@poolzin/pool-bot 2026.2.25 → 2026.2.26

package/dist/agents/tools/whatsapp-actions.js

@@ -1,5 +1,6 @@
 import { sendReactionWhatsApp } from "../../web/outbound.js";
 import { createActionGate, jsonResult, readReactionParams, readStringParam } from "./common.js";
+import { resolveAuthorizedWhatsAppOutboundTarget } from "./whatsapp-target-auth.js";
 export async function handleWhatsAppAction(params, cfg) {
     const action = readStringParam(params, "action", { required: true });
     const isActionEnabled = createActionGate(cfg.channels?.whatsapp?.actions);
@@ -16,12 +17,19 @@ export async function handleWhatsAppAction(params, cfg) {
         const accountId = readStringParam(params, "accountId");
         const fromMeRaw = params.fromMe;
         const fromMe = typeof fromMeRaw === "boolean" ? fromMeRaw : undefined;
+        // Resolve account + allowFrom via shared account logic so auth and routing stay aligned.
+        const resolved = resolveAuthorizedWhatsAppOutboundTarget({
+            cfg,
+            chatJid,
+            accountId,
+            actionLabel: "reaction",
+        });
         const resolvedEmoji = remove ? "" : emoji;
-        await sendReactionWhatsApp(chatJid, messageId, resolvedEmoji, {
+        await sendReactionWhatsApp(resolved.to, messageId, resolvedEmoji, {
             verbose: false,
             fromMe,
             participant: participant ?? undefined,
-            accountId: accountId ?? undefined,
+            accountId: resolved.accountId,
         });
         if (!remove && !isEmpty) {
             return jsonResult({ ok: true, added: emoji });

package/dist/agents/tools/whatsapp-target-auth.js

@@ -0,0 +1,18 @@
+import { resolveWhatsAppAccount } from "../../web/accounts.js";
+import { resolveWhatsAppOutboundTarget } from "../../whatsapp/resolve-outbound-target.js";
+import { ToolAuthorizationError } from "./common.js";
+export function resolveAuthorizedWhatsAppOutboundTarget(params) {
+    const account = resolveWhatsAppAccount({
+        cfg: params.cfg,
+        accountId: params.accountId,
+    });
+    const resolution = resolveWhatsAppOutboundTarget({
+        to: params.chatJid,
+        allowFrom: account.allowFrom ?? [],
+        mode: "implicit",
+    });
+    if (!resolution.ok) {
+        throw new ToolAuthorizationError(`WhatsApp ${params.actionLabel} blocked: chatJid "${params.chatJid}" is not in the configured allowFrom list for account "${account.accountId}".`);
+    }
+    return { to: resolution.to, accountId: account.accountId };
+}

package/dist/agents/transcript-policy.js

@@ -1,5 +1,5 @@
-import { isAntigravityClaude, isGoogleModelApi } from "./pi-embedded-helpers/google.js";
 import { normalizeProviderId } from "./model-selection.js";
+import { isAntigravityClaude, isGoogleModelApi } from "./pi-embedded-helpers/google.js";
 const MISTRAL_MODEL_HINTS = [
     "mistral",
     "mixtral",
@@ -17,28 +17,34 @@ const OPENAI_MODEL_APIS = new Set([
 ]);
 const OPENAI_PROVIDERS = new Set(["openai", "openai-codex"]);
 function isOpenAiApi(modelApi) {
-    if (!modelApi)
+    if (!modelApi) {
         return false;
+    }
     return OPENAI_MODEL_APIS.has(modelApi);
 }
 function isOpenAiProvider(provider) {
-    if (!provider)
+    if (!provider) {
         return false;
+    }
     return OPENAI_PROVIDERS.has(normalizeProviderId(provider));
 }
 function isAnthropicApi(modelApi, provider) {
-    if (modelApi === "anthropic-messages")
+    if (modelApi === "anthropic-messages") {
         return true;
+    }
     const normalized = normalizeProviderId(provider ?? "");
-    return normalized === "anthropic" || normalized === "minimax";
+    // MiniMax now uses openai-completions API, not anthropic-messages
+    return normalized === "anthropic";
 }
 function isMistralModel(params) {
     const provider = normalizeProviderId(params.provider ?? "");
-    if (provider === "mistral")
+    if (provider === "mistral") {
         return true;
+    }
     const modelId = (params.modelId ?? "").toLowerCase();
-    if (!modelId)
+    if (!modelId) {
         return false;
+    }
     return MISTRAL_MODEL_HINTS.some((hint) => modelId.includes(hint));
 }
 export function resolveTranscriptPolicy(params) {
@@ -55,8 +61,13 @@ export function resolveTranscriptPolicy(params) {
         provider,
         modelId,
     });
+    const isCopilotClaude = provider === "github-copilot" && modelId.toLowerCase().includes("claude");
+    // GitHub Copilot's Claude endpoints can reject persisted `thinking` blocks with
+    // non-binary/non-base64 signatures (e.g. thinkingSignature: "reasoning_text").
+    // Drop these blocks at send-time to keep sessions usable.
+    const dropThinkingBlocks = isCopilotClaude;
     const needsNonImageSanitize = isGoogle || isAnthropic || isMistral || isOpenRouterGemini;
-    const sanitizeToolCallIds = isGoogle || isMistral;
+    const sanitizeToolCallIds = isGoogle || isMistral || isAnthropic;
     const toolCallIdMode = isMistral
         ? "strict9"
         : sanitizeToolCallIds
@@ -67,6 +78,7 @@ export function resolveTranscriptPolicy(params) {
         ? { allowBase64Only: true, includeCamelCase: true }
         : undefined;
     const normalizeAntigravityThinkingBlocks = isAntigravityClaudeModel;
+    const sanitizeThinkingSignatures = isAntigravityClaudeModel;
     return {
         sanitizeMode: isOpenAi ? "images-only" : needsNonImageSanitize ? "full" : "images-only",
         sanitizeToolCallIds: !isOpenAi && sanitizeToolCallIds,
@@ -75,6 +87,8 @@ export function resolveTranscriptPolicy(params) {
         preserveSignatures: isAntigravityClaudeModel,
         sanitizeThoughtSignatures: isOpenAi ? undefined : sanitizeThoughtSignatures,
         normalizeAntigravityThinkingBlocks,
+        sanitizeThinkingSignatures,
+        dropThinkingBlocks,
         applyGoogleTurnOrdering: !isOpenAi && isGoogle,
         validateGeminiTurns: !isOpenAi && isGoogle,
         validateAnthropicTurns: !isOpenAi && isAnthropic,

package/dist/agents/venice-models.js

@@ -1,3 +1,5 @@
+import { createSubsystemLogger } from "../logging/subsystem.js";
+const log = createSubsystemLogger("venice-models");
 export const VENICE_BASE_URL = "https://api.venice.ai/api/v1";
 export const VENICE_DEFAULT_MODEL_ID = "llama-3.3-70b";
 export const VENICE_DEFAULT_MODEL_REF = `venice/${VENICE_DEFAULT_MODEL_ID}`;
@@ -282,6 +284,11 @@ export function buildVeniceModelDefinition(entry) {
         cost: VENICE_DEFAULT_COST,
         contextWindow: entry.contextWindow,
         maxTokens: entry.maxTokens,
+        // Avoid usage-only streaming chunks that can break OpenAI-compatible parsers.
+        // See: https://github.com/openclaw/openclaw/issues/15819
+        compat: {
+            supportsUsageInStreaming: false,
+        },
     };
 }
 /**
@@ -298,12 +305,12 @@ export async function discoverVeniceModels() {
             signal: AbortSignal.timeout(5000),
         });
         if (!response.ok) {
-            console.warn(`[venice-models] Failed to discover models: HTTP ${response.status}, using static catalog`);
+            log.warn(`Failed to discover models: HTTP ${response.status}, using static catalog`);
             return VENICE_MODEL_CATALOG.map(buildVeniceModelDefinition);
         }
         const data = (await response.json());
         if (!Array.isArray(data.data) || data.data.length === 0) {
-            console.warn("[venice-models] No models found from API, using static catalog");
+            log.warn("No models found from API, using static catalog");
             return VENICE_MODEL_CATALOG.map(buildVeniceModelDefinition);
         }
         // Merge discovered models with catalog metadata
@@ -330,13 +337,14 @@ export async function discoverVeniceModels() {
                     cost: VENICE_DEFAULT_COST,
                     contextWindow: apiModel.model_spec.availableContextTokens || 128000,
                     maxTokens: 8192,
+                    compat: { supportsUsageInStreaming: false },
                 });
             }
         }
         return models.length > 0 ? models : VENICE_MODEL_CATALOG.map(buildVeniceModelDefinition);
     }
     catch (error) {
-        console.warn(`[venice-models] Discovery failed: ${String(error)}, using static catalog`);
+        log.warn(`Discovery failed: ${String(error)}, using static catalog`);
         return VENICE_MODEL_CATALOG.map(buildVeniceModelDefinition);
     }
 }

package/dist/auto-reply/commands-registry.data.js

@@ -231,6 +231,28 @@ function buildChatCommands() {
             textAlias: "/whoami",
             category: "status",
         }),
+        defineChatCommand({
+            key: "session",
+            nativeName: "session",
+            description: "Manage session-level settings (for example /session ttl).",
+            textAlias: "/session",
+            category: "session",
+            args: [
+                {
+                    name: "action",
+                    description: "ttl",
+                    type: "string",
+                    choices: ["ttl"],
+                },
+                {
+                    name: "value",
+                    description: "Duration (24h, 90m) or off",
+                    type: "string",
+                    captureRemaining: true,
+                },
+            ],
+            argsMenu: "auto",
+        }),
         defineChatCommand({
             key: "subagents",
             nativeName: "subagents",
@@ -258,6 +280,35 @@ function buildChatCommands() {
             ],
             argsMenu: "auto",
         }),
+        defineChatCommand({
+            key: "focus",
+            nativeName: "focus",
+            description: "Bind this Discord thread (or a new one) to a session target.",
+            textAlias: "/focus",
+            category: "management",
+            args: [
+                {
+                    name: "target",
+                    description: "Subagent label/index or session key/id/label",
+                    type: "string",
+                    captureRemaining: true,
+                },
+            ],
+        }),
+        defineChatCommand({
+            key: "unfocus",
+            nativeName: "unfocus",
+            description: "Remove the current Discord thread binding.",
+            textAlias: "/unfocus",
+            category: "management",
+        }),
+        defineChatCommand({
+            key: "agents",
+            nativeName: "agents",
+            description: "List thread-bound agents for this session.",
+            textAlias: "/agents",
+            category: "management",
+        }),
         defineChatCommand({
             key: "kill",
             nativeName: "kill",

package/dist/auto-reply/commands-registry.js

@@ -1,5 +1,6 @@
 import { DEFAULT_MODEL, DEFAULT_PROVIDER } from "../agents/defaults.js";
 import { resolveConfiguredModelRef } from "../agents/model-selection.js";
+import { isCommandFlagEnabled } from "../config/commands.js";
 import { escapeRegExp } from "../utils.js";
 import { getChatCommands, getNativeCommandSurfaces } from "./commands-registry.data.js";
 let cachedTextAliasMap = null;
@@ -51,11 +52,11 @@ export function listChatCommands(params) {
 }
 export function isCommandEnabled(cfg, commandKey) {
     if (commandKey === "config")
-        return cfg.commands?.config === true;
+        return isCommandFlagEnabled(cfg, "config");
     if (commandKey === "debug")
-        return cfg.commands?.debug === true;
+        return isCommandFlagEnabled(cfg, "debug");
     if (commandKey === "bash")
-        return cfg.commands?.bash === true;
+        return isCommandFlagEnabled(cfg, "bash");
     return true;
 }
 export function listChatCommandsForConfig(cfg, params) {

package/dist/auto-reply/group-activation.js

@@ -1,22 +1,27 @@
 import { normalizeCommandBody } from "./commands-registry.js";
 export function normalizeGroupActivation(raw) {
     const value = raw?.trim().toLowerCase();
-    if (value === "mention")
+    if (value === "mention") {
         return "mention";
-    if (value === "always")
+    }
+    if (value === "always") {
         return "always";
+    }
     return undefined;
 }
 export function parseActivationCommand(raw) {
-    if (!raw)
+    if (!raw) {
         return { hasCommand: false };
+    }
     const trimmed = raw.trim();
-    if (!trimmed)
+    if (!trimmed) {
         return { hasCommand: false };
+    }
     const normalized = normalizeCommandBody(trimmed);
     const match = normalized.match(/^\/activation(?:\s+([a-zA-Z]+))?\s*$/i);
-    if (!match)
+    if (!match) {
         return { hasCommand: false };
+    }
     const mode = normalizeGroupActivation(match[1]);
     return { hasCommand: true, mode };
 }

package/dist/auto-reply/inbound-debounce.js

@@ -1,11 +1,13 @@
 const resolveMs = (value) => {
-    if (typeof value !== "number" || !Number.isFinite(value))
+    if (typeof value !== "number" || !Number.isFinite(value)) {
         return undefined;
+    }
     return Math.max(0, Math.trunc(value));
 };
 const resolveChannelOverride = (params) => {
-    if (!params.byChannel)
+    if (!params.byChannel) {
         return undefined;
+    }
     return resolveMs(params.byChannel[params.channel]);
 };
 export function resolveInboundDebounceMs(params) {
@@ -27,8 +29,9 @@ export function createInboundDebouncer(params) {
             clearTimeout(buffer.timeout);
             buffer.timeout = null;
         }
-        if (buffer.items.length === 0)
+        if (buffer.items.length === 0) {
             return;
+        }
         try {
             await params.onFlush(buffer.items);
         }
@@ -38,13 +41,15 @@ export function createInboundDebouncer(params) {
     };
     const flushKey = async (key) => {
         const buffer = buffers.get(key);
-        if (!buffer)
+        if (!buffer) {
             return;
+        }
         await flushBuffer(key, buffer);
     };
     const scheduleFlush = (key, buffer) => {
-        if (buffer.timeout)
+        if (buffer.timeout) {
             clearTimeout(buffer.timeout);
+        }
         buffer.timeout = setTimeout(() => {
             void flushBuffer(key, buffer);
         }, debounceMs);

package/dist/auto-reply/reply/abort.js

@@ -79,7 +79,7 @@ export function formatAbortReplyText(stoppedSubagents) {
     const label = stoppedSubagents === 1 ? "sub-agent" : "sub-agents";
     return `⚙️ Agent was aborted. Stopped ${stoppedSubagents} ${label}.`;
 }
-function resolveSessionEntryForKey(store, sessionKey) {
+export function resolveSessionEntryForKey(store, sessionKey) {
     if (!store || !sessionKey) {
         return {};
     }

package/dist/auto-reply/reply/agent-runner-execution.js

@@ -13,7 +13,7 @@ import { emitAgentEvent, registerAgentRunContext } from "../../infra/agent-event
 import { defaultRuntime } from "../../runtime.js";
 import { isMarkdownCapableMessageChannel, resolveMessageChannel, } from "../../utils/message-channel.js";
 import { stripHeartbeatToken } from "../heartbeat.js";
-import { isSilentReplyText, SILENT_REPLY_TOKEN } from "../tokens.js";
+import { isSilentReplyPrefixText, isSilentReplyText, SILENT_REPLY_TOKEN } from "../tokens.js";
 import { buildThreadingToolContext, resolveEnforceFinalTag } from "./agent-runner-utils.js";
 import { createBlockReplyPayloadKey } from "./block-reply-pipeline.js";
 import { parseReplyDirectives } from "./reply-directives.js";
@@ -74,6 +74,9 @@ export async function runAgentTurnWithFallback(params) {
                 return { text: sanitized, skip: false };
             };
             const handlePartialForTyping = async (payload) => {
+                if (isSilentReplyPrefixText(payload.text, SILENT_REPLY_TOKEN)) {
+                    return undefined;
+                }
                 const { text, skip } = normalizeStreamingText(payload);
                 if (skip || !text)
                     return undefined;

package/dist/auto-reply/reply/bash-command.js

@@ -3,9 +3,11 @@ import { getFinishedSession, getSession, markExited } from "../../agents/bash-pr
 import { createExecTool } from "../../agents/bash-tools.js";
 import { resolveSandboxRuntimeStatus } from "../../agents/sandbox.js";
 import { killProcessTree } from "../../agents/shell-utils.js";
-import { formatCliCommand } from "../../cli/command-format.js";
+import { isCommandFlagEnabled } from "../../config/commands.js";
 import { logVerbose } from "../../globals.js";
 import { clampInt } from "../../utils.js";
+import { buildDisabledCommandReply } from "./command-gates.js";
+import { formatElevatedUnavailableMessage } from "./elevated-unavailable.js";
 import { stripMentions, stripStructuralPrefixes } from "./mentions.js";
 const CHAT_BASH_SCOPE_KEY = "chat:bash";
 const DEFAULT_FOREGROUND_MS = 2000;
@@ -13,20 +15,23 @@ const MAX_FOREGROUND_MS = 30_000;
 let activeJob = null;
 function resolveForegroundMs(cfg) {
     const raw = cfg.commands?.bashForegroundMs;
-    if (typeof raw !== "number" || Number.isNaN(raw))
+    if (typeof raw !== "number" || Number.isNaN(raw)) {
         return DEFAULT_FOREGROUND_MS;
+    }
     return clampInt(raw, 0, MAX_FOREGROUND_MS);
 }
 function formatSessionSnippet(sessionId) {
     const trimmed = sessionId.trim();
-    if (trimmed.length <= 12)
+    if (trimmed.length <= 12) {
         return trimmed;
+    }
     return `${trimmed.slice(0, 8)}…`;
 }
 function formatOutputBlock(text) {
     const trimmed = text.trim();
-    if (!trimmed)
+    if (!trimmed) {
         return "(no output)";
+    }
     return `\`\`\`txt\n${trimmed}\n\`\`\``;
 }
 function parseBashRequest(raw) {
@@ -34,8 +39,9 @@ function parseBashRequest(raw) {
     let restSource = "";
     if (trimmed.toLowerCase().startsWith("/bash")) {
         const match = trimmed.match(/^\/bash(?:\s*:\s*|\s+|$)([\s\S]*)$/i);
-        if (!match)
+        if (!match) {
             return null;
+        }
         restSource = match[1] ?? "";
     }
     else if (trimmed.startsWith("!")) {
@@ -48,8 +54,9 @@ function parseBashRequest(raw) {
         return null;
     }
     const rest = restSource.trimStart();
-    if (!rest)
+    if (!rest) {
         return { action: "help" };
+    }
     const tokenMatch = rest.match(/^(\S+)(?:\s+([\s\S]+))?$/);
     const token = tokenMatch?.[1]?.trim() ?? "";
     const remainder = tokenMatch?.[2]?.trim() ?? "";
@@ -74,21 +81,26 @@ function resolveRawCommandBody(params) {
 }
 function getScopedSession(sessionId) {
     const running = getSession(sessionId);
-    if (running && running.scopeKey === CHAT_BASH_SCOPE_KEY)
+    if (running && running.scopeKey === CHAT_BASH_SCOPE_KEY) {
         return { running };
+    }
     const finished = getFinishedSession(sessionId);
-    if (finished && finished.scopeKey === CHAT_BASH_SCOPE_KEY)
+    if (finished && finished.scopeKey === CHAT_BASH_SCOPE_KEY) {
         return { finished };
+    }
     return {};
 }
 function ensureActiveJobState() {
-    if (!activeJob)
+    if (!activeJob) {
         return null;
-    if (activeJob.state === "starting")
+    }
+    if (activeJob.state === "starting") {
         return activeJob;
+    }
     const { running, finished } = getScopedSession(activeJob.sessionId);
-    if (running)
+    if (running) {
         return activeJob;
+    }
     if (finished) {
         activeJob = null;
         return null;
@@ -97,16 +109,20 @@ function ensureActiveJobState() {
     return null;
 }
 function attachActiveWatcher(sessionId) {
-    if (!activeJob || activeJob.state !== "running")
+    if (!activeJob || activeJob.state !== "running") {
         return;
-    if (activeJob.sessionId !== sessionId)
+    }
+    if (activeJob.sessionId !== sessionId) {
         return;
-    if (activeJob.watcherAttached)
+    }
+    if (activeJob.watcherAttached) {
         return;
+    }
     const { running } = getScopedSession(sessionId);
     const child = running?.child;
-    if (!child)
+    if (!child) {
         return;
+    }
     activeJob.watcherAttached = true;
     child.once("close", () => {
         if (activeJob?.state === "running" && activeJob.sessionId === sessionId) {
@@ -125,30 +141,13 @@ function buildUsageReply() {
         ].join("\n"),
     };
 }
-function formatElevatedUnavailableMessage(params) {
-    const lines = [];
-    lines.push(`elevated is not available right now (runtime=${params.runtimeSandboxed ? "sandboxed" : "direct"}).`);
-    if (params.failures.length > 0) {
-        lines.push(`Failing gates: ${params.failures.map((f) => `${f.gate} (${f.key})`).join(", ")}`);
-    }
-    else {
-        lines.push("Failing gates: enabled (tools.elevated.enabled / agents.list[].tools.elevated.enabled), allowFrom (tools.elevated.allowFrom.<provider>).");
-    }
-    lines.push("Fix-it keys:");
-    lines.push("- tools.elevated.enabled");
-    lines.push("- tools.elevated.allowFrom.<provider>");
-    lines.push("- agents.list[].tools.elevated.enabled");
-    lines.push("- agents.list[].tools.elevated.allowFrom.<provider>");
-    if (params.sessionKey) {
-        lines.push(`See: ${formatCliCommand(`poolbot sandbox explain --session ${params.sessionKey}`)}`);
-    }
-    return lines.join("\n");
-}
 export async function handleBashChatCommand(params) {
-    if (params.cfg.commands?.bash !== true) {
-        return {
-            text: "⚠️ bash is disabled. Set commands.bash=true to enable. Docs: https://docs.molt.bot/tools/slash-commands#config",
-        };
+    if (!isCommandFlagEnabled(params.cfg, "bash")) {
+        return buildDisabledCommandReply({
+            label: "bash",
+            configKey: "bash",
+            docsUrl: "https://docs.molt.bot/tools/slash-commands#config",
+        });
     }
     const agentId = params.agentId ??
         resolveSessionAgentId({
@@ -262,8 +261,9 @@ export async function handleBashChatCommand(params) {
         };
     }
     const commandText = request.command.trim();
-    if (!commandText)
+    if (!commandText) {
         return buildUsageReply();
+    }
     activeJob = {
         state: "starting",
         startedAt: Date.now(),
@@ -274,12 +274,14 @@ export async function handleBashChatCommand(params) {
         const shouldBackgroundImmediately = foregroundMs <= 0;
         const timeoutSec = params.cfg.tools?.exec?.timeoutSec;
         const notifyOnExit = params.cfg.tools?.exec?.notifyOnExit;
+        const notifyOnExitEmptySuccess = params.cfg.tools?.exec?.notifyOnExitEmptySuccess;
         const execTool = createExecTool({
             scopeKey: CHAT_BASH_SCOPE_KEY,
             allowBackground: true,
             timeoutSec,
             sessionKey: params.sessionKey,
             notifyOnExit,
+            notifyOnExitEmptySuccess,
             elevated: {
                 enabled: params.elevated.enabled,
                 allowed: params.elevated.allowed,

package/dist/auto-reply/reply/command-gates.js

@@ -0,0 +1,25 @@
+import { isCommandFlagEnabled } from "../../config/commands.js";
+import { logVerbose } from "../../globals.js";
+export function rejectUnauthorizedCommand(params, commandLabel) {
+    if (params.command.isAuthorizedSender) {
+        return null;
+    }
+    logVerbose(`Ignoring ${commandLabel} from unauthorized sender: ${params.command.senderId || "<unknown>"}`);
+    return { shouldContinue: false };
+}
+export function buildDisabledCommandReply(params) {
+    const disabledVerb = params.disabledVerb ?? "is";
+    const docsSuffix = params.docsUrl ? ` Docs: ${params.docsUrl}` : "";
+    return {
+        text: `⚠️ ${params.label} ${disabledVerb} disabled. Set commands.${params.configKey}=true to enable.${docsSuffix}`,
+    };
+}
+export function requireCommandFlagEnabled(cfg, params) {
+    if (isCommandFlagEnabled(cfg, params.configKey)) {
+        return null;
+    }
+    return {
+        shouldContinue: false,
+        reply: buildDisabledCommandReply(params),
+    };
+}