if (device && devicePublicKey && !(allowControlUiBypass && sharedAuthOk)) {
@@ -17070,8 +17818,18 @@ function attachGatewayWsMessageHandler(params) {
 
 //#endregion
 //#region src/gateway/server/ws-connection.ts
+const LOG_HEADER_MAX_LEN = 300;
+const LOG_HEADER_CONTROL_REGEX = /[\u0000-\u001f\u007f-\u009f]/g;
+const LOG_HEADER_FORMAT_REGEX = /\p{Cf}/gu;
+const sanitizeLogValue = (value) => {
+	if (!value) return;
+	const cleaned = value.replace(LOG_HEADER_CONTROL_REGEX, " ").replace(LOG_HEADER_FORMAT_REGEX, " ").replace(/\s+/g, " ").trim();
+	if (!cleaned) return;
+	if (cleaned.length <= LOG_HEADER_MAX_LEN) return cleaned;
+	return truncateUtf16Safe(cleaned, LOG_HEADER_MAX_LEN);
+};
 function attachGatewayWsConnectionHandler(params) {
-	const { wss, clients, port, gatewayHost, canvasHostEnabled, canvasHostServerPort, resolvedAuth, gatewayMethods, events, logGateway, logHealth, logWsControl, extraHandlers, broadcast, buildRequestContext } = params;
+	const { wss, clients, port, gatewayHost, canvasHostEnabled, canvasHostServerPort, resolvedAuth, rateLimiter, gatewayMethods, events, logGateway, logHealth, logWsControl, extraHandlers, broadcast, buildRequestContext } = params;
 	wss.on("connection", (socket, upgradeReq) => {
 		let client = null;
 		let closed = false;
@@ -17145,6 +17903,11 @@ function attachGatewayWsConnectionHandler(params) {
 		const isNoisySwiftPmHelperClose = (userAgent, remote) => Boolean(userAgent?.toLowerCase().includes("swiftpm-testing-helper") && isLoopbackAddress(remote));
 		socket.once("close", (code, reason) => {
 			const durationMs = Date.now() - openedAt;
+			const logForwardedFor = sanitizeLogValue(forwardedFor);
+			const logOrigin = sanitizeLogValue(requestOrigin);
+			const logHost = sanitizeLogValue(requestHost);
+			const logUserAgent = sanitizeLogValue(requestUserAgent);
+			const logReason = sanitizeLogValue(reason?.toString());
 			const closeContext = {
 				cause: closeCause,
 				handshake: handshakeState,
@@ -17152,14 +17915,14 @@ function attachGatewayWsConnectionHandler(params) {
 				lastFrameType,
 				lastFrameMethod,
 				lastFrameId,
-				host: requestHost,
-				origin: requestOrigin,
-				userAgent: requestUserAgent,
-				forwardedFor,
+				host: logHost,
+				origin: logOrigin,
+				userAgent: logUserAgent,
+				forwardedFor: logForwardedFor,
 				...closeMeta
 			};
-			if (!client) (isNoisySwiftPmHelperClose(requestUserAgent, remoteAddr) ? logWsControl.debug : logWsControl.warn)(`closed before connect conn=${connId} remote=${remoteAddr ?? "?"} fwd=${forwardedFor ?? "n/a"} origin=${requestOrigin ?? "n/a"} host=${requestHost ?? "n/a"} ua=${requestUserAgent ?? "n/a"} code=${code ?? "n/a"} reason=${reason?.toString() || "n/a"}`, closeContext);
-			if (client && isWebchatClient(client.connect.client)) logWsControl.info(`webchat disconnected code=${code} reason=${reason?.toString() || "n/a"} conn=${connId}`);
+			if (!client) (isNoisySwiftPmHelperClose(requestUserAgent, remoteAddr) ? logWsControl.debug : logWsControl.warn)(`closed before connect conn=${connId} remote=${remoteAddr ?? "?"} fwd=${logForwardedFor || "n/a"} origin=${logOrigin || "n/a"} host=${logHost || "n/a"} ua=${logUserAgent || "n/a"} code=${code ?? "n/a"} reason=${logReason || "n/a"}`, closeContext);
+			if (client && isWebchatClient(client.connect.client)) logWsControl.info(`webchat disconnected code=${code} reason=${logReason || "n/a"} conn=${connId}`);
 			if (client?.presenceKey) {
 				upsertPresence(client.presenceKey, { reason: "disconnect" });
 				incrementPresenceVersion();
@@ -17179,7 +17942,7 @@ function attachGatewayWsConnectionHandler(params) {
 			logWs("out", "close", {
 				connId,
 				code,
-				reason: reason?.toString(),
+				reason: logReason,
 				durationMs,
 				cause: closeCause,
 				handshake: handshakeState,
@@ -17211,6 +17974,7 @@ function attachGatewayWsConnectionHandler(params) {
 			canvasHostUrl,
 			connectNonce,
 			resolvedAuth,
+			rateLimiter,
 			gatewayMethods,
 			events,
 			extraHandlers,
@@ -17247,6 +18011,7 @@ function attachGatewayWsHandlers(params) {
 		canvasHostEnabled: params.canvasHostEnabled,
 		canvasHostServerPort: params.canvasHostServerPort,
 		resolvedAuth: params.resolvedAuth,
+		rateLimiter: params.rateLimiter,
 		gatewayMethods: params.gatewayMethods,
 		events: params.events,
 		logGateway: params.logGateway,
@@ -17346,6 +18111,8 @@ async function startGatewayServer(port = 18789, opts = {}) {
 	const { bindHost, controlUiEnabled, openAiChatCompletionsEnabled, openResponsesEnabled, openResponsesConfig, controlUiBasePath, controlUiRoot: controlUiRootOverride, resolvedAuth, tailscaleConfig, tailscaleMode } = runtimeConfig;
 	let hooksConfig = runtimeConfig.hooksConfig;
 	const canvasHostEnabled = runtimeConfig.canvasHostEnabled;
+	const rateLimitConfig = cfgAtStart.gateway?.auth?.rateLimit;
+	const authRateLimiter = rateLimitConfig ? createAuthRateLimiter(rateLimitConfig) : void 0;
 	let controlUiRootState;
 	if (controlUiRootOverride) {
 		const resolvedOverride = resolveControlUiRootOverrideSync(controlUiRootOverride);
@@ -17395,6 +18162,7 @@ async function startGatewayServer(port = 18789, opts = {}) {
 		openResponsesEnabled,
 		openResponsesConfig,
 		resolvedAuth,
+		rateLimiter: authRateLimiter,
 		gatewayTls,
 		hooksConfig: () => hooksConfig,
 		pluginRegistry,
@@ -17502,6 +18270,7 @@ async function startGatewayServer(port = 18789, opts = {}) {
 		canvasHostEnabled: Boolean(canvasHost),
 		canvasHostServerPort,
 		resolvedAuth,
+		rateLimiter: authRateLimiter,
 		gatewayMethods,
 		events: GATEWAY_EVENTS,
 		logGateway: log,
@@ -17585,6 +18354,12 @@ async function startGatewayServer(port = 18789, opts = {}) {
 		logChannels,
 		logBrowser
 	}));
+	{
+		const hookRunner = getGlobalHookRunner();
+		if (hookRunner?.hasHooks("gateway_start")) hookRunner.runGatewayStart({ port }, { port }).catch((err) => {
+			log.warn(`gateway_start hook failed: ${String(err)}`);
+		});
+	}
 	const { applyHotReload, requestGatewayRestart } = createGatewayReloadHandlers({
 		deps,
 		broadcast,
@@ -17647,12 +18422,21 @@ async function startGatewayServer(port = 18789, opts = {}) {
 		httpServers
 	});
 	return { close: async (opts) => {
+		{
+			const hookRunner = getGlobalHookRunner();
+			if (hookRunner?.hasHooks("gateway_stop")) try {
+				await hookRunner.runGatewayStop({ reason: opts?.reason ?? "gateway stopping" }, { port });
+			} catch (err) {
+				log.warn(`gateway_stop hook failed: ${String(err)}`);
+			}
+		}
 		if (diagnosticsEnabled) stopDiagnosticHeartbeat();
 		if (skillsRefreshTimer) {
 			clearTimeout(skillsRefreshTimer);
 			skillsRefreshTimer = null;
 		}
 		skillsChangeUnsub();
+		authRateLimiter?.dispose();
 		await close(opts);
 	} };
 }
@@ -17752,6 +18536,8 @@ async function runGatewayLoop(params) {
 		process.removeListener("SIGINT", onSigint);
 		process.removeListener("SIGUSR1", onSigusr1);
 	};
+	const DRAIN_TIMEOUT_MS = 3e4;
+	const SHUTDOWN_TIMEOUT_MS = 5e3;
 	const request = (action, signal) => {
 		if (shuttingDown) {
 			gatewayLog$1.info(`received ${signal} during shutdown; ignoring`);
@@ -17760,13 +18546,23 @@ async function runGatewayLoop(params) {
 		shuttingDown = true;
 		const isRestart = action === "restart";
 		gatewayLog$1.info(`received ${signal}; ${isRestart ? "restarting" : "shutting down"}`);
+		const forceExitMs = isRestart ? DRAIN_TIMEOUT_MS + SHUTDOWN_TIMEOUT_MS : SHUTDOWN_TIMEOUT_MS;
 		const forceExitTimer = setTimeout(() => {
 			gatewayLog$1.error("shutdown timed out; exiting without full cleanup");
 			cleanupSignals();
 			params.runtime.exit(0);
-		}, 5e3);
+		}, forceExitMs);
 		(async () => {
 			try {
+				if (isRestart) {
+					const activeTasks = getActiveTaskCount();
+					if (activeTasks > 0) {
+						gatewayLog$1.info(`draining ${activeTasks} active task(s) before restart (timeout ${DRAIN_TIMEOUT_MS}ms)`);
+						const { drained } = await waitForActiveTasks(DRAIN_TIMEOUT_MS);
+						if (drained) gatewayLog$1.info("all active tasks drained");
+						else gatewayLog$1.warn("drain timeout reached; proceeding with restart");
+					}
+				}
 				await server?.close({
 					reason: isRestart ? "gateway restarting" : "gateway stopping",
 					restartExpectedMs: isRestart ? 1500 : null