@link-assistant/hive-mind 1.78.9 → 1.78.10

package/CHANGELOG.md

@@ -1,5 +1,62 @@
 # @link-assistant/hive-mind
 
+## 1.78.10
+
+### Patch Changes
+
+- 02faadb: fix(auto-merge): stop `/merge` from hanging forever on fork PRs with external-only `success` checks (#1918)
+
+  The `/merge` auto-merge watch loop could spin on the same commit indefinitely
+  (observed 73 minutes, 72 identical iterations, before a human killed it). It
+  happened on a **fork pull request** whose only repo workflows trigger on `push`
+  (which never fires for fork commits in the base repo) while an external app
+  (CodeRabbit) reported CI status `success` with **0 workflow runs** for the head
+  SHA.
+
+  Root cause: the watch loop reset its consecutive "no workflow runs" safety-valve
+  counter (`consecutiveNoRunsChecks`) on every iteration whenever
+  `ciStatus.status !== 'no_checks'`. Because external-only checks make the status
+  `'success'`, the counter was pinned at `1` and never reached
+  `MAX_NO_RUNS_CHECKS`, so the valve that should have ended the wait never fired —
+  the loop logged `check 1/5` forever.
+
+  Fix: `getMergeBlockers()` now returns a `noWorkflowRunsForCommit` flag that is
+  true while it is still waiting for PR-triggered workflow runs to register, and a
+  new pure helper `shouldResetNoRunsCounter(ciStatus, noWorkflowRunsForCommit)`
+  only resets the counter when CI is **not** in that waiting state. The counter
+  now climbs `1 → 2 → … → 5`, trips the safety valve in a few minutes, and `/merge`
+  proceeds. The #1503 behaviors (reset on new push / on genuine CI runs) are
+  preserved and regression-guarded.
+
+  Added `tests/test-merge-stuck-no-workflow-runs-1918.mjs` and a full case study
+  with timeline, root-cause analysis, and the captured logs under
+  `docs/case-studies/issue-1918`.
+
+- 9e00f14: fix(telegram): never re-execute a forwarded command (`/task`, `/stop`, `/tokens`, `/log`, `/terminal_watch`) (#1922)
+
+  Forwarding a message that starts with a bot command (for example the bot's own
+  `/task <url>` reply, or any `/task https://github.com/owner/repo`) caused the
+  Telegram bot to execute the command again — creating a brand-new GitHub issue or
+  spawning a session the user never intended. `/task` and `/split` only checked
+  `isOldMessage` and never rejected forwarded messages, unlike `/help`, `/solve`,
+  `/hive`, `/merge`, etc.
+
+  Root cause: the existing `isForwardedOrReply` filter rejects _both_ forwards and
+  replies, so commands that use the reply feature (`/task` issue creation, `/solve`
+  URL extraction, targeted `/stop`) could not use it without breaking replies — and
+  were therefore left without any forwarded check at all.
+
+  Fix: a new dedicated `isForwarded(ctx)` filter detects _only_ forwarded messages
+  (new `forward_origin` API + legacy `forward_*` fields) and intentionally ignores
+  replies. It is now applied to every command that previously lacked a forwarded
+  guard — `/task`, `/split`, `/stop` (including targeted `/stop <uuid>`), `/tokens`,
+  `/log`, `/terminal_watch`/`/watch` — and `/solve` was refactored to reuse it
+  instead of its ad-hoc inline check. Genuine user replies keep working.
+
+  Added unit tests for `isForwarded` and for forwarded `/task`/`/split` rejection,
+  plus a full case study with timeline and per-command audit under
+  `docs/case-studies/issue-1922`.
+
 ## 1.78.9
 
 ### Patch Changes

package/README.hi.md

@@ -45,7 +45,7 @@ Hive Mind एक **सामान्यवादी AI** (मिनी-AGI) ह
 
 Hive Mind में औसत प्रोग्रामर से अलग न पहचानी जा सकने वाली उच्च रचनात्मकता है। यदि आवश्यकताएँ अस्पष्ट हों तो यह प्रश्न पूछता है, और आप PR टिप्पणियों के माध्यम से चलते-चलते स्पष्ट कर सकते हैं।
 
-विस्तृत विशेषताओं और तुलनाओं के लिए, [docs/FEATURES.hi.md](./docs/FEATURES.hi.md) और [docs/COMPARISON.hi.md](./docs/COMPARISON.hi.md) देखें।
+प्रोजेक्ट के दृष्टिकोण और उदाहरण उपयोगकर्ता यात्राओं के लिए, [docs/VISION.hi.md](./docs/VISION.hi.md) देखें। विस्तृत विशेषताओं और तुलनाओं के लिए, [docs/FEATURES.hi.md](./docs/FEATURES.hi.md) और [docs/COMPARISON.hi.md](./docs/COMPARISON.hi.md) देखें।
 
 ## ⚠️ चेतावनी
 

package/README.md

@@ -45,7 +45,7 @@ Both tools can be combined in the same hive. Workers can run different tools in
 
 Hive Mind has high creativity indistinguishable from average programmers. It asks questions if requirements are unclear, and you can clarify on the go via PR comments.
 
-For detailed features and comparisons, see [docs/FEATURES.md](./docs/FEATURES.md) and [docs/COMPARISON.md](./docs/COMPARISON.md).
+For the project's vision and example user journeys, see [docs/VISION.md](./docs/VISION.md). For detailed features and comparisons, see [docs/FEATURES.md](./docs/FEATURES.md) and [docs/COMPARISON.md](./docs/COMPARISON.md).
 
 ## ⚠️ WARNING
 

package/README.ru.md

@@ -45,7 +45,7 @@ Hive Mind — это **универсальный ИИ** (мини-AGI), спо
 
 Hive Mind обладает высоким уровнем творчества, неотличимым от среднего программиста. Он задаёт вопросы, если требования неясны, и вы можете уточнять их на ходу через комментарии к PR.
 
-Подробные возможности и сравнения см. в [docs/FEATURES.ru.md](./docs/FEATURES.ru.md) и [docs/COMPARISON.ru.md](./docs/COMPARISON.ru.md).
+Видение проекта и примеры пользовательских сценариев см. в [docs/VISION.ru.md](./docs/VISION.ru.md). Подробные возможности и сравнения см. в [docs/FEATURES.ru.md](./docs/FEATURES.ru.md) и [docs/COMPARISON.ru.md](./docs/COMPARISON.ru.md).
 
 ## ⚠️ ПРЕДУПРЕЖДЕНИЕ
 

package/README.zh.md

@@ -45,7 +45,7 @@ Hive Mind 是一款**通用 AI**（迷你 AGI），能够处理广泛的任务
 
 Hive Mind 具备与普通程序员无异的高度创造力。当需求不明确时，它会主动提问，您也可以随时通过 PR 评论进行说明补充。
 
-详细功能和对比信息，请参见 [docs/FEATURES.zh.md](./docs/FEATURES.zh.md) 和 [docs/COMPARISON.zh.md](./docs/COMPARISON.zh.md)。
+关于项目的愿景和示例用户旅程，请参见 [docs/VISION.zh.md](./docs/VISION.zh.md)。详细功能和对比信息，请参见 [docs/FEATURES.zh.md](./docs/FEATURES.zh.md) 和 [docs/COMPARISON.zh.md](./docs/COMPARISON.zh.md)。
 
 ## ⚠️ 警告
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@link-assistant/hive-mind",
-  "version": "1.78.9",
+  "version": "1.78.10",
   "description": "AI-powered issue solver and hive mind for collaborative problem solving",
   "main": "src/hive.mjs",
   "type": "module",

package/src/solve.auto-merge-helpers.lib.mjs

@@ -421,9 +421,53 @@ export const trackAuthenticatedUserCommentsSince = async (owner, repo, prNumber,
  * - billing_limit: Billing/spending limit reached → stop (private) or wait (public)
  * - no_checks: No CI checks yet (race condition) → wait
  */
+/**
+ * Issue #1918: Decide whether the consecutive "no workflow runs" counter should be
+ * reset after a getMergeBlockers() result.
+ *
+ * The counter (`consecutiveNoRunsChecks` in the watch loop) is a safety valve: after
+ * MAX_NO_RUNS_CHECKS consecutive checks where a repo's PR-triggered workflows produced
+ * 0 workflow runs, /merge stops waiting and trusts the available signal (external
+ * checks / mergeability). For that valve to ever fire, the counter must keep
+ * incrementing across watch-loop iterations for the same commit.
+ *
+ * The previous logic reset the counter whenever `ciStatus.status !== 'no_checks'`.
+ * That is wrong when `status === 'success'` comes from EXTERNAL checks only (e.g.
+ * CodeRabbit) while the repo's own PR-triggered workflows have 0 runs — for example a
+ * fork PR whose only workflow triggers on `push`, which never fires for fork commits in
+ * the base repo. In that case getMergeBlockers keeps emitting the "no workflow runs"
+ * wait, but the caller reset the counter to 0 every iteration, pinning it at "check
+ * 1/5" forever — an infinite watch loop that hung for over an hour (Issue #1918).
+ *
+ * Fix: keep the counter whenever getMergeBlockers signals it is still inside the
+ * no-workflow-runs wait (`noWorkflowRunsForCommit === true`), regardless of ciStatus.
+ *
+ * @param {{status?: string}|null|undefined} ciStatus - Detailed CI status object.
+ * @param {boolean} [noWorkflowRunsForCommit=false] - True when getMergeBlockers is still
+ *   waiting for PR-triggered workflow runs to register for the current commit.
+ * @returns {boolean} true if `consecutiveNoRunsChecks` should be reset to 0.
+ */
+export const shouldResetNoRunsCounter = (ciStatus, noWorkflowRunsForCommit = false) => {
+  // Still inside the no-workflow-runs safety-valve wait — the counter MUST keep
+  // climbing toward MAX_NO_RUNS_CHECKS, so do not reset it.
+  if (noWorkflowRunsForCommit) {
+    return false;
+  }
+  // Genuine CI checks exist (pending/success/failure backed by workflow runs) — the
+  // "no runs" counter is irrelevant and should be reset.
+  return Boolean(ciStatus && ciStatus.status !== 'no_checks');
+};
+
 export const getMergeBlockers = async (owner, repo, prNumber, verbose = false, checkCount = 1, prBranchRef = null) => {
   const blockers = [];
 
+  // Issue #1918: Tracks whether we are still waiting for PR-triggered workflow runs to
+  // register for the current commit (0 runs observed). When true, the caller must NOT
+  // reset its consecutive-no-runs counter, otherwise the MAX_NO_RUNS_CHECKS safety valve
+  // never fires and /merge loops forever (e.g. fork PR + push-only workflow + a passing
+  // external check reporting status 'success').
+  let noWorkflowRunsForCommit = false;
+
   // Use detailed CI status to distinguish between all possible states
   const ciStatus = await getDetailedCIStatus(owner, repo, prNumber, verbose);
 
@@ -630,6 +674,8 @@ export const getMergeBlockers = async (owner, repo, prNumber, verbose = false, c
             if (verbose) {
               await log(formatAligned('⏳', 'Waiting for CI:', `No workflow runs for SHA ${ciStatus.sha.substring(0, 7)}, but workflows have PR/push triggers (${prTriggers.workflows.map(w => w.name).join(', ')}) — check ${checkCount}/${MAX_NO_RUNS_CHECKS}, commit age: ${commitInfo.ageSeconds ?? 'unknown'}s`, 2));
             }
+            // Issue #1918: Still waiting for workflow runs to register — keep the counter.
+            noWorkflowRunsForCommit = true;
             blockers.push({
               type: 'ci_pending',
               message: `CI/CD workflow runs have not appeared yet — workflows have PR/push triggers (${prTriggers.workflows.map(w => w.name).join(', ')}), waiting for GitHub to register workflow runs (check ${checkCount}/${MAX_NO_RUNS_CHECKS})`,
@@ -640,6 +686,8 @@ export const getMergeBlockers = async (owner, repo, prNumber, verbose = false, c
             if (verbose) {
               await log(`[VERBOSE] /merge: No PR/push triggers found in workflow files, but commit is only ${commitInfo.ageSeconds}s old — waiting to be safe`);
             }
+            // Issue #1918: Still inside the grace-period wait for workflow runs — keep the counter.
+            noWorkflowRunsForCommit = true;
             blockers.push({
               type: 'ci_pending',
               message: `CI/CD workflow runs have not appeared yet — commit is ${commitInfo.ageSeconds}s old, waiting for GitHub to register workflow runs (grace period: ${WORKFLOW_RUN_GRACE_PERIOD_SECONDS}s)`,
@@ -717,6 +765,9 @@ export const getMergeBlockers = async (owner, repo, prNumber, verbose = false, c
             if (verbose) {
               await log(`[VERBOSE] /merge: PR #${prNumber} CI status is 'success' (${ciStatus.passedChecks.length} external checks), but repo has PR-triggered workflows with 0 workflow runs — likely race condition (check ${checkCount}/${MAX_NO_RUNS_CHECKS})`);
             }
+            // Issue #1918: Keep the caller's no-runs counter climbing so the safety valve
+            // can fire — otherwise a 'success' from external-only checks resets it forever.
+            noWorkflowRunsForCommit = true;
             // Wait for GitHub Actions to register workflow runs
             blockers.push({
               type: 'ci_pending',
@@ -839,11 +890,12 @@ export const getMergeBlockers = async (owner, repo, prNumber, verbose = false, c
     });
   }
 
-  return { blockers, ciStatus, noCiConfigured: false, noCiTriggered: false };
+  return { blockers, ciStatus, noCiConfigured: false, noCiTriggered: false, noWorkflowRunsForCommit };
 };
 
 export default {
   checkForExistingComment,
   checkForNonBotComments,
   getMergeBlockers,
+  shouldResetNoRunsCounter,
 };

package/src/solve.auto-merge.lib.mjs

@@ -54,7 +54,7 @@ import { limitReset } from './config.lib.mjs';
 
 // Import helper functions extracted for file size management (Issue #1593)
 const autoMergeHelpers = await import('./solve.auto-merge-helpers.lib.mjs');
-const { checkForExistingComment, checkForNonBotComments, getMergeBlockers, trackAuthenticatedUserCommentsSince, nextMonotonicCheckTime } = autoMergeHelpers;
+const { checkForExistingComment, checkForNonBotComments, getMergeBlockers, shouldResetNoRunsCounter, trackAuthenticatedUserCommentsSince, nextMonotonicCheckTime } = autoMergeHelpers;
 
 // Issue #1769: cancelled/stale CI re-run failures need a human action stop, not polling forever.
 const cancelledCiRerunLib = await import('./cancelled-ci-rerun.lib.mjs');
@@ -203,10 +203,15 @@ export const watchUntilMergeable = async params => {
       consecutiveNoRunsChecks++;
 
       // Get merge blockers
-      const { blockers, noCiConfigured, noCiTriggered, workflowRunConclusions, ciStatus } = await getMergeBlockers(owner, repo, prNumber, argv.verbose, consecutiveNoRunsChecks, prBranch);
-
-      // Issue #1503: Reset counter when CI checks exist (safety valve only for consecutive "no runs")
-      if (ciStatus && ciStatus.status !== 'no_checks') {
+      const { blockers, noCiConfigured, noCiTriggered, workflowRunConclusions, ciStatus, noWorkflowRunsForCommit } = await getMergeBlockers(owner, repo, prNumber, argv.verbose, consecutiveNoRunsChecks, prBranch);
+
+      // Issue #1503/#1918: Reset counter when CI checks exist (safety valve only for
+      // consecutive "no runs"). Issue #1918: do NOT reset while getMergeBlockers is still
+      // waiting for PR-triggered workflow runs to register (noWorkflowRunsForCommit). A
+      // 'success' status from external-only checks (e.g. CodeRabbit) on a fork PR whose
+      // workflow only triggers on `push` previously reset the counter every iteration,
+      // pinning it at "check 1/5" forever and hanging /merge for over an hour.
+      if (shouldResetNoRunsCounter(ciStatus, noWorkflowRunsForCommit)) {
         // CI checks exist (pending, success, failure, etc.) — the "no runs" counter is irrelevant
         consecutiveNoRunsChecks = 0;
       } else if (noCiConfigured || noCiTriggered) {

package/src/telegram-bot.mjs

@@ -40,7 +40,7 @@ const { getSolveQueue, createQueueExecuteCallback } = await import('./telegram-s
 const { applySolveToolAlias, getFirstParsedPositionalArg, getSolveCommandNameFromText, getSolveToolAliasFromText, moveArgumentToFront, parseArgsWithYargs, parseCommandArgs, SOLVE_COMMAND_NAMES } = await import('./telegram-solve-command.lib.mjs');
 const { executeStartScreen: executeStartScreenCommand, buildExecuteAndUpdateMessage } = await import('./telegram-command-execution.lib.mjs');
 const { isChatStopped, getChatStopInfo, getStoppedChatRejectMessage, DEFAULT_STOP_REASON } = await import('./telegram-start-stop-command.lib.mjs');
-const { isOldMessage: _isOldMessage, isGroupChat: _isGroupChat, isChatAuthorized: _isChatAuthorized, isForwardedOrReply: _isForwardedOrReply, extractCommandFromText, extractGitHubUrl: _extractGitHubUrl } = await import('./telegram-message-filters.lib.mjs');
+const { isOldMessage: _isOldMessage, isGroupChat: _isGroupChat, isChatAuthorized: _isChatAuthorized, isForwarded: _isForwarded, isForwardedOrReply: _isForwardedOrReply, extractCommandFromText, extractGitHubUrl: _extractGitHubUrl } = await import('./telegram-message-filters.lib.mjs');
 const { installTelegramFormattingFallback, isTelegramFormattingError, isTelegramMessageTooLongError, safeEditMessageText, safeReply, TELEGRAM_TEXT_LIMIT } = await import('./telegram-safe-reply.lib.mjs');
 const { registerTerminalWatchCommand, startAutoTerminalWatchForSession } = await import('./telegram-terminal-watch-command.lib.mjs');
 const { launchBotWithRetry } = await import('./telegram-bot-launcher.lib.mjs');
@@ -369,6 +369,13 @@ function isForwardedOrReply(ctx) {
   return _isForwardedOrReply(ctx, { verbose: VERBOSE });
 }
 
+// Forwarded-only check (issue #1922). Commands that support the reply feature
+// (e.g. /task, /solve) must still reject forwarded commands without rejecting
+// genuine user replies, so they use this instead of isForwardedOrReply.
+function isForwarded(ctx) {
+  return _isForwarded(ctx, { verbose: VERBOSE });
+}
+
 /**
  * Validates the model name in the args array and returns an error message if invalid
  * @param {string[]} args - Array of command arguments
@@ -613,7 +620,7 @@ const { registerLanguageCommand } = await import('./telegram-language-command.li
 registerLanguageCommand(bot, { VERBOSE, isOldMessage, isForwardedOrReply });
 
 const { registerAcceptInvitesCommand } = await import('./telegram-accept-invitations.lib.mjs');
-const sharedCommandOpts = { VERBOSE, isOldMessage, isForwardedOrReply, isGroupChat: _isGroupChat, isChatAuthorized, isTopicAuthorized, buildAuthErrorMessage, addBreadcrumb, isChatStopped, getStoppedChatRejectMessage };
+const sharedCommandOpts = { VERBOSE, isOldMessage, isForwarded, isForwardedOrReply, isGroupChat: _isGroupChat, isChatAuthorized, isTopicAuthorized, buildAuthErrorMessage, addBreadcrumb, isChatStopped, getStoppedChatRejectMessage };
 registerAcceptInvitesCommand(bot, sharedCommandOpts);
 const { registerMergeCommand } = await import('./telegram-merge-command.lib.mjs');
 registerMergeCommand(bot, sharedCommandOpts);
@@ -663,12 +670,9 @@ async function handleSolveCommand(ctx) {
   }
 
   // Check if this is a forwarded message (not allowed)
-  // But allow reply messages for URL extraction feature
+  // But allow reply messages for URL extraction feature (issue #1922)
   const message = ctx.message;
-  const isForwarded = message.forward_origin && message.forward_origin.type;
-  const isOldApiForwarded = message.forward_from || message.forward_from_chat || message.forward_from_message_id || message.forward_signature || message.forward_sender_name || message.forward_date;
-
-  if (isForwarded || isOldApiForwarded) {
+  if (isForwarded(ctx)) {
     if (VERBOSE) {
       console.log(`[VERBOSE] ${solveCommandDisplay} ignored: forwarded message`);
     }

package/src/telegram-log-command.lib.mjs

@@ -154,7 +154,7 @@ async function fileSize(filePath) {
  * @param {Function} [options.parseGitHubUrl] - Override for tests
  */
 export async function registerLogCommand(bot, options) {
-  const { VERBOSE = false, isOldMessage, isChatAuthorized, isTopicAuthorized, buildAuthErrorMessage } = options;
+  const { VERBOSE = false, isOldMessage, isForwarded, isChatAuthorized, isTopicAuthorized, buildAuthErrorMessage } = options;
   const querySessionStatus = options.querySessionStatus || (await import('./isolation-runner.lib.mjs')).querySessionStatus;
   const getTrackedSessionInfo = options.getTrackedSessionInfo || (await import('./session-monitor.lib.mjs')).getTrackedSessionInfo;
   const detectRepositoryVisibility = options.detectRepositoryVisibility || (await import('./github.lib.mjs')).detectRepositoryVisibility;
@@ -167,6 +167,11 @@ export async function registerLogCommand(bot, options) {
       VERBOSE && console.log('[VERBOSE] /log ignored: old message');
       return;
     }
+    // Issue #1922: never re-execute a forwarded command.
+    if (isForwarded && isForwarded(ctx)) {
+      VERBOSE && console.log('[VERBOSE] /log ignored: forwarded message');
+      return;
+    }
 
     const chat = ctx.chat;
     const message = ctx.message;

package/src/telegram-message-filters.lib.mjs

@@ -57,31 +57,35 @@ export function isChatAuthorized(chatId, allowedChats) {
 }
 
 /**
- * Check if a message is forwarded or a reply to another user's message.
+ * Check if a message is a forwarded message.
  *
- * This function distinguishes between:
- * 1. Forwarded messages (should be ignored)
- * 2. User replies to other messages (should be ignored, except for /solve reply feature)
- * 3. Forum topic messages (should NOT be ignored - they have reply_to_message pointing
- *    to the topic's first message with forum_topic_created)
- * 4. Normal messages (should NOT be ignored)
+ * Unlike {@link isForwardedOrReply}, this function ONLY detects forwarded
+ * messages and intentionally ignores replies. It exists so command handlers
+ * that rely on the reply feature (e.g. `/task` issue creation, `/solve` URL
+ * extraction) can still reject forwarded commands — which must never be
+ * executed again — while continuing to accept genuine user replies.
+ *
+ * A forwarded command is dangerous because forwarding the bot's own response
+ * (or any message that starts with `/task`, `/solve`, ...) would otherwise
+ * trigger a brand-new execution that the user never intended.
  *
  * @param {Object} ctx - Telegraf context object
  * @param {Object} [options] - Options
  * @param {boolean} [options.verbose] - Enable verbose logging
- * @returns {boolean} true if message is forwarded or a reply (and should be filtered)
+ * @returns {boolean} true if message is forwarded (and should be filtered)
+ * @see https://github.com/link-assistant/hive-mind/issues/1922
  */
-export function isForwardedOrReply(ctx, options = {}) {
+export function isForwarded(ctx, options = {}) {
   const message = ctx.message;
   if (!message) {
     if (options.verbose) {
-      console.log('[VERBOSE] isForwardedOrReply: No message object');
+      console.log('[VERBOSE] isForwarded: No message object');
     }
     return false;
   }
 
   if (options.verbose) {
-    console.log('[VERBOSE] isForwardedOrReply: Checking message fields...');
+    console.log('[VERBOSE] isForwarded: Checking forwarding fields...');
     console.log('[VERBOSE]   message.forward_origin:', JSON.stringify(message.forward_origin));
     console.log('[VERBOSE]   message.forward_origin?.type:', message.forward_origin?.type);
     console.log('[VERBOSE]   message.forward_from:', JSON.stringify(message.forward_from));
@@ -90,8 +94,6 @@ export function isForwardedOrReply(ctx, options = {}) {
     console.log('[VERBOSE]   message.forward_signature:', message.forward_signature);
     console.log('[VERBOSE]   message.forward_sender_name:', message.forward_sender_name);
     console.log('[VERBOSE]   message.forward_date:', message.forward_date);
-    console.log('[VERBOSE]   message.reply_to_message:', JSON.stringify(message.reply_to_message));
-    console.log('[VERBOSE]   message.reply_to_message?.message_id:', message.reply_to_message?.message_id);
   }
 
   // Check if message is forwarded (has forward_origin field with actual content)
@@ -99,15 +101,57 @@ export function isForwardedOrReply(ctx, options = {}) {
   // which are truthy in JavaScript but don't indicate a forwarded message
   if (message.forward_origin && message.forward_origin.type) {
     if (options.verbose) {
-      console.log('[VERBOSE] isForwardedOrReply: TRUE - forward_origin.type exists:', message.forward_origin.type);
+      console.log('[VERBOSE] isForwarded: TRUE - forward_origin.type exists:', message.forward_origin.type);
     }
     return true;
   }
   // Also check old forwarding API fields for backward compatibility
   if (message.forward_from || message.forward_from_chat || message.forward_from_message_id || message.forward_signature || message.forward_sender_name || message.forward_date) {
     if (options.verbose) {
-      console.log('[VERBOSE] isForwardedOrReply: TRUE - old forwarding API field detected');
+      console.log('[VERBOSE] isForwarded: TRUE - old forwarding API field detected');
+    }
+    return true;
+  }
+
+  if (options.verbose) {
+    console.log('[VERBOSE] isForwarded: FALSE - no forwarding detected');
+  }
+  return false;
+}
+
+/**
+ * Check if a message is forwarded or a reply to another user's message.
+ *
+ * This function distinguishes between:
+ * 1. Forwarded messages (should be ignored)
+ * 2. User replies to other messages (should be ignored, except for /solve reply feature)
+ * 3. Forum topic messages (should NOT be ignored - they have reply_to_message pointing
+ *    to the topic's first message with forum_topic_created)
+ * 4. Normal messages (should NOT be ignored)
+ *
+ * @param {Object} ctx - Telegraf context object
+ * @param {Object} [options] - Options
+ * @param {boolean} [options.verbose] - Enable verbose logging
+ * @returns {boolean} true if message is forwarded or a reply (and should be filtered)
+ */
+export function isForwardedOrReply(ctx, options = {}) {
+  const message = ctx.message;
+  if (!message) {
+    if (options.verbose) {
+      console.log('[VERBOSE] isForwardedOrReply: No message object');
     }
+    return false;
+  }
+
+  if (options.verbose) {
+    console.log('[VERBOSE] isForwardedOrReply: Checking message fields...');
+    console.log('[VERBOSE]   message.reply_to_message:', JSON.stringify(message.reply_to_message));
+    console.log('[VERBOSE]   message.reply_to_message?.message_id:', message.reply_to_message?.message_id);
+  }
+
+  // Forwarded messages are handled by the shared isForwarded() filter so the
+  // forwarding detection logic lives in exactly one place (issue #1922).
+  if (isForwarded(ctx, options)) {
     return true;
   }
   // Check if message is a reply (has reply_to_message field with actual content)

package/src/telegram-start-stop-command.lib.mjs

@@ -270,7 +270,7 @@ export function isStopTargetRequester({ userId, queueItem = null, sessionInfo =
  *   See https://github.com/link-assistant/hive-mind/issues/1871.
  */
 export function registerStartStopCommands(bot, options) {
-  const { VERBOSE = false, isOldMessage, isForwardedOrReply, isGroupChat, isChatAuthorized, isTopicAuthorized, buildAuthErrorMessage, getSolveQueue } = options;
+  const { VERBOSE = false, isOldMessage, isForwarded, isForwardedOrReply, isGroupChat, isChatAuthorized, isTopicAuthorized, buildAuthErrorMessage, getSolveQueue } = options;
   const stopIsolatedSessionImpl = options.stopIsolatedSession || (async (...args) => (await import('./isolation-runner.lib.mjs')).stopIsolatedSession(...args));
   // Issue #1783: look the UUID up in the session monitor so /stop can let the
   // user who started the task stop it (mirrors /terminal_watch from PR #1779).
@@ -529,6 +529,13 @@ export function registerStartStopCommands(bot, options) {
       VERBOSE && console.log('[VERBOSE] /stop ignored: old message');
       return;
     }
+    // Issue #1922: a forwarded /stop (even a targeted `/stop <uuid>`) must never
+    // be re-executed. Replies are still allowed because the targeted modes use
+    // them on purpose (#524, #1780), so we use the forwarded-only filter here.
+    if (isForwarded && isForwarded(ctx)) {
+      VERBOSE && console.log('[VERBOSE] /stop ignored: forwarded message');
+      return;
+    }
 
     // Detect UUID/URL targets BEFORE the forwarded/reply rejection used by
     // the chat-level stop, because both targeted modes are intentionally

package/src/telegram-task-command.lib.mjs

@@ -95,7 +95,7 @@ function injectLanguageIfMissing(args, locale) {
 }
 
 export function registerTaskCommands(bot, options) {
-  const { VERBOSE, taskEnabled, addBreadcrumb, isOldMessage, isGroupChat, isTopicAuthorized, buildAuthErrorMessage, isChatStopped, getStoppedChatRejectMessage, safeReply, executeAndUpdateMessage, createTaskIssue: createTaskIssueFn = createTaskIssue, resolveLocale = null } = options;
+  const { VERBOSE, taskEnabled, addBreadcrumb, isOldMessage, isForwarded, isGroupChat, isTopicAuthorized, buildAuthErrorMessage, isChatStopped, getStoppedChatRejectMessage, safeReply, executeAndUpdateMessage, createTaskIssue: createTaskIssueFn = createTaskIssue, resolveLocale = null } = options;
 
   async function handleTaskCommand(ctx) {
     const commandName = getTaskCommandNameFromText(ctx.message?.text) || 'task';
@@ -114,6 +114,13 @@ export function registerTaskCommands(bot, options) {
       return;
     }
     if (isOldMessage(ctx)) return;
+    // Issue #1922: a forwarded /task command must never be re-executed. Replies
+    // are still allowed because /task uses them for issue creation, so we use the
+    // forwarded-only filter instead of isForwardedOrReply.
+    if (isForwarded && isForwarded(ctx)) {
+      VERBOSE && console.log(`[VERBOSE] ${commandDisplay} ignored: forwarded message`);
+      return;
+    }
     if (!isGroupChat(ctx)) {
       await ctx.reply(`❌ The ${commandDisplay} command only works in group chats. Please add this bot to a group and make it an admin.`, { reply_to_message_id: ctx.message.message_id });
       return;

package/src/telegram-terminal-watch-command.lib.mjs

@@ -307,7 +307,7 @@ export async function startAutoTerminalWatchForSession({ bot, ctx, sessionId, se
 }
 
 export async function registerTerminalWatchCommand(bot, options) {
-  const { VERBOSE = false, isOldMessage, isChatAuthorized, isTopicAuthorized, buildAuthErrorMessage } = options;
+  const { VERBOSE = false, isOldMessage, isForwarded, isChatAuthorized, isTopicAuthorized, buildAuthErrorMessage } = options;
   const runner = !options.querySessionStatus || !options.isTerminalSessionStatus ? await import('./isolation-runner.lib.mjs') : null;
   const querySessionStatus = options.querySessionStatus || runner.querySessionStatus;
   const isTerminalSessionStatus = options.isTerminalSessionStatus || runner.isTerminalSessionStatus;
@@ -318,6 +318,11 @@ export async function registerTerminalWatchCommand(bot, options) {
   const handleTerminalWatchCommand = async ctx => {
     VERBOSE && console.log('[VERBOSE] /terminal_watch command received');
     if (isOldMessage && isOldMessage(ctx)) return;
+    // Issue #1922: never re-execute a forwarded command.
+    if (isForwarded && isForwarded(ctx)) {
+      VERBOSE && console.log('[VERBOSE] /terminal_watch ignored: forwarded message');
+      return;
+    }
 
     const chat = ctx.chat;
     const message = ctx.message;

package/src/telegram-tokens-command.lib.mjs

@@ -90,7 +90,7 @@ export const formatTokenList = tokens => {
  * @param {Function} [options.fetchTokens] — test override for getAllKnownLocalTokens
  */
 export const registerTokensCommand = (bot, options = {}) => {
-  const { VERBOSE = false, isOldMessage, allowedChats } = options;
+  const { VERBOSE = false, isOldMessage, isForwarded, allowedChats } = options;
   const fetchTokens = options.fetchTokens || getAllKnownLocalTokens;
 
   bot.command('tokens', async ctx => {
@@ -98,6 +98,11 @@ export const registerTokensCommand = (bot, options = {}) => {
       VERBOSE && console.log('[VERBOSE] /tokens ignored: old message');
       return;
     }
+    // Issue #1922: never re-execute a forwarded command.
+    if (isForwarded && isForwarded(ctx)) {
+      VERBOSE && console.log('[VERBOSE] /tokens ignored: forwarded message');
+      return;
+    }
 
     const chat = ctx.chat;
     if (!chat || !ctx.from) return;