@ouro.bot/cli 0.1.0-alpha.4 → 0.1.0-alpha.400

package/dist/repertoire/vault-unlock.js

@@ -0,0 +1,382 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.vaultUnlockReplaceRecoverFix = vaultUnlockReplaceRecoverFix;
+exports.resolveVaultUnlockStore = resolveVaultUnlockStore;
+exports.readVaultUnlockSecret = readVaultUnlockSecret;
+exports.storeVaultUnlockSecret = storeVaultUnlockSecret;
+exports.getVaultUnlockStatus = getVaultUnlockStatus;
+const node_child_process_1 = require("node:child_process");
+const crypto = __importStar(require("node:crypto"));
+const fs = __importStar(require("node:fs"));
+const os = __importStar(require("node:os"));
+const path = __importStar(require("node:path"));
+const runtime_1 = require("../nerves/runtime");
+const VAULT_UNLOCK_SERVICE = "ouro.vault";
+const PLAINTEXT_UNLOCK_DIR = path.join(".ouro-cli", "vault-unlock");
+const WINDOWS_DPAPI_UNLOCK_DIR = path.join(".ouro-cli", "vault-unlock-dpapi");
+const SUPPORTED_STORES = ["auto", "macos-keychain", "windows-dpapi", "linux-secret-service", "plaintext-file"];
+function platform(deps) {
+    return deps.platform ?? process.platform;
+}
+function spawnSync(deps) {
+    return deps.spawnSync ?? node_child_process_1.spawnSync;
+}
+function homeDir(deps) {
+    return deps.homeDir ?? os.homedir();
+}
+function vaultKey(config) {
+    return `${config.serverUrl}:${config.email}`;
+}
+function vaultLabel(config) {
+    return `${config.email} at ${config.serverUrl}`;
+}
+function plaintextUnlockPath(config, deps) {
+    const digest = crypto.createHash("sha256").update(vaultKey(config)).digest("hex").slice(0, 24);
+    return path.join(homeDir(deps), PLAINTEXT_UNLOCK_DIR, `${digest}.secret`);
+}
+function windowsDpapiUnlockPath(config, deps) {
+    const digest = crypto.createHash("sha256").update(vaultKey(config)).digest("hex").slice(0, 24);
+    const localAppData = process.env.LOCALAPPDATA;
+    const baseDir = localAppData && platform(deps) === "win32"
+        ? path.join(localAppData, "Ouro")
+        : path.join(homeDir(deps), WINDOWS_DPAPI_UNLOCK_DIR);
+    return path.join(baseDir, "vault-unlock", `${digest}.dpapi`);
+}
+function commandExists(command, deps) {
+    const result = spawnSync(deps)(command, ["--version"], { encoding: "utf8" });
+    const code = result.error?.code;
+    return code !== "ENOENT";
+}
+function missingSecureStoreMessage(config) {
+    const agentPart = config.agentName ? ` for ${config.agentName}` : "";
+    return [
+        `No supported secure local secret store was found on this machine${agentPart}.`,
+        "",
+        `Ouro knows the credential vault is ${vaultLabel(config)}, but it cannot cache the vault unlock secret here yet.`,
+        "",
+        "On macOS, Ouro uses Keychain automatically.",
+        "On Windows, Ouro uses a CurrentUser DPAPI-encrypted local file automatically.",
+        "On Linux/WSL, install and configure Secret Service/libsecret, or choose the explicit plaintext fallback on a trusted machine.",
+        "",
+        config.agentName
+            ? `Run \`ouro vault unlock --agent ${config.agentName} --store plaintext-file\` to store the vault unlock secret in a chmod 0600 local file.`
+            : "Run `ouro vault unlock --store plaintext-file` to store the vault unlock secret in a chmod 0600 local file.",
+    ].join("\n");
+}
+function vaultUnlockReplaceRecoverFix(agentName, nextStep = "Then run 'ouro up' again.") {
+    return [
+        `Run 'ouro vault unlock --agent ${agentName}' if you have the saved vault unlock secret.`,
+        `If this agent predates vault auth or nobody saved the unlock secret, run 'ouro vault replace --agent ${agentName}' to create a new empty vault, then re-auth/re-enter credentials.`,
+        `If you do have a local JSON credential export, run 'ouro vault recover --agent ${agentName} --from <json>' to create the agent vault and import it.`,
+        nextStep,
+    ].join(" ");
+}
+function lostUnlockSecretGuidance(config) {
+    if (!config.agentName) {
+        return "If nobody saved that unlock secret, run `ouro vault replace --agent <agent>` to create a new empty vault and re-enter credentials. If you do have a local JSON credential export, run `ouro vault recover --agent <agent> --from <json>` to import it.";
+    }
+    return [
+        `If nobody saved that unlock secret, run \`ouro vault replace --agent ${config.agentName}\` to create a new empty vault and re-enter credentials.`,
+        `If you do have a local JSON credential export, run \`ouro vault recover --agent ${config.agentName} --from <json>\` to import it.`,
+    ].join(" ");
+}
+function lockedMessage(config, store) {
+    const agentPart = config.agentName ? ` for ${config.agentName}` : "";
+    const command = config.agentName
+        ? `ouro vault unlock --agent ${config.agentName}${store.kind === "plaintext-file" ? " --store plaintext-file" : ""}`
+        : `ouro vault unlock${store.kind === "plaintext-file" ? " --store plaintext-file" : ""}`;
+    return [
+        `Ouro credential vault is locked on this machine${agentPart}.`,
+        "",
+        `Vault: ${vaultLabel(config)}`,
+        `Local unlock store: ${store.kind} (${store.location})`,
+        "",
+        "Provider credentials are still stored in the agent vault.",
+        "This computer does not currently have usable local unlock material for that vault.",
+        "This can happen on a new computer, after a local profile or hostname migration, or if the local unlock entry was removed.",
+        "",
+        `Run \`${command}\` and enter the saved agent vault unlock secret from the human/operator who controls that vault.`,
+        lostUnlockSecretGuidance(config),
+    ].join("\n");
+}
+function validateStoreKind(store) {
+    const requested = store ?? "auto";
+    if (!SUPPORTED_STORES.includes(requested)) {
+        throw new Error(`unknown vault unlock store '${requested}'. Use auto|macos-keychain|windows-dpapi|linux-secret-service|plaintext-file.`);
+    }
+    return requested;
+}
+function resolveVaultUnlockStore(config, deps = {}) {
+    const requested = validateStoreKind(deps.store);
+    const currentPlatform = platform(deps);
+    if (requested === "macos-keychain") {
+        if (currentPlatform !== "darwin") {
+            throw new Error(`macos-keychain unlock store is only available on macOS; this machine is ${currentPlatform}.`);
+        }
+        return { kind: "macos-keychain", secure: true, location: "macOS Keychain" };
+    }
+    if (requested === "linux-secret-service") {
+        if (currentPlatform !== "linux") {
+            throw new Error(`linux-secret-service unlock store is only available on Linux/WSL; this machine is ${currentPlatform}.`);
+        }
+        if (!commandExists("secret-tool", deps)) {
+            throw new Error("linux-secret-service unlock store requires the `secret-tool` command from libsecret.");
+        }
+        return { kind: "linux-secret-service", secure: true, location: "Secret Service via secret-tool" };
+    }
+    if (requested === "windows-dpapi") {
+        if (currentPlatform !== "win32") {
+            throw new Error(`windows-dpapi unlock store is only available on Windows; this machine is ${currentPlatform}.`);
+        }
+        return { kind: "windows-dpapi", secure: true, location: windowsDpapiUnlockPath(config, deps) };
+    }
+    if (requested === "plaintext-file") {
+        return { kind: "plaintext-file", secure: false, location: plaintextUnlockPath(config, deps) };
+    }
+    if (currentPlatform === "darwin") {
+        return { kind: "macos-keychain", secure: true, location: "macOS Keychain" };
+    }
+    if (currentPlatform === "win32") {
+        return { kind: "windows-dpapi", secure: true, location: windowsDpapiUnlockPath(config, deps) };
+    }
+    if (currentPlatform === "linux" && commandExists("secret-tool", deps)) {
+        return { kind: "linux-secret-service", secure: true, location: "Secret Service via secret-tool" };
+    }
+    throw new Error(missingSecureStoreMessage(config));
+}
+function readFromMacosKeychain(config, deps) {
+    const result = spawnSync(deps)("security", [
+        "find-generic-password",
+        "-s",
+        VAULT_UNLOCK_SERVICE,
+        "-a",
+        vaultKey(config),
+        "-w",
+    ], { encoding: "utf8" });
+    const secret = typeof result.stdout === "string" ? result.stdout.trim() : "";
+    return result.status === 0 && secret ? secret : null;
+}
+function writeToMacosKeychain(config, secret, deps) {
+    const result = spawnSync(deps)("security", [
+        "add-generic-password",
+        "-U",
+        "-s",
+        VAULT_UNLOCK_SERVICE,
+        "-a",
+        vaultKey(config),
+        "-w",
+        secret,
+    ], { encoding: "utf8" });
+    if (result.status !== 0) {
+        const stderr = typeof result.stderr === "string" ? result.stderr.trim() : "";
+        throw new Error(`failed to store vault unlock secret in macOS Keychain${stderr ? `: ${stderr}` : ""}`);
+    }
+}
+function readFromLinuxSecretService(config, deps) {
+    const result = spawnSync(deps)("secret-tool", [
+        "lookup",
+        "service",
+        VAULT_UNLOCK_SERVICE,
+        "account",
+        vaultKey(config),
+    ], { encoding: "utf8" });
+    const secret = typeof result.stdout === "string" ? result.stdout.trim() : "";
+    return result.status === 0 && secret ? secret : null;
+}
+function writeToLinuxSecretService(config, secret, deps) {
+    const result = spawnSync(deps)("secret-tool", [
+        "store",
+        "--label",
+        `Ouro credential vault ${vaultLabel(config)}`,
+        "service",
+        VAULT_UNLOCK_SERVICE,
+        "account",
+        vaultKey(config),
+    ], { encoding: "utf8", input: secret });
+    if (result.status !== 0) {
+        const stderr = typeof result.stderr === "string" ? result.stderr.trim() : "";
+        throw new Error(`failed to store vault unlock secret in Linux Secret Service${stderr ? `: ${stderr}` : ""}`);
+    }
+}
+function runWindowsDpapi(mode, payload, deps) {
+    const script = `
+$ErrorActionPreference = "Stop"
+$inputJson = [Console]::In.ReadToEnd()
+$payload = $inputJson | ConvertFrom-Json
+Add-Type -AssemblyName System.Security
+if ($payload.mode -eq "protect") {
+  $bytes = [Text.Encoding]::UTF8.GetBytes([string]$payload.secret)
+  $protected = [Security.Cryptography.ProtectedData]::Protect($bytes, $null, [Security.Cryptography.DataProtectionScope]::CurrentUser)
+  [Console]::Out.Write([Convert]::ToBase64String($protected))
+} elseif ($payload.mode -eq "unprotect") {
+  $protected = [Convert]::FromBase64String([string]$payload.ciphertext)
+  $bytes = [Security.Cryptography.ProtectedData]::Unprotect($protected, $null, [Security.Cryptography.DataProtectionScope]::CurrentUser)
+  [Console]::Out.Write([Text.Encoding]::UTF8.GetString($bytes))
+} else {
+  throw "unknown DPAPI mode"
+}
+`;
+    const result = spawnSync(deps)("powershell.exe", [
+        "-NoProfile",
+        "-NonInteractive",
+        "-ExecutionPolicy",
+        "Bypass",
+        "-Command",
+        script,
+    ], {
+        encoding: "utf8",
+        input: JSON.stringify({ mode, ...payload }),
+    });
+    if (result.status !== 0) {
+        const stderr = typeof result.stderr === "string" ? result.stderr.trim() : "";
+        const error = result.error instanceof Error ? result.error.message : stderr;
+        throw new Error(`Windows DPAPI ${mode} failed${error ? `: ${error}` : ""}`);
+    }
+    return typeof result.stdout === "string" ? result.stdout : "";
+}
+function readFromWindowsDpapi(config, deps) {
+    const filePath = windowsDpapiUnlockPath(config, deps);
+    if (!fs.existsSync(filePath))
+        return null;
+    const ciphertext = fs.readFileSync(filePath, "utf8").trim();
+    if (!ciphertext)
+        return null;
+    const secret = runWindowsDpapi("unprotect", { ciphertext }, deps).trim();
+    return secret || null;
+}
+function writeToWindowsDpapi(config, secret, deps) {
+    const filePath = windowsDpapiUnlockPath(config, deps);
+    const ciphertext = runWindowsDpapi("protect", { secret }, deps).trim();
+    fs.mkdirSync(path.dirname(filePath), { recursive: true });
+    fs.writeFileSync(filePath, `${ciphertext}\n`, "utf8");
+}
+function readFromPlaintextFile(config, deps) {
+    const filePath = plaintextUnlockPath(config, deps);
+    if (!fs.existsSync(filePath))
+        return null;
+    if (platform(deps) !== "win32") {
+        const mode = fs.statSync(filePath).mode & 0o777;
+        if ((mode & 0o077) !== 0) {
+            throw new Error(`refusing to read plaintext vault unlock file at ${filePath} because permissions are too broad; run chmod 600 ${filePath}`);
+        }
+    }
+    const secret = fs.readFileSync(filePath, "utf8").trim();
+    return secret || null;
+}
+function writeToPlaintextFile(config, secret, deps) {
+    const filePath = plaintextUnlockPath(config, deps);
+    fs.mkdirSync(path.dirname(filePath), { recursive: true, mode: 0o700 });
+    fs.writeFileSync(filePath, secret, { encoding: "utf8", mode: 0o600 });
+    if (platform(deps) !== "win32") {
+        fs.chmodSync(path.dirname(filePath), 0o700);
+        fs.chmodSync(filePath, 0o600);
+    }
+}
+function readFromStore(config, store, deps) {
+    if (store.kind === "macos-keychain")
+        return readFromMacosKeychain(config, deps);
+    if (store.kind === "windows-dpapi")
+        return readFromWindowsDpapi(config, deps);
+    if (store.kind === "linux-secret-service")
+        return readFromLinuxSecretService(config, deps);
+    return readFromPlaintextFile(config, deps);
+}
+function writeToStore(config, store, secret, deps) {
+    if (store.kind === "macos-keychain") {
+        writeToMacosKeychain(config, secret, deps);
+        return;
+    }
+    if (store.kind === "linux-secret-service") {
+        writeToLinuxSecretService(config, secret, deps);
+        return;
+    }
+    if (store.kind === "windows-dpapi") {
+        writeToWindowsDpapi(config, secret, deps);
+        return;
+    }
+    writeToPlaintextFile(config, secret, deps);
+}
+function readVaultUnlockSecret(config, deps = {}) {
+    const store = resolveVaultUnlockStore(config, deps);
+    const secret = readFromStore(config, store, deps);
+    if (!secret) {
+        throw new Error(lockedMessage(config, store));
+    }
+    (0, runtime_1.emitNervesEvent)({
+        component: "repertoire",
+        event: "repertoire.vault_unlock_loaded",
+        message: "loaded vault unlock material from local store",
+        meta: { store: store.kind, secure: store.secure, hasAgentName: !!config.agentName },
+    });
+    return { secret, store };
+}
+function storeVaultUnlockSecret(config, secret, deps = {}) {
+    const trimmed = secret.trim();
+    if (!trimmed) {
+        throw new Error("vault unlock secret is required");
+    }
+    const store = resolveVaultUnlockStore(config, deps);
+    writeToStore(config, store, trimmed, deps);
+    (0, runtime_1.emitNervesEvent)({
+        component: "repertoire",
+        event: "repertoire.vault_unlock_stored",
+        message: "stored vault unlock material in local store",
+        meta: { store: store.kind, secure: store.secure, hasAgentName: !!config.agentName },
+    });
+    return store;
+}
+function getVaultUnlockStatus(config, deps = {}) {
+    try {
+        const store = resolveVaultUnlockStore(config, deps);
+        const stored = !!readFromStore(config, store, deps);
+        return {
+            configured: true,
+            stored,
+            store,
+            fix: stored
+                ? "Vault unlock secret is available on this machine."
+                : lockedMessage(config, store),
+        };
+    }
+    catch (error) {
+        return {
+            configured: false,
+            stored: false,
+            error: error instanceof Error ? error.message : String(error),
+            fix: error instanceof Error ? error.message : String(error),
+        };
+    }
+}

package/dist/scripts/claude-code-hook.js

@@ -0,0 +1,41 @@
+"use strict";
+// Claude Code lifecycle hook handler.
+// Receives events from Claude Code's hooks system (SessionStart, Stop, PostToolUse)
+// and forwards them to the Ouroboros daemon for agent awareness.
+//
+// This module exports handleHookEvent for testability.
+// The actual hook scripts (scripts/claude-code-hook.js) read stdin and call this.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.handleHookEvent = handleHookEvent;
+const socket_client_1 = require("../heart/daemon/socket-client");
+const runtime_1 = require("../nerves/runtime");
+/**
+ * Handle a Claude Code lifecycle hook event.
+ * Sends the event to the daemon and always exits 0 (hooks must not block the IDE).
+ */
+async function handleHookEvent(hookEvent) {
+    (0, runtime_1.emitNervesEvent)({
+        component: "daemon",
+        event: "daemon.hook_event_received",
+        message: "claude code hook event received",
+        meta: { hookEvent: hookEvent.event, sessionId: hookEvent.sessionId },
+    });
+    try {
+        await (0, socket_client_1.sendDaemonCommand)(socket_client_1.DEFAULT_DAEMON_SOCKET_PATH, {
+            kind: "hook.event",
+            event: hookEvent.event,
+            sessionId: hookEvent.sessionId,
+            toolName: hookEvent.toolName,
+        });
+    }
+    catch {
+        // Daemon unavailable — silently ignore. Hooks must not block.
+        (0, runtime_1.emitNervesEvent)({
+            component: "daemon",
+            event: "daemon.hook_event_daemon_unavailable",
+            message: "daemon unavailable for hook event",
+            meta: { hookEvent: hookEvent.event },
+        });
+    }
+    return { exitCode: 0 };
+}

package/dist/scripts/claude-code-stop-hook.js

@@ -0,0 +1,47 @@
+"use strict";
+// Claude Code stop hook — checks the agent's pending queue and returns
+// any messages as additionalContext for injection into the next turn.
+//
+// This is how the agent can proactively communicate back to the dev tool user:
+// the agent surfaces a message to the pending queue, and the stop hook picks
+// it up and injects it as context in the Claude Code session.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.handleStopHook = handleStopHook;
+const pending_1 = require("../mind/pending");
+const runtime_1 = require("../nerves/runtime");
+/**
+ * Check the pending queue for messages from the agent to this dev tool session.
+ * Returns accumulated message text as additionalContext.
+ */
+async function handleStopHook(input) {
+    (0, runtime_1.emitNervesEvent)({
+        component: "daemon",
+        event: "daemon.stop_hook_check_start",
+        message: "checking pending queue for stop hook",
+        meta: { agentName: input.agentName, friendId: input.friendId, sessionId: input.sessionId },
+    });
+    try {
+        const pendingDir = (0, pending_1.getPendingDir)(input.agentName, input.friendId, "mcp", input.sessionId);
+        const pending = (0, pending_1.drainPending)(pendingDir);
+        if (pending.length === 0) {
+            return { additionalContext: "" };
+        }
+        const text = pending.map((m) => m.content).join("\n\n---\n\n");
+        (0, runtime_1.emitNervesEvent)({
+            component: "daemon",
+            event: "daemon.stop_hook_check_end",
+            message: "pending messages found for stop hook",
+            meta: { agentName: input.agentName, count: pending.length },
+        });
+        return { additionalContext: text };
+    }
+    catch {
+        (0, runtime_1.emitNervesEvent)({
+            component: "daemon",
+            event: "daemon.stop_hook_check_error",
+            message: "error checking pending queue in stop hook",
+            meta: { agentName: input.agentName },
+        });
+        return { additionalContext: "" };
+    }
+}

package/dist/senses/attention-queue.js

@@ -0,0 +1,116 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.buildAttentionQueue = buildAttentionQueue;
+exports.dequeueAttentionItem = dequeueAttentionItem;
+exports.attentionQueueEmpty = attentionQueueEmpty;
+exports.buildAttentionQueueSummary = buildAttentionQueueSummary;
+const runtime_1 = require("../nerves/runtime");
+// ── Queue construction ───────────────────────────────────────────
+function generateItemId() {
+    return Math.random().toString(36).slice(2, 10);
+}
+function originKey(friendId, channel, key) {
+    return `${friendId}/${channel}/${key}`;
+}
+function buildAttentionQueue(input) {
+    const { drainedPending, outstandingObligations, friendNameResolver, packetResolver } = input;
+    const seen = new Set();
+    const items = [];
+    const enrichPacket = (packetId) => {
+        if (!packetId || !packetResolver)
+            return {};
+        const packet = packetResolver(packetId);
+        if (!packet)
+            return { packetId };
+        return {
+            packetId,
+            packetKind: packet.kind,
+            packetObjective: packet.objective,
+            packetSummary: packet.summary,
+        };
+    };
+    // Source 1: drained pending messages with delegatedFrom (current-turn delegations)
+    for (const msg of drainedPending) {
+        if (!msg.delegatedFrom)
+            continue;
+        const { friendId, channel, key, bridgeId } = msg.delegatedFrom;
+        const oKey = originKey(friendId, channel, key);
+        seen.add(oKey);
+        const resolvedName = friendNameResolver(friendId);
+        items.push({
+            id: msg.obligationId ?? generateItemId(),
+            friendId,
+            friendName: resolvedName ?? friendId,
+            channel,
+            key,
+            ...(bridgeId ? { bridgeId } : {}),
+            delegatedContent: msg.content,
+            ...(msg.obligationId ? { obligationId: msg.obligationId } : {}),
+            ...enrichPacket(msg.packetId),
+            source: "drained",
+            timestamp: msg.timestamp,
+        });
+    }
+    // Source 2: outstanding obligations (crash recovery)
+    for (const obligation of outstandingObligations) {
+        const { friendId, channel, key, bridgeId } = obligation.origin;
+        const oKey = originKey(friendId, channel, key);
+        if (seen.has(oKey))
+            continue; // deduplicate: prefer drained version
+        seen.add(oKey);
+        const resolvedName = friendNameResolver(friendId);
+        items.push({
+            id: obligation.id,
+            friendId,
+            friendName: resolvedName ?? friendId,
+            channel,
+            key,
+            ...(bridgeId ? { bridgeId } : {}),
+            delegatedContent: obligation.delegatedContent,
+            obligationId: obligation.id,
+            ...enrichPacket(obligation.packetId),
+            source: "obligation-recovery",
+            timestamp: obligation.createdAt,
+        });
+    }
+    // Sort FIFO (oldest first)
+    items.sort((a, b) => a.timestamp - b.timestamp);
+    (0, runtime_1.emitNervesEvent)({
+        event: "senses.attention_queue_built",
+        component: "senses",
+        message: `attention queue built with ${items.length} item(s)`,
+        meta: {
+            drainedCount: items.filter((i) => i.source === "drained").length,
+            recoveredCount: items.filter((i) => i.source === "obligation-recovery").length,
+        },
+    });
+    return items;
+}
+// ── Queue operations ─────────────────────────────────────────────
+function dequeueAttentionItem(queue, id) {
+    const index = queue.findIndex((item) => item.id === id);
+    if (index === -1)
+        return null;
+    return queue.splice(index, 1)[0];
+}
+function attentionQueueEmpty(queue) {
+    return queue.length === 0;
+}
+// ── Queue visibility ─────────────────────────────────────────────
+const CONTENT_PREVIEW_MAX = 80;
+function buildAttentionQueueSummary(queue) {
+    if (queue.length === 0)
+        return "";
+    const lines = ["[internal: held work items — not messages to send]"];
+    for (const item of queue) {
+        if (item.packetKind && item.packetObjective) {
+            lines.push(`- [${item.id}] ${item.friendName} -> ${item.packetKind}: ${item.packetObjective}`);
+            continue;
+        }
+        const preview = item.delegatedContent.length > CONTENT_PREVIEW_MAX
+            ? `${item.delegatedContent.slice(0, CONTENT_PREVIEW_MAX - 3)}...`
+            : item.delegatedContent;
+        lines.push(`- [${item.id}] ${item.friendName} asked: "${preview}"`);
+    }
+    return lines.join("\n");
+}

package/dist/senses/bluebubbles/attachment-cache.js

@@ -0,0 +1,53 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.cacheBlueBubblesAttachment = cacheBlueBubblesAttachment;
+exports.lookupBlueBubblesAttachment = lookupBlueBubblesAttachment;
+exports.resetBlueBubblesAttachmentCache = resetBlueBubblesAttachmentCache;
+const runtime_1 = require("../../nerves/runtime");
+/**
+ * Bounded process-local cache of recently-seen BlueBubbles attachment summaries.
+ *
+ * Populated at attachment-hydration time so the `describe_image` tool can
+ * look up a guid → summary later in the same turn (or a few turns later)
+ * and re-download the bytes on demand. Intentionally NOT persisted — per
+ * planning doc D4, session storage holds only the VLM description text,
+ * never the raw image bytes. The cache is cleared on daemon restart, which
+ * matches the product expectation that "describe_image works on recent
+ * messages in this session".
+ *
+ * Bounded at MAX_CACHED_ATTACHMENTS entries; oldest entries evict first
+ * when the limit is hit.
+ */
+const MAX_CACHED_ATTACHMENTS = 50;
+const cache = new Map();
+function cacheBlueBubblesAttachment(summary) {
+    const guid = summary.guid?.trim();
+    if (!guid)
+        return;
+    // Re-insert to move to end (LRU behavior via Map insertion order).
+    if (cache.has(guid))
+        cache.delete(guid);
+    cache.set(guid, { ...summary });
+    while (cache.size > MAX_CACHED_ATTACHMENTS) {
+        // cache.size > 0 here, so keys().next().value is always defined.
+        const oldestKey = cache.keys().next().value;
+        cache.delete(oldestKey);
+    }
+}
+function lookupBlueBubblesAttachment(guid) {
+    const trimmed = guid?.trim();
+    if (!trimmed)
+        return undefined;
+    return cache.get(trimmed);
+}
+function resetBlueBubblesAttachmentCache() {
+    cache.clear();
+}
+/* v8 ignore start — module-level observability event */
+(0, runtime_1.emitNervesEvent)({
+    component: "senses",
+    event: "senses.bluebubbles_attachment_cache_loaded",
+    message: "bluebubbles attachment cache module loaded",
+    meta: { maxEntries: MAX_CACHED_ATTACHMENTS },
+});
+/* v8 ignore stop */