@ouro.bot/cli 0.1.0-alpha.38 → 0.1.0-alpha.39

package/changelog.json

@@ -1,6 +1,16 @@
 {
   "_note": "This changelog is maintained as part of the PR/version-bump workflow. Agent-curated, not auto-generated. Agents read this file directly via read_file to understand what changed between versions.",
   "versions": [
+    {
+      "version": "0.1.0-alpha.39",
+      "changes": [
+        "All senses now route through a shared per-turn pipeline — friend resolution, trust gate, session load, pending drain, agent turn, post-turn, and token accumulation happen in one place instead of four.",
+        "Trust gate is now channel-aware: open senses (iMessage) enforce stranger/acquaintance rules, closed senses (Teams) trust the org, local and internal always pass through.",
+        "Tool access and prompt restrictions use a single shared isTrustedLevel check — no more scattered family/friend comparisons that could drift apart.",
+        "Pending messages now inject correctly into multimodal content (image attachments no longer silently drop pending messages).",
+        "ouro reminder create supports --agent flag, matching every other identity-scoped CLI command."
+      ]
+    },
     {
       "version": "0.1.0-alpha.38",
       "changes": [

package/dist/heart/daemon/daemon-cli.js

@@ -39,6 +39,7 @@ exports.discoverExistingCredentials = discoverExistingCredentials;
 exports.createDefaultOuroCliDeps = createDefaultOuroCliDeps;
 exports.runOuroCli = runOuroCli;
 const child_process_1 = require("child_process");
+const crypto_1 = require("crypto");
 const fs = __importStar(require("fs"));
 const net = __importStar(require("net"));
 const os = __importStar(require("os"));
@@ -225,6 +226,18 @@ async function ensureDaemonRunning(deps) {
         message: `daemon started (pid ${started.pid ?? "unknown"})`,
     };
 }
+/**
+ * Extract `--agent <name>` from an args array, returning the agent name and
+ * the remaining args with the flag pair removed.
+ */
+function extractAgentFlag(args) {
+    const idx = args.indexOf("--agent");
+    if (idx === -1 || idx + 1 >= args.length)
+        return { rest: args };
+    const agent = args[idx + 1];
+    const rest = [...args.slice(0, idx), ...args.slice(idx + 2)];
+    return { agent, rest };
+}
 function usage() {
     return [
         "Usage:",
@@ -235,18 +248,19 @@ function usage() {
         "  ouro msg --to <agent> [--session <id>] [--task <ref>] <message>",
         "  ouro poke <agent> --task <task-id>",
         "  ouro link <agent> --friend <id> --provider <provider> --external-id <external-id>",
-        "  ouro task board [<status>]",
-        "  ouro task create <title> [--type <type>]",
-        "  ouro task update <id> <status>",
-        "  ouro task show <id>",
-        "  ouro task actionable|deps|sessions",
-        "  ouro reminder create <title> --body <body> [--at <iso>] [--cadence <interval>] [--category <category>]",
-        "  ouro friend list",
-        "  ouro friend show <id>",
+        "  ouro task board [<status>] [--agent <name>]",
+        "  ouro task create <title> [--type <type>] [--agent <name>]",
+        "  ouro task update <id> <status> [--agent <name>]",
+        "  ouro task show <id> [--agent <name>]",
+        "  ouro task actionable|deps|sessions [--agent <name>]",
+        "  ouro reminder create <title> --body <body> [--at <iso>] [--cadence <interval>] [--category <category>] [--agent <name>]",
+        "  ouro friend list [--agent <name>]",
+        "  ouro friend show <id> [--agent <name>]",
+        "  ouro friend create --name <name> [--trust <level>] [--agent <name>]",
         "  ouro friend link <agent> --friend <id> --provider <p> --external-id <eid>",
         "  ouro friend unlink <agent> --friend <id> --provider <p> --external-id <eid>",
-        "  ouro whoami",
-        "  ouro session list",
+        "  ouro whoami [--agent <name>]",
+        "  ouro session list [--agent <name>]",
     ].join("\n");
 }
 function formatVersionOutput() {
@@ -446,12 +460,15 @@ function parseHatchCommand(args) {
     };
 }
 function parseTaskCommand(args) {
-    const [sub, ...rest] = args;
+    const { agent, rest: cleaned } = extractAgentFlag(args);
+    const [sub, ...rest] = cleaned;
     if (!sub)
         throw new Error(`Usage\n${usage()}`);
     if (sub === "board") {
         const status = rest[0];
-        return status ? { kind: "task.board", status } : { kind: "task.board" };
+        return status
+            ? { kind: "task.board", status, ...(agent ? { agent } : {}) }
+            : { kind: "task.board", ...(agent ? { agent } : {}) };
     }
     if (sub === "create") {
         const title = rest[0];
@@ -464,31 +481,34 @@ function parseTaskCommand(args) {
                 i += 1;
             }
         }
-        return type ? { kind: "task.create", title, type } : { kind: "task.create", title };
+        return type
+            ? { kind: "task.create", title, type, ...(agent ? { agent } : {}) }
+            : { kind: "task.create", title, ...(agent ? { agent } : {}) };
     }
     if (sub === "update") {
         const id = rest[0];
         const status = rest[1];
         if (!id || !status)
             throw new Error(`Usage\n${usage()}`);
-        return { kind: "task.update", id, status };
+        return { kind: "task.update", id, status, ...(agent ? { agent } : {}) };
     }
     if (sub === "show") {
         const id = rest[0];
         if (!id)
             throw new Error(`Usage\n${usage()}`);
-        return { kind: "task.show", id };
+        return { kind: "task.show", id, ...(agent ? { agent } : {}) };
     }
     if (sub === "actionable")
-        return { kind: "task.actionable" };
+        return { kind: "task.actionable", ...(agent ? { agent } : {}) };
     if (sub === "deps")
-        return { kind: "task.deps" };
+        return { kind: "task.deps", ...(agent ? { agent } : {}) };
     if (sub === "sessions")
-        return { kind: "task.sessions" };
+        return { kind: "task.sessions", ...(agent ? { agent } : {}) };
     throw new Error(`Usage\n${usage()}`);
 }
 function parseReminderCommand(args) {
-    const [sub, ...rest] = args;
+    const { agent, rest: cleaned } = extractAgentFlag(args);
+    const [sub, ...rest] = cleaned;
     if (!sub)
         throw new Error(`Usage\n${usage()}`);
     if (sub === "create") {
@@ -528,29 +548,54 @@ function parseReminderCommand(args) {
             ...(scheduledAt ? { scheduledAt } : {}),
             ...(cadence ? { cadence } : {}),
             ...(category ? { category } : {}),
+            ...(agent ? { agent } : {}),
         };
     }
     throw new Error(`Usage\n${usage()}`);
 }
 function parseSessionCommand(args) {
-    const [sub] = args;
+    const { agent, rest: cleaned } = extractAgentFlag(args);
+    const [sub] = cleaned;
     if (!sub)
         throw new Error(`Usage\n${usage()}`);
     if (sub === "list")
-        return { kind: "session.list" };
+        return { kind: "session.list", ...(agent ? { agent } : {}) };
     throw new Error(`Usage\n${usage()}`);
 }
 function parseFriendCommand(args) {
-    const [sub, ...rest] = args;
+    const { agent, rest: cleaned } = extractAgentFlag(args);
+    const [sub, ...rest] = cleaned;
     if (!sub)
         throw new Error(`Usage\n${usage()}`);
     if (sub === "list")
-        return { kind: "friend.list" };
+        return { kind: "friend.list", ...(agent ? { agent } : {}) };
     if (sub === "show") {
         const friendId = rest[0];
         if (!friendId)
             throw new Error(`Usage\n${usage()}`);
-        return { kind: "friend.show", friendId };
+        return { kind: "friend.show", friendId, ...(agent ? { agent } : {}) };
+    }
+    if (sub === "create") {
+        let name;
+        let trustLevel;
+        for (let i = 0; i < rest.length; i++) {
+            if (rest[i] === "--name" && rest[i + 1]) {
+                name = rest[i + 1];
+                i += 1;
+            }
+            else if (rest[i] === "--trust" && rest[i + 1]) {
+                trustLevel = rest[i + 1];
+                i += 1;
+            }
+        }
+        if (!name)
+            throw new Error(`Usage\n${usage()}`);
+        return {
+            kind: "friend.create",
+            name,
+            ...(trustLevel ? { trustLevel } : {}),
+            ...(agent ? { agent } : {}),
+        };
     }
     if (sub === "link")
         return parseLinkCommand(rest, "friend.link");
@@ -578,8 +623,10 @@ function parseOuroCommand(args) {
         return parseReminderCommand(args.slice(1));
     if (head === "friend")
         return parseFriendCommand(args.slice(1));
-    if (head === "whoami")
-        return { kind: "whoami" };
+    if (head === "whoami") {
+        const { agent } = extractAgentFlag(args.slice(1));
+        return { kind: "whoami", ...(agent ? { agent } : {}) };
+    }
     if (head === "session")
         return parseSessionCommand(args.slice(1));
     if (head === "chat") {
@@ -1193,6 +1240,25 @@ async function executeFriendCommand(command, store) {
             return `friend not found: ${command.friendId}`;
         return JSON.stringify(record, null, 2);
     }
+    if (command.kind === "friend.create") {
+        const now = new Date().toISOString();
+        const id = (0, crypto_1.randomUUID)();
+        const trustLevel = (command.trustLevel ?? "acquaintance");
+        await store.put(id, {
+            id,
+            name: command.name,
+            trustLevel,
+            externalIds: [],
+            tenantMemberships: [],
+            toolPreferences: {},
+            notes: {},
+            totalTokens: 0,
+            createdAt: now,
+            updatedAt: now,
+            schemaVersion: 1,
+        });
+        return `created: ${id} (${command.name}, ${trustLevel})`;
+    }
     if (command.kind === "friend.link") {
         const current = await store.get(command.friendId);
         if (!current)
@@ -1382,13 +1448,15 @@ async function runOuroCli(args, deps = createDefaultOuroCliDeps()) {
         return message;
     }
     // ── friend subcommands (local, no daemon socket needed) ──
-    if (command.kind === "friend.list" || command.kind === "friend.show" || command.kind === "friend.link" || command.kind === "friend.unlink") {
+    if (command.kind === "friend.list" || command.kind === "friend.show" || command.kind === "friend.create" ||
+        command.kind === "friend.link" || command.kind === "friend.unlink") {
         /* v8 ignore start -- production default: requires full identity setup @preserve */
         let store = deps.friendStore;
         if (!store) {
-            // link/unlink operate on a specific agent's friend store
-            const friendsDir = (command.kind === "friend.link" || command.kind === "friend.unlink")
-                ? path.join((0, identity_1.getAgentBundlesRoot)(), `${command.agent}.ouro`, "friends")
+            // Derive agent-scoped friends dir from --agent flag or link/unlink's agent field
+            const agentName = ("agent" in command && command.agent) ? command.agent : undefined;
+            const friendsDir = agentName
+                ? path.join((0, identity_1.getAgentBundlesRoot)(), `${agentName}.ouro`, "friends")
                 : path.join((0, identity_1.getAgentBundlesRoot)(), "friends");
             store = new store_file_1.FileFriendStore(friendsDir);
         }
@@ -1399,22 +1467,39 @@ async function runOuroCli(args, deps = createDefaultOuroCliDeps()) {
     }
     // ── whoami (local, no daemon socket needed) ──
     if (command.kind === "whoami") {
+        if (command.agent) {
+            const agentRoot = path.join((0, identity_1.getAgentBundlesRoot)(), `${command.agent}.ouro`);
+            const message = [
+                `agent: ${command.agent}`,
+                `home: ${agentRoot}`,
+                `bones: ${(0, runtime_metadata_1.getRuntimeMetadata)().version}`,
+            ].join("\n");
+            deps.writeStdout(message);
+            return message;
+        }
         /* v8 ignore start -- production default: requires full identity setup @preserve */
-        const info = deps.whoamiInfo
-            ? deps.whoamiInfo()
-            : {
-                agentName: (0, identity_1.getAgentName)(),
-                homePath: path.join((0, identity_1.getAgentBundlesRoot)(), `${(0, identity_1.getAgentName)()}.ouro`),
-                bonesVersion: (0, runtime_metadata_1.getRuntimeMetadata)().version,
-            };
+        try {
+            const info = deps.whoamiInfo
+                ? deps.whoamiInfo()
+                : {
+                    agentName: (0, identity_1.getAgentName)(),
+                    homePath: path.join((0, identity_1.getAgentBundlesRoot)(), `${(0, identity_1.getAgentName)()}.ouro`),
+                    bonesVersion: (0, runtime_metadata_1.getRuntimeMetadata)().version,
+                };
+            const message = [
+                `agent: ${info.agentName}`,
+                `home: ${info.homePath}`,
+                `bones: ${info.bonesVersion}`,
+            ].join("\n");
+            deps.writeStdout(message);
+            return message;
+        }
+        catch {
+            const message = "error: no agent context — use --agent <name> to specify";
+            deps.writeStdout(message);
+            return message;
+        }
         /* v8 ignore stop */
-        const message = [
-            `agent: ${info.agentName}`,
-            `home: ${info.homePath}`,
-            `bones: ${info.bonesVersion}`,
-        ].join("\n");
-        deps.writeStdout(message);
-        return message;
     }
     // ── session list (local, no daemon socket needed) ──
     if (command.kind === "session.list") {

package/dist/heart/daemon/daemon.js

@@ -46,6 +46,8 @@ const bundle_manifest_1 = require("../../mind/bundle-manifest");
 const update_checker_1 = require("./update-checker");
 const staged_restart_1 = require("./staged-restart");
 const child_process_1 = require("child_process");
+const pending_1 = require("../../mind/pending");
+const channel_1 = require("../../mind/friends/channel");
 function buildWorkerRows(snapshots) {
     return snapshots.map((snapshot) => ({
         agent: snapshot.name,
@@ -156,6 +158,7 @@ class OuroDaemon {
         this.scheduler.start?.();
         await this.scheduler.reconcile?.();
         await this.drainPendingBundleMessages();
+        await this.drainPendingSenseMessages();
         if (fs.existsSync(this.socketPath)) {
             fs.unlinkSync(this.socketPath);
         }
@@ -231,6 +234,93 @@ class OuroDaemon {
             fs.writeFileSync(pendingPath, next, "utf-8");
         }
     }
+    /** Drains per-sense pending dirs for always-on senses across all agents. */
+    static ALWAYS_ON_SENSES = new Set((0, channel_1.getAlwaysOnSenseNames)());
+    async drainPendingSenseMessages() {
+        if (!fs.existsSync(this.bundlesRoot))
+            return;
+        let bundleDirs;
+        try {
+            bundleDirs = fs.readdirSync(this.bundlesRoot, { withFileTypes: true });
+        }
+        catch {
+            return;
+        }
+        for (const bundleDir of bundleDirs) {
+            if (!bundleDir.isDirectory() || !bundleDir.name.endsWith(".ouro"))
+                continue;
+            const agentName = bundleDir.name.replace(/\.ouro$/, "");
+            const pendingRoot = path.join(this.bundlesRoot, bundleDir.name, "state", "pending");
+            if (!fs.existsSync(pendingRoot))
+                continue;
+            let friendDirs;
+            try {
+                friendDirs = fs.readdirSync(pendingRoot, { withFileTypes: true });
+            }
+            catch {
+                continue;
+            }
+            for (const friendDir of friendDirs) {
+                if (!friendDir.isDirectory())
+                    continue;
+                const friendPath = path.join(pendingRoot, friendDir.name);
+                let channelDirs;
+                try {
+                    channelDirs = fs.readdirSync(friendPath, { withFileTypes: true });
+                }
+                catch {
+                    continue;
+                }
+                for (const channelDir of channelDirs) {
+                    if (!channelDir.isDirectory())
+                        continue;
+                    if (!OuroDaemon.ALWAYS_ON_SENSES.has(channelDir.name))
+                        continue;
+                    const channelPath = path.join(friendPath, channelDir.name);
+                    let keyDirs;
+                    try {
+                        keyDirs = fs.readdirSync(channelPath, { withFileTypes: true });
+                    }
+                    catch {
+                        continue;
+                    }
+                    for (const keyDir of keyDirs) {
+                        if (!keyDir.isDirectory())
+                            continue;
+                        const leafDir = path.join(channelPath, keyDir.name);
+                        const messages = (0, pending_1.drainPending)(leafDir);
+                        for (const msg of messages) {
+                            try {
+                                await this.router.send({
+                                    from: msg.from,
+                                    to: agentName,
+                                    content: msg.content,
+                                    priority: "normal",
+                                });
+                            }
+                            catch {
+                                // Best-effort delivery — log and continue
+                            }
+                        }
+                        if (messages.length > 0) {
+                            (0, runtime_1.emitNervesEvent)({
+                                component: "daemon",
+                                event: "daemon.startup_sense_drain",
+                                message: "drained pending sense messages on startup",
+                                meta: {
+                                    agent: agentName,
+                                    channel: channelDir.name,
+                                    friendId: friendDir.name,
+                                    key: keyDir.name,
+                                    count: messages.length,
+                                },
+                            });
+                        }
+                    }
+                }
+            }
+        }
+    }
     async stop() {
         (0, runtime_1.emitNervesEvent)({
             component: "daemon",

package/dist/mind/friends/channel.js

@@ -3,10 +3,13 @@
 // Pure lookup, no I/O, cannot fail. Unknown channel gets minimal defaults.
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getChannelCapabilities = getChannelCapabilities;
+exports.isRemoteChannel = isRemoteChannel;
+exports.getAlwaysOnSenseNames = getAlwaysOnSenseNames;
 const runtime_1 = require("../../nerves/runtime");
 const CHANNEL_CAPABILITIES = {
     cli: {
         channel: "cli",
+        senseType: "local",
         availableIntegrations: [],
         supportsMarkdown: false,
         supportsStreaming: true,
@@ -15,6 +18,7 @@ const CHANNEL_CAPABILITIES = {
     },
     teams: {
         channel: "teams",
+        senseType: "closed",
         availableIntegrations: ["ado", "graph", "github"],
         supportsMarkdown: true,
         supportsStreaming: true,
@@ -23,6 +27,7 @@ const CHANNEL_CAPABILITIES = {
     },
     bluebubbles: {
         channel: "bluebubbles",
+        senseType: "open",
         availableIntegrations: [],
         supportsMarkdown: false,
         supportsStreaming: false,
@@ -31,6 +36,7 @@ const CHANNEL_CAPABILITIES = {
     },
     inner: {
         channel: "inner",
+        senseType: "internal",
         availableIntegrations: [],
         supportsMarkdown: false,
         supportsStreaming: true,
@@ -40,6 +46,7 @@ const CHANNEL_CAPABILITIES = {
 };
 const DEFAULT_CAPABILITIES = {
     channel: "cli",
+    senseType: "local",
     availableIntegrations: [],
     supportsMarkdown: false,
     supportsStreaming: false,
@@ -55,3 +62,23 @@ function getChannelCapabilities(channel) {
     });
     return CHANNEL_CAPABILITIES[channel] ?? DEFAULT_CAPABILITIES;
 }
+/** Whether the channel is remote (open or closed) vs local/internal. */
+function isRemoteChannel(capabilities) {
+    const senseType = capabilities?.senseType;
+    return senseType !== undefined && senseType !== "local" && senseType !== "internal";
+}
+/**
+ * Returns channel names whose senseType is "open" or "closed" -- i.e. channels
+ * that are always-on (daemon-managed) rather than interactive or internal.
+ */
+function getAlwaysOnSenseNames() {
+    (0, runtime_1.emitNervesEvent)({
+        component: "channels",
+        event: "channel.always_on_lookup",
+        message: "always-on sense names lookup",
+        meta: {},
+    });
+    return Object.entries(CHANNEL_CAPABILITIES)
+        .filter(([, cap]) => cap.senseType === "open" || cap.senseType === "closed")
+        .map(([channel]) => channel);
+}

package/dist/mind/friends/types.js

@@ -2,8 +2,10 @@
 // Context kernel type definitions.
 // FriendRecord (merged identity + memory), channel capabilities, and resolved context.
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.TRUSTED_LEVELS = void 0;
 exports.isIdentityProvider = isIdentityProvider;
 exports.isIntegration = isIntegration;
+exports.isTrustedLevel = isTrustedLevel;
 const runtime_1 = require("../../nerves/runtime");
 const IDENTITY_PROVIDERS = new Set(["aad", "local", "teams-conversation", "imessage-handle"]);
 function isIdentityProvider(value) {
@@ -19,3 +21,9 @@ const INTEGRATIONS = new Set(["ado", "github", "graph"]);
 function isIntegration(value) {
     return typeof value === "string" && INTEGRATIONS.has(value);
 }
+/** Trust levels that grant full tool access and proactive send capability. */
+exports.TRUSTED_LEVELS = new Set(["family", "friend"]);
+/** Whether a trust level grants full access (family or friend). Defaults to "friend" for legacy records. */
+function isTrustedLevel(trustLevel) {
+    return exports.TRUSTED_LEVELS.has(trustLevel ?? "friend");
+}

package/dist/mind/pending.js

@@ -33,7 +33,9 @@ var __importStar = (this && this.__importStar) || (function () {
     };
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.INNER_DIALOG_PENDING = void 0;
 exports.getPendingDir = getPendingDir;
+exports.getInnerDialogPendingDir = getInnerDialogPendingDir;
 exports.drainPending = drainPending;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
@@ -42,6 +44,12 @@ const runtime_1 = require("../nerves/runtime");
 function getPendingDir(agentName, friendId, channel, key) {
     return path.join((0, identity_1.getAgentRoot)(agentName), "state", "pending", friendId, channel, key);
 }
+/** Canonical inner-dialog pending path segments. */
+exports.INNER_DIALOG_PENDING = { friendId: "self", channel: "inner", key: "dialog" };
+/** Returns the pending dir for this agent's inner dialog. */
+function getInnerDialogPendingDir(agentName) {
+    return getPendingDir(agentName, exports.INNER_DIALOG_PENDING.friendId, exports.INNER_DIALOG_PENDING.channel, exports.INNER_DIALOG_PENDING.key);
+}
 function drainPending(pendingDir) {
     if (!fs.existsSync(pendingDir))
         return [];

package/dist/mind/prompt.js

@@ -41,6 +41,8 @@ exports.toolRestrictionSection = toolRestrictionSection;
 exports.contextSection = contextSection;
 exports.metacognitiveFramingSection = metacognitiveFramingSection;
 exports.loopOrientationSection = loopOrientationSection;
+exports.channelNatureSection = channelNatureSection;
+exports.mixedTrustGroupSection = mixedTrustGroupSection;
 exports.buildSystem = buildSystem;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
@@ -48,6 +50,7 @@ const core_1 = require("../heart/core");
 const tools_1 = require("../repertoire/tools");
 const skills_1 = require("../repertoire/skills");
 const identity_1 = require("../heart/identity");
+const types_1 = require("./friends/types");
 const channel_1 = require("./friends/channel");
 const runtime_1 = require("../nerves/runtime");
 const bundle_manifest_1 = require("./bundle-manifest");
@@ -368,34 +371,16 @@ function toolsSection(channel, options, context) {
         .join("\n");
     return `## my tools\n${list}`;
 }
-const RESTRICTED_TOOLS = ["shell", "read_file", "write_file", "edit_file", "glob", "grep"];
-function isRemoteChannel(channel) {
-    return channel === "teams" || channel === "bluebubbles";
-}
-function isSharedContext(friend) {
-    const externalIds = friend.externalIds ?? [];
-    return externalIds.some((eid) => eid.externalId.startsWith("group:") || eid.provider === "teams-conversation");
-}
 function toolRestrictionSection(context) {
-    if (!context?.friend || !isRemoteChannel(context.channel?.channel))
+    if (!context?.friend || !(0, channel_1.isRemoteChannel)(context.channel))
         return "";
-    const trustLevel = context.friend.trustLevel ?? "stranger";
-    const lowTrust = trustLevel === "stranger" || trustLevel === "acquaintance";
-    const shared = isSharedContext(context.friend);
-    if (!lowTrust && !shared)
+    if ((0, types_1.isTrustedLevel)(context.friend.trustLevel))
         return "";
-    const reasons = [];
-    if (lowTrust) {
-        reasons.push("i don't know this person well enough yet to run local operations on their behalf");
-    }
-    if (shared) {
-        reasons.push("this is a shared channel — local operations could let conversations interfere with each other");
-    }
-    const toolList = RESTRICTED_TOOLS.join(", ");
+    const toolList = [...tools_1.REMOTE_BLOCKED_LOCAL_TOOLS].join(", ");
     return `## restricted tools
 some of my tools are unavailable right now: ${toolList}
 
-${reasons.join(". ")}. i can suggest remote-safe alternatives or ask them to run it from CLI.`;
+i don't know this person well enough yet to run local operations on their behalf. i can suggest remote-safe alternatives or ask them to run it from CLI.`;
 }
 function skillsSection() {
     const names = (0, skills_1.listSkills)() || [];
@@ -514,6 +499,23 @@ function loopOrientationSection(channel) {
 
 when something deserves more thought than the moment allows, i can note it to myself and come back later with a considered answer.`;
 }
+function channelNatureSection(capabilities) {
+    const { senseType } = capabilities;
+    if (senseType === "local" || senseType === "internal")
+        return "";
+    if (senseType === "open") {
+        return "## channel nature\nthis is an open channel — anyone with my number can reach me here. i may hear from people i don't know.";
+    }
+    // closed
+    return "## channel nature\nthis is an org-gated channel — i know everyone here is already part of the organization.";
+}
+function mixedTrustGroupSection(context) {
+    if (!context?.friend || !(0, channel_1.isRemoteChannel)(context.channel))
+        return "";
+    if (!context.isGroupChat)
+        return "";
+    return "## mixed trust group\nin this group chat, my capabilities depend on who's talking. some people here have full trust, others don't — i adjust what i can do based on who's asking.";
+}
 async function buildSystem(channel = "cli", options, context) {
     (0, runtime_1.emitNervesEvent)({
         event: "mind.step_start",
@@ -533,10 +535,12 @@ async function buildSystem(channel = "cli", options, context) {
         metacognitiveFramingSection(channel),
         loopOrientationSection(channel),
         runtimeInfoSection(channel),
+        channelNatureSection((0, channel_1.getChannelCapabilities)(channel)),
         providerSection(),
         dateSection(),
         toolsSection(channel, options, context),
         toolRestrictionSection(context),
+        mixedTrustGroupSection(context),
         skillsSection(),
         taskBoardSection(),
         buildSessionSummary({

package/dist/repertoire/tools-base.js

@@ -661,7 +661,7 @@ exports.baseToolDefinitions = [
             // regardless of the channel or key the agent specified.
             const isSelf = friendId === "self";
             const pendingDir = isSelf
-                ? (0, pending_1.getPendingDir)(agentName, "self", "inner", "dialog")
+                ? (0, pending_1.getInnerDialogPendingDir)(agentName)
                 : (0, pending_1.getPendingDir)(agentName, friendId, channel, key);
             fs.mkdirSync(pendingDir, { recursive: true });
             const fileName = `${now}-${Math.random().toString(36).slice(2, 10)}.json`;