npm - @poolzin/pool-bot - Versions diffs - 2026.2.17 → 2026.2.19 - Mend

@poolzin/pool-bot 2026.2.17 → 2026.2.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (488) hide show

package/CHANGELOG.md +25 -0
package/dist/agents/agent-scope.js +4 -0
package/dist/agents/announce-idempotency.js +14 -0
package/dist/agents/auth-profiles.resolve-auth-profile-order.fixtures.js +23 -0
package/dist/agents/bash-tools.exec-runtime.js +438 -0
package/dist/agents/bash-tools.shared.js +6 -0
package/dist/agents/cli-runner/reliability.js +61 -0
package/dist/agents/cli-watchdog-defaults.js +11 -0
package/dist/agents/command-poll-backoff.js +63 -0
package/dist/agents/current-time.js +16 -0
package/dist/agents/model-alias-lines.js +18 -0
package/dist/agents/model-auth-label.js +61 -0
package/dist/agents/models-config.e2e-harness.js +115 -0
package/dist/agents/ollama-stream.js +11 -3
package/dist/agents/openclaw-tools.js +135 -0
package/dist/agents/pi-auth-json.js +118 -0
package/dist/agents/pi-embedded-runner/run.overflow-compaction.mocks.shared.js +147 -0
package/dist/agents/pi-embedded-subscribe.e2e-harness.js +90 -0
package/dist/agents/pi-embedded-subscribe.handlers.compaction.js +63 -0
package/dist/agents/pi-embedded-subscribe.handlers.tools.media.test-helpers.js +30 -0
package/dist/agents/pi-extensions/session-manager-runtime-registry.js +23 -0
package/dist/agents/pi-tools.js +2 -0
package/dist/agents/queued-file-writer.js +22 -0
package/dist/agents/sandbox/docker.js +133 -40
package/dist/agents/sandbox/fs-bridge.js +146 -0
package/dist/agents/sandbox/fs-paths.js +205 -0
package/dist/agents/sandbox/hash.js +4 -0
package/dist/agents/sandbox-paths.js +3 -0
package/dist/agents/session-dirs.js +20 -0
package/dist/agents/skills/filter.js +24 -0
package/dist/agents/skills/tools-dir.js +9 -0
package/dist/agents/skills-install-download.js +290 -0
package/dist/agents/skills-install-output.js +30 -0
package/dist/agents/skills-install.download-test-utils.js +36 -0
package/dist/agents/skills.e2e-test-helpers.js +13 -0
package/dist/agents/subagent-announce-queue.js +59 -15
package/dist/agents/subagent-depth.js +137 -0
package/dist/agents/subagent-registry.js +448 -96
package/dist/agents/subagent-spawn.js +262 -0
package/dist/agents/test-helpers/fast-tool-stubs.js +18 -0
package/dist/agents/test-helpers/host-sandbox-fs-bridge.js +74 -0
package/dist/agents/tool-display-common.js +782 -0
package/dist/agents/tools/image-tool.js +1 -1
package/dist/agents/tools/sessions-access.js +178 -0
package/dist/agents/tools/sessions-resolution.js +206 -0
package/dist/agents/tools/subagents-tool.js +616 -0
package/dist/agents/workspace-dir.js +18 -0
package/dist/agents/workspace-dirs.js +14 -0
package/dist/agents/workspace.js +70 -0
package/dist/auto-reply/heartbeat-reply-payload.js +18 -0
package/dist/auto-reply/reply/commands-export-session.js +163 -0
package/dist/auto-reply/reply/commands-mesh.js +245 -0
package/dist/auto-reply/reply/commands-setunset.js +28 -0
package/dist/auto-reply/reply/commands-slash-parse.js +31 -0
package/dist/auto-reply/reply/commands-system-prompt.js +117 -0
package/dist/auto-reply/reply/directive-handling.levels.js +17 -0
package/dist/auto-reply/reply/directive-handling.params.js +1 -0
package/dist/auto-reply/reply/directive-parsing.js +36 -0
package/dist/auto-reply/reply/dispatcher-registry.js +43 -0
package/dist/auto-reply/reply/elevated-unavailable.js +20 -0
package/dist/auto-reply/reply/reply-delivery.js +92 -0
package/dist/auto-reply/reply/session-reset-prompt.js +1 -0
package/dist/auto-reply/reply/session-run-accounting.js +33 -0
package/dist/auto-reply/reply.directive.directive-behavior.e2e-harness.js +115 -0
package/dist/auto-reply/reply.directive.directive-behavior.e2e-mocks.js +12 -0
package/dist/browser/bridge-auth-registry.js +26 -0
package/dist/browser/client-actions-url.js +10 -0
package/dist/browser/control-auth.js +73 -0
package/dist/browser/csrf.js +64 -0
package/dist/browser/http-auth.js +52 -0
package/dist/browser/paths.js +37 -0
package/dist/browser/proxy-files.js +32 -0
package/dist/browser/pw-ai-state.js +7 -0
package/dist/browser/resolved-config-refresh.js +42 -0
package/dist/browser/routes/path-output.js +1 -0
package/dist/browser/server-context.chrome-test-harness.js +20 -0
package/dist/browser/server-middleware.js +31 -0
package/dist/browser/test-port.js +16 -0
package/dist/build-info.json +3 -3
package/dist/canvas-host/file-resolver.js +43 -0
package/dist/channels/account-summary.js +19 -0
package/dist/channels/draft-stream-loop.js +77 -0
package/dist/channels/plugins/account-helpers.js +26 -0
package/dist/channels/telegram/allow-from.js +10 -0
package/dist/cli/browser-cli-resize.js +22 -0
package/dist/cli/browser-cli-shared.js +8 -0
package/dist/cli/clawbot-cli.js +5 -0
package/dist/cli/completion-cli.js +566 -0
package/dist/cli/config-cli.js +63 -5
package/dist/cli/daemon-cli/lifecycle-core.js +256 -0
package/dist/cli/daemon-cli/register-service-commands.js +60 -0
package/dist/cli/daemon-cli-compat.js +80 -0
package/dist/cli/nodes-cli/pairing-render.js +26 -0
package/dist/cli/program/action-reparse.js +17 -0
package/dist/cli/program/command-registry.js +17 -0
package/dist/cli/program/program-context.js +8 -0
package/dist/cli/program/register.subclis.js +7 -0
package/dist/cli/program/routes.js +233 -0
package/dist/cli/qr-cli.js +132 -0
package/dist/cli/requirements-test-fixtures.js +17 -0
package/dist/cli/respawn-policy.js +4 -0
package/dist/cli/shared/parse-port.js +18 -0
package/dist/cli/skills-cli.format.js +241 -0
package/dist/cli/update-cli/progress.js +121 -0
package/dist/cli/update-cli/restart-helper.js +108 -0
package/dist/cli/update-cli/shared.js +196 -0
package/dist/cli/update-cli/status.js +97 -0
package/dist/cli/update-cli/suppress-deprecations.js +17 -0
package/dist/cli/update-cli/update-command.js +506 -0
package/dist/cli/update-cli/wizard.js +130 -0
package/dist/cli/update-cli.js +3 -9
package/dist/cli/windows-argv.js +69 -0
package/dist/commands/auth-choice-legacy.js +20 -0
package/dist/commands/auth-choice.apply-helpers.js +8 -0
package/dist/commands/channel-test-helpers.js +19 -0
package/dist/commands/cleanup-plan.js +10 -0
package/dist/commands/cleanup-utils.js +7 -0
package/dist/commands/config-validation.js +15 -0
package/dist/commands/doctor-completion.js +112 -0
package/dist/commands/doctor-memory-search.js +119 -0
package/dist/commands/doctor-session-locks.js +73 -0
package/dist/commands/doctor.e2e-harness.js +364 -0
package/dist/commands/gateway-presence.js +19 -0
package/dist/commands/model-default.js +35 -0
package/dist/commands/models/fallbacks-shared.js +102 -0
package/dist/commands/models/shared.js +24 -0
package/dist/commands/onboard-auth.config-gateways.js +64 -0
package/dist/commands/onboard-auth.config-litellm.js +45 -0
package/dist/commands/onboard-auth.config-shared.js +116 -0
package/dist/commands/onboard-config.js +16 -0
package/dist/commands/onboard-non-interactive.test-helpers.js +31 -0
package/dist/commands/onboard-provider-auth-flags.js +136 -0
package/dist/commands/openai-codex-oauth.js +40 -0
package/dist/commands/test-runtime-config-helpers.js +21 -0
package/dist/commands/test-wizard-helpers.js +68 -0
package/dist/commands/vllm-setup.js +66 -0
package/dist/compat/legacy-names.js +2 -0
package/dist/config/backup-rotation.js +19 -0
package/dist/config/env-preserve.js +122 -0
package/dist/config/includes-scan.js +78 -0
package/dist/config/plugins-allowlist.js +13 -0
package/dist/config/schema.help.js +256 -0
package/dist/config/schema.hints.js +189 -0
package/dist/config/schema.irc.js +20 -0
package/dist/config/schema.labels.js +317 -0
package/dist/config/sessions/delivery-info.js +40 -0
package/dist/config/types.irc.js +1 -0
package/dist/config/zod-schema.agent-model.js +10 -0
package/dist/config/zod-schema.allowdeny.js +35 -0
package/dist/config/zod-schema.sensitive.js +4 -0
package/dist/control-ui/assets/index-HRr1grwl.js.map +1 -1
package/dist/cron/isolated-agent/skills-snapshot.js +26 -0
package/dist/cron/isolated-agent/subagent-followup.js +127 -0
package/dist/cron/isolated-agent.mocks.js +12 -0
package/dist/cron/isolated-agent.test-setup.js +22 -0
package/dist/cron/legacy-delivery.js +43 -0
package/dist/cron/webhook-url.js +22 -0
package/dist/daemon/arg-split.js +40 -0
package/dist/daemon/exec-file.js +23 -0
package/dist/daemon/output.js +6 -0
package/dist/daemon/runtime-format.js +31 -0
package/dist/daemon/schtasks-exec.js +4 -0
package/dist/daemon/service-audit.js +22 -0
package/dist/discord/client.js +41 -0
package/dist/discord/components-registry.js +57 -0
package/dist/discord/components.js +816 -0
package/dist/discord/guilds.js +12 -0
package/dist/discord/monitor/gateway-plugin.js +48 -0
package/dist/discord/monitor/presence.js +30 -0
package/dist/discord/send.components.js +115 -0
package/dist/discord/send.shared.js +4 -0
package/dist/discord/ui.js +26 -0
package/dist/discord/voice-message.js +254 -0
package/dist/gateway/agent-event-assistant-text.js +5 -0
package/dist/gateway/agent-prompt.js +33 -0
package/dist/gateway/auth-rate-limit.js +136 -0
package/dist/gateway/channel-health-monitor.js +114 -0
package/dist/gateway/control-ui-contract.js +1 -0
package/dist/gateway/control-ui-csp.js +15 -0
package/dist/gateway/gateway-config-prompts.shared.js +25 -0
package/dist/gateway/http-auth-helpers.js +18 -0
package/dist/gateway/http-common.js +18 -0
package/dist/gateway/http-endpoint-helpers.js +27 -0
package/dist/gateway/node-invoke-sanitize.js +11 -0
package/dist/gateway/node-invoke-system-run-approval.js +205 -0
package/dist/gateway/probe-auth.js +21 -0
package/dist/gateway/protocol/index.js +7 -2
package/dist/gateway/protocol/schema/mesh.js +54 -0
package/dist/gateway/protocol/schema/protocol-schemas.js +7 -0
package/dist/gateway/protocol/schema.js +1 -0
package/dist/gateway/server/ws-connection/auth-messages.js +54 -0
package/dist/gateway/server-channels.js +11 -0
package/dist/gateway/server-methods/attachment-normalize.js +16 -0
package/dist/gateway/server-methods/base-hash.js +8 -0
package/dist/gateway/server-methods/mesh.js +700 -0
package/dist/gateway/server-methods/nodes.handlers.invoke-result.js +55 -0
package/dist/gateway/server-methods/restart-request.js +13 -0
package/dist/gateway/server-methods/validation.js +8 -0
package/dist/gateway/server.agent.gateway-server-agent.mocks.js +35 -0
package/dist/gateway/server.e2e-registry-helpers.js +1 -0
package/dist/gateway/server.e2e-ws-harness.js +20 -0
package/dist/gateway/test-helpers.js +2 -0
package/dist/gateway/test-helpers.server.js +3 -1
package/dist/gateway/test-http-response.js +12 -0
package/dist/gateway/test-openai-responses-model.js +20 -0
package/dist/gateway/test-temp-config.js +30 -0
package/dist/gateway/test-with-server.js +32 -0
package/dist/hooks/bundled/bootstrap-extra-files/handler.js +46 -0
package/dist/imessage/monitor/abort-handler.js +23 -0
package/dist/imessage/monitor/inbound-processing.js +346 -0
package/dist/imessage/monitor/parse-notification.js +64 -0
package/dist/imessage/target-parsing-helpers.js +92 -0
package/dist/infra/archive.js +244 -20
package/dist/infra/detect-package-manager.js +26 -0
package/dist/infra/exec-approvals-allowlist.js +257 -0
package/dist/infra/exec-approvals-analysis.js +770 -0
package/dist/infra/exec-approvals.js +13 -0
package/dist/infra/file-lock.js +1 -0
package/dist/infra/gemini-auth.js +39 -0
package/dist/infra/heartbeat-active-hours.js +85 -0
package/dist/infra/heartbeat-events-filter.js +50 -0
package/dist/infra/heartbeat-runner.test-utils.js +39 -0
package/dist/infra/http-body.js +265 -0
package/dist/infra/install-package-dir.js +50 -0
package/dist/infra/install-safe-path.js +49 -0
package/dist/infra/json-files.js +49 -0
package/dist/infra/jsonl-socket.js +52 -0
package/dist/infra/map-size.js +14 -0
package/dist/infra/net/hostname.js +7 -0
package/dist/infra/npm-registry-spec.js +39 -0
package/dist/infra/openclaw-root.js +109 -0
package/dist/infra/outbound/delivery-queue.js +214 -0
package/dist/infra/outbound/identity.js +23 -0
package/dist/infra/outbound/message-action-params.js +307 -0
package/dist/infra/outbound/tool-payload.js +21 -0
package/dist/infra/package-json.js +23 -0
package/dist/infra/pairing-files.js +19 -0
package/dist/infra/pairing-token.js +9 -0
package/dist/infra/path-prepend.js +51 -0
package/dist/infra/process-respawn.js +49 -0
package/dist/infra/runtime-status.js +16 -0
package/dist/infra/session-cost-usage.types.js +1 -0
package/dist/infra/session-maintenance-warning.js +89 -0
package/dist/infra/system-run-command.js +78 -0
package/dist/infra/tmp-openclaw-dir.js +81 -0
package/dist/infra/tmp-poolbot-dir.js +2 -0
package/dist/infra/update-channels.js +19 -0
package/dist/line/actions.js +45 -0
package/dist/line/channel-access-token.js +9 -0
package/dist/line/flex-templates/basic-cards.js +332 -0
package/dist/line/flex-templates/common.js +18 -0
package/dist/line/flex-templates/media-control-cards.js +453 -0
package/dist/line/flex-templates/message.js +10 -0
package/dist/line/flex-templates/schedule-cards.js +399 -0
package/dist/line/flex-templates/types.js +1 -0
package/dist/line/webhook-node.js +100 -0
package/dist/line/webhook-utils.js +11 -0
package/dist/logging/timestamps.js +14 -0
package/dist/markdown/whatsapp.js +62 -0
package/dist/media/base64.js +34 -0
package/dist/media/local-roots.js +32 -0
package/dist/media/outbound-attachment.js +10 -0
package/dist/media/read-response-with-limit.js +41 -0
package/dist/media/sniff-mime-from-base64.js +19 -0
package/dist/media-understanding/audio-preflight.js +67 -0
package/dist/media-understanding/fs.js +13 -0
package/dist/media-understanding/output-extract.js +26 -0
package/dist/media-understanding/providers/audio.test-helpers.js +34 -0
package/dist/media-understanding/providers/google/inline-data.js +64 -0
package/dist/media-understanding/providers/shared.js +7 -0
package/dist/media-understanding/runner.entries.js +459 -0
package/dist/memory/batch-error-utils.js +11 -0
package/dist/memory/batch-http.js +27 -0
package/dist/memory/batch-output.js +29 -0
package/dist/memory/batch-runner.js +22 -0
package/dist/memory/batch-upload.js +23 -0
package/dist/memory/batch-utils.js +26 -0
package/dist/memory/embeddings-debug.js +11 -0
package/dist/memory/embeddings-remote-client.js +22 -0
package/dist/memory/embeddings-remote-fetch.js +14 -0
package/dist/memory/manager-embedding-ops.js +616 -0
package/dist/memory/manager-sync-ops.js +953 -0
package/dist/memory/qmd-manager.js +1061 -0
package/dist/memory/qmd-query-parser.js +107 -0
package/dist/memory/qmd-scope.js +93 -0
package/dist/memory/search-manager.js +0 -1
package/dist/memory/sync-index.js +21 -0
package/dist/memory/sync-progress.js +22 -0
package/dist/memory/sync-stale.js +30 -0
package/dist/memory/test-embeddings-mock.js +16 -0
package/dist/memory/test-manager-helpers.js +14 -0
package/dist/memory/test-runtime-mocks.js +11 -0
package/dist/node-host/invoke-browser.js +177 -0
package/dist/node-host/invoke.js +685 -0
package/dist/pairing/setup-code.js +285 -0
package/dist/plugin-sdk/account-id.js +1 -0
package/dist/plugin-sdk/agent-media-payload.js +13 -0
package/dist/plugin-sdk/allow-from.js +47 -0
package/dist/plugin-sdk/command-auth.js +23 -0
package/dist/plugin-sdk/config-paths.js +9 -0
package/dist/plugin-sdk/file-lock.js +116 -0
package/dist/plugin-sdk/json-store.js +31 -0
package/dist/plugin-sdk/onboarding.js +28 -0
package/dist/plugin-sdk/provider-auth-result.js +29 -0
package/dist/plugin-sdk/slack-message-actions.js +133 -0
package/dist/plugin-sdk/status-helpers.js +35 -0
package/dist/plugin-sdk/text-chunking.js +31 -0
package/dist/plugin-sdk/tool-send.js +12 -0
package/dist/plugin-sdk/webhook-path.js +27 -0
package/dist/plugin-sdk/webhook-targets.js +34 -0
package/dist/plugins/hooks.test-helpers.js +21 -0
package/dist/plugins/uninstall.js +171 -0
package/dist/process/supervisor/adapters/child.js +143 -0
package/dist/process/supervisor/adapters/env.js +13 -0
package/dist/process/supervisor/adapters/pty.js +148 -0
package/dist/process/supervisor/index.js +10 -0
package/dist/process/supervisor/registry.js +117 -0
package/dist/process/supervisor/supervisor.js +244 -0
package/dist/process/supervisor/types.js +1 -0
package/dist/providers/google-shared.test-helpers.js +75 -0
package/dist/security/audit-channel.js +419 -0
package/dist/security/audit-tool-policy.js +1 -0
package/dist/security/scan-paths.js +12 -0
package/dist/sessions/input-provenance.js +55 -0
package/dist/sessions/session-key-utils.js +7 -0
package/dist/shared/chat-content.js +31 -0
package/dist/shared/chat-envelope.js +45 -0
package/dist/shared/config-eval.js +117 -0
package/dist/shared/device-auth.js +16 -0
package/dist/shared/entry-metadata.js +9 -0
package/dist/shared/entry-status.js +25 -0
package/dist/shared/frontmatter.js +98 -0
package/dist/shared/model-param-b.js +19 -0
package/dist/shared/net/ipv4.js +17 -0
package/dist/shared/node-match.js +53 -0
package/dist/shared/requirements.js +128 -0
package/dist/shared/subagents-format.js +84 -0
package/dist/shared/usage-aggregates.js +28 -0
package/dist/signal/monitor/mentions.js +45 -0
package/dist/signal/rpc-context.js +19 -0
package/dist/slack/blocks-fallback.js +76 -0
package/dist/slack/blocks-input.js +40 -0
package/dist/slack/draft-stream.js +106 -0
package/dist/slack/message-actions.js +51 -0
package/dist/slack/modal-metadata.js +32 -0
package/dist/slack/monitor/events/interactions.js +462 -0
package/dist/slack/monitor/room-context.js +17 -0
package/dist/slack/stream-mode.js +41 -0
package/dist/telegram/bot-native-command-menu.js +64 -0
package/dist/telegram/bot.media.e2e-harness.js +81 -0
package/dist/telegram/button-types.js +1 -0
package/dist/telegram/group-access.js +65 -0
package/dist/telegram/outbound-params.js +21 -0
package/dist/telegram/poll-vote-cache.js +21 -0
package/dist/terminal/health-style.js +36 -0
package/dist/test-utils/chunk-test-helpers.js +21 -0
package/dist/test-utils/env.js +72 -0
package/dist/test-utils/exec-assertions.js +12 -0
package/dist/test-utils/imessage-test-plugin.js +54 -0
package/dist/test-utils/mock-http-response.js +17 -0
package/dist/test-utils/vitest-mock-fn.js +1 -0
package/dist/tts/tts-core.js +550 -0
package/dist/utils/chunk-items.js +10 -0
package/dist/utils/reaction-level.js +52 -0
package/dist/utils/safe-json.js +22 -0
package/dist/utils/with-timeout.js +14 -0
package/dist/web/media.js +17 -5
package/dist/whatsapp/resolve-outbound-target.js +42 -0
package/dist/wizard/onboarding.completion.js +74 -0
package/extensions/bluebubbles/src/account-resolve.ts +29 -0
package/extensions/bluebubbles/src/monitor-normalize.ts +796 -0
package/extensions/bluebubbles/src/monitor-processing.ts +1007 -0
package/extensions/bluebubbles/src/monitor-reply-cache.ts +185 -0
package/extensions/bluebubbles/src/monitor-shared.ts +51 -0
package/extensions/bluebubbles/src/multipart.ts +32 -0
package/extensions/bluebubbles/src/send-helpers.ts +53 -0
package/extensions/bluebubbles/src/test-harness.ts +50 -0
package/extensions/bluebubbles/src/test-mocks.ts +11 -0
package/extensions/device-pair/index.ts +554 -0
package/extensions/device-pair/poolbot.plugin.json +20 -0
package/extensions/discord/src/channel.js +366 -0
package/extensions/discord/src/runtime.js +10 -0
package/extensions/feishu/index.ts +63 -0
package/extensions/feishu/package.json +37 -0
package/extensions/feishu/poolbot.plugin.json +10 -0
package/extensions/feishu/skills/feishu-doc/SKILL.md +105 -0
package/extensions/feishu/skills/feishu-doc/references/block-types.md +103 -0
package/extensions/feishu/skills/feishu-drive/SKILL.md +97 -0
package/extensions/feishu/skills/feishu-perm/SKILL.md +119 -0
package/extensions/feishu/skills/feishu-wiki/SKILL.md +111 -0
package/extensions/feishu/src/accounts.ts +114 -0
package/extensions/feishu/src/bitable.ts +739 -0
package/extensions/feishu/src/bot.ts +965 -0
package/extensions/feishu/src/channel.ts +351 -0
package/extensions/feishu/src/client.ts +118 -0
package/extensions/feishu/src/config-schema.ts +206 -0
package/extensions/feishu/src/dedup.ts +33 -0
package/extensions/feishu/src/directory.ts +177 -0
package/extensions/feishu/src/doc-schema.ts +47 -0
package/extensions/feishu/src/docx.ts +536 -0
package/extensions/feishu/src/drive-schema.ts +46 -0
package/extensions/feishu/src/drive.ts +227 -0
package/extensions/feishu/src/dynamic-agent.ts +131 -0
package/extensions/feishu/src/media.ts +449 -0
package/extensions/feishu/src/mention.ts +126 -0
package/extensions/feishu/src/monitor.ts +330 -0
package/extensions/feishu/src/onboarding.ts +359 -0
package/extensions/feishu/src/outbound.ts +55 -0
package/extensions/feishu/src/perm-schema.ts +52 -0
package/extensions/feishu/src/perm.ts +173 -0
package/extensions/feishu/src/policy.ts +84 -0
package/extensions/feishu/src/probe.ts +44 -0
package/extensions/feishu/src/reactions.ts +160 -0
package/extensions/feishu/src/reply-dispatcher.ts +239 -0
package/extensions/feishu/src/runtime.ts +14 -0
package/extensions/feishu/src/send-result.ts +29 -0
package/extensions/feishu/src/send.ts +335 -0
package/extensions/feishu/src/streaming-card.ts +223 -0
package/extensions/feishu/src/targets.ts +78 -0
package/extensions/feishu/src/tools-config.ts +21 -0
package/extensions/feishu/src/types.ts +81 -0
package/extensions/feishu/src/typing.ts +80 -0
package/extensions/feishu/src/wiki-schema.ts +55 -0
package/extensions/feishu/src/wiki.ts +232 -0
package/extensions/imessage/src/channel.js +253 -0
package/extensions/imessage/src/runtime.js +10 -0
package/extensions/irc/index.ts +17 -0
package/extensions/irc/package.json +14 -0
package/extensions/irc/poolbot.plugin.json +9 -0
package/extensions/irc/src/accounts.ts +268 -0
package/extensions/irc/src/channel.ts +367 -0
package/extensions/irc/src/client.ts +439 -0
package/extensions/irc/src/config-schema.ts +97 -0
package/extensions/irc/src/connect-options.ts +30 -0
package/extensions/irc/src/control-chars.ts +22 -0
package/extensions/irc/src/inbound.ts +334 -0
package/extensions/irc/src/monitor.ts +147 -0
package/extensions/irc/src/normalize.ts +117 -0
package/extensions/irc/src/onboarding.ts +479 -0
package/extensions/irc/src/policy.ts +157 -0
package/extensions/irc/src/probe.ts +53 -0
package/extensions/irc/src/protocol.ts +169 -0
package/extensions/irc/src/runtime.ts +14 -0
package/extensions/irc/src/send.ts +88 -0
package/extensions/irc/src/types.ts +93 -0
package/extensions/matrix/src/matrix/client-bootstrap.ts +39 -0
package/extensions/mattermost/src/mattermost/monitor-onchar.ts +25 -0
package/extensions/mattermost/src/mattermost/monitor-websocket.ts +221 -0
package/extensions/mattermost/src/mattermost/reactions.ts +130 -0
package/extensions/mattermost/src/mattermost/reconnect.ts +103 -0
package/extensions/minimax-portal-auth/README.md +33 -0
package/extensions/minimax-portal-auth/index.ts +161 -0
package/extensions/minimax-portal-auth/oauth.ts +247 -0
package/extensions/minimax-portal-auth/package.json +15 -0
package/extensions/minimax-portal-auth/poolbot.plugin.json +9 -0
package/extensions/msteams/src/file-lock.ts +1 -0
package/extensions/msteams/src/graph.ts +92 -0
package/extensions/msteams/src/mentions.ts +114 -0
package/extensions/msteams/src/test-runtime.ts +16 -0
package/extensions/openai-codex-auth/README.md +82 -0
package/extensions/openai-codex-auth/index.ts +177 -0
package/extensions/openai-codex-auth/package.json +15 -0
package/extensions/openai-codex-auth/poolbot.plugin.json +9 -0
package/extensions/phone-control/index.ts +421 -0
package/extensions/phone-control/poolbot.plugin.json +10 -0
package/extensions/shared/resolve-target-test-helpers.ts +66 -0
package/extensions/signal/src/channel.js +273 -0
package/extensions/signal/src/runtime.js +10 -0
package/extensions/slack/src/channel.js +489 -0
package/extensions/slack/src/runtime.js +10 -0
package/extensions/talk-voice/index.ts +150 -0
package/extensions/talk-voice/poolbot.plugin.json +10 -0
package/extensions/telegram/src/channel.js +424 -0
package/extensions/telegram/src/runtime.js +10 -0
package/extensions/thread-ownership/index.ts +133 -0
package/extensions/thread-ownership/poolbot.plugin.json +28 -0
package/extensions/tlon/src/account-fields.ts +25 -0
package/extensions/tlon/src/urbit/base-url.ts +57 -0
package/extensions/tlon/src/urbit/channel-client.ts +157 -0
package/extensions/tlon/src/urbit/channel-ops.ts +164 -0
package/extensions/tlon/src/urbit/context.ts +47 -0
package/extensions/tlon/src/urbit/errors.ts +51 -0
package/extensions/tlon/src/urbit/fetch.ts +39 -0
package/extensions/twitch/src/test-fixtures.ts +30 -0
package/extensions/voice-call/src/allowlist.ts +19 -0
package/extensions/whatsapp/src/channel.js +429 -0
package/extensions/whatsapp/src/runtime.js +10 -0
package/package.json +1 -1

package/dist/security/audit-channel.js ADDED Viewed

@@ -0,0 +1,419 @@
+import { resolveChannelDefaultAccountId } from "../channels/plugins/helpers.js";
+import { isNumericTelegramUserId, normalizeTelegramAllowFromEntry, } from "../channels/telegram/allow-from.js";
+import { formatCliCommand } from "../cli/command-format.js";
+import { resolveNativeCommandsEnabled, resolveNativeSkillsEnabled } from "../config/commands.js";
+import { readChannelAllowFromStore } from "../pairing/pairing-store.js";
+function normalizeAllowFromList(list) {
+    if (!Array.isArray(list)) {
+        return [];
+    }
+    return list.map((v) => String(v).trim()).filter(Boolean);
+}
+function classifyChannelWarningSeverity(message) {
+    const s = message.toLowerCase();
+    if (s.includes("dms: open") ||
+        s.includes('grouppolicy="open"') ||
+        s.includes('dmpolicy="open"')) {
+        return "critical";
+    }
+    if (s.includes("allows any") || s.includes("anyone can dm") || s.includes("public")) {
+        return "critical";
+    }
+    if (s.includes("locked") || s.includes("disabled")) {
+        return "info";
+    }
+    return "warn";
+}
+export async function collectChannelSecurityFindings(params) {
+    const findings = [];
+    const coerceNativeSetting = (value) => {
+        if (value === true) {
+            return true;
+        }
+        if (value === false) {
+            return false;
+        }
+        if (value === "auto") {
+            return "auto";
+        }
+        return undefined;
+    };
+    const warnDmPolicy = async (input) => {
+        const policyPath = input.policyPath ?? `${input.allowFromPath}policy`;
+        const configAllowFrom = normalizeAllowFromList(input.allowFrom);
+        const hasWildcard = configAllowFrom.includes("*");
+        const dmScope = params.cfg.session?.dmScope ?? "main";
+        const storeAllowFrom = await readChannelAllowFromStore(input.provider).catch(() => []);
+        const normalizeEntry = input.normalizeEntry ?? ((value) => value);
+        const normalizedCfg = configAllowFrom
+            .filter((value) => value !== "*")
+            .map((value) => normalizeEntry(value))
+            .map((value) => value.trim())
+            .filter(Boolean);
+        const normalizedStore = storeAllowFrom
+            .map((value) => normalizeEntry(value))
+            .map((value) => value.trim())
+            .filter(Boolean);
+        const allowCount = Array.from(new Set([...normalizedCfg, ...normalizedStore])).length;
+        const isMultiUserDm = hasWildcard || allowCount > 1;
+        if (input.dmPolicy === "open") {
+            const allowFromKey = `${input.allowFromPath}allowFrom`;
+            findings.push({
+                checkId: `channels.${input.provider}.dm.open`,
+                severity: "critical",
+                title: `${input.label} DMs are open`,
+                detail: `${policyPath}="open" allows anyone to DM the bot.`,
+                remediation: `Use pairing/allowlist; if you really need open DMs, ensure ${allowFromKey} includes "*".`,
+            });
+            if (!hasWildcard) {
+                findings.push({
+                    checkId: `channels.${input.provider}.dm.open_invalid`,
+                    severity: "warn",
+                    title: `${input.label} DM config looks inconsistent`,
+                    detail: `"open" requires ${allowFromKey} to include "*".`,
+                });
+            }
+        }
+        if (input.dmPolicy === "disabled") {
+            findings.push({
+                checkId: `channels.${input.provider}.dm.disabled`,
+                severity: "info",
+                title: `${input.label} DMs are disabled`,
+                detail: `${policyPath}="disabled" ignores inbound DMs.`,
+            });
+            return;
+        }
+        if (dmScope === "main" && isMultiUserDm) {
+            findings.push({
+                checkId: `channels.${input.provider}.dm.scope_main_multiuser`,
+                severity: "warn",
+                title: `${input.label} DMs share the main session`,
+                detail: "Multiple DM senders currently share the main session, which can leak context across users.",
+                remediation: "Run: " +
+                    formatCliCommand('openclaw config set session.dmScope "per-channel-peer"') +
+                    ' (or "per-account-channel-peer" for multi-account channels) to isolate DM sessions per sender.',
+            });
+        }
+    };
+    for (const plugin of params.plugins) {
+        if (!plugin.security) {
+            continue;
+        }
+        const accountIds = plugin.config.listAccountIds(params.cfg);
+        const defaultAccountId = resolveChannelDefaultAccountId({
+            plugin,
+            cfg: params.cfg,
+            accountIds,
+        });
+        const account = plugin.config.resolveAccount(params.cfg, defaultAccountId);
+        const enabled = plugin.config.isEnabled ? plugin.config.isEnabled(account, params.cfg) : true;
+        if (!enabled) {
+            continue;
+        }
+        const configured = plugin.config.isConfigured
+            ? await plugin.config.isConfigured(account, params.cfg)
+            : true;
+        if (!configured) {
+            continue;
+        }
+        if (plugin.id === "discord") {
+            const discordCfg = account?.config ??
+                {};
+            const nativeEnabled = resolveNativeCommandsEnabled({
+                providerId: "discord",
+                providerSetting: coerceNativeSetting(discordCfg.commands?.native),
+                globalSetting: params.cfg.commands?.native,
+            });
+            const nativeSkillsEnabled = resolveNativeSkillsEnabled({
+                providerId: "discord",
+                providerSetting: coerceNativeSetting(discordCfg.commands?.nativeSkills),
+                globalSetting: params.cfg.commands?.nativeSkills,
+            });
+            const slashEnabled = nativeEnabled || nativeSkillsEnabled;
+            if (slashEnabled) {
+                const defaultGroupPolicy = params.cfg.channels?.defaults?.groupPolicy;
+                const groupPolicy = discordCfg.groupPolicy ?? defaultGroupPolicy ?? "allowlist";
+                const guildEntries = discordCfg.guilds ?? {};
+                const guildsConfigured = Object.keys(guildEntries).length > 0;
+                const hasAnyUserAllowlist = Object.values(guildEntries).some((guild) => {
+                    if (!guild || typeof guild !== "object") {
+                        return false;
+                    }
+                    const g = guild;
+                    if (Array.isArray(g.users) && g.users.length > 0) {
+                        return true;
+                    }
+                    const channels = g.channels;
+                    if (!channels || typeof channels !== "object") {
+                        return false;
+                    }
+                    return Object.values(channels).some((channel) => {
+                        if (!channel || typeof channel !== "object") {
+                            return false;
+                        }
+                        const c = channel;
+                        return Array.isArray(c.users) && c.users.length > 0;
+                    });
+                });
+                const dmAllowFromRaw = discordCfg.dm?.allowFrom;
+                const dmAllowFrom = Array.isArray(dmAllowFromRaw) ? dmAllowFromRaw : [];
+                const storeAllowFrom = await readChannelAllowFromStore("discord").catch(() => []);
+                const ownerAllowFromConfigured = normalizeAllowFromList([...dmAllowFrom, ...storeAllowFrom]).length > 0;
+                const useAccessGroups = params.cfg.commands?.useAccessGroups !== false;
+                if (!useAccessGroups &&
+                    groupPolicy !== "disabled" &&
+                    guildsConfigured &&
+                    !hasAnyUserAllowlist) {
+                    findings.push({
+                        checkId: "channels.discord.commands.native.unrestricted",
+                        severity: "critical",
+                        title: "Discord slash commands are unrestricted",
+                        detail: "commands.useAccessGroups=false disables sender allowlists for Discord slash commands unless a per-guild/channel users allowlist is configured; with no users allowlist, any user in allowed guild channels can invoke /… commands.",
+                        remediation: "Set commands.useAccessGroups=true (recommended), or configure channels.discord.guilds.<id>.users (or channels.discord.guilds.<id>.channels.<channel>.users).",
+                    });
+                }
+                else if (useAccessGroups &&
+                    groupPolicy !== "disabled" &&
+                    guildsConfigured &&
+                    !ownerAllowFromConfigured &&
+                    !hasAnyUserAllowlist) {
+                    findings.push({
+                        checkId: "channels.discord.commands.native.no_allowlists",
+                        severity: "warn",
+                        title: "Discord slash commands have no allowlists",
+                        detail: "Discord slash commands are enabled, but neither an owner allowFrom list nor any per-guild/channel users allowlist is configured; /… commands will be rejected for everyone.",
+                        remediation: "Add your user id to channels.discord.allowFrom (or approve yourself via pairing), or configure channels.discord.guilds.<id>.users.",
+                    });
+                }
+            }
+        }
+        if (plugin.id === "slack") {
+            const slackCfg = account
+                ?.config ?? {};
+            const nativeEnabled = resolveNativeCommandsEnabled({
+                providerId: "slack",
+                providerSetting: coerceNativeSetting(slackCfg.commands?.native),
+                globalSetting: params.cfg.commands?.native,
+            });
+            const nativeSkillsEnabled = resolveNativeSkillsEnabled({
+                providerId: "slack",
+                providerSetting: coerceNativeSetting(slackCfg.commands?.nativeSkills),
+                globalSetting: params.cfg.commands?.nativeSkills,
+            });
+            const slashCommandEnabled = nativeEnabled ||
+                nativeSkillsEnabled ||
+                slackCfg.slashCommand?.enabled === true;
+            if (slashCommandEnabled) {
+                const useAccessGroups = params.cfg.commands?.useAccessGroups !== false;
+                if (!useAccessGroups) {
+                    findings.push({
+                        checkId: "channels.slack.commands.slash.useAccessGroups_off",
+                        severity: "critical",
+                        title: "Slack slash commands bypass access groups",
+                        detail: "Slack slash/native commands are enabled while commands.useAccessGroups=false; this can allow unrestricted /… command execution from channels/users you didn't explicitly authorize.",
+                        remediation: "Set commands.useAccessGroups=true (recommended).",
+                    });
+                }
+                else {
+                    const allowFromRaw = account?.config?.allowFrom;
+                    const legacyAllowFromRaw = account?.dm?.allowFrom;
+                    const allowFrom = Array.isArray(allowFromRaw)
+                        ? allowFromRaw
+                        : Array.isArray(legacyAllowFromRaw)
+                            ? legacyAllowFromRaw
+                            : [];
+                    const storeAllowFrom = await readChannelAllowFromStore("slack").catch(() => []);
+                    const ownerAllowFromConfigured = normalizeAllowFromList([...allowFrom, ...storeAllowFrom]).length > 0;
+                    const channels = slackCfg.channels ?? {};
+                    const hasAnyChannelUsersAllowlist = Object.values(channels).some((value) => {
+                        if (!value || typeof value !== "object") {
+                            return false;
+                        }
+                        const channel = value;
+                        return Array.isArray(channel.users) && channel.users.length > 0;
+                    });
+                    if (!ownerAllowFromConfigured && !hasAnyChannelUsersAllowlist) {
+                        findings.push({
+                            checkId: "channels.slack.commands.slash.no_allowlists",
+                            severity: "warn",
+                            title: "Slack slash commands have no allowlists",
+                            detail: "Slack slash/native commands are enabled, but neither an owner allowFrom list nor any channels.<id>.users allowlist is configured; /… commands will be rejected for everyone.",
+                            remediation: "Approve yourself via pairing (recommended), or set channels.slack.allowFrom and/or channels.slack.channels.<id>.users.",
+                        });
+                    }
+                }
+            }
+        }
+        const dmPolicy = plugin.security.resolveDmPolicy?.({
+            cfg: params.cfg,
+            accountId: defaultAccountId,
+            account,
+        });
+        if (dmPolicy) {
+            await warnDmPolicy({
+                label: plugin.meta.label ?? plugin.id,
+                provider: plugin.id,
+                dmPolicy: dmPolicy.policy,
+                allowFrom: dmPolicy.allowFrom,
+                policyPath: dmPolicy.policyPath,
+                allowFromPath: dmPolicy.allowFromPath,
+                normalizeEntry: dmPolicy.normalizeEntry,
+            });
+        }
+        if (plugin.security.collectWarnings) {
+            const warnings = await plugin.security.collectWarnings({
+                cfg: params.cfg,
+                accountId: defaultAccountId,
+                account,
+            });
+            for (const message of warnings ?? []) {
+                const trimmed = String(message).trim();
+                if (!trimmed) {
+                    continue;
+                }
+                findings.push({
+                    checkId: `channels.${plugin.id}.warning.${findings.length + 1}`,
+                    severity: classifyChannelWarningSeverity(trimmed),
+                    title: `${plugin.meta.label ?? plugin.id} security warning`,
+                    detail: trimmed.replace(/^-\s*/, ""),
+                });
+            }
+        }
+        if (plugin.id === "telegram") {
+            const allowTextCommands = params.cfg.commands?.text !== false;
+            if (!allowTextCommands) {
+                continue;
+            }
+            const telegramCfg = account?.config ??
+                {};
+            const defaultGroupPolicy = params.cfg.channels?.defaults?.groupPolicy;
+            const groupPolicy = telegramCfg.groupPolicy ?? defaultGroupPolicy ?? "allowlist";
+            const groups = telegramCfg.groups;
+            const groupsConfigured = Boolean(groups) && Object.keys(groups ?? {}).length > 0;
+            const groupAccessPossible = groupPolicy === "open" || (groupPolicy === "allowlist" && groupsConfigured);
+            if (!groupAccessPossible) {
+                continue;
+            }
+            const storeAllowFrom = await readChannelAllowFromStore("telegram").catch(() => []);
+            const storeHasWildcard = storeAllowFrom.some((v) => String(v).trim() === "*");
+            const invalidTelegramAllowFromEntries = new Set();
+            for (const entry of storeAllowFrom) {
+                const normalized = normalizeTelegramAllowFromEntry(entry);
+                if (!normalized || normalized === "*") {
+                    continue;
+                }
+                if (!isNumericTelegramUserId(normalized)) {
+                    invalidTelegramAllowFromEntries.add(normalized);
+                }
+            }
+            const groupAllowFrom = Array.isArray(telegramCfg.groupAllowFrom)
+                ? telegramCfg.groupAllowFrom
+                : [];
+            const groupAllowFromHasWildcard = groupAllowFrom.some((v) => String(v).trim() === "*");
+            for (const entry of groupAllowFrom) {
+                const normalized = normalizeTelegramAllowFromEntry(entry);
+                if (!normalized || normalized === "*") {
+                    continue;
+                }
+                if (!isNumericTelegramUserId(normalized)) {
+                    invalidTelegramAllowFromEntries.add(normalized);
+                }
+            }
+            const dmAllowFrom = Array.isArray(telegramCfg.allowFrom) ? telegramCfg.allowFrom : [];
+            for (const entry of dmAllowFrom) {
+                const normalized = normalizeTelegramAllowFromEntry(entry);
+                if (!normalized || normalized === "*") {
+                    continue;
+                }
+                if (!isNumericTelegramUserId(normalized)) {
+                    invalidTelegramAllowFromEntries.add(normalized);
+                }
+            }
+            const anyGroupOverride = Boolean(groups &&
+                Object.values(groups).some((value) => {
+                    if (!value || typeof value !== "object") {
+                        return false;
+                    }
+                    const group = value;
+                    const allowFrom = Array.isArray(group.allowFrom) ? group.allowFrom : [];
+                    if (allowFrom.length > 0) {
+                        for (const entry of allowFrom) {
+                            const normalized = normalizeTelegramAllowFromEntry(entry);
+                            if (!normalized || normalized === "*") {
+                                continue;
+                            }
+                            if (!isNumericTelegramUserId(normalized)) {
+                                invalidTelegramAllowFromEntries.add(normalized);
+                            }
+                        }
+                        return true;
+                    }
+                    const topics = group.topics;
+                    if (!topics || typeof topics !== "object") {
+                        return false;
+                    }
+                    return Object.values(topics).some((topicValue) => {
+                        if (!topicValue || typeof topicValue !== "object") {
+                            return false;
+                        }
+                        const topic = topicValue;
+                        const topicAllow = Array.isArray(topic.allowFrom) ? topic.allowFrom : [];
+                        for (const entry of topicAllow) {
+                            const normalized = normalizeTelegramAllowFromEntry(entry);
+                            if (!normalized || normalized === "*") {
+                                continue;
+                            }
+                            if (!isNumericTelegramUserId(normalized)) {
+                                invalidTelegramAllowFromEntries.add(normalized);
+                            }
+                        }
+                        return topicAllow.length > 0;
+                    });
+                }));
+            const hasAnySenderAllowlist = storeAllowFrom.length > 0 || groupAllowFrom.length > 0 || anyGroupOverride;
+            if (invalidTelegramAllowFromEntries.size > 0) {
+                const examples = Array.from(invalidTelegramAllowFromEntries).slice(0, 5);
+                const more = invalidTelegramAllowFromEntries.size > examples.length
+                    ? ` (+${invalidTelegramAllowFromEntries.size - examples.length} more)`
+                    : "";
+                findings.push({
+                    checkId: "channels.telegram.allowFrom.invalid_entries",
+                    severity: "warn",
+                    title: "Telegram allowlist contains non-numeric entries",
+                    detail: "Telegram sender authorization requires numeric Telegram user IDs. " +
+                        `Found non-numeric allowFrom entries: ${examples.join(", ")}${more}.`,
+                    remediation: "Replace @username entries with numeric Telegram user IDs (use onboarding to resolve), then re-run the audit.",
+                });
+            }
+            if (storeHasWildcard || groupAllowFromHasWildcard) {
+                findings.push({
+                    checkId: "channels.telegram.groups.allowFrom.wildcard",
+                    severity: "critical",
+                    title: "Telegram group allowlist contains wildcard",
+                    detail: 'Telegram group sender allowlist contains "*", which allows any group member to run /… commands and control directives.',
+                    remediation: 'Remove "*" from channels.telegram.groupAllowFrom and pairing store; prefer explicit numeric Telegram user IDs.',
+                });
+                continue;
+            }
+            if (!hasAnySenderAllowlist) {
+                const providerSetting = telegramCfg.commands
+                    // oxlint-disable-next-line typescript/no-explicit-any
+                    ?.nativeSkills;
+                const skillsEnabled = resolveNativeSkillsEnabled({
+                    providerId: "telegram",
+                    providerSetting,
+                    globalSetting: params.cfg.commands?.nativeSkills,
+                });
+                findings.push({
+                    checkId: "channels.telegram.groups.allowFrom.missing",
+                    severity: "critical",
+                    title: "Telegram group commands have no sender allowlist",
+                    detail: `Telegram group access is enabled but no sender allowlist is configured; this allows any group member to invoke /… commands` +
+                        (skillsEnabled ? " (including skill commands)." : "."),
+                    remediation: "Approve yourself via pairing (recommended), or set channels.telegram.groupAllowFrom (or per-group groups.<id>.allowFrom).",
+                });
+            }
+        }
+    }
+    return findings;
+}

package/dist/security/audit-tool-policy.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { pickSandboxToolPolicy } from "../agents/sandbox-tool-policy.js";

package/dist/security/scan-paths.js ADDED Viewed

@@ -0,0 +1,12 @@
+import path from "node:path";
+export function isPathInside(basePath, candidatePath) {
+    const base = path.resolve(basePath);
+    const candidate = path.resolve(candidatePath);
+    const rel = path.relative(base, candidate);
+    return rel === "" || (!rel.startsWith(`..${path.sep}`) && rel !== ".." && !path.isAbsolute(rel));
+}
+export function extensionUsesSkippedScannerPath(entry) {
+    const segments = entry.split(/[\\/]+/).filter(Boolean);
+    return segments.some((segment) => segment === "node_modules" ||
+        (segment.startsWith(".") && segment !== "." && segment !== ".."));
+}

package/dist/sessions/input-provenance.js ADDED Viewed

@@ -0,0 +1,55 @@
+export const INPUT_PROVENANCE_KIND_VALUES = [
+    "external_user",
+    "inter_session",
+    "internal_system",
+];
+function normalizeOptionalString(value) {
+    if (typeof value !== "string") {
+        return undefined;
+    }
+    const trimmed = value.trim();
+    return trimmed ? trimmed : undefined;
+}
+function isInputProvenanceKind(value) {
+    return (typeof value === "string" && INPUT_PROVENANCE_KIND_VALUES.includes(value));
+}
+export function normalizeInputProvenance(value) {
+    if (!value || typeof value !== "object") {
+        return undefined;
+    }
+    const record = value;
+    if (!isInputProvenanceKind(record.kind)) {
+        return undefined;
+    }
+    return {
+        kind: record.kind,
+        sourceSessionKey: normalizeOptionalString(record.sourceSessionKey),
+        sourceChannel: normalizeOptionalString(record.sourceChannel),
+        sourceTool: normalizeOptionalString(record.sourceTool),
+    };
+}
+export function applyInputProvenanceToUserMessage(message, inputProvenance) {
+    if (!inputProvenance) {
+        return message;
+    }
+    if (message.role !== "user") {
+        return message;
+    }
+    const existing = normalizeInputProvenance(message.provenance);
+    if (existing) {
+        return message;
+    }
+    return {
+        ...message,
+        provenance: inputProvenance,
+    };
+}
+export function isInterSessionInputProvenance(value) {
+    return normalizeInputProvenance(value)?.kind === "inter_session";
+}
+export function hasInterSessionUserProvenance(message) {
+    if (!message || message.role !== "user") {
+        return false;
+    }
+    return isInterSessionInputProvenance(message.provenance);
+}

package/dist/sessions/session-key-utils.js CHANGED Viewed

@@ -29,6 +29,13 @@ export function isSubagentSessionKey(sessionKey) {
     const parsed = parseAgentSessionKey(raw);
     return Boolean((parsed?.rest ?? "").toLowerCase().startsWith("subagent:"));
 }
+export function getSubagentDepth(sessionKey) {
+    const raw = (sessionKey ?? "").trim().toLowerCase();
+    if (!raw) {
+        return 0;
+    }
+    return raw.split(":subagent:").length - 1;
+}
 export function isAcpSessionKey(sessionKey) {
     const raw = (sessionKey ?? "").trim();
     if (!raw)

package/dist/shared/chat-content.js ADDED Viewed

@@ -0,0 +1,31 @@
+export function extractTextFromChatContent(content, opts) {
+    const normalize = opts?.normalizeText ?? ((text) => text.replace(/\s+/g, " ").trim());
+    const joinWith = opts?.joinWith ?? " ";
+    if (typeof content === "string") {
+        const value = opts?.sanitizeText ? opts.sanitizeText(content) : content;
+        const normalized = normalize(value);
+        return normalized ? normalized : null;
+    }
+    if (!Array.isArray(content)) {
+        return null;
+    }
+    const chunks = [];
+    for (const block of content) {
+        if (!block || typeof block !== "object") {
+            continue;
+        }
+        if (block.type !== "text") {
+            continue;
+        }
+        const text = block.text;
+        if (typeof text !== "string") {
+            continue;
+        }
+        const value = opts?.sanitizeText ? opts.sanitizeText(text) : text;
+        if (value.trim()) {
+            chunks.push(value);
+        }
+    }
+    const joined = normalize(chunks.join(joinWith));
+    return joined ? joined : null;
+}

package/dist/shared/chat-envelope.js ADDED Viewed

@@ -0,0 +1,45 @@
+const ENVELOPE_PREFIX = /^\[([^\]]+)\]\s*/;
+const ENVELOPE_CHANNELS = [
+    "WebChat",
+    "WhatsApp",
+    "Telegram",
+    "Signal",
+    "Slack",
+    "Discord",
+    "Google Chat",
+    "iMessage",
+    "Teams",
+    "Matrix",
+    "Zalo",
+    "Zalo Personal",
+    "BlueBubbles",
+];
+const MESSAGE_ID_LINE = /^\s*\[message_id:\s*[^\]]+\]\s*$/i;
+function looksLikeEnvelopeHeader(header) {
+    if (/\d{4}-\d{2}-\d{2}T\d{2}:\d{2}Z\b/.test(header)) {
+        return true;
+    }
+    if (/\d{4}-\d{2}-\d{2} \d{2}:\d{2}\b/.test(header)) {
+        return true;
+    }
+    return ENVELOPE_CHANNELS.some((label) => header.startsWith(`${label} `));
+}
+export function stripEnvelope(text) {
+    const match = text.match(ENVELOPE_PREFIX);
+    if (!match) {
+        return text;
+    }
+    const header = match[1] ?? "";
+    if (!looksLikeEnvelopeHeader(header)) {
+        return text;
+    }
+    return text.slice(match[0].length);
+}
+export function stripMessageIdHints(text) {
+    if (!text.includes("[message_id:")) {
+        return text;
+    }
+    const lines = text.split(/\r?\n/);
+    const filtered = lines.filter((line) => !MESSAGE_ID_LINE.test(line));
+    return filtered.length === lines.length ? text : filtered.join("\n");
+}