@misterhuydo/sentinel 1.4.83 → 1.4.84

package/.cairn/.hint-lock

@@ -1 +1 @@
-2026-03-27T02:03:40.951Z
+2026-03-27T03:42:45.385Z

package/.cairn/session.json

@@ -1,6 +1,6 @@
 {
-  "message": "Auto-checkpoint at 2026-03-27T02:18:31.246Z",
-  "checkpoint_at": "2026-03-27T02:18:31.247Z",
+  "message": "Auto-checkpoint at 2026-03-27T03:40:21.932Z",
+  "checkpoint_at": "2026-03-27T03:40:21.934Z",
   "active_files": [],
   "notes": [],
   "mtime_snapshot": {}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@misterhuydo/sentinel",
-  "version": "1.4.83",
+  "version": "1.4.84",
   "description": "Sentinel — Autonomous DevOps Agent installer and manager",
   "bin": {
     "sentinel": "./bin/sentinel.js"

package/python/sentinel/git_manager.py

@@ -30,7 +30,7 @@ class MissingToolError(Exception):
         self.tool = tool
 
 # Files that must never be modified by Sentinel
-_PROTECTED_PATHS = {".github/", "Jenkinsfile", "pom.xml"}
+_PROTECTED_PATHS = {".github/", "Jenkinsfile"}
 
 
 def _git(args: list[str], cwd: str, env: dict | None = None, timeout: int = GIT_TIMEOUT) -> subprocess.CompletedProcess:
@@ -402,3 +402,88 @@ def _open_github_pr(
     else:
         logger.error("Failed to open PR (%s): %s", resp.status_code, resp.text[:300])
         return ""
+
+
+def poll_open_prs(store, github_token: str) -> list[dict]:
+    """
+    Check GitHub for the current state of all pending PRs in the state store.
+
+    For each pending PR:
+      - merged   → update status to 'merged'
+      - closed without merge → update status to 'skipped' (rejected by admin)
+      - still open → leave as-is
+
+    Returns a list of change dicts: {fingerprint, pr_url, new_status}
+    """
+    import re as _re
+
+    open_prs = store.get_open_prs()
+    if not open_prs:
+        return []
+
+    if not github_token:
+        logger.debug("poll_open_prs: no GITHUB_TOKEN — skipping PR status check")
+        return []
+
+    headers = {
+        "Authorization": f"Bearer {github_token}",
+        "Accept": "application/vnd.github+json",
+    }
+
+    changes = []
+    for fix in open_prs:
+        pr_url = fix.get("pr_url", "")
+        fingerprint = fix["fingerprint"]
+
+        # Extract owner/repo/number from https://github.com/<owner>/<repo>/pull/<number>
+        m = _re.search(r"github\.com/([^/]+/[^/]+)/pull/(\d+)", pr_url)
+        if not m:
+            logger.debug("poll_open_prs: cannot parse PR URL %s", pr_url)
+            continue
+
+        owner_repo = m.group(1)
+        pr_number = m.group(2)
+
+        try:
+            resp = requests.get(
+                f"https://api.github.com/repos/{owner_repo}/pulls/{pr_number}",
+                headers=headers,
+                timeout=15,
+            )
+        except Exception as e:
+            logger.warning("poll_open_prs: request failed for %s: %s", pr_url, e)
+            continue
+
+        if resp.status_code == 404:
+            logger.warning("poll_open_prs: PR not found (deleted?): %s", pr_url)
+            continue
+        if resp.status_code != 200:
+            logger.warning("poll_open_prs: unexpected %s for %s", resp.status_code, pr_url)
+            continue
+
+        data = resp.json()
+        state = data.get("state")        # "open" | "closed"
+        merged = data.get("merged", False)
+
+        if state == "open":
+            continue  # still pending
+
+        new_status = "merged" if merged else "skipped"
+
+        with store._conn() as conn:
+            conn.execute(
+                "UPDATE fixes SET status=? WHERE fingerprint=? AND status='pending'",
+                (new_status, fingerprint),
+            )
+
+        logger.info(
+            "poll_open_prs: PR #%s %s → %s (fp=%s)",
+            pr_number, owner_repo, new_status, fingerprint[:8],
+        )
+        changes.append({
+            "fingerprint": fingerprint,
+            "pr_url":      pr_url,
+            "new_status":  new_status,
+        })
+
+    return changes

package/python/sentinel/issue_watcher.py

@@ -163,3 +163,76 @@ def mark_done(issue_file: Path) -> None:
         dest = done_dir / f"{issue_file.stem}-{int(time.time())}{issue_file.suffix}"
     issue_file.rename(dest)
     logger.info("Issue archived: %s -> .done/%s", issue_file.name, dest.name)
+
+
+def cancel_issue(issues_dir: Path, keyword: str) -> dict:
+    """
+    Cancel a pending issue (not yet picked up by the poll cycle).
+
+    Searches issues/ for a file whose TARGET_REPO header matches keyword first,
+    then falls back to full-content match. Moves the file to issues/.cancelled/.
+
+    Returns {"cancelled": filename} or {"error": reason}.
+    """
+    candidates = sorted(
+        [f for f in issues_dir.iterdir() if f.is_file() and not f.name.startswith(".")],
+        key=lambda f: f.stat().st_mtime,
+        reverse=True,
+    )
+    if not candidates:
+        return {"error": "No pending issues found"}
+
+    kw = keyword.lower()
+    repo_matched = []
+    content_matched = []
+    for f in candidates:
+        try:
+            content = f.read_text(encoding="utf-8", errors="replace")
+            for line in content.splitlines():
+                if line.strip().upper().startswith("TARGET_REPO"):
+                    repo_val = line.split(":", 1)[-1].split("=", 1)[-1].strip().lower()
+                    if kw in repo_val:
+                        repo_matched.append(f)
+                        break
+            else:
+                if kw in content.lower():
+                    content_matched.append(f)
+        except OSError:
+            pass
+
+    matched = repo_matched if repo_matched else content_matched
+    if not matched:
+        return {"error": f"No pending issue matches '{keyword}' — it may already be running or finished"}
+
+    target = matched[0]
+    cancelled_dir = issues_dir / ".cancelled"
+    cancelled_dir.mkdir(exist_ok=True)
+    dest = cancelled_dir / target.name
+    if dest.exists():
+        dest = cancelled_dir / f"{target.stem}-{int(time.time())}{target.suffix}"
+    target.rename(dest)
+    logger.info("Issue cancelled: %s -> .cancelled/%s", target.name, dest.name)
+    return {"cancelled": target.name}
+
+
+def purge_old_issues(issues_dir: Path, keep_days: int = 30) -> int:
+    """
+    Delete files older than keep_days from issues/.done/ and issues/.cancelled/.
+    Returns the number of files deleted.
+    """
+    cutoff = time.time() - keep_days * 86400
+    deleted = 0
+    for subdir in (".done", ".cancelled"):
+        d = issues_dir / subdir
+        if not d.exists():
+            continue
+        for f in d.iterdir():
+            if f.is_file() and f.stat().st_mtime < cutoff:
+                try:
+                    f.unlink()
+                    deleted += 1
+                except OSError:
+                    pass
+    if deleted:
+        logger.info("Purged %d old issue archive file(s) (>%d days)", deleted, keep_days)
+    return deleted

package/python/sentinel/main.py

@@ -23,11 +23,11 @@ from pathlib import Path
 from .cairn_client import ensure_installed as cairn_installed, index_repo
 from .config_loader import ConfigLoader, SentinelConfig
 from .fix_engine import generate_fix
-from .git_manager import apply_and_commit, publish, _git_env, MissingToolError
+from .git_manager import apply_and_commit, publish, _git_env, MissingToolError, poll_open_prs
 from .cicd_trigger import trigger as cicd_trigger
 from .log_fetcher import fetch_all
 from .log_parser import parse_all, scan_all_for_markers, ErrorEvent
-from .issue_watcher import scan_issues, mark_done, IssueEvent
+from .issue_watcher import scan_issues, mark_done, purge_old_issues, IssueEvent
 from .repo_router import route
 from .reporter import build_and_send, send_fix_notification, send_failure_notification, send_confirmed_notification, send_regression_notification, send_startup_notification, send_upgrade_notification
 from .notify import notify_fix_blocked, notify_fix_applied, notify_missing_tool, notify_tool_installing, notify_cascade_started, notify_cascade_result
@@ -96,7 +96,12 @@ def _auto_install_if_safe(
         return False
 
     repo_p = Path(repo_path)
-    if not any((repo_p / bf).exists() for bf in spec["build_files"]):
+    # Search root and one level of subdirectories (e.g. frontend/yarn.lock)
+    def _build_file_exists(bf: str) -> bool:
+        if (repo_p / bf).exists():
+            return True
+        return any(sub.is_dir() and (sub / bf).exists() for sub in repo_p.iterdir())
+    if not any(_build_file_exists(bf) for bf in spec["build_files"]):
         logger.info(
             "Tool '%s' is whitelisted but no matching build file found in %s — skipping",
             tool, repo_path,
@@ -281,8 +286,9 @@ async def _handle_error(event: ErrorEvent, cfg_loader: ConfigLoader, store: Stat
 
 # ── Issue pipeline ────────────────────────────────────────────────────────────
 
-async def _handle_issue(event: IssueEvent, cfg_loader: ConfigLoader, store: StateStore):
-    """Process a single issue file from the issues/ directory."""
+async def _handle_issue(event: IssueEvent, cfg_loader: ConfigLoader, store: StateStore) -> dict | None:
+    """Process a single issue file from the issues/ directory.
+    Returns a result dict {submitter, repo_name, status, summary} or None if skipped."""
     sentinel = cfg_loader.sentinel
 
     if Path("SENTINEL_PAUSE").exists():
@@ -310,32 +316,51 @@ async def _handle_issue(event: IssueEvent, cfg_loader: ConfigLoader, store: Stat
         )
         return  # Leave the file so admin can add the header
 
+    # Post "working on" to channel so everyone can see progress.
+    from .notify import slack_alert as _slack_alert
+    _submitter = getattr(event, "submitter_user_id", "")
+    _started_msg = (
+        f":hammer: Working on *<@{_submitter}>*'s request — *{repo.repo_name}*\n"
+        f"_{event.message[:120]}_"
+    ) if _submitter else (
+        f":hammer: Working on *{repo.repo_name}*\n_{event.message[:120]}_"
+    )
+    _slack_alert(sentinel.slack_bot_token, sentinel.slack_channel, _started_msg)
+
     try:
         patches_dir = Path(sentinel.workspace_dir).resolve() / "patches"
-        status, patch_path, marker = generate_fix(event, repo, sentinel, patches_dir, store)
+        _loop = asyncio.get_event_loop()
+
+        # Run blocking subprocess work in thread executor so Boss stays responsive
+        status, patch_path, marker = await _loop.run_in_executor(
+            None, generate_fix, event, repo, sentinel, patches_dir, store
+        )
+
+        submitter_uid = getattr(event, "submitter_user_id", "")
 
         if status != "patch" or patch_path is None:
             store.record_fix(event.fingerprint, "skipped" if status in ("skip", "needs_human") else "failed",
                              repo_name=repo.repo_name)
-            # For user-submitted issues: always notify (person is waiting)
-            submitter_uid = getattr(event, "submitter_user_id", "")
             reason_text = marker if status == "needs_human" else f"Claude Code returned {status.upper()}"
             notify_fix_blocked(sentinel, event.source, event.message,
                                reason=reason_text, repo_name=repo.repo_name,
                                submitter_user_id=submitter_uid)
             mark_done(event.issue_file)
-            return
+            return {"submitter": submitter_uid, "repo_name": repo.repo_name,
+                    "status": "blocked", "summary": reason_text[:120], "pr_url": ""}
 
-        commit_status, commit_hash = apply_and_commit(event, patch_path, repo, sentinel)
+        commit_status, commit_hash = await _loop.run_in_executor(
+            None, apply_and_commit, event, patch_path, repo, sentinel
+        )
         if commit_status != "committed":
             store.record_fix(event.fingerprint, "failed", repo_name=repo.repo_name)
-            submitter_uid = getattr(event, "submitter_user_id", "")
             notify_fix_blocked(sentinel, event.source, event.message,
                                reason="Patch was generated but commit/tests failed",
                                repo_name=repo.repo_name,
                                submitter_user_id=submitter_uid)
             mark_done(event.issue_file)
-            return
+            return {"submitter": submitter_uid, "repo_name": repo.repo_name,
+                    "status": "blocked", "summary": "Commit/tests failed", "pr_url": ""}
 
         branch, pr_url = publish(event, repo, sentinel, commit_hash)
         store.record_fix(
@@ -362,7 +387,6 @@ async def _handle_issue(event: IssueEvent, cfg_loader: ConfigLoader, store: Stat
             "auto_publish": repo.auto_publish,
             "files_changed": [],
         })
-        submitter_uid = getattr(event, "submitter_user_id", "")
         notify_fix_applied(sentinel, event.source, event.message,
                            repo_name=repo.repo_name, branch=branch, pr_url=pr_url,
                            submitter_user_id=submitter_uid)
@@ -373,30 +397,41 @@ async def _handle_issue(event: IssueEvent, cfg_loader: ConfigLoader, store: Stat
             if ok and repo.cicd_type.lower() in ("jenkins_release", "jenkins-release"):
                 _run_cascade(repo, sentinel, cfg_loader)
 
+        return {"submitter": submitter_uid, "repo_name": repo.repo_name,
+                "status": "done", "summary": event.message[:120], "pr_url": pr_url}
+
     except MissingToolError as e:
         logger.warning("Missing tool for %s: %s", event.source, e)
         submitter_uid = getattr(event, "submitter_user_id", "")
-        if not _auto_install_if_safe(e.tool, repo.local_path, sentinel, repo.repo_name, event.source):
+        installed = await _loop.run_in_executor(
+            None, _auto_install_if_safe, e.tool, repo.local_path, sentinel, repo.repo_name, event.source
+        )
+        if not installed:
             notify_missing_tool(sentinel, e.tool, repo.repo_name, event.source, submitter_uid)
             store.record_fix(event.fingerprint, "failed", repo_name=repo.repo_name)
             mark_done(event.issue_file)
-            return
+            return {"submitter": submitter_uid, "repo_name": repo.repo_name,
+                    "status": "blocked", "summary": f"Missing tool: {e.tool}", "pr_url": ""}
         # Tool installed — retry apply_and_commit once
         try:
-            commit_status, commit_hash = apply_and_commit(event, patch_path, repo, sentinel)
+            commit_status, commit_hash = await _loop.run_in_executor(
+                None, apply_and_commit, event, patch_path, repo, sentinel
+            )
         except MissingToolError as e2:
             logger.error("Still missing tool after auto-install: %s", e2)
             notify_missing_tool(sentinel, e2.tool, repo.repo_name, event.source, submitter_uid)
             store.record_fix(event.fingerprint, "failed", repo_name=repo.repo_name)
             mark_done(event.issue_file)
-            return
+            return {"submitter": submitter_uid, "repo_name": repo.repo_name,
+                    "status": "blocked", "summary": f"Missing tool: {e2.tool}", "pr_url": ""}
         if commit_status != "committed":
             store.record_fix(event.fingerprint, "failed", repo_name=repo.repo_name)
             notify_fix_blocked(sentinel, event.source, event.message,
                                reason="Patch was generated but commit/tests failed after tool install",
                                repo_name=repo.repo_name, submitter_user_id=submitter_uid)
             mark_done(event.issue_file)
-            return
+            return {"submitter": submitter_uid, "repo_name": repo.repo_name,
+                    "status": "blocked", "summary": "Commit/tests failed after tool install", "pr_url": ""}
         branch, pr_url = publish(event, repo, sentinel, commit_hash)
         store.record_fix(
             event.fingerprint,
@@ -420,11 +455,16 @@ async def _handle_issue(event: IssueEvent, cfg_loader: ConfigLoader, store: Stat
             ok = cicd_trigger(repo, store, event.fingerprint)
             if ok and repo.cicd_type.lower() in ("jenkins_release", "jenkins-release"):
                 _run_cascade(repo, sentinel, cfg_loader)
+        return {"submitter": submitter_uid, "repo_name": repo.repo_name,
+                "status": "done", "summary": event.message[:120], "pr_url": pr_url}
 
     except Exception:
         logger.exception("Unexpected error processing issue %s — archiving to prevent retry loop", event.source)
         store.record_fix(event.fingerprint, "failed", repo_name=repo.repo_name)
         mark_done(event.issue_file)
+        return {"submitter": getattr(event, "submitter_user_id", ""),
+                "repo_name": repo.repo_name if repo else event.target_repo,
+                "status": "blocked", "summary": "Unexpected error — check logs", "pr_url": ""}
 
 
 async def poll_cycle(cfg_loader: ConfigLoader, store: StateStore):
@@ -483,14 +523,51 @@ async def poll_cycle(cfg_loader: ConfigLoader, store: StateStore):
                         quiet_hours, fix["fingerprint"], fix.get("repo_name"))
             send_confirmed_notification(cfg_loader.sentinel, confirmed)
 
+    # ── PR status sync — detect merges/rejections done via GitHub UI ─────────
+    pr_changes = poll_open_prs(store, cfg_loader.sentinel.github_token)
+    for ch in pr_changes:
+        if ch["new_status"] == "merged":
+            logger.info("PR merged externally: %s (fp=%s)", ch["pr_url"], ch["fingerprint"][:8])
+        elif ch["new_status"] == "skipped":
+            logger.info("PR closed/rejected: %s (fp=%s) — will not retry for 24h",
+                        ch["pr_url"], ch["fingerprint"][:8])
+
     # ── Issues directory (always checked) ────────────────────────────────────
+    purge_old_issues(Path(".") / "issues")
     issues = scan_issues(Path("."))
     if issues:
         logger.info("%d issue file(s) found in issues/", len(issues))
-        await asyncio.gather(
+        issue_results = await asyncio.gather(
             *[_handle_issue(e, cfg_loader, store) for e in issues],
             return_exceptions=True,
         )
+        # Send one DM per submitter summarising everything that just ran
+        from collections import defaultdict
+        from .notify import slack_dm as _slack_dm
+        by_submitter: dict[str, list] = defaultdict(list)
+        for r in issue_results:
+            if isinstance(r, dict) and r.get("submitter"):
+                by_submitter[r["submitter"]].append(r)
+        for uid, results in by_submitter.items():
+            done  = [r for r in results if r["status"] == "done"]
+            blocked = [r for r in results if r["status"] == "blocked"]
+            lines = []
+            for r in done:
+                pr = f" — <{r['pr_url']}|PR>" if r.get("pr_url") else ""
+                lines.append(f":white_check_mark: *{r['repo_name']}*{pr}")
+            for r in blocked:
+                lines.append(f":x: *{r['repo_name']}* — {r['summary']}")
+            if done and blocked:
+                header = f":sentinel: *All done — {len(done)} succeeded, {len(blocked)} need attention:*"
+            elif blocked:
+                header = f":sentinel: *All done — {len(blocked)} need attention:*"
+            else:
+                header = f":sentinel: *All done — {len(done)} completed successfully:*"
+            _slack_dm(
+                cfg_loader.sentinel.slack_bot_token,
+                uid,
+                f"{header}\n" + "\n".join(lines),
+            )
 
 
     # -- Health URL checks -------------------------------------------------------

package/python/sentinel/notify.py

@@ -204,17 +204,11 @@ def notify_fix_blocked(
         f"*Reason:*\n{short_reason}"
     )
 
+    # Post to channel — mention submitter if known, otherwise broadcast
     if submitter_user_id:
-        if getattr(cfg, "slack_dm_submitter", True):
-            slack_dm(cfg.slack_bot_token, submitter_user_id, slack_text)
         slack_alert(cfg.slack_bot_token, cfg.slack_channel, f"<@{submitter_user_id}> {slack_text}")
     else:
-        # No known submitter — broadcast to the whole channel
-        slack_alert(
-            cfg.slack_bot_token,
-            cfg.slack_channel,
-            f"<!channel> {slack_text}",
-        )
+        slack_alert(cfg.slack_bot_token, cfg.slack_channel, f"<!channel> {slack_text}")
 
     # Always email admins
     try:
@@ -257,18 +251,24 @@ def notify_missing_tool(
     Notify admins that a build tool is missing on this server.
     Prompts them to ask Boss to install it.
     """
+    _INSTALL_STEPS = {
+        "yarn":   "1. SSH into the server\n2. Run: `npm install -g yarn`\n3. Verify: `yarn --version`",
+        "node":   "1. SSH into the server\n2. Run: `curl -fsSL https://rpm.nodesource.com/setup_22.x | sudo bash -`\n3. Run: `sudo yum install -y nodejs`\n4. Verify: `node --version`",
+        "npm":    "1. SSH into the server\n2. Run: `sudo yum install -y nodejs npm` (or `apt-get install -y nodejs npm`)\n3. Verify: `npm --version`",
+        "mvn":    "1. SSH into the server\n2. Run: `sudo yum install -y maven` (or `apt-get install -y maven`)\n3. Verify: `mvn --version`",
+        "gradle": "1. SSH into the server\n2. Run: `sudo yum install -y gradle` (or `apt-get install -y gradle`)\n3. Verify: `gradle --version`",
+        "make":   "1. SSH into the server\n2. Run: `sudo yum install -y make` (or `apt-get install -y make`)\n3. Verify: `make --version`",
+    }
+    steps = _INSTALL_STEPS.get(tool, f"1. SSH into the server\n2. Install `{tool}` using your system package manager\n3. Verify it runs with `{tool} --version`")
     repo_line = f" for *{repo_name}*" if repo_name else ""
     slack_text = (
         f":wrench: *Build tool missing{repo_line}*\n"
-        f"*Source:* {source}\n"
-        f"The fix was generated but tests couldn't run because `{tool}` is not installed on this server.\n\n"
-        f"Ask me to install it:\n"
-        f"> @Sentinel install {tool}\n\n"
-        f"Once installed, re-raise the issue to apply the fix."
+        f"*Missing:* `{tool}`\n"
+        f"The fix was generated but couldn't run because `{tool}` is not installed on this server.\n\n"
+        f"*How to fix:*\n{steps}\n\n"
+        f"Then tell me: `retry {repo_name or source}`"
     )
     if submitter_user_id:
-        if getattr(cfg, "slack_dm_submitter", True):
-            slack_dm(cfg.slack_bot_token, submitter_user_id, slack_text)
         slack_alert(cfg.slack_bot_token, cfg.slack_channel, f"<@{submitter_user_id}> {slack_text}")
     else:
         slack_alert(cfg.slack_bot_token, cfg.slack_channel, f"<!channel> {slack_text}")
@@ -301,13 +301,9 @@ def notify_fix_applied(
         + (f"{action_line}\n" if action_line else "")
     ).rstrip()
 
-    if submitter_user_id:
-        if getattr(cfg, "slack_dm_submitter", True):
-            slack_dm(cfg.slack_bot_token, submitter_user_id, slack_text)
-        channel_text = f"<@{submitter_user_id}> {slack_text}"
-        slack_alert(cfg.slack_bot_token, cfg.slack_channel, channel_text)
-    else:
-        slack_alert(cfg.slack_bot_token, cfg.slack_channel, slack_text)
+    # Post to channel — mention submitter if known
+    channel_text = f"<@{submitter_user_id}> {slack_text}" if submitter_user_id else slack_text
+    slack_alert(cfg.slack_bot_token, cfg.slack_channel, channel_text)
 
 
 def notify_cascade_started(

package/python/sentinel/sentinel_boss.py

@@ -226,6 +226,7 @@ reply with a grouped summary like this:
 *Issues & fix management*
 • `create_issue` — deliver a fix/task to this project
 • `retry_issue` — re-queue a failed or skipped fix
+• `cancel_issue` — cancel a pending issue before Sentinel picks it up
 • `get_fix_details` — full details of a specific fix
 • `trigger_poll` — run a log-fetch + fix cycle right now
 
@@ -425,7 +426,7 @@ When to act vs. when to ask:
   list_recent_commits) → call immediately without asking permission. Never say "Want me to check?" —
   just check and report results. If you think it's worth doing, do it.
 - Write/action tools (create_issue, trigger_poll, pull_repo, pause_sentinel, install_tool, merge_pr,
-  retry_issue, post_file) → act immediately for clear commands; confirm only when intent is ambiguous
+  retry_issue, cancel_issue, post_file) → act immediately for clear commands; confirm only when intent is ambiguous
   (e.g. unclear which project or repo to target).
 - Explaining a tool ("what does X do?") → explain naturally, then offer to run it if relevant.
 - NEVER gate investigation on user approval. If diagnosing a problem, run all relevant read tools
@@ -493,7 +494,7 @@ Sentinel is a 24/7 autonomous agent. Act on clear signals without asking permiss
 
 Autonomous action policy — Sentinel acts, humans review outcomes:
 - Read/investigate tools → always act immediately, no confirmation needed.
-- create_issue, retry_issue, trigger_poll, install_tool, pull_repo → act immediately when
+- create_issue, retry_issue, cancel_issue, trigger_poll, install_tool, pull_repo → act immediately when
   intent is clear. Only pause for genuinely ambiguous target (unknown project/repo).
 - merge_pr → confirm once: "Merging PR #N for <repo> to <branch> — confirm?" Then act.
 - pause_sentinel → confirm once (halts all monitoring).
@@ -664,6 +665,29 @@ _TOOLS = [
             "required": ["project"],
         },
     },
+    {
+        "name": "cancel_issue",
+        "description": (
+            "Cancel a pending issue that is still waiting in the queue (not yet picked up). "
+            "Moves the file to issues/.cancelled/ so Sentinel never processes it. "
+            "If the issue is already running it cannot be cancelled — it will block naturally. "
+            "Use when the user says: 'stop', 'cancel that', 'don't process X', 'cancel the TypeLib retry'."
+        ),
+        "input_schema": {
+            "type": "object",
+            "properties": {
+                "project": {
+                    "type": "string",
+                    "description": "Project short name (e.g. '1881'). Required.",
+                },
+                "keyword": {
+                    "type": "string",
+                    "description": "Keyword to match the pending issue (repo name, error keyword, etc.)",
+                },
+            },
+            "required": ["project", "keyword"],
+        },
+    },
     {
         "name": "list_pending_prs",
         "description": "List all open Sentinel PRs awaiting admin review.",
@@ -1718,30 +1742,45 @@ async def _run_tool(name: str, inputs: dict, cfg_loader, store, slack_client=Non
         if len(project_dirs) > 1 and project_arg:
             return json.dumps({"error": f"Ambiguous project '{project_arg}' — matches: {[_read_project_name(d) for d in project_dirs]}"})
 
-        project_dir  = project_dirs[0]
-        done_dir     = project_dir / "issues" / ".done"
-        if not done_dir.exists():
+        project_dir    = project_dirs[0]
+        issues_base    = project_dir / "issues"
+        # Scan both .done/ and .cancelled/ so users can un-cancel by mistake
+        archive_dirs   = [issues_base / d for d in (".done", ".cancelled") if (issues_base / d).exists()]
+        if not archive_dirs:
             return json.dumps({"error": "No archived issues found — issues/.done/ does not exist"})
 
-        # Find all archived issue files, newest first
+        # Find all archived issue files across both dirs, newest first
         candidates = sorted(
-            [f for f in done_dir.iterdir() if f.is_file() and not f.name.startswith(".")],
+            [f for d in archive_dirs for f in d.iterdir() if f.is_file() and not f.name.startswith(".")],
             key=lambda f: f.stat().st_mtime,
             reverse=True,
         )
         if not candidates:
-            return json.dumps({"error": "No archived issues found in issues/.done/"})
+            return json.dumps({"error": "No archived issues found in issues/.done/ or issues/.cancelled/"})
 
         # Filter by keyword if provided
         if keyword:
-            matched = []
+            # Priority 1: TARGET_REPO header matches keyword (exact repo name match)
+            repo_matched = []
+            # Priority 2: full content contains keyword
+            content_matched = []
             for f in candidates:
                 try:
                     content = f.read_text(encoding="utf-8", errors="replace")
-                    if keyword in content.lower():
-                        matched.append(f)
+                    content_lower = content.lower()
+                    # Check if TARGET_REPO line matches (e.g. "TARGET_REPO=1881-SSOLoginWebApp")
+                    for line in content.splitlines():
+                        if line.strip().upper().startswith("TARGET_REPO="):
+                            repo_val = line.split("=", 1)[1].strip().lower()
+                            if keyword in repo_val:
+                                repo_matched.append(f)
+                                break
+                    else:
+                        if keyword in content_lower:
+                            content_matched.append(f)
                 except OSError:
                     pass
+            matched = repo_matched if repo_matched else content_matched
             if not matched:
                 return json.dumps({"error": f"No archived issues match keyword '{keyword}'"})
             candidates = matched
@@ -1767,6 +1806,67 @@ async def _run_tool(name: str, inputs: dict, cfg_loader, store, slack_client=Non
         })
 
 
+    if name == "cancel_issue":
+        import re as _re
+        project_arg = inputs.get("project", "").strip()
+        keyword     = inputs.get("keyword", "").strip()
+
+        project_dirs = _find_project_dirs(project_arg) if project_arg else _find_project_dirs()
+        if not project_dirs:
+            return json.dumps({"error": f"No project found matching '{project_arg}'"})
+        if len(project_dirs) > 1 and project_arg:
+            return json.dumps({"error": f"Ambiguous project '{project_arg}' — matches: {[_read_project_name(d) for d in project_dirs]}"})
+
+        project_dir = project_dirs[0]
+        issues_dir  = project_dir / "issues"
+        if not issues_dir.exists():
+            return json.dumps({"error": "No issues/ directory found for this project"})
+
+        from .issue_watcher import cancel_issue as _cancel_issue
+        result = _cancel_issue(issues_dir, keyword)
+        if "error" in result:
+            return json.dumps(result)
+
+        # Option B: owner can cancel their own; admins can cancel anyone's;
+        # system issues (no submitter) are admin-only.
+        cancelled_file = (issues_dir / ".cancelled" / result["cancelled"])
+        submitter_uid = ""
+        if cancelled_file.exists():
+            for line in cancelled_file.read_text(encoding="utf-8", errors="replace").splitlines():
+                if line.strip().upper().startswith("SUBMITTED_BY:"):
+                    m = _re.search(r"\((\w+)\)", line)
+                    if m:
+                        submitter_uid = m.group(1)
+                    break
+
+        if submitter_uid:
+            if user_id != submitter_uid and not is_admin:
+                # Undo: move file back to issues/
+                import shutil as _shutil
+                _shutil.move(str(cancelled_file), str(issues_dir / result["cancelled"]))
+                return json.dumps({
+                    "error": (
+                        f"Permission denied — this issue was submitted by <@{submitter_uid}>. "
+                        f"Only they or an admin can cancel it."
+                    )
+                })
+        else:
+            # No submitter = system-generated issue, admin only
+            if not is_admin:
+                import shutil as _shutil
+                _shutil.move(str(cancelled_file), str(issues_dir / result["cancelled"]))
+                return json.dumps({"error": "This issue was not submitted via Slack — only admins can cancel it."})
+
+        project_label = _read_project_name(project_dir.resolve())
+        logger.info("Boss cancel_issue: cancelled '%s' for %s by user %s", result["cancelled"], project_label, user_id)
+        return json.dumps({
+            "status":    "cancelled",
+            "project":   project_label,
+            "file":      result["cancelled"],
+            "note":      "Moved to issues/.cancelled/ — Sentinel will not process it.",
+        })
+
+
     if name == "get_fix_details":
         fp  = inputs["fingerprint"]
         fix = store.get_confirmed_fix(fp) or store.get_marker_seen_fix(fp)