@rubytech/taskmaster 1.14.2 → 1.16.0

package/dist/hooks/bundled/ride-dispatch/handler.js

@@ -0,0 +1,450 @@
+/**
+ * Ride Dispatch Hook Handler
+ *
+ * Bridges the public and admin agents for privilege-separated ride matching.
+ *
+ * Two event paths:
+ *
+ * 1. memory:add — Public agent writes a dispatch file at shared/dispatch/{jobId}-{phase}.md.
+ *    The handler parses it and dispatches a structured instruction to the admin agent's
+ *    ride-{jobId} session. The admin then uses privileged tools (contact_lookup, message,
+ *    Stripe) to process the request.
+ *
+ * 2. message:inbound — A driver replies on WhatsApp. The handler checks the active
+ *    negotiation index (shared/active-negotiations/{phone}.md) to find the job ID,
+ *    then dispatches the driver's message to the admin's ride session for that job.
+ */
+import fs from "node:fs";
+import path from "node:path";
+import { randomUUID } from "node:crypto";
+import { dispatchInboundMessageWithDispatcher } from "../../../auto-reply/dispatch.js";
+import { formatInboundEnvelope, resolveEnvelopeFormatOptions, } from "../../../auto-reply/envelope.js";
+import { createReplyPrefixContext } from "../../../channels/reply-prefix.js";
+import { readConfigFileSnapshot } from "../../../config/io.js";
+import { resolveDefaultAgentId, resolveAgentWorkspaceDir } from "../../../agents/agent-scope.js";
+import { resolveAgentIdFromSessionKey } from "../../../routing/session-key.js";
+import { resolveAgentBoundAccountId } from "../../../routing/bindings.js";
+import { buildAgentSessionKey } from "../../../routing/resolve-route.js";
+// ---------------------------------------------------------------------------
+// Constants
+// ---------------------------------------------------------------------------
+/** Dispatch file path pattern: shared/dispatch/{jobId}-{phase}.md */
+const DISPATCH_FILE_RE = /shared\/dispatch\/([A-Z]+-\d+)-(trip-request|booking-confirm)\.md$/;
+/** Dedup cache: Map<key, timestamp>. Prevents re-dispatching within the cooldown window. */
+const recentDispatches = new Map();
+const DEDUP_COOLDOWN_MS = 30 * 1000; // 30 seconds
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+function isDuplicate(key) {
+    const now = Date.now();
+    // Prune stale entries
+    for (const [k, ts] of recentDispatches) {
+        if (now - ts > DEDUP_COOLDOWN_MS)
+            recentDispatches.delete(k);
+    }
+    const lastSeen = recentDispatches.get(key);
+    if (lastSeen && now - lastSeen < DEDUP_COOLDOWN_MS)
+        return true;
+    recentDispatches.set(key, now);
+    return false;
+}
+/**
+ * Parse a dispatch file's key: value fields into a Record.
+ * Lines starting with `#` are treated as headers and skipped.
+ */
+function parseDispatchFile(content) {
+    const fields = {};
+    for (const line of content.split("\n")) {
+        const trimmed = line.trim();
+        if (!trimmed || trimmed.startsWith("#"))
+            continue;
+        const colonIdx = trimmed.indexOf(":");
+        if (colonIdx === -1)
+            continue;
+        const key = trimmed.slice(0, colonIdx).trim();
+        const value = trimmed.slice(colonIdx + 1).trim();
+        if (key && value)
+            fields[key] = value;
+    }
+    return fields;
+}
+/**
+ * Extract peer phone from a DM session key.
+ * Formats:
+ * - 4-part: agent:{agentId}:dm:{peer}
+ * - 5-part: agent:{agentId}:{channel}:dm:{peer}
+ */
+function extractPeerFromSessionKey(sessionKey) {
+    const parts = sessionKey.toLowerCase().split(":").filter(Boolean);
+    if (parts[0] !== "agent" || parts.length < 4)
+        return null;
+    if (parts.length >= 4 && parts[2] === "dm")
+        return parts.slice(3).join(":");
+    if (parts.length >= 5 && parts[3] === "dm")
+        return parts.slice(4).join(":");
+    return null;
+}
+/**
+ * Find the admin agent ID from config.
+ * The admin agent is the one marked `default: true`.
+ */
+function findAdminAgentId(cfg) {
+    const agents = cfg.agents?.list ?? [];
+    const admin = agents.find((a) => a.default === true);
+    if (admin?.id)
+        return admin.id;
+    const defaultId = resolveDefaultAgentId(cfg);
+    return defaultId || null;
+}
+/** Check if an agent ID belongs to a Beagle instance. */
+function isBeagleAgent(agentId) {
+    return Boolean(agentId && agentId.toLowerCase().includes("beagle"));
+}
+/** Check if an agent is the public (non-admin) agent. */
+function isPublicAgentConfig(cfg, agentId) {
+    const agent = cfg.agents?.list?.find((a) => a.id === agentId);
+    return agent?.default !== true;
+}
+/**
+ * Read the active negotiation index file for a driver phone.
+ * Returns the job ID if the driver has an active negotiation, null otherwise.
+ */
+function readActiveNegotiation(workspaceDir, phone) {
+    // Sanitise phone for filesystem: replace + with nothing, keep digits
+    const safePhone = phone.replace(/[^0-9]/g, "");
+    const filePath = path.join(workspaceDir, "memory", "shared", "active-negotiations", `${safePhone}.md`);
+    try {
+        const content = fs.readFileSync(filePath, "utf-8");
+        const fields = parseDispatchFile(content);
+        return fields.job_id || null;
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Resolve the workspace directory for the memory event's agent.
+ * memory:add events include workspaceDir in context.
+ */
+function resolveWorkspaceDirFromContext(context) {
+    const dir = context.workspaceDir;
+    return typeof dir === "string" && dir.trim() ? dir.trim() : null;
+}
+// ---------------------------------------------------------------------------
+// Dispatch to admin
+// ---------------------------------------------------------------------------
+async function dispatchToAdmin(params) {
+    const { cfg, adminAgentId, jobId, instruction, fromId, accountId } = params;
+    const sessionKey = buildAgentSessionKey({
+        agentId: adminAgentId,
+        channel: "system",
+        peer: { kind: "dm", id: `ride-${jobId.toLowerCase()}` },
+    }).toLowerCase();
+    const envelopeOptions = resolveEnvelopeFormatOptions(cfg);
+    const envelope = formatInboundEnvelope({
+        channel: "System",
+        from: "ride-dispatch",
+        timestamp: Date.now(),
+        body: instruction,
+        chatType: "direct",
+        senderLabel: "Ride Dispatch Hook",
+        envelope: envelopeOptions,
+    });
+    const ctx = {
+        Body: envelope,
+        RawBody: instruction,
+        CommandBody: instruction,
+        From: fromId,
+        SessionKey: sessionKey,
+        AccountId: accountId,
+        MessageSid: randomUUID(),
+        ChatType: "direct",
+        CommandAuthorized: false,
+        Provider: "system",
+        Surface: "system",
+        OriginatingChannel: "system",
+        OriginatingTo: "",
+    };
+    const prefixCtx = createReplyPrefixContext({ cfg, agentId: adminAgentId });
+    await dispatchInboundMessageWithDispatcher({
+        ctx,
+        cfg,
+        dispatcherOptions: {
+            responsePrefix: prefixCtx.responsePrefix,
+            responsePrefixContextProvider: prefixCtx.responsePrefixContextProvider,
+            deliver: async () => {
+                // No-op: the admin agent sends messages via its `message` tool directly.
+                // Cross-agent echo handles visibility in the public agent's session.
+            },
+            onError: () => {
+                // Logged internally by the dispatcher
+            },
+        },
+        replyOptions: {
+            onModelSelected: prefixCtx.onModelSelected,
+        },
+    });
+}
+// ---------------------------------------------------------------------------
+// Build instruction text for each dispatch phase
+// ---------------------------------------------------------------------------
+function buildTripRequestInstruction(fields) {
+    const jobId = fields.job_id ?? "UNKNOWN";
+    const touristPhone = fields.tourist_phone ?? "unknown";
+    const touristName = fields.tourist_name ?? "Tourist";
+    const pickup = fields.pickup ?? "unknown";
+    const destination = fields.destination ?? "unknown";
+    const date = fields.date ?? "unknown";
+    const time = fields.time ?? "unknown";
+    const passengers = fields.passengers ?? "unknown";
+    const luggage = fields.luggage ?? "none";
+    const specialRequests = fields.special_requests ?? "none";
+    const fareEstimate = fields.fare_estimate ?? "unknown";
+    const accountId = fields.account_id ?? "default";
+    return (`[System: Ride Dispatch — Trip Request]\n\n` +
+        `A tourist has requested a ride. Process this by contacting available drivers.\n\n` +
+        `Job ID: ${jobId}\n` +
+        `Tourist phone: ${touristPhone}\n` +
+        `Tourist name: ${touristName}\n` +
+        `Pickup: ${pickup}\n` +
+        `Destination: ${destination}\n` +
+        `Date: ${date}\n` +
+        `Time: ${time}\n` +
+        `Passengers: ${passengers}\n` +
+        `Luggage: ${luggage}\n` +
+        `Special requests: ${specialRequests}\n` +
+        `Fare estimate: ${fareEstimate}\n` +
+        `WhatsApp account: ${accountId}\n\n` +
+        `Process this request:\n` +
+        `1. Call contact_lookup to get the driver roster\n` +
+        `2. For each driver, call memory_get on drivers/{name}.md to check their status\n` +
+        `3. Select up to 3 idle drivers (prefer those with route history for this route)\n` +
+        `4. For each selected driver, update their status to awaiting_response via memory_write\n` +
+        `5. Write shared/active-negotiations/{driver-phone}.md with job_id: ${jobId} for each driver\n` +
+        `6. Message each driver in Swahili with the route details, pickup time, passengers, and job ID [${jobId}]\n` +
+        `   Use the message tool with accountId: "${accountId}"\n` +
+        `7. Message the tourist at ${touristPhone} confirming you've contacted drivers and are waiting for quotes\n` +
+        `   Use the message tool with accountId: "${accountId}"\n` +
+        `8. When drivers reply with quotes (dispatched to this session), compile the offers\n` +
+        `9. Message the tourist with up to 3 competing offers: fare, driver rating, vehicle type, estimated journey time\n` +
+        `   Do NOT reveal driver name, phone, or plate — those are gated by payment\n`);
+}
+function buildBookingConfirmInstruction(fields) {
+    const jobId = fields.job_id ?? "UNKNOWN";
+    const touristPhone = fields.tourist_phone ?? "unknown";
+    const driverName = fields.driver_name ?? "unknown";
+    const driverPhone = fields.driver_phone ?? "unknown";
+    const fare = fields.fare ?? "unknown";
+    const accountId = fields.account_id ?? "default";
+    return (`[System: Ride Dispatch — Booking Confirmation]\n\n` +
+        `The tourist has selected a driver. Generate a Stripe payment link and send it.\n\n` +
+        `Job ID: ${jobId}\n` +
+        `Tourist phone: ${touristPhone}\n` +
+        `Selected driver: ${driverName} (${driverPhone})\n` +
+        `Agreed fare: ${fare}\n` +
+        `WhatsApp account: ${accountId}\n\n` +
+        `Process this request:\n` +
+        `1. Load the stripe skill and generate a Checkout Session for the booking fee\n` +
+        `   Set metadata: booking_id="${jobId}", tourist_phone="${touristPhone}"\n` +
+        `2. Message the tourist at ${touristPhone} with the payment link and booking terms\n` +
+        `   Use the message tool with accountId: "${accountId}"\n` +
+        `3. Record the booking details in shared/bookings/${jobId}.md via memory_write\n` +
+        `4. Clear the active negotiation files for drivers NOT selected (delete their shared/active-negotiations/{phone}.md)\n`);
+}
+function buildPaymentConfirmedInstruction(params) {
+    const { bookingId, touristPhone, accountId } = params;
+    return (`[System: Ride Dispatch — Payment Confirmed]\n\n` +
+        `Stripe has confirmed payment for this booking. Finalise the ride.\n\n` +
+        `Booking ID: ${bookingId}\n` +
+        `Tourist phone: ${touristPhone}\n` +
+        `WhatsApp account: ${accountId}\n\n` +
+        `Process this request:\n` +
+        `1. Read the booking record at shared/bookings/${bookingId}.md for driver details\n` +
+        `2. Generate the pickup PIN and QR code (see references/pin-qr.md)\n` +
+        `3. Message the tourist at ${touristPhone} with: driver name, phone, vehicle details, plate, and pickup PIN\n` +
+        `   Use the message tool with accountId: "${accountId}"\n` +
+        `4. Message the driver with: passenger name, pickup time/location, fare, and QR code URL\n` +
+        `   Use the message tool with accountId: "${accountId}"\n` +
+        `5. Update the booking record status to "confirmed"\n` +
+        `6. Clear the active negotiation file for the driver (shared/active-negotiations/{phone}.md)\n`);
+}
+// ---------------------------------------------------------------------------
+// Event handlers
+// ---------------------------------------------------------------------------
+/**
+ * Handle memory:add events — dispatch files written by the public agent.
+ */
+async function handleMemoryAdd(event) {
+    const context = event.context || {};
+    const relativePath = context.relativePath;
+    const agentId = context.agentId;
+    if (!relativePath || !agentId)
+        return;
+    // Only handle Beagle agents
+    if (!isBeagleAgent(agentId))
+        return;
+    // Match dispatch file pattern
+    const match = relativePath.match(DISPATCH_FILE_RE);
+    if (!match)
+        return;
+    const jobId = match[1]; // e.g. BGL-0042
+    const phase = match[2]; // trip-request | booking-confirm
+    // Dedup
+    const dedupKey = `dispatch:${relativePath}`;
+    if (isDuplicate(dedupKey))
+        return;
+    // Read the dispatch file
+    const filePath = context.filePath;
+    if (!filePath)
+        return;
+    let content;
+    try {
+        content = fs.readFileSync(filePath, "utf-8");
+    }
+    catch {
+        console.warn(`[ride-dispatch] Could not read dispatch file: ${filePath}`);
+        return;
+    }
+    const fields = parseDispatchFile(content);
+    // Load config (memory:add events don't carry cfg)
+    let cfg;
+    try {
+        const snapshot = await readConfigFileSnapshot();
+        cfg = snapshot.config;
+    }
+    catch {
+        console.warn("[ride-dispatch] Could not read config");
+        return;
+    }
+    const adminAgentId = findAdminAgentId(cfg);
+    if (!adminAgentId) {
+        console.warn("[ride-dispatch] No admin agent found in config");
+        return;
+    }
+    const accountId = fields.account_id ?? resolveAgentBoundAccountId(cfg, agentId, "whatsapp") ?? "default";
+    let instruction;
+    if (phase === "trip-request") {
+        instruction = buildTripRequestInstruction(fields);
+    }
+    else if (phase === "booking-confirm") {
+        instruction = buildBookingConfirmInstruction(fields);
+    }
+    else {
+        return;
+    }
+    console.log(`[ride-dispatch] Dispatch file detected: ${relativePath} (${phase}), dispatching to admin agent "${adminAgentId}"`);
+    // Fire and forget
+    dispatchToAdmin({
+        cfg,
+        adminAgentId,
+        jobId,
+        instruction,
+        fromId: `ride-${jobId.toLowerCase()}`,
+        accountId,
+    }).catch((err) => {
+        console.error("[ride-dispatch] Failed to dispatch to admin:", err instanceof Error ? err.message : String(err));
+    });
+}
+/**
+ * Handle message:inbound events — driver replies routed to the public agent.
+ */
+async function handleDriverReply(event) {
+    const context = event.context || {};
+    const cfg = context.cfg;
+    const text = context.text;
+    if (!cfg || !text?.trim())
+        return;
+    // Only act on public agent DM sessions
+    const agentId = resolveAgentIdFromSessionKey(event.sessionKey);
+    if (!agentId || !isBeagleAgent(agentId))
+        return;
+    if (!isPublicAgentConfig(cfg, agentId))
+        return;
+    // Extract sender phone from session key
+    const senderPhone = extractPeerFromSessionKey(event.sessionKey);
+    if (!senderPhone)
+        return;
+    // Resolve workspace dir from the agent config to find active-negotiations
+    const workspaceDir = resolveAgentWorkspaceDir(cfg, agentId);
+    // Check active negotiation index
+    const jobId = readActiveNegotiation(workspaceDir, senderPhone);
+    if (!jobId)
+        return; // Not a driver in active negotiation
+    // Dedup
+    const dedupKey = `reply:${senderPhone}:${Date.now().toString().slice(0, -4)}`; // ~10s granularity
+    if (isDuplicate(dedupKey))
+        return;
+    const adminAgentId = findAdminAgentId(cfg);
+    if (!adminAgentId)
+        return;
+    const accountId = resolveAgentBoundAccountId(cfg, agentId, "whatsapp") ?? "default";
+    const instruction = `[System: Ride Dispatch — Driver Reply]\n\n` +
+        `A driver has replied regarding job ${jobId}.\n\n` +
+        `Driver phone: ${senderPhone}\n` +
+        `Message: ${text}\n\n` +
+        `Process this reply in the context of the ongoing negotiation for ${jobId}.\n` +
+        `If this is a fare quote, note it and compile offers when ready.\n` +
+        `If the driver is declining, update their status and active negotiation index.\n`;
+    console.log(`[ride-dispatch] Driver reply from ${senderPhone} for ${jobId}, dispatching to admin agent "${adminAgentId}"`);
+    // Fire and forget
+    dispatchToAdmin({
+        cfg,
+        adminAgentId,
+        jobId,
+        instruction,
+        fromId: `ride-${jobId.toLowerCase()}`,
+        accountId,
+    }).catch((err) => {
+        console.error("[ride-dispatch] Failed to dispatch driver reply:", err instanceof Error ? err.message : String(err));
+    });
+}
+// ---------------------------------------------------------------------------
+// Stripe webhook dispatch (called from gateway HTTP handler)
+// ---------------------------------------------------------------------------
+/**
+ * Dispatch a payment confirmation to the admin agent's ride session.
+ * Called by the Stripe webhook handler when checkout.session.completed fires.
+ */
+export async function dispatchPaymentConfirmed(params) {
+    const { bookingId, touristPhone, accountId } = params;
+    const dedupKey = `payment:${bookingId}`;
+    if (isDuplicate(dedupKey))
+        return;
+    let cfg;
+    try {
+        const snapshot = await readConfigFileSnapshot();
+        cfg = snapshot.config;
+    }
+    catch {
+        console.warn("[ride-dispatch] Could not read config for payment dispatch");
+        return;
+    }
+    const adminAgentId = findAdminAgentId(cfg);
+    if (!adminAgentId) {
+        console.warn("[ride-dispatch] No admin agent for payment dispatch");
+        return;
+    }
+    const instruction = buildPaymentConfirmedInstruction({ bookingId, touristPhone, accountId });
+    console.log(`[ride-dispatch] Payment confirmed for ${bookingId}, dispatching to admin agent "${adminAgentId}"`);
+    await dispatchToAdmin({
+        cfg,
+        adminAgentId,
+        jobId: bookingId,
+        instruction,
+        fromId: `ride-${bookingId.toLowerCase()}`,
+        accountId,
+    });
+}
+// ---------------------------------------------------------------------------
+// Main hook handler
+// ---------------------------------------------------------------------------
+const handleRideDispatch = async (event) => {
+    if (event.type === "memory" && event.action === "add") {
+        await handleMemoryAdd(event);
+    }
+    else if (event.type === "message" && event.action === "inbound") {
+        await handleDriverReply(event);
+    }
+};
+export default handleRideDispatch;

package/dist/hooks/bundled/ride-dispatch/stripe-webhook.js

@@ -0,0 +1,191 @@
+/**
+ * Stripe Webhook HTTP Handler for Ride Dispatch
+ *
+ * Handles `checkout.session.completed` events from Stripe to trigger
+ * automatic post-payment processing. When a tourist completes payment,
+ * this dispatches to the admin agent's ride session without requiring
+ * the tourist to say "I've paid."
+ *
+ * Route: POST /webhook/stripe
+ *
+ * The Stripe signing secret must be configured at config.apiKeys.stripe_webhook_secret.
+ */
+import { createHmac } from "node:crypto";
+import { createSubsystemLogger } from "../../../logging/subsystem.js";
+import { readConfigFileSnapshot } from "../../../config/io.js";
+import { dispatchPaymentConfirmed } from "./handler.js";
+const log = createSubsystemLogger("stripe-webhook");
+const WEBHOOK_PATH = "/webhook/stripe";
+const MAX_BODY_BYTES = 65_536; // 64 KB — Stripe payloads are small
+// ---------------------------------------------------------------------------
+// Signature verification
+// ---------------------------------------------------------------------------
+/**
+ * Verify a Stripe webhook signature.
+ * Uses the v1 scheme: HMAC-SHA256 of "timestamp.payload" against the signing secret.
+ */
+function verifyStripeSignature(payload, signatureHeader, secret, toleranceSeconds = 300) {
+    const elements = signatureHeader.split(",");
+    let timestamp = null;
+    const signatures = [];
+    for (const element of elements) {
+        const [key, value] = element.split("=");
+        if (key === "t")
+            timestamp = value;
+        if (key === "v1")
+            signatures.push(value);
+    }
+    if (!timestamp || signatures.length === 0)
+        return false;
+    // Check timestamp tolerance
+    const ts = parseInt(timestamp, 10);
+    if (isNaN(ts))
+        return false;
+    const age = Math.abs(Date.now() / 1000 - ts);
+    if (age > toleranceSeconds)
+        return false;
+    // Compute expected signature
+    const signedPayload = `${timestamp}.${payload}`;
+    const expected = createHmac("sha256", secret).update(signedPayload, "utf8").digest("hex");
+    return signatures.some((sig) => timingSafeEqual(sig, expected));
+}
+/** Constant-time string comparison. */
+function timingSafeEqual(a, b) {
+    if (a.length !== b.length)
+        return false;
+    const bufA = Buffer.from(a, "utf8");
+    const bufB = Buffer.from(b, "utf8");
+    try {
+        const crypto = require("node:crypto");
+        return crypto.timingSafeEqual(bufA, bufB);
+    }
+    catch {
+        // Fallback — still works, just not constant-time
+        return a === b;
+    }
+}
+// ---------------------------------------------------------------------------
+// HTTP body reader
+// ---------------------------------------------------------------------------
+async function readRawBody(req, maxBytes) {
+    return new Promise((resolve, reject) => {
+        let body = "";
+        let bytes = 0;
+        req.setEncoding("utf8");
+        req.on("data", (chunk) => {
+            bytes += Buffer.byteLength(chunk);
+            if (bytes > maxBytes) {
+                reject(new Error("Request body too large"));
+                req.destroy();
+                return;
+            }
+            body += chunk;
+        });
+        req.on("end", () => resolve(body));
+        req.on("error", reject);
+    });
+}
+// ---------------------------------------------------------------------------
+// Handler
+// ---------------------------------------------------------------------------
+/**
+ * Create an HTTP request handler for Stripe webhooks.
+ *
+ * Wired into the gateway HTTP server chain in server-http.ts.
+ * Returns `true` if the request was handled (matched the webhook path),
+ * `false` otherwise (pass to next handler).
+ */
+export function createStripeWebhookHandler() {
+    return async (req, res) => {
+        const url = new URL(req.url ?? "/", `http://${req.headers.host ?? "localhost"}`);
+        if (url.pathname !== WEBHOOK_PATH)
+            return false;
+        // Only POST
+        if (req.method !== "POST") {
+            res.writeHead(405, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "Method not allowed" }));
+            return true;
+        }
+        // Read config to get signing secret
+        let signingSecret;
+        try {
+            const snapshot = await readConfigFileSnapshot();
+            signingSecret = snapshot.config.apiKeys
+                ?.stripe_webhook_secret;
+        }
+        catch {
+            log.warn("Could not read config for Stripe webhook secret");
+        }
+        // Read body
+        let rawBody;
+        try {
+            rawBody = await readRawBody(req, MAX_BODY_BYTES);
+        }
+        catch (err) {
+            res.writeHead(400, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "Invalid request body" }));
+            return true;
+        }
+        // Verify signature if secret is configured
+        if (signingSecret) {
+            const signatureHeader = req.headers["stripe-signature"];
+            if (typeof signatureHeader !== "string") {
+                res.writeHead(401, { "Content-Type": "application/json" });
+                res.end(JSON.stringify({ error: "Missing Stripe-Signature header" }));
+                return true;
+            }
+            if (!verifyStripeSignature(rawBody, signatureHeader, signingSecret)) {
+                log.warn("Stripe webhook signature verification failed");
+                res.writeHead(401, { "Content-Type": "application/json" });
+                res.end(JSON.stringify({ error: "Invalid signature" }));
+                return true;
+            }
+        }
+        else {
+            log.warn("No stripe_webhook_secret configured — accepting webhook without signature verification");
+        }
+        // Parse event
+        let event;
+        try {
+            event = JSON.parse(rawBody);
+        }
+        catch {
+            res.writeHead(400, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "Invalid JSON" }));
+            return true;
+        }
+        // Only handle checkout.session.completed
+        if (event.type !== "checkout.session.completed") {
+            // Acknowledge but ignore other event types
+            res.writeHead(200, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ received: true }));
+            return true;
+        }
+        const session = event.data?.object;
+        if (!session) {
+            res.writeHead(400, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "Missing session object" }));
+            return true;
+        }
+        const metadata = session.metadata;
+        const bookingId = metadata?.booking_id;
+        const touristPhone = metadata?.tourist_phone;
+        const accountId = metadata?.account_id ?? "default";
+        if (!bookingId || !touristPhone) {
+            // Not a ride booking payment — ignore silently
+            log.info("Stripe checkout completed but missing booking_id/tourist_phone metadata — ignoring");
+            res.writeHead(200, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ received: true }));
+            return true;
+        }
+        log.info(`Stripe payment confirmed for booking ${bookingId} (tourist: ${touristPhone})`);
+        // Respond immediately — dispatch is async
+        res.writeHead(200, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ received: true }));
+        // Fire and forget
+        dispatchPaymentConfirmed({ bookingId, touristPhone, accountId }).catch((err) => {
+            log.warn(`Failed to dispatch payment confirmation for ${bookingId}: ${String(err)}`);
+        });
+        return true;
+    };
+}

package/dist/memory/internal.js

@@ -36,6 +36,26 @@ export function isMemoryPath(relPath) {
         return true;
     return normalized.startsWith("memory/");
 }
+/**
+ * Ensure a relative path has the `memory/` prefix.
+ *
+ * Agents are sometimes instructed to strip the prefix (system prompt) while
+ * the storage layer requires it.  Accept both forms so that either convention
+ * works:
+ *   "public/data.md"         → "memory/public/data.md"
+ *   "memory/public/data.md"  → "memory/public/data.md"  (unchanged)
+ *   "MEMORY.md"              → "MEMORY.md"               (root file, unchanged)
+ */
+export function ensureMemoryPrefix(relPath) {
+    const normalized = normalizeRelPath(relPath);
+    if (!normalized)
+        return normalized;
+    if (normalized === "MEMORY.md" || normalized === "memory.md")
+        return normalized;
+    if (normalized.startsWith("memory/"))
+        return normalized;
+    return `memory/${normalized}`;
+}
 async function exists(filePath) {
     try {
         await fs.access(filePath);
@@ -113,7 +133,10 @@ export async function buildFileEntry(absPath, workspaceDir) {
     // Binary files (PDF, DOCX, etc.) are hashed from raw bytes; text files from UTF-8.
     const binary = isBinaryMemoryFile(absPath);
     const hash = binary
-        ? crypto.createHash("sha256").update(await fs.readFile(absPath)).digest("hex")
+        ? crypto
+            .createHash("sha256")
+            .update(await fs.readFile(absPath))
+            .digest("hex")
         : hashText(await fs.readFile(absPath, "utf-8"));
     return {
         path: path.relative(workspaceDir, absPath).replace(/\\/g, "/"),