@openacp/cli 0.5.3 → 0.6.1

package/dist/{chunk-LCJIPE5S.js → chunk-R3UJUOXI.js}

@@ -1,13 +1,17 @@
+import {
+  ChannelAdapter,
+  PRODUCT_GUIDE
+} from "./chunk-LGQYTK55.js";
 import {
   DoctorEngine
-} from "./chunk-K53OZH5Y.js";
+} from "./chunk-ZCHNAM3B.js";
 import {
   buildMenuKeyboard,
   buildSkillMessages,
   handleClear,
   handleHelp,
   handleMenu
-} from "./chunk-IURZ4QHG.js";
+} from "./chunk-7QJS2XBD.js";
 import {
   AgentCatalog
 } from "./chunk-J6X5SW6O.js";
@@ -19,7 +23,7 @@ import {
   getSafeFields,
   isHotReloadable,
   resolveOptions
-} from "./chunk-Z46LGZ7R.js";
+} from "./chunk-4TR5Y3MP.js";
 import {
   createChildLogger,
   createSessionLogger
@@ -488,9 +492,10 @@ ${stderr}`
   }
   async prompt(text, attachments) {
     const contentBlocks = [{ type: "text", text }];
+    const SUPPORTED_IMAGE_MIMES = /* @__PURE__ */ new Set(["image/jpeg", "image/png", "image/gif", "image/webp"]);
     for (const att of attachments ?? []) {
       const tooLarge = att.size > 10 * 1024 * 1024;
-      if (att.type === "image" && this.promptCapabilities?.image && !tooLarge) {
+      if (att.type === "image" && this.promptCapabilities?.image && !tooLarge && SUPPORTED_IMAGE_MIMES.has(att.mimeType)) {
         const data = await fs.promises.readFile(att.filePath);
         contentBlocks.push({ type: "image", data: data.toString("base64"), mimeType: att.mimeType });
       } else if (att.type === "audio" && this.promptCapabilities?.audio && !tooLarge) {
@@ -756,6 +761,7 @@ var PermissionGate = class {
 
 // src/core/session.ts
 import { nanoid } from "nanoid";
+import * as fs2 from "fs";
 var moduleLog = createChildLogger({ module: "session" });
 var VALID_TRANSITIONS = {
   initializing: /* @__PURE__ */ new Set(["active", "error"]),
@@ -776,9 +782,11 @@ var Session = class extends TypedEmitter {
   name;
   createdAt = /* @__PURE__ */ new Date();
   dangerousMode = false;
+  archiving = false;
   log;
   permissionGate = new PermissionGate();
   queue;
+  speechService;
   constructor(opts) {
     super();
     this.id = opts.id || nanoid(12);
@@ -786,6 +794,7 @@ var Session = class extends TypedEmitter {
     this.agentName = opts.agentName;
     this.workingDirectory = opts.workingDirectory;
     this.agentInstance = opts.agentInstance;
+    this.speechService = opts.speechService;
     this.log = createSessionLogger(this.id, moduleLog);
     this.log.info({ agentName: this.agentName }, "Session created");
     this.queue = new PromptQueue(
@@ -851,7 +860,8 @@ var Session = class extends TypedEmitter {
     }
     const promptStart = Date.now();
     this.log.debug("Prompt execution started");
-    await this.agentInstance.prompt(text, attachments);
+    const processed = await this.maybeTranscribeAudio(text, attachments);
+    await this.agentInstance.prompt(processed.text, processed.attachments);
     this.log.info(
       { durationMs: Date.now() - promptStart },
       "Prompt execution completed"
@@ -860,6 +870,51 @@ var Session = class extends TypedEmitter {
       await this.autoName();
     }
   }
+  async maybeTranscribeAudio(text, attachments) {
+    if (!attachments?.length || !this.speechService) {
+      return { text, attachments };
+    }
+    const hasAudioCapability = this.agentInstance.promptCapabilities?.audio === true;
+    if (hasAudioCapability) {
+      return { text, attachments };
+    }
+    if (!this.speechService.isSTTAvailable()) {
+      return { text, attachments };
+    }
+    let transcribedText = text;
+    const remainingAttachments = [];
+    for (const att of attachments) {
+      if (att.type !== "audio") {
+        remainingAttachments.push(att);
+        continue;
+      }
+      try {
+        const audioPath = att.originalFilePath || att.filePath;
+        const audioMime = att.originalFilePath ? "audio/ogg" : att.mimeType;
+        const audioBuffer = await fs2.promises.readFile(audioPath);
+        const result = await this.speechService.transcribe(audioBuffer, audioMime);
+        this.log.info({ provider: "stt", duration: result.duration }, "Voice transcribed");
+        this.emit("agent_event", {
+          type: "system_message",
+          message: `\u{1F3A4} You said: ${result.text}`
+        });
+        transcribedText = transcribedText.replace(/\[Audio:\s*[^\]]*\]\s*/g, "").trim();
+        transcribedText = transcribedText ? `${transcribedText}
+${result.text}` : result.text;
+      } catch (err) {
+        this.log.warn({ err }, "STT transcription failed, keeping audio attachment");
+        this.emit("agent_event", {
+          type: "error",
+          message: `Voice transcription failed: ${err.message}`
+        });
+        remainingAttachments.push(att);
+      }
+    }
+    return {
+      text: transcribedText,
+      attachments: remainingAttachments.length > 0 ? remainingAttachments : void 0
+    };
+  }
   // NOTE: This injects a summary prompt into the agent's conversation history.
   async autoName() {
     let title = "";
@@ -972,7 +1027,7 @@ var SessionManager = class {
   getRecordByThread(channelId, threadId) {
     return this.store?.findByPlatform(
       channelId,
-      (p) => String(p.topicId) === threadId
+      (p) => String(p.topicId) === threadId || p.threadId === threadId
     );
   }
   registerSession(session) {
@@ -1037,7 +1092,7 @@ var SessionManager = class {
 };
 
 // src/core/file-service.ts
-import fs2 from "fs";
+import fs3 from "fs";
 import path2 from "path";
 import { OggOpusDecoder } from "ogg-opus-decoder";
 import wav from "node-wav";
@@ -1084,10 +1139,10 @@ var FileService = class {
   }
   async saveFile(sessionId, fileName, data, mimeType) {
     const sessionDir = path2.join(this.baseDir, sessionId);
-    await fs2.promises.mkdir(sessionDir, { recursive: true });
+    await fs3.promises.mkdir(sessionDir, { recursive: true });
     const safeName = `${Date.now()}-${fileName.replace(/[^a-zA-Z0-9._-]/g, "_")}`;
     const filePath = path2.join(sessionDir, safeName);
-    await fs2.promises.writeFile(filePath, data);
+    await fs3.promises.writeFile(filePath, data);
     return {
       type: classifyMime(mimeType),
       filePath,
@@ -1098,7 +1153,7 @@ var FileService = class {
   }
   async resolveFile(filePath) {
     try {
-      const stat = await fs2.promises.stat(filePath);
+      const stat = await fs3.promises.stat(filePath);
       if (!stat.isFile()) return null;
       const ext = path2.extname(filePath).toLowerCase();
       const mimeType = EXT_TO_MIME[ext] || "application/octet-stream";
@@ -1227,12 +1282,12 @@ var SessionBridge = class {
           break;
         case "image_content": {
           if (this.deps.fileService) {
-            const fs5 = this.deps.fileService;
+            const fs7 = this.deps.fileService;
             const sid = this.session.id;
             const { data, mimeType } = event;
             const buffer = Buffer.from(data, "base64");
             const ext = FileService.extensionFromMime(mimeType);
-            fs5.saveFile(sid, `agent-image${ext}`, buffer, mimeType).then((att) => {
+            fs7.saveFile(sid, `agent-image${ext}`, buffer, mimeType).then((att) => {
               this.adapter.sendMessage(sid, { type: "attachment", text: "", attachment: att });
             }).catch((err) => log2.error({ err }, "Failed to save agent image"));
           }
@@ -1240,12 +1295,12 @@ var SessionBridge = class {
         }
         case "audio_content": {
           if (this.deps.fileService) {
-            const fs5 = this.deps.fileService;
+            const fs7 = this.deps.fileService;
             const sid = this.session.id;
             const { data, mimeType } = event;
             const buffer = Buffer.from(data, "base64");
             const ext = FileService.extensionFromMime(mimeType);
-            fs5.saveFile(sid, `agent-audio${ext}`, buffer, mimeType).then((att) => {
+            fs7.saveFile(sid, `agent-audio${ext}`, buffer, mimeType).then((att) => {
               this.adapter.sendMessage(sid, { type: "attachment", text: "", attachment: att });
             }).catch((err) => log2.error({ err }, "Failed to save agent audio"));
           }
@@ -1255,6 +1310,12 @@ var SessionBridge = class {
           log2.debug({ commands: event.commands }, "Commands available");
           this.adapter.sendSkillCommands(this.session.id, event.commands);
           break;
+        case "system_message":
+          this.adapter.sendMessage(
+            this.session.id,
+            this.deps.messageTransformer.transform(event)
+          );
+          break;
       }
     };
     this.session.on("agent_event", this.agentEventHandler);
@@ -1449,6 +1510,8 @@ var MessageTransformer = class {
         return { type: "session_end", text: `Done (${event.reason})` };
       case "error":
         return { type: "error", text: event.message };
+      case "system_message":
+        return { type: "system_message", text: event.message };
       default:
         return { type: "text", text: "" };
     }
@@ -1504,15 +1567,331 @@ var MessageTransformer = class {
   }
 };
 
+// src/core/usage-store.ts
+import fs4 from "fs";
+import path3 from "path";
+var log4 = createChildLogger({ module: "usage-store" });
+var DEBOUNCE_MS = 2e3;
+var UsageStore = class {
+  constructor(filePath, retentionDays) {
+    this.filePath = filePath;
+    this.retentionDays = retentionDays;
+    this.load();
+    this.cleanup();
+    this.cleanupInterval = setInterval(
+      () => this.cleanup(),
+      24 * 60 * 60 * 1e3
+    );
+    this.flushHandler = () => {
+      try {
+        this.flushSync();
+      } catch {
+      }
+    };
+    process.on("SIGTERM", this.flushHandler);
+    process.on("SIGINT", this.flushHandler);
+    process.on("exit", this.flushHandler);
+  }
+  records = [];
+  debounceTimer = null;
+  cleanupInterval = null;
+  flushHandler = null;
+  append(record) {
+    this.records.push(record);
+    this.scheduleDiskWrite();
+  }
+  query(period) {
+    const cutoff = this.getCutoff(period);
+    const filtered = cutoff ? this.records.filter((r) => new Date(r.timestamp).getTime() >= cutoff) : this.records;
+    const totalTokens = filtered.reduce((sum, r) => sum + r.tokensUsed, 0);
+    const totalCost = filtered.reduce(
+      (sum, r) => sum + (r.cost?.amount ?? 0),
+      0
+    );
+    const sessionIds = new Set(filtered.map((r) => r.sessionId));
+    const currency = filtered.find((r) => r.cost?.currency)?.cost?.currency ?? "USD";
+    return {
+      period,
+      totalTokens,
+      totalCost,
+      currency,
+      sessionCount: sessionIds.size,
+      recordCount: filtered.length
+    };
+  }
+  getMonthlyTotal() {
+    const now = /* @__PURE__ */ new Date();
+    const startOfMonth = new Date(now.getFullYear(), now.getMonth(), 1);
+    const cutoff = startOfMonth.getTime();
+    const filtered = this.records.filter(
+      (r) => new Date(r.timestamp).getTime() >= cutoff
+    );
+    const totalCost = filtered.reduce(
+      (sum, r) => sum + (r.cost?.amount ?? 0),
+      0
+    );
+    const currency = filtered.find((r) => r.cost?.currency)?.cost?.currency ?? "USD";
+    return { totalCost, currency };
+  }
+  cleanup() {
+    const cutoff = Date.now() - this.retentionDays * 24 * 60 * 60 * 1e3;
+    const before = this.records.length;
+    this.records = this.records.filter(
+      (r) => new Date(r.timestamp).getTime() >= cutoff
+    );
+    const removed = before - this.records.length;
+    if (removed > 0) {
+      log4.info({ removed }, "Cleaned up expired usage records");
+      this.scheduleDiskWrite();
+    }
+  }
+  flushSync() {
+    if (this.debounceTimer) {
+      clearTimeout(this.debounceTimer);
+      this.debounceTimer = null;
+    }
+    const data = { version: 1, records: this.records };
+    const dir = path3.dirname(this.filePath);
+    if (!fs4.existsSync(dir)) fs4.mkdirSync(dir, { recursive: true });
+    fs4.writeFileSync(this.filePath, JSON.stringify(data, null, 2));
+  }
+  destroy() {
+    if (this.debounceTimer) this.flushSync();
+    if (this.cleanupInterval) clearInterval(this.cleanupInterval);
+    if (this.flushHandler) {
+      process.removeListener("SIGTERM", this.flushHandler);
+      process.removeListener("SIGINT", this.flushHandler);
+      process.removeListener("exit", this.flushHandler);
+      this.flushHandler = null;
+    }
+  }
+  load() {
+    if (!fs4.existsSync(this.filePath)) return;
+    try {
+      const raw = JSON.parse(
+        fs4.readFileSync(this.filePath, "utf-8")
+      );
+      if (raw.version !== 1) {
+        log4.warn(
+          { version: raw.version },
+          "Unknown usage store version, skipping load"
+        );
+        return;
+      }
+      this.records = raw.records || [];
+      log4.info({ count: this.records.length }, "Loaded usage records");
+    } catch (err) {
+      log4.error({ err }, "Failed to load usage store, backing up corrupt file");
+      try {
+        fs4.copyFileSync(this.filePath, this.filePath + ".bak");
+      } catch {
+      }
+      this.records = [];
+    }
+  }
+  getCutoff(period) {
+    const now = /* @__PURE__ */ new Date();
+    switch (period) {
+      case "today": {
+        const start = new Date(now);
+        start.setHours(0, 0, 0, 0);
+        return start.getTime();
+      }
+      case "week":
+        return Date.now() - 7 * 24 * 60 * 60 * 1e3;
+      case "month": {
+        const startOfMonth = new Date(now.getFullYear(), now.getMonth(), 1);
+        return startOfMonth.getTime();
+      }
+      case "all":
+        return null;
+    }
+  }
+  scheduleDiskWrite() {
+    if (this.debounceTimer) clearTimeout(this.debounceTimer);
+    this.debounceTimer = setTimeout(() => {
+      this.flushSync();
+    }, DEBOUNCE_MS);
+  }
+};
+
+// src/core/usage-budget.ts
+var UsageBudget = class {
+  constructor(store, config, now = () => /* @__PURE__ */ new Date()) {
+    this.store = store;
+    this.config = config;
+    this.now = now;
+    this.lastNotifiedMonth = this.now().getMonth();
+  }
+  lastNotifiedStatus = "ok";
+  lastNotifiedMonth;
+  check() {
+    if (!this.config.monthlyBudget) {
+      return { status: "ok" };
+    }
+    const currentMonth = this.now().getMonth();
+    if (currentMonth !== this.lastNotifiedMonth) {
+      this.lastNotifiedStatus = "ok";
+      this.lastNotifiedMonth = currentMonth;
+    }
+    const { totalCost } = this.store.getMonthlyTotal();
+    const budget = this.config.monthlyBudget;
+    const threshold = this.config.warningThreshold;
+    let status;
+    if (totalCost >= budget) {
+      status = "exceeded";
+    } else if (totalCost >= threshold * budget) {
+      status = "warning";
+    } else {
+      status = "ok";
+    }
+    let message;
+    if (status !== "ok" && status !== this.lastNotifiedStatus) {
+      const pct = Math.round(totalCost / budget * 100);
+      const filled = Math.round(Math.min(totalCost / budget, 1) * 10);
+      const bar = "\u2593".repeat(filled) + "\u2591".repeat(10 - filled);
+      if (status === "warning") {
+        message = `\u26A0\uFE0F <b>Budget Warning</b>
+Monthly usage: $${totalCost.toFixed(2)} / $${budget.toFixed(2)} (${pct}%)
+${bar} ${pct}%`;
+      } else {
+        message = `\u{1F6A8} <b>Budget Exceeded</b>
+Monthly usage: $${totalCost.toFixed(2)} / $${budget.toFixed(2)} (${pct}%)
+${bar} ${pct}%
+Sessions are NOT blocked \u2014 this is a warning only.`;
+      }
+    }
+    this.lastNotifiedStatus = status;
+    return { status, message };
+  }
+  getStatus() {
+    const { totalCost } = this.store.getMonthlyTotal();
+    const budget = this.config.monthlyBudget ?? 0;
+    let status = "ok";
+    if (budget > 0) {
+      if (totalCost >= budget) {
+        status = "exceeded";
+      } else if (totalCost >= this.config.warningThreshold * budget) {
+        status = "warning";
+      }
+    }
+    const percent = budget > 0 ? Math.round(totalCost / budget * 100) : 0;
+    return { status, used: totalCost, budget, percent };
+  }
+};
+
+// src/core/speech/speech-service.ts
+var SpeechService = class {
+  constructor(config) {
+    this.config = config;
+  }
+  sttProviders = /* @__PURE__ */ new Map();
+  ttsProviders = /* @__PURE__ */ new Map();
+  registerSTTProvider(name, provider) {
+    this.sttProviders.set(name, provider);
+  }
+  registerTTSProvider(name, provider) {
+    this.ttsProviders.set(name, provider);
+  }
+  isSTTAvailable() {
+    const { provider, providers } = this.config.stt;
+    return provider !== null && providers[provider]?.apiKey !== void 0;
+  }
+  isTTSAvailable() {
+    const { provider, providers } = this.config.tts;
+    return provider !== null && providers[provider]?.apiKey !== void 0;
+  }
+  async transcribe(audioBuffer, mimeType, options) {
+    const providerName = this.config.stt.provider;
+    if (!providerName || !this.config.stt.providers[providerName]?.apiKey) {
+      throw new Error("STT not configured. Set speech.stt.provider and API key in config.");
+    }
+    const provider = this.sttProviders.get(providerName);
+    if (!provider) {
+      throw new Error(`STT provider "${providerName}" not registered. Available: ${[...this.sttProviders.keys()].join(", ") || "none"}`);
+    }
+    return provider.transcribe(audioBuffer, mimeType, options);
+  }
+  async synthesize(text, options) {
+    const providerName = this.config.tts.provider;
+    if (!providerName || !this.config.tts.providers[providerName]?.apiKey) {
+      throw new Error("TTS not configured. Set speech.tts.provider and API key in config.");
+    }
+    const provider = this.ttsProviders.get(providerName);
+    if (!provider) {
+      throw new Error(`TTS provider "${providerName}" not registered. Available: ${[...this.ttsProviders.keys()].join(", ") || "none"}`);
+    }
+    return provider.synthesize(text, options);
+  }
+  updateConfig(config) {
+    this.config = config;
+  }
+};
+
+// src/core/speech/providers/groq.ts
+var GROQ_API_URL = "https://api.groq.com/openai/v1/audio/transcriptions";
+var GroqSTT = class {
+  constructor(apiKey, defaultModel = "whisper-large-v3-turbo") {
+    this.apiKey = apiKey;
+    this.defaultModel = defaultModel;
+  }
+  name = "groq";
+  async transcribe(audioBuffer, mimeType, options) {
+    const ext = mimeToExt(mimeType);
+    const form = new FormData();
+    form.append("file", new Blob([new Uint8Array(audioBuffer)], { type: mimeType }), `audio${ext}`);
+    form.append("model", options?.model || this.defaultModel);
+    form.append("response_format", "verbose_json");
+    if (options?.language) {
+      form.append("language", options.language);
+    }
+    const resp = await fetch(GROQ_API_URL, {
+      method: "POST",
+      headers: { Authorization: `Bearer ${this.apiKey}` },
+      body: form
+    });
+    if (!resp.ok) {
+      const body = await resp.text();
+      if (resp.status === 401) {
+        throw new Error("Invalid Groq API key. Check your key at console.groq.com.");
+      }
+      if (resp.status === 413) {
+        throw new Error("Audio file too large for Groq API (max 25MB).");
+      }
+      if (resp.status === 429) {
+        throw new Error("Groq rate limit exceeded. Free tier: 28,800 seconds/day. Try again later.");
+      }
+      throw new Error(`Groq STT error (${resp.status}): ${body}`);
+    }
+    const data = await resp.json();
+    return {
+      text: data.text,
+      language: data.language,
+      duration: data.duration
+    };
+  }
+};
+function mimeToExt(mimeType) {
+  const map = {
+    "audio/ogg": ".ogg",
+    "audio/wav": ".wav",
+    "audio/mpeg": ".mp3",
+    "audio/mp4": ".m4a",
+    "audio/webm": ".webm",
+    "audio/flac": ".flac"
+  };
+  return map[mimeType] || ".bin";
+}
+
 // src/core/core.ts
-import path4 from "path";
+import path5 from "path";
 import os from "os";
 
 // src/core/session-store.ts
-import fs3 from "fs";
-import path3 from "path";
-var log4 = createChildLogger({ module: "session-store" });
-var DEBOUNCE_MS = 2e3;
+import fs5 from "fs";
+import path4 from "path";
+var log5 = createChildLogger({ module: "session-store" });
+var DEBOUNCE_MS2 = 2e3;
 var JsonFileSessionStore = class {
   records = /* @__PURE__ */ new Map();
   filePath;
@@ -1572,9 +1951,9 @@ var JsonFileSessionStore = class {
       version: 1,
       sessions: Object.fromEntries(this.records)
     };
-    const dir = path3.dirname(this.filePath);
-    if (!fs3.existsSync(dir)) fs3.mkdirSync(dir, { recursive: true });
-    fs3.writeFileSync(this.filePath, JSON.stringify(data, null, 2));
+    const dir = path4.dirname(this.filePath);
+    if (!fs5.existsSync(dir)) fs5.mkdirSync(dir, { recursive: true });
+    fs5.writeFileSync(this.filePath, JSON.stringify(data, null, 2));
   }
   destroy() {
     if (this.debounceTimer) clearTimeout(this.debounceTimer);
@@ -1587,13 +1966,13 @@ var JsonFileSessionStore = class {
     }
   }
   load() {
-    if (!fs3.existsSync(this.filePath)) return;
+    if (!fs5.existsSync(this.filePath)) return;
     try {
       const raw = JSON.parse(
-        fs3.readFileSync(this.filePath, "utf-8")
+        fs5.readFileSync(this.filePath, "utf-8")
       );
       if (raw.version !== 1) {
-        log4.warn(
+        log5.warn(
           { version: raw.version },
           "Unknown session store version, skipping load"
         );
@@ -1602,9 +1981,9 @@ var JsonFileSessionStore = class {
       for (const [id, record] of Object.entries(raw.sessions)) {
         this.records.set(id, record);
       }
-      log4.info({ count: this.records.size }, "Loaded session records");
+      log5.info({ count: this.records.size }, "Loaded session records");
     } catch (err) {
-      log4.error({ err }, "Failed to load session store");
+      log5.error({ err }, "Failed to load session store");
     }
   }
   cleanup() {
@@ -1620,7 +1999,7 @@ var JsonFileSessionStore = class {
       }
     }
     if (removed > 0) {
-      log4.info({ removed }, "Cleaned up expired session records");
+      log5.info({ removed }, "Cleaned up expired session records");
       this.scheduleDiskWrite();
     }
   }
@@ -1628,12 +2007,13 @@ var JsonFileSessionStore = class {
     if (this.debounceTimer) clearTimeout(this.debounceTimer);
     this.debounceTimer = setTimeout(() => {
       this.flushSync();
-    }, DEBOUNCE_MS);
+    }, DEBOUNCE_MS2);
   }
 };
 
 // src/core/core.ts
-var log5 = createChildLogger({ module: "core" });
+import { nanoid as nanoid2 } from "nanoid";
+var log6 = createChildLogger({ module: "core" });
 var OpenACPCore = class {
   configManager;
   agentCatalog;
@@ -1642,32 +2022,57 @@ var OpenACPCore = class {
   notificationManager;
   messageTransformer;
   fileService;
+  speechService;
   adapters = /* @__PURE__ */ new Map();
   /** Set by main.ts — triggers graceful shutdown with restart exit code */
   requestRestart = null;
   _tunnelService;
   sessionStore = null;
   resumeLocks = /* @__PURE__ */ new Map();
+  usageStore = null;
+  usageBudget = null;
   constructor(configManager) {
     this.configManager = configManager;
     const config = configManager.get();
     this.agentCatalog = new AgentCatalog();
     this.agentCatalog.load();
     this.agentManager = new AgentManager(this.agentCatalog);
-    const storePath = path4.join(os.homedir(), ".openacp", "sessions.json");
+    const storePath = path5.join(os.homedir(), ".openacp", "sessions.json");
     this.sessionStore = new JsonFileSessionStore(
       storePath,
       config.sessionStore.ttlDays
     );
     this.sessionManager = new SessionManager(this.sessionStore);
     this.notificationManager = new NotificationManager(this.adapters);
+    const usageConfig = config.usage;
+    if (usageConfig.enabled) {
+      const usagePath = path5.join(os.homedir(), ".openacp", "usage.json");
+      this.usageStore = new UsageStore(usagePath, usageConfig.retentionDays);
+      this.usageBudget = new UsageBudget(this.usageStore, usageConfig);
+    }
     this.messageTransformer = new MessageTransformer();
-    this.fileService = new FileService(path4.join(os.homedir(), ".openacp", "files"));
+    this.fileService = new FileService(path5.join(os.homedir(), ".openacp", "files"));
+    const speechConfig = config.speech ?? { stt: { provider: null, providers: {} }, tts: { provider: null, providers: {} } };
+    this.speechService = new SpeechService(speechConfig);
+    const groqConfig = speechConfig.stt?.providers?.groq;
+    if (groqConfig?.apiKey) {
+      this.speechService.registerSTTProvider("groq", new GroqSTT(groqConfig.apiKey, groqConfig.model));
+    }
     this.configManager.on("config:changed", async ({ path: configPath, value }) => {
       if (configPath === "logging.level" && typeof value === "string") {
         const { setLogLevel: setLogLevel2 } = await import("./log-SPS2S6FO.js");
         setLogLevel2(value);
-        log5.info({ level: value }, "Log level changed at runtime");
+        log6.info({ level: value }, "Log level changed at runtime");
+      }
+      if (configPath.startsWith("speech.")) {
+        const newConfig = this.configManager.get();
+        const newSpeechConfig = newConfig.speech ?? { stt: { provider: null, providers: {} }, tts: { provider: null, providers: {} } };
+        this.speechService.updateConfig(newSpeechConfig);
+        const groqCfg = newSpeechConfig.stt?.providers?.groq;
+        if (groqCfg?.apiKey) {
+          this.speechService.registerSTTProvider("groq", new GroqSTT(groqCfg.apiKey, groqCfg.model));
+        }
+        log6.info("Speech service config updated at runtime");
       }
     });
   }
@@ -1683,7 +2088,7 @@ var OpenACPCore = class {
   }
   async start() {
     this.agentCatalog.refreshRegistryIfStale().catch((err) => {
-      log5.warn({ err }, "Background registry refresh failed");
+      log6.warn({ err }, "Background registry refresh failed");
     });
     for (const adapter of this.adapters.values()) {
       await adapter.start();
@@ -1702,11 +2107,30 @@ var OpenACPCore = class {
     for (const adapter of this.adapters.values()) {
       await adapter.stop();
     }
+    if (this.usageStore) {
+      this.usageStore.destroy();
+    }
+  }
+  // --- Archive ---
+  async archiveSession(sessionId) {
+    const session = this.sessionManager.getSession(sessionId);
+    if (!session) return { ok: false, error: "Session not found" };
+    if (session.status === "initializing") return { ok: false, error: "Session is still initializing" };
+    if (session.status !== "active") return { ok: false, error: `Session is ${session.status}` };
+    const adapter = this.adapters.get(session.channelId);
+    if (!adapter) return { ok: false, error: "Adapter not found for session" };
+    try {
+      const result = await adapter.archiveSessionTopic(session.id);
+      if (!result) return { ok: false, error: "Adapter does not support archiving" };
+      return { ok: true, newThreadId: result.newThreadId };
+    } catch (err) {
+      return { ok: false, error: err.message };
+    }
   }
   // --- Message Routing ---
   async handleMessage(message) {
     const config = this.configManager.get();
-    log5.debug(
+    log6.debug(
       {
         channelId: message.channelId,
         threadId: message.threadId,
@@ -1715,9 +2139,10 @@ var OpenACPCore = class {
       "Incoming message"
     );
     if (config.security.allowedUserIds.length > 0) {
-      if (!config.security.allowedUserIds.includes(message.userId)) {
-        log5.warn(
-          { userId: message.userId },
+      const userId = String(message.userId);
+      if (!config.security.allowedUserIds.includes(userId)) {
+        log6.warn(
+          { userId },
           "Rejected message from unauthorized user"
         );
         return;
@@ -1725,7 +2150,7 @@ var OpenACPCore = class {
     }
     const activeSessions = this.sessionManager.listSessions().filter((s) => s.status === "active" || s.status === "initializing");
     if (activeSessions.length >= config.security.maxConcurrentSessions) {
-      log5.warn(
+      log6.warn(
         {
           userId: message.userId,
           currentCount: activeSessions.length,
@@ -1750,7 +2175,7 @@ var OpenACPCore = class {
       session = await this.lazyResume(message) ?? void 0;
     }
     if (!session) {
-      log5.warn(
+      log6.warn(
         { channelId: message.channelId, threadId: message.threadId },
         "No session found for thread (in-memory miss + lazy resume returned null)"
       );
@@ -1774,7 +2199,8 @@ var OpenACPCore = class {
       channelId: params.channelId,
       agentName: params.agentName,
       workingDirectory: params.workingDirectory,
-      agentInstance
+      agentInstance,
+      speechService: this.speechService
     });
     session.agentSessionId = agentInstance.sessionId;
     if (params.initialName) {
@@ -1793,6 +2219,32 @@ var OpenACPCore = class {
       const bridge = this.createBridge(session, adapter);
       bridge.connect();
     }
+    if (this.usageStore) {
+      session.on("agent_event", (event) => {
+        if (event.type !== "usage") return;
+        const record = {
+          id: nanoid2(),
+          sessionId: session.id,
+          agentName: session.agentName,
+          tokensUsed: event.tokensUsed ?? 0,
+          contextSize: event.contextSize ?? 0,
+          cost: event.cost,
+          timestamp: (/* @__PURE__ */ new Date()).toISOString()
+        };
+        this.usageStore.append(record);
+        if (this.usageBudget) {
+          const result = this.usageBudget.check();
+          if (result.message) {
+            this.notificationManager.notifyAll({
+              sessionId: session.id,
+              sessionName: session.name,
+              type: "budget_warning",
+              summary: result.message
+            });
+          }
+        }
+      });
+    }
     session.on("status_change", (_from, to) => {
       if ((to === "finished" || to === "cancelled") && this._tunnelService) {
         this._tunnelService.stopBySession(session.id).then((stopped) => {
@@ -1814,7 +2266,11 @@ var OpenACPCore = class {
       ...existingRecord?.platform ?? {}
     };
     if (session.threadId) {
-      platform.topicId = Number(session.threadId);
+      if (params.channelId === "telegram") {
+        platform.topicId = Number(session.threadId);
+      } else {
+        platform.threadId = session.threadId;
+      }
     }
     await this.sessionManager.patchRecord(session.id, {
       sessionId: session.id,
@@ -1828,7 +2284,7 @@ var OpenACPCore = class {
       name: session.name,
       platform
     });
-    log5.info(
+    log6.info(
       { sessionId: session.id, agentName: params.agentName },
       "Session created via pipeline"
     );
@@ -1837,7 +2293,7 @@ var OpenACPCore = class {
   async handleNewSession(channelId, agentName, workspacePath) {
     const config = this.configManager.get();
     const resolvedAgent = agentName || config.defaultAgent;
-    log5.info({ channelId, agentName: resolvedAgent }, "New session request");
+    log6.info({ channelId, agentName: resolvedAgent }, "New session request");
     const agentDef = this.agentCatalog.resolve(resolvedAgent);
     const resolvedWorkspace = this.configManager.resolveWorkspace(
       workspacePath || agentDef?.workingDirectory
@@ -1952,20 +2408,20 @@ var OpenACPCore = class {
       (p) => String(p.topicId) === message.threadId
     );
     if (!record) {
-      log5.debug(
+      log6.debug(
         { threadId: message.threadId, channelId: message.channelId },
         "No session record found for thread"
       );
       return null;
     }
     if (record.status === "error") {
-      log5.debug(
+      log6.debug(
         { threadId: message.threadId, sessionId: record.sessionId, status: record.status },
         "Skipping resume of error session"
       );
       return null;
     }
-    log5.info(
+    log6.info(
       { threadId: message.threadId, sessionId: record.sessionId, status: record.status },
       "Lazy resume: found record, attempting resume"
     );
@@ -1982,13 +2438,13 @@ var OpenACPCore = class {
         session.threadId = message.threadId;
         session.activate();
         session.dangerousMode = record.dangerousMode ?? false;
-        log5.info(
+        log6.info(
           { sessionId: session.id, threadId: message.threadId },
           "Lazy resume successful"
         );
         return session;
       } catch (err) {
-        log5.error({ err, record }, "Lazy resume failed");
+        log6.error({ err, record }, "Lazy resume failed");
         const adapter = this.adapters.get(message.channelId);
         if (adapter) {
           try {
@@ -2019,36 +2475,22 @@ var OpenACPCore = class {
   }
 };
 
-// src/core/channel.ts
-var ChannelAdapter = class {
-  constructor(core, config) {
-    this.core = core;
-    this.config = config;
-  }
-  async deleteSessionThread(_sessionId) {
-  }
-  // Skill commands — override in adapters that support dynamic commands
-  async sendSkillCommands(_sessionId, _commands) {
-  }
-  async cleanupSkillCommands(_sessionId) {
-  }
-};
-
 // src/core/api-server.ts
 import * as http from "http";
-import * as fs4 from "fs";
-import * as path5 from "path";
+import * as fs6 from "fs";
+import * as path6 from "path";
 import * as os2 from "os";
+import * as crypto from "crypto";
 import { fileURLToPath } from "url";
-var log6 = createChildLogger({ module: "api-server" });
-var DEFAULT_PORT_FILE = path5.join(os2.homedir(), ".openacp", "api.port");
+var log7 = createChildLogger({ module: "api-server" });
+var DEFAULT_PORT_FILE = path6.join(os2.homedir(), ".openacp", "api.port");
 var cachedVersion;
 function getVersion() {
   if (cachedVersion) return cachedVersion;
   try {
     const __filename = fileURLToPath(import.meta.url);
-    const pkgPath = path5.resolve(path5.dirname(__filename), "../../package.json");
-    const pkg = JSON.parse(fs4.readFileSync(pkgPath, "utf-8"));
+    const pkgPath = path6.resolve(path6.dirname(__filename), "../../package.json");
+    const pkg = JSON.parse(fs6.readFileSync(pkgPath, "utf-8"));
     cachedVersion = pkg.version ?? "0.0.0-dev";
   } catch {
     cachedVersion = "0.0.0-dev";
@@ -2071,22 +2513,26 @@ function redactDeep(obj) {
   }
 }
 var ApiServer = class {
-  constructor(core, config, portFilePath, topicManager) {
+  constructor(core, config, portFilePath, topicManager, secretFilePath) {
     this.core = core;
     this.config = config;
     this.topicManager = topicManager;
     this.portFilePath = portFilePath ?? DEFAULT_PORT_FILE;
+    this.secretFilePath = secretFilePath ?? path6.join(os2.homedir(), ".openacp", "api-secret");
   }
   server = null;
   actualPort = 0;
   portFilePath;
   startedAt = Date.now();
+  secret = "";
+  secretFilePath;
   async start() {
+    this.loadOrCreateSecret();
     this.server = http.createServer((req, res) => this.handleRequest(req, res));
     await new Promise((resolve2, reject) => {
       this.server.on("error", (err) => {
         if (err.code === "EADDRINUSE") {
-          log6.warn({ port: this.config.port }, "API port in use, continuing without API server");
+          log7.warn({ port: this.config.port }, "API port in use, continuing without API server");
           this.server = null;
           resolve2();
         } else {
@@ -2099,7 +2545,7 @@ var ApiServer = class {
           this.actualPort = addr.port;
         }
         this.writePortFile();
-        log6.info({ host: this.config.host, port: this.actualPort }, "API server listening");
+        log7.info({ host: this.config.host, port: this.actualPort }, "API server listening");
         resolve2();
       });
     });
@@ -2117,19 +2563,52 @@ var ApiServer = class {
     return this.actualPort;
   }
   writePortFile() {
-    const dir = path5.dirname(this.portFilePath);
-    fs4.mkdirSync(dir, { recursive: true });
-    fs4.writeFileSync(this.portFilePath, String(this.actualPort));
+    const dir = path6.dirname(this.portFilePath);
+    fs6.mkdirSync(dir, { recursive: true });
+    fs6.writeFileSync(this.portFilePath, String(this.actualPort));
   }
   removePortFile() {
     try {
-      fs4.unlinkSync(this.portFilePath);
+      fs6.unlinkSync(this.portFilePath);
+    } catch {
+    }
+  }
+  loadOrCreateSecret() {
+    const dir = path6.dirname(this.secretFilePath);
+    fs6.mkdirSync(dir, { recursive: true });
+    try {
+      this.secret = fs6.readFileSync(this.secretFilePath, "utf-8").trim();
+      if (this.secret) {
+        try {
+          const stat = fs6.statSync(this.secretFilePath);
+          const mode = stat.mode & 511;
+          if (mode & 63) {
+            log7.warn({ path: this.secretFilePath, mode: "0" + mode.toString(8) }, "API secret file has insecure permissions (should be 0600). Run: chmod 600 %s", this.secretFilePath);
+          }
+        } catch {
+        }
+        return;
+      }
     } catch {
     }
+    this.secret = crypto.randomBytes(32).toString("hex");
+    fs6.writeFileSync(this.secretFilePath, this.secret, { mode: 384 });
+  }
+  authenticate(req) {
+    const authHeader = req.headers.authorization;
+    if (!authHeader?.startsWith("Bearer ")) return false;
+    const token = authHeader.slice(7);
+    if (token.length !== this.secret.length) return false;
+    return crypto.timingSafeEqual(Buffer.from(token, "utf-8"), Buffer.from(this.secret, "utf-8"));
   }
   async handleRequest(req, res) {
     const method = req.method?.toUpperCase();
     const url = req.url || "";
+    const isExempt = method === "GET" && (url === "/api/health" || url === "/api/version");
+    if (!isExempt && !this.authenticate(req)) {
+      this.sendJson(res, 401, { error: "Unauthorized" });
+      return;
+    }
     try {
       if (method === "POST" && url === "/api/sessions/adopt") {
         await this.handleAdoptSession(req, res);
@@ -2144,6 +2623,9 @@ var ApiServer = class {
       } else if (method === "GET" && url.match(/^\/api\/sessions\/([^/]+)$/)) {
         const sessionId = decodeURIComponent(url.match(/^\/api\/sessions\/([^/]+)$/)[1]);
         await this.handleGetSession(sessionId, res);
+      } else if (method === "POST" && url.match(/^\/api\/sessions\/([^/]+)\/archive$/)) {
+        const sessionId = decodeURIComponent(url.match(/^\/api\/sessions\/([^/]+)\/archive$/)[1]);
+        await this.handleArchiveSession(sessionId, res);
       } else if (method === "DELETE" && url.match(/^\/api\/sessions\/([^/]+)$/)) {
         const sessionId = decodeURIComponent(url.match(/^\/api\/sessions\/([^/]+)$/)[1]);
         await this.handleCancelSession(sessionId, res);
@@ -2189,7 +2671,7 @@ var ApiServer = class {
         this.sendJson(res, 404, { error: "Not found" });
       }
     } catch (err) {
-      log6.error({ err }, "API request error");
+      log7.error({ err }, "API request error");
       this.sendJson(res, 500, { error: "Internal server error" });
     }
   }
@@ -2231,11 +2713,11 @@ var ApiServer = class {
     if (!adapter) {
       session.agentInstance.onPermissionRequest = async (request) => {
         const allowOption = request.options.find((o) => o.isAllow);
-        log6.debug({ sessionId: session.id, permissionId: request.id, option: allowOption?.id }, "Auto-approving permission for API session");
+        log7.debug({ sessionId: session.id, permissionId: request.id, option: allowOption?.id }, "Auto-approving permission for API session");
         return allowOption?.id ?? request.options[0]?.id ?? "";
       };
     }
-    session.warmup().catch((err) => log6.warn({ err, sessionId: session.id }, "API session warmup failed"));
+    session.warmup().catch((err) => log7.warn({ err, sessionId: session.id }, "API session warmup failed"));
     this.sendJson(res, 200, {
       sessionId: session.id,
       agent: session.agentName,
@@ -2346,7 +2828,7 @@ var ApiServer = class {
     this.sendJson(res, 200, { version: getVersion() });
   }
   async handleGetEditableConfig(res) {
-    const { getSafeFields: getSafeFields2, resolveOptions: resolveOptions2, getConfigValue: getConfigValue2 } = await import("./config-registry-SNKA2EH2.js");
+    const { getSafeFields: getSafeFields2, resolveOptions: resolveOptions2, getConfigValue: getConfigValue2 } = await import("./config-registry-QQOJ2GQP.js");
     const config = this.core.configManager.get();
     const safeFields = getSafeFields2();
     const fields = safeFields.map((def) => ({
@@ -2387,20 +2869,20 @@ var ApiServer = class {
     const parts = configPath.split(".");
     let target = cloned;
     for (let i = 0; i < parts.length - 1; i++) {
-      if (target[parts[i]] && typeof target[parts[i]] === "object" && !Array.isArray(target[parts[i]])) {
-        target = target[parts[i]];
+      const part = parts[i];
+      if (target[part] && typeof target[part] === "object" && !Array.isArray(target[part])) {
+        target = target[part];
+      } else if (target[part] === void 0 || target[part] === null) {
+        target[part] = {};
+        target = target[part];
       } else {
         this.sendJson(res, 400, { error: "Invalid config path" });
         return;
       }
     }
     const lastKey = parts[parts.length - 1];
-    if (!(lastKey in target)) {
-      this.sendJson(res, 400, { error: "Invalid config path" });
-      return;
-    }
     target[lastKey] = value;
-    const { ConfigSchema } = await import("./config-OH26EIWN.js");
+    const { ConfigSchema } = await import("./config-AK2W3E67.js");
     const result = ConfigSchema.safeParse(cloned);
     if (!result.success) {
       this.sendJson(res, 400, {
@@ -2417,7 +2899,7 @@ var ApiServer = class {
     }
     updateTarget[lastKey] = value;
     await this.core.configManager.save(updates, configPath);
-    const { isHotReloadable: isHotReloadable2 } = await import("./config-registry-SNKA2EH2.js");
+    const { isHotReloadable: isHotReloadable2 } = await import("./config-registry-QQOJ2GQP.js");
     const needsRestart = !isHotReloadable2(configPath);
     this.sendJson(res, 200, {
       ok: true,
@@ -2525,6 +3007,14 @@ var ApiServer = class {
     this.sendJson(res, 200, { ok: true, message: "Restarting..." });
     setImmediate(() => this.core.requestRestart());
   }
+  async handleArchiveSession(sessionId, res) {
+    const result = await this.core.archiveSession(sessionId);
+    if (result.ok) {
+      this.sendJson(res, 200, result);
+    } else {
+      this.sendJson(res, 400, result);
+    }
+  }
   async handleCancelSession(sessionId, res) {
     const session = this.core.sessionManager.getSession(sessionId);
     if (!session) {
@@ -2640,7 +3130,7 @@ var ApiServer = class {
 };
 
 // src/core/topic-manager.ts
-var log7 = createChildLogger({ module: "topic-manager" });
+var log8 = createChildLogger({ module: "topic-manager" });
 var TopicManager = class {
   constructor(sessionManager, adapter, systemTopicIds) {
     this.sessionManager = sessionManager;
@@ -2679,7 +3169,7 @@ var TopicManager = class {
       try {
         await this.adapter.deleteSessionThread(sessionId);
       } catch (err) {
-        log7.warn({ err, sessionId, topicId }, "Failed to delete platform thread, removing record anyway");
+        log8.warn({ err, sessionId, topicId }, "Failed to delete platform thread, removing record anyway");
       }
     }
     await this.sessionManager.removeRecord(sessionId);
@@ -2702,7 +3192,7 @@ var TopicManager = class {
           try {
             await this.adapter.deleteSessionThread(record.sessionId);
           } catch (err) {
-            log7.warn({ err, sessionId: record.sessionId }, "Failed to delete platform thread during cleanup");
+            log8.warn({ err, sessionId: record.sessionId }, "Failed to delete platform thread during cleanup");
           }
         }
         await this.sessionManager.removeRecord(record.sessionId);
@@ -2749,6 +3239,9 @@ async function renameSessionTopic(bot, chatId, threadId, name) {
   } catch {
   }
 }
+async function deleteSessionTopic(bot, chatId, threadId) {
+  await bot.api.deleteForumTopic(chatId, threadId);
+}
 function buildDeepLink(chatId, messageId) {
   const cleanId = String(chatId).replace("-100", "");
   return `https://t.me/c/${cleanId}/${messageId}`;
@@ -2887,6 +3380,33 @@ function formatUsage(usage) {
   return `${emoji} ${formatTokens(tokensUsed)} / ${formatTokens(contextSize)} tokens
 ${bar} ${pct}%`;
 }
+var PERIOD_LABEL = {
+  today: "Today",
+  week: "This Week",
+  month: "This Month",
+  all: "All Time"
+};
+function formatUsageReport(summaries, budgetStatus) {
+  const hasData = summaries.some((s) => s.recordCount > 0);
+  if (!hasData) {
+    return "\u{1F4CA} <b>Usage Report</b>\n\nNo usage data yet.";
+  }
+  const formatCost = (n) => `$${n.toFixed(2)}`;
+  const lines = ["\u{1F4CA} <b>Usage Report</b>"];
+  for (const summary of summaries) {
+    lines.push("");
+    lines.push(`\u2500\u2500 <b>${PERIOD_LABEL[summary.period] ?? summary.period}</b> \u2500\u2500`);
+    lines.push(
+      `\u{1F4B0} ${formatCost(summary.totalCost)} \xB7 \u{1F524} ${formatTokens(summary.totalTokens)} tokens \xB7 \u{1F4CB} ${summary.sessionCount} sessions`
+    );
+    if (summary.period === "month" && budgetStatus.budget > 0) {
+      const bar = progressBar(budgetStatus.used / budgetStatus.budget);
+      lines.push(`Budget: ${formatCost(budgetStatus.used)} / ${formatCost(budgetStatus.budget)} (${budgetStatus.percent}%)`);
+      lines.push(`${bar} ${budgetStatus.percent}%`);
+    }
+  }
+  return lines.join("\n");
+}
 function splitMessage(text, maxLength = 3800) {
   if (text.length <= maxLength) return [text];
   const chunks = [];
@@ -2922,7 +3442,7 @@ function splitMessage(text, maxLength = 3800) {
 
 // src/adapters/telegram/commands/admin.ts
 import { InlineKeyboard } from "grammy";
-var log9 = createChildLogger({ module: "telegram-cmd-admin" });
+var log10 = createChildLogger({ module: "telegram-cmd-admin" });
 function buildDangerousModeKeyboard(sessionId, enabled) {
   return new InlineKeyboard().text(
     enabled ? "\u{1F510} Disable Dangerous Mode" : "\u2620\uFE0F Enable Dangerous Mode",
@@ -2935,7 +3455,7 @@ function setupDangerousModeCallbacks(bot, core) {
     const session = core.sessionManager.getSession(sessionId);
     if (session) {
       session.dangerousMode = !session.dangerousMode;
-      log9.info({ sessionId, dangerousMode: session.dangerousMode }, "Dangerous mode toggled via button");
+      log10.info({ sessionId, dangerousMode: session.dangerousMode }, "Dangerous mode toggled via button");
       core.sessionManager.patchRecord(sessionId, { dangerousMode: session.dangerousMode }).catch(() => {
       });
       const toastText2 = session.dangerousMode ? "\u2620\uFE0F Dangerous mode enabled \u2014 permissions auto-approved" : "\u{1F510} Dangerous mode disabled \u2014 permissions shown normally";
@@ -2962,7 +3482,7 @@ function setupDangerousModeCallbacks(bot, core) {
     const newDangerousMode = !(record.dangerousMode ?? false);
     core.sessionManager.patchRecord(sessionId, { dangerousMode: newDangerousMode }).catch(() => {
     });
-    log9.info({ sessionId, dangerousMode: newDangerousMode }, "Dangerous mode toggled via button (store-only, session not in memory)");
+    log10.info({ sessionId, dangerousMode: newDangerousMode }, "Dangerous mode toggled via button (store-only, session not in memory)");
     const toastText = newDangerousMode ? "\u2620\uFE0F Dangerous mode enabled \u2014 permissions auto-approved" : "\u{1F510} Dangerous mode disabled \u2014 permissions shown normally";
     try {
       await ctx.answerCallbackQuery({ text: toastText });
@@ -3048,7 +3568,7 @@ async function handleUpdate(ctx, core) {
     await ctx.reply("\u26A0\uFE0F Update is not available (no restart handler registered).", { parse_mode: "HTML" });
     return;
   }
-  const { getCurrentVersion, getLatestVersion, compareVersions, runUpdate } = await import("./version-VC5CPXBX.js");
+  const { getCurrentVersion, getLatestVersion, compareVersions, runUpdate } = await import("./version-ALWGGVKM.js");
   const current = getCurrentVersion();
   const statusMsg = await ctx.reply(`\u{1F50D} Checking for updates... (current: v${escapeHtml(current)})`, { parse_mode: "HTML" });
   const latest = await getLatestVersion();
@@ -3091,7 +3611,7 @@ async function handleRestart(ctx, core) {
 }
 
 // src/adapters/telegram/commands/new-session.ts
-var log10 = createChildLogger({ module: "telegram-cmd-new-session" });
+var log11 = createChildLogger({ module: "telegram-cmd-new-session" });
 var pendingNewSessions = /* @__PURE__ */ new Map();
 var PENDING_TIMEOUT_MS = 5 * 60 * 1e3;
 function cleanupPending(userId) {
@@ -3190,7 +3710,7 @@ async function startConfirmStep(ctx, chatId, userId, agentName, workspace) {
   });
 }
 async function createSessionDirect(ctx, core, chatId, agentName, workspace) {
-  log10.info({ userId: ctx.from?.id, agentName, workspace }, "New session command (direct)");
+  log11.info({ userId: ctx.from?.id, agentName, workspace }, "New session command (direct)");
   let threadId;
   try {
     const topicName = `\u{1F504} New Session`;
@@ -3220,10 +3740,10 @@ This is your coding session \u2014 chat here to work with the agent.`,
         reply_markup: buildDangerousModeKeyboard(session.id, false)
       }
     );
-    session.warmup().catch((err) => log10.error({ err }, "Warm-up error"));
+    session.warmup().catch((err) => log11.error({ err }, "Warm-up error"));
     return threadId ?? null;
   } catch (err) {
-    log10.error({ err }, "Session creation failed");
+    log11.error({ err }, "Session creation failed");
     if (threadId) {
       try {
         await ctx.api.deleteForumTopic(chatId, threadId);
@@ -3301,7 +3821,7 @@ async function handleNewChat(ctx, core, chatId) {
         reply_markup: buildDangerousModeKeyboard(session.id, false)
       }
     );
-    session.warmup().catch((err) => log10.error({ err }, "Warm-up error"));
+    session.warmup().catch((err) => log11.error({ err }, "Warm-up error"));
   } catch (err) {
     if (newThreadId) {
       try {
@@ -3332,7 +3852,7 @@ async function executeNewSession(bot, core, chatId, agentName, workspace) {
     } });
     const finalName = `\u{1F504} ${session.agentName} \u2014 New Session`;
     await renameSessionTopic(bot, chatId, threadId, finalName);
-    session.warmup().catch((err) => log10.error({ err }, "Warm-up error"));
+    session.warmup().catch((err) => log11.error({ err }, "Warm-up error"));
     return { session, threadId, firstMsgId };
   } catch (err) {
     try {
@@ -3480,7 +4000,7 @@ Or just the folder name like <code>my-project</code> (will use ${core.configMana
 
 // src/adapters/telegram/commands/session.ts
 import { InlineKeyboard as InlineKeyboard3 } from "grammy";
-var log11 = createChildLogger({ module: "telegram-cmd-session" });
+var log12 = createChildLogger({ module: "telegram-cmd-session" });
 async function handleCancel(ctx, core, assistant) {
   const threadId = ctx.message?.message_thread_id;
   if (!threadId) return;
@@ -3498,14 +4018,14 @@ async function handleCancel(ctx, core, assistant) {
     String(threadId)
   );
   if (session) {
-    log11.info({ sessionId: session.id }, "Abort prompt command");
+    log12.info({ sessionId: session.id }, "Abort prompt command");
     await session.abortPrompt();
     await ctx.reply("\u26D4 Prompt aborted. Session is still active \u2014 send a new message to continue.", { parse_mode: "HTML" });
     return;
   }
   const record = core.sessionManager.getRecordByThread("telegram", String(threadId));
   if (record && record.status !== "error") {
-    log11.info({ sessionId: record.sessionId, status: record.status }, "Cancel command \u2014 no active prompt to abort");
+    log12.info({ sessionId: record.sessionId, status: record.status }, "Cancel command \u2014 no active prompt to abort");
     await ctx.reply("\u2139\uFE0F No active prompt to cancel. Send a new message to resume the session.", { parse_mode: "HTML" });
   }
 }
@@ -3609,7 +4129,7 @@ ${lines.join("\n")}${truncated}`,
       { parse_mode: "HTML", reply_markup: keyboard }
     );
   } catch (err) {
-    log11.error({ err }, "handleTopics error");
+    log12.error({ err }, "handleTopics error");
     await ctx.reply("\u274C Failed to list sessions.", { parse_mode: "HTML" }).catch(() => {
     });
   }
@@ -3630,13 +4150,13 @@ async function handleCleanup(ctx, core, chatId, statuses) {
         try {
           await ctx.api.deleteForumTopic(chatId, topicId);
         } catch (err) {
-          log11.warn({ err, sessionId: record.sessionId, topicId }, "Failed to delete forum topic during cleanup");
+          log12.warn({ err, sessionId: record.sessionId, topicId }, "Failed to delete forum topic during cleanup");
         }
       }
       await core.sessionManager.removeRecord(record.sessionId);
       deleted++;
     } catch (err) {
-      log11.error({ err, sessionId: record.sessionId }, "Failed to cleanup session");
+      log12.error({ err, sessionId: record.sessionId }, "Failed to cleanup session");
       failed++;
     }
   }
@@ -3707,7 +4227,7 @@ async function handleCleanupEverythingConfirmed(ctx, core, chatId, systemTopicId
         try {
           await core.sessionManager.cancelSession(record.sessionId);
         } catch (err) {
-          log11.warn({ err, sessionId: record.sessionId }, "Failed to cancel session during cleanup");
+          log12.warn({ err, sessionId: record.sessionId }, "Failed to cancel session during cleanup");
         }
       }
       const topicId = record.platform?.topicId;
@@ -3715,13 +4235,13 @@ async function handleCleanupEverythingConfirmed(ctx, core, chatId, systemTopicId
         try {
           await ctx.api.deleteForumTopic(chatId, topicId);
         } catch (err) {
-          log11.warn({ err, sessionId: record.sessionId, topicId }, "Failed to delete forum topic during cleanup");
+          log12.warn({ err, sessionId: record.sessionId, topicId }, "Failed to delete forum topic during cleanup");
         }
       }
       await core.sessionManager.removeRecord(record.sessionId);
       deleted++;
     } catch (err) {
-      log11.error({ err, sessionId: record.sessionId }, "Failed to cleanup session");
+      log12.error({ err, sessionId: record.sessionId }, "Failed to cleanup session");
       failed++;
     }
   }
@@ -3763,6 +4283,86 @@ function setupSessionCallbacks(bot, core, chatId, systemTopicIds) {
     }
   });
 }
+async function handleUsage(ctx, core) {
+  if (!core.usageStore) {
+    await ctx.reply("\u{1F4CA} Usage tracking is disabled.", { parse_mode: "HTML" });
+    return;
+  }
+  const rawMatch = ctx.match;
+  const period = typeof rawMatch === "string" ? rawMatch.trim().toLowerCase() : "";
+  let summaries;
+  if (period === "today" || period === "week" || period === "month") {
+    summaries = [core.usageStore.query(period)];
+  } else {
+    summaries = [
+      core.usageStore.query("month"),
+      core.usageStore.query("week"),
+      core.usageStore.query("today")
+    ];
+  }
+  const budgetStatus = core.usageBudget ? core.usageBudget.getStatus() : { status: "ok", used: 0, budget: 0, percent: 0 };
+  const text = formatUsageReport(summaries, budgetStatus);
+  await ctx.reply(text, { parse_mode: "HTML" });
+}
+async function handleArchive(ctx, core) {
+  const threadId = ctx.message?.message_thread_id;
+  if (!threadId) return;
+  const session = core.sessionManager.getSessionByThread("telegram", String(threadId));
+  if (!session) {
+    await ctx.reply(
+      "\u2139\uFE0F <b>/archive</b> works in session topics \u2014 it recreates the topic with a clean chat view while keeping your agent session alive.\n\nGo to the session topic you want to archive and type /archive there.",
+      { parse_mode: "HTML" }
+    );
+    return;
+  }
+  if (session.status === "initializing") {
+    await ctx.reply("\u23F3 Please wait for session to be ready.", { parse_mode: "HTML" });
+    return;
+  }
+  if (session.status !== "active") {
+    await ctx.reply(`\u26A0\uFE0F Cannot archive \u2014 session is ${session.status}.`, { parse_mode: "HTML" });
+    return;
+  }
+  await ctx.reply(
+    "\u26A0\uFE0F <b>Archive this session topic?</b>\n\nThis will permanently delete all messages in this topic and create a fresh one.\nYour agent session will continue \u2014 only the chat view is reset.\n\n<i>Note: links to messages in this topic will stop working.</i>",
+    {
+      parse_mode: "HTML",
+      reply_markup: new InlineKeyboard3().text("\u{1F5D1} Yes, archive", `ar:yes:${session.id}`).text("\u274C Cancel", `ar:no:${session.id}`)
+    }
+  );
+}
+async function handleArchiveConfirm(ctx, core, chatId) {
+  const data = ctx.callbackQuery?.data;
+  if (!data) return;
+  try {
+    await ctx.answerCallbackQuery();
+  } catch {
+  }
+  const [, action, sessionId] = data.split(":");
+  if (action === "no") {
+    await ctx.editMessageText("Archive cancelled.", { parse_mode: "HTML" });
+    return;
+  }
+  await ctx.editMessageText("\u{1F504} Archiving topic...", { parse_mode: "HTML" });
+  const result = await core.archiveSession(sessionId);
+  if (result.ok) {
+    const newTopicId = Number(result.newThreadId);
+    await ctx.api.sendMessage(chatId, "\u2705 Topic archived. Session continues.", {
+      message_thread_id: newTopicId,
+      parse_mode: "HTML"
+    });
+  } else {
+    try {
+      await ctx.editMessageText(`\u274C Failed to archive: <code>${escapeHtml(result.error)}</code>`, { parse_mode: "HTML" });
+    } catch {
+      core.notificationManager.notifyAll({
+        sessionId,
+        type: "error",
+        summary: `Failed to recreate topic for session "${sessionId}": ${result.error}`
+      });
+    }
+  }
+}
 
 // src/adapters/telegram/commands/agents.ts
 import { InlineKeyboard as InlineKeyboard4 } from "grammy";
@@ -4153,7 +4753,7 @@ ${resultText}`,
 
 // src/adapters/telegram/commands/settings.ts
 import { InlineKeyboard as InlineKeyboard6 } from "grammy";
-var log12 = createChildLogger({ module: "telegram-settings" });
+var log13 = createChildLogger({ module: "telegram-settings" });
 function buildSettingsKeyboard(core) {
   const config = core.configManager.get();
   const fields = getSafeFields();
@@ -4179,13 +4779,15 @@ function formatFieldLabel(field, value) {
     tunnel: "\u{1F517}",
     security: "\u{1F512}",
     workspace: "\u{1F4C1}",
-    storage: "\u{1F4BE}"
+    storage: "\u{1F4BE}",
+    speech: "\u{1F3A4}"
   };
   const icon = icons[field.group] ?? "\u2699\uFE0F";
   if (field.type === "toggle") {
     return `${icon} ${field.displayName}: ${value ? "ON" : "OFF"}`;
   }
-  return `${icon} ${field.displayName}: ${String(value)}`;
+  const displayValue = value === null || value === void 0 ? "Not set" : String(value);
+  return `${icon} ${field.displayName}: ${displayValue}`;
 }
 async function handleSettings(ctx, core) {
   const kb = buildSettingsKeyboard(core);
@@ -4214,7 +4816,7 @@ function setupSettingsCallbacks(bot, core, getAssistantSession) {
       } catch {
       }
     } catch (err) {
-      log12.error({ err, fieldPath }, "Failed to toggle config");
+      log13.error({ err, fieldPath }, "Failed to toggle config");
       try {
         await ctx.answerCallbackQuery({ text: "\u274C Failed to update" });
       } catch {
@@ -4252,6 +4854,27 @@ Select a value:`, {
     const fieldPath = parts.slice(0, -1).join(":");
     const newValue = parts[parts.length - 1];
     try {
+      if (fieldPath === "speech.stt.provider") {
+        const config = core.configManager.get();
+        const providerConfig = config.speech?.stt?.providers?.[newValue];
+        if (!providerConfig?.apiKey) {
+          const assistant = getAssistantSession();
+          if (assistant) {
+            try {
+              await ctx.answerCallbackQuery({ text: `\u{1F511} API key needed \u2014 check Assistant topic` });
+            } catch {
+            }
+            const prompt = `User wants to enable ${newValue} as Speech-to-Text provider, but no API key is configured yet. Guide them to get a ${newValue} API key and set it up. After they provide the key, run both commands: \`openacp config set speech.stt.providers.${newValue}.apiKey <key>\` and \`openacp config set speech.stt.provider ${newValue}\``;
+            await assistant.enqueuePrompt(prompt);
+            return;
+          }
+          try {
+            await ctx.answerCallbackQuery({ text: `\u26A0\uFE0F Set API key first: openacp config set speech.stt.providers.${newValue}.apiKey <key>` });
+          } catch {
+          }
+          return;
+        }
+      }
       const updates = buildNestedUpdate(fieldPath, newValue);
       await core.configManager.save(updates, fieldPath);
       try {
@@ -4267,7 +4890,7 @@ Tap to change:`, {
       } catch {
       }
     } catch (err) {
-      log12.error({ err, fieldPath }, "Failed to set config");
+      log13.error({ err, fieldPath }, "Failed to set config");
       try {
         await ctx.answerCallbackQuery({ text: "\u274C Failed to update" });
       } catch {
@@ -4300,7 +4923,7 @@ Tap to change:`, {
       await ctx.answerCallbackQuery();
     } catch {
     }
-    const { buildMenuKeyboard: buildMenuKeyboard3 } = await import("./menu-J5YVH665.js");
+    const { buildMenuKeyboard: buildMenuKeyboard3 } = await import("./menu-XR2GET2B.js");
     try {
       await ctx.editMessageText(`<b>OpenACP Menu</b>
 Choose an action:`, {
@@ -4339,7 +4962,7 @@ function buildNestedUpdate(dotPath, value) {
 
 // src/adapters/telegram/commands/doctor.ts
 import { InlineKeyboard as InlineKeyboard7 } from "grammy";
-var log13 = createChildLogger({ module: "telegram-cmd-doctor" });
+var log14 = createChildLogger({ module: "telegram-cmd-doctor" });
 var pendingFixesStore = /* @__PURE__ */ new Map();
 function renderReport(report) {
   const icons = { pass: "\u2705", warn: "\u26A0\uFE0F", fail: "\u274C" };
@@ -4382,7 +5005,7 @@ async function handleDoctor(ctx) {
       reply_markup: keyboard
     });
   } catch (err) {
-    log13.error({ err }, "Doctor command failed");
+    log14.error({ err }, "Doctor command failed");
     await ctx.api.editMessageText(
       ctx.chat.id,
       statusMsg.message_id,
@@ -4431,7 +5054,7 @@ function setupDoctorCallbacks(bot) {
         }
       }
     } catch (err) {
-      log13.error({ err, index }, "Doctor fix callback failed");
+      log14.error({ err, index }, "Doctor fix callback failed");
     }
   });
   bot.callbackQuery("m:doctor", async (ctx) => {
@@ -4445,7 +5068,7 @@ function setupDoctorCallbacks(bot) {
 
 // src/adapters/telegram/commands/tunnel.ts
 import { InlineKeyboard as InlineKeyboard8 } from "grammy";
-var log14 = createChildLogger({ module: "telegram-cmd-tunnel" });
+var log15 = createChildLogger({ module: "telegram-cmd-tunnel" });
 async function handleTunnel(ctx, core) {
   if (!core.tunnelService) {
     await ctx.reply("\u274C Tunnel service is not enabled.", { parse_mode: "HTML" });
@@ -4510,12 +5133,19 @@ async function handleTunnels(ctx, core) {
     await ctx.reply("\u274C Tunnel service is not enabled.", { parse_mode: "HTML" });
     return;
   }
-  const entries = core.tunnelService.listTunnels();
+  const threadId = ctx.message?.message_thread_id;
+  let entries = core.tunnelService.listTunnels();
+  let sessionScoped = false;
+  if (threadId) {
+    const session = core.sessionManager.getSessionByThread("telegram", String(threadId));
+    if (session) {
+      entries = entries.filter((e) => e.sessionId === session.id);
+      sessionScoped = true;
+    }
+  }
   if (entries.length === 0) {
-    await ctx.reply(
-      "No active tunnels.\n\nUse <code>/tunnel &lt;port&gt;</code> to create one.",
-      { parse_mode: "HTML" }
-    );
+    const hint = sessionScoped ? "No tunnels for this session.\n\nUse <code>/tunnel &lt;port&gt;</code> to create one." : "No active tunnels.\n\nUse <code>/tunnel &lt;port&gt;</code> to create one.";
+    await ctx.reply(hint, { parse_mode: "HTML" });
     return;
   }
   const lines = entries.map((e) => {
@@ -4610,8 +5240,10 @@ function setupCommands(bot, core, chatId, assistant) {
   bot.command("integrate", (ctx) => handleIntegrate(ctx, core));
   bot.command("clear", (ctx) => handleClear(ctx, assistant));
   bot.command("doctor", (ctx) => handleDoctor(ctx));
+  bot.command("usage", (ctx) => handleUsage(ctx, core));
   bot.command("tunnel", (ctx) => handleTunnel(ctx, core));
   bot.command("tunnels", (ctx) => handleTunnels(ctx, core));
+  bot.command("archive", (ctx) => handleArchive(ctx, core));
 }
 function setupAllCallbacks(bot, core, chatId, systemTopicIds, getAssistantSession) {
   setupNewSessionCallbacks(bot, core, chatId);
@@ -4625,6 +5257,7 @@ function setupAllCallbacks(bot, core, chatId, systemTopicIds, getAssistantSessio
     await ctx.answerCallbackQuery();
     await createSessionDirect(ctx, core, chatId, agentKey, core.configManager.get().workspace.baseDir);
   });
+  bot.callbackQuery(/^ar:/, (ctx) => handleArchiveConfirm(ctx, core, chatId));
   bot.callbackQuery(/^m:/, async (ctx) => {
     const data = ctx.callbackQuery.data;
     try {
@@ -4680,14 +5313,16 @@ var STATIC_COMMANDS = [
   { command: "restart", description: "Restart OpenACP" },
   { command: "update", description: "Update to latest version and restart" },
   { command: "doctor", description: "Run system diagnostics" },
+  { command: "usage", description: "View token usage and cost report" },
   { command: "tunnel", description: "Create/stop tunnel for a local port" },
-  { command: "tunnels", description: "List active tunnels" }
+  { command: "tunnels", description: "List active tunnels" },
+  { command: "archive", description: "Archive session topic (recreate with clean history)" }
 ];
 
 // src/adapters/telegram/permissions.ts
 import { InlineKeyboard as InlineKeyboard9 } from "grammy";
-import { nanoid as nanoid2 } from "nanoid";
-var log15 = createChildLogger({ module: "telegram-permissions" });
+import { nanoid as nanoid3 } from "nanoid";
+var log16 = createChildLogger({ module: "telegram-permissions" });
 var PermissionHandler = class {
   constructor(bot, chatId, getSession, sendNotification) {
     this.bot = bot;
@@ -4698,7 +5333,7 @@ var PermissionHandler = class {
   pending = /* @__PURE__ */ new Map();
   async sendPermissionRequest(session, request) {
     const threadId = Number(session.threadId);
-    const callbackKey = nanoid2(8);
+    const callbackKey = nanoid3(8);
     this.pending.set(callbackKey, {
       sessionId: session.id,
       requestId: request.id,
@@ -4747,7 +5382,7 @@ ${escapeHtml(request.description)}`,
       }
       const session = this.getSession(pending.sessionId);
       const isAllow = pending.options.find((o) => o.id === optionId)?.isAllow ?? false;
-      log15.info({ requestId: pending.requestId, optionId, isAllow }, "Permission responded");
+      log16.info({ requestId: pending.requestId, optionId, isAllow }, "Permission responded");
       if (session?.permissionGate.requestId === pending.requestId) {
         session.permissionGate.resolve(optionId);
       }
@@ -4764,425 +5399,11 @@ ${escapeHtml(request.description)}`,
   }
 };
 
-// src/product-guide.ts
-var PRODUCT_GUIDE = `
-# OpenACP \u2014 Product Guide
-
-OpenACP lets you chat with AI coding agents (like Claude Code) through Telegram.
-You type messages in Telegram, the agent reads/writes/runs code in your project folder, and results stream back in real time.
-
----
-
-## Quick Start
-
-1. Start OpenACP: \`openacp\` (or \`openacp start\` for background daemon)
-2. Open your Telegram group \u2014 you'll see the Assistant topic
-3. Tap \u{1F195} New Session or type /new
-4. Pick an agent and a project folder
-5. Chat in the session topic \u2014 the agent works on your code
-
----
-
-## Core Concepts
-
-### Sessions
-A session = one conversation with one AI agent working in one project folder.
-Each session gets its own Telegram topic. Chat there to give instructions to the agent.
-
-### Agents
-An agent is an AI coding tool (e.g., Claude Code, Gemini, Cursor, Codex, etc.).
-OpenACP supports 28+ agents from the official ACP Registry (agentclientprotocol.com).
-You can install multiple agents and choose which one to use per session.
-The default agent is used when you don't specify one.
-
-### Agent Management
-- Browse agents: \`/agents\` in Telegram or \`openacp agents\` in CLI
-- Install: tap the install button in /agents, or \`openacp agents install <name>\`
-- Uninstall: \`openacp agents uninstall <name>\`
-- Setup/login: \`openacp agents run <name> -- <args>\` (e.g., \`openacp agents run gemini -- auth login\`)
-- Details: \`openacp agents info <name>\` shows version, dependencies, and setup steps
-
-Some agents need additional setup before they can be used:
-- Claude: requires \`claude login\`
-- Gemini: requires \`openacp agents run gemini -- auth login\`
-- Codex: requires setting \`OPENAI_API_KEY\` environment variable
-- GitHub Copilot: requires \`openacp agents run copilot -- auth login\`
-
-Agents are installed in three ways depending on the agent:
-- **npx** \u2014 Node.js agents, downloaded automatically on first use
-- **uvx** \u2014 Python agents, downloaded automatically on first use
-- **binary** \u2014 Platform-specific binaries, downloaded to \`~/.openacp/agents/\`
-
-### Project Folder (Workspace)
-The directory where the agent reads, writes, and runs code.
-When creating a session, you choose which folder the agent works in.
-You can type a full path like \`~/code/my-project\` or just a name like \`my-project\` (it becomes \`<base-dir>/my-project\`).
-
-### System Topics
-- **Assistant** \u2014 Always-on helper that can answer questions, create sessions, check status, troubleshoot
-- **Notifications** \u2014 System alerts (permission requests, session errors, completions)
-
----
-
-## Creating Sessions
-
-### From menu
-Tap \u{1F195} New Session \u2192 choose agent (if multiple) \u2192 choose project folder \u2192 confirm
-
-### From command
-- \`/new\` \u2014 Interactive flow (asks agent + folder)
-- \`/new claude ~/code/my-project\` \u2014 Create directly with specific agent and folder
-
-### From Assistant topic
-Just ask: "Create a session for my-project with claude" \u2014 the assistant handles it
-
-### Quick new chat
-\`/newchat\` in a session topic \u2014 creates new session with same agent and folder as current one
-
----
-
-## Working with Sessions
-
-### Chat
-Type messages in the session topic. The agent responds with code changes, explanations, tool outputs.
-
-### What you see while the agent works
-- **\u{1F4AD} Thinking indicator** \u2014 Shows when the agent is reasoning, with elapsed time
-- **Text responses** \u2014 Streamed in real time, updated every few seconds
-- **Tool calls** \u2014 When the agent runs commands or edits files, you see tool name, input, status, and output
-- **\u{1F4CB} Plan card** \u2014 Visual task progress with completed/in-progress/pending items and progress bar
-- **"View File" / "View Diff" buttons** \u2014 Opens in browser with Monaco editor (requires tunnel)
-
-### Session lifecycle
-1. **Creating** \u2014 Topic created, agent spawning
-2. **Warming up** \u2014 Agent primes its cache (happens automatically, invisible to you)
-3. **Active** \u2014 Ready for your messages
-4. **Auto-naming** \u2014 After your first message, the session gets a descriptive name (agent summarizes in ~5 words). The topic title updates automatically.
-5. **Finished/Error** \u2014 Session completed or hit an error
-
-### Agent skills
-Some agents provide slash commands (e.g., /compact, /review). Available skills are pinned in the session topic.
-
-### Permission requests
-When the agent wants to run a command, it asks for permission.
-You see buttons: \u2705 Allow, \u274C Reject (and sometimes "Always Allow").
-A notification also appears in the Notifications topic with a link to the request.
-
-### Dangerous mode
-Auto-approves ALL permission requests \u2014 the agent runs any command without asking.
-- Enable: \`/enable_dangerous\` or tap the \u2620\uFE0F button in the session
-- Disable: \`/disable_dangerous\` or tap the \u{1F510} button
-- \u26A0\uFE0F Use with caution \u2014 the agent can execute anything
-
-### Session timeout
-Idle sessions are automatically cancelled after a configurable timeout (default: 60 minutes).
-Configure via \`security.sessionTimeoutMinutes\` in config.
-
----
-
-## Session Transfer (Handoff)
-
-### Telegram \u2192 Terminal
-1. Type \`/handoff\` in a session topic
-2. You get a command like \`claude --resume <SESSION_ID>\`
-3. Copy and run it in your terminal \u2014 the session continues there with full conversation history
-
-### Terminal \u2192 Telegram
-1. First time: run \`openacp integrate claude\` to install the handoff skill (one-time setup)
-2. In Claude Code, use the /openacp:handoff slash command
-3. The session appears as a new topic in Telegram and you can continue chatting there
-
-### How it works
-- The agent session ID is shared between platforms
-- Conversation history is preserved \u2014 pick up where you left off
-- The agent that supports resume (e.g., Claude with \`--resume\`) handles the actual transfer
-
----
-
-## Managing Sessions
-
-### Status
-- \`/status\` \u2014 Shows active sessions count and details
-- Ask the Assistant: "What sessions are running?"
-
-### List all sessions
-- \`/sessions\` \u2014 Shows all sessions with status (active, finished, error)
-
-### Cancel
-- \`/cancel\` in a session topic \u2014 cancels that session
-- Ask the Assistant: "Cancel the stuck session"
-
-### Cleanup
-- From \`/sessions\` \u2192 tap cleanup buttons (finished, errors, all)
-- Ask the Assistant: "Clean up old sessions"
-
----
-
-## Assistant Topic
-
-The Assistant is an always-on AI helper in its own topic. It can:
-- Answer questions about OpenACP
-- Create sessions for you
-- Check status and health
-- Cancel sessions
-- Clean up old sessions
-- Troubleshoot issues
-- Manage configuration
-
-Just chat naturally: "How do I create a session?", "What's the status?", "Something is stuck"
-
-### Clear history
-\`/clear\` in the Assistant topic \u2014 resets the conversation
-
----
-
-## System Commands
-
-| Command | Where | What it does |
-|---------|-------|-------------|
-| \`/new [agent] [path]\` | Anywhere | Create new session |
-| \`/newchat\` | Session topic | New session, same agent + folder |
-| \`/cancel\` | Session topic | Cancel current session |
-| \`/status\` | Anywhere | Show status |
-| \`/sessions\` | Anywhere | List all sessions |
-| \`/agents\` | Anywhere | Browse & install agents from ACP Registry |
-| \`/install <name>\` | Anywhere | Install an agent |
-| \`/enable_dangerous\` | Session topic | Auto-approve all permissions |
-| \`/disable_dangerous\` | Session topic | Restore permission prompts |
-| \`/handoff\` | Session topic | Transfer session to terminal |
-| \`/clear\` | Assistant topic | Clear assistant history |
-| \`/menu\` | Anywhere | Show action menu |
-| \`/help\` | Anywhere | Show help |
-| \`/restart\` | Anywhere | Restart OpenACP |
-| \`/update\` | Anywhere | Update to latest version |
-| \`/integrate\` | Anywhere | Manage agent integrations |
-
----
-
-## Menu Buttons
-
-| Button | Action |
-|--------|--------|
-| \u{1F195} New Session | Create new session (interactive) |
-| \u{1F4CB} Sessions | List all sessions with cleanup options |
-| \u{1F4CA} Status | Show active/total session count |
-| \u{1F916} Agents | List available agents |
-| \u{1F517} Integrate | Manage agent integrations |
-| \u2753 Help | Show help text |
-| \u{1F504} Restart | Restart OpenACP |
-| \u2B06\uFE0F Update | Check and install updates |
-
----
-
-## CLI Commands
-
-### Server
-- \`openacp\` \u2014 Start (uses configured mode: foreground or daemon)
-- \`openacp start\` \u2014 Start as background daemon
-- \`openacp stop\` \u2014 Stop daemon
-- \`openacp status\` \u2014 Show daemon status
-- \`openacp logs\` \u2014 Tail daemon logs
-- \`openacp --foreground\` \u2014 Force foreground mode (useful for debugging or containers)
-
-### Auto-start (run on boot)
-- macOS: installs a LaunchAgent in \`~/Library/LaunchAgents/\`
-- Linux: installs a systemd user service in \`~/.config/systemd/user/\`
-- Enabled automatically when you start the daemon. Remove with \`openacp stop\`.
-
-### Configuration
-- \`openacp config\` \u2014 Interactive config editor
-- \`openacp reset\` \u2014 Delete all data and start fresh
-
-### Agent Management (CLI)
-- \`openacp agents\` \u2014 List all agents (installed + available from ACP Registry)
-- \`openacp agents install <name>\` \u2014 Install an agent
-- \`openacp agents uninstall <name>\` \u2014 Remove an agent
-- \`openacp agents info <name>\` \u2014 Show details, dependencies, and setup guide
-- \`openacp agents run <name> [-- args]\` \u2014 Run agent CLI directly (for login, config, etc.)
-- \`openacp agents refresh\` \u2014 Force-refresh registry cache
-
-### Plugins
-- \`openacp install <package>\` \u2014 Install adapter plugin (e.g., \`@openacp/adapter-discord\`)
-- \`openacp uninstall <package>\` \u2014 Remove adapter plugin
-- \`openacp plugins\` \u2014 List installed plugins
-
-### Integration
-- \`openacp integrate <agent>\` \u2014 Install agent integration (e.g., Claude handoff skill)
-- \`openacp integrate <agent> --uninstall\` \u2014 Remove integration
-
-### API (requires running daemon)
-\`openacp api <command>\` \u2014 Interact with running daemon:
-
-| Command | Description |
-|---------|-------------|
-| \`status\` | List active sessions |
-| \`session <id>\` | Session details |
-| \`new <agent> <path>\` | Create session |
-| \`send <id> "text"\` | Send prompt |
-| \`cancel <id>\` | Cancel session |
-| \`dangerous <id> on/off\` | Toggle dangerous mode |
-| \`topics [--status x,y]\` | List topics |
-| \`delete-topic <id> [--force]\` | Delete topic |
-| \`cleanup [--status x,y]\` | Cleanup old topics |
-| \`agents\` | List agents |
-| \`health\` | System health |
-| \`config\` | Show config |
-| \`config set <key> <value>\` | Update config |
-| \`adapters\` | List adapters |
-| \`tunnel\` | Tunnel status |
-| \`notify "message"\` | Send notification |
-| \`version\` | Daemon version |
-| \`restart\` | Restart daemon |
-
----
-
-## File Viewer (Tunnel)
-
-When tunnel is enabled, file edits and diffs get "View" buttons that open in your browser:
-- **Monaco Editor** \u2014 Full VS Code editor with syntax highlighting
-- **Diff viewer** \u2014 Side-by-side or inline comparison
-- **Line highlighting** \u2014 Click lines to highlight
-- Dark/light theme toggle
-
-### Setup
-Enable in config: set \`tunnel.enabled\` to \`true\`.
-Providers: Cloudflare (default, free), ngrok, bore, Tailscale Funnel.
-
-### Port Tunneling
-
-Expose any local port (dev servers, APIs, etc.) to the internet:
-
-**CLI commands** (agent can call these directly):
-- \`openacp tunnel add <port> --label <name>\` \u2014 Create tunnel to a local port
-- \`openacp tunnel list\` \u2014 List active tunnels
-- \`openacp tunnel stop <port>\` \u2014 Stop a tunnel
-- \`openacp tunnel stop-all\` \u2014 Stop all user tunnels
-
-**Telegram commands**:
-- \`/tunnel <port> [label]\` \u2014 Create tunnel
-- \`/tunnels\` \u2014 List active tunnels
-- \`/tunnel stop <port>\` \u2014 Stop tunnel
-
-Example: after starting a dev server on port 3000, run \`openacp tunnel add 3000 --label my-app\` to get a public URL.
-
----
-
-## Configuration
-
-Config file: \`~/.openacp/config.json\`
-
-### Telegram
-- **telegram.botToken** \u2014 Your Telegram bot token
-- **telegram.chatId** \u2014 Your Telegram supergroup ID
-
-### Agents
-- **defaultAgent** \u2014 Which agent to use by default
-- Agents are managed via \`/agents\` (Telegram) or \`openacp agents\` (CLI)
-- Installed agents are stored in \`~/.openacp/agents.json\`
-- Agent list is fetched from the ACP Registry CDN and cached locally (24h)
-
-### Workspace
-- **workspace.baseDir** \u2014 Base directory for project folders (default: \`~/openacp-workspace\`)
-
-### Security
-- **security.allowedUserIds** \u2014 Restrict who can use the bot (empty = everyone)
-- **security.maxConcurrentSessions** \u2014 Max parallel sessions (default: 5)
-- **security.sessionTimeoutMinutes** \u2014 Auto-cancel idle sessions (default: 60)
-
-### Tunnel / File Viewer
-- **tunnel.enabled** \u2014 Enable file viewer tunnel
-- **tunnel.provider** \u2014 Tunnel provider: cloudflare (default, free), ngrok, bore, tailscale
-- **tunnel.port** \u2014 Local port for tunnel server (default: 3100)
-- **tunnel.auth.enabled** \u2014 Enable authentication for tunnel URLs
-- **tunnel.auth.token** \u2014 Auth token for tunnel access
-- **tunnel.storeTtlMinutes** \u2014 How long viewer links stay cached (default: 60)
-
-### Logging
-- **logging.level** \u2014 Log level: silent, debug, info, warn, error, fatal (default: info)
-- **logging.logDir** \u2014 Log directory (default: \`~/.openacp/logs\`)
-- **logging.maxFileSize** \u2014 Max log file size before rotation
-- **logging.maxFiles** \u2014 Max number of rotated log files
-- **logging.sessionLogRetentionDays** \u2014 Auto-delete old session logs (default: 30)
-
-### Data Retention
-- **sessionStore.ttlDays** \u2014 How long session records persist (default: 30). Old records are cleaned up automatically.
-
-### Environment variables
-Override config with env vars:
-- \`OPENACP_TELEGRAM_BOT_TOKEN\`
-- \`OPENACP_TELEGRAM_CHAT_ID\`
-- \`OPENACP_DEFAULT_AGENT\`
-- \`OPENACP_RUN_MODE\` \u2014 foreground or daemon
-- \`OPENACP_API_PORT\` \u2014 API server port (default: 21420)
-- \`OPENACP_TUNNEL_ENABLED\`
-- \`OPENACP_TUNNEL_PORT\`
-- \`OPENACP_TUNNEL_PROVIDER\`
-- \`OPENACP_LOG_LEVEL\`
-- \`OPENACP_LOG_DIR\`
-- \`OPENACP_DEBUG\` \u2014 Sets log level to debug
-
----
-
-## Troubleshooting
-
-### Session stuck / not responding
-- Check status: ask Assistant "Is anything stuck?"
-- Cancel and create new: \`/cancel\` then \`/new\`
-- Check system health: Assistant can run health check
-
-### Agent not found
-- Check available agents: \`/agents\` or \`openacp agents\`
-- Install missing agent: \`openacp agents install <name>\`
-- Some agents need login first: \`openacp agents info <name>\` to see setup steps
-- Run agent CLI for setup: \`openacp agents run <name> -- <args>\`
-
-### Permission request not showing
-- Check Notifications topic for the alert
-- Try \`/enable_dangerous\` to auto-approve (if you trust the agent)
-
-### Session disappeared after restart
-- Sessions persist across restarts
-- Send a message in the old topic \u2014 it auto-resumes
-- If topic was deleted, the session record may still exist in status
-
-### Bot not responding at all
-- Check daemon: \`openacp status\`
-- Check logs: \`openacp logs\`
-- Restart: \`openacp start\` or \`/restart\`
-
-### Messages going to wrong topic
-- Each session is bound to a specific Telegram topic
-- If you see messages appearing in the Assistant topic instead of the session topic, try creating a new session
-
-### Viewing logs
-- Session-specific logs: \`~/.openacp/logs/sessions/\`
-- System logs: \`openacp logs\` to tail live
-- Set \`OPENACP_DEBUG=true\` for verbose output
-
----
-
-## Data & Storage
-
-All data is stored in \`~/.openacp/\`:
-- \`config.json\` \u2014 Configuration
-- \`agents.json\` \u2014 Installed agents (managed by AgentCatalog)
-- \`registry-cache.json\` \u2014 Cached ACP Registry data (refreshes every 24h)
-- \`agents/\` \u2014 Downloaded binary agents
-- \`sessions/\` \u2014 Session records and state
-- \`topics/\` \u2014 Topic-to-session mappings
-- \`logs/\` \u2014 System and session logs
-- \`plugins/\` \u2014 Installed adapter plugins
-- \`openacp.pid\` \u2014 Daemon PID file
-
-Session records auto-cleanup: 30 days (configurable via \`sessionStore.ttlDays\`).
-Session logs auto-cleanup: 30 days (configurable via \`logging.sessionLogRetentionDays\`).
-`;
-
 // src/adapters/telegram/assistant.ts
-var log16 = createChildLogger({ module: "telegram-assistant" });
+var log17 = createChildLogger({ module: "telegram-assistant" });
 async function spawnAssistant(core, adapter, assistantTopicId) {
   const config = core.configManager.get();
-  log16.info({ agent: config.defaultAgent }, "Creating assistant session...");
+  log17.info({ agent: config.defaultAgent }, "Creating assistant session...");
   const session = await core.createSession({
     channelId: "telegram",
     agentName: config.defaultAgent,
@@ -5191,7 +5412,7 @@ async function spawnAssistant(core, adapter, assistantTopicId) {
     // Prevent auto-naming from triggering after system prompt
   });
   session.threadId = String(assistantTopicId);
-  log16.info({ sessionId: session.id }, "Assistant agent spawned");
+  log17.info({ sessionId: session.id }, "Assistant agent spawned");
   const allRecords = core.sessionManager.listRecords();
   const activeCount = allRecords.filter((r) => r.status === "active" || r.status === "initializing").length;
   const statusCounts = /* @__PURE__ */ new Map();
@@ -5212,9 +5433,9 @@ async function spawnAssistant(core, adapter, assistantTopicId) {
   };
   const systemPrompt = buildAssistantSystemPrompt(ctx);
   const ready = session.enqueuePrompt(systemPrompt).then(() => {
-    log16.info({ sessionId: session.id }, "Assistant system prompt completed");
+    log17.info({ sessionId: session.id }, "Assistant system prompt completed");
   }).catch((err) => {
-    log16.warn({ err }, "Assistant system prompt failed");
+    log17.warn({ err }, "Assistant system prompt failed");
   });
   return { session, ready };
 }
@@ -5252,6 +5473,7 @@ function buildAssistantSystemPrompt(ctx) {
 - Available in ACP Registry: ${availableAgentCount ?? "28+"}  more agents (use /agents to browse)
 - Default agent: ${config.defaultAgent}
 - Workspace base directory: ${config.workspace.baseDir}
+- STT: ${config.speech?.stt?.provider ? `${config.speech.stt.provider} \u2705` : "Not configured"}
 
 ## Action Playbook
 
@@ -5299,6 +5521,16 @@ function buildAssistantSystemPrompt(ctx) {
 - When user asks about "settings" or "config", use \`openacp config set\` directly
 - When receiving a delegated request from the Settings menu, ask user for the new value, then apply with \`openacp config set <path> <value>\`
 
+### Voice / Speech-to-Text
+- OpenACP can transcribe voice messages to text using STT providers (Groq Whisper, OpenAI Whisper)
+- Current STT provider: ${config.speech?.stt?.provider ?? "Not configured"}
+- To enable: user needs an API key from the STT provider
+  - Groq (recommended, free tier ~8h/day): Get key at console.groq.com \u2192 API Keys
+  - Set via: \`openacp config set speech.stt.provider groq\` then \`openacp config set speech.stt.providers.groq.apiKey <key>\`
+- When STT is configured, voice messages are automatically transcribed before sending to agents that don't support audio
+- Agents with audio capability receive the audio directly (no transcription needed)
+- User can also configure via /settings \u2192 STT Provider
+
 ### Restart / Update
 - Always ask for confirmation \u2014 these are disruptive actions
 - Guide user: "Tap \u{1F504} Restart button or type /restart"
@@ -5369,7 +5601,7 @@ function redirectToAssistant(chatId, assistantTopicId) {
 }
 
 // src/adapters/telegram/activity.ts
-var log17 = createChildLogger({ module: "telegram:activity" });
+var log18 = createChildLogger({ module: "telegram:activity" });
 var THINKING_REFRESH_MS = 15e3;
 var THINKING_MAX_MS = 3 * 60 * 1e3;
 var ThinkingIndicator = class {
@@ -5401,7 +5633,7 @@ var ThinkingIndicator = class {
         this.startRefreshTimer();
       }
     } catch (err) {
-      log17.warn({ err }, "ThinkingIndicator.show() failed");
+      log18.warn({ err }, "ThinkingIndicator.show() failed");
     } finally {
       this.sending = false;
     }
@@ -5474,7 +5706,7 @@ var UsageMessage = class {
         if (result) this.msgId = result.message_id;
       }
     } catch (err) {
-      log17.warn({ err }, "UsageMessage.send() failed");
+      log18.warn({ err }, "UsageMessage.send() failed");
     }
   }
   getMsgId() {
@@ -5487,7 +5719,7 @@ var UsageMessage = class {
     try {
       await this.sendQueue.enqueue(() => this.api.deleteMessage(this.chatId, id));
     } catch (err) {
-      log17.warn({ err }, "UsageMessage.delete() failed");
+      log18.warn({ err }, "UsageMessage.delete() failed");
     }
   }
 };
@@ -5573,7 +5805,7 @@ var PlanCard = class {
         if (result) this.msgId = result.message_id;
       }
     } catch (err) {
-      log17.warn({ err }, "PlanCard flush failed");
+      log18.warn({ err }, "PlanCard flush failed");
     }
   }
 };
@@ -5636,7 +5868,7 @@ var ActivityTracker = class {
           })
         );
       } catch (err) {
-        log17.warn({ err }, "ActivityTracker.onComplete() Done send failed");
+        log18.warn({ err }, "ActivityTracker.onComplete() Done send failed");
       }
     }
   }
@@ -5718,7 +5950,7 @@ var TelegramSendQueue = class {
 };
 
 // src/adapters/telegram/action-detect.ts
-import { nanoid as nanoid3 } from "nanoid";
+import { nanoid as nanoid4 } from "nanoid";
 import { InlineKeyboard as InlineKeyboard10 } from "grammy";
 var CMD_NEW_RE = /\/new(?:\s+([^\s\u0080-\uFFFF]+)(?:\s+([^\s\u0080-\uFFFF]+))?)?/;
 var CMD_CANCEL_RE = /\/cancel\b/;
@@ -5744,7 +5976,7 @@ function detectAction(text) {
 var ACTION_TTL_MS = 5 * 60 * 1e3;
 var actionMap = /* @__PURE__ */ new Map();
 function storeAction(action) {
-  const id = nanoid3(10);
+  const id = nanoid4(10);
   actionMap.set(id, { action, createdAt: Date.now() });
   for (const [key, entry] of actionMap) {
     if (Date.now() - entry.createdAt > ACTION_TTL_MS) {
@@ -5874,7 +6106,7 @@ function setupActionCallbacks(bot, core, chatId, getAssistantSessionId) {
 }
 
 // src/adapters/telegram/tool-call-tracker.ts
-var log18 = createChildLogger({ module: "tool-call-tracker" });
+var log19 = createChildLogger({ module: "tool-call-tracker" });
 var ToolCallTracker = class {
   constructor(bot, chatId, sendQueue) {
     this.bot = bot;
@@ -5918,7 +6150,7 @@ var ToolCallTracker = class {
     if (!toolState) return;
     if (meta.viewerLinks) {
       toolState.viewerLinks = meta.viewerLinks;
-      log18.debug({ toolId: meta.id, viewerLinks: meta.viewerLinks }, "Accumulated viewerLinks");
+      log19.debug({ toolId: meta.id, viewerLinks: meta.viewerLinks }, "Accumulated viewerLinks");
     }
     if (meta.viewerFilePath) toolState.viewerFilePath = meta.viewerFilePath;
     if (meta.name) toolState.name = meta.name;
@@ -5926,7 +6158,7 @@ var ToolCallTracker = class {
     const isTerminal = meta.status === "completed" || meta.status === "failed";
     if (!isTerminal) return;
     await toolState.ready;
-    log18.debug(
+    log19.debug(
       {
         toolId: meta.id,
         status: meta.status,
@@ -5955,7 +6187,7 @@ var ToolCallTracker = class {
         )
       );
     } catch (err) {
-      log18.warn(
+      log19.warn(
         {
           err,
           msgId: toolState.msgId,
@@ -6205,7 +6437,7 @@ var DraftManager = class {
 };
 
 // src/adapters/telegram/skill-command-manager.ts
-var log19 = createChildLogger({ module: "skill-commands" });
+var log20 = createChildLogger({ module: "skill-commands" });
 var SkillCommandManager = class {
   // sessionId → pinned msgId
   constructor(bot, chatId, sendQueue, sessionManager) {
@@ -6271,7 +6503,7 @@ var SkillCommandManager = class {
         disable_notification: true
       });
     } catch (err) {
-      log19.error({ err, sessionId }, "Failed to send skill commands");
+      log20.error({ err, sessionId }, "Failed to send skill commands");
     }
   }
   async cleanup(sessionId) {
@@ -6297,7 +6529,7 @@ var SkillCommandManager = class {
 };
 
 // src/adapters/telegram/adapter.ts
-var log20 = createChildLogger({ module: "telegram" });
+var log21 = createChildLogger({ module: "telegram" });
 function patchedFetch(input, init) {
   if (init?.signal && !(init.signal instanceof AbortSignal)) {
     const nativeController = new AbortController();
@@ -6356,7 +6588,7 @@ var TelegramAdapter = class extends ChannelAdapter {
     );
     this.bot.catch((err) => {
       const rootCause = err.error instanceof Error ? err.error : err;
-      log20.error({ err: rootCause }, "Telegram bot error");
+      log21.error({ err: rootCause }, "Telegram bot error");
     });
     this.bot.api.config.use(async (prev, method, payload, signal) => {
       const maxRetries = 3;
@@ -6370,7 +6602,7 @@ var TelegramAdapter = class extends ChannelAdapter {
         if (rateLimitedMethods.includes(method)) {
           this.sendQueue.onRateLimited();
         }
-        log20.warn(
+        log21.warn(
           { method, retryAfter, attempt: attempt + 1 },
           "Rate limited by Telegram, retrying"
         );
@@ -6502,7 +6734,7 @@ var TelegramAdapter = class extends ChannelAdapter {
     this.setupRoutes();
     this.bot.start({
       allowed_updates: ["message", "callback_query"],
-      onStart: () => log20.info(
+      onStart: () => log21.info(
         { chatId: this.telegramConfig.chatId },
         "Telegram bot started"
       )
@@ -6524,10 +6756,10 @@ var TelegramAdapter = class extends ChannelAdapter {
         reply_markup: buildMenuKeyboard()
       });
     } catch (err) {
-      log20.warn({ err }, "Failed to send welcome message");
+      log21.warn({ err }, "Failed to send welcome message");
     }
     try {
-      log20.info("Spawning assistant session...");
+      log21.info("Spawning assistant session...");
       const { session, ready } = await spawnAssistant(
         this.core,
         this,
@@ -6535,13 +6767,13 @@ var TelegramAdapter = class extends ChannelAdapter {
       );
       this.assistantSession = session;
       this.assistantInitializing = true;
-      log20.info({ sessionId: session.id }, "Assistant session ready, system prompt running in background");
+      log21.info({ sessionId: session.id }, "Assistant session ready, system prompt running in background");
       ready.then(() => {
         this.assistantInitializing = false;
-        log20.info({ sessionId: session.id }, "Assistant ready for user messages");
+        log21.info({ sessionId: session.id }, "Assistant ready for user messages");
       });
     } catch (err) {
-      log20.error({ err }, "Failed to spawn assistant");
+      log21.error({ err }, "Failed to spawn assistant");
       this.bot.api.sendMessage(
         this.telegramConfig.chatId,
         `\u26A0\uFE0F <b>Failed to start assistant session.</b>
@@ -6557,7 +6789,7 @@ var TelegramAdapter = class extends ChannelAdapter {
       await this.assistantSession.destroy();
     }
     await this.bot.stop();
-    log20.info("Telegram bot stopped");
+    log21.info("Telegram bot stopped");
   }
   setupRoutes() {
     this.bot.on("message:text", async (ctx) => {
@@ -6585,7 +6817,7 @@ var TelegramAdapter = class extends ChannelAdapter {
         ctx.replyWithChatAction("typing").catch(() => {
         });
         handleAssistantMessage(this.assistantSession, forwardText).catch(
-          (err) => log20.error({ err }, "Assistant error")
+          (err) => log21.error({ err }, "Assistant error")
         );
         return;
       }
@@ -6602,7 +6834,7 @@ var TelegramAdapter = class extends ChannelAdapter {
         threadId: String(threadId),
         userId: String(ctx.from.id),
         text: forwardText
-      }).catch((err) => log20.error({ err }, "handleMessage error"));
+      }).catch((err) => log21.error({ err }, "handleMessage error"));
     });
     this.bot.on("message:photo", async (ctx) => {
       const threadId = ctx.message.message_thread_id;
@@ -6677,9 +6909,10 @@ var TelegramAdapter = class extends ChannelAdapter {
     if (this.assistantInitializing && sessionId === this.assistantSession?.id) return;
     const session = this.core.sessionManager.getSession(sessionId);
     if (!session) return;
+    if (session.archiving) return;
     const threadId = Number(session.threadId);
     if (!threadId || isNaN(threadId)) {
-      log20.warn({ sessionId, threadId: session.threadId }, "Session has no valid threadId, skipping message");
+      log21.warn({ sessionId, threadId: session.threadId }, "Session has no valid threadId, skipping message");
       return;
     }
     switch (content.type) {
@@ -6761,7 +6994,7 @@ Task completed.
         if (!content.attachment) break;
         const { attachment } = content;
         if (attachment.size > 50 * 1024 * 1024) {
-          log20.warn({ sessionId, fileName: attachment.fileName, size: attachment.size }, "File too large for Telegram (>50MB)");
+          log21.warn({ sessionId, fileName: attachment.fileName, size: attachment.size }, "File too large for Telegram (>50MB)");
           await this.sendQueue.enqueue(
             () => this.bot.api.sendMessage(
               this.telegramConfig.chatId,
@@ -6793,7 +7026,7 @@ Task completed.
             );
           }
         } catch (err) {
-          log20.error({ err, sessionId, fileName: attachment.fileName }, "Failed to send attachment");
+          log21.error({ err, sessionId, fileName: attachment.fileName }, "Failed to send attachment");
         }
         break;
       }
@@ -6842,16 +7075,30 @@ Task completed.
         );
         break;
       }
+      case "system_message": {
+        await this.sendQueue.enqueue(
+          () => this.bot.api.sendMessage(
+            this.telegramConfig.chatId,
+            escapeHtml(content.text),
+            {
+              message_thread_id: threadId,
+              parse_mode: "HTML",
+              disable_notification: true
+            }
+          )
+        );
+        break;
+      }
     }
   }
   async sendPermissionRequest(sessionId, request) {
-    log20.info({ sessionId, requestId: request.id }, "Permission request sent");
+    log21.info({ sessionId, requestId: request.id }, "Permission request sent");
     const session = this.core.sessionManager.getSession(sessionId);
     if (!session) return;
     if (request.description.includes("openacp")) {
       const allowOption = request.options.find((o) => o.isAllow);
       if (allowOption && session.permissionGate.requestId === request.id) {
-        log20.info({ sessionId, requestId: request.id }, "Auto-approving openacp command");
+        log21.info({ sessionId, requestId: request.id }, "Auto-approving openacp command");
         session.permissionGate.resolve(allowOption.id);
       }
       return;
@@ -6859,7 +7106,7 @@ Task completed.
     if (session.dangerousMode) {
       const allowOption = request.options.find((o) => o.isAllow);
       if (allowOption && session.permissionGate.requestId === request.id) {
-        log20.info({ sessionId, requestId: request.id, optionId: allowOption.id }, "Dangerous mode: auto-approving permission");
+        log21.info({ sessionId, requestId: request.id, optionId: allowOption.id }, "Dangerous mode: auto-approving permission");
         session.permissionGate.resolve(allowOption.id);
       }
       return;
@@ -6870,7 +7117,7 @@ Task completed.
   }
   async sendNotification(notification) {
     if (notification.sessionId === this.assistantSession?.id) return;
-    log20.info(
+    log21.info(
       { sessionId: notification.sessionId, type: notification.type },
       "Notification sent"
     );
@@ -6906,7 +7153,7 @@ Task completed.
     );
   }
   async createSessionThread(sessionId, name) {
-    log20.info({ sessionId, name }, "Session topic created");
+    log21.info({ sessionId, name }, "Session topic created");
     return String(
       await createSessionTopic(this.bot, this.telegramConfig.chatId, name)
     );
@@ -6930,7 +7177,7 @@ Task completed.
     try {
       await this.bot.api.deleteForumTopic(this.telegramConfig.chatId, topicId);
     } catch (err) {
-      log20.warn({ err, sessionId, topicId }, "Failed to delete forum topic (may already be deleted)");
+      log21.warn({ err, sessionId, topicId }, "Failed to delete forum topic (may already be deleted)");
     }
   }
   async sendSkillCommands(sessionId, commands) {
@@ -6954,7 +7201,7 @@ Task completed.
       const buffer = Buffer.from(await response.arrayBuffer());
       return { buffer, filePath: file.file_path };
     } catch (err) {
-      log20.error({ err }, "Failed to download file from Telegram");
+      log21.error({ err }, "Failed to download file from Telegram");
       return null;
     }
   }
@@ -6962,17 +7209,24 @@ Task completed.
     const downloaded = await this.downloadTelegramFile(fileId);
     if (!downloaded) return;
     let buffer = downloaded.buffer;
+    let originalFilePath;
+    const sessionId = this.resolveSessionId(threadId) || "unknown";
     if (convertOggToWav) {
+      const oggAtt = await this.fileService.saveFile(sessionId, "voice.ogg", downloaded.buffer, "audio/ogg");
+      originalFilePath = oggAtt.filePath;
       try {
         buffer = await this.fileService.convertOggToWav(buffer);
       } catch (err) {
-        log20.warn({ err }, "OGG\u2192WAV conversion failed, saving original OGG");
+        log21.warn({ err }, "OGG\u2192WAV conversion failed, saving original OGG");
         fileName = "voice.ogg";
         mimeType = "audio/ogg";
+        originalFilePath = void 0;
       }
     }
-    const sessionId = this.resolveSessionId(threadId) || "unknown";
     const att = await this.fileService.saveFile(sessionId, fileName, buffer, mimeType);
+    if (originalFilePath) {
+      att.originalFilePath = originalFilePath;
+    }
     const rawText = caption || `[${att.type === "image" ? "Photo" : att.type === "audio" ? "Audio" : "File"}: ${att.fileName}]`;
     const text = rawText.startsWith("/") ? rawText.slice(1) : rawText;
     if (threadId === this.assistantTopicId) {
@@ -6989,11 +7243,52 @@ Task completed.
       userId: String(userId),
       text,
       attachments: [att]
-    }).catch((err) => log20.error({ err }, "handleMessage error"));
+    }).catch((err) => log21.error({ err }, "handleMessage error"));
   }
   async cleanupSkillCommands(sessionId) {
     await this.skillManager.cleanup(sessionId);
   }
+  async archiveSessionTopic(sessionId) {
+    const core = this.core;
+    const session = core.sessionManager.getSession(sessionId);
+    if (!session) return null;
+    const chatId = this.telegramConfig.chatId;
+    const oldTopicId = Number(session.threadId);
+    const rawName = (session.name || `Session ${session.id.slice(0, 6)}`).replace(/^🔄\s*/, "");
+    session.archiving = true;
+    await this.draftManager.finalize(session.id, this.assistantSession?.id);
+    this.draftManager.cleanup(session.id);
+    this.toolTracker.cleanup(session.id);
+    await this.skillManager.cleanup(session.id);
+    const tracker = this.sessionTrackers.get(session.id);
+    if (tracker) {
+      tracker.destroy();
+      this.sessionTrackers.delete(session.id);
+    }
+    await deleteSessionTopic(this.bot, chatId, oldTopicId);
+    let newTopicId;
+    try {
+      newTopicId = await createSessionTopic(this.bot, chatId, `\u{1F504} ${rawName}`);
+    } catch (createErr) {
+      session.archiving = false;
+      core.notificationManager.notifyAll({
+        sessionId: session.id,
+        sessionName: session.name,
+        type: "error",
+        summary: `Topic recreation failed for session "${rawName}". Session is orphaned. Error: ${createErr.message}`
+      });
+      throw createErr;
+    }
+    session.threadId = String(newTopicId);
+    const existingRecord = core.sessionManager.getSessionRecord(session.id);
+    const existingPlatform = { ...existingRecord?.platform ?? {} };
+    delete existingPlatform.skillMsgId;
+    await core.sessionManager.patchRecord(session.id, {
+      platform: { ...existingPlatform, topicId: newTopicId }
+    });
+    session.archiving = false;
+    return { newThreadId: String(newTopicId) };
+  }
 };
 
 export {
@@ -7011,10 +7306,13 @@ export {
   SessionBridge,
   NotificationManager,
   MessageTransformer,
+  UsageStore,
+  UsageBudget,
+  SpeechService,
+  GroqSTT,
   OpenACPCore,
-  ChannelAdapter,
   ApiServer,
   TopicManager,
   TelegramAdapter
 };
-//# sourceMappingURL=chunk-LCJIPE5S.js.map
+//# sourceMappingURL=chunk-R3UJUOXI.js.map