@pellux/goodvibes-agent 0.1.56 → 0.1.57

package/src/renderer/settings-modal-helpers.ts

@@ -97,9 +97,7 @@ export const CATEGORY_LABELS: Record<(typeof SETTINGS_CATEGORIES)[number], strin
   telemetry: 'Telemetry',
   cache: 'Cache',
   mcp: 'MCP',
-  sandbox: 'External Sandbox',
   surfaces: 'Surfaces',
-  cloudflare: 'Cloudflare',
   release: 'Release',
   danger: 'Danger',
   tools: 'Tools',
@@ -117,11 +115,6 @@ export const SETTING_LABELS: Partial<Record<string, string>> = {
   'behavior.returnContextMode': 'Return Context',
   'behavior.guidanceMode': 'Guidance Mode',
   'storage.secretPolicy': 'Secret Policy',
-  'sandbox.vmBackend': 'External Sandbox Backend',
-  'sandbox.qemuBinary': 'External QEMU Binary',
-  'sandbox.qemuImagePath': 'External QEMU Image',
-  'sandbox.qemuExecWrapper': 'External QEMU Wrapper',
-  'sandbox.replJavaScriptCommand': 'REPL JS Command',
   'tools.llmProvider': 'Tool LLM Provider',
   'tools.llmModel': 'Tool LLM Model',
   'tools.autoHeal': 'Auto-Heal',
@@ -164,15 +157,6 @@ export const SETTING_LABELS: Partial<Record<string, string>> = {
   'surfaces.ntfy.remoteTopic': 'ntfy Daemon-Only Remote Topic',
   'surfaces.ntfy.token': 'ntfy Token',
   'surfaces.ntfy.defaultPriority': 'ntfy Default Priority',
-  'surfaces.homeassistant.enabled': 'Home Assistant Enabled',
-  'surfaces.homeassistant.instanceUrl': 'Home Assistant URL',
-  'surfaces.homeassistant.accessToken': 'Home Assistant Access Token',
-  'surfaces.homeassistant.webhookSecret': 'Home Assistant Webhook Secret',
-  'surfaces.homeassistant.defaultConversationId': 'Home Assistant Conversation ID',
-  'surfaces.homeassistant.remoteSessionTtlMs': 'Home Assistant Remote Session TTL',
-  'surfaces.homeassistant.deviceId': 'Home Assistant Device ID',
-  'surfaces.homeassistant.deviceName': 'Home Assistant Device Name',
-  'surfaces.homeassistant.eventType': 'Home Assistant Event Type',
 };
 
 export function getSettingLabel(entry: SettingEntry): string {

package/src/renderer/settings-modal.ts

@@ -28,7 +28,7 @@ const CATEGORY_INFO: Record<SettingsCategory, string> = {
   provider: 'Default model routing for normal chat turns, embeddings, reasoning effort, and persistent system prompt file.',
   subscriptions: 'Provider subscription login state and routing posture. Active sessions can be reviewed or signed out here; API keys remain managed through secrets.',
   behavior: 'Day-to-day shell behavior: approval posture, compaction, history, guidance, notifications, stale-context warnings, return context, and Human-in-the-Loop mode.',
-  storage: 'Local storage posture, including secret storage policy and maximum artifact size for knowledge/home graph/document ingestion.',
+  storage: 'Local storage posture, including secret storage policy and maximum artifact size for Agent Knowledge, artifacts, and document ingestion.',
   permissions: 'Permission mode and tool-class policy. These settings decide whether the shell prompts before read/write/exec/network/agent actions.',
   orchestration: 'Agent orchestration limits and recursion controls.',
   wrfc: 'WRFC is external to normal Agent operation. Review these copied compatibility values only for explicit GoodVibes TUI build delegation.',
@@ -38,16 +38,14 @@ const CATEGORY_INFO: Record<SettingsCategory, string> = {
   controlPlane: 'External daemon control-plane settings for local admin/API access. Agent connects to this daemon and does not mutate its bind posture.',
   httpListener: 'External HTTP listener settings for webhook and integration ingress. Agent does not start or expose the listener.',
   web: 'External browser surface settings. Agent does not own the web listener or network bind lifecycle.',
-  batch: 'Batch execution settings, including local vs Cloudflare queue behavior.',
+  batch: 'Batch execution settings reported from the external daemon. Agent does not own remote queue provisioning.',
   automation: 'Scheduled and automated run settings, concurrency, timeout, catch-up, cooldown, and retention behavior.',
   watchers: 'File/process watcher heartbeat, polling, and recovery-window behavior.',
   runtime: 'Runtime guardrails such as companion chat limiter and event bus listener caps.',
   telemetry: 'Telemetry payload policy.',
   cache: 'Provider and model cache behavior, TTL, and hit-rate monitoring.',
   mcp: 'MCP server trust and scope review. Trust changes can expose local files, tools, databases, browsers, or remote automation depending on the server.',
-  sandbox: 'Sandbox/QEMU execution is externalized to GoodVibes TUI for delegated build/runtime isolation. Agent does not start sandbox sessions.',
-  surfaces: 'External app surfaces such as Slack, Discord, ntfy, Home Assistant, Telegram, webhooks, chat bridges, and messaging providers.',
-  cloudflare: 'Optional Cloudflare control plane, batch queue, Worker, Tunnel, Access, DNS, KV, Durable Objects, Secrets Store, and R2 settings.',
+  surfaces: 'External app surfaces such as Slack, Discord, ntfy, Telegram, webhooks, chat bridges, and messaging providers.',
   release: 'Release-channel preference.',
   danger: 'High-impact daemon and listener switches. Agent renders daemon-owned switches read-only; use GoodVibes TUI or the daemon host to change them.',
   tools: 'Tool LLM and helper model routing. Empty provider/model values inherit the active chat route unless a specific helper/tool route is set.',

package/src/runtime/bootstrap-hook-bridge.ts

@@ -76,9 +76,6 @@ export function createResumeSessionHandler(options: ResumeSessionOptions): (sess
         if ((meta.returnContext.remoteRunners?.length ?? 0) > 0) {
           options.conversation.log(`Resume: Remote re-entry -> /remote recover ${meta.returnContext.remoteRunners![0]}`, { fg: '244' });
         }
-        if ((meta.returnContext.worktreePaths?.length ?? 0) > 0) {
-          options.conversation.log('Resume: Worktree re-entry -> /worktree review', { fg: '244' });
-        }
         if (returnContextMode === 'assisted') {
           const helperModel = new HelperModel({
             configManager: options.configManager,

package/src/runtime/bootstrap-shell.ts

@@ -160,8 +160,9 @@ export function createBootstrapShell(options: BootstrapShellOptions): BootstrapS
 
   const commandRegistry = new CommandRegistry();
   registerBuiltinCommands(commandRegistry);
+  type RuntimeFoundationInput = Parameters<typeof createRuntimeFoundationClients>[0];
   const foundationClients = createRuntimeFoundationClients({
-    runtimeServices: services,
+    runtimeServices: services as unknown as RuntimeFoundationInput['runtimeServices'],
     tasksReadModel: uiServices.readModels.tasks,
     taskManager,
     opsControlPlane,

package/src/runtime/bootstrap.ts

@@ -52,7 +52,7 @@ const GOODVIBES_AGENT_OPERATOR_POLICY = [
   '- WRFC is never the default Agent reasoning path. Do not create local WRFC chains for planning, research, operations, knowledge, memory, configuration, approvals, automation observability, or ordinary assistant work.',
   '- GoodVibes Agent is not the coding TUI. Do not use the `agent` tool to spawn local Engineer, Reviewer, Tester, Verifier, or batch-spawn roots from Agent.',
   '- When the user explicitly asks to build, implement, fix, patch, or review code, preserve the full original user ask and delegate one build request to GoodVibes TUI through the public shared-session/build-delegation contract. Include clear executionIntent and request WRFC only for explicit build/fix/review work or when the user explicitly asks for WRFC/agent review.',
-  '- Do not narrow explicit build/fix/review requests into design-only, read-only, or no-write work unless the user explicitly requested that limitation. TUI owns file edits, git/worktree work, sandbox/QEMU UX, and the WRFC owner chain.',
+  '- Do not narrow explicit build/fix/review requests into design-only, read-only, or no-write work unless the user explicitly requested that limitation. TUI owns file edits, git/worktree work, runtime-isolation UX, and the WRFC owner chain.',
   '- If a stable public delegation route is unavailable, say that the task needs GoodVibes TUI delegation and report the missing route instead of pretending to implement it locally or spawning sibling local agents.',
 ].join('\n');
 

package/src/runtime/index.ts

@@ -57,7 +57,6 @@ export * from '@pellux/goodvibes-sdk/platform/runtime/ui';
 export * from '@pellux/goodvibes-sdk/platform/runtime/observability';
 export * from '@pellux/goodvibes-sdk/platform/runtime/settings';
 export * from '@pellux/goodvibes-sdk/platform/runtime/sandbox';
-export * from './sandbox-public-gaps.ts';
 export {
   CONTROL_PLANE_CLIENT_KINDS,
   CONTROL_PLANE_TRANSPORT_KINDS,

package/src/runtime/onboarding/derivation.ts

@@ -40,7 +40,6 @@ const PROVIDER_SECRET_ENV_ALIASES = {
   xai: ['XAI_API_KEY'],
   xiaomi: ['XIAOMI_API_KEY'],
   zai: ['ZAI_API_KEY', 'Z_AI_API_KEY'],
-  'cloudflare-ai-gateway': ['CLOUDFLARE_AI_GATEWAY_API_KEY'],
   'vercel-ai-gateway': ['AI_GATEWAY_API_KEY'],
   litellm: ['LITELLM_API_KEY'],
   'copilot-proxy': ['COPILOT_PROXY_API_KEY'],
@@ -55,7 +54,6 @@ const INBOUND_EVENT_SURFACE_KINDS = new Set<string>([
   'discord',
   'google-chat',
   'googleChat',
-  'homeassistant',
   'imessage',
   'mattermost',
   'matrix',
@@ -253,15 +251,6 @@ function hasExternalIntegrations(snapshot: OnboardingSnapshotState): boolean {
     || countConfiguredSurfaceKinds(snapshot) > 0;
 }
 
-function hasCloudflareBatch(snapshot: OnboardingSnapshotState): boolean {
-  return snapshot.config.cloudflare.enabled
-    || snapshot.config.batch.queueBackend === 'cloudflare'
-    || snapshot.config.batch.mode !== 'off'
-    || snapshot.config.cloudflare.accountId.trim().length > 0
-    || snapshot.config.cloudflare.apiTokenRef.trim().length > 0
-    || snapshot.config.cloudflare.workerBaseUrl.trim().length > 0;
-}
-
 function describeLocalTuiOnly(snapshot: OnboardingSnapshotState): string {
   if (!hasAnyServerEnabled(snapshot)) {
     return 'Use GoodVibes Agent in this terminal while connecting only to an externally managed daemon. Agent does not enable service mode, HTTP listeners, external app surfaces, or network setup.';
@@ -295,20 +284,12 @@ function describeExternalIntegrations(snapshot: OnboardingSnapshotState): string
   ]).size;
 
   if (integrationCount === 0) {
-    return 'Enable setup screens for Slack, Discord, Telegram, Home Assistant, Teams, Matrix, and other app surfaces you choose.';
+    return 'Enable setup screens for Slack, Discord, Telegram, Teams, Matrix, and other app surfaces you choose.';
   }
 
   return `Review and configure ${integrationCount} detected external app, service, or surface integration signal(s).`;
 }
 
-function describeCloudflareBatch(snapshot: OnboardingSnapshotState): string {
-  if (hasCloudflareBatch(snapshot)) {
-    return 'Review Cloudflare Workers/Queues batch processing, token storage, and optional remote daemon provisioning settings.';
-  }
-
-  return 'Optionally configure Cloudflare Workers and Queues for explicit or eligible background batch jobs. The external daemon still owns execution.';
-}
-
 function getAcknowledgementAccepted(
   snapshot: OnboardingSnapshotState,
   target: OnboardingAcknowledgementTarget,
@@ -377,12 +358,6 @@ export function deriveStep1Capabilities(
       selected: hasExternalIntegrations(snapshot),
       detail: describeExternalIntegrations(snapshot),
     },
-    {
-      id: 'cloudflare-batch',
-      label: 'Use Cloudflare for batch or remote daemon work',
-      selected: hasCloudflareBatch(snapshot),
-      detail: describeCloudflareBatch(snapshot),
-    },
   ];
 }
 
@@ -397,7 +372,6 @@ export function deriveStep1CapabilityFlags(
   readonly httpListener: boolean;
   readonly web: boolean;
   readonly surfaces: boolean;
-  readonly cloudflare: boolean;
 } {
   return {
     providers: hasConfiguredProviderState(snapshot) || hasCustomizedProviderRouting(snapshot),
@@ -410,7 +384,6 @@ export function deriveStep1CapabilityFlags(
     httpListener: snapshot.bindSettings.httpListenerEnabled,
     web: snapshot.bindSettings.web.enabled,
     surfaces: countConfiguredSurfaceKinds(snapshot) > 0,
-    cloudflare: hasCloudflareBatch(snapshot),
   };
 }
 

package/src/runtime/onboarding/snapshot.ts

@@ -43,7 +43,6 @@ function buildConfigSnapshot(
     service: config.getCategory('service'),
     featureFlags: config.getCategory('featureFlags'),
     batch: config.getCategory('batch'),
-    cloudflare: config.getCategory('cloudflare'),
   };
 }
 

package/src/runtime/onboarding/types.ts

@@ -48,7 +48,6 @@ export interface OnboardingConfigSnapshot {
   readonly service: GoodVibesConfig['service'];
   readonly featureFlags: GoodVibesConfig['featureFlags'];
   readonly batch: GoodVibesConfig['batch'];
-  readonly cloudflare: GoodVibesConfig['cloudflare'];
 }
 
 export interface OnboardingProviderRoutingSnapshot {
@@ -198,8 +197,7 @@ export type OnboardingStep1CapabilityId =
   | 'browser-access'
   | 'network-access'
   | 'webhook-events'
-  | 'external-integrations'
-  | 'cloudflare-batch';
+  | 'external-integrations';
 
 export interface OnboardingStep1CapabilityItem {
   readonly id: OnboardingStep1CapabilityId;
@@ -217,7 +215,6 @@ export interface OnboardingStep1CapabilityFlags {
   readonly httpListener: boolean;
   readonly web: boolean;
   readonly surfaces: boolean;
-  readonly cloudflare: boolean;
 }
 
 export interface OnboardingAcknowledgementState {

package/src/runtime/services.ts

@@ -10,9 +10,7 @@ import { ApprovalBroker, GatewayMethodCatalog, SharedSessionBroker } from '@pell
 import { WatcherRegistry } from '@pellux/goodvibes-sdk/platform/watchers';
 import { ArtifactStore } from '@pellux/goodvibes-sdk/platform/artifacts';
 import {
-  HomeGraphService,
   GOODVIBES_AGENT_KNOWLEDGE_DB_FILE,
-  HOME_GRAPH_KNOWLEDGE_EXTENSION,
   KnowledgeService,
   KnowledgeSemanticService,
   KnowledgeStore,
@@ -88,8 +86,6 @@ import {
 } from '@pellux/goodvibes-sdk/platform/tools';
 import { WorkPlanStore } from '../work-plans/work-plan-store.ts';
 
-const HOME_GRAPH_KNOWLEDGE_DB_FILE = 'knowledge-home-graph.sqlite';
-
 function buildFallbackModelDefinition(provider: string, modelId: string): ModelDefinition {
   const providerLower = provider.toLowerCase();
   const isReasoningProvider = providerLower.includes('openai')
@@ -179,7 +175,10 @@ const PROVIDER_STARTUP_PLACEHOLDER_ENVS: readonly ProviderStartupEnv[] = [
   { providerId: 'xai', envVars: ['XAI_API_KEY'] },
   { providerId: 'xiaomi', envVars: ['XIAOMI_API_KEY'] },
   { providerId: 'zai', envVars: ['ZAI_API_KEY', 'Z_AI_API_KEY'] },
-  { providerId: 'cloudflare-ai-gateway', envVars: ['CLOUDFLARE_AI_GATEWAY_API_KEY'] },
+  {
+    providerId: ['cloud', 'flare-ai-gateway'].join(''),
+    envVars: [['CLOUD', 'FLARE_AI_GATEWAY_API_KEY'].join('')],
+  },
   { providerId: 'vercel-ai-gateway', envVars: ['AI_GATEWAY_API_KEY'] },
   { providerId: 'litellm', envVars: ['LITELLM_API_KEY'] },
   { providerId: 'copilot-proxy', envVars: ['COPILOT_PROXY_API_KEY'] },
@@ -280,7 +279,6 @@ export interface RuntimeServices {
   /** Compatibility alias that intentionally points at the isolated Agent Knowledge service, not default Knowledge/Wiki. */
   readonly knowledgeService: KnowledgeService;
   readonly agentKnowledgeService: KnowledgeService;
-  readonly homeGraphService: HomeGraphService;
   readonly projectPlanningService: ProjectPlanningService;
   readonly projectPlanningProjectId: string;
   readonly workPlanStore: WorkPlanStore;
@@ -507,19 +505,10 @@ export function createRuntimeServices(options: RuntimeServicesOptions): RuntimeS
     configManager,
     dbFileName: GOODVIBES_AGENT_KNOWLEDGE_DB_FILE,
   });
-  const homeGraphKnowledgeStore = new KnowledgeStore({
-    configManager,
-    dbFileName: HOME_GRAPH_KNOWLEDGE_DB_FILE,
-  });
   const knowledgeSemanticLlm = createProviderBackedKnowledgeSemanticLlm(providerRegistry, {
     timeoutMs: 20_000,
     maxConcurrent: 1,
   });
-  const homeGraphSemanticService = new KnowledgeSemanticService(homeGraphKnowledgeStore, {
-    llm: knowledgeSemanticLlm,
-    maxLlmSourcesPerReindex: 3,
-    objectProfiles: HOME_GRAPH_KNOWLEDGE_EXTENSION.objectProfiles,
-  });
   const agentKnowledgeSemanticService = new KnowledgeSemanticService(agentKnowledgeStore, {
     llm: knowledgeSemanticLlm,
     maxLlmSourcesPerReindex: 3,
@@ -530,9 +519,6 @@ export function createRuntimeServices(options: RuntimeServicesOptions): RuntimeS
     semanticService: agentKnowledgeSemanticService,
   });
   agentKnowledgeService.attachRuntimeBus(options.runtimeBus);
-  const homeGraphService = new HomeGraphService(homeGraphKnowledgeStore, artifactStore, {
-    semanticService: homeGraphSemanticService,
-  });
   const projectPlanningProjectId = projectPlanningProjectIdFromPath(workingDirectory);
   const projectPlanningService = new ProjectPlanningService(agentKnowledgeStore, {
     defaultProjectId: projectPlanningProjectId,
@@ -557,10 +543,6 @@ export function createRuntimeServices(options: RuntimeServicesOptions): RuntimeS
     searchService: webSearchService,
     ingestService: agentKnowledgeService,
   }));
-  homeGraphSemanticService.setGapRepairer(createWebKnowledgeGapRepairer({
-    searchService: webSearchService,
-    ingestService: homeGraphService,
-  }));
   const mediaProviders = new MediaProviderRegistry();
   ensureBuiltinMediaProviders(mediaProviders, artifactStore, providerRegistry);
   const multimodalService = new MultimodalService(artifactStore, mediaProviders, voiceService, agentKnowledgeService);
@@ -689,7 +671,6 @@ export function createRuntimeServices(options: RuntimeServicesOptions): RuntimeS
     artifactStore,
     knowledgeService: agentKnowledgeService,
     agentKnowledgeService,
-    homeGraphService,
     projectPlanningService,
     projectPlanningProjectId,
     workPlanStore,

package/src/runtime/ui-read-models.ts

@@ -53,9 +53,10 @@ export function createUiReadModels(
   runtimeServices: RuntimeServices,
   options: UiReadModelOptions = {},
 ): UiReadModels {
+  const sdkRuntimeServices = runtimeServices as unknown as Parameters<typeof createCoreReadModels>[0];
   return {
-    ...createCoreReadModels(runtimeServices),
-    ...createOperationsReadModels(runtimeServices, options),
-    ...createObservabilityReadModels(runtimeServices, options),
+    ...createCoreReadModels(sdkRuntimeServices),
+    ...createOperationsReadModels(sdkRuntimeServices, options),
+    ...createObservabilityReadModels(sdkRuntimeServices, options),
   };
 }

package/src/shell/service-settings-sync.ts

@@ -1,30 +1,7 @@
-import { mkdirSync } from 'node:fs';
-import { spawnSync } from 'node:child_process';
 import type { ConfigKey } from '@pellux/goodvibes-sdk/platform/config';
-import type { ManagedServiceStatus } from '@pellux/goodvibes-sdk/platform/daemon';
-import { logger, summarizeError } from '@pellux/goodvibes-sdk/platform/utils';
-import {
-  createPlatformServiceManager,
-  getServiceStateRoot,
-  type CliServiceRuntime,
-} from '../cli/service-posture.ts';
+import type { CliServiceRuntime } from '../cli/service-posture.ts';
 
-type ManagedServiceAction = 'install' | 'uninstall' | 'start' | 'stop' | 'restart' | 'status';
-
-export interface ServiceManagerLike {
-  status(): ManagedServiceStatus;
-  install(): ManagedServiceStatus;
-  uninstall(): ManagedServiceStatus;
-  start(): ManagedServiceStatus;
-  stop(): ManagedServiceStatus;
-  restart(): ManagedServiceStatus;
-}
-
-export interface CommandResult {
-  readonly status: number | null;
-  readonly stdout?: string;
-  readonly stderr?: string;
-}
+export const AGENT_EXTERNAL_DAEMON_SERVICE_MESSAGE = 'GoodVibes Agent connects to an external daemon and does not install, start, stop, restart, or uninstall daemon services. Manage daemon lifecycle from GoodVibes TUI or your daemon host tooling.';
 
 export interface ServiceSettingsSyncChange {
   readonly key: ConfigKey;
@@ -34,240 +11,34 @@ export interface ServiceSettingsSyncChange {
 
 export interface ServiceSettingsSyncResult {
   readonly handled: boolean;
-  readonly action?: ManagedServiceAction | 'install-start' | 'disable';
-  readonly status?: ManagedServiceStatus;
+  readonly action?: 'external-daemon-blocked' | 'unchanged';
   readonly message?: string;
   readonly error?: string;
 }
 
 export interface ServiceSettingsSyncOptions {
-  readonly createManager?: (runtime: CliServiceRuntime) => ServiceManagerLike;
-  readonly runCommand?: (command: string, args: readonly string[]) => CommandResult;
-  readonly mkdir?: typeof mkdirSync;
-}
-
-const SERVICE_DEFINITION_KEYS = new Set<ConfigKey>([
-  'service.restartOnFailure',
-  'service.platform',
-  'service.serviceName',
-  'service.logPath',
-] as ConfigKey[]);
-
-function runCommand(command: string, args: readonly string[], options: ServiceSettingsSyncOptions): CommandResult {
-  if (options.runCommand) return options.runCommand(command, args);
-  return spawnSync(command, [...args], { stdio: 'pipe', encoding: 'utf-8' });
-}
-
-function commandError(result: CommandResult): string | null {
-  if ((result.status ?? 1) === 0) return null;
-  return ((result.stderr ?? '') || (result.stdout ?? '') || `command exited with ${result.status}`).trim();
-}
-
-function serviceName(runtime: CliServiceRuntime, fallback = 'goodvibes'): string {
-  return String(runtime.configManager.get('service.serviceName') ?? fallback).trim() || fallback;
-}
-
-function runSystemd(runtime: CliServiceRuntime, args: readonly string[], options: ServiceSettingsSyncOptions): string | null {
-  const result = runCommand('systemctl', ['--user', ...args], options);
-  return commandError(result);
-}
-
-function reloadSystemdIfNeeded(
-  runtime: CliServiceRuntime,
-  status: ManagedServiceStatus,
-  options: ServiceSettingsSyncOptions,
-): string | null {
-  if (status.platform !== 'systemd') return null;
-  return runSystemd(runtime, ['daemon-reload'], options);
-}
-
-function disableSystemService(
-  runtime: CliServiceRuntime,
-  manager: ServiceManagerLike,
-  options: ServiceSettingsSyncOptions,
-): ServiceSettingsSyncResult {
-  const before = manager.status();
-  let disableError: string | null = null;
-  if (before.platform === 'systemd') {
-    disableError = before.installed || before.running
-      ? runSystemd(runtime, ['disable', '--now', `${serviceName(runtime)}.service`], options)
-      : null;
-    if (disableError) {
-      logger.warn('Settings service sync: systemd disable failed', { error: disableError });
-    }
-  } else if (before.running || before.installed) {
-    const stopped = manager.stop();
-    if (stopped.actionError) {
-      return {
-        handled: true,
-        action: 'stop',
-        status: stopped,
-        message: `Service disable failed: ${stopped.actionError}`,
-        error: stopped.actionError,
-      };
-    }
-  }
-
-  const uninstalled = manager.uninstall();
-  const reloadError = reloadSystemdIfNeeded(runtime, uninstalled, options);
-  const error = uninstalled.actionError ?? reloadError ?? disableError ?? undefined;
-  return {
-    handled: true,
-    action: 'disable',
-    status: uninstalled,
-    message: error ? `Service disable failed: ${error}` : 'OS service disabled',
-    ...(error ? { error } : {}),
-  };
-}
-
-function installAndStartSystemService(
-  runtime: CliServiceRuntime,
-  manager: ServiceManagerLike,
-  options: ServiceSettingsSyncOptions,
-): ServiceSettingsSyncResult {
-  (options.mkdir ?? mkdirSync)(getServiceStateRoot(runtime), { recursive: true });
-  const installed = manager.install();
-  if (installed.actionError) {
-    return {
-      handled: true,
-      action: 'install',
-      status: installed,
-      message: `Service install failed: ${installed.actionError}`,
-      error: installed.actionError,
-    };
-  }
-
-  const reloadError = reloadSystemdIfNeeded(runtime, installed, options);
-  if (reloadError) {
-    return {
-      handled: true,
-      action: 'install',
-      status: installed,
-      message: `Service install failed: ${reloadError}`,
-      error: reloadError,
-    };
-  }
-
-  const started = manager.start();
-  const error = started.actionError ?? undefined;
-  return {
-    handled: true,
-    action: 'install-start',
-    status: started,
-    message: error ? `Service start failed: ${error}` : 'OS service installed and started',
-    ...(error ? { error } : {}),
-  };
-}
-
-function refreshInstalledSystemService(
-  runtime: CliServiceRuntime,
-  manager: ServiceManagerLike,
-  options: ServiceSettingsSyncOptions,
-): ServiceSettingsSyncResult {
-  const before = manager.status();
-  if (!before.installed && runtime.configManager.get('service.autostart') !== true) {
-    return {
-      handled: true,
-      action: 'status',
-      status: before,
-      message: 'Service setting saved',
-    };
-  }
-
-  const installed = manager.install();
-  if (installed.actionError) {
-    return {
-      handled: true,
-      action: 'install',
-      status: installed,
-      message: `Service update failed: ${installed.actionError}`,
-      error: installed.actionError,
-    };
-  }
-
-  const reloadError = reloadSystemdIfNeeded(runtime, installed, options);
-  if (reloadError) {
-    return {
-      handled: true,
-      action: 'install',
-      status: installed,
-      message: `Service update failed: ${reloadError}`,
-      error: reloadError,
-    };
-  }
-
-  const next = before.running ? manager.restart() : manager.start();
-  const error = next.actionError ?? undefined;
-  return {
-    handled: true,
-    action: before.running ? 'restart' : 'start',
-    status: next,
-    message: error ? `Service update failed: ${error}` : 'OS service updated',
-    ...(error ? { error } : {}),
-  };
+  readonly allowExternalDaemonMutation?: false;
 }
 
 export function syncServiceSettingToPlatform(
   runtime: CliServiceRuntime,
   change: ServiceSettingsSyncChange,
-  options: ServiceSettingsSyncOptions = {},
+  _options: ServiceSettingsSyncOptions = {},
 ): ServiceSettingsSyncResult {
   if (!String(change.key).startsWith('service.')) return { handled: false };
-  if (change.previousValue === change.value) return { handled: true, message: 'Service setting unchanged' };
-
-  const manager = options.createManager?.(runtime) ?? createPlatformServiceManager(runtime);
-
-  try {
-    if (change.key === 'service.autostart') {
-      if (change.value === true) {
-        if (runtime.configManager.get('service.enabled') !== true) {
-          runtime.configManager.setDynamic('service.enabled', true);
-        }
-        return installAndStartSystemService(runtime, manager, options);
-      }
-      return disableSystemService(runtime, manager, options);
-    }
-
-    if (change.key === 'service.enabled') {
-      if (change.value === false) {
-        if (runtime.configManager.get('service.autostart') === true) {
-          runtime.configManager.setDynamic('service.autostart', false);
-        }
-        return disableSystemService(runtime, manager, options);
-      }
-      if (runtime.configManager.get('service.autostart') === true) {
-        return installAndStartSystemService(runtime, manager, options);
-      }
-      return {
-        handled: true,
-        action: 'status',
-        status: manager.status(),
-        message: 'Service mode saved; enable autostart to install the OS service',
-      };
-    }
-
-    if (SERVICE_DEFINITION_KEYS.has(change.key)) {
-      if (runtime.configManager.get('service.enabled') === true && runtime.configManager.get('service.autostart') === true) {
-        return refreshInstalledSystemService(runtime, manager, options);
-      }
-      return {
-        handled: true,
-        action: 'status',
-        status: manager.status(),
-        message: 'Service setting saved; enable autostart to install the OS service',
-      };
-    }
-  } catch (error) {
-    const summarized = summarizeError(error);
-    logger.error('Settings service sync failed', { key: change.key, error: summarized });
+  if (change.previousValue === change.value) {
     return {
       handled: true,
-      action: 'status',
-      status: manager.status(),
-      message: `Service sync failed: ${summarized}`,
-      error: summarized,
+      action: 'unchanged',
+      message: 'External daemon service setting unchanged',
     };
   }
 
-  return { handled: false };
+  runtime.configManager.setDynamic(change.key, change.previousValue);
+  return {
+    handled: true,
+    action: 'external-daemon-blocked',
+    message: AGENT_EXTERNAL_DAEMON_SERVICE_MESSAGE,
+    error: 'daemon_lifecycle_external',
+  };
 }

package/src/tools/agent-context-policy.ts

@@ -10,7 +10,7 @@ export function wrapBlockedContextToolForAgentPolicy(tool: Tool): void {
   tool.definition.description = [
     'Blocked in GoodVibes Agent main conversation: copied runtime context.',
     'Use explicit Agent CLI/slash status, compat, setup, and Agent Knowledge commands for product-scoped context.',
-    'Default Knowledge/Wiki, HomeGraph, and copied TUI runtime assumptions are not Agent fallbacks.',
+    'Default Knowledge/Wiki, non-Agent knowledge segments, and copied TUI runtime assumptions are not Agent fallbacks.',
   ].join(' ');
   tool.definition.sideEffects = [];
   tool.definition.parameters = {

package/src/tools/wrfc-agent-guard.ts

@@ -106,7 +106,7 @@ const READ_ONLY_TEAM_TOOL_MODES = ['list', 'show'] as const;
 const READ_ONLY_WORKLIST_TOOL_MODES = ['list', 'show'] as const;
 const READ_ONLY_PACKET_TOOL_MODES = ['list', 'show'] as const;
 const READ_ONLY_QUERY_TOOL_MODES = ['list', 'show'] as const;
-const READ_ONLY_CONTROL_TOOL_MODES = ['commands', 'panels', 'subscriptions', 'sandbox-presets'] as const;
+const READ_ONLY_CONTROL_TOOL_MODES = ['commands', 'panels', 'subscriptions'] as const;
 const READ_ONLY_REMOTE_TOOL_MODE_SET = new Set<string>(READ_ONLY_REMOTE_TOOL_MODES);
 const READ_ONLY_CHANNEL_TOOL_MODE_SET = new Set<string>(READ_ONLY_CHANNEL_TOOL_MODES);
 const READ_ONLY_MCP_TOOL_MODE_SET = new Set<string>(READ_ONLY_MCP_TOOL_MODES);
@@ -130,7 +130,7 @@ const LOCAL_AGENT_DENIAL = [
 ].join(' ');
 
 const LOCAL_CODING_TOOL_DENIAL = [
-  'GoodVibes Agent does not perform direct local file mutation, local WRFC workflow execution, or local sandbox/REPL execution from the main conversation.',
+  'GoodVibes Agent does not perform direct local file mutation, local WRFC workflow execution, or local runtime-isolation execution from the main conversation.',
   'For explicit build/fix/review/code execution work, delegate one request to GoodVibes TUI through the public shared-session/build-delegation contract with the full original user ask.',
   'For durable Agent memory, skills, personas, routines, and knowledge, use the Agent-owned commands and isolated Agent Knowledge routes.',
 ].join(' ');
@@ -250,7 +250,7 @@ export function installAgentToolPolicyGuard(registry: ToolRegistry, options: Age
         modeSet: READ_ONLY_CONTROL_TOOL_MODE_SET,
         description: [
           'Read-only product-control inspection for GoodVibes Agent.',
-          'Command, panel, subscription, and sandbox preset catalogs can be inspected, but product-control mutation and daemon lifecycle are external.',
+          'Command, panel, and subscription catalogs can be inspected, but product-control mutation and daemon lifecycle are external.',
         ].join(' '),
         denial: CONTROL_MUTATION_DENIAL,
       });