@misterhuydo/sentinel 1.4.90 → 1.4.92

package/.cairn/.hint-lock

@@ -1 +1 @@
-2026-03-27T08:23:02.070Z
+2026-03-27T13:47:13.440Z

package/.cairn/session.json

@@ -1,6 +1,6 @@
 {
-  "message": "Auto-checkpoint at 2026-03-27T08:30:46.754Z",
-  "checkpoint_at": "2026-03-27T08:30:46.755Z",
+  "message": "Auto-checkpoint at 2026-03-27T13:53:02.113Z",
+  "checkpoint_at": "2026-03-27T13:53:02.114Z",
   "active_files": [],
   "notes": [],
   "mtime_snapshot": {}

package/lib/.cairn/views/fb78ac_upgrade.js

@@ -62,7 +62,7 @@ module.exports = async function upgrade() {
   const { version: installed } = require(path.join(npmRootEarly, '@misterhuydo', 'sentinel', 'package.json'));
   if (installed !== current) {
     ok(`Upgraded: ${current} → ${installed} — re-running with new version...`);
-    const newBin = path.join(path.dirname(npmRootEarly), 'bin', 'sentinel');
+    const newBin = path.join(npmRootEarly, '..', '..', 'bin', 'sentinel');
     const r = spawnSync(newBin, ['upgrade'], { stdio: 'inherit' });
     process.exit(r.status || 0);
   }

package/lib/add.js

@@ -616,34 +616,22 @@ async function addFromGit(gitUrl, workspace) {
     generateWorkspaceScripts(workspace, {}, {}, {}, effectiveToken);
   }
 
-  // Write private Slack tokens to slack.properties (gitignored) + set PRIVATE_SLACK=true
+  // Write private tokens to private_sentinel.properties (gitignored — never committed)
   if (projectSlackBotToken || projectSlackAppToken) {
-    // Write slack.properties (never committed — tokens stay off git)
-    const slackProps = path.join(projectDir, 'slack.properties');
-    const lines = ['# Private Slack tokens for this project — DO NOT COMMIT'];
+    const privateProps = path.join(projectDir, 'private_sentinel.properties');
+    const lines = ['# Private credentials for this project — DO NOT COMMIT'];
     if (projectSlackBotToken) lines.push(`SLACK_BOT_TOKEN=${projectSlackBotToken}`);
     if (projectSlackAppToken) lines.push(`SLACK_APP_TOKEN=${projectSlackAppToken}`);
-    fs.writeFileSync(slackProps, lines.join('\n') + '\n');
-    ok('Private Slack tokens → slack.properties (local only)');
+    fs.writeFileSync(privateProps, lines.join('\n') + '\n');
+    ok('Private tokens → private_sentinel.properties (local only)');
 
-    // Ensure slack.properties is gitignored
+    // Ensure private_sentinel.properties is gitignored
     const gitignore = path.join(projectDir, '.gitignore');
-    const ignoreEntry = 'slack.properties';
+    const ignoreEntry = 'private_sentinel.properties';
     const existing = fs.existsSync(gitignore) ? fs.readFileSync(gitignore, 'utf8') : '';
     if (!existing.includes(ignoreEntry)) {
       fs.writeFileSync(gitignore, existing.trimEnd() + `\n${ignoreEntry}\n`);
-      ok('.gitignore updated — slack.properties will not be committed');
-    }
-
-    // Set PRIVATE_SLACK=true in config/sentinel.properties
-    const projProps = path.join(projectDir, 'config', 'sentinel.properties');
-    if (fs.existsSync(projProps)) {
-      let props = fs.readFileSync(projProps, 'utf8');
-      props = /^#?\s*PRIVATE_SLACK\s*=/m.test(props)
-        ? props.replace(/^#?\s*PRIVATE_SLACK\s*=.*/m, 'PRIVATE_SLACK=true')
-        : props.trimEnd() + '\nPRIVATE_SLACK=true\n';
-      fs.writeFileSync(projProps, props);
-      ok('PRIVATE_SLACK=true set in config/sentinel.properties');
+      ok('.gitignore updated — private_sentinel.properties will not be committed');
     }
   }
 

package/lib/generate.js

@@ -312,6 +312,12 @@ for project_dir in "$WORKSPACE"/*/; do
 done
 echo "[sentinel] $stopped project(s) stopped"
 `, { mode: 0o755 });
+  // watchdog.sh - restarts any project that has stopped unexpectedly.
+  // Auto-installed as a cron job by `sentinel upgrade`.
+  fs.writeFileSync(path.join(workspace, 'watchdog.sh'),
+    "#!/usr/bin/env bash\n# Sentinel watchdog - auto-restart any project that has stopped unexpectedly.\n# Runs every minute via cron. Safe to run manually at any time.\nWORKSPACE=\"$(cd \"$(dirname \"$0\")\" && pwd)\"\nNON_PROJECT=\"code repos logs issues workspace\"\nfor project_dir in \"$WORKSPACE\"/*/; do\n  [[ -d \"$project_dir\" ]] || continue\n  name=$(basename \"$project_dir\")\n  echo \" $NON_PROJECT \" | grep -qw \"$name\" && continue\n  [[ -f \"$project_dir/start.sh\" ]] || continue\n  [[ -f \"$project_dir/config/sentinel.properties\" ]] || continue\n  PID_FILE=\"$project_dir/sentinel.pid\"\n  if [[ -f \"$PID_FILE\" ]] && kill -0 \"$(cat \"$PID_FILE\")\" 2>/dev/null; then\n    continue  # running fine\n  fi\n  echo \"[watchdog] $(date -u +%Y-%m-%dT%H:%M:%SZ) $name is down - restarting\"\n  bash \"$project_dir/start.sh\"\ndone\n",
+    { mode: 0o755 });
 }
-
+
+
 module.exports = { writeExampleProject, generateProjectScripts, generateWorkspaceScripts };

package/lib/upgrade.js

@@ -146,13 +146,51 @@ module.exports = async function upgrade() {
     warn('Could not regenerate project scripts: ' + e.message);
   }
 
+  // Install watchdog cron job if not already present
+  const watchdog = path.join(defaultWorkspace, 'watchdog.sh');
+  const logsDir  = path.join(defaultWorkspace, 'logs');
+  if (fs.existsSync(watchdog)) {
+    info('Installing watchdog cron job...');
+    try {
+      const existing = execSync('crontab -l 2>/dev/null || true', { encoding: 'utf8' });
+      if (existing.includes('watchdog.sh')) {
+        ok('Watchdog cron job already installed');
+      } else {
+        const cronLine = `* * * * * ${watchdog} >> ${logsDir}/watchdog.log 2>&1`;
+        const newCron = existing.trimEnd() + '\n' + cronLine + '\n';
+        execSync(`echo ${JSON.stringify(newCron)} | crontab -`);
+        ok('Watchdog cron job installed (runs every minute)');
+      }
+    } catch (e) {
+      warn('Could not install watchdog cron: ' + e.message);
+    }
+  }
+
   const startAll = path.join(defaultWorkspace, 'startAll.sh');
   const stopAll  = path.join(defaultWorkspace, 'stopAll.sh');
   if (fs.existsSync(stopAll) && fs.existsSync(startAll)) {
     info('Restarting Sentinel...');
     spawnSync('bash', [stopAll], { stdio: 'inherit' });
     spawnSync('bash', [startAll], { stdio: 'inherit' });
-    ok('Sentinel restarted');
+    // Verify restart succeeded — give processes 4 seconds to write PID files
+    execSync('sleep 4 || true');
+    let allUp = true;
+    try {
+      const entries = fs.readdirSync(defaultWorkspace, { withFileTypes: true });
+      const NON = new Set(['logs', 'code', 'repos', 'workspace', 'issues']);
+      for (const e of entries) {
+        if (!e.isDirectory() || e.name.startsWith('.') || NON.has(e.name)) continue;
+        const pidFile = path.join(defaultWorkspace, e.name, 'sentinel.pid');
+        if (!fs.existsSync(path.join(defaultWorkspace, e.name, 'config', 'sentinel.properties'))) continue;
+        if (!fs.existsSync(pidFile)) { allUp = false; continue; }
+        const pid = fs.readFileSync(pidFile, 'utf8').trim();
+        try { execSync(`kill -0 ${pid}`); } catch (_) {
+          warn(`${e.name} may have crashed after restart — watchdog will recover it within 1 minute`);
+          allUp = false;
+        }
+      }
+    } catch (_) {}
+    if (allUp) ok('Sentinel restarted');
   } else {
     warn('No startAll.sh found — restart manually');
   }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@misterhuydo/sentinel",
-  "version": "1.4.90",
+  "version": "1.4.92",
   "description": "Sentinel — Autonomous DevOps Agent installer and manager",
   "bin": {
     "sentinel": "./bin/sentinel.js"

package/python/sentinel/config_loader.py

@@ -76,7 +76,6 @@ class SentinelConfig:
     sync_max_file_mb: int = 200      # truncate synced log files exceeding this size (MB)
     boss_mode: str = "standard"      # standard | strict | fun
     sentinel_dev_repo_path: str = "" # path to Sentinel source repo for Dev Claude
-    sentinel_dev_auto_publish: bool = False  # if True, auto-publish + upgrade after version bump
 
 
 @dataclass
@@ -153,14 +152,20 @@ class ConfigLoader:
             project_d = _parse_properties(str(path))
             d.update({k: v for k, v in project_d.items() if v})
 
-        # If PRIVATE_SLACK=true, load Slack tokens from <projectDir>/slack.properties
-        # (gitignored — tokens never live in the config repo).
-        if d.get("PRIVATE_SLACK", "").lower() == "true":
+        # Load private_sentinel.properties if present (gitignored — tokens never in config repo).
+        # Supports any secret key: SLACK_BOT_TOKEN, SLACK_APP_TOKEN, GITHUB_TOKEN, etc.
+        # Falls back to legacy slack.properties (PRIVATE_SLACK=true) for existing installs.
+        _private = self.config_dir.parent / "private_sentinel.properties"
+        if _private.exists():
+            _pd = _parse_properties(str(_private))
+            d.update({k: v for k, v in _pd.items() if v})
+            logger.debug("Loaded private config from %s", _private)
+        elif d.get("PRIVATE_SLACK", "").lower() == "true":
             slack_props = self.config_dir.parent / "slack.properties"
             if slack_props.exists():
                 slack_d = _parse_properties(str(slack_props))
                 d.update({k: v for k, v in slack_d.items() if v})
-                logger.debug("Loaded private Slack config from %s", slack_props)
+                logger.debug("Loaded private config from %s (legacy)", slack_props)
             else:
                 logger.warning("PRIVATE_SLACK=true but %s not found — run `sentinel add` to create it", slack_props)
 
@@ -209,7 +214,6 @@ class ConfigLoader:
         raw_mode = d.get("BOSS_MODE", "standard").lower().strip()
         c.boss_mode = raw_mode if raw_mode in ("standard", "strict", "fun") else "standard"
         c.sentinel_dev_repo_path = d.get("SENTINEL_DEV_REPO_PATH", "")
-        c.sentinel_dev_auto_publish = d.get("SENTINEL_DEV_AUTO_PUBLISH", "false").lower() == "true"
         self.sentinel = c
 
     def _load_log_sources(self):

package/python/sentinel/dev_watcher.py

@@ -14,6 +14,7 @@ File format:
     SOURCE: boss|fix_engine/BOSS_ESCALATE|self_repair|manual
     SOURCE_FINGERPRINT: <8-char error fingerprint>   # optional
     SUBMITTED_AT: 2026-03-27T10:00:00+00:00
+    NOTIFY: U1234567,U7654321                        # optional extra users to ping on completion
 
     Task description — what to implement, fix, or improve in Sentinel.
 """
@@ -30,7 +31,7 @@ import re
 
 logger = logging.getLogger(__name__)
 
-_META_PREFIXES = ("TYPE:", "SUBMITTED_BY:", "SOURCE:", "SOURCE_FINGERPRINT:", "SUBMITTED_AT:")
+_META_PREFIXES = ("TYPE:", "SUBMITTED_BY:", "SOURCE:", "SOURCE_FINGERPRINT:", "SUBMITTED_AT:", "NOTIFY:")
 
 
 @dataclass
@@ -44,6 +45,7 @@ class DevTask:
     timestamp: str = ""
     submitter_user_id: str = ""
     source_fingerprint: str = ""  # error fingerprint if from BOSS_ESCALATE
+    notify_user_ids: list = field(default_factory=list)  # extra users to ping on completion
 
     def __post_init__(self):
         if not self.fingerprint:
@@ -89,6 +91,7 @@ def scan_dev_tasks(project_dir: Path) -> list[DevTask]:
         task_type = "feature"
         source_fingerprint = ""
         submitter_user_id = ""
+        notify_user_ids: list = []
         body_start = 0
 
         for i, line in enumerate(lines):
@@ -106,6 +109,10 @@ def scan_dev_tasks(project_dir: Path) -> list[DevTask]:
             elif upper.startswith("SOURCE_FINGERPRINT:"):
                 source_fingerprint = stripped[19:].strip()
                 body_start = i + 1
+            elif upper.startswith("NOTIFY:"):
+                raw_ids = stripped[7:].strip()
+                notify_user_ids = [u.strip() for u in raw_ids.split(",") if u.strip()]
+                body_start = i + 1
             elif any(upper.startswith(p) for p in _META_PREFIXES) or not stripped:
                 body_start = i + 1
             else:
@@ -122,6 +129,7 @@ def scan_dev_tasks(project_dir: Path) -> list[DevTask]:
             task_type=task_type,
             submitter_user_id=submitter_user_id,
             source_fingerprint=source_fingerprint,
+            notify_user_ids=notify_user_ids,
         ))
         logger.info("Found dev task: %s (type=%s)", f.name, task_type)
 

package/python/sentinel/fix_engine.py

@@ -129,7 +129,7 @@ def _build_prompt(event, repo: RepoConfig, log_file, marker: str, stale_markers:
         "8. If the fix requires changing Sentinel's own source code (the monitoring/fix agent",
         "   itself, not the application being monitored) — output exactly:",
         "   BOSS_ESCALATE: <description of what needs to change in Sentinel>",
-        "   This escalates to the Sentinel Dev Claude agent who will implement it.",
+        "   This escalates to Patch, the Sentinel dev agent, who will implement it.",
     ]
     return "\n".join(lines_out)
 

package/python/sentinel/main.py

@@ -925,12 +925,12 @@ async def _sync_loop(cfg_loader: ConfigLoader):
         await asyncio.sleep(cfg_loader.sentinel.sync_interval_seconds)
 
 
-# ── Dev Claude agent (Sentinel self-improvement) ─────────────────────────────
+# ── Patch agent (Sentinel self-improvement) ──────────────────────────────────
 
 
 def _boss_qualify_dev_reason(raw: str, sentinel) -> str:
     """
-    Boss-qualify a raw Dev Claude reason string (from NEEDS_HUMAN: or SKIP:).
+    Boss-qualify a raw Patch reason string (from NEEDS_HUMAN: or SKIP:).
 
     Passes the raw text through the Boss LLM to produce a clean, concise,
     user-friendly explanation — so users never see verbose Claude output
@@ -949,14 +949,14 @@ def _boss_qualify_dev_reason(raw: str, sentinel) -> str:
             max_tokens=200,
             system=(
                 "You are Sentinel Boss, a DevOps agent assistant. "
-                "A child Dev Claude agent produced the following explanation for why it "
+                "Patch (an autonomous dev agent) produced the following explanation for why it "
                 "could not complete a task. Rewrite it as a clear, concise (1-3 sentences), "
                 "user-friendly message suitable for a Slack channel. "
                 "Be direct and specific. Do not pad with pleasantries. "
-                "Do not start with 'I' or 'The Dev Claude'. "
+                "Do not start with 'I' or mention 'Patch' by name. "
                 "Output only the qualified message, nothing else."
             ),
-            messages=[{"role": "user", "content": f"Dev Claude said:\n{raw[:1000]}"}],
+            messages=[{"role": "user", "content": f"Patch said:\n{raw[:1000]}"}],
         )
         qualified = _resp.content[0].text.strip() if _resp.content else raw[:280]
         return qualified[:400]
@@ -966,7 +966,7 @@ def _boss_qualify_dev_reason(raw: str, sentinel) -> str:
 
 
 async def _handle_dev_task(task, cfg_loader: ConfigLoader, store: StateStore):
-    """Execute a single dev task via Dev Claude, post progress to Slack."""
+    """Execute a single dev task via Patch, post progress to Slack."""
     from .sentinel_dev import run_dev_task
     from .dev_watcher import mark_dev_done
     from .notify import slack_alert as _slack_alert, slack_thread_reply as _slack_reply
@@ -974,9 +974,9 @@ async def _handle_dev_task(task, cfg_loader: ConfigLoader, store: StateStore):
     sentinel = cfg_loader.sentinel
     _submitter = task.submitter_user_id
     _started_msg = (
-        f":brain: Dev Claude working on *<@{_submitter}>*'s request\n_{task.message[:120]}_"
+        f":wrench: Patch working on *<@{_submitter}>*'s request\n_{task.message[:120]}_"
     ) if _submitter else (
-        f":brain: Dev Claude working on dev task\n_{task.message[:120]}_"
+        f":wrench: Patch working on dev task\n_{task.message[:120]}_"
     )
     _thread_ts = _slack_alert(sentinel.slack_bot_token, sentinel.slack_channel, _started_msg)
 
@@ -989,49 +989,52 @@ async def _handle_dev_task(task, cfg_loader: ConfigLoader, store: StateStore):
             None, run_dev_task, task, sentinel, store, _progress
         )
     except Exception:
-        logger.exception("Dev agent: unexpected error on task %s", task.fingerprint[:8])
-        _progress(":x: Dev Claude hit an unexpected error — check logs")
+        logger.exception("Patch: unexpected error on task %s", task.fingerprint[:8])
+        _progress(":x: Patch hit an unexpected error — check logs")
         mark_dev_done(task.task_file)
         return
 
     mark_dev_done(task.task_file)
 
-    mention = f"<@{task.submitter_user_id}> " if task.submitter_user_id else ""
-
-    if status == "published":
-        _slack_alert(
-            sentinel.slack_bot_token, sentinel.slack_channel,
-            f"{mention}:rocket: *Dev Claude published* `v{detail}` — upgrading Sentinel...",
+    # Build mention string: submitter + any extra notify users
+    _notify_ids = list(task.notify_user_ids or [])
+    if task.submitter_user_id:
+        mentions = f"<@{task.submitter_user_id}> " + " ".join(
+            f"<@{u}>" for u in _notify_ids if u != task.submitter_user_id
         )
-    elif status == "done":
-        ver = f" (`v{detail}`)" if detail else ""
+        mentions = mentions.strip() + " "
+    else:
+        mentions = " ".join(f"<@{u}>" for u in _notify_ids)
+        mentions = (mentions + " ") if mentions else ""
+
+    if status == "done":
         _slack_alert(
             sentinel.slack_bot_token, sentinel.slack_channel,
-            f"{mention}:white_check_mark: *Dev Claude finished*{ver} — changes committed to Sentinel source.",
+            f"{mentions}:white_check_mark: *Patch finished* — changes committed to Sentinel source.",
         )
     elif status == "needs_human":
-        # Boss qualifies the raw Dev Claude explanation before surfacing to users
+        # Boss qualifies the raw Patch explanation before surfacing to users
         qualified = _boss_qualify_dev_reason(detail, sentinel)
         _slack_alert(
             sentinel.slack_bot_token, sentinel.slack_channel,
-            f"{mention}:warning: *Dev task needs human input*\n{qualified}",
+            f"{mentions}:warning: *Dev task needs human input*\n{qualified}",
         )
     elif status == "skip":
         qualified = _boss_qualify_dev_reason(detail, sentinel)
         _slack_alert(
             sentinel.slack_bot_token, sentinel.slack_channel,
-            f"{mention}:fast_forward: *Dev task skipped* — {qualified}",
+            f"{mentions}:fast_forward: *Dev task skipped* — {qualified}",
         )
     else:
         _slack_alert(
             sentinel.slack_bot_token, sentinel.slack_channel,
-            f"{mention}:x: *Dev Claude error* on task `{task.fingerprint[:8]}` — {detail[:200]}",
+            f"{mentions}:x: *Patch error* on task `{task.fingerprint[:8]}` — {detail[:200]}",
         )
 
 
 async def _dev_poll_loop(cfg_loader: ConfigLoader, store: StateStore):
     """
-    Background task: poll dev-tasks/ every 60 s and dispatch to Dev Claude.
+    Background task: poll dev-tasks/ every 60 s and dispatch to Patch.
     Also scans Sentinel's own log for errors and auto-queues self-repair tasks.
     """
     from .dev_watcher import (
@@ -1081,6 +1084,109 @@ async def _dev_poll_loop(cfg_loader: ConfigLoader, store: StateStore):
         await asyncio.sleep(60)
 
 
+# ── Repo task agent (human-requested changes to managed repos) ────────────────
+
+async def _handle_repo_task(task, repo_cfg, cfg_loader: ConfigLoader, store: StateStore):
+    """Execute a single repo task via Claude Code, post progress to Slack."""
+    from .repo_task_engine import run_repo_task, mark_repo_task_done
+    from .notify import slack_alert as _slack_alert, slack_thread_reply as _slack_reply
+
+    sentinel = cfg_loader.sentinel
+    _submitter = task.submitter_user_id
+    _started_msg = (
+        f":hammer: Working on *<@{_submitter}>*'s request for `{task.repo_name}`\n_{task.message[:120]}_"
+    ) if _submitter else (
+        f":hammer: Working on repo task for `{task.repo_name}`\n_{task.message[:120]}_"
+    )
+    _thread_ts = _slack_alert(sentinel.slack_bot_token, sentinel.slack_channel, _started_msg)
+
+    def _progress(msg: str) -> None:
+        _slack_reply(sentinel.slack_bot_token, sentinel.slack_channel, _thread_ts, msg)
+
+    _loop = asyncio.get_event_loop()
+    try:
+        status, detail = await _loop.run_in_executor(
+            None, run_repo_task, task, repo_cfg, sentinel, store, _progress,
+        )
+    except Exception:
+        logger.exception("Repo task: unexpected error on task %s", task.fingerprint[:8])
+        _progress(":x: Unexpected error — check logs")
+        mark_repo_task_done(task.task_file)
+        return
+
+    mark_repo_task_done(task.task_file)
+
+    # Build mention string: submitter + extra notify users
+    _notify_ids = list(task.notify_user_ids or [])
+    if task.submitter_user_id:
+        mentions = f"<@{task.submitter_user_id}> " + " ".join(
+            f"<@{u}>" for u in _notify_ids if u != task.submitter_user_id
+        )
+        mentions = mentions.strip() + " "
+    else:
+        mentions = " ".join(f"<@{u}>" for u in _notify_ids)
+        mentions = (mentions + " ") if mentions else ""
+
+    if status == "done":
+        if detail:  # PR URL
+            _slack_alert(
+                sentinel.slack_bot_token, sentinel.slack_channel,
+                f"{mentions}:white_check_mark: Done — PR opened for `{task.repo_name}`: {detail}",
+            )
+        else:
+            _slack_alert(
+                sentinel.slack_bot_token, sentinel.slack_channel,
+                f"{mentions}:white_check_mark: Done — changes pushed to `{task.repo_name}/{repo_cfg.branch}`.",
+            )
+    elif status == "needs_human":
+        qualified = _boss_qualify_dev_reason(detail, sentinel)
+        _slack_alert(
+            sentinel.slack_bot_token, sentinel.slack_channel,
+            f"{mentions}:warning: *Task needs human input* (`{task.repo_name}`)\n{qualified}",
+        )
+    elif status == "skip":
+        qualified = _boss_qualify_dev_reason(detail, sentinel)
+        _slack_alert(
+            sentinel.slack_bot_token, sentinel.slack_channel,
+            f"{mentions}:fast_forward: Task skipped for `{task.repo_name}` — {qualified}",
+        )
+    else:
+        _slack_alert(
+            sentinel.slack_bot_token, sentinel.slack_channel,
+            f"{mentions}:x: Task error for `{task.repo_name}` — {(detail or '')[:200]}",
+        )
+
+
+async def _repo_task_poll_loop(cfg_loader: ConfigLoader, store: StateStore):
+    """Background task: poll repo-tasks/ every 60s and dispatch to Claude."""
+    from .repo_task_engine import scan_repo_tasks, mark_repo_task_done
+
+    await asyncio.sleep(20)
+
+    while True:
+        try:
+            project_dir = Path(".")
+            tasks = scan_repo_tasks(project_dir)
+            if tasks:
+                logger.info("Repo task: %d task(s) found", len(tasks))
+            for task in tasks:
+                # Resolve repo config — exact match then fuzzy
+                repo_cfg = cfg_loader.repos.get(task.repo_name)
+                if not repo_cfg:
+                    for rname, rcfg in cfg_loader.repos.items():
+                        if task.repo_name.lower() in rname.lower():
+                            repo_cfg = rcfg
+                            break
+                if not repo_cfg:
+                    logger.warning("Repo task: no config for repo '%s' — skipping", task.repo_name)
+                    mark_repo_task_done(task.task_file)
+                    continue
+                await _handle_repo_task(task, repo_cfg, cfg_loader, store)
+        except Exception as e:
+            logger.warning("Repo task poll loop error: %s", e)
+        await asyncio.sleep(60)
+
+
 # ── Entry point ──────────────────────────────────────────────────────────────────────────────────
 
 def _log_auth_status(cfg: SentinelConfig) -> None:
@@ -1154,6 +1260,7 @@ async def run_loop(cfg_loader: ConfigLoader, store: StateStore):
         asyncio.ensure_future(run_slack_bot(cfg_loader, store))
     if cfg_loader.sentinel.sentinel_dev_repo_path:
         asyncio.ensure_future(_dev_poll_loop(cfg_loader, store))
+    asyncio.ensure_future(_repo_task_poll_loop(cfg_loader, store))
 
     while True:
         try: