@haaaiawd/second-nature 0.1.9 → 0.1.11

package/index.js

@@ -16,15 +16,111 @@
  * - structured mutating flows such as policy set / credential verify remain unavailable here
  * - full evidence-backed workspace runtime can be reintroduced later behind a host-safe boundary
  *
+ * OpenClaw operator norm (T1.1.4 / T1.1.5): set `SECOND_NATURE_WORKSPACE_ROOT` or tool `workspaceRoot` to the
+ * **same absolute path** as the OpenClaw **agent workspace** (default `~/.openclaw/workspace`, or
+ * `agents.defaults.workspace` in `~/.openclaw/openclaw.json`). Do **not** infer that root from the plugin
+ * install directory. With **sandbox** or **per-agent workspaces**, use the path where `data/state.db` and
+ * `workspace/` anchors actually live. See `explore/reports/2026-05-04_openclaw-plugin-install-vs-workspace-root.md`.
+ *
  * Test coverage:
  * - tests/integration/cli/plugin-runtime-registration.test.ts
  * - tests/integration/cli/plugin-packaging-walkthrough.test.ts
+ * - tests/integration/cli/plugin-workspace-ops-bridge.test.ts (T1.1.4 / CH-13 matrix, T1.1.5 ops docs cross-ref)
  */
 import { startRuntimeService, } from "./runtime/core/second-nature/runtime/service-entry.js";
 import { getLifecycleState, recordRegistration, } from "./runtime/core/second-nature/runtime/lifecycle-service.js";
+import { openWorkspaceOpsBridge } from "./workspace-ops-bridge.js";
 const INTERNAL_RUNTIME_TRACE_PREFIX = "sn-runtime-";
 const HOST_SAFE_LIMITATION_MESSAGE = "Host-safe plugin package keeps synchronous register/load semantics, but mutating workspace runtime flows remain unavailable here.";
 let activationSpine = null;
+/** T1.1.4 — lazily opened full read bridge; closed when workspace root / resolution changes. */
+let workspaceOpsBridge = null;
+function disposeWorkspaceOpsBridge() {
+    if (workspaceOpsBridge) {
+        workspaceOpsBridge.close();
+        workspaceOpsBridge = null;
+    }
+}
+const WORKSPACE_BRIDGE_COMMANDS = new Set([
+    "status",
+    "quiet",
+    "report",
+    "session",
+    "explain",
+    "heartbeat_check",
+    "fallback",
+    "storage_smoke",
+]);
+function isWorkspaceBridgeCommand(command, input) {
+    if (command === "credential") {
+        const action = typeof input?.action === "string" ? input.action : "show";
+        return action !== "verify";
+    }
+    return WORKSPACE_BRIDGE_COMMANDS.has(command);
+}
+async function ensureWorkspaceOpsBridge(spine) {
+    const root = spine.workspaceRootContext.runtimeRoot;
+    if (workspaceOpsBridge?.root === root) {
+        return { ok: true, dispatch: workspaceOpsBridge.dispatch };
+    }
+    disposeWorkspaceOpsBridge();
+    const opened = await openWorkspaceOpsBridge(root);
+    if (!opened.ok) {
+        return opened;
+    }
+    workspaceOpsBridge = { root, close: opened.close, dispatch: opened.dispatch };
+    return { ok: true, dispatch: opened.dispatch };
+}
+async function routeSecondNatureCommand(spine, command, input) {
+    const wr = spine.workspaceRootContext;
+    const useBridge = wr.resolution !== "unknown" && isWorkspaceBridgeCommand(command, input);
+    if (useBridge) {
+        const bridge = await ensureWorkspaceOpsBridge(spine);
+        if (!bridge.ok) {
+            return {
+                ok: false,
+                surfaceMode: "host_safe_carrier",
+                workspaceReadModelsEvaluated: false,
+                message: HOST_SAFE_LIMITATION_MESSAGE,
+                error: bridge.error,
+                data: {
+                    workspaceRootResolution: wr.resolution,
+                    bridgeAttempted: true,
+                    declaredRoot: wr.declaredRoot,
+                },
+            };
+        }
+        return (await bridge.dispatch(command, input));
+    }
+    const def = spine.router.resolve(command);
+    if (!def) {
+        return { ok: false, message: `Unknown Second Nature command: ${command}` };
+    }
+    return def.execute(input);
+}
+function resolveWorkspaceRoot(toolWorkspaceRoot) {
+    const env = process.env.SECOND_NATURE_WORKSPACE_ROOT?.trim();
+    if (env) {
+        return { resolution: "env", declaredRoot: env, runtimeRoot: env };
+    }
+    const tool = toolWorkspaceRoot?.trim();
+    if (tool) {
+        return { resolution: "tool_args", declaredRoot: tool, runtimeRoot: tool };
+    }
+    return { resolution: "unknown", declaredRoot: undefined, runtimeRoot: process.cwd() };
+}
+function syncWorkspaceRootFromTool(spine, toolWorkspaceRoot) {
+    const next = resolveWorkspaceRoot(toolWorkspaceRoot);
+    const prev = spine.workspaceRootContext;
+    const changed = next.runtimeRoot !== prev.runtimeRoot || next.resolution !== prev.resolution;
+    if (changed) {
+        disposeWorkspaceOpsBridge();
+    }
+    spine.workspaceRootContext = next;
+    if (changed) {
+        spine.runtimeHandle = startRuntimeService({ workspaceRoot: next.runtimeRoot });
+    }
+}
 function trimRuntimeEvidence(spine) {
     if (spine.runtimeEvidence.length > 12) {
         spine.runtimeEvidence.splice(0, spine.runtimeEvidence.length - 12);
@@ -88,56 +184,73 @@ function parseExplainSubject(subjectRaw) {
 function buildStatusPayload(spine) {
     const runtimeEvidence = latestRuntimeEvidence(spine);
     const updatedAt = runtimeEvidence?.createdAt ?? new Date(spine.lifecycleState.lastChangedAt).toISOString();
+    const wr = spine.workspaceRootContext;
+    const needsRootHint = wr.resolution === "unknown";
     return {
-        ok: true,
+        ok: false,
+        surfaceMode: "host_safe_carrier",
+        workspaceReadModelsEvaluated: false,
+        message: HOST_SAFE_LIMITATION_MESSAGE,
+        error: {
+            code: "WORKSPACE_READ_SURFACE_UNAVAILABLE",
+            message: "Aggregated status requires workspace state; the host-safe plugin does not load persisted read models on this surface.",
+            requiredUserInput: needsRootHint ? ["SECOND_NATURE_WORKSPACE_ROOT or tool workspaceRoot"] : [],
+            nextStep: "run_workspace_second_nature_cli_or_full_runtime_package",
+        },
         data: {
-            runtime: {
+            workspaceRootResolution: wr.resolution,
+            carrier: {
                 host: "openclaw-plugin",
                 serviceStatus: spine.runtimeHandle.ready ? "running" : "idle",
                 updatedAt,
-            },
-            rhythm: {
-                mode: "active",
-                windowId: undefined,
-            },
-            quiet: {
-                mode: "unknown",
-                lastEvent: runtimeEvidence?.traceId,
-                interrupted: undefined,
-            },
-            connectors: [],
-            credentials: [],
-            risk: {
-                level: "low",
-                flags: [],
+                lastRuntimeTraceId: runtimeEvidence?.traceId,
             },
         },
     };
 }
-function buildQuietPayload(scope) {
+function buildQuietPayload(spine, scope) {
+    const wr = spine.workspaceRootContext;
     return {
-        ok: true,
+        ok: false,
+        surfaceMode: "host_safe_carrier",
+        workspaceReadModelsEvaluated: false,
+        message: HOST_SAFE_LIMITATION_MESSAGE,
+        error: {
+            code: "QUIET_READ_SURFACE_UNAVAILABLE",
+            message: "Quiet read surface requires workspace runtime; not evaluated in host-safe carrier mode.",
+            requiredUserInput: wr.resolution === "unknown" ? ["SECOND_NATURE_WORKSPACE_ROOT or tool workspaceRoot"] : [],
+            nextStep: "run_workspace_second_nature_cli_or_full_runtime_package",
+        },
         data: {
             scope,
-            mode: "unknown",
-            sourceCount: 0,
-            reportCount: 0,
-            recentJournalCount: 0,
+            evaluated: false,
+            unavailableReason: "host_safe_carrier_no_workspace_db",
+            workspaceRootResolution: wr.resolution,
         },
     };
 }
-function buildReportPayload(day) {
+function buildReportPayload(spine, day) {
+    const wr = spine.workspaceRootContext;
     return {
-        ok: true,
+        ok: false,
+        surfaceMode: "host_safe_carrier",
+        workspaceReadModelsEvaluated: false,
+        message: HOST_SAFE_LIMITATION_MESSAGE,
+        error: {
+            code: "REPORT_READ_SURFACE_UNAVAILABLE",
+            message: "Daily report artifacts require workspace runtime.",
+            requiredUserInput: wr.resolution === "unknown" ? ["SECOND_NATURE_WORKSPACE_ROOT or tool workspaceRoot"] : [],
+            nextStep: "run_workspace_second_nature_cli_or_full_runtime_package",
+        },
         data: {
+            evaluated: false,
+            unavailableReason: "host_safe_carrier_no_workspace_db",
             day: day && day.trim() ? day : new Date().toISOString().slice(0, 10),
-            summary: "",
-            highlights: [],
-            sourceRefs: [],
+            workspaceRootResolution: wr.resolution,
         },
     };
 }
-function buildSessionPayload(sessionId) {
+function buildSessionPayload(spine, sessionId) {
     if (!sessionId) {
         return {
             ok: false,
@@ -149,26 +262,44 @@ function buildSessionPayload(sessionId) {
             },
         };
     }
+    const wr = spine.workspaceRootContext;
     return {
-        ok: true,
+        ok: false,
+        surfaceMode: "host_safe_carrier",
+        workspaceReadModelsEvaluated: false,
+        message: HOST_SAFE_LIMITATION_MESSAGE,
+        error: {
+            code: "SESSION_READ_SURFACE_UNAVAILABLE",
+            message: "Session analytics require workspace state database.",
+            requiredUserInput: wr.resolution === "unknown" ? ["SECOND_NATURE_WORKSPACE_ROOT or tool workspaceRoot"] : [],
+            nextStep: "run_workspace_second_nature_cli_or_full_runtime_package",
+        },
         data: {
             requestedSessionId: sessionId,
-            traceId: sessionId,
-            decisionCount: 0,
-            attemptCount: 0,
-            governanceCount: 0,
-            keyFactors: [],
-            evidenceRefs: [],
+            evaluated: false,
+            unavailableReason: "host_safe_carrier_no_workspace_db",
+            workspaceRootResolution: wr.resolution,
         },
     };
 }
-function buildCredentialPayload(platformId) {
+function buildCredentialPayload(spine, platformId) {
+    const wr = spine.workspaceRootContext;
     return {
-        ok: true,
+        ok: false,
+        surfaceMode: "host_safe_carrier",
+        workspaceReadModelsEvaluated: false,
+        message: HOST_SAFE_LIMITATION_MESSAGE,
+        error: {
+            code: "CREDENTIAL_READ_SURFACE_UNAVAILABLE",
+            message: "Credential inspection requires workspace runtime on this surface.",
+            requiredUserInput: wr.resolution === "unknown" ? ["SECOND_NATURE_WORKSPACE_ROOT or tool workspaceRoot"] : [],
+            nextStep: "run_workspace_second_nature_cli_or_full_runtime_package",
+        },
         data: {
-            platformId: platformId && platformId.trim() ? platformId : "unknown",
-            status: "missing",
-            nextStep: "provide_credential_context",
+            platformId: platformId && platformId.trim() ? platformId : undefined,
+            evaluated: false,
+            unavailableReason: "host_safe_carrier_no_workspace_db",
+            workspaceRootResolution: wr.resolution,
         },
     };
 }
@@ -198,23 +329,22 @@ function buildExplainPayload(spine, subjectRaw) {
         }
         return createUnavailableActionError("EXPLAIN_SUBJECT_INVALID", "invalid explain subject", ["subject"], "reinvoke_explain_with_supported_subject");
     }
-    const runtimeEvidence = latestRuntimeEvidence(spine);
+    const wr = spine.workspaceRootContext;
     return {
-        ok: true,
+        ok: false,
+        surfaceMode: "host_safe_carrier",
+        workspaceReadModelsEvaluated: false,
+        message: HOST_SAFE_LIMITATION_MESSAGE,
+        error: {
+            code: "EXPLAIN_READ_SURFACE_UNAVAILABLE",
+            message: "Evidence-backed explain requires persisted workspace read models; host-safe carrier did not evaluate operator explain (CH-11-02).",
+            requiredUserInput: wr.resolution === "unknown" ? ["SECOND_NATURE_WORKSPACE_ROOT or tool workspaceRoot"] : [],
+            nextStep: "run_workspace_second_nature_cli_or_full_runtime_package",
+        },
         data: {
             subjectType: subject.subjectType,
-            conclusion: "Plugin surface is loaded in host-safe mode with a minimal activation spine.",
-            keyFactors: [
-                "synchronous_register",
-                `subject:${subject.subjectId}`,
-                runtimeEvidence?.capability ?? "runtime.activate",
-            ],
-            evidenceRefs: [
-                runtimeEvidence?.traceId ?? `${INTERNAL_RUNTIME_TRACE_PREFIX}none`,
-                `subject:${subjectRaw.trim()}`,
-                "host_safe_mode",
-            ],
-            nextStep: "use full workspace runtime for evidence-backed explain details",
+            evaluated: false,
+            workspaceRootResolution: wr.resolution,
         },
     };
 }
@@ -252,20 +382,58 @@ function buildFallbackHostSafePayload(ref) {
     }
     return createUnavailableActionError("HOST_SAFE_FALLBACK_VIEW_UNAVAILABLE", "Operator fallback view requires workspace state database; host-safe plugin cannot read persisted fallback artifacts.", ["ref"], "run_workspace_second_nature_cli_or_full_runtime_package");
 }
+function isProbeOnlyInput(input) {
+    const v = input?.probeOnly;
+    return v === true || v === "true" || v === 1 || v === "1";
+}
 function buildHeartbeatCheckPayload(spine, input) {
     const runtimeEvidence = latestRuntimeEvidence(spine);
     const updatedAt = runtimeEvidence?.createdAt ?? new Date(spine.lifecycleState.lastChangedAt).toISOString();
     const timestamp = typeof input?.timestamp === "string" && input.timestamp.trim().length > 0 ? input.timestamp : updatedAt;
+    const wr = spine.workspaceRootContext;
+    if (isProbeOnlyInput(input)) {
+        return {
+            ok: true,
+            status: "heartbeat_ok",
+            surfaceMode: "capability_probe",
+            reasons: ["probe_only"],
+            livedExperienceLoopClaimed: false,
+            scope: "rhythm",
+            trigger: "heartbeat_bridge",
+            message: "Capability probe only on the host-safe carrier surface; does not claim a full lived-experience decision loop.",
+            data: {
+                workspaceRootResolution: wr.resolution,
+                runtime: {
+                    host: "openclaw-plugin",
+                    serviceStatus: spine.runtimeHandle.ready ? "running" : "idle",
+                    updatedAt,
+                },
+                surface: {
+                    tool: "second_nature_ops",
+                    command: "second-nature heartbeat_check",
+                },
+                bridge: {
+                    timestamp,
+                    probeOnly: true,
+                    sessionContextProvided: typeof input?.sessionContext === "string" && input.sessionContext.trim().length > 0,
+                    heartbeatChecklistProvided: typeof input?.heartbeatChecklist === "string" && input.heartbeatChecklist.trim().length > 0,
+                    serviceEntryMode: "capability_probe",
+                },
+            },
+        };
+    }
     return {
         ok: true,
-        status: "heartbeat_ok",
-        heartbeat: "HEARTBEAT_OK",
+        status: "runtime_carrier_only",
+        surfaceMode: "host_safe_carrier",
+        livedExperienceLoopClaimed: false,
         scope: "rhythm",
         trigger: "heartbeat_bridge",
-        reasons: ["host_safe_bridge_ready"],
-        nextAction: "continue",
-        message: "Host-safe heartbeat bridge acknowledged the round. No additional action is required from this surface.",
+        reasons: ["runtime_carrier_only", "host_safe_bridge_ack"],
+        nextAction: "continue_carrier_surface_only",
+        message: "Packaged carrier acknowledged this heartbeat round. This is not a full lived-experience decision loop; use the workspace CLI when read models are required.",
         data: {
+            workspaceRootResolution: wr.resolution,
             runtime: {
                 host: "openclaw-plugin",
                 serviceStatus: spine.runtimeHandle.ready ? "running" : "idle",
@@ -316,7 +484,7 @@ function createHostSafeRouter(spine) {
                     return createUnavailableActionError("HOST_SAFE_CREDENTIAL_VERIFY_UNAVAILABLE", "credential verify is unavailable in the host-safe plugin package", ["verification_answer"], "run_workspace_runtime_or_reinstall_full_build");
                 }
                 const platformId = typeof input?.platformId === "string" ? input.platformId : undefined;
-                return buildCredentialPayload(platformId);
+                return buildCredentialPayload(spine, platformId);
             },
         },
         {
@@ -324,7 +492,7 @@ function createHostSafeRouter(spine) {
             description: "Inspect Quiet lifecycle state",
             execute: async (input) => {
                 const scope = typeof input?.scope === "string" ? input.scope : undefined;
-                return buildQuietPayload(scope);
+                return buildQuietPayload(spine, scope);
             },
         },
         {
@@ -332,7 +500,7 @@ function createHostSafeRouter(spine) {
             description: "Show daily report artifacts",
             execute: async (input) => {
                 const day = typeof input?.day === "string" ? input.day : undefined;
-                return buildReportPayload(day);
+                return buildReportPayload(spine, day);
             },
         },
         {
@@ -340,7 +508,7 @@ function createHostSafeRouter(spine) {
             description: "Inspect continuity session details",
             execute: async (input) => {
                 const sessionId = typeof input?.sessionId === "string" ? input.sessionId : undefined;
-                return buildSessionPayload(sessionId);
+                return buildSessionPayload(spine, sessionId);
             },
         },
         {
@@ -383,12 +551,14 @@ function createHostSafeRouter(spine) {
     };
 }
 function createActivationSpine() {
+    const workspaceRootContext = resolveWorkspaceRoot(undefined);
     const spine = {
         router: undefined,
-        runtimeHandle: startRuntimeService({ workspaceRoot: process.cwd() }),
+        runtimeHandle: startRuntimeService({ workspaceRoot: workspaceRootContext.runtimeRoot }),
         lifecycleState: getLifecycleState(),
         serviceStartRecorded: false,
         runtimeEvidence: [],
+        workspaceRootContext,
     };
     spine.router = createHostSafeRouter(spine);
     return spine;
@@ -422,7 +592,14 @@ function recordRuntimeEvidence(spine, origin) {
 }
 function refreshRegistrationState() {
     const spine = ensureActivationSpine();
-    spine.runtimeHandle = startRuntimeService({ workspaceRoot: process.cwd() });
+    const workspaceRootContext = resolveWorkspaceRoot(undefined);
+    const prev = spine.workspaceRootContext;
+    const changed = workspaceRootContext.runtimeRoot !== prev.runtimeRoot || workspaceRootContext.resolution !== prev.resolution;
+    if (changed) {
+        disposeWorkspaceOpsBridge();
+    }
+    spine.workspaceRootContext = workspaceRootContext;
+    spine.runtimeHandle = startRuntimeService({ workspaceRoot: workspaceRootContext.runtimeRoot });
     spine.lifecycleState = recordRegistration();
     spine.serviceStartRecorded = false;
     recordRuntimeEvidence(spine, "register");
@@ -575,7 +752,7 @@ export default {
                         text: JSON.stringify({ ok: false, command: parsed.command, message: "Unknown Second Nature command." }),
                     };
                 }
-                const result = await resolved.execute(parsed.input);
+                const result = await routeSecondNatureCommand(spine, parsed.command, parsed.input);
                 return {
                     text: JSON.stringify(result),
                 };
@@ -590,11 +767,16 @@ export default {
                 properties: {
                     command: { type: "string" },
                     args: { type: "object", additionalProperties: true },
+                    workspaceRoot: {
+                        type: "string",
+                        description: "Workspace root for packaged smoke/runtime alignment (optional; prefer SECOND_NATURE_WORKSPACE_ROOT).",
+                    },
                 },
                 required: ["command"],
             },
             async execute(_id, params) {
                 const spine = ensureActivationSpine();
+                syncWorkspaceRootFromTool(spine, params.workspaceRoot);
                 const resolved = spine.router.resolve(params.command);
                 if (!resolved) {
                     return {
@@ -606,7 +788,7 @@ export default {
                         ],
                     };
                 }
-                const result = await resolved.execute(params.args);
+                const result = await routeSecondNatureCommand(spine, params.command, params.args);
                 return {
                     content: [
                         {

package/openclaw.plugin.json

@@ -1,9 +1,9 @@
 {
   "id": "second-nature",
   "name": "Second Nature",
-  "version": "0.1.9",
+  "version": "0.1.11",
   "entry": "./index.js",
-  "description": "OpenClaw native plugin package with synchronous surface registration and a bundled runtime spine.",
+  "description": "OpenClaw native plugin with synchronous surface registration and bundled runtime spine. Set SECOND_NATURE_WORKSPACE_ROOT or tool workspaceRoot to the same path as the agent workspace (see README / T1.1.4 ops norm).",
   "capabilities": {
     "commands": [
       "second-nature"

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@haaaiawd/second-nature",
-  "version": "0.1.9",
+  "version": "0.1.11",
   "description": "OpenClaw native plugin with synchronous registration, a packaged runtime artifact, and operator-facing status/explain flows.",
   "keywords": [
     "openclaw",
@@ -17,6 +17,7 @@
   "main": "./index.js",
   "files": [
     "index.js",
+    "workspace-ops-bridge.js",
     "openclaw.plugin.json",
     "runtime/"
   ],

package/runtime/cli/ops/heartbeat-surface.js

@@ -48,8 +48,8 @@ export async function heartbeatCheck(input) {
     if (!input.readModels) {
         return {
             ok: true,
-            status: "heartbeat_ok",
-            surfaceMode: "workspace_full_runtime",
+            status: "runtime_carrier_only",
+            surfaceMode: "host_safe_carrier",
             reasons: ["heartbeat_read_models_unavailable"],
             livedExperienceLoopClaimed: false,
         };

package/runtime/cli/ops/ops-router.js

@@ -3,6 +3,10 @@
  */
 import { heartbeatCheck } from "./heartbeat-surface.js";
 import { showOperatorFallback, OperatorFallbackNotFoundError } from "./show-operator-fallback.js";
+function coerceProbeOnlyFlag(input) {
+    const v = input?.probeOnly;
+    return v === true || v === "true" || v === 1 || v === "1";
+}
 export function createOpsRouter(deps) {
     return {
         heartbeatCheck: (input) => heartbeatCheck({
@@ -14,12 +18,12 @@ export function createOpsRouter(deps) {
             if (command === "heartbeat_check") {
                 const runtimeAvailable = typeof input?.runtimeAvailable === "boolean" ? input.runtimeAvailable : deps.runtimeAvailable;
                 return heartbeatCheck({
-                    probeOnly: Boolean(input?.probeOnly),
+                    probeOnly: coerceProbeOnlyFlag(input),
                     runtimeAvailable,
                     fakeControlPlanePassthrough: input?.fakeControlPlanePassthrough && typeof input.fakeControlPlanePassthrough === "object"
                         ? input.fakeControlPlanePassthrough
                         : undefined,
-                    readModels: deps.readModels,
+                    readModels: input?.readModels ?? deps.readModels,
                     timestamp: typeof input?.timestamp === "string" ? input.timestamp : undefined,
                     sessionContext: typeof input?.sessionContext === "string" ? input.sessionContext : undefined,
                     scopeHint: input?.scopeHint,

package/runtime/core/second-nature/runtime/service-entry.js

@@ -26,7 +26,8 @@ export function startRuntimeService(ctx) {
     // - observability-system (event store setup)
     // - control-plane-system (heartbeat bridge preparation)
     const workspaceRoot = ctx?.workspaceRoot ?? process.cwd();
-    const version = "0.1.0";
+    /** Keep in sync with `plugin/package.json` when cutting releases. */
+    const version = "0.1.11";
     activeHandle = {
         ready: true,
         version,

package/runtime/guidance/outreach-draft-schema.d.ts

@@ -59,8 +59,8 @@ export declare const sceneGuidanceRequestSchema: z.ZodObject<{
         maintenance: "maintenance";
     }>>;
     riskLevel: z.ZodEnum<{
-        low: "low";
         medium: "medium";
+        low: "low";
         high: "high";
     }>;
     sourceRefs: z.ZodArray<z.ZodObject<{
@@ -113,8 +113,8 @@ export declare const outreachDraftRequestSchema: z.ZodObject<{
         maintenance: "maintenance";
     }>>;
     riskLevel: z.ZodEnum<{
-        low: "low";
         medium: "medium";
+        low: "low";
         high: "high";
     }>;
     sourceRefs: z.ZodArray<z.ZodObject<{
@@ -185,7 +185,7 @@ export declare function parseOutreachDraftRequest(input: unknown): OutreachDraft
 export declare function safeParseOutreachDraftRequest(input: unknown): z.ZodSafeParseResult<{
     requestId: string;
     runtimeScope: "rhythm" | "user_reply" | "user_task";
-    riskLevel: "low" | "medium" | "high";
+    riskLevel: "medium" | "low" | "high";
     sourceRefs: {
         id: string;
         kind: "platform_item" | "workspace_artifact" | "decision_record" | "user_anchor" | "connector_result" | "host_report" | "fallback_artifact";

package/runtime/observability/services/lived-experience-audit.js

@@ -91,7 +91,8 @@ export class LivedExperienceAuditRecorder {
             payload.status === "not_sent_fallback" ||
             payload.status === "channel_missing" ||
             payload.status === "host_unsupported" ||
-            payload.status === "failed") {
+            payload.status === "failed" ||
+            payload.status === "ack_dropped") {
             entry.noUserVisibleContact = true;
         }
         return { eventId: envelope.eventId };

package/runtime/storage/repositories/credential-repository.js

@@ -12,8 +12,19 @@ export class CredentialRepository {
         });
     }
     async findByPlatformId(platformId) {
-        return this.database.db.query.credentialRecords.findFirst({
+        const row = await this.database.db.query.credentialRecords.findFirst({
             where: eq(credentialRecords.platformId, platformId),
         });
+        if (row == null) {
+            return undefined;
+        }
+        const r = row;
+        const pid = (r.platformId ?? r.platform_id);
+        const enc = (r.encryptedValue ?? r.encrypted_value);
+        // sql.js + Drizzle: no-match can still return a "shell" row (keys present, values undefined).
+        if (pid == null || pid === "" || enc == null || enc === "") {
+            return undefined;
+        }
+        return row;
     }
 }

package/runtime/storage/services/credential-vault.js

@@ -90,9 +90,10 @@ export function createCredentialVault(db) {
                 return null;
             let plain;
             if (record.encryptedValue) {
-                plain = isCredentialCiphertext(record.encryptedValue)
-                    ? decryptCredentialAtRest(record.encryptedValue)
-                    : record.encryptedValue;
+                if (!isCredentialCiphertext(record.encryptedValue)) {
+                    throw new Error("credential_store_plaintext_or_invalid_legacy_record");
+                }
+                plain = decryptCredentialAtRest(record.encryptedValue);
             }
             return {
                 platformId: record.platformId,

package/workspace-ops-bridge.js

@@ -0,0 +1,78 @@
+/**
+ * T1.1.4 — Lazy workspace full-ops bridge (OpenClaw plugin).
+ *
+ * Core logic: dynamic-import packaged `runtime/` + open workspace `data/*.db` with the same
+ * `createCliRuntimeDeps` + `createOpsRouter` + `createCliCommands` path as the workspace CLI.
+ * `process.chdir(workspaceRoot)` during dispatch so `memory/workspace` paths match CLI cwd semantics.
+ *
+ * Boundaries: no static imports from `./runtime/*` (sql.js top-level await stays out of register() graph).
+ *
+ * Plan B (CH-11-01): if the host VM blocks dynamic import + sql.js, fall back to a subprocess invoking
+ * the workspace `second-nature` CLI — not implemented here; bridge failures surface as explicit errors.
+ *
+ * Test coverage: tests/integration/cli/plugin-workspace-ops-bridge.test.ts
+ */
+import fs from "node:fs";
+import path from "node:path";
+import { fileURLToPath } from "node:url";
+const PLUGIN_PACKAGE_ROOT = path.dirname(fileURLToPath(import.meta.url));
+export async function openWorkspaceOpsBridge(workspaceRoot) {
+    const resolvedRoot = path.resolve(workspaceRoot);
+    try {
+        // Packaged `plugin/runtime` is emitted JS without sibling `.d.ts` in this repo layout.
+        // @ts-expect-error TS7016 — intentional dynamic import of artifact bundle
+        const cliIndex = (await import("./runtime/cli/index.js"));
+        const commandsMod = (await import("./runtime/cli/commands/index.js"));
+        const storageDb = (await import("./runtime/storage/db/index.js"));
+        const obsDb = (await import("./runtime/observability/db/index.js"));
+        const boundary = (await import("./runtime/cli/runtime/runtime-artifact-boundary.js"));
+        const dataDir = path.join(resolvedRoot, "data");
+        fs.mkdirSync(dataDir, { recursive: true });
+        const statePath = path.join(dataDir, "state.db");
+        const obsPath = path.join(dataDir, "observability.db");
+        const stateDb = storageDb.createStateDatabase(statePath);
+        const observabilityDb = obsDb.createObservabilityDatabase(obsPath);
+        const deps = cliIndex.createCliRuntimeDeps({ stateDb, observabilityDb });
+        const runtimeResolved = boundary.resolvePackagedRuntime(PLUGIN_PACKAGE_ROOT);
+        const opsRouter = cliIndex.createOpsRouter({
+            runtimeAvailable: runtimeResolved.ok,
+            readModels: deps.readModels,
+        });
+        const commands = commandsMod.createCliCommands({
+            readModels: deps.readModels,
+            actionBridge: deps.actionBridge,
+            opsRouter,
+        });
+        const dispatch = async (command, input) => {
+            const def = commands.find((c) => c.name === command);
+            if (!def) {
+                return {
+                    ok: false,
+                    error: { code: "unknown_command", message: `Unknown Second Nature command: ${command}` },
+                };
+            }
+            const prevCwd = process.cwd();
+            try {
+                process.chdir(resolvedRoot);
+                return await def.execute(input);
+            }
+            finally {
+                process.chdir(prevCwd);
+            }
+        };
+        const close = () => {
+            cliIndex.closeCliRuntimeDeps(deps);
+        };
+        return { ok: true, workspaceRoot: resolvedRoot, dispatch, close };
+    }
+    catch (error) {
+        return {
+            ok: false,
+            error: {
+                code: "WORKSPACE_FULL_OPS_BRIDGE_FAILED",
+                message: error instanceof Error ? error.message : String(error),
+                nextStep: "Confirm the packaged plugin includes plugin/runtime and that the host allows dynamic import of sql.js. If the VM forbids it, use a subprocess workspace CLI (Plan B) or run outside the sandbox.",
+            },
+        };
+    }
+}