@hailer/mcp 1.1.16 → 1.1.17-beta.0

package/dist/bot/bot.js

@@ -1,10 +1,13 @@
 "use strict";
 /**
- * Bot - Single class replacing the agents/ hierarchy.
+ * Bot — connects to Hailer, listens for messages, responds via Anthropic API.
  *
- * Connects to Hailer, subscribes to messenger signals,
- * processes messages through the Anthropic API with tool use,
- * and posts responses back to discussions.
+ * This is the orchestrator. Domain logic lives in services:
+ * - SignalRouter: rate limiting, dedup, discussion state
+ * - BotPermissions: workspace permission checks, post-filtering
+ * - WorkspaceRefresh: debounced cache refresh from Hailer signals
+ * - buildSystemPrompt: LLM system prompt construction
+ * - ConversationManager, MessageClassifier, MessageFormatterService, etc.
  */
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
@@ -22,74 +25,42 @@ const workspace_overview_1 = require("./workspace-overview");
 const operation_logger_1 = require("./operation-logger");
 const services_1 = require("./services");
 const logger_1 = require("../lib/logger");
-const permission_guard_1 = require("./services/permission-guard");
-/**
- * Tools available to the bot. Add/remove tool names here to control what the LLM can use.
- * The MCP server (Claude Code terminal) is unaffected - it keeps full access to all tools.
- */
+// ===== CONSTANTS =====
+const WRITE_TOOLS = new Set(['create_activity', 'update_activity']);
+const DISCUSSION_TOOLS = new Set([
+    'fetch_discussion_messages', 'fetch_previous_discussion_messages',
+    'add_discussion_message', 'invite_discussion_members', 'get_activity_from_discussion',
+]);
 const BOT_TOOLS = new Set([
-    // Data reading
-    'list_workflows',
-    'list_workflows_minimal',
-    'list_workflow_phases',
-    'get_workflow_schema',
-    'list_activities',
-    'show_activity_by_id',
-    'count_activities',
-    'search_workspace_users',
-    'get_workspace_balance',
-    // Data writing
-    'create_activity',
-    'update_activity',
-    // Workflow management
+    'list_workflows', 'list_workflows_minimal', 'list_workflow_phases', 'get_workflow_schema',
+    'list_activities', 'show_activity_by_id', 'count_activities',
+    'search_workspace_users', 'get_workspace_balance',
+    'create_activity', 'update_activity',
     'install_workflow',
-    // Discussions
-    'list_my_discussions',
-    'fetch_discussion_messages',
-    'fetch_previous_discussion_messages',
-    'add_discussion_message',
-    'join_discussion',
-    'leave_discussion',
-    'invite_discussion_members',
-    'get_activity_from_discussion',
-    // Files
-    'upload_files',
-    'download_file',
-    // Insights
-    'list_insights',
-    'get_insight_data',
-    'preview_insight',
-    'create_insight',
-    'update_insight',
-    // Permissions
-    'list_workflow_permissions',
-    'check_user_permissions',
-    'grant_workflow_permission',
-    'revoke_workflow_permission',
+    'list_my_discussions', 'fetch_discussion_messages', 'fetch_previous_discussion_messages',
+    'add_discussion_message', 'join_discussion', 'leave_discussion',
+    'invite_discussion_members', 'get_activity_from_discussion',
+    'upload_files', 'download_file',
+    'list_insights', 'get_insight_data', 'preview_insight', 'create_insight', 'update_insight',
+    'list_workflow_permissions', 'check_user_permissions',
+    'grant_workflow_permission', 'revoke_workflow_permission',
 ]);
-/** Tools that require the requesting user to be a workspace admin or owner */
-const ADMIN_ONLY_TOOLS = new Set([
-    'grant_workflow_permission',
-    'revoke_workflow_permission',
-]);
-/**
- * Tools where the workflowId only appears in the result, not the args.
- * These run first, then the result is checked for workflow access.
- */
-const POST_CHECK_TOOLS = new Set([
-    'show_activity_by_id',
-    'fetch_discussion_messages',
-    'get_activity_from_discussion',
-]);
-/** Minimal tool set for SIMPLE-routed messages (greetings, quick lookups). */
 const MODEL_HAIKU = 'claude-haiku-4-5-20251001';
 const MODEL_SONNET = 'claude-sonnet-4-5-20250929';
 const IMAGE_MIME_TYPES = new Set(['image/jpeg', 'image/png', 'image/gif', 'image/webp']);
-const MAX_IMAGE_SIZE = 5 * 1024 * 1024; // 5MB — skip vision for larger images
+const MAX_IMAGE_SIZE = 5 * 1024 * 1024;
 const MAX_TOOL_ITERATIONS = 10;
-const RATE_LIMIT_WINDOW = 60_000; // 60 seconds
-const RATE_LIMIT_PER_DISCUSSION = 30; // max signals per discussion per window
-const RATE_LIMIT_GLOBAL = 100; // max signals total per window
+const TOOL_STATUS_LABELS = {
+    list_activities: 'Searching activities', count_activities: 'Counting activities',
+    show_activity_by_id: 'Reading activity', create_activity: 'Creating activity',
+    update_activity: 'Updating activity', list_workflows: 'Loading workflows',
+    list_workflows_minimal: 'Loading workflows', get_workflow_schema: 'Reading workflow schema',
+    list_workflow_phases: 'Loading phases', preview_insight: 'Running query',
+    get_insight_data: 'Running report', search_workspace_users: 'Searching users',
+    fetch_discussion_messages: 'Reading messages', add_discussion_message: 'Sending message',
+    join_discussion: 'Joining discussion',
+};
+// ===== BOT CLASS =====
 class Bot {
     logger;
     clientManager;
@@ -103,55 +74,37 @@ class Bot {
     workspaceOverview = '';
     userId = '';
     _workspaceId;
-    // Live-updatable config (can be hot-swapped without restart)
+    // Live-updatable config
     _systemPrompt;
     _responseMode = 'always';
     // Services
+    signalRouter;
+    permissions;
+    workspaceRefresh;
     conversationManager = null;
     messageClassifier = null;
     messageFormatter = null;
     typingIndicator = null;
     tokenBilling = null;
-    sessionLogger = null;
     hailerApi = null;
-    /** Cache of insightId → Set<workflowId> for permission checks on ID-based insight tools */
-    insightWorkflowCache = new Map();
     opLogger = new operation_logger_1.OperationLogger();
-    // State
-    discussionStates = new Map();
-    processingDiscussions = new Set(); // concurrency guard only
-    static DISENGAGE_THRESHOLD = 5;
-    processedMessageIds = new Set();
-    signalTimestampsPerDiscussion = new Map();
-    globalSignalTimestamps = [];
+    cachedTools = null;
+    // Signal handlers (for cleanup)
     signalHandler = null;
     processUpdatedHandler = null;
     workspaceUpdatedHandler = null;
     cacheInvalidateHandler = null;
     _connected = false;
-    refreshTimer = null;
-    refreshDirty = false;
-    refreshScope = new Set();
-    isRefreshing = false;
-    refreshQueued = false;
-    permissionIndex = new Map();
-    adminUserIds = new Set();
-    ownerUserIds = new Set();
-    workspaceMemberIds = new Set();
-    membersLoaded = false;
     // Config
     config;
-    botManager; // BotManager ref for cross-bot awareness
+    botManager;
     constructor(config) {
         this.config = {
-            email: config.email,
-            password: config.password,
-            apiHost: config.apiHost,
+            email: config.email, password: config.password, apiHost: config.apiHost,
             anthropicApiKey: config.anthropicApiKey,
-            model: config.model || 'claude-haiku-4-5-20251001',
+            model: config.model || MODEL_HAIKU,
             toolRegistry: config.toolRegistry,
-            workspaceId: config.workspaceId,
-            systemPrompt: config.systemPrompt,
+            workspaceId: config.workspaceId, systemPrompt: config.systemPrompt,
             accessLevel: config.accessLevel || 'all',
             allowedWorkflows: config.allowedWorkflows || [],
         };
@@ -161,14 +114,17 @@ class Bot {
         this.logger = (0, logger_1.createLogger)({ component: 'Bot' });
         this.clientManager = new hailer_clients_1.HailerClientManager(config.apiHost, config.email, config.password);
         this.toolExecutor = new tool_executor_1.ToolExecutor(config.toolRegistry);
+        this.signalRouter = new services_1.SignalRouter(this.logger);
+        this.permissions = new services_1.BotPermissions(this.config.allowedWorkflows, this.logger);
+        this.workspaceRefresh = new services_1.WorkspaceRefresh(this.logger);
     }
+    // Public accessors (used by BotManager for hot-reload)
     get email() { return this.config.email; }
     get password() { return this.config.password; }
     get accessLevel() { return this.config.accessLevel; }
-    /**
-     * Hot-update the system prompt without restarting the bot.
-     * Takes effect on the next message processed.
-     */
+    get connected() { return this._connected; }
+    get workspaceId() { return this._workspaceId; }
+    get botUserId() { return this.userId; }
     updateSystemPrompt(prompt) {
         this._systemPrompt = prompt;
         this.logger.info('System prompt updated live', { hasPrompt: !!prompt });
@@ -177,52 +133,34 @@ class Bot {
         this._responseMode = mode || 'always';
         this.logger.info('Response mode updated live', { responseMode: this._responseMode });
     }
-    get connected() {
-        return this._connected;
-    }
-    get workspaceId() {
-        return this._workspaceId;
-    }
-    /** Exposed for BotManager cross-bot awareness */
-    get botUserId() {
-        return this.userId;
-    }
     // ===== LIFECYCLE =====
     async start() {
-        if (this._connected) {
-            this.logger.warn('Bot.start() called while already connected, ignoring');
+        if (this._connected)
             return;
-        }
         this.logger.debug('Starting bot', { email: this.config.email });
-        // 1. Connect to Hailer
+        // 1. Connect
         this.client = await this.clientManager.connect();
-        // Clear password from memory now that connection is established
-        this.config.password = '';
-        // 2. Get user ID
-        const userInit = await this.client.socket.request('v2.core.init', [['user']]);
-        this.userId = userInit?.user?._id;
-        if (!this.userId)
-            throw new Error('Could not determine bot user ID');
-        // 3. Fetch workspace data
+        this.config.password = ''; // Clear from memory — connection is established
+        // 2. Fetch workspace data + user in one call
         this.init = await this.client.socket.request('v2.core.init', [
-            ['processes', 'users', 'network', 'networks', 'teams', 'groups'],
+            ['user', 'processes', 'users', 'network', 'networks', 'teams', 'groups'],
         ]);
+        this.userId = this.init.user?._id;
+        if (!this.userId)
+            throw new Error('Could not determine bot user ID');
         (0, types_1.normalizeInitProcesses)(this.init);
         this._workspaceId = this.init.network?._id || this.config.workspaceId;
-        // 4. Build workspace cache and overview (before permission index so names resolve)
+        // 3. Build caches
         this.workspaceCache = (0, workspace_cache_1.createWorkspaceCache)(this.init, {
-            excludeTranslations: true,
-            excludeSystemMessages: true,
-            excludeEmptyFields: true,
-            compactUserData: true,
-            includeWorkspaceNamesInTools: false,
+            excludeTranslations: true, excludeSystemMessages: true,
+            excludeEmptyFields: true, compactUserData: true, includeWorkspaceNamesInTools: false,
         });
-        this.backfillWorkspaceCacheMembers();
-        this.buildPermissionIndex();
+        (0, services_1.backfillWorkspaceCacheMembers)(this.workspaceCache, this.init, this.logger);
+        this.permissions.build(this.init, this._workspaceId);
         this.workspaceOverview = (0, workspace_overview_1.generateWorkspaceOverview)(this.init);
-        // 5. Create Anthropic client
+        // 4. Anthropic client
         this.anthropic = new sdk_1.default({ apiKey: this.config.anthropicApiKey });
-        // 6. Build BotConnection adapter for services
+        // 5. Services
         const botConnection = {
             client: this.client,
             workspaceCache: this.workspaceCache ? {
@@ -231,83 +169,52 @@ class Bot {
                 rawInit: this.workspaceCache.rawInit,
             } : undefined,
         };
-        // 7. Create services
         this.conversationManager = new services_1.ConversationManager(100, 50, this.logger);
         this.messageClassifier = new services_1.MessageClassifier(this.userId, botConnection, this.logger);
         this.typingIndicator = new services_1.TypingIndicatorService(botConnection, this.logger);
-        // Token billing
         const hailerApi = new hailer_api_client_1.HailerApiClient(this.client);
         this.hailerApi = hailerApi;
         this.tokenBilling = new services_1.TokenBillingService(this.logger, hailerApi);
-        // Message formatter - wrap ToolExecutor as MCP-style callback
-        const toolCallback = async (name, args) => {
-            return this.toolExecutor.execute(name, args, this.getUserContext());
-        };
+        const toolCallback = async (name, args) => this.toolExecutor.execute(name, args, this.getUserContext());
         this.messageFormatter = new services_1.MessageFormatterService(botConnection, this.logger, toolCallback);
-        // Session logger
-        this.sessionLogger = new services_1.SessionLoggerService(null, this.logger, toolCallback, () => this.getDefaultTeamId());
-        this.sessionLogger.setAnthropicClient(this.anthropic);
-        // 8. Build UserContext for tool execution
+        // 6. UserContext for tool execution
         const currentWorkspaceId = this.init.network?._id || '';
         this.userContext = {
-            client: this.client,
-            hailer: hailerApi,
-            init: this.init,
-            workspaceCache: this.workspaceCache,
-            apiKey: '',
-            createdAt: Date.now(),
-            email: this.config.email,
-            password: this.config.password,
+            client: this.client, hailer: hailerApi, init: this.init,
+            workspaceCache: this.workspaceCache, apiKey: '', createdAt: Date.now(),
+            email: this.config.email, password: '', // Intentionally empty — cleared after connect
             workspaceRoles: { [currentWorkspaceId]: 'admin' },
-            currentWorkspaceId,
-            allowedGroups: ['read', 'write', 'bot_internal'],
-        };
-        // 9. Subscribe to messenger.new signals
-        this.signalHandler = (eventData) => {
-            const signal = {
-                type: 'messenger.new',
-                data: eventData,
-                timestamp: Date.now(),
-                workspaceId: eventData.sid,
-            };
-            this.handleSignal(signal);
+            currentWorkspaceId, allowedGroups: ['read', 'write', 'bot_internal'],
         };
+        // 7. Wire workspace refresh
+        this.workspaceRefresh.setHandler(async (scopes) => {
+            if (!this.client || !this.init)
+                return;
+            const result = await services_1.WorkspaceRefresh.refresh(this.client, scopes, this.init, this.config.workspaceId, this.permissions, this.userContext, this.logger);
+            this.init = result.init;
+            this.workspaceCache = result.workspaceCache;
+            this.workspaceOverview = result.workspaceOverview;
+            this._workspaceId = result.workspaceId;
+        });
+        // 8. Subscribe to signals
+        this.signalHandler = (data) => this.handleSignal({
+            type: 'messenger.new', data, timestamp: Date.now(),
+            workspaceId: data.sid,
+        });
         this.clientManager.onSignal('messenger.new', this.signalHandler);
-        // 10. Subscribe to workspace change signals for live updates
-        this.processUpdatedHandler = () => this.scheduleRefresh('processes');
-        this.workspaceUpdatedHandler = () => this.scheduleRefresh('network');
-        this.cacheInvalidateHandler = () => this.scheduleRefresh('full');
+        this.processUpdatedHandler = () => this.workspaceRefresh.schedule('processes');
+        this.workspaceUpdatedHandler = () => this.workspaceRefresh.schedule('network');
+        this.cacheInvalidateHandler = () => this.workspaceRefresh.schedule('full');
         this.clientManager.onSignal('process.updated', this.processUpdatedHandler);
         this.clientManager.onSignal('workspace.updated', this.workspaceUpdatedHandler);
         this.clientManager.onSignal('cache.invalidate', this.cacheInvalidateHandler);
-        // TODO: Subscribe to notification.reload for reminder handling
-        // Blocked: need to confirm reminderWorker is running and how the signal
-        // reaches the bot's socket (room join + event channel). See memory/project_reminder_bot_integration.md
         this._connected = true;
-        this.logger.debug('Bot started', {
-            userId: this.userId,
-            workspaceId: this._workspaceId,
-        });
+        this.logger.debug('Bot started', { userId: this.userId, workspaceId: this._workspaceId });
     }
     async stop() {
         this.logger.debug('Stopping bot');
-        // Clear refresh timer
-        if (this.refreshTimer) {
-            clearTimeout(this.refreshTimer);
-            this.refreshTimer = null;
-        }
-        // Flush sessions
-        this.sessionLogger?.stopIdleCheckTimer();
-        await this.sessionLogger?.flushAllSessions();
-        // Abort all in-flight discussions before clearing state
-        for (const [, state] of this.discussionStates) {
-            state.abortController?.abort();
-        }
-        this.discussionStates.clear();
-        // Clear rate limit tracking
-        this.signalTimestampsPerDiscussion.clear();
-        this.globalSignalTimestamps = [];
-        // Unsubscribe from signals
+        this.workspaceRefresh.cancel();
+        this.signalRouter.clear();
         if (this.signalHandler) {
             this.clientManager.offSignal('messenger.new', this.signalHandler);
             this.signalHandler = null;
@@ -324,25 +231,11 @@ class Bot {
             this.clientManager.offSignal('cache.invalidate', this.cacheInvalidateHandler);
             this.cacheInvalidateHandler = null;
         }
-        // Disconnect
         this.clientManager.disconnect();
         this._connected = false;
         this.client = null;
         this.logger.debug('Bot stopped');
     }
-    // ===== RESPONSE MODE =====
-    checkTriggerCondition(message) {
-        // Private DMs always pass — 1:1 conversations are always intentional
-        if (message.isPrivateDiscussion)
-            return true;
-        switch (this._responseMode) {
-            case 'mention_only': return message.isMention;
-            case 'reply_only': return message.isReplyToBot;
-            case 'mention_or_reply': return message.isMention || message.isReplyToBot;
-            case 'always':
-            default: return true;
-        }
-    }
     // ===== SIGNAL HANDLING =====
     async handleSignal(signal) {
         if (!this._connected || !this.messageClassifier)
@@ -351,194 +244,110 @@ class Bot {
             const rawMsgId = signal.data.msg_id;
             const discussionId = signal.data.discussion;
             const dedupKey = rawMsgId || (discussionId ? `${discussionId}:${signal.data.uid}:${signal.data.created}` : null);
-            if (dedupKey) {
-                if (this.processedMessageIds.has(dedupKey))
-                    return;
-                this.processedMessageIds.add(dedupKey);
-            }
-            else {
-                this.logger.warn('messenger.new signal has no dedup key, skipping');
+            if (!dedupKey) {
+                this.logger.warn('messenger.new signal has no dedup key');
                 return;
             }
+            if (this.signalRouter.isDuplicate(dedupKey))
+                return;
             const message = await this.messageClassifier.extractIncomingMessage(signal);
             if (!message) {
                 if (rawMsgId)
-                    this.processedMessageIds.delete(rawMsgId);
+                    this.signalRouter.removeDedupKey(rawMsgId);
                 return;
             }
-            // Self-message guard: prevent bot feedback loops (checks ALL bots in this workspace)
+            // Self-message guard
             if (message.senderId === this.userId)
                 return;
             if (this.botManager && this._workspaceId) {
-                const botUserIds = this.botManager.getBotUserIdsForWorkspace(this._workspaceId);
-                if (botUserIds.has(message.senderId))
+                if (this.botManager.getBotUserIdsForWorkspace(this._workspaceId).has(message.senderId))
                     return;
             }
             // Rate limiting
-            const now = Date.now();
-            const cutoff = now - RATE_LIMIT_WINDOW;
-            // Per-discussion rate limit
-            const discId = message.discussionId;
-            let discTimestamps = this.signalTimestampsPerDiscussion.get(discId);
-            if (!discTimestamps) {
-                discTimestamps = [];
-                this.signalTimestampsPerDiscussion.set(discId, discTimestamps);
-            }
-            // Prune old entries
-            while (discTimestamps.length > 0 && discTimestamps[0] < cutoff) {
-                discTimestamps.shift();
-            }
-            if (discTimestamps.length >= RATE_LIMIT_PER_DISCUSSION) {
-                this.logger.warn('Per-discussion rate limit exceeded', {
-                    discussionId: discId,
-                    count: discTimestamps.length,
-                    window: RATE_LIMIT_WINDOW,
-                });
+            if (this.signalRouter.isRateLimited(message.discussionId))
                 return;
-            }
-            discTimestamps.push(now);
-            // Global rate limit
-            while (this.globalSignalTimestamps.length > 0 && this.globalSignalTimestamps[0] < cutoff) {
-                this.globalSignalTimestamps.shift();
-            }
-            if (this.globalSignalTimestamps.length >= RATE_LIMIT_GLOBAL) {
-                this.logger.warn('Global rate limit exceeded', {
-                    count: this.globalSignalTimestamps.length,
-                    window: RATE_LIMIT_WINDOW,
-                });
+            // Layer 1: Workspace membership
+            if (!this.permissions.isMember(message.senderId)) {
+                this.logger.debug('Ignoring message - not a workspace member', { senderId: message.senderId });
+                if (rawMsgId)
+                    this.signalRouter.removeDedupKey(rawMsgId);
                 return;
             }
-            this.globalSignalTimestamps.push(now);
-            // Layer 1: Workspace membership check (fail-closed)
-            // Only process messages from verified workspace members.
-            // If member data hasn't loaded yet, reject — don't fail open.
-            if (!this.membersLoaded || !this.workspaceMemberIds.has(message.senderId)) {
-                this.logger.debug('Ignoring message - sender not a verified workspace member', {
-                    senderId: message.senderId,
-                    senderName: message.senderName,
-                    membersLoaded: this.membersLoaded,
-                });
+            // Layer 2: Access level
+            if (!this.permissions.meetsAccessLevel(message.senderId, this.config.accessLevel)) {
+                this.logger.debug('Ignoring message - access level not met', { senderId: message.senderId });
                 if (rawMsgId)
-                    this.processedMessageIds.delete(rawMsgId);
+                    this.signalRouter.removeDedupKey(rawMsgId);
                 return;
             }
-            // Layer 2: AI Hub access gate — who can talk to this bot
-            if (this.config.accessLevel !== 'all') {
-                const isAdmin = this.adminUserIds.has(message.senderId);
-                const isOwner = this.ownerUserIds.has(message.senderId);
-                const allowed = this.config.accessLevel === 'owner' ? isOwner : (isAdmin || isOwner);
-                if (!allowed) {
-                    this.logger.debug('Ignoring message - sender does not meet access level', {
-                        senderId: message.senderId,
-                        senderName: message.senderName,
-                        requiredLevel: this.config.accessLevel,
-                        isAdmin,
-                        isOwner,
-                    });
-                    if (rawMsgId)
-                        this.processedMessageIds.delete(rawMsgId);
-                    return;
-                }
-            }
-            // Prune dedup set
-            if (this.processedMessageIds.size > 500) {
-                const ids = Array.from(this.processedMessageIds);
-                this.processedMessageIds = new Set(ids.slice(-250));
-            }
-            const state = this.getOrCreateDiscussionState(discId);
-            // Always buffer the message (provides context when bot IS triggered later)
+            // Engagement logic
+            const state = this.signalRouter.getOrCreateState(message.discussionId);
             state.contextBuffer.push(message);
-            // Check response mode trigger condition BEFORE engagement logic
-            // DMs always pass — 1:1 conversations are always intentional
-            const triggerMet = this.checkTriggerCondition(message);
-            if (!triggerMet) {
-                return; // Signal dropped — no LLM call, no token cost
-            }
-            // Determine if this should trigger processing
-            // Private discussions (DMs) are always explicit triggers
-            const isExplicitTrigger = message.isMention || message.isReplyToBot || message.isPrivateDiscussion;
+            if (!this.signalRouter.checkTrigger(message, this._responseMode))
+                return;
+            const isExplicit = this.signalRouter.isExplicitTrigger(message);
             if (state.state === 'idle') {
-                // In 'always' mode, every message triggers engagement (original behavior)
-                if (isExplicitTrigger || this._responseMode === 'always') {
+                if (isExplicit || this._responseMode === 'always') {
                     state.state = 'engaged';
                     state.consecutiveNonResponses = 0;
-                    this.opLogger.engage(discId, message.isMention ? 'mention' : message.isReplyToBot ? 'reply' : message.isDirectMessage ? 'dm' : 'always');
+                    this.opLogger.engage(message.discussionId, message.isMention ? 'mention' : message.isReplyToBot ? 'reply' : message.isDirectMessage ? 'dm' : 'always');
                 }
                 else {
-                    // Not addressed while idle — message sits in buffer as context only
                     return;
                 }
             }
-            // In non-'always' modes, each message must independently meet the trigger condition
-            // This prevents the bot from staying engaged and responding to everything after one mention
-            if (this._responseMode !== 'always' && !isExplicitTrigger) {
+            if (this._responseMode !== 'always' && !isExplicit)
                 return;
-            }
-            // State is 'engaged' — trigger processing if not already running
-            if (!this.processingDiscussions.has(discId)) {
-                this.processDiscussion(discId).catch(err => {
-                    this.logger.error('processDiscussion failed', { discussionId: discId, error: err });
-                    this.processingDiscussions.delete(discId);
+            // Process if not already running
+            if (!this.signalRouter.processingDiscussions.has(message.discussionId)) {
+                this.processDiscussion(message.discussionId).catch(err => {
+                    this.logger.error('processDiscussion failed', { discussionId: message.discussionId, error: err });
+                    this.signalRouter.processingDiscussions.delete(message.discussionId);
                 });
             }
-            else {
-                // Already processing — message stays in contextBuffer.
-                // injectPendingContext delivers it between tool calls as <context>,
-                // and the LLM naturally decides whether to continue or stop.
-            }
         }
         catch (error) {
             this.logger.error('Failed to handle signal', error);
         }
     }
+    // ===== DISCUSSION PROCESSING =====
     async processDiscussion(discussionId) {
-        if (this.processingDiscussions.has(discussionId))
+        if (this.signalRouter.processingDiscussions.has(discussionId))
             return;
-        this.processingDiscussions.add(discussionId);
-        const state = this.getOrCreateDiscussionState(discussionId);
+        this.signalRouter.processingDiscussions.add(discussionId);
+        const state = this.signalRouter.getOrCreateState(discussionId);
         try {
             while (true) {
-                // Drain buffer
                 const messages = state.contextBuffer.splice(0);
                 if (messages.length === 0)
                     break;
-                if (messages.length > 1) {
+                if (messages.length > 1)
                     this.opLogger.coalesce(discussionId, messages.length);
-                }
-                // Merge all buffered messages into a single user message (conversation alternation)
+                // Build conversation entry
                 const conversation = this.conversationManager.getConversation(discussionId);
                 const parts = messages.map(msg => this.formatIncomingMessage(msg));
                 let merged = parts.join('\n\n');
                 if (messages.length > 1) {
                     merged = `<context type="coalesced" count="${messages.length}">These ${messages.length} messages arrived while you were processing. Respond to the most recent/relevant.</context>\n\n${merged}`;
                 }
-                // Resolve image attachments for vision
                 const imageBlocks = await this.resolveImageAttachments(messages);
                 if (imageBlocks.length > 0) {
-                    conversation.push({
-                        role: 'user',
-                        content: [{ type: 'text', text: merged }, ...imageBlocks],
-                    });
+                    conversation.push({ role: 'user', content: [{ type: 'text', text: merged }, ...imageBlocks] });
                 }
                 else {
                     conversation.push({ role: 'user', content: merged });
                 }
-                // Use last message for routing/billing context
                 const primaryMessage = messages[messages.length - 1];
                 state.lastProgressTime = 0;
                 state.abortController = new AbortController();
-                // Log each incoming message
-                for (const msg of messages) {
+                for (const msg of messages)
                     this.opLogger.messageIn(msg.discussionId, msg.senderName, msg.content);
-                }
-                // Process — the LLM decides whether to respond
                 let responded;
                 try {
                     responded = await this.processMessage(primaryMessage, state.abortController.signal);
                 }
                 catch (error) {
                     if (error instanceof sdk_1.default.APIUserAbortError) {
-                        // Aborted — new message arrived, loop will restart with updated buffer
                         this.typingIndicator?.stop(discussionId);
                         continue;
                     }
@@ -549,18 +358,16 @@ class Bot {
                 }
                 else {
                     state.consecutiveNonResponses++;
-                    if (state.consecutiveNonResponses >= Bot.DISENGAGE_THRESHOLD) {
+                    if (state.consecutiveNonResponses >= this.signalRouter.disengageThreshold) {
                         state.state = 'idle';
                         this.opLogger.disengage(discussionId, state.consecutiveNonResponses);
                         break;
                     }
                 }
-                // Check if more messages arrived during processing
                 if (state.contextBuffer.length === 0)
                     break;
-                // If disengaged, only continue if there's an explicit trigger
                 if (state.state === 'idle') {
-                    const hasExplicit = state.contextBuffer.some(m => m.isMention || m.isReplyToBot || m.isDirectMessage);
+                    const hasExplicit = state.contextBuffer.some(m => this.signalRouter.isExplicitTrigger(m));
                     if (!hasExplicit)
                         break;
                     state.state = 'engaged';
@@ -570,571 +377,361 @@ class Bot {
             }
         }
         finally {
-            this.processingDiscussions.delete(discussionId);
+            this.signalRouter.processingDiscussions.delete(discussionId);
             state.abortController = null;
         }
     }
+    // ===== MESSAGE PROCESSING =====
+    async processMessage(message, signal) {
+        this.typingIndicator?.start(message.discussionId, 'Reading');
+        // Check balance
+        const billingWsId = this._workspaceId || message.workspaceId;
+        if (this.tokenBilling && billingWsId) {
+            const balance = await this.tokenBilling.checkBalance(billingWsId);
+            this.opLogger.balanceCheck(message.discussionId, billingWsId, balance.balance, balance.hasBalance ? (balance.balance < 5 ? 'LOW' : 'OK') : 'EMPTY');
+            if (!balance.hasBalance) {
+                this.typingIndicator?.stop(message.discussionId);
+                await this.sendMessage(message.discussionId, 'Insufficient balance. Please top up your workspace AI credits to continue.');
+                return true;
+            }
+        }
+        this.conversationManager.manageContextSize(message.discussionId);
+        const conversation = this.conversationManager.getConversation(message.discussionId);
+        const snapshotLength = conversation.length;
+        try {
+            const route = await this.routeMessage(message, conversation, signal);
+            return await this.runLlmLoop(message, route, signal);
+        }
+        catch (error) {
+            if (error instanceof sdk_1.default.APIUserAbortError)
+                throw error;
+            this.logger.error('Message processing failed', error);
+            this.typingIndicator?.stop(message.discussionId);
+            conversation.length = snapshotLength;
+            return false;
+        }
+    }
     // ===== MODEL ROUTING =====
-    /**
-     * Classify message complexity using a lightweight Haiku call.
-     * Returns model + max_tokens to use for the main LLM loop.
-     * Falls back to Haiku on any error.
-     */
     async routeMessage(message, conversation, signal) {
-        const defaultRoute = {
-            model: MODEL_HAIKU,
-            maxTokens: 2000,
-        };
+        const defaultRoute = { model: MODEL_HAIKU, maxTokens: 2000 };
         try {
             const wsName = this.init?.network?.name || 'Workspace';
             const recentContext = this.getRecentContext(conversation);
-            const contextBlock = recentContext
-                ? `\nRecent context:\n${recentContext}\n`
-                : '';
+            const contextBlock = recentContext ? `\nRecent context:\n${recentContext}\n` : '';
             const response = await this.anthropic.messages.create({
-                model: MODEL_HAIKU,
-                max_tokens: 10,
-                temperature: 0,
-                messages: [
-                    {
-                        role: 'user',
-                        content: `Classify this chat message as SIMPLE or COMPLEX.
-
-SIMPLE = can be answered in 1-2 tool calls with straightforward logic.
-COMPLEX = needs 3+ tool calls, reasoning across multiple data sources, fixing/creating structured data, or investigation.
-
-When in doubt, classify as COMPLEX.
-
-Workspace: ${wsName}
-${contextBlock}Current message: ${message.content}
-
-Reply with exactly one word: SIMPLE or COMPLEX`,
-                    },
-                ],
+                model: MODEL_HAIKU, max_tokens: 10, temperature: 0,
+                messages: [{ role: 'user', content: `Classify this chat message as SIMPLE or COMPLEX.\n\nSIMPLE = can be answered in 1-2 tool calls with straightforward logic.\nCOMPLEX = needs 3+ tool calls, reasoning across multiple data sources, fixing/creating structured data, or investigation.\n\nWhen in doubt, classify as COMPLEX.\n\nWorkspace: ${wsName}\n${contextBlock}Current message: ${message.content}\n\nReply with exactly one word: SIMPLE or COMPLEX` }],
             }, { signal });
-            // Bill the router call
-            this.trackRouterTokenUsage(response, message);
-            // Parse classification
-            const text = response.content
-                .filter((b) => b.type === 'text')
-                .map(b => b.text)
-                .join('')
-                .trim()
-                .toUpperCase();
+            this.trackTokenUsage(response, message, MODEL_HAIKU);
+            const text = response.content.filter((b) => b.type === 'text').map(b => b.text).join('').trim().toUpperCase();
             if (text.includes('COMPLEX')) {
-                const route = {
-                    model: MODEL_SONNET,
-                    maxTokens: 16384,
-                };
+                const route = { model: MODEL_SONNET, maxTokens: 16384 };
                 this.opLogger.route(message.discussionId, 'COMPLEX', route.model, message.content);
                 return route;
             }
             this.opLogger.route(message.discussionId, 'SIMPLE', defaultRoute.model, message.content);
             return defaultRoute;
         }
-        catch (error) {
-            this.logger.warn('Router failed, falling back to Haiku', {
-                error: error instanceof Error ? error.message : String(error),
-            });
+        catch {
             return defaultRoute;
         }
     }
-    /**
-     * Extract recent conversation text for the router prompt.
-     * Walks backwards, extracts only text blocks (no tool calls/results),
-     * truncates each to 200 chars. Returns up to 3 recent exchanges.
-     */
     getRecentContext(conversation) {
         const lines = [];
         let count = 0;
         for (let i = conversation.length - 1; i >= 0 && count < 3; i--) {
             const msg = conversation[i];
-            const content = msg.content;
             let text = '';
-            if (typeof content === 'string') {
-                text = content;
+            if (typeof msg.content === 'string') {
+                text = msg.content;
             }
-            else if (Array.isArray(content)) {
-                text = content
-                    .filter((b) => b.type === 'text')
-                    .map((b) => b.text)
-                    .join(' ');
+            else if (Array.isArray(msg.content)) {
+                text = msg.content.filter((b) => b.type === 'text').map((b) => b.text).join(' ');
             }
             if (!text)
                 continue;
-            const truncated = text.length > 200 ? text.slice(0, 200) + '...' : text;
-            const role = msg.role === 'user' ? 'User' : 'Assistant';
-            lines.unshift(`${role}: ${truncated}`);
+            lines.unshift(`${msg.role === 'user' ? 'User' : 'Assistant'}: ${text.length > 200 ? text.slice(0, 200) + '...' : text}`);
             count++;
         }
         return lines.join('\n');
     }
-    /**
-     * Bill the router classification call the same way as main LLM calls.
-     */
-    trackRouterTokenUsage(response, message) {
-        if (!response.usage)
-            return;
-        const { input_tokens, output_tokens } = response.usage;
-        const cacheCreation = response.usage.cache_creation_input_tokens || 0;
-        const cacheRead = response.usage.cache_read_input_tokens || 0;
-        const burnWorkspaceId = this._workspaceId || message.workspaceId;
-        if (this.tokenBilling && burnWorkspaceId) {
-            const cost = this.tokenBilling.calculateCost(input_tokens, output_tokens, cacheCreation, cacheRead, MODEL_HAIKU);
-            this.tokenBilling.burnTokens({
-                workspaceId: burnWorkspaceId,
-                inputTokens: input_tokens,
-                outputTokens: output_tokens,
-                cacheCreationTokens: cacheCreation,
-                cacheReadTokens: cacheRead,
-                costUsd: cost,
-                sessionId: message.discussionId,
-                model: MODEL_HAIKU,
-            });
-        }
-    }
-    // ===== MESSAGE PROCESSING =====
-    async processMessage(message, signal) {
-        this.typingIndicator?.start(message.discussionId, 'Reading');
-        // Check token balance
-        const billingWorkspaceId = this._workspaceId || message.workspaceId;
-        if (this.tokenBilling && billingWorkspaceId) {
-            const balance = await this.tokenBilling.checkBalance(billingWorkspaceId);
-            const balanceStatus = balance.hasBalance ? (balance.balance < 5 ? 'LOW' : 'OK') : 'EMPTY';
-            this.opLogger.balanceCheck(message.discussionId, billingWorkspaceId, balance.balance, balanceStatus);
-            if (!balance.hasBalance) {
-                this.typingIndicator?.stop(message.discussionId);
-                await this.sendMessage(message.discussionId, 'Insufficient balance. Please top up your workspace AI credits to continue.');
-                return true; // We did respond (with balance error)
-            }
-        }
-        // Manage context size
-        this.conversationManager.manageContextSize(message.discussionId);
-        const conversation = this.conversationManager.getConversation(message.discussionId);
-        const snapshotLength = conversation.length;
-        try {
-            const route = await this.routeMessage(message, conversation, signal);
-            return await this.runLlmLoop(message, route, signal);
-        }
-        catch (error) {
-            if (error instanceof sdk_1.default.APIUserAbortError) {
-                throw error; // Let processDiscussion handle abort
-            }
-            this.logger.error('Message processing failed', error);
-            this.typingIndicator?.stop(message.discussionId);
-            conversation.length = snapshotLength;
-            return false;
-        }
-    }
+    // ===== LLM LOOP =====
     async runLlmLoop(message, route, signal) {
         const conversation = this.conversationManager.getConversation(message.discussionId);
-        const systemPrompt = this.buildSystemPrompt();
-        const tools = this.getAnthropicTools();
+        const systemPrompt = (0, services_1.buildSystemPrompt)({
+            init: this.init, userId: this.userId,
+            workspaceOverview: this.workspaceOverview, customPrompt: this._systemPrompt,
+        });
+        const tools = this.cachedTools || this.getAnthropicTools();
         const processingStartTime = Date.now();
         for (let i = 0; i < MAX_TOOL_ITERATIONS; i++) {
             const cachedConversation = this.conversationManager.prepareForCaching(conversation);
+            this.typingIndicator?.updateStatus(message.discussionId, i === 0 ? 'Thinking' : 'Processing');
             let response;
             let llmStart = Date.now();
-            this.typingIndicator?.updateStatus(message.discussionId, i === 0 ? 'Thinking' : 'Processing');
             try {
                 response = await this.anthropic.messages.create({
-                    model: route.model,
-                    max_tokens: route.maxTokens,
-                    temperature: 0,
+                    model: route.model, max_tokens: route.maxTokens, temperature: 0,
                     system: [{ type: 'text', text: systemPrompt, cache_control: { type: 'ephemeral' } }],
-                    messages: cachedConversation,
-                    tools,
+                    messages: cachedConversation, tools,
                 }, { signal });
             }
             catch (error) {
-                // Handle abort — new message arrived, restart processing loop
                 if (error instanceof sdk_1.default.APIUserAbortError) {
                     this.cleanupIncompleteExchange(conversation);
                     this.opLogger.interrupt(message.discussionId, 'new message received');
-                    return false; // processDiscussion loop restarts with full context
+                    return false;
                 }
-                // If Sonnet fails, fall back to Haiku and retry once
                 if (route.model !== MODEL_HAIKU) {
-                    this.logger.warn('Sonnet API call failed, falling back to Haiku', {
-                        error: error instanceof Error ? error.message : String(error),
-                    });
+                    this.logger.warn('Sonnet failed, falling back to Haiku');
                     route = { model: MODEL_HAIKU, maxTokens: 2000 };
-                    this.typingIndicator?.updateStatus(message.discussionId, 'Switching models');
                     llmStart = Date.now();
                     response = await this.anthropic.messages.create({
-                        model: MODEL_HAIKU,
-                        max_tokens: 2000,
-                        temperature: 0,
+                        model: MODEL_HAIKU, max_tokens: 2000, temperature: 0,
                         system: [{ type: 'text', text: systemPrompt, cache_control: { type: 'ephemeral' } }],
-                        messages: cachedConversation,
-                        tools,
+                        messages: cachedConversation, tools,
                     }, { signal });
                 }
                 else {
                     throw error;
                 }
             }
-            // Track token usage
             this.trackTokenUsage(response, message, route.model);
-            // Log LLM call with timing and cache stats
             const llmDuration = (Date.now() - llmStart) / 1000;
             const usage = response.usage;
             const cacheRead = usage.cache_read_input_tokens || 0;
             const totalInput = usage.input_tokens + cacheRead + (usage.cache_creation_input_tokens || 0);
-            const cacheHitPct = totalInput > 0 ? Math.round((cacheRead / totalInput) * 100) : 0;
-            this.opLogger.llmCall(message.discussionId, route.model, usage.input_tokens, usage.output_tokens, cacheHitPct, llmDuration);
-            // Validate assistant response has content before adding to conversation
-            if (!response.content || (Array.isArray(response.content) && response.content.length === 0)) {
-                this.logger.warn('LLM returned empty content, skipping', {
-                    discussionId: message.discussionId,
-                    model: route.model,
-                    stopReason: response.stop_reason,
-                });
+            this.opLogger.llmCall(message.discussionId, route.model, usage.input_tokens, usage.output_tokens, totalInput > 0 ? Math.round((cacheRead / totalInput) * 100) : 0, llmDuration);
+            if (!response.content || response.content.length === 0)
                 break;
-            }
-            // Add assistant response to conversation
-            conversation.push({
-                role: 'assistant',
-                content: response.content,
-            });
-            // Check for output truncation — if max_tokens was hit, tool call JSON is likely broken
+            conversation.push({ role: 'assistant', content: response.content });
+            // Truncation guard
             if (response.stop_reason === 'max_tokens') {
-                this.logger.warn('LLM output truncated at max_tokens', {
-                    discussionId: message.discussionId,
-                    model: route.model,
-                    maxTokens: route.maxTokens,
-                    outputTokens: usage.output_tokens,
-                });
-                // Don't execute broken tool calls — tell the LLM to use smaller batches
-                conversation.push({
-                    role: 'user',
-                    content: 'Your previous response was truncated because it exceeded the output token limit. Do NOT try to generate all items at once. Break it into smaller batches of 25-50 items per tool call. You have multiple iterations available.',
-                });
+                conversation.push({ role: 'user', content: 'Your previous response was truncated because it exceeded the output token limit. Break it into smaller batches of 25-50 items per tool call.' });
                 continue;
             }
-            // Check for tool calls
+            // Tool calls
             const toolUseBlocks = response.content.filter((b) => b.type === 'tool_use');
             if (toolUseBlocks.length > 0) {
                 this.typingIndicator?.updateStatus(message.discussionId, this.getToolStatus(toolUseBlocks));
                 const toolResults = await this.executeTools(toolUseBlocks, message, signal);
                 conversation.push({ role: 'user', content: toolResults });
-                // Inject any messages that arrived during tool execution
                 await this.injectPendingContext(message.discussionId, conversation);
-                // Auto-escalate: if Haiku is failing tool calls, switch to Sonnet
+                // Auto-escalate
                 if (route.model === MODEL_HAIKU) {
-                    const failedCount = toolResults
-                        .filter(r => r.is_error).length;
+                    const failedCount = toolResults.filter(r => r.is_error).length;
                     if (failedCount >= 2) {
-                        this.logger.info('Escalating to Sonnet — Haiku failing tool calls', {
-                            discussionId: message.discussionId,
-                            failedTools: failedCount,
-                            iteration: i,
-                        });
                         route = { model: MODEL_SONNET, maxTokens: 16384 };
-                        await this.sendMessage(message.discussionId, `Switching to a more capable model to handle this.`);
+                        await this.sendMessage(message.discussionId, 'Switching to a more capable model to handle this.');
                     }
                 }
-                // Progress feedback: send contextual update every 20s during long operations
-                const state = this.discussionStates.get(message.discussionId);
+                // Progress feedback
+                const state = this.signalRouter.getState(message.discussionId);
                 const now = Date.now();
-                const elapsed = now - processingStartTime;
-                const lastProgress = state?.lastProgressTime || processingStartTime;
-                if (state && elapsed > 8000 && (now - lastProgress) >= 20000) {
+                if (state && (now - processingStartTime) > 8000 && (now - (state.lastProgressTime || processingStartTime)) >= 20000) {
                     state.lastProgressTime = now;
-                    const toolCounts = new Map();
-                    for (const b of toolUseBlocks) {
-                        const name = b.name.replace(/_/g, ' ');
-                        toolCounts.set(name, (toolCounts.get(name) || 0) + 1);
-                    }
-                    const toolSummary = Array.from(toolCounts.entries())
-                        .map(([name, count]) => count > 1 ? `${name} x${count}` : name)
-                        .join(', ');
-                    const progressMsg = `Still working (step ${i + 1}) — ${toolSummary}`;
-                    await this.sendMessage(message.discussionId, progressMsg);
+                    const toolSummary = toolUseBlocks.map(b => b.name.replace(/_/g, ' ')).join(', ');
+                    await this.sendMessage(message.discussionId, `Still working (step ${i + 1}) — ${toolSummary}`);
                     this.opLogger.progress(message.discussionId);
                 }
-                continue; // Loop back for more tool calls or final response
+                continue;
             }
-            // Extract text response
-            const textBlocks = response.content.filter((b) => b.type === 'text');
-            const responseText = textBlocks.map(b => b.text).join('\n').trim();
+            // Text response
+            const responseText = response.content.filter((b) => b.type === 'text').map(b => b.text).join('\n').trim();
             if (!responseText) {
-                // Remove the empty assistant message we just pushed
                 conversation.pop();
                 break;
             }
-            // Post the response
-            this.typingIndicator?.updateStatus(message.discussionId, 'Writing response');
             this.typingIndicator?.stop(message.discussionId);
             const formatted = await this.formatOutgoingMessage(responseText);
             const links = this.messageFormatter.extractTagLinks(formatted);
             await this.sendMessage(message.discussionId, formatted, links);
             return true;
         }
-        // Max iterations reached or empty response
         this.typingIndicator?.stop(message.discussionId);
         return false;
     }
+    // ===== TOOL EXECUTION =====
     async executeTools(toolUseBlocks, message, signal) {
-        const discussionId = message.discussionId;
         const results = [];
-        const WRITE_TOOLS = new Set(['create_activity', 'update_activity']);
         for (const block of toolUseBlocks) {
             const toolStart = Date.now();
-            // ── Admin-only gate ──
-            // Some tools require workspace admin/owner regardless of workflow access.
-            if (ADMIN_ONLY_TOOLS.has(block.name)) {
-                if (!this.adminUserIds.has(message.senderId) && !this.ownerUserIds.has(message.senderId)) {
-                    this.opLogger.permDenied(discussionId, block.name, 'n/a', 'requires-admin');
-                    results.push({
-                        type: 'tool_result',
-                        tool_use_id: block.id,
-                        content: `Permission denied: Only workspace admins can modify workflow permissions.`,
-                        is_error: true,
-                    });
+            const args = block.input;
+            // Admin-only gate
+            if (this.permissions.isAdminOnlyTool(block.name) && !this.permissions.isAdminOrOwner(message.senderId)) {
+                this.opLogger.permDenied(message.discussionId, block.name, 'n/a', 'requires-admin');
+                results.push({ type: 'tool_result', tool_use_id: block.id, content: 'Permission denied: Only workspace admins can modify workflow permissions.', is_error: true });
+                continue;
+            }
+            // Pre-execution permission check
+            if (!this.permissions.isPostCheckTool(block.name)) {
+                const denied = this.permissions.checkArgs(args, message.senderId);
+                if (denied) {
+                    this.opLogger.permDenied(message.discussionId, block.name, denied.workflowId, denied.reason);
+                    results.push({ type: 'tool_result', tool_use_id: block.id, content: denied.reason === 'bot-scope' ? `Permission denied: This bot does not have access to workflow ${denied.workflowId}.` : `Permission denied: You do not have access to workflow ${denied.workflowId}.`, is_error: true });
                     continue;
                 }
             }
-            // ── Unified permission gate ──
-            // Extract all workflow IDs from tool args (any shape) and check access.
-            // POST_CHECK_TOOLS are checked after execution (workflow ID is in the result, not the args).
-            const args = block.input;
-            const permCtx = this.getPermissionContext();
-            if (!POST_CHECK_TOOLS.has(block.name)) {
-                const workflowIds = (0, permission_guard_1.extractWorkflowIdsFromArgs)(args, this.insightWorkflowCache);
-                const denied = (0, permission_guard_1.checkWorkflowAccess)(workflowIds, message.senderId, permCtx);
-                if (denied) {
-                    this.opLogger.permDenied(discussionId, block.name, denied.workflowId, denied.reason);
-                    results.push({
-                        type: 'tool_result',
-                        tool_use_id: block.id,
-                        content: denied.reason === 'bot-scope'
-                            ? `Permission denied: This bot does not have access to workflow ${denied.workflowId}.`
-                            : `Permission denied: You do not have access to workflow ${denied.workflowId}.`,
-                        is_error: true,
-                    });
+            // Discussion isolation: prevent leaking DMs and discussions the user shouldn't access
+            if (DISCUSSION_TOOLS.has(block.name) && args.discussionId && args.discussionId !== message.discussionId) {
+                try {
+                    const discResult = await this.client.socket.request('v3.discussion.message.latest', [args.discussionId]);
+                    const disc = discResult?.discussion || {};
+                    const participants = disc.participants || [];
+                    const isPrivate = disc.private === true;
+                    const isActivityDisc = !isPrivate && !!(disc.linkedActivity || disc.activity);
+                    if (isActivityDisc) {
+                        // Activity discussion (not private) → workflow permissions handle access
+                        if (!participants.includes(this.userId)) {
+                            results.push({ type: 'tool_result', tool_use_id: block.id, content: 'Permission denied: The bot is not a participant in that discussion.', is_error: true });
+                            continue;
+                        }
+                    }
+                    else {
+                        // Private/DM discussion → both bot AND user must be participants
+                        if (!participants.includes(this.userId) || !participants.includes(message.senderId)) {
+                            results.push({ type: 'tool_result', tool_use_id: block.id, content: 'Permission denied: You are not a participant in that discussion.', is_error: true });
+                            continue;
+                        }
+                    }
+                }
+                catch {
+                    results.push({ type: 'tool_result', tool_use_id: block.id, content: 'Permission denied: Could not verify discussion access.', is_error: true });
                     continue;
                 }
             }
+            // Block add_discussion_message to current discussion — bot's text response IS the reply
+            if (block.name === 'add_discussion_message' && args.discussionId === message.discussionId) {
+                results.push({ type: 'tool_result', tool_use_id: block.id, content: 'You are already responding in this discussion. Your text response will be posted automatically — do not use add_discussion_message for the current discussion. Use it only for OTHER discussions.', is_error: true });
+                continue;
+            }
             try {
                 let toolArgs = args;
-                // Auto-inject context for join_discussion calls
+                // Auto-inject for join_discussion
                 if (block.name === 'join_discussion') {
                     toolArgs = { ...toolArgs };
-                    // Auto-inject inviteUserId from the sender if not already set
-                    if (!toolArgs.inviteUserId && message.senderId) {
+                    if (!toolArgs.inviteUserId && message.senderId)
                         toolArgs.inviteUserId = message.senderId;
-                    }
-                    // Auto-inject sourceActivityId for wormhole (only if from an activity discussion, not DMs)
-                    if (!toolArgs.sourceActivityId && message.linkedActivityId) {
-                        toolArgs.sourceActivityId = message.linkedActivityId;
-                    }
-                    // Auto-inject welcomeReason with the actual message content for context
-                    if (!toolArgs.welcomeReason && message.content) {
+                    if (!toolArgs.welcomeReason && message.content)
                         toolArgs.welcomeReason = message.content;
-                    }
+                    // Only auto-inject sourceActivityId if explicitly provided — don't link DMs to random activities
                 }
                 const result = await this.toolExecutor.execute(block.name, toolArgs, this.getUserContext());
                 const text = result?.content?.[0]?.text ?? JSON.stringify(result);
                 let contentStr = typeof text === 'string' ? text : JSON.stringify(text);
                 const toolDuration = (Date.now() - toolStart) / 1000;
-                // ── Post-execution permission checks ──
-                // Cache insight → workflow mapping after successful create_insight
+                // Cache insight mappings
                 if (block.name === 'create_insight' && !contentStr.includes('❌')) {
-                    const idMatch = contentStr.match(/\*\*Insight ID:\*\*\s+`([a-f0-9]{24})`/);
-                    if (idMatch) {
-                        const sources = args.sources || [];
-                        const wfIds = new Set(sources.map((s) => s.workflowId).filter(Boolean));
-                        if (wfIds.size > 0)
-                            this.insightWorkflowCache.set(idMatch[1], wfIds);
-                    }
+                    this.permissions.cacheInsightWorkflows(contentStr, args);
                 }
-                // Post-filter list results: remove items the user can't access
-                contentStr = await this.postFilterListResults(block.name, contentStr, message.senderId, discussionId);
-                // Post-execution permission check for tools where workflowId is in the result
-                if (POST_CHECK_TOOLS.has(block.name)) {
-                    const extractedWorkflowId = this.extractWorkflowIdFromResult(block.name, contentStr);
-                    if (extractedWorkflowId) {
-                        const denied = (0, permission_guard_1.checkWorkflowAccess)([extractedWorkflowId], message.senderId, permCtx);
+                // Post-filter list results
+                contentStr = await this.permissions.postFilterListResults(block.name, contentStr, message.senderId, message.discussionId, this.opLogger);
+                // Post-execution permission check
+                if (this.permissions.isPostCheckTool(block.name)) {
+                    const wfId = this.permissions.extractWorkflowIdFromResult(block.name, contentStr);
+                    if (wfId) {
+                        const denied = this.permissions.checkWorkflow([wfId], message.senderId);
                         if (denied) {
-                            this.opLogger.permDenied(discussionId, block.name, denied.workflowId, denied.reason);
-                            results.push({
-                                type: 'tool_result',
-                                tool_use_id: block.id,
-                                content: denied.reason === 'bot-scope'
-                                    ? `Permission denied: This bot does not have access to that resource.`
-                                    : `Permission denied: You do not have access to that resource.`,
-                                is_error: true,
-                            });
+                            this.opLogger.permDenied(message.discussionId, block.name, denied.workflowId, denied.reason);
+                            results.push({ type: 'tool_result', tool_use_id: block.id, content: denied.reason === 'bot-scope' ? 'Permission denied: This bot does not have access to that resource.' : 'Permission denied: You do not have access to that resource.', is_error: true });
                             continue;
                         }
                     }
                 }
-                // Check if tool returned an error in its response text
+                // Log result
+                const summary = (0, operation_logger_1.summarizeToolResult)(block.name, contentStr);
                 const lower = contentStr.toLowerCase();
                 const stripped = contentStr.replace(/[^\w]/g, ' ').trimStart().toLowerCase();
                 const isToolError = lower.includes('"error"') || lower.includes('❌') || stripped.startsWith('error');
-                const summary = (0, operation_logger_1.summarizeToolResult)(block.name, contentStr);
-                if (isToolError) {
-                    this.opLogger.toolCall(discussionId, block.name, 'error', toolDuration, 'FAIL', summary);
-                }
-                else {
-                    this.opLogger.toolCall(discussionId, block.name, summary, toolDuration, 'OK');
-                }
-                // Warn if a write tool completed before abort — not idempotent
+                this.opLogger.toolCall(message.discussionId, block.name, isToolError ? 'error' : summary, toolDuration, isToolError ? 'FAIL' : 'OK', isToolError ? summary : undefined);
                 if (signal?.aborted && WRITE_TOOLS.has(block.name)) {
-                    this.logger.warn('Write tool completed before abort', {
-                        discussionId, tool: block.name,
-                    });
+                    this.logger.warn('Write tool completed before abort', { tool: block.name });
                 }
-                results.push({
-                    type: 'tool_result',
-                    tool_use_id: block.id,
-                    content: contentStr,
-                });
+                results.push({ type: 'tool_result', tool_use_id: block.id, content: contentStr });
             }
             catch (error) {
-                const toolDuration = (Date.now() - toolStart) / 1000;
                 const errMsg = error instanceof Error ? error.message : String(error);
-                this.opLogger.toolCall(discussionId, block.name, 'error', toolDuration, 'FAIL', errMsg);
-                results.push({
-                    type: 'tool_result',
-                    tool_use_id: block.id,
-                    content: `Error: ${errMsg}`,
-                    is_error: true,
-                });
+                this.opLogger.toolCall(message.discussionId, block.name, 'error', (Date.now() - toolStart) / 1000, 'FAIL', errMsg);
+                results.push({ type: 'tool_result', tool_use_id: block.id, content: `Error: ${errMsg}`, is_error: true });
             }
         }
         return results;
     }
-    /**
-     * Inject pending messages from the context buffer into the conversation
-     * between LLM iterations. Merges into the existing user message to preserve
-     * Anthropic's alternation rule (user/assistant/user/assistant).
-     */
-    async injectPendingContext(discussionId, conversation) {
-        const state = this.discussionStates.get(discussionId);
-        if (!state || state.contextBuffer.length === 0)
-            return;
-        const pending = state.contextBuffer.splice(0);
-        const lastMsg = conversation[conversation.length - 1];
-        if (lastMsg?.role === 'user' && Array.isArray(lastMsg.content)) {
-            const contextText = pending.map(m => this.formatIncomingMessage(m)).join('\n\n');
-            lastMsg.content.push({
-                type: 'text',
-                text: `<context type="messages-during-processing">\n${contextText}\n</context>`,
-            });
-            const imageBlocks = await this.resolveImageAttachments(pending);
-            for (const block of imageBlocks) {
-                lastMsg.content.push(block);
-            }
-            this.opLogger.contextInject(discussionId, pending.length);
-        }
-    }
-    /**
-     * Remove orphaned tool_use/tool_result pairs from conversation after abort.
-     * Walks backwards and removes incomplete exchanges to keep conversation valid.
-     */
-    cleanupIncompleteExchange(conversation) {
-        while (conversation.length > 0) {
-            const last = conversation[conversation.length - 1];
-            const content = Array.isArray(last.content) ? last.content : [];
-            if (last.role === 'assistant' && content.some((b) => b.type === 'tool_use')) {
-                conversation.pop();
-                continue;
-            }
-            if (last.role === 'user' && content.some((b) => b.type === 'tool_result')) {
-                conversation.pop();
-                continue;
-            }
-            break;
-        }
-    }
     // ===== FORMATTING =====
     formatIncomingMessage(message) {
-        const activityAttr = message.linkedActivityId ? ` activity_id="${message.linkedActivityId}"` : '';
-        const discName = message.discussionName || message.linkedActivityName;
+        const isDm = message.isDirectMessage || message.isPrivateDiscussion;
+        // DMs: don't include stale linked activity metadata
+        const activityAttr = (!isDm && message.linkedActivityId) ? ` activity_id="${message.linkedActivityId}"` : '';
+        const discName = isDm ? undefined : (message.discussionName || message.linkedActivityName);
         const nameAttr = discName ? ` discussion_name="${discName}"` : '';
+        const typeAttr = isDm ? ' type="dm"' : (message.linkedActivityId ? ' type="activity"' : ' type="group"');
         let fileInfo = '';
         if (message.fileAttachments?.length) {
             const imageFiles = message.fileAttachments.filter(f => f.mime && IMAGE_MIME_TYPES.has(f.mime) && (!f.size || f.size <= MAX_IMAGE_SIZE));
             const nonImageFiles = message.fileAttachments.filter(f => !f.mime || !IMAGE_MIME_TYPES.has(f.mime) || (f.size && f.size > MAX_IMAGE_SIZE));
             const parts = [];
-            for (const img of imageFiles) {
+            for (const img of imageFiles)
                 parts.push(`[Image attached: ${img.filename} — included below for vision]`);
-            }
-            if (nonImageFiles.length) {
-                const ids = nonImageFiles.map(f => f.fileId).join(', ');
-                parts.push(`[File attached: ${nonImageFiles.length} file(s) - IDs: ${ids}]\nUse download_file tool with fileId to read file contents.`);
-            }
+            if (nonImageFiles.length)
+                parts.push(`[File attached: ${nonImageFiles.length} file(s) - IDs: ${nonImageFiles.map(f => f.fileId).join(', ')}]\nUse download_file tool with fileId to read file contents.`);
             if (parts.length)
                 fileInfo = '\n' + parts.join('\n');
         }
-        return `<incoming discussion="${message.discussionId}"${nameAttr}${activityAttr} from="${message.senderName}" user_id="${message.senderId}" timestamp="${new Date(message.timestamp).toISOString()}">\n${message.content}${fileInfo}\n</incoming>`;
+        const dmNote = isDm ? '\n[This is a private DM conversation, not an activity discussion.]' : '';
+        return `<incoming discussion="${message.discussionId}"${typeAttr}${nameAttr}${activityAttr} from="${message.senderName}" user_id="${message.senderId}" timestamp="${new Date(message.timestamp).toISOString()}">\n${message.content}${fileInfo}${dmNote}\n</incoming>`;
     }
-    /**
-     * Download image attachments and return Anthropic image content blocks.
-     * Falls back silently on errors — the text note still tells the LLM about the file.
-     */
     async resolveImageAttachments(messages) {
-        const blocks = [];
         if (!this.hailerApi)
-            return blocks;
-        const imageFiles = [];
+            return [];
+        const eligible = [];
         for (const msg of messages) {
-            if (!msg.fileAttachments?.length)
-                continue;
-            for (const f of msg.fileAttachments) {
+            for (const f of msg.fileAttachments || []) {
                 if (f.mime && IMAGE_MIME_TYPES.has(f.mime) && (!f.size || f.size <= MAX_IMAGE_SIZE)) {
-                    imageFiles.push({ fileId: f.fileId, filename: f.filename, mime: f.mime });
+                    eligible.push({ fileId: f.fileId, mime: f.mime });
                 }
             }
         }
-        for (const img of imageFiles) {
+        if (!eligible.length)
+            return [];
+        const results = await Promise.all(eligible.map(async (f) => {
             try {
-                const result = await this.hailerApi.downloadFile(img.fileId);
+                const result = await this.hailerApi.downloadFile(f.fileId);
                 if (result.encoding === 'base64') {
-                    blocks.push({
-                        type: 'image',
-                        source: {
-                            type: 'base64',
-                            media_type: img.mime,
-                            data: result.content,
-                        },
-                    });
+                    return { type: 'image', source: { type: 'base64', media_type: f.mime, data: result.content } };
                 }
             }
             catch (err) {
-                this.logger.warn('Failed to download image for vision', { fileId: img.fileId, filename: img.filename, error: err });
+                this.logger.warn('Failed to download image', { fileId: f.fileId });
             }
-        }
-        return blocks;
+            return null;
+        }));
+        return results.filter((b) => b !== null);
     }
     async formatOutgoingMessage(text) {
         let formatted = await this.messageFormatter.resolveUserTags(text);
         formatted = await this.messageFormatter.resolveActivityTags(formatted);
         formatted = await this.messageFormatter.resolveHailerUrls(formatted);
         formatted = this.messageFormatter.convertMentionsToTags(formatted);
-        // Remove redundant name after tags
+        // Convert markdown links with hex IDs to hailerTags: [Name](hexid) → [hailerTag|Name](hexid)
+        formatted = formatted.replace(/\[(?!hailerTag\|)([^\]]+)\]\(([a-f0-9]{24})\)/gi, (_match, name, id) => `\uFEFF[hailerTag|${name}](${id})\uFEFF`);
+        // Remove redundant name after tags: [hailerTag|Name](id) (Name) → [hailerTag|Name](id)
         formatted = formatted.replace(/(\[hailerTag\|[^\]]+\]\([a-f0-9]{24}\)\uFEFF?)\s*\([^)]+\)/gi, '$1');
-        // Auto-resolve bare 24-char hex IDs not already in hailerTag format
+        // Strip hailerTags inside markdown table rows (pipe in hailerTag|Name breaks table columns)
+        formatted = formatted.split('\n').map(line => {
+            if (!line.trimStart().startsWith('|'))
+                return line;
+            return line.replace(/\uFEFF?\[hailerTag\|([^\]]+)\]\([a-f0-9]{24}\)\uFEFF?/gi, '$1');
+        }).join('\n');
         formatted = await this.resolveBareIds(formatted);
         return formatted;
     }
-    /**
-     * Find bare 24-char hex IDs in text that aren't already inside hailerTags
-     * and try to resolve them to clickable hailerTags.
-     */
     async resolveBareIds(text) {
-        // Match 24-char hex IDs that are NOT preceded by ( which would mean they're already in a hailerTag
         const bareIdPattern = /(?<!\()([a-f0-9]{24})(?!\)[^\[]*\[hailerTag)/gi;
         const matches = [...text.matchAll(bareIdPattern)];
-        // Collect IDs that aren't already in hailerTags, limit to 5
         const idsToResolve = [];
         for (const match of matches) {
             const id = match[1];
-            const tagCheck = new RegExp(`\\[hailerTag\\|[^\\]]+\\]\\(${id}\\)`, 'i');
-            if (tagCheck.test(text))
+            if (new RegExp(`\\[hailerTag\\|[^\\]]+\\]\\(${id}\\)`, 'i').test(text))
                 continue;
             idsToResolve.push(id);
             if (idsToResolve.length >= 5)
@@ -1142,560 +739,107 @@ Reply with exactly one word: SIMPLE or COMPLEX`,
         }
         if (idsToResolve.length === 0)
             return text;
-        // Resolve all IDs in parallel
         const resolutions = await Promise.all(idsToResolve.map(async (id) => {
             try {
                 const result = await this.toolExecutor.execute('show_activity_by_id', { activityId: id }, this.getUserContext());
                 const resultText = result?.content?.[0]?.text;
                 if (resultText) {
-                    const jsonMatch = resultText.match(/\{[\s\S]*\}/);
-                    if (jsonMatch) {
-                        const parsed = JSON.parse(jsonMatch[0]);
-                        if (parsed.name)
-                            return { id, name: parsed.name };
+                    const j = resultText.match(/\{[\s\S]*\}/);
+                    if (j) {
+                        const p = JSON.parse(j[0]);
+                        if (p.name)
+                            return { id, name: p.name };
                     }
                 }
             }
-            catch {
-                // Not an activity, skip
-            }
+            catch { /* not an activity */ }
             return null;
         }));
-        // Apply replacements
-        for (const resolved of resolutions) {
-            if (!resolved)
+        for (const r of resolutions) {
+            if (!r)
                 continue;
-            const ZWNBSP = '\uFEFF';
-            const tag = `${ZWNBSP}[hailerTag|${resolved.name}](${resolved.id})${ZWNBSP}`;
-            text = text.replace(resolved.id, tag);
+            text = text.replace(r.id, `\uFEFF[hailerTag|${r.name}](${r.id})\uFEFF`);
         }
         return text;
     }
-    // ===== SYSTEM PROMPT =====
-    getBotDisplayName() {
-        if (!this.init?.users || !this.userId)
-            return 'Assistant';
-        const user = this.init.users[this.userId];
-        if (!user)
-            return 'Assistant';
-        const name = user.display_name || user.fullName ||
-            `${user.firstname || ''} ${user.lastname || ''}`.trim();
-        return name || 'Assistant';
+    // ===== HELPERS =====
+    async injectPendingContext(discussionId, conversation) {
+        const state = this.signalRouter.getState(discussionId);
+        if (!state || state.contextBuffer.length === 0)
+            return;
+        const pending = state.contextBuffer.splice(0);
+        const lastMsg = conversation[conversation.length - 1];
+        if (lastMsg?.role === 'user' && Array.isArray(lastMsg.content)) {
+            lastMsg.content.push({ type: 'text', text: `<context type="messages-during-processing">\n${pending.map(m => this.formatIncomingMessage(m)).join('\n\n')}\n</context>` });
+            for (const block of await this.resolveImageAttachments(pending))
+                lastMsg.content.push(block);
+            this.opLogger.contextInject(discussionId, pending.length);
+        }
     }
-    buildSystemPrompt() {
-        const wsName = this.init?.network?.name || 'Workspace';
-        const botName = this.getBotDisplayName();
-        const identity = `<bot-identity>
-Your user ID: ${this.userId}
-Your display name: ${botName}
-Workspace: ${wsName}
-</bot-identity>`;
-        // Platform rules — always applied regardless of custom prompt.
-        // These are operational requirements that keep the bot functional.
-        const platformRules = `<platform-rules>
-- Use tools to answer questions — don't guess or make up data.
-- When a tool call fails, tell the user what failed and why. Never silently try alternatives.
-- For bulk operations, batch into groups of 25-50 per tool call.
-- NEVER output raw URLs like https://app.hailer.com/...
-
-HAILERTAG LINKING (mandatory):
-- When referencing activities, discussions, or users, ALWAYS use: [hailerTag|Display Name](objectId)
-- Examples:
-    [hailerTag|AC Milan deal](691ffe654217e9e8434e578a)
-    [hailerTag|John Smith](691ffe654217e9e8434e5123)
-- Tool responses include both names and IDs — use them directly in this format.
-- NEVER use hailerTag for workflows, phases, teams, or groups — these don't support linking. Just use their plain text names.
-- NEVER output bare 24-character hex IDs to the user.
-</platform-rules>`;
-        const now = new Date();
-        const isoDate = now.toISOString().split('T')[0];
-        const dayOfWeek = now.getUTCDay(); // 0=Sun, 1=Mon, ...
-        const weekNum = Math.ceil(((+now - +new Date(now.getFullYear(), 0, 1)) / 86400000 + new Date(now.getFullYear(), 0, 1).getDay() + 1) / 7);
-        const dateContext = `<current-date>
-Today: ${now.toLocaleDateString('en-US', { weekday: 'long', year: 'numeric', month: 'long', day: 'numeric' })} (${isoDate}, ISO week ${weekNum}, day ${dayOfWeek})
-Time: ${now.toLocaleTimeString('en-US', { hour: '2-digit', minute: '2-digit', hour12: false, timeZone: 'Europe/Helsinki' })} Europe/Helsinki
-Year: ${now.getFullYear()}
-
-DATE HANDLING — CRITICAL:
-- The current year is ${now.getFullYear()}. When no year is specified, ALWAYS use ${now.getFullYear()} (or ${now.getFullYear() + 1} if the date has already passed this year).
-- European/Finnish dates use DD.MM.YYYY or DD.M.YYYY format (day first, NOT month first). "18.7.2026" = July 18, 2026. "3.12" = December 3. Never confuse day and month.
-- Resolve relative dates in any language (Finnish, Swedish, English, etc.) by calculating from today's date.
-- For activity date fields, always output YYYY-MM-DD format. The system auto-converts to timestamps.
-- If a date is ambiguous, ask the user to clarify.
-</current-date>`;
-        const wsContext = `<workspace-context>
-${this.workspaceOverview}
-</workspace-context>`;
-        const customPrompt = this._systemPrompt?.trim();
-        if (customPrompt) {
-            // Custom prompt = the bot's mission brief. It defines personality, scope, and behavior.
-            // Platform rules and identity are always appended — they keep the bot functional.
-            const body = customPrompt
-                .replace(/\{wsName\}/g, wsName)
-                .replace(/\{userId\}/g, this.userId)
-                .replace(/\{botName\}/g, botName);
-            return `${body}\n\n${platformRules}\n\n${identity}\n\n${dateContext}\n\n${wsContext}`;
+    cleanupIncompleteExchange(conversation) {
+        while (conversation.length > 0) {
+            const last = conversation[conversation.length - 1];
+            const content = Array.isArray(last.content) ? last.content : [];
+            if (last.role === 'assistant' && content.some((b) => b.type === 'tool_use')) {
+                conversation.pop();
+                continue;
+            }
+            if (last.role === 'user' && content.some((b) => b.type === 'tool_result')) {
+                conversation.pop();
+                continue;
+            }
+            break;
         }
-        // Default prompt — general-purpose workspace assistant with behavioral defaults.
-        const defaultBehavior = `<behavior>
-- Be concise. Short answers, no filler.
-- Never list your capabilities unprompted. If asked what you can do, give a 1-2 sentence summary based on the workspace context below, not a feature dump.
-- Never use emojis unless the user does first.
-- When a task will require multiple steps, briefly tell the user what you're about to do. Be concrete — never use vague filler like "Let me look into that".
-- When showing data, use clean formatting (tables, bullet points). Don't over-explain.
-- If a request is ambiguous, ask a clarifying question instead of guessing.
-- Always reference actual workspace data (workflow names, field values) — never speak in generic terms.
-</behavior>`;
-        return `You are a workspace assistant for "${wsName}" on Hailer.
-
-${identity}
-
-${platformRules}
-
-${defaultBehavior}
-
-${dateContext}
-
-${wsContext}`;
     }
-    // ===== TOOLS =====
-    static TOOL_STATUS_LABELS = {
-        list_activities: 'Searching activities',
-        count_activities: 'Counting activities',
-        show_activity_by_id: 'Reading activity',
-        create_activity: 'Creating activity',
-        update_activity: 'Updating activity',
-        list_workflows: 'Loading workflows',
-        list_workflows_minimal: 'Loading workflows',
-        get_workflow_schema: 'Reading workflow schema',
-        list_workflow_phases: 'Loading phases',
-        preview_insight: 'Running query',
-        get_insight_data: 'Running report',
-        search_workspace_users: 'Searching users',
-        fetch_discussion_messages: 'Reading messages',
-        add_discussion_message: 'Sending message',
-        join_discussion: 'Joining discussion',
-    };
     getToolStatus(toolUseBlocks) {
-        if (toolUseBlocks.length === 1) {
-            return Bot.TOOL_STATUS_LABELS[toolUseBlocks[0].name]
-                || toolUseBlocks[0].name.replace(/_/g, ' ');
-        }
-        const firstLabel = Bot.TOOL_STATUS_LABELS[toolUseBlocks[0].name]
-            || toolUseBlocks[0].name.replace(/_/g, ' ');
-        return `${firstLabel} (+${toolUseBlocks.length - 1} more)`;
+        if (toolUseBlocks.length === 1)
+            return TOOL_STATUS_LABELS[toolUseBlocks[0].name] || toolUseBlocks[0].name.replace(/_/g, ' ');
+        return `${TOOL_STATUS_LABELS[toolUseBlocks[0].name] || toolUseBlocks[0].name.replace(/_/g, ' ')} (+${toolUseBlocks.length - 1} more)`;
     }
     getAnthropicTools() {
-        const allowedTools = BOT_TOOLS;
+        if (this.cachedTools)
+            return this.cachedTools;
         const defs = this.toolExecutor.getToolDefinitions({
             allowedGroups: [tool_registry_1.ToolGroup.READ, tool_registry_1.ToolGroup.WRITE, tool_registry_1.ToolGroup.PLAYGROUND, tool_registry_1.ToolGroup.BOT_INTERNAL],
         });
-        const tools = defs
-            .filter(d => allowedTools.has(d.name))
-            .map(d => ({
-            name: d.name,
-            description: d.description,
-            input_schema: d.inputSchema,
+        const tools = defs.filter(d => BOT_TOOLS.has(d.name)).map(d => ({
+            name: d.name, description: d.description, input_schema: d.inputSchema,
         }));
-        // Mark last tool for prompt caching — tools never change per session
-        if (tools.length > 0) {
+        if (tools.length > 0)
             tools[tools.length - 1].cache_control = { type: 'ephemeral' };
-        }
+        this.cachedTools = tools;
         return tools;
     }
-    // ===== HAILER MESSAGING =====
     async sendMessage(discussionId, text, links) {
         try {
             const msgData = { msg: text };
             if (links?.length)
                 msgData.links = links;
             await this.client.socket.request('messenger.send', [msgData, discussionId]);
-            const tagCount = (text.match(/\[hailerTag\|/g) || []).length;
-            this.opLogger.messageOut(discussionId, text.length, tagCount);
+            this.opLogger.messageOut(discussionId, text.length, (text.match(/\[hailerTag\|/g) || []).length);
         }
         catch (error) {
             this.logger.error('Failed to send message', error);
         }
     }
-    // ===== HELPERS =====
-    /**
-     * Schedule a workspace data refresh with debounce.
-     * Signals can fire in bursts (e.g., bulk field edits), so we debounce
-     * to avoid hammering the API. 2-second delay is effectively instant
-     * from a user perspective but handles bursts.
-     */
-    scheduleRefresh(scope) {
-        this.refreshDirty = true;
-        if (scope === 'full') {
-            this.refreshScope.clear();
-            this.refreshScope.add('full');
-        }
-        else if (!this.refreshScope.has('full')) {
-            this.refreshScope.add(scope);
-        }
-        if (this.refreshTimer)
-            clearTimeout(this.refreshTimer);
-        this.refreshTimer = setTimeout(() => this.refreshWorkspaceData(), 2000);
-    }
-    /**
-     * Re-fetch workspace data and rebuild the overview.
-     * Called when process.updated, workspace.updated, or cache.invalidate signals fire.
-     */
-    async refreshWorkspaceData() {
-        if (!this.refreshDirty || !this.client)
-            return;
-        if (this.isRefreshing) {
-            this.refreshQueued = true;
-            return;
-        }
-        this.isRefreshing = true;
-        this.refreshDirty = false;
-        const scopes = new Set(this.refreshScope);
-        this.refreshScope.clear();
-        this.refreshTimer = null;
-        try {
-            // Determine what to re-fetch based on signal types
-            const isFull = scopes.has('full');
-            const keys = isFull
-                ? ['processes', 'users', 'network', 'networks', 'teams', 'groups']
-                : Array.from(scopes);
-            // Always include users with processes (membership check depends on it)
-            if (keys.includes('processes') && !keys.includes('users')) {
-                keys.push('users');
-            }
-            this.logger.debug('Refreshing workspace data', { keys, trigger: isFull ? 'full' : Array.from(scopes).join(',') });
-            const freshData = await this.client.socket.request('v2.core.init', [keys]);
-            // Merge fresh data into existing init (partial update)
-            (0, types_1.normalizeInitProcesses)(freshData);
-            if (!this.init) {
-                this.init = freshData;
-            }
-            else {
-                if (freshData.processes)
-                    this.init.processes = freshData.processes;
-                if (freshData.users)
-                    this.init.users = freshData.users;
-                if (freshData.network)
-                    this.init.network = freshData.network;
-                if (freshData.networks)
-                    this.init.networks = freshData.networks;
-                if (freshData.teams)
-                    this.init.teams = freshData.teams;
-                if (freshData.groups)
-                    this.init.groups = freshData.groups;
-            }
-            this._workspaceId = this.init.network?._id || this.config.workspaceId;
-            // Rebuild workspace cache
-            this.workspaceCache = (0, workspace_cache_1.createWorkspaceCache)(this.init, {
-                excludeTranslations: true,
-                excludeSystemMessages: true,
-                excludeEmptyFields: true,
-                compactUserData: true,
-                includeWorkspaceNamesInTools: false,
-            });
-            this.backfillWorkspaceCacheMembers();
-            // Rebuild workspace overview for system prompt
-            this.workspaceOverview = (0, workspace_overview_1.generateWorkspaceOverview)(this.init);
-            // Update UserContext with fresh data
-            if (this.userContext) {
-                this.userContext.init = this.init;
-                this.userContext.workspaceCache = this.workspaceCache;
-            }
-            // Rebuild permission index
-            this.buildPermissionIndex();
-            this.logger.debug('Workspace data refreshed', {
-                keys,
-                workflowCount: this.init.processes?.length || 0,
-                userCount: Object.keys(this.init.users || {}).length,
-            });
-        }
-        catch (error) {
-            this.logger.error('Failed to refresh workspace data', error);
-        }
-        finally {
-            this.isRefreshing = false;
-            if (this.refreshQueued) {
-                this.refreshQueued = false;
-                this.refreshWorkspaceData();
-            }
-        }
-    }
-    /**
-     * Backfill workspaceCache.usersById with entries from network.members
-     * that are missing from init.users (which is only a partial user list).
-     */
-    backfillWorkspaceCacheMembers() {
-        if (!this.workspaceCache || !this.init)
-            return;
-        const network = this.init.network;
-        if (!network?.members)
-            return;
-        const members = Array.isArray(network.members) ? network.members : Object.values(network.members);
-        let backfilled = 0;
-        for (const member of members) {
-            if (member.uid && !this.workspaceCache.usersById[member.uid]) {
-                const stub = {
-                    id: member.uid,
-                    firstname: member.firstname || '',
-                    lastname: member.lastname || '',
-                    fullName: member.firstname && member.lastname
-                        ? `${member.firstname} ${member.lastname}`
-                        : member.firstname || member.lastname || '',
-                    companies: [],
-                    lastSeen: 0,
-                };
-                this.workspaceCache.usersById[member.uid] = stub;
-                this.workspaceCache.users.push(stub);
-                backfilled++;
-            }
-        }
-        this.logger.debug('Workspace cache member backfill', {
-            totalMembers: members.length,
-            inInitUsers: members.length - backfilled,
-            backfilled,
-        });
-    }
-    buildPermissionIndex() {
-        const wsId = this._workspaceId;
-        if (!wsId)
-            return;
-        const result = (0, permission_guard_1.buildPermissionIndex)(this.init, wsId);
-        this.permissionIndex = result.permissionIndex;
-        this.adminUserIds = result.adminUserIds;
-        this.ownerUserIds = result.ownerUserIds;
-        this.workspaceMemberIds = result.workspaceMemberIds;
-        this.membersLoaded = result.workspaceMemberIds.size > 0;
-        const totalWorkflows = this.init?.processes?.length || 0;
-        this.logger.debug('Permission index built', {
-            restricted: this.permissionIndex.size,
-            open: totalWorkflows - this.permissionIndex.size,
-            totalWorkflows,
-            totalEntries: Array.from(this.permissionIndex.values()).reduce((n, s) => n + s.size, 0),
-            admins: this.adminUserIds.size,
-            owners: this.ownerUserIds.size,
-            membersLoaded: this.membersLoaded,
-            workspaceMembers: this.workspaceMemberIds.size,
-            accessLevel: this.config.accessLevel,
-            botWorkflowScope: this.config.allowedWorkflows.length > 0
-                ? `${this.config.allowedWorkflows.length} workflows`
-                : 'all',
-        });
-        // Detailed permission map for verification
-        const processNames = new Map();
-        for (const proc of (this.init?.processes || [])) {
-            processNames.set(proc._id, proc.name || proc._id);
-        }
-        // Resolve user IDs to names where possible
-        const userNames = new Map();
-        if (this.workspaceCache?.usersById) {
-            for (const uid of this.workspaceMemberIds) {
-                const user = this.workspaceCache.usersById[uid];
-                if (user)
-                    userNames.set(uid, user.fullName || user.email || uid);
-            }
-        }
-        const resolve = (uid) => {
-            const name = userNames.get(uid);
-            return name ? `${name} (${uid})` : uid;
-        };
-        this.logger.debug('Permission map — admins', {
-            admins: [...this.adminUserIds].map(resolve),
-        });
-        this.logger.debug('Permission map — owners', {
-            owners: [...this.ownerUserIds].map(resolve),
-        });
-        this.logger.debug('Permission map — workspace members', {
-            members: [...this.workspaceMemberIds].map(resolve),
-        });
-        // Log each restricted workflow with its allowed users
-        for (const [wfId, userIds] of this.permissionIndex) {
-            this.logger.debug('Permission map — restricted workflow', {
-                workflow: processNames.get(wfId) || wfId,
-                workflowId: wfId,
-                allowedUsers: [...userIds].map(resolve),
-                allowedCount: userIds.size,
-            });
-        }
-        // Log open workflows
-        const openWorkflows = (this.init?.processes || [])
-            .filter((p) => !this.permissionIndex.has(p._id))
-            .map((p) => p.name || p._id);
-        if (openWorkflows.length > 0) {
-            this.logger.debug('Permission map — open workflows (all members)', {
-                workflows: openWorkflows,
-                count: openWorkflows.length,
-            });
-        }
-    }
-    getOrCreateDiscussionState(discussionId) {
-        let state = this.discussionStates.get(discussionId);
-        if (state) {
-            // LRU: move to end
-            this.discussionStates.delete(discussionId);
-            this.discussionStates.set(discussionId, state);
-            return state;
-        }
-        // Evict oldest if at capacity
-        if (this.discussionStates.size >= 200) {
-            const oldest = this.discussionStates.keys().next().value;
-            if (oldest)
-                this.discussionStates.delete(oldest);
-        }
-        state = {
-            contextBuffer: [],
-            abortController: null,
-            state: 'idle',
-            consecutiveNonResponses: 0,
-            lastProgressTime: 0,
-        };
-        this.discussionStates.set(discussionId, state);
-        return state;
-    }
     getUserContext() {
         if (!this.userContext)
             throw new Error('Bot not started');
         return this.userContext;
     }
-    getDefaultTeamId() {
-        const teams = this.init?.teams;
-        if (!teams)
-            return undefined;
-        const workspaceTeams = Object.values(teams)[0];
-        if (!workspaceTeams || typeof workspaceTeams !== 'object')
-            return undefined;
-        return Object.keys(workspaceTeams)[0];
-    }
-    // ===== UNIFIED PERMISSION SYSTEM =====
-    /** Get the current permission context for checkWorkflowAccess calls */
-    getPermissionContext() {
-        return {
-            allowedWorkflows: this.config.allowedWorkflows,
-            permissionIndex: this.permissionIndex,
-            adminUserIds: this.adminUserIds,
-            ownerUserIds: this.ownerUserIds,
-            insightWorkflowCache: this.insightWorkflowCache,
-        };
-    }
-    /**
-     * Post-filter list-type tool results to remove items the user can't access.
-     * Handles list_workflows, list_workflows_minimal, and list_insights.
-     */
-    async postFilterListResults(toolName, contentStr, senderId, discussionId) {
-        const ctx = this.getPermissionContext();
-        // Filter workflow lists (JSON response)
-        if (toolName === 'list_workflows' || toolName === 'list_workflows_minimal') {
-            try {
-                const parsed = JSON.parse(contentStr);
-                if (parsed.workflows && Array.isArray(parsed.workflows)) {
-                    const before = parsed.workflows.length;
-                    parsed.workflows = parsed.workflows.filter((wf) => {
-                        const wfId = wf.id || wf._id || wf.workflowId;
-                        if (!wfId)
-                            return true;
-                        return !(0, permission_guard_1.checkWorkflowAccess)([wfId], senderId, ctx);
-                    });
-                    if (parsed.workflows.length < before) {
-                        this.opLogger.permFiltered(discussionId, toolName, before, parsed.workflows.length);
-                    }
-                    return JSON.stringify(parsed);
-                }
-            }
-            catch {
-                // Not JSON (markdown response) — pass through unmodified
-                return contentStr;
-            }
-        }
-        // Filter insight lists (formatted text response — need raw API data)
-        if (toolName === 'list_insights') {
-            try {
-                const wsId = this._workspaceId || this.init?.network?._id;
-                if (wsId && this.hailerApi) {
-                    const rawInsights = await this.hailerApi.request('v3.insight.list', [wsId]);
-                    const insights = Array.isArray(rawInsights) ? rawInsights : [];
-                    const deniedIds = new Set();
-                    for (const insight of insights) {
-                        const wfIds = [];
-                        for (const src of (insight.sources || [])) {
-                            if (src.workflowId)
-                                wfIds.push(src.workflowId);
-                        }
-                        // Always cache the mapping
-                        if (wfIds.length > 0) {
-                            this.insightWorkflowCache.set(insight._id, new Set(wfIds));
-                        }
-                        // Check access
-                        if ((0, permission_guard_1.checkWorkflowAccess)(wfIds, senderId, ctx)) {
-                            deniedIds.add(insight._id);
-                        }
-                    }
-                    if (deniedIds.size > 0) {
-                        let filtered = contentStr;
-                        for (const id of deniedIds) {
-                            const pattern = new RegExp(`\\d+\\.\\s+\\*\\*[^*]+\\*\\*\\n(?:.*\\n)*?\\s+-\\s+Insight ID:\\s+\`${id}\`(?:.*\\n)*?(?=\\d+\\.\\s+\\*\\*|💡|$)`, 'g');
-                            filtered = filtered.replace(pattern, '');
-                        }
-                        const visibleCount = insights.length - deniedIds.size;
-                        filtered = filtered.replace(/\*\*Insights Found\*\*\s+\(\d+ total\)/, `**Insights Found** (${visibleCount} total)`);
-                        this.opLogger.permFiltered(discussionId, toolName, insights.length, visibleCount);
-                        return filtered;
-                    }
-                }
-            }
-            catch (err) {
-                this.logger.warn('Failed to filter list_insights by permissions', { error: err });
-            }
-        }
-        return contentStr;
-    }
-    /**
-     * Extract workflow ID from tool result for post-execution permission checks.
-     * Returns the workflow ID if found, or undefined if extraction fails.
-     */
-    extractWorkflowIdFromResult(toolName, resultStr) {
-        try {
-            const jsonMatch = resultStr.match(/\{[\s\S]*\}/);
-            if (!jsonMatch)
-                return undefined;
-            const parsed = JSON.parse(jsonMatch[0]);
-            // show_activity_by_id: workflowId is in the activity result
-            if (toolName === 'show_activity_by_id') {
-                return parsed.workflowId || parsed.workflow_id || parsed.processId;
-            }
-            // get_activity_from_discussion: returns activity with workflow info
-            if (toolName === 'get_activity_from_discussion') {
-                return parsed.workflowId || parsed.workflow_id || parsed.processId
-                    || parsed.activity?.workflowId || parsed.activity?.processId;
-            }
-            // fetch_discussion_messages: result may contain a workflowId from linked activity
-            if (toolName === 'fetch_discussion_messages') {
-                return parsed.workflowId || parsed.workflow_id || parsed.processId
-                    || parsed.activity?.workflowId || parsed.activity?.processId;
-            }
-        }
-        catch {
-            // JSON parse failed, cannot extract
-        }
-        return undefined;
-    }
     trackTokenUsage(response, message, model) {
         if (!response.usage)
             return;
         const { input_tokens, output_tokens } = response.usage;
         const cacheCreation = response.usage.cache_creation_input_tokens || 0;
         const cacheRead = response.usage.cache_read_input_tokens || 0;
-        // Burn tokens - always use bot's workspace, not the discussion's workspace
         const burnWorkspaceId = this._workspaceId || message.workspaceId;
         if (this.tokenBilling && burnWorkspaceId) {
             const cost = this.tokenBilling.calculateCost(input_tokens, output_tokens, cacheCreation, cacheRead, model);
             this.tokenBilling.burnTokens({
-                workspaceId: burnWorkspaceId,
-                inputTokens: input_tokens,
-                outputTokens: output_tokens,
-                cacheCreationTokens: cacheCreation,
-                cacheReadTokens: cacheRead,
-                costUsd: cost,
-                sessionId: message.discussionId,
-                model,
+                workspaceId: burnWorkspaceId, inputTokens: input_tokens, outputTokens: output_tokens,
+                cacheCreationTokens: cacheCreation, cacheReadTokens: cacheRead, costUsd: cost,
+                sessionId: message.discussionId, model,
             });
         }
     }