@iletai/nzb 1.1.3 → 1.1.5

package/dist/config.js

@@ -11,6 +11,7 @@ const configSchema = z.object({
     API_PORT: z.string().optional(),
     COPILOT_MODEL: z.string().optional(),
     WORKER_TIMEOUT: z.string().optional(),
+    SHOW_REASONING: z.string().optional(),
     NODE_EXTRA_CA_CERTS: z.string().optional(),
 });
 const raw = configSchema.parse(process.env);
@@ -51,28 +52,37 @@ export const config = {
     get selfEditEnabled() {
         return process.env.NZB_SELF_EDIT === "1";
     },
+    get showReasoning() {
+        return process.env.SHOW_REASONING === "true";
+    },
+    set showReasoning(value) {
+        process.env.SHOW_REASONING = value ? "true" : "false";
+    },
 };
-/** Persist the current model choice to ~/.nzb/.env */
-export function persistModel(model) {
+/** Persist an env variable to ~/.nzb/.env */
+export function persistEnvVar(key, value) {
     ensureNZBHome();
     try {
         const content = readFileSync(ENV_PATH, "utf-8");
         const lines = content.split("\n");
         let found = false;
         const updated = lines.map((line) => {
-            if (line.startsWith("COPILOT_MODEL=")) {
+            if (line.startsWith(`${key}=`)) {
                 found = true;
-                return `COPILOT_MODEL=${model}`;
+                return `${key}=${value}`;
             }
             return line;
         });
         if (!found)
-            updated.push(`COPILOT_MODEL=${model}`);
+            updated.push(`${key}=${value}`);
         writeFileSync(ENV_PATH, updated.join("\n"));
     }
     catch {
-        // File doesn't exist — create it
-        writeFileSync(ENV_PATH, `COPILOT_MODEL=${model}\n`);
+        writeFileSync(ENV_PATH, `${key}=${value}\n`);
     }
 }
+/** Persist the current model choice to ~/.nzb/.env */
+export function persistModel(model) {
+    persistEnvVar("COPILOT_MODEL", model);
+}
 //# sourceMappingURL=config.js.map

package/dist/copilot/client.js

@@ -1,5 +1,7 @@
 import { CopilotClient } from "@github/copilot-sdk";
 let client;
+/** Coalesces concurrent resetClient() calls into a single reset operation. */
+let pendingResetPromise;
 export async function getClient() {
     if (!client) {
         client = new CopilotClient({
@@ -10,18 +12,28 @@ export async function getClient() {
     }
     return client;
 }
-/** Tear down the existing client and create a fresh one. */
+/** Tear down the existing client and create a fresh one. Concurrent calls coalesce to a single reset. */
 export async function resetClient() {
-    if (client) {
-        try {
-            await client.stop();
-        }
-        catch {
-            /* best-effort */
+    if (pendingResetPromise)
+        return pendingResetPromise;
+    pendingResetPromise = (async () => {
+        if (client) {
+            try {
+                await client.stop();
+            }
+            catch {
+                /* best-effort */
+            }
+            client = undefined;
         }
-        client = undefined;
+        return getClient();
+    })();
+    try {
+        return await pendingResetPromise;
+    }
+    finally {
+        pendingResetPromise = undefined;
     }
-    return getClient();
 }
 export async function stopClient() {
     if (client) {

package/dist/copilot/mcp-config.js

@@ -1,22 +1,43 @@
 import { readFileSync } from "fs";
-import { join } from "path";
 import { homedir } from "os";
+import { join } from "path";
+let cachedConfig;
 /**
  * Load MCP server configs from ~/.copilot/mcp-config.json.
  * Returns an empty record if the file doesn't exist or is invalid.
+ * Only includes entries that have a valid 'type' field.
+ * Result is cached — call clearMcpConfigCache() to force a reload.
  */
 export function loadMcpConfig() {
+    if (cachedConfig)
+        return cachedConfig;
     const configPath = join(homedir(), ".copilot", "mcp-config.json");
     try {
         const raw = readFileSync(configPath, "utf-8");
         const parsed = JSON.parse(raw);
         if (parsed.mcpServers && typeof parsed.mcpServers === "object") {
-            return parsed.mcpServers;
+            // Filter out malformed entries — each server must have at least a type
+            const servers = {};
+            for (const [name, entry] of Object.entries(parsed.mcpServers)) {
+                if (entry && typeof entry === "object" && "type" in entry && typeof entry.type === "string") {
+                    servers[name] = entry;
+                }
+                else {
+                    console.log(`[nzb] Skipping malformed MCP server entry '${name}' (missing or invalid 'type' field)`);
+                }
+            }
+            cachedConfig = servers;
+            return servers;
         }
-        return {};
+        cachedConfig = {};
+        return cachedConfig;
     }
     catch {
-        return {};
+        cachedConfig = {};
+        return cachedConfig;
     }
 }
+export function clearMcpConfigCache() {
+    cachedConfig = undefined;
+}
 //# sourceMappingURL=mcp-config.js.map

package/dist/copilot/orchestrator.js

@@ -19,6 +19,10 @@ let proactiveNotifyFn;
 export function setProactiveNotify(fn) {
     proactiveNotifyFn = fn;
 }
+let workerNotifyFn;
+export function setWorkerNotify(fn) {
+    workerNotifyFn = fn;
+}
 let copilotClient;
 const workers = new Map();
 let healthCheckTimer;
@@ -35,20 +39,35 @@ let currentSourceChannel;
 export function getCurrentSourceChannel() {
     return currentSourceChannel;
 }
+// Cache tools to avoid recreating 15+ tool objects on every session create
+let cachedTools;
+let cachedToolsClientRef;
 function getSessionConfig() {
-    const tools = createTools({
-        client: copilotClient,
-        workers,
-        onWorkerComplete: feedBackgroundResult,
-    });
+    // Only recreate tools if the client changed (e.g., after a reset)
+    if (!cachedTools || cachedToolsClientRef !== copilotClient) {
+        cachedTools = createTools({
+            client: copilotClient,
+            workers,
+            onWorkerComplete: feedBackgroundResult,
+            onWorkerEvent: (event) => {
+                const worker = workers.get(event.name);
+                const channel = worker?.originChannel ?? currentSourceChannel;
+                if (workerNotifyFn) {
+                    workerNotifyFn(event, channel);
+                }
+            },
+        });
+        cachedToolsClientRef = copilotClient;
+    }
     const mcpServers = loadMcpConfig();
     const skillDirectories = getSkillDirectories();
-    return { tools, mcpServers, skillDirectories };
+    return { tools: cachedTools, mcpServers, skillDirectories };
 }
 /** Feed a background worker result into the orchestrator as a new turn. */
 export function feedBackgroundResult(workerName, result) {
     const worker = workers.get(workerName);
     const channel = worker?.originChannel;
+    console.log(`[nzb] Feeding background result from worker '${workerName}' (channel: ${channel ?? "none"})`);
     const prompt = `[Background task completed] Worker '${workerName}' finished:\n\n${result}`;
     sendToOrchestrator(prompt, { type: "background" }, (_text, done) => {
         if (done && proactiveNotifyFn) {
@@ -56,6 +75,10 @@ export function feedBackgroundResult(workerName, result) {
         }
     });
 }
+/** Check if a queued message is a background message. */
+function isBackgroundMessage(item) {
+    return item.sourceChannel === undefined;
+}
 function sleep(ms) {
     return new Promise((resolve) => setTimeout(resolve, ms));
 }
@@ -90,9 +113,12 @@ function startHealthCheck() {
             const state = copilotClient.getState();
             if (state !== "connected") {
                 console.log(`[nzb] Health check: client state is '${state}', resetting…`);
+                const previousClient = copilotClient;
                 await ensureClient();
-                // Session may need recovery after client reset
-                orchestratorSession = undefined;
+                // Only invalidate session if the underlying client actually changed
+                if (copilotClient !== previousClient) {
+                    orchestratorSession = undefined;
+                }
             }
         }
         catch (err) {
@@ -100,6 +126,13 @@ function startHealthCheck() {
         }
     }, HEALTH_CHECK_INTERVAL_MS);
 }
+/** Stop the periodic health check timer. Call during shutdown. */
+export function stopHealthCheck() {
+    if (healthCheckTimer) {
+        clearInterval(healthCheckTimer);
+        healthCheckTimer = undefined;
+    }
+}
 /** Create or resume the persistent orchestrator session. */
 async function ensureOrchestratorSession() {
     if (orchestratorSession)
@@ -139,6 +172,7 @@ async function createOrResumeSession() {
                 systemMessage: {
                     content: getOrchestratorSystemMessage(memorySummary || undefined, {
                         selfEditEnabled: config.selfEditEnabled,
+                        currentModel: config.copilotModel,
                     }),
                 },
                 tools,
@@ -162,7 +196,10 @@ async function createOrResumeSession() {
         configDir: SESSIONS_DIR,
         streaming: true,
         systemMessage: {
-            content: getOrchestratorSystemMessage(memorySummary || undefined, { selfEditEnabled: config.selfEditEnabled }),
+            content: getOrchestratorSystemMessage(memorySummary || undefined, {
+                selfEditEnabled: config.selfEditEnabled,
+                currentModel: config.copilotModel,
+            }),
         },
         tools,
         mcpServers,
@@ -174,35 +211,35 @@ async function createOrResumeSession() {
     setState(ORCHESTRATOR_SESSION_KEY, session.sessionId);
     console.log(`[nzb] Created orchestrator session ${session.sessionId.slice(0, 8)}…`);
     // Recover conversation context if available (session was lost, not first run)
+    // Fire-and-forget: don't block the first real message behind recovery injection
     const recentHistory = getRecentConversation(10);
     if (recentHistory) {
-        console.log(`[nzb] Injecting recent conversation context into new session`);
-        try {
-            await session.sendAndWait({
-                prompt: `[System: Session recovered] Your previous session was lost. Here's the recent conversation for context — do NOT respond to these messages, just absorb the context silently:\n\n${recentHistory}\n\n(End of recovery context. Wait for the next real message.)`,
-            }, 60_000);
-        }
-        catch (err) {
+        console.log(`[nzb] Injecting recent conversation context into new session (non-blocking)`);
+        session.sendAndWait({
+            prompt: `[System: Session recovered] Your previous session was lost. Here's the recent conversation for context — do NOT respond to these messages, just absorb the context silently:\n\n${recentHistory}\n\n(End of recovery context. Wait for the next real message.)`,
+        }, 20_000).catch((err) => {
             console.log(`[nzb] Context recovery injection failed (non-fatal): ${err instanceof Error ? err.message : err}`);
-        }
+        });
     }
     return session;
 }
 export async function initOrchestrator(client) {
     copilotClient = client;
     const { mcpServers, skillDirectories } = getSessionConfig();
-    // Validate configured model against available models
-    try {
-        const models = await client.listModels();
-        const configured = config.copilotModel;
-        const isAvailable = models.some((m) => m.id === configured);
-        if (!isAvailable) {
-            console.log(`[nzb] Warning: Configured model '${configured}' is not available. Falling back to '${DEFAULT_MODEL}'.`);
-            config.copilotModel = DEFAULT_MODEL;
+    // Validate configured model against available models (skip for default — saves 1-3s startup)
+    if (config.copilotModel !== DEFAULT_MODEL) {
+        try {
+            const models = await client.listModels();
+            const configured = config.copilotModel;
+            const isAvailable = models.some((m) => m.id === configured);
+            if (!isAvailable) {
+                console.log(`[nzb] Warning: Configured model '${configured}' is not available. Falling back to '${DEFAULT_MODEL}'.`);
+                config.copilotModel = DEFAULT_MODEL;
+            }
+        }
+        catch (err) {
+            console.log(`[nzb] Could not validate model (will use '${config.copilotModel}' as-is): ${err instanceof Error ? err.message : err}`);
         }
-    }
-    catch (err) {
-        console.log(`[nzb] Could not validate model (will use '${config.copilotModel}' as-is): ${err instanceof Error ? err.message : err}`);
     }
     console.log(`[nzb] Loading ${Object.keys(mcpServers).length} MCP server(s): ${Object.keys(mcpServers).join(", ") || "(none)"}`);
     console.log(`[nzb] Skill directories: ${skillDirectories.join(", ") || "(none)"}`);
@@ -224,7 +261,9 @@ async function executeOnSession(prompt, callback, onToolEvent) {
     let toolCallExecuted = false;
     const unsubToolStart = session.on("tool.execution_start", (event) => {
         const toolName = event?.data?.toolName || event?.data?.name || "tool";
-        onToolEvent?.({ type: "tool_start", toolName });
+        const args = event?.data?.arguments;
+        const detail = args?.description || args?.command?.slice(0, 80) || args?.intent || args?.pattern || args?.prompt?.slice(0, 80) || undefined;
+        onToolEvent?.({ type: "tool_start", toolName, detail });
     });
     const unsubToolDone = session.on("tool.execution_complete", (event) => {
         toolCallExecuted = true;
@@ -241,14 +280,23 @@ async function executeOnSession(prompt, callback, onToolEvent) {
         accumulated += event.data.deltaContent;
         callback(accumulated, false);
     });
+    const unsubError = session.on("session.error", (event) => {
+        const errMsg = event?.data?.message || event?.data?.error || "Unknown session error";
+        console.error(`[nzb] Session error event: ${errMsg}`);
+    });
     try {
-        const result = await session.sendAndWait({ prompt }, 120_000);
+        const result = await session.sendAndWait({ prompt }, 60_000);
         const finalContent = result?.data?.content || accumulated || "(No response)";
         return finalContent;
     }
     catch (err) {
-        // If the session is broken, invalidate it so it's recreated on next attempt
         const msg = err instanceof Error ? err.message : String(err);
+        // On timeout, deliver whatever was accumulated instead of retrying from scratch
+        if (/timeout/i.test(msg) && accumulated.length > 0) {
+            console.log(`[nzb] Timeout — delivering ${accumulated.length} chars of partial content`);
+            return accumulated + "\n\n---\n\n⏱ Response was cut short (timeout). You can ask me to continue.";
+        }
+        // If the session is broken, invalidate it so it's recreated on next attempt
         if (/closed|destroy|disposed|invalid|expired|not found/i.test(msg)) {
             console.log(`[nzb] Session appears dead, will recreate: ${msg}`);
             orchestratorSession = undefined;
@@ -260,6 +308,7 @@ async function executeOnSession(prompt, callback, onToolEvent) {
         unsubDelta();
         unsubToolStart();
         unsubToolDone();
+        unsubError();
         currentCallback = undefined;
     }
 }
@@ -294,17 +343,39 @@ export async function sendToOrchestrator(prompt, source, callback, onToolEvent)
     const sourceLabel = source.type === "telegram" ? "telegram" : source.type === "tui" ? "tui" : "background";
     logMessage("in", sourceLabel, prompt);
     // Tag the prompt with its source channel
-    const taggedPrompt = source.type === "background" ? prompt : `[via ${sourceLabel}] ${prompt}`;
+    let taggedPrompt = source.type === "background" ? prompt : `[via ${sourceLabel}] ${prompt}`;
+    // Inject fresh memory context into user prompts so new memories are reflected
+    // (system message only gets memory at session creation time)
+    if (source.type !== "background") {
+        const freshMemory = getMemorySummary();
+        if (freshMemory) {
+            taggedPrompt = `<reminder>\n${freshMemory}\n</reminder>\n\n${taggedPrompt}`;
+        }
+    }
     // Log role: background events are "system", user messages are "user"
     const logRole = source.type === "background" ? "system" : "user";
     // Determine the source channel for worker origin tracking
     const sourceChannel = source.type === "telegram" ? "telegram" : source.type === "tui" ? "tui" : undefined;
-    // Enqueue and process
+    // Enqueue with priority — user messages go before background messages
     void (async () => {
         for (let attempt = 0; attempt <= MAX_RETRIES; attempt++) {
             try {
                 const finalContent = await new Promise((resolve, reject) => {
-                    messageQueue.push({ prompt: taggedPrompt, callback, onToolEvent, sourceChannel, resolve, reject });
+                    const item = { prompt: taggedPrompt, callback, onToolEvent, sourceChannel, resolve, reject };
+                    if (source.type === "background") {
+                        // Background results go to the back of the queue
+                        messageQueue.push(item);
+                    }
+                    else {
+                        // User messages inserted before any background messages (priority)
+                        const bgIndex = messageQueue.findIndex(isBackgroundMessage);
+                        if (bgIndex >= 0) {
+                            messageQueue.splice(bgIndex, 0, item);
+                        }
+                        else {
+                            messageQueue.push(item);
+                        }
+                    }
                     processQueue();
                 });
                 // Deliver response to user FIRST, then log best-effort
@@ -360,6 +431,9 @@ export async function sendToOrchestrator(prompt, source, callback, onToolEvent)
 export async function cancelCurrentMessage() {
     // Drain any queued messages
     const drained = messageQueue.length;
+    if (drained > 0) {
+        console.log(`[nzb] Cancelling: draining ${drained} queued message(s)`);
+    }
     while (messageQueue.length > 0) {
         const item = messageQueue.shift();
         item.reject(new Error("Cancelled"));

package/dist/copilot/skills.js

@@ -1,6 +1,6 @@
-import { readdirSync, readFileSync, mkdirSync, writeFileSync, existsSync, rmSync } from "fs";
-import { join, dirname } from "path";
+import { existsSync, mkdirSync, readdirSync, readFileSync, rmSync, writeFileSync } from "fs";
 import { homedir } from "os";
+import { dirname, join, resolve, sep } from "path";
 import { fileURLToPath } from "url";
 import { SKILLS_DIR } from "../paths.js";
 /** User-local skills directory (~/.nzb/skills/) */
@@ -9,8 +9,11 @@ const LOCAL_SKILLS_DIR = SKILLS_DIR;
 const GLOBAL_SKILLS_DIR = join(homedir(), ".agents", "skills");
 /** Skills bundled with the NZB package (e.g. find-skills) */
 const BUNDLED_SKILLS_DIR = join(dirname(fileURLToPath(import.meta.url)), "..", "..", "skills");
-/** Returns all skill directories that exist on disk. */
+let cachedSkillDirs;
+/** Returns all skill directories that exist on disk. Cached after first call. */
 export function getSkillDirectories() {
+    if (cachedSkillDirs)
+        return cachedSkillDirs;
     const dirs = [];
     if (existsSync(BUNDLED_SKILLS_DIR))
         dirs.push(BUNDLED_SKILLS_DIR);
@@ -18,8 +21,12 @@ export function getSkillDirectories() {
         dirs.push(LOCAL_SKILLS_DIR);
     if (existsSync(GLOBAL_SKILLS_DIR))
         dirs.push(GLOBAL_SKILLS_DIR);
+    cachedSkillDirs = dirs;
     return dirs;
 }
+export function clearSkillDirsCache() {
+    cachedSkillDirs = undefined;
+}
 /** Scan all skill directories and return metadata for each skill found. */
 export function listSkills() {
     const skills = [];
@@ -69,8 +76,10 @@ export function listSkills() {
 /** Create a new skill in the local skills directory. */
 export function createSkill(slug, name, description, instructions) {
     const skillDir = join(LOCAL_SKILLS_DIR, slug);
-    // Guard against path traversal
-    if (!skillDir.startsWith(LOCAL_SKILLS_DIR + "/")) {
+    // Guard against path traversal — resolve to canonical path and verify it stays inside skills dir
+    const resolvedSkillDir = resolve(skillDir);
+    const resolvedBase = resolve(LOCAL_SKILLS_DIR);
+    if (!resolvedSkillDir.startsWith(resolvedBase + sep)) {
         return `Invalid slug '${slug}': must be a simple kebab-case name without path separators.`;
     }
     if (existsSync(skillDir)) {
@@ -86,19 +95,23 @@ description: ${description}
 ${instructions}
 `;
     writeFileSync(join(skillDir, "SKILL.md"), skillMd);
+    clearSkillDirsCache();
     return `Skill '${name}' created at ${skillDir}. It will be available on your next message.`;
 }
 /** Remove a skill from the local skills directory (~/.nzb/skills/). */
 export function removeSkill(slug) {
     const skillDir = join(LOCAL_SKILLS_DIR, slug);
-    // Guard against path traversal
-    if (!skillDir.startsWith(LOCAL_SKILLS_DIR + "/")) {
+    // Guard against path traversal — resolve to canonical path and verify it stays inside skills dir
+    const resolvedSkillDir = resolve(skillDir);
+    const resolvedBase = resolve(LOCAL_SKILLS_DIR);
+    if (!resolvedSkillDir.startsWith(resolvedBase + sep)) {
         return { ok: false, message: `Invalid slug '${slug}': must be a simple kebab-case name without path separators.` };
     }
     if (!existsSync(skillDir)) {
         return { ok: false, message: `Skill '${slug}' not found in ${LOCAL_SKILLS_DIR}.` };
     }
     rmSync(skillDir, { recursive: true, force: true });
+    clearSkillDirsCache();
     return {
         ok: true,
         message: `Skill '${slug}' removed from ${skillDir}. It will no longer be available on your next message.`,

package/dist/copilot/system-message.js

@@ -17,112 +17,54 @@ This restriction does NOT apply to:
 - Any files outside the NZB installation directory
 `;
     const osName = process.platform === "darwin" ? "macOS" : process.platform === "win32" ? "Windows" : "Linux";
-    return `You are NZB, a personal AI assistant for developers running 24/7 on the user's machine (${osName}). You are the user's always-on assistant.
+    const modelInfo = opts?.currentModel ? ` You are currently using the \`${opts.currentModel}\` model.` : "";
+    return `You are NZB, a personal AI assistant for developers running 24/7 on the user's machine (${osName}).${modelInfo} You are the user's always-on assistant.
 
-## Your Architecture
+## Architecture
 
-You are a Node.js daemon process built with the Copilot SDK. Here's how you work:
+Node.js daemon with Copilot SDK. Interfaces:
+- **Telegram** (\`[via telegram]\`): Primary. Be concise and mobile-friendly.
+- **TUI** (\`[via tui]\`): Terminal. Can be more verbose.
+- **Background** (\`[via background]\`): Worker results. Summarize and relay.
+- **HTTP API**: Local port 7777.
 
-- **Telegram bot**: Your primary interface. The user messages you from their phone or Telegram desktop. Messages arrive tagged with \`[via telegram]\`. Keep responses concise and mobile-friendly — short paragraphs, no huge code blocks.
-- **Local TUI**: A terminal readline interface on the local machine. Messages arrive tagged with \`[via tui]\`. You can be more verbose here since it's a full terminal.
-- **Background tasks**: Messages tagged \`[via background]\` are results from worker sessions you dispatched. Summarize and relay these to the user.
-- **HTTP API**: You expose a local API on port 7777 for programmatic access.
+No source tag = assume Telegram.
 
-When no source tag is present, assume Telegram.
+## Role
 
-## Your Capabilities
+- **Direct answer**: Simple questions, knowledge, math — answer directly.
+- **Worker session**: Coding, debugging, file ops — delegate to a worker with \`create_worker_session\`.
+- **Skills**: Use existing skills for external tools. Search skills.sh first for new capabilities.
 
-1. **Direct conversation**: You can answer questions, have discussions, and help think through problems — no tools needed.
-2. **Worker sessions**: You can spin up full Copilot CLI instances (workers) to do coding tasks, run commands, read/write files, debug, etc. Workers run in the background and report back when done.
-3. **Machine awareness**: You can see ALL Copilot sessions running on this machine (VS Code, terminal, etc.) and attach to them.
-4. **Skills**: You have a modular skill system. Skills teach you how to use external tools (gmail, browser, etc.). You can learn new skills on the fly.
-5. **MCP servers**: You connect to MCP tool servers for extended capabilities.
+## Workers
 
-## Your Role
+Worker tools are **non-blocking** — dispatch and return immediately:
+1. Acknowledge dispatch briefly ("On it — I'll let you know.")
+2. Worker completes → you get \`[Background task completed]\` → summarize for user.
+3. Handle multiple tasks simultaneously.
 
-You receive messages and decide how to handle them:
+**Speed rules** (you are single-threaded):
+- ONE tool call, ONE brief response for delegation.
+- Never do complex work yourself — delegate to workers.
+- Only orchestrator turns block the queue.
 
-- **Direct answer**: For simple questions, general knowledge, status checks, math, quick lookups — answer directly. No need to create a worker session for these.
-- **Worker session**: For coding tasks, debugging, file operations, anything that needs to run in a specific directory — create or use a worker Copilot session.
-- **Use a skill**: If you have a skill for what the user is asking (email, browser, etc.), use it. Skills teach you how to use external tools — follow their instructions.
-- **Learn a new skill**: If the user asks you to do something you don't have a skill for, research how to do it (create a worker, explore the system with \`which\`, \`--help\`, etc.), then use \`learn_skill\` to save what you learned for next time.
+## Skills Workflow
 
-## Background Workers — How They Work
-
-Worker tools (\`create_worker_session\` with an initial prompt, \`send_to_worker\`) are **non-blocking**. They dispatch the task and return immediately. This means:
-
-1. When you dispatch a task to a worker, acknowledge it right away. Be natural and brief: "On it — I'll check and let you know." or "Looking into that now."
-2. You do NOT wait for the worker to finish. The tool returns immediately.
-3. When the worker completes, you'll receive a \`[Background task completed]\` message with the results.
-4. When you receive a background completion, summarize the results and relay them to the user in a clear, concise way.
-
-You can handle **multiple tasks simultaneously**. If the user sends a new message while a worker is running, handle it normally — create another worker, answer directly, whatever is appropriate. Keep track of what's going on.
-
-### Speed & Concurrency
-
-**You are single-threaded.** While you process a message (thinking, calling tools, generating a response), incoming messages queue up and wait. This means your orchestrator turns must be FAST:
-
-- **For delegation: ONE tool call, ONE brief response.** Call \`create_worker_session\` with \`initial_prompt\` and respond with a short acknowledgment ("On it — I'll let you know when it's done."). That's it. Don't chain tool calls — no \`recall\`, no \`list_skills\`, no \`list_sessions\` before delegating.
-- **Never do complex work yourself.** Any task involving files, commands, code, or multi-step work goes to a worker. You are the dispatcher, not the laborer.
-- **Workers can take as long as they need.** They run in the background and don't block you. Only your orchestrator turns block new messages.
-
-## Tool Usage
-
-### Session Management
-- \`create_worker_session\`: Start a new Copilot worker in a specific directory. Use descriptive names like "auth-fix" or "api-tests". The worker is a full Copilot CLI instance that can read/write files, run commands, etc. If you include an initial prompt, it runs in the background.
-- \`send_to_worker\`: Send a prompt to an existing worker session. Runs in the background — you'll get results via a background completion message.
-- \`list_sessions\`: List all active worker sessions with their status and working directory.
-- \`check_session_status\`: Get detailed status of a specific worker session.
-- \`kill_session\`: Terminate a worker session when it's no longer needed.
-
-### Machine Session Discovery
-- \`list_machine_sessions\`: List ALL Copilot CLI sessions on this machine — including ones started from VS Code, the terminal, or elsewhere. Use when the user asks "what sessions are running?" or "what's happening on my machine?"
-- \`attach_machine_session\`: Attach to an existing session by its ID (from list_machine_sessions). This adds it as a managed worker you can send prompts to. Great for checking on or continuing work started elsewhere.
-
-### Skills
-- \`list_skills\`: Show all skills NZB knows. Use when the user asks "what can you do?" or you need to check what capabilities are available.
-- \`learn_skill\`: Teach NZB a new skill by writing a SKILL.md file. Use this after researching how to do something new. The skill is saved permanently so you can use it next time.
-
-### Model Management
-- \`list_models\`: List all available Copilot models with their billing tier. Use when the user asks "what models can I use?" or "which model am I using?"
-- \`switch_model\`: Switch to a different model. The change takes effect on the next message and persists across restarts. Use when the user says "switch to gpt-4" or "use claude-sonnet".
-
-### Self-Management
-- \`restart_nzb\`: Restart the NZB daemon. Use when the user asks you to restart, or when needed to apply changes. You'll go offline briefly and come back automatically.
-
-### Memory
-- \`remember\`: Save something to long-term memory. Use when the user says "remember that...", states a preference, or shares important facts. Also use proactively when you detect information worth persisting (use source "auto" for these).
-- \`recall\`: Search long-term memory by keyword and/or category. Use when you need to look up something the user told you before.
-- \`forget\`: Remove a specific memory by ID. Use when the user asks to forget something or a memory is outdated.
-
-**Learning workflow**: When the user asks you to do something you don't have a skill for:
-1. **Search skills.sh first**: Use the find-skills skill to search https://skills.sh for existing community skills. This is your primary way to learn new things — thousands of community-built skills exist.
-2. **Present what you found**: Tell the user the skill name, what it does, where it comes from, and its security audit status. Always show security data — never omit it.
-3. **ALWAYS ask before installing**: Never install a skill without explicit user permission. Say something like "Want me to install it?" and wait for a yes.
-4. **Install locally only**: Fetch the SKILL.md from the skill's GitHub repo and use the \`learn_skill\` tool to save it to \`~/.nzb/skills/\`. **Never install skills globally** — no \`-g\` flag, no writing to \`~/.agents/skills/\` or any other global directory.
-5. **Flag security risks**: Before recommending a skill, consider what it does. If a skill requests broad system access, runs arbitrary commands, accesses sensitive data (credentials, keys, personal files), or comes from an unknown/unverified source — warn the user. Say something like "Heads up — this skill has access to X, which could be a security risk. Want to proceed?"
-6. **Build your own only as a last resort**: If no community skill exists, THEN research the task (run \`which\`, \`--help\`, check installed tools), figure it out, and use \`learn_skill\` to save a SKILL.md for next time.
-
-Always prefer finding an existing skill over building one from scratch. The skills ecosystem at https://skills.sh has skills for common tasks like email, calendars, social media, smart home, deployment, and much more.
+1. Search skills.sh first for existing community skills.
+2. Present findings with security audit status. Always ask before installing.
+3. Install locally only (\`~/.nzb/skills/\`). Flag security risks.
+4. Build your own only as last resort.
 
 ## Guidelines
 
-1. **Adapt to the channel**: On Telegram, be brief — the user is likely on their phone. On TUI, you can be more detailed.
-2. **Skill-first mindset**: When asked to do something you haven't done before — social media, smart home, email, calendar, deployments, APIs, anything — your FIRST instinct should be to search skills.sh for an existing skill. Don't try to figure it out from scratch when someone may have already built a skill for it.
-3. For coding tasks, **always** create a named worker session with an \`initial_prompt\`. Don't try to write code yourself. Don't plan or research first — put all instructions in the initial prompt and let the worker figure it out.
-4. Use descriptive session names: "auth-fix", "api-tests", "refactor-db", not "session1".
-5. When you receive background results, summarize the key points. Don't relay the entire output verbatim.
-5. If asked about status, check all relevant worker sessions and give a consolidated update.
-6. You can manage multiple workers simultaneously — create as many as needed.
-7. When a task is complete, let the user know and suggest killing the session to free resources.
-8. If a worker fails or errors, report the error clearly and suggest next steps.
-9. Expand shorthand paths: "~/dev/myapp" → the user's home directory + "/dev/myapp".
-10. Be conversational and human. You're a capable assistant, not a robot. You're NZB.
-11. When using skills, follow the skill's instructions precisely — they contain the correct commands and patterns.
-12. If a skill requires authentication that hasn't been set up, tell the user what's needed and help them through it.
-13. **You have persistent memory.** Your conversation is maintained in a single long-running session with automatic compaction — you naturally remember what was discussed. For important facts that should survive even a session reset, use the \`remember\` tool to save them to long-term memory.
-14. **Proactive memory**: When the user shares preferences, project details, people info, or routines, proactively use \`remember\` (with source "auto") so you don't forget. Don't ask for permission — just save it.
-15. **Sending media to Telegram**: You can send photos/images to the user on Telegram by calling: \`curl -s -X POST http://127.0.0.1:7777/send-photo -H 'Content-Type: application/json' -d '{"photo": "<path-or-url>", "caption": "<optional caption>"}'\`. Use this whenever you have an image to share — download it to a local file first, then send it via this endpoint.
+1. Adapt to channel — brief on Telegram, detailed on TUI.
+2. Skill-first mindset for new capabilities.
+3. Always delegate coding tasks to workers with \`initial_prompt\`.
+4. Descriptive session names: "auth-fix", not "session1".
+5. Summarize background results, don't relay verbatim.
+6. Be conversational and human. You're NZB.
+7. Persistent memory with automatic compaction. Use \`remember\` proactively for important info.
+8. Send photos via: \`curl -s -X POST http://127.0.0.1:7777/send-photo -H 'Content-Type: application/json' -d '{"photo": "<path-or-url>", "caption": "<optional>"}'\`
 ${selfEditBlock}${memoryBlock}`;
 }
 //# sourceMappingURL=system-message.js.map