@rubytech/create-realagent 1.0.815 → 1.0.817

package/payload/server/server.js

@@ -6,7 +6,6 @@ import {
   TELEGRAM_ADMIN_WEBHOOK_SECRET_FILE,
   TELEGRAM_WEBHOOK_SECRET_FILE,
   USERS_FILE,
-  actionLogPath,
   autoDeliverPremiumPlugins,
   buildX11Env,
   callOauthLlm,
@@ -30,7 +29,6 @@ import {
   launchAction,
   load,
   logPath,
-  reconcileCloudflareSetupFromLog,
   recordFailedAttempt,
   render,
   renderLoginPage,
@@ -53,7 +51,7 @@ import {
   vncLog,
   waitForExit,
   writeChromiumWrapper
-} from "./chunk-42BMMSRN.js";
+} from "./chunk-P3HTEK33.js";
 import {
   agentLogStream,
   clearSessionHistory,
@@ -81,7 +79,7 @@ import {
   sigtermFlushStreamLogs,
   unregisterSession,
   validateSession
-} from "./chunk-52LIWKMM.js";
+} from "./chunk-UYLZDEMC.js";
 import {
   ACCOUNTS_DIR,
   GREETING_DIRECTIVE,
@@ -620,8 +618,8 @@ var serveStatic = (options = { root: "" }) => {
 };
 
 // server/index.ts
-import { readFileSync as readFileSync19, existsSync as existsSync25, watchFile } from "fs";
-import { resolve as resolve25, join as join11, basename as basename7 } from "path";
+import { readFileSync as readFileSync18, existsSync as existsSync24, watchFile } from "fs";
+import { resolve as resolve25, join as join10, basename as basename7 } from "path";
 import { homedir as homedir2 } from "os";
 
 // app/lib/agent-slug-pattern.ts
@@ -807,52 +805,6 @@ function defaultRules() {
       scope: "session",
       suggestedAction: "The WebFetch SPA preflight has fired more than once in this conversation. Either the agent is ignoring the loud-failure directive (retrying WebFetch after seeing WEBFETCH_CANNOT_READ_JS_SPA), or multiple SPA URLs are being asked about. Read the conversation's stream log for the [tool-use] / [tool-result] sequence around each occurrence \u2014 if the agent dispatched WebFetch on the same URL or substituted Playwright silently, revisit the IDENTITY.md `Tool Failure Discipline` paragraph that names structured-error handling."
     },
-    {
-      // Task 867 — fires when setup-tunnel.sh emits step=done but no
-      // `[persist] role=user … Cloudflare setup completed (actionId: <id>)`
-      // line appears within 60s. Covers the three failure modes of the
-      // action-relay-queue plumbing: queue-write failed, boot-drain consumer
-      // skipped the record, or the agent's hoisted persist threw. The
-      // followup pattern is intentionally narrow to the cloudflare-setup
-      // relay shape (not a general "any user persist") so a benign user
-      // typing in chat does not satisfy the followup. logSource=any so
-      // the rule sees both the script tee (in stream logs / server.log)
-      // and the [persist] line (server.log).
-      id: "cloudflare-setup-relay-not-acknowledged",
-      name: "Cloudflare-setup completed but the chat relay never acknowledged",
-      type: "absent-followup",
-      logSource: "any",
-      pattern: "\\[script:setup-tunnel\\] step=done",
-      followupPattern: "\\[persist\\] .*role=user.* Cloudflare setup completed \\(actionId:",
-      followupWindowMs: 6e4,
-      thresholdCount: 0,
-      thresholdWindowMinutes: 0,
-      suggestedAction: "[Task 867] cloudflare-setup completed but the post-action relay never reached the chat history. Check `[action-relay-queue] phase=enqueued` (queue write), `[action-completion-relay] phase=consumed` (boot-drain ran), and `[persist] role=user \u2026 Cloudflare setup completed` (graph write). One of those is missing; the matching grep recipe is in the Task 867 brief Observability section."
-    },
-    {
-      // Task 879 §C — onboarding turn-completion contract: any assistant
-      // turn that narrates a step transition with a non-question-terminated
-      // phrase ("Moving to step 9 — operator persona...", "Step 8 done.")
-      // must be followed within 30s by either a `render-component` call
-      // (the next step's UI surfaces) or `onboarding-complete-step`
-      // (deterministic step advance). The trigger pattern matches the
-      // `[onboarding-step-narration]` line written by stream-parser at the
-      // assistant text block emit site (only for non-question phrases).
-      // Operator's symptom in Task 879's evidence: "Moving to step 9..."
-      // followed by 4 minutes of silence until the operator nudged with
-      // "yeah, so?" — exact failure shape this rule catches.
-      id: "assistant-step-advance-deadend",
-      name: "Onboarding step-advance narration without follow-up tool call",
-      type: "absent-followup",
-      logSource: "session",
-      pattern: "\\[onboarding-step-narration\\]",
-      followupPattern: "\\[render-component\\]|\\[tool-use\\][^\\n]*name=mcp__admin__onboarding-complete-step",
-      followupWindowMs: 3e4,
-      thresholdCount: 0,
-      thresholdWindowMinutes: 0,
-      scope: "session",
-      suggestedAction: '[Task 879 \xA7C] An onboarding turn narrated a step transition (e.g. "Moving to step N", "Step N done.") but did not render a component or call `onboarding-complete-step` within 30s. The operator is left with a dead-end paragraph and no actionable surface. Check the `platform/plugins/admin/skills/onboarding/SKILL.md` Turn-completion contract section \u2014 the agent must end any step-advance turn with `render-component` or a `?`-terminated question, never bare prose.'
-    },
     {
       // Task 538: fires when a [spawn] line appears in a conversation's stream
       // log but no subprocess-lifecycle marker follows within 10s. The three
@@ -2749,19 +2701,25 @@ function maybeRestoreCredsFromBackup(authDir) {
 function readSelfId(authDir) {
   try {
     const credsPath = resolveCredsPath(authDir);
-    if (!fsSync.existsSync(credsPath)) return { e164: null, jid: null };
+    if (!fsSync.existsSync(credsPath)) return { e164: null, jid: null, lid: null };
     const raw = fsSync.readFileSync(credsPath, "utf-8");
     const parsed = JSON.parse(raw);
     const jid = parsed?.me?.id ?? null;
+    const lidRaw = parsed?.me?.lid ?? null;
     let e164 = null;
     if (jid) {
       const match = jid.match(/^(\d+)(?::\d+)?@s\.whatsapp\.net$/i);
       if (match) e164 = match[1];
     }
-    return { e164, jid };
+    let lid = null;
+    if (lidRaw) {
+      const lidMatch = lidRaw.match(/^(\d+)(?::\d+)?@lid$/i);
+      if (lidMatch) lid = `${lidMatch[1]}@lid`;
+    }
+    return { e164, jid, lid };
   } catch (err) {
     console.warn(`${TAG2} readSelfId failed authDir=${authDir}: ${String(err)}`);
-    return { e164: null, jid: null };
+    return { e164: null, jid: null, lid: null };
   }
 }
 async function clearAuth(authDir) {
@@ -3246,6 +3204,20 @@ function phonesMatch(a, b) {
 function isLidJid(jid) {
   return WHATSAPP_LID_RE.test(jid);
 }
+function withSelfLidShortcut(base, selfLid, selfJid) {
+  if (!selfLid || !selfJid) return base;
+  return {
+    getPNForLID: async (lid) => {
+      if (lid === selfLid) return selfJid;
+      try {
+        return await base?.getPNForLID(lid);
+      } catch (err) {
+        console.error(`[whatsapp:normalize] base lidMapping.getPNForLID threw lid=${lid}: ${String(err)}`);
+        return void 0;
+      }
+    }
+  };
+}
 async function resolveJidToE164(jid, lidMapping) {
   if (!jid) return null;
   const userMatch = jid.match(WHATSAPP_USER_JID_RE);
@@ -4367,6 +4339,7 @@ async function startConnection(accountId) {
     connected: false,
     selfPhone: null,
     selfJid: null,
+    selfLid: null,
     reconnectAttempts: 0,
     abortController: new AbortController(),
     debouncer: null,
@@ -4430,7 +4403,13 @@ async function registerLoginSocket(accountId, sock, authDir) {
   }
   await stopConnection(accountId);
   const selfId = readSelfId(authDir);
-  const lidMapping = sock.signalRepository?.lidMapping ?? null;
+  const rawLidMapping = sock.signalRepository?.lidMapping ?? null;
+  const lidMapping = withSelfLidShortcut(rawLidMapping, selfId.lid, selfId.jid);
+  if (selfId.lid) {
+    console.error(`[whatsapp:lid] resolved self-lid accountId=${accountId} selfLid=${selfId.lid} source=creds`);
+  } else {
+    console.error(`[whatsapp:lid] FAIL self-lid-resolution accountId=${accountId} reason=creds-missing-lid`);
+  }
   const conn = {
     accountId,
     platformAccountId,
@@ -4440,6 +4419,7 @@ async function registerLoginSocket(accountId, sock, authDir) {
     connected: true,
     selfPhone: selfId.e164,
     selfJid: selfId.jid,
+    selfLid: selfId.lid,
     reconnectAttempts: 0,
     lastConnectedAt: Date.now(),
     abortController: new AbortController(),
@@ -4463,8 +4443,36 @@ async function registerLoginSocket(accountId, sock, authDir) {
   });
   monitorInbound(conn);
   watchForDisconnect(conn);
+  attachSelfIdRefreshOnCredsUpdate(conn);
   console.error(`${TAG13} registered login socket for account=${accountId} phone=${selfId.e164 ?? "unknown"}`);
 }
+function attachSelfIdRefreshOnCredsUpdate(conn) {
+  if (!conn.sock) return;
+  const sock = conn.sock;
+  const handler = () => {
+    setTimeout(() => {
+      try {
+        const fresh = readSelfId(conn.authDir);
+        const lidChanged = fresh.lid !== conn.selfLid;
+        conn.selfPhone = fresh.e164;
+        conn.selfJid = fresh.jid;
+        conn.selfLid = fresh.lid;
+        const rawLidMapping = sock?.signalRepository?.lidMapping ?? null;
+        conn.lidMapping = withSelfLidShortcut(rawLidMapping, fresh.lid, fresh.jid);
+        if (lidChanged) {
+          if (fresh.lid) {
+            console.error(`[whatsapp:lid] resolved self-lid accountId=${conn.accountId} selfLid=${fresh.lid} source=creds-update`);
+          } else {
+            console.error(`[whatsapp:lid] FAIL self-lid-resolution accountId=${conn.accountId} reason=creds-update-cleared-lid`);
+          }
+        }
+      } catch (err) {
+        console.error(`[whatsapp:lid] FAIL self-lid-refresh accountId=${conn.accountId} reason=${String(err).slice(0, 80)}`);
+      }
+    }, 1e3).unref?.();
+  };
+  sock.ev.on("creds.update", handler);
+}
 function reloadConfig(accountConfig) {
   loadConfig(accountConfig);
 }
@@ -4528,9 +4536,16 @@ async function connectWithReconnect(conn) {
       conn.connected = true;
       conn.selfPhone = selfId.e164;
       conn.selfJid = selfId.jid;
+      conn.selfLid = selfId.lid;
       conn.lastConnectedAt = connectedAt;
       conn.lastError = void 0;
-      conn.lidMapping = sock.signalRepository?.lidMapping ?? null;
+      const rawLidMapping = sock.signalRepository?.lidMapping ?? null;
+      conn.lidMapping = withSelfLidShortcut(rawLidMapping, selfId.lid, selfId.jid);
+      if (selfId.lid) {
+        console.error(`[whatsapp:lid] resolved self-lid accountId=${conn.accountId} selfLid=${selfId.lid} source=creds`);
+      } else {
+        console.error(`[whatsapp:lid] FAIL self-lid-resolution accountId=${conn.accountId} reason=creds-missing-lid`);
+      }
       console.error(`${TAG13} connected account=${conn.accountId} phone=${selfId.e164 ?? "unknown"}`);
       try {
         await sock.sendPresenceUpdate("available");
@@ -4550,6 +4565,7 @@ async function connectWithReconnect(conn) {
         conn.debouncer = null;
       }
       monitorInbound(conn);
+      attachSelfIdRefreshOnCredsUpdate(conn);
       await waitForDisconnectEvent(conn);
       uptimeMs = Date.now() - connectedAt;
       conn.connected = false;
@@ -4900,8 +4916,16 @@ async function handleInboundMessage(conn, msg) {
       senderPhone,
       selfPhone,
       groupJid: remoteJid,
+      // Three-way mention recognition (Sub-fix 4): legacy phone-JID equality,
+      // legacy E.164-via-jidToE164 equality, plus the new self-LID equality so
+      // mentions in LID-addressed groups (deliver as `<self-lid>@lid`) match.
+      // Pre-LID groups continue matching the first two — additive, never blocks.
+      // Each clause guards against null on its right operand; a creds-parse
+      // failure leaves all three of selfJid/selfLid/selfPhone null and
+      // jidToE164 of a malformed mention also returns null — without the
+      // guards, `null === null` would spuriously match every nullified field.
       isMentioned: extracted.mentionedJids.some(
-        (jid) => jid === conn.selfJid || jidToE164(jid) === conn.selfPhone
+        (jid) => conn.selfJid !== null && jid === conn.selfJid || conn.selfLid !== null && jid === conn.selfLid || conn.selfPhone !== null && jidToE164(jid) === conn.selfPhone
       ),
       config: whatsAppConfig,
       accountConfig: whatsAppConfig.accounts?.[conn.accountId]
@@ -7801,6 +7825,93 @@ app7.get("/messages", (c) => {
     return c.json({ error: String(err) }, 500);
   }
 });
+app7.get("/conversation-graph-state", async (c) => {
+  try {
+    const directSessionKey = c.req.query("sessionKey");
+    const jid = c.req.query("jid");
+    const accountIdQuery = c.req.query("accountId");
+    let sessionKey;
+    if (directSessionKey) {
+      sessionKey = directSessionKey;
+    } else {
+      if (!jid) {
+        return c.json({ error: "Provide either sessionKey or jid (with optional accountId)." }, 400);
+      }
+      const accountId = validateAccountId(accountIdQuery ?? null);
+      if (isGroupJid(jid)) {
+        sessionKey = deriveSessionKey({
+          agentType: "public",
+          accountId,
+          senderPhone: "",
+          isGroup: true,
+          groupJid: jid
+        });
+      } else {
+        const e164 = jid.replace(/^(\d+)(?::\d+)?@s\.whatsapp\.net$/i, "$1");
+        if (!/^\d+$/.test(e164)) {
+          return c.json({ error: `Cannot derive sessionKey from jid=${jid} \u2014 not a recognised user JID. Pass sessionKey explicitly.` }, 400);
+        }
+        sessionKey = deriveSessionKey({
+          agentType: "public",
+          accountId,
+          senderPhone: e164,
+          isGroup: false
+        });
+      }
+    }
+    const cypher = `
+      MATCH (c:Conversation {sessionKey: $sessionKey})
+      OPTIONAL MATCH (m:Message:WhatsAppMessage)-[:PART_OF]->(c)
+      RETURN
+        c.conversationId AS conversationId,
+        m.messageId      AS messageId,
+        m.dateSent       AS dateSent,
+        m.fromMe         AS fromMe,
+        m.senderTelephone AS senderTelephone,
+        m.body           AS body
+      ORDER BY dateSent ASC
+    `;
+    let session = null;
+    const t0 = Date.now();
+    let conversationId = null;
+    const rows = [];
+    try {
+      session = getSession();
+      const result = await session.run(cypher, { sessionKey });
+      for (const rec of result.records) {
+        if (conversationId === null) {
+          conversationId = rec.get("conversationId") ?? null;
+        }
+        const messageId = rec.get("messageId");
+        if (!messageId) continue;
+        const dateSentRaw = rec.get("dateSent");
+        rows.push({
+          messageId,
+          dateSent: dateSentRaw ? String(dateSentRaw) : null,
+          fromMe: rec.get("fromMe") === true,
+          senderTelephone: rec.get("senderTelephone") ?? null,
+          body: rec.get("body") ?? null
+        });
+      }
+    } catch (err) {
+      const msg = err instanceof Error ? err.message : String(err);
+      console.error(`${TAG18} conversation-graph-state ERR sessionKey=${sessionKey} reason=${msg}`);
+      return c.json({ error: `Graph query failed: ${msg}`, sessionKey, cypher: cypher.trim() }, 500);
+    }
+    const ms = Date.now() - t0;
+    console.error(`[mcp:whatsapp] tool=whatsapp-conversation-graph-state sessionKey=${sessionKey} graphRows=${rows.length} conversationId=${conversationId ?? "null"} ms=${ms}`);
+    return c.json({
+      sessionKey,
+      conversationId,
+      graphRows: rows,
+      cypher: cypher.trim(),
+      ms
+    });
+  } catch (err) {
+    console.error(`${TAG18} conversation-graph-state error: ${String(err)}`);
+    return c.json({ error: String(err) }, 500);
+  }
+});
 app7.get("/group-info", async (c) => {
   const accountId = validateAccountId(c.req.query("accountId") ?? null);
   const jid = c.req.query("jid");
@@ -8216,7 +8327,7 @@ app9.post("/", async (c) => {
       const safe = typeof v === "string" ? truncate(v, 200) : typeof v === "number" || typeof v === "boolean" ? String(v) : JSON.stringify(v).slice(0, 200);
       return `${k}=${safe}`;
     }).join(" ");
-    const TAGGED_PREFIX_SOURCES = /* @__PURE__ */ new Set(["admin-chat-relay-poll"]);
+    const TAGGED_PREFIX_SOURCES = /* @__PURE__ */ new Set([]);
     if (TAGGED_PREFIX_SOURCES.has(source)) {
       console.log(
         `[${source}] ts=${ts} ip=${ip} version=${version || "unknown"}${extra ? " " + extra : ""}`
@@ -8438,39 +8549,6 @@ app10.post("/", async (c) => {
   const payload = await createAdminSession(selected.accountId, selected.config.thinkingView, userId, userName, selected.role, avatar);
   return c.json(payload);
 });
-app10.post("/rebind", async (c) => {
-  let body;
-  try {
-    body = await c.req.json();
-  } catch {
-    return c.json({ ok: false, error: "invalid_json" }, 400);
-  }
-  const sessionKey = typeof body.session_key === "string" ? body.session_key : "";
-  const conversationId = typeof body.lastKnownConversationId === "string" ? body.lastKnownConversationId : "";
-  if (!sessionKey || !conversationId) {
-    return c.json({ ok: false, error: "session_key and lastKnownConversationId required" }, 400);
-  }
-  const sk8 = sessionKey.slice(0, 8);
-  const cid8 = conversationId.slice(0, 8);
-  const bridge = await tryCookieBridgeForConversation(c, sessionKey, conversationId);
-  if (!bridge.ok) {
-    console.log(`[admin/session/rebind] sessionKey=${sk8}\u2026 result=bridge-rejected reason=${bridge.reason} conversationId=${cid8}\u2026`);
-    const status = bridge.reason === "conversation-not-found" ? 404 : bridge.reason === "account-mismatch" ? 403 : 401;
-    return c.json({ ok: false, error: bridge.reason }, status);
-  }
-  const existing = getConversationIdForSession(sessionKey);
-  if (existing && existing !== conversationId) {
-    console.log(`[admin/session/rebind] sessionKey=${sk8}\u2026 result=conflict conversationId=${existing.slice(0, 8)}\u2026 requested=${cid8}\u2026`);
-    return c.json({ ok: false, error: "conflict", conversationId: existing }, 409);
-  }
-  const bound = setConversationIdForSession(sessionKey, conversationId);
-  if (!bound) {
-    console.error(`[admin/session/rebind] sessionKey=${sk8}\u2026 result=bind-failed conversationId=${cid8}\u2026 (post-bridge session-store missing \u2014 programmer error)`);
-    return c.json({ ok: false, error: "bind_failed" }, 500);
-  }
-  console.log(`[admin/session/rebind] sessionKey=${sk8}\u2026 result=ok conversationId=${cid8}\u2026`);
-  return c.json({ ok: true, conversationId });
-});
 var session_default2 = app10;
 
 // server/routes/admin/chat.ts
@@ -8765,7 +8843,7 @@ var app11 = new Hono();
 app11.post("/cancel", requireAdminSession, async (c) => {
   const session_key = c.var.sessionKey;
   try {
-    const { interruptClient: interruptClient2 } = await import("./client-pool-AIYWSJBR.js");
+    const { interruptClient: interruptClient2 } = await import("./client-pool-BMPFHXHB.js");
     await interruptClient2(session_key);
     return c.json({ ok: true });
   } catch (err) {
@@ -9701,13 +9779,14 @@ app17.delete("/:id", requireAdminSession, async (c) => {
     return c.json({ error: "Failed to delete session" }, 500);
   }
 });
-app17.get("/:id/messages", async (c) => {
+app17.post("/:id/resume", async (c) => {
   const conversationId = c.req.param("id");
   const sessionKey = c.req.query("session_key") ?? "";
   if (!sessionKey) {
     console.error(`[session] middleware-reject status=400 code=session-missing reason="session_key required" path=${c.req.path}`);
     return c.json({ error: "session_key required", code: "session-missing" }, 400);
   }
+  let bridged = false;
   let result = validateSession(sessionKey, "admin");
   if (!result.ok) {
     if (result.reason === "session-not-registered") {
@@ -9720,6 +9799,7 @@ app17.get("/:id/messages", async (c) => {
         console.error(`[session] middleware-reject status=401 code=session-not-registered reason="cookie-bridge-rejected:${bridge.reason}" path=${c.req.path} sessionKey=${tail}\u2026`);
         return c.json({ error: "Invalid or expired admin session", code: "session-not-registered" }, 401);
       }
+      bridged = true;
       result = validateSession(sessionKey, "admin");
       if (!result.ok) {
         const tail = sessionKey.slice(0, 8);
@@ -9734,34 +9814,12 @@ app17.get("/:id/messages", async (c) => {
     }
   }
   const accountId = getAccountIdForSession(sessionKey);
-  if (!accountId) return c.json({ error: "Account not found for session" }, 401);
-  const owned = await verifyConversationOwnership(conversationId, accountId);
-  if (!owned) return c.json({ error: "Conversation not found" }, 404);
-  try {
-    const messages = await getRecentMessages(conversationId, 50);
-    const sanitised = messages.map((m) => ({
-      ...m,
-      attachments: m.attachments.map((a) => ({
-        attachmentId: a.attachmentId,
-        filename: a.filename,
-        mimeType: a.mimeType,
-        sizeBytes: a.sizeBytes,
-        ordinal: a.ordinal
-      }))
-    }));
-    return c.json({ messages: sanitised });
-  } catch (err) {
-    console.error(`[sessions-messages] Failed: ${err instanceof Error ? err.message : String(err)}`);
-    return c.json({ error: "Failed to fetch messages" }, 500);
-  }
-});
-app17.post("/:id/resume", requireAdminSession, async (c) => {
-  const conversationId = c.req.param("id");
-  const sessionKey = c.var.sessionKey;
-  const accountId = getAccountIdForSession(sessionKey);
   const userId = getUserIdForSession(sessionKey);
-  if (!accountId || !userId) {
-    return c.json({ error: "Session missing account or user context" }, 400);
+  if (!accountId) {
+    return c.json({ error: "Session missing account context" }, 400);
+  }
+  if (!userId && !bridged) {
+    return c.json({ error: "Session missing user context" }, 400);
   }
   const updatedAt = await verifyAndGetConversationUpdatedAt(conversationId, accountId);
   if (updatedAt === null) return c.json({ error: "Conversation not found" }, 404);
@@ -9816,8 +9874,9 @@ app17.post("/:id/resume", requireAdminSession, async (c) => {
   });
   const textRuns = rehydrated.reduce((n, m) => n + (m.events?.filter((e) => e.type === "text").length ?? 0), 0);
   const userMessageCount = rehydrated.filter((m) => m.role !== "assistant").length;
+  const reason = bridged ? "post-restart" : "page-refresh";
   try {
-    appendFileSync5(streamLogPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] [admin-resume] sessionKey=${sessionKey.slice(0, 8)} conversationId=${conversationId.slice(0, 8)} ${tag} loadedMessages=${messages.length} componentCount=${totalComponents} userAttachmentCount=${totalAttachments}
+    appendFileSync5(streamLogPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] [admin-resume] reason=${reason} sessionKey=${sessionKey.slice(0, 8)} conversationId=${conversationId.slice(0, 8)} ${tag} loadedMessages=${messages.length} componentCount=${totalComponents} userAttachmentCount=${totalAttachments}
 `);
     if (totalComponents > 0) {
       appendFileSync5(streamLogPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] [component-rehydrate] conversationId=${conversationId.slice(0, 8)} count=${totalComponents} valid=${totalValid} invalid=${totalInvalid} textRuns=${textRuns}
@@ -9830,7 +9889,7 @@ app17.post("/:id/resume", requireAdminSession, async (c) => {
   } catch {
   }
   const age = formatAge(updatedAt);
-  console.log(`[admin-resume] ${(/* @__PURE__ */ new Date()).toISOString()} conversationId=${conversationId.slice(0, 8)}\u2026 age=${age} loaded=${messages.length} messages ${tag} components=${totalComponents} attachments=${totalAttachments} sessionKey=${sessionKey.slice(0, 8)}\u2026`);
+  console.log(`[admin-resume] ${(/* @__PURE__ */ new Date()).toISOString()} reason=${reason} conversationId=${conversationId.slice(0, 8)}\u2026 age=${age} loaded=${messages.length} messages ${tag} components=${totalComponents} attachments=${totalAttachments} sessionKey=${sessionKey.slice(0, 8)}\u2026`);
   return c.json({ conversationId, messages: rehydrated });
 });
 app17.post("/:id/label", requireAdminSession, async (c) => {
@@ -9957,13 +10016,13 @@ async function cdpNavigateNewTab(url, opts = {}) {
 // server/routes/admin/device-browser.ts
 var app19 = new Hono();
 app19.post("/navigate", async (c) => {
-  const TAG20 = "[device-url:click]";
+  const TAG19 = "[device-url:click]";
   let body;
   try {
     body = await c.req.json();
   } catch (err) {
     const detail = err instanceof Error ? err.message : String(err);
-    console.error(`${TAG20} reject reason=body-not-json detail=${detail} browser=fallback navigateResult=error`);
+    console.error(`${TAG19} reject reason=body-not-json detail=${detail} browser=fallback navigateResult=error`);
     return c.json(
       { ok: false, navigateResult: "error", browser: "fallback", detail: "Request body was not valid JSON" },
       400
@@ -9973,7 +10032,7 @@ app19.post("/navigate", async (c) => {
   const intent = typeof body.intent === "string" ? body.intent : "";
   const hostname2 = typeof body.hostname === "string" ? body.hostname : "";
   if (!url) {
-    console.error(`${TAG20} reject reason=missing-url intent=${JSON.stringify(intent)} browser=fallback navigateResult=error`);
+    console.error(`${TAG19} reject reason=missing-url intent=${JSON.stringify(intent)} browser=fallback navigateResult=error`);
     return c.json(
       { ok: false, navigateResult: "error", browser: "fallback", detail: "url field is required" },
       400
@@ -9983,7 +10042,7 @@ app19.post("/navigate", async (c) => {
   try {
     parsed = new URL(url);
   } catch {
-    console.error(`${TAG20} reject reason=url-malformed intent=${JSON.stringify(intent)} url=${url} browser=fallback navigateResult=error`);
+    console.error(`${TAG19} reject reason=url-malformed intent=${JSON.stringify(intent)} url=${url} browser=fallback navigateResult=error`);
     return c.json(
       { ok: false, navigateResult: "error", browser: "fallback", detail: "url is not a valid URL" },
       400
@@ -9991,7 +10050,7 @@ app19.post("/navigate", async (c) => {
   }
   if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
     console.error(
-      `${TAG20} reject reason=scheme-not-allowed scheme=${parsed.protocol} intent=${JSON.stringify(intent)} browser=fallback navigateResult=error`
+      `${TAG19} reject reason=scheme-not-allowed scheme=${parsed.protocol} intent=${JSON.stringify(intent)} browser=fallback navigateResult=error`
     );
     return c.json(
       {
@@ -10007,7 +10066,7 @@ app19.post("/navigate", async (c) => {
   const cdpOk = await ensureCdp(transport);
   if (!cdpOk) {
     console.error(
-      `${TAG20} intent=${JSON.stringify(intent)} browser=fallback navigateResult=cdp-unreachable hostname=${JSON.stringify(hostname2)}`
+      `${TAG19} intent=${JSON.stringify(intent)} browser=fallback navigateResult=cdp-unreachable hostname=${JSON.stringify(hostname2)}`
     );
     return c.json(
       {
@@ -10023,7 +10082,7 @@ app19.post("/navigate", async (c) => {
   const browser = outcome.result === "ok" ? "vnc" : "fallback";
   const detailStr = outcome.detail ? ` detail=${JSON.stringify(outcome.detail.length > 230 ? outcome.detail.slice(0, 227) + "..." : outcome.detail)}` : "";
   console.error(
-    `${TAG20} intent=${JSON.stringify(intent)} browser=${browser} navigateResult=${outcome.result} hostname=${JSON.stringify(hostname2)} targetId=${outcome.targetId ?? "none"}${detailStr}`
+    `${TAG19} intent=${JSON.stringify(intent)} browser=${browser} navigateResult=${outcome.result} hostname=${JSON.stringify(hostname2)} targetId=${outcome.targetId ?? "none"}${detailStr}`
   );
   if (outcome.result !== "ok") {
     return c.json(
@@ -10054,18 +10113,18 @@ var ALLOWED_EVENTS = /* @__PURE__ */ new Set([
 ]);
 var app20 = new Hono();
 app20.post("/", async (c) => {
-  const TAG20 = "[admin:events]";
+  const TAG19 = "[admin:events]";
   let body;
   try {
     body = await c.req.json();
   } catch (err) {
     const detail = err instanceof Error ? err.message : String(err);
-    console.error(`${TAG20} reject reason=body-not-json detail=${detail}`);
+    console.error(`${TAG19} reject reason=body-not-json detail=${detail}`);
     return c.json({ ok: false, detail: "Request body was not valid JSON" }, 400);
   }
   const event = typeof body.event === "string" ? body.event : "";
   if (!ALLOWED_EVENTS.has(event)) {
-    console.error(`${TAG20} reject reason=event-not-allowed event=${JSON.stringify(event)}`);
+    console.error(`${TAG19} reject reason=event-not-allowed event=${JSON.stringify(event)}`);
     return c.json({ ok: false, detail: `Event "${event}" is not allowed` }, 400);
   }
   const rawFields = body.fields && typeof body.fields === "object" ? body.fields : {};
@@ -10089,7 +10148,7 @@ var events_default = app20;
 // server/routes/admin/cloudflare.ts
 import { homedir } from "os";
 import { resolve as resolve18 } from "path";
-import { readFileSync as readFileSync17 } from "fs";
+import { readFileSync as readFileSync16 } from "fs";
 
 // app/lib/dns-label.ts
 var VALID_LABEL = /^[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?$/;
@@ -10127,131 +10186,14 @@ function addAliasDomain(hostname2) {
   writeFileSync9(ALIAS_DOMAINS_PATH, JSON.stringify([...existing], null, 2) + "\n", "utf-8");
 }
 
-// app/lib/action-relay-queue.ts
-import {
-  existsSync as existsSync20,
-  mkdirSync as mkdirSync9,
-  readdirSync as readdirSync6,
-  readFileSync as readFileSync16,
-  unlinkSync as unlinkSync2,
-  writeFileSync as writeFileSync10
-} from "fs";
-import { join as join9 } from "path";
-var TAG19 = "[action-relay-queue]";
-var FILE_PREFIX = "action-completion-relay-";
-var FILE_SUFFIX = ".json";
-function queueDir(accountDir) {
-  return join9(accountDir, "queue");
-}
-function relayFilePath(accountDir, actionId) {
-  return join9(queueDir(accountDir), `${FILE_PREFIX}${actionId}${FILE_SUFFIX}`);
-}
-function enqueueActionCompletionRelay(opts) {
-  const dir = queueDir(opts.accountDir);
-  mkdirSync9(dir, { recursive: true });
-  const filePath = relayFilePath(opts.accountDir, opts.actionId);
-  const record = {
-    actionId: opts.actionId,
-    conversationId: opts.conversationId,
-    message: opts.message,
-    queuedAt: (/* @__PURE__ */ new Date()).toISOString()
-  };
-  const body = JSON.stringify(record);
-  try {
-    writeFileSync10(filePath, body, { flag: "wx", encoding: "utf-8" });
-    console.log(
-      `${TAG19} phase=enqueued actionId=${opts.actionId} conversationId=${opts.conversationId} path=${filePath} bytes=${Buffer.byteLength(body, "utf-8")}`
-    );
-    return { enqueued: true, path: filePath };
-  } catch (e) {
-    if (e.code === "EEXIST") {
-      console.log(
-        `${TAG19} phase=enqueue-skipped actionId=${opts.actionId} reason=already-queued`
-      );
-      return { enqueued: false, reason: "already-queued", path: filePath };
-    }
-    throw e;
-  }
-}
-function consumeActionCompletionRelays(accountDir) {
-  const dir = queueDir(accountDir);
-  if (!existsSync20(dir)) return [];
-  let entries;
-  try {
-    entries = readdirSync6(dir);
-  } catch (e) {
-    console.error(
-      `${TAG19} phase=readdir-failed dir=${dir} error=${e instanceof Error ? e.message : String(e)}`
-    );
-    return [];
-  }
-  const records = [];
-  for (const name of entries) {
-    if (!name.startsWith(FILE_PREFIX) || !name.endsWith(FILE_SUFFIX)) continue;
-    const filePath = join9(dir, name);
-    let raw;
-    try {
-      raw = readFileSync16(filePath, "utf-8");
-    } catch (e) {
-      console.error(
-        `${TAG19} phase=read-failed file=${name} error=${e instanceof Error ? e.message : String(e)}`
-      );
-      continue;
-    }
-    let parsed;
-    try {
-      parsed = JSON.parse(raw);
-    } catch (e) {
-      console.error(
-        `${TAG19} phase=parse-failed file=${name} error=${e instanceof Error ? e.message : String(e)}`
-      );
-      continue;
-    }
-    if (!isActionCompletionRelay(parsed)) {
-      console.error(
-        `${TAG19} phase=shape-invalid file=${name} keys=${parsed && typeof parsed === "object" ? Object.keys(parsed).join(",") : "non-object"}`
-      );
-      continue;
-    }
-    records.push({ rec: parsed, filePath });
-  }
-  records.sort((a, b) => a.rec.queuedAt.localeCompare(b.rec.queuedAt));
-  const out = [];
-  const now = Date.now();
-  for (const { rec, filePath } of records) {
-    const queuedAtMs = Date.parse(rec.queuedAt);
-    const ageMs = Number.isFinite(queuedAtMs) ? now - queuedAtMs : 0;
-    out.push({ ...rec, ageMs, filePath });
-  }
-  return out;
-}
-function deleteConsumedRelay(filePath) {
-  try {
-    unlinkSync2(filePath);
-  } catch (e) {
-    const code = e.code;
-    if (code !== "ENOENT") {
-      console.error(
-        `${TAG19} phase=unlink-failed file=${filePath} error=${e instanceof Error ? e.message : String(e)}`
-      );
-    }
-  }
-}
-function isActionCompletionRelay(value) {
-  if (!value || typeof value !== "object") return false;
-  const v = value;
-  return typeof v.actionId === "string" && typeof v.conversationId === "string" && typeof v.message === "string" && typeof v.queuedAt === "string";
-}
-
 // server/routes/admin/cloudflare.ts
-import { existsSync as existsSyncFs, readFileSync as readFileSyncFs } from "fs";
 var SETUP_TIMEOUT_MS = 10 * 60 * 1e3;
 var DOMAINS_TIMEOUT_MS = 40 * 1e3;
 function loadBrandInfo() {
   const platformRoot2 = process.env.MAXY_PLATFORM_ROOT ?? resolve18(process.cwd(), "..");
   const brandPath = resolve18(platformRoot2, "config", "brand.json");
   try {
-    const parsed = JSON.parse(readFileSync17(brandPath, "utf-8"));
+    const parsed = JSON.parse(readFileSync16(brandPath, "utf-8"));
     const hostname2 = typeof parsed.hostname === "string" && parsed.hostname ? parsed.hostname : "maxy";
     const configDir2 = typeof parsed.configDir === "string" && parsed.configDir ? parsed.configDir : ".maxy";
     return { hostname: hostname2, configDir: configDir2 };
@@ -10547,79 +10489,13 @@ actionId: ${actionId}`,
   };
   return ok(success);
 });
-var RELAY_MAX_BODY = 8 * 1024;
-var RELAY_MAX_MESSAGE = 2048;
-var ACTION_ID_RE = /^[a-z0-9-]+$/;
-app21.post("/relay-completion", requireAdminSession, async (c) => {
-  const sessionKey = c.var.sessionKey;
-  let raw;
-  try {
-    raw = await c.req.text();
-  } catch {
-    return c.json({ ok: false, reason: "invalid-body" }, 400);
-  }
-  if (Buffer.byteLength(raw, "utf-8") > RELAY_MAX_BODY) {
-    return c.json({ ok: false, reason: "body-too-large" }, 413);
-  }
-  let body;
-  try {
-    body = JSON.parse(raw);
-  } catch {
-    return c.json({ ok: false, reason: "invalid-json" }, 400);
-  }
-  if (!body || typeof body !== "object") {
-    return c.json({ ok: false, reason: "invalid-body" }, 400);
-  }
-  const { actionId, message } = body;
-  if (typeof actionId !== "string" || !ACTION_ID_RE.test(actionId) || actionId.length > 200) {
-    console.error(`[cloudflare-relay-completion] phase=enqueue-skipped reason=invalid-actionid sessionKey=${sessionKey.slice(-8)}`);
-    return c.json({ ok: false, reason: "invalid-actionid" }, 400);
-  }
-  if (typeof message !== "string" || message.length === 0 || message.length > RELAY_MAX_MESSAGE) {
-    return c.json({ ok: false, reason: "invalid-message" }, 400);
-  }
-  const conversationId = getConversationIdForSession(sessionKey);
-  if (!conversationId) {
-    console.error(`[cloudflare-relay-completion] phase=enqueue-skipped reason=missing-conversation-id sessionKey=${sessionKey.slice(-8)}`);
-    return c.json({ ok: false, reason: "missing-conversation-id" }, 400);
-  }
-  const account = resolveAccount();
-  if (!account) {
-    console.error(`[cloudflare-relay-completion] phase=enqueue-skipped reason=missing-account-dir actionId=${actionId}`);
-    return c.json({ ok: false, reason: "missing-account-dir" }, 500);
-  }
-  const logPath2 = actionLogPath(actionId);
-  let auditOutcome = "log-absent";
-  if (existsSyncFs(logPath2)) {
-    try {
-      const lines = readFileSyncFs(logPath2, "utf-8").split("\n");
-      const reconciled = reconcileCloudflareSetupFromLog(lines);
-      auditOutcome = reconciled ? reconciled.kind : "log-incomplete";
-    } catch (e) {
-      auditOutcome = `read-failed:${e instanceof Error ? e.message : String(e)}`;
-    }
-  }
-  console.log(`[cloudflare-relay-completion] phase=enqueue-attempt actionId=${actionId} auditOutcome=${auditOutcome} conversationId=${conversationId}`);
-  try {
-    enqueueActionCompletionRelay({
-      accountDir: account.accountDir,
-      actionId,
-      conversationId,
-      message
-    });
-  } catch (e) {
-    console.error(`[cloudflare-relay-completion] phase=enqueue-failed actionId=${actionId} error=${e instanceof Error ? e.message : String(e)}`);
-    return c.json({ ok: false, reason: "enqueue-failed" }, 500);
-  }
-  return c.body(null, 204);
-});
 var cloudflare_default = app21;
 
 // server/routes/admin/files.ts
 import { createReadStream as createReadStream3 } from "fs";
 import { readdir as readdir2, readFile as readFile4, stat as stat4, mkdir as mkdir3, writeFile as writeFile4, unlink as unlink2 } from "fs/promises";
 import { realpathSync as realpathSync4 } from "fs";
-import { basename as basename6, dirname as dirname8, join as join10, resolve as resolve20, sep as sep2 } from "path";
+import { basename as basename6, dirname as dirname8, join as join9, resolve as resolve20, sep as sep2 } from "path";
 import { Readable as Readable2 } from "stream";
 
 // app/lib/data-path.ts
@@ -10977,7 +10853,7 @@ async function cascadeDeleteDocument(params) {
 var UUID_RE4 = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
 async function readMeta(absDir, baseName) {
   try {
-    const raw = await readFile4(join10(absDir, `${baseName}.meta.json`), "utf8");
+    const raw = await readFile4(join9(absDir, `${baseName}.meta.json`), "utf8");
     const parsed = JSON.parse(raw);
     if (typeof parsed?.filename === "string") {
       return { filename: parsed.filename, mimeType: typeof parsed.mimeType === "string" ? parsed.mimeType : void 0 };
@@ -11015,7 +10891,7 @@ async function readAccountNames() {
 }
 async function enrich(absolute, entry, accountNames) {
   if (entry.kind === "directory" && UUID_RE4.test(entry.name)) {
-    const meta = await readMeta(join10(absolute, entry.name), entry.name);
+    const meta = await readMeta(join9(absolute, entry.name), entry.name);
     if (meta?.filename) {
       entry.displayName = meta.filename;
       entry.mimeType = meta.mimeType;
@@ -11074,7 +10950,7 @@ app22.get("/", requireAdminSession, async (c) => {
         continue;
       }
       try {
-        const entryPath = join10(absolute, name);
+        const entryPath = join9(absolute, name);
         const s = await stat4(entryPath);
         entries.push({
           name,
@@ -11247,7 +11123,7 @@ app22.delete("/", requireAdminSession, async (c) => {
     }
     const dot = base.lastIndexOf(".");
     const stem = dot === -1 ? base : base.slice(0, dot);
-    const sidecarPath = UUID_RE4.test(stem) && base !== `${stem}.meta.json` ? join10(dirname8(absolute), `${stem}.meta.json`) : null;
+    const sidecarPath = UUID_RE4.test(stem) && base !== `${stem}.meta.json` ? join9(dirname8(absolute), `${stem}.meta.json`) : null;
     await unlink2(absolute);
     if (sidecarPath) {
       try {
@@ -12728,7 +12604,7 @@ var adherence_default = app30;
 import neo4j3 from "neo4j-driver";
 import { readFile as readFile5, readdir as readdir3, stat as stat5 } from "fs/promises";
 import { resolve as resolve21, relative as relative2, isAbsolute } from "path";
-import { existsSync as existsSync21 } from "fs";
+import { existsSync as existsSync20 } from "fs";
 var LIMIT = 50;
 var TEXT_MIME_PREFIXES = ["text/", "application/json", "application/markdown"];
 var ADMIN_AGENT_FILES = ["IDENTITY.md", "SOUL.md", "KNOWLEDGE.md"];
@@ -12876,7 +12752,7 @@ async function fetchAgentTemplateRows(accountDir) {
 async function unionSpecialistFilenames(overrideDir, bundledDir) {
   const names = /* @__PURE__ */ new Set();
   for (const dir of [overrideDir, bundledDir]) {
-    if (!existsSync21(dir)) continue;
+    if (!existsSync20(dir)) continue;
     try {
       const entries = await readdir3(dir);
       for (const entry of entries) {
@@ -12891,7 +12767,7 @@ async function unionSpecialistFilenames(overrideDir, bundledDir) {
 }
 async function readAgentTemplateRow(inp) {
   let chosenPath = null;
-  if (existsSync21(inp.overridePath)) {
+  if (existsSync20(inp.overridePath)) {
     try {
       validateFilePathInAccount(inp.overridePath, inp.overrideRoot);
       chosenPath = inp.overridePath;
@@ -12902,7 +12778,7 @@ async function readAgentTemplateRow(inp) {
       );
       return null;
     }
-  } else if (existsSync21(inp.bundledPath)) {
+  } else if (existsSync20(inp.bundledPath)) {
     if (!isWithin(inp.bundledPath, inp.bundledRoot)) {
       console.error(
         `[admin/sidebar-artefacts] agent-template-read-failed agent=${inp.displayName} kind=${inp.logName} error="bundled path outside PLATFORM_ROOT"`
@@ -12944,7 +12820,7 @@ var sidebar_artefacts_default = app31;
 // server/routes/admin/sidebar-artefact-save.ts
 import { mkdir as mkdir4, readdir as readdir4, stat as stat6, writeFile as writeFile5 } from "fs/promises";
 import { resolve as resolve22 } from "path";
-import { existsSync as existsSync22 } from "fs";
+import { existsSync as existsSync21 } from "fs";
 var ADMIN_AGENT_FILES2 = /* @__PURE__ */ new Set(["IDENTITY.md", "SOUL.md", "KNOWLEDGE.md"]);
 var UUID_RE5 = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/;
 var app32 = new Hono();
@@ -13008,7 +12884,7 @@ async function resolveSavePath(id, accountId, accountDir) {
   }
   if (UUID_RE5.test(id)) {
     const dir = resolve22(ATTACHMENTS_ROOT, accountId, id);
-    if (!existsSync22(dir)) {
+    if (!existsSync21(dir)) {
       return { kind: "reject", status: 400, reason: "not-found" };
     }
     try {
@@ -13032,7 +12908,7 @@ var sidebar_artefact_save_default = app32;
 
 // server/routes/admin/sidebar-artefact-content.ts
 import { readFile as readFile6, readdir as readdir5 } from "fs/promises";
-import { existsSync as existsSync23 } from "fs";
+import { existsSync as existsSync22 } from "fs";
 import { resolve as resolve23 } from "path";
 var UUID_RE6 = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/;
 var app33 = new Hono();
@@ -13046,7 +12922,7 @@ app33.get("/", requireAdminSession, async (c) => {
     return new Response("Not found", { status: 404 });
   }
   const dir = resolve23(ATTACHMENTS_ROOT, accountId, id);
-  if (!existsSync23(dir)) {
+  if (!existsSync22(dir)) {
     console.error(`[admin/sidebar-artefact-content] not-found id=${id.slice(0, 8)}`);
     return new Response("Not found", { status: 404 });
   }
@@ -13108,7 +12984,7 @@ app34.route("/sidebar-artefact-content", sidebar_artefact_content_default);
 var admin_default = app34;
 
 // server/routes/sites.ts
-import { existsSync as existsSync24, readFileSync as readFileSync18, realpathSync as realpathSync5, statSync as statSync8 } from "fs";
+import { existsSync as existsSync23, readFileSync as readFileSync17, realpathSync as realpathSync5, statSync as statSync8 } from "fs";
 import { resolve as resolve24 } from "path";
 var SAFE_SEG_RE = /^[a-z0-9_][a-z0-9_.-]{0,99}$/i;
 var MIME = {
@@ -13175,7 +13051,7 @@ app35.get("/:rel{.*}", (c) => {
   }
   let stat7;
   try {
-    stat7 = existsSync24(filePath) ? statSync8(filePath) : null;
+    stat7 = existsSync23(filePath) ? statSync8(filePath) : null;
   } catch {
     stat7 = null;
   }
@@ -13188,7 +13064,7 @@ app35.get("/:rel{.*}", (c) => {
     console.error(`[sites] path-traversal-rejected path=${reqPath} reason=escape status=403`);
     return c.text("Forbidden", 403);
   }
-  if (!existsSync24(filePath)) {
+  if (!existsSync23(filePath)) {
     console.error(`[sites] not-found path=${reqPath} status=404`);
     return c.text("Not found", 404);
   }
@@ -13207,7 +13083,7 @@ app35.get("/:rel{.*}", (c) => {
   }
   let body;
   try {
-    body = readFileSync18(realPath);
+    body = readFileSync17(realPath);
   } catch (err) {
     const code = err?.code;
     if (code === "EISDIR") {
@@ -13339,14 +13215,14 @@ function clientFrom(c) {
   );
 }
 var PLATFORM_ROOT7 = process.env.MAXY_PLATFORM_ROOT || "";
-var BRAND_JSON_PATH = PLATFORM_ROOT7 ? join11(PLATFORM_ROOT7, "config", "brand.json") : "";
+var BRAND_JSON_PATH = PLATFORM_ROOT7 ? join10(PLATFORM_ROOT7, "config", "brand.json") : "";
 var BRAND = { productName: "Maxy", hostname: "maxy", configDir: ".maxy", domain: "getmaxy.com" };
-if (BRAND_JSON_PATH && !existsSync25(BRAND_JSON_PATH)) {
+if (BRAND_JSON_PATH && !existsSync24(BRAND_JSON_PATH)) {
   console.error(`[brand] WARNING: brand.json not found at ${BRAND_JSON_PATH} \u2014 using Maxy defaults`);
 }
-if (BRAND_JSON_PATH && existsSync25(BRAND_JSON_PATH)) {
+if (BRAND_JSON_PATH && existsSync24(BRAND_JSON_PATH)) {
   try {
-    const parsed = JSON.parse(readFileSync19(BRAND_JSON_PATH, "utf-8"));
+    const parsed = JSON.parse(readFileSync18(BRAND_JSON_PATH, "utf-8"));
     BRAND = { ...BRAND, ...parsed };
   } catch (err) {
     console.error(`[brand] Failed to parse brand.json: ${err.message}`);
@@ -13365,11 +13241,11 @@ var brandLoginOpts = {
   bodyFont: BRAND.defaultFonts?.body,
   logoContainsName: !!BRAND.logoContainsName
 };
-var ALIAS_DOMAINS_PATH2 = join11(homedir2(), BRAND.configDir, "alias-domains.json");
+var ALIAS_DOMAINS_PATH2 = join10(homedir2(), BRAND.configDir, "alias-domains.json");
 function loadAliasDomains() {
   try {
-    if (!existsSync25(ALIAS_DOMAINS_PATH2)) return null;
-    const parsed = JSON.parse(readFileSync19(ALIAS_DOMAINS_PATH2, "utf-8"));
+    if (!existsSync24(ALIAS_DOMAINS_PATH2)) return null;
+    const parsed = JSON.parse(readFileSync18(ALIAS_DOMAINS_PATH2, "utf-8"));
     if (!Array.isArray(parsed)) {
       console.error("[alias-domains] malformed alias-domains.json \u2014 expected array");
       return null;
@@ -13715,14 +13591,14 @@ app36.get("/agent-assets/:slug/:filename", (c) => {
     console.error(`[agent-assets] path-traversal-rejected slug=${slug} file=${filename}`);
     return c.text("Forbidden", 403);
   }
-  if (!existsSync25(filePath)) {
+  if (!existsSync24(filePath)) {
     console.error(`[agent-assets] serve slug=${slug} file=${filename} status=404`);
     return c.text("Not found", 404);
   }
   const ext = "." + filename.split(".").pop()?.toLowerCase();
   const contentType = IMAGE_MIME[ext] || "application/octet-stream";
   console.log(`[agent-assets] serve slug=${slug} file=${filename} status=200`);
-  const body = readFileSync19(filePath);
+  const body = readFileSync18(filePath);
   return c.body(body, 200, {
     "Content-Type": contentType,
     "Cache-Control": "public, max-age=3600"
@@ -13745,14 +13621,14 @@ app36.get("/generated/:filename", (c) => {
     console.error(`[generated] serve file=${filename} status=403`);
     return c.text("Forbidden", 403);
   }
-  if (!existsSync25(filePath)) {
+  if (!existsSync24(filePath)) {
     console.error(`[generated] serve file=${filename} status=404`);
     return c.text("Not found", 404);
   }
   const ext = "." + filename.split(".").pop()?.toLowerCase();
   const contentType = IMAGE_MIME[ext] || "application/octet-stream";
   console.log(`[generated] serve file=${filename} status=200`);
-  const body = readFileSync19(filePath);
+  const body = readFileSync18(filePath);
   return c.body(body, 200, {
     "Content-Type": contentType,
     "Cache-Control": "public, max-age=86400"
@@ -13762,9 +13638,9 @@ app36.route("/sites", sites_default);
 var htmlCache = /* @__PURE__ */ new Map();
 var brandLogoPath = "/brand/maxy-monochrome.png";
 var brandIconPath = "/brand/maxy-monochrome.png";
-if (BRAND_JSON_PATH && existsSync25(BRAND_JSON_PATH)) {
+if (BRAND_JSON_PATH && existsSync24(BRAND_JSON_PATH)) {
   try {
-    const fullBrand = JSON.parse(readFileSync19(BRAND_JSON_PATH, "utf-8"));
+    const fullBrand = JSON.parse(readFileSync18(BRAND_JSON_PATH, "utf-8"));
     if (fullBrand.assets?.logo) brandLogoPath = `/brand/${fullBrand.assets.logo}`;
     brandIconPath = fullBrand.assets?.icon ? `/brand/${fullBrand.assets.icon}` : brandLogoPath;
   } catch {
@@ -13781,9 +13657,9 @@ var brandScript = `<script>window.__BRAND__=${JSON.stringify({
 function readInstalledVersion() {
   try {
     if (!PLATFORM_ROOT7) return "unknown";
-    const versionFile = join11(PLATFORM_ROOT7, "config", `.${BRAND.hostname}-version`);
-    if (!existsSync25(versionFile)) return "unknown";
-    const content = readFileSync19(versionFile, "utf-8").trim();
+    const versionFile = join10(PLATFORM_ROOT7, "config", `.${BRAND.hostname}-version`);
+    if (!existsSync24(versionFile)) return "unknown";
+    const content = readFileSync18(versionFile, "utf-8").trim();
     return content || "unknown";
   } catch {
     return "unknown";
@@ -13824,7 +13700,7 @@ var clientErrorReporterScript = `<script>
 function cachedHtml(file) {
   let html = htmlCache.get(file);
   if (!html) {
-    html = readFileSync19(resolve25(process.cwd(), "public", file), "utf-8");
+    html = readFileSync18(resolve25(process.cwd(), "public", file), "utf-8");
     const productNameEsc = escapeHtml(BRAND.productName);
     html = html.replace(/<title>([^<]*)<\/title>/, (_match, inner) => `<title>${escapeHtml(inner).replace(/Maxy/g, productNameEsc)}</title>`);
     html = html.replace('href="/favicon.ico"', `href="${escapeHtml(brandFaviconPath)}"`);
@@ -13840,26 +13716,26 @@ ${clientErrorReporterScript}
 }
 var brandedHtmlCache = /* @__PURE__ */ new Map();
 function loadBrandingCache(agentSlug) {
-  const configDir2 = join11(homedir2(), BRAND.configDir);
+  const configDir2 = join10(homedir2(), BRAND.configDir);
   try {
-    const accountJsonPath = join11(configDir2, "account.json");
-    if (!existsSync25(accountJsonPath)) return null;
-    const account = JSON.parse(readFileSync19(accountJsonPath, "utf-8"));
+    const accountJsonPath = join10(configDir2, "account.json");
+    if (!existsSync24(accountJsonPath)) return null;
+    const account = JSON.parse(readFileSync18(accountJsonPath, "utf-8"));
     const accountId = account.accountId;
     if (!accountId) return null;
-    const cachePath = join11(configDir2, "branding-cache", accountId, `${agentSlug}.json`);
-    if (!existsSync25(cachePath)) return null;
-    return JSON.parse(readFileSync19(cachePath, "utf-8"));
+    const cachePath = join10(configDir2, "branding-cache", accountId, `${agentSlug}.json`);
+    if (!existsSync24(cachePath)) return null;
+    return JSON.parse(readFileSync18(cachePath, "utf-8"));
   } catch {
     return null;
   }
 }
 function resolveDefaultSlug() {
   try {
-    const configDir2 = join11(homedir2(), BRAND.configDir);
-    const accountJsonPath = join11(configDir2, "account.json");
-    if (!existsSync25(accountJsonPath)) return null;
-    const account = JSON.parse(readFileSync19(accountJsonPath, "utf-8"));
+    const configDir2 = join10(homedir2(), BRAND.configDir);
+    const accountJsonPath = join10(configDir2, "account.json");
+    if (!existsSync24(accountJsonPath)) return null;
+    const account = JSON.parse(readFileSync18(accountJsonPath, "utf-8"));
     return account.defaultAgent || null;
   } catch {
     return null;
@@ -13932,7 +13808,7 @@ app36.use("/vnc-popout.html", logViewerFetch);
 app36.get("/vnc-popout.html", (c) => {
   let html = htmlCache.get("vnc-popout.html");
   if (!html) {
-    html = readFileSync19(resolve25(process.cwd(), "public", "vnc-popout.html"), "utf-8");
+    html = readFileSync18(resolve25(process.cwd(), "public", "vnc-popout.html"), "utf-8");
     const name = escapeHtml(BRAND.productName);
     html = html.replace("<title>Browser \u2014 Maxy</title>", `<title>${name}</title>`);
     html = html.replace("</head>", `  ${brandScript}
@@ -14022,8 +13898,8 @@ try {
 (async () => {
   try {
     let userId = "";
-    if (existsSync25(USERS_FILE)) {
-      const users = JSON.parse(readFileSync19(USERS_FILE, "utf-8").trim() || "[]");
+    if (existsSync24(USERS_FILE)) {
+      const users = JSON.parse(readFileSync18(USERS_FILE, "utf-8").trim() || "[]");
       userId = users[0]?.userId ?? "";
     }
     await backfillNullUserIdConversations(userId);
@@ -14083,48 +13959,6 @@ for (const dir of bootEnabled) {
   bootDelivered.push(dir);
 }
 console.error(`[plugins] readiness enabled=${bootEnabled.length} delivered=${bootDelivered.length} dist-missing=[${bootDistMissing.join(",")}] missing=[${bootMissing.join(",")}]`);
-(async () => {
-  if (!bootAccount) {
-    console.log("[action-completion-relay] phase=consumed-skip reason=no-account");
-    return;
-  }
-  let records;
-  try {
-    records = consumeActionCompletionRelays(bootAccount.accountDir);
-  } catch (err) {
-    console.error(`[action-completion-relay] phase=consume-failed error=${err instanceof Error ? err.message : String(err)}`);
-    return;
-  }
-  if (records.length === 0) {
-    console.log(`[action-completion-relay] phase=consumed-empty accountId=${bootAccount.accountId.slice(0, 8)}\u2026`);
-    return;
-  }
-  console.log(`[action-completion-relay] phase=consume-batch count=${records.length} accountId=${bootAccount.accountId.slice(0, 8)}\u2026`);
-  for (const rec of records) {
-    const sessionKey = `cloudflare-relay-boot:${rec.actionId}`;
-    let outcome = "injected";
-    let dispatchError;
-    try {
-      registerSession(sessionKey, "admin", bootAccount.accountId);
-      setConversationIdForSession(sessionKey, rec.conversationId);
-      for await (const _ev of invokeAgent({ type: "admin" }, rec.message, sessionKey)) {
-      }
-    } catch (err) {
-      outcome = "dispatch-failed";
-      dispatchError = err instanceof Error ? err.message : String(err);
-    } finally {
-      unregisterSession(sessionKey);
-    }
-    if (outcome === "injected") {
-      deleteConsumedRelay(rec.filePath);
-      console.log(`[action-completion-relay] phase=consumed actionId=${rec.actionId} conversationId=${rec.conversationId} ageMs=${rec.ageMs} outcome=injected`);
-    } else {
-      console.error(`[action-completion-relay] phase=consumed actionId=${rec.actionId} conversationId=${rec.conversationId} ageMs=${rec.ageMs} outcome=${outcome} reason=${JSON.stringify(dispatchError ?? "")} fileRetained=${JSON.stringify(rec.filePath)}`);
-    }
-  }
-})().catch((err) => {
-  console.error(`[action-completion-relay] boot-drain rejected: ${err instanceof Error ? err.message : String(err)}`);
-});
 if (bootAccountConfig?.whatsapp) {
   console.error(`[whatsapp:boot] loading whatsapp config from account.json publicAgent=${bootPublicAgent ?? "none"}`);
 } else {
@@ -14132,7 +13966,7 @@ if (bootAccountConfig?.whatsapp) {
 }
 init({
   configDir: configDirForWhatsApp,
-  platformRoot: resolve25(process.env.MAXY_PLATFORM_ROOT ?? join11(__dirname, "..")),
+  platformRoot: resolve25(process.env.MAXY_PLATFORM_ROOT ?? join10(__dirname, "..")),
   accountConfig: bootAccountConfig,
   onMessage: async (msg) => {
     try {