@rubytech/taskmaster 1.17.0 → 1.17.5

package/dist/control-ui/index.html

@@ -6,7 +6,7 @@
     <title>Taskmaster Control</title>
     <meta name="color-scheme" content="dark light" />
     <link rel="icon" type="image/png" href="./favicon.png" />
-    <script type="module" crossorigin src="./assets/index-Beuhzjy_.js"></script>
+    <script type="module" crossorigin src="./assets/index-koe4eKhk.js"></script>
     <link rel="stylesheet" crossorigin href="./assets/index-XqRo9tNW.css">
   </head>
   <body>

package/dist/cron/service/timer.js

@@ -103,7 +103,11 @@ export async function executeJob(state, job, nowMs, opts) {
         }
         if (job.sessionTarget === "isolated") {
             const prefix = job.isolation?.postToMainPrefix?.trim() || "Cron";
-            const mode = job.isolation?.postToMainMode ?? "summary";
+            const configuredMode = job.isolation?.postToMainMode ?? "summary";
+            // When delivery was skipped (best-effort, no external channel configured),
+            // promote to "full" so the admin sees the actual report in their main chat
+            // instead of a delivery-error summary.
+            const mode = status === "skipped" && outputText ? "full" : configuredMode;
             let body = (summary ?? err ?? status).trim();
             if (mode === "full") {
                 // Prefer full agent output if available; fall back to summary.

package/dist/gateway/server-methods/apikeys.js

@@ -27,6 +27,8 @@ const PROVIDER_CATALOG = [
     { id: "brave", name: "Brave", category: "Web Search" },
     { id: "elevenlabs", name: "ElevenLabs", category: "Voice" },
     { id: "brevo", name: "Brevo", category: "Email" },
+    { id: "stripe", name: "Stripe", category: "Payments" },
+    { id: "stripe_webhook_secret", name: "Stripe Webhook Secret", category: "Payments" },
 ];
 const VALID_PROVIDER_IDS = new Set(PROVIDER_CATALOG.map((p) => p.id));
 export const apikeysHandlers = {

package/dist/gateway/server.impl.js

@@ -10,7 +10,7 @@ import { CONFIG_PATH_TASKMASTER, isNixMode, loadConfig, migrateLegacyConfig, rea
 import { VERSION } from "../version.js";
 import { isDiagnosticsEnabled } from "../infra/diagnostic-events.js";
 import { logAcceptedEnvOption } from "../infra/env.js";
-import { reconcileAgentContactTools, reconcileBeaglePublicTools, reconcileQrGenerateTool, reconcileStaleToolEntries, } from "../config/agent-tools-reconcile.js";
+import { reconcileAgentContactTools, reconcileBeaglePublicTools, reconcileControlPanelTools, reconcileQrGenerateTool, reconcileSkillReadTool, reconcileStaleToolEntries, } from "../config/agent-tools-reconcile.js";
 import { applyPluginAutoEnable } from "../config/plugin-auto-enable.js";
 import { clearAgentRunContext, onAgentEvent } from "../infra/agent-events.js";
 import { onHeartbeatEvent } from "../infra/heartbeat-events.js";
@@ -198,6 +198,35 @@ export async function startGatewayServer(port = 18789, opts = {}) {
             log.warn(`gateway: failed to persist qr_generate tool reconciliation: ${String(err)}`);
         }
     }
+    // Upgrade admin agents from individual control-panel tools to group:control-panel.
+    // Agents set up before the group existed miss tools added to it later (e.g. logs_read).
+    const cpReconcile = reconcileControlPanelTools({ config: configSnapshot.config });
+    if (cpReconcile.changes.length > 0) {
+        try {
+            await writeConfigFile(cpReconcile.config);
+            configSnapshot = await readConfigFileSnapshot();
+            log.info(`gateway: reconciled control-panel tools:\n${cpReconcile.changes
+                .map((entry) => `- ${entry}`)
+                .join("\n")}`);
+        }
+        catch (err) {
+            log.warn(`gateway: failed to persist control-panel tools reconciliation: ${String(err)}`);
+        }
+    }
+    // Add skill_read to admin agents that predate its addition to ACCOUNT_ADMIN_TOOLS.
+    const skillReadReconcile = reconcileSkillReadTool({ config: configSnapshot.config });
+    if (skillReadReconcile.changes.length > 0) {
+        try {
+            await writeConfigFile(skillReadReconcile.config);
+            configSnapshot = await readConfigFileSnapshot();
+            log.info(`gateway: reconciled skill_read tool:\n${skillReadReconcile.changes
+                .map((entry) => `- ${entry}`)
+                .join("\n")}`);
+        }
+        catch (err) {
+            log.warn(`gateway: failed to persist skill_read tool reconciliation: ${String(err)}`);
+        }
+    }
     // Stamp config with running version on startup so upgrades keep the stamp current.
     const storedVersion = configSnapshot.config.meta?.lastTouchedVersion;
     if (configSnapshot.exists && storedVersion !== VERSION) {

package/dist/hooks/bundled/ride-dispatch/handler.js

@@ -253,12 +253,15 @@ function buildTripRequestInstruction(fields, resolvedAccountId) {
         `4. For each selected driver, update their status to awaiting_response via memory_write\n` +
         `5. Write shared/active-negotiations/{driver-phone}.md with job_id: ${jobId} for each driver\n` +
         `6. Message each driver in Swahili with the route details, pickup time, passengers, and job ID [${jobId}]\n` +
-        `   Use the message tool with accountId: "${accountId}"\n` +
+        `   Use the message tool with channel: "whatsapp", accountId: "${accountId}"\n` +
         `7. Message the tourist at ${touristPhone} confirming you've contacted drivers and are waiting for quotes\n` +
-        `   Use the message tool with accountId: "${accountId}"\n` +
+        `   Use the message tool with channel: "whatsapp", accountId: "${accountId}"\n` +
         `8. When drivers reply with quotes (dispatched to this session), compile the offers\n` +
-        `9. Message the tourist with up to 3 competing offers: fare, driver rating, vehicle type, estimated journey time\n` +
-        `   Do NOT reveal driver name, phone, or plate — those are gated by payment\n`);
+        `9. Message the tourist at ${touristPhone} with up to 3 competing offers: fare, vehicle type, driver rating, estimated journey time\n` +
+        `   Use the message tool with channel: "whatsapp", accountId: "${accountId}"\n` +
+        `   Cross-agent echo will relay the message to the tourist's active session automatically\n` +
+        `   Do NOT reveal driver name, phone, or plate — those are gated by payment\n` +
+        `   NOTE: Do NOT write a dispatch file for the offers — message the tourist directly\n`);
 }
 function buildBookingConfirmInstruction(fields, resolvedAccountId) {
     const jobId = fields.job_id ?? "UNKNOWN";
@@ -278,7 +281,7 @@ function buildBookingConfirmInstruction(fields, resolvedAccountId) {
         `1. Load the stripe skill and generate a Checkout Session for the booking fee\n` +
         `   Set metadata: booking_id="${jobId}", tourist_phone="${touristPhone}"\n` +
         `2. Message the tourist at ${touristPhone} with the payment link and booking terms\n` +
-        `   Use the message tool with accountId: "${accountId}"\n` +
+        `   Use the message tool with channel: "whatsapp", accountId: "${accountId}"\n` +
         `3. Record the booking details in shared/bookings/${jobId}.md via memory_write\n` +
         `4. Clear the active negotiation files for drivers NOT selected (delete their shared/active-negotiations/{phone}.md)\n`);
 }
@@ -293,9 +296,9 @@ function buildPaymentConfirmedInstruction(params) {
         `1. Read the booking record at shared/bookings/${bookingId}.md for driver details\n` +
         `2. Generate the pickup PIN and QR code (see references/pin-qr.md)\n` +
         `3. Message the tourist at ${touristPhone} with: driver name, phone, vehicle details, plate, and pickup PIN\n` +
-        `   Use the message tool with accountId: "${accountId}"\n` +
+        `   Use the message tool with channel: "whatsapp", accountId: "${accountId}"\n` +
         `4. Message the driver with: passenger name, pickup time/location, fare, and QR code URL\n` +
-        `   Use the message tool with accountId: "${accountId}"\n` +
+        `   Use the message tool with channel: "whatsapp", accountId: "${accountId}"\n` +
         `5. Update the booking record status to "confirmed"\n` +
         `6. Clear the active negotiation file for the driver (shared/active-negotiations/{phone}.md)\n`);
 }
@@ -337,6 +340,10 @@ async function handleMemoryAdd(event) {
         return;
     }
     const fields = parseDispatchFile(content);
+    // Normalize: public agents may write tourist_id instead of tourist_phone
+    if (!fields.tourist_phone && fields.tourist_id) {
+        fields.tourist_phone = fields.tourist_id;
+    }
     // Load config (memory:add events don't carry cfg)
     let cfg;
     try {
@@ -427,8 +434,15 @@ async function handleDriverReply(event) {
         `Driver phone: ${senderPhone}\n` +
         `Message: ${text}\n\n` +
         `Process this reply in the context of the ongoing negotiation for ${jobId}.\n` +
-        `If this is a fare quote, note it and compile offers when ready.\n` +
-        `If the driver is declining, update their status and active negotiation index.\n`;
+        `If this is a fare quote:\n` +
+        `  - Record the quote in the driver's memory profile\n` +
+        `  - When all expected quotes are in (or after a reasonable wait), compile the offers\n` +
+        `  - Message the tourist directly using the message tool with the compiled offers\n` +
+        `    The tourist phone is in the earlier trip-request message in this session\n` +
+        `    Use the message tool with channel: "whatsapp", accountId: "${accountId}"\n` +
+        `    Do NOT write a dispatch file — use the message tool to send the offers directly\n` +
+        `    Cross-agent echo will relay it to the tourist's active session automatically\n` +
+        `If the driver is declining, update their status in memory and delete their shared/active-negotiations/{phone-digits}.md file.\n`;
     console.log(`[ride-dispatch] Driver reply from ${senderPhone} for ${jobId}, dispatching to admin agent "${adminAgentId}"`);
     // Fire and forget — suppress is already set, caller will skip processForRoute
     dispatchToAdmin({

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rubytech/taskmaster",
-  "version": "1.17.0",
+  "version": "1.17.5",
   "description": "AI-powered business assistant for small businesses",
   "publishConfig": {
     "access": "public"

package/skills/stripe/SKILL.md

@@ -0,0 +1,29 @@
+---
+name: stripe
+description: Guide users through getting Stripe API credentials — the secret key for payment links and the webhook signing secret for automatic post-payment workflows.
+metadata: {"taskmaster":{"emoji":"💳"}}
+---
+
+# Stripe Setup
+
+Walks users through creating a Stripe account (or logging in to an existing one), obtaining their secret API key, setting up a webhook endpoint, and saving both credentials. One guided flow covers both keys — the secret key enables payment link creation; the webhook signing secret enables automatic post-payment workflow dispatch without any manual user step.
+
+## When to activate
+
+- User asks about Stripe setup or connecting Stripe to Taskmaster
+- Control panel shows Stripe or Stripe Webhook Secret as unconfigured and payment features are in use
+- BOOTSTRAP detects missing Stripe key when payment link generation is needed
+- User asks why payments aren't working or why post-payment automation isn't firing
+
+## What it unlocks
+
+- **Payment link generation** — create Stripe Checkout Sessions for collecting booking fees or other payments
+- **Automatic post-payment dispatch** — Taskmaster receives `checkout.session.completed` webhook events and triggers follow-up workflows without requiring the customer to manually confirm payment
+
+## References
+
+| Task | When to use | Reference |
+|------|-------------|-----------|
+| Guided setup | User wants help getting both credentials | `references/setup-guide.md` |
+
+Load the reference and follow its instructions.

package/skills/stripe/references/setup-guide.md

@@ -0,0 +1,156 @@
+# Stripe — Guided Setup
+
+Walk the user through getting both Stripe credentials: the secret API key (used to create payment links) and the webhook signing secret (used to verify incoming payment confirmation events). Guide with clear step-by-step instructions.
+
+**Important:** Stripe's dashboard is dense and aimed at developers. The user only needs two things: their secret key and a webhook endpoint. Guide them directly to both — do not let them get lost in the product catalogue, reports, or analytics.
+
+---
+
+## Prerequisites
+
+- User has a Stripe account, or is ready to create one
+- Taskmaster's public URL — the user needs to know their hostname to construct the webhook endpoint URL (e.g. `https://taskmaster-19000.local:19000` or their public domain)
+
+---
+
+## Step 1: Explain
+
+Tell the user what you are setting up and why both keys are needed:
+
+> "To take payments, Taskmaster needs two things from your Stripe account:
+>
+> 1. **Secret key** — lets Taskmaster create payment links on your behalf
+> 2. **Webhook signing secret** — tells Taskmaster when a customer has actually paid, so it can automatically trigger follow-up actions (like releasing booking details) without waiting for the customer to say anything
+>
+> This takes about 5 minutes. I'll walk you through both."
+
+---
+
+## Step 2: Log in to Stripe
+
+> "Go to **dashboard.stripe.com** and sign in. If you don't have an account yet, click **Start now** and create one — it's free to set up.
+>
+> Let me know when you're in the dashboard."
+
+Wait for the user to confirm.
+
+---
+
+## Step 3: Get the secret key
+
+**Navigation: Dashboard → Developers → API keys**
+
+> "In the left sidebar, click **Developers** (near the bottom), then click **API keys**.
+>
+> You'll see two keys:
+> - **Publishable key** — starts with `pk_` — we don't need this one
+> - **Secret key** — starts with `sk_` — this is the one we need
+>
+> Click **Reveal live key** (or **Reveal test key** if you're still testing). Copy the full key — it starts with `sk_live_` or `sk_test_` and is quite long. Send it to me."
+
+Wait for the user to send the key.
+
+Verify format (`sk_test_` or `sk_live_` prefix, 30+ characters). If it looks wrong:
+
+> "That doesn't look quite right — the secret key should start with `sk_test_` (for test mode) or `sk_live_` (for production) and be at least 30 characters long. Can you check you've copied the **Secret key**, not the Publishable key?"
+
+Once you have a valid key, save it:
+
+```
+api_keys({ action: "set", provider: "stripe", apiKey: "<the key>" })
+```
+
+Confirm to the user:
+
+> "Secret key saved. Now let's set up the webhook so Taskmaster gets notified automatically when a payment goes through."
+
+---
+
+## Step 4: Create the webhook endpoint
+
+**Navigation: Dashboard → Developers → Webhooks → Add endpoint**
+
+> "Still in the Developers section, click **Webhooks** in the left sidebar.
+>
+> Click **Add endpoint** (top-right of the page).
+>
+> In the **Endpoint URL** field, enter:
+> `https://<your-taskmaster-host>/webhook/stripe`
+>
+> Replace `<your-taskmaster-host>` with your Taskmaster address — for example `taskmaster-19000.local:19000` if you're on your local network, or your public domain if Taskmaster is accessible from the internet.
+>
+> Under **Select events**, click **+ Select events**, search for `checkout.session.completed`, tick it, and click **Add events**.
+>
+> Then click **Add endpoint** to save.
+>
+> Let me know when you've done that."
+
+If the user is unsure of their Taskmaster address:
+
+> "Your Taskmaster address is the URL you use to access the control panel — just the host and port, without any path. For example, if your control panel is at `http://taskmaster-19000.local:19000`, your webhook URL would be `https://taskmaster-19000.local:19000/webhook/stripe`."
+
+Wait for the user to confirm the endpoint is created.
+
+---
+
+## Step 5: Get the webhook signing secret
+
+> "After creating the endpoint, Stripe shows a **Signing secret** — it starts with `whsec_`. Click **Reveal** to show it, then copy it and send it to me.
+>
+> If you've already navigated away, click on the endpoint you just created in the Webhooks list — the signing secret is shown on that endpoint's detail page."
+
+Wait for the user to send the signing secret.
+
+Verify format (`whsec_` prefix). If it looks wrong:
+
+> "The webhook signing secret should start with `whsec_` — that's different from the API key. Click on your webhook endpoint in the Webhooks list and look for the **Signing secret** section."
+
+Once you have a valid signing secret, save it:
+
+```
+api_keys({ action: "set", provider: "stripe_webhook_secret", apiKey: "<the whsec key>" })
+```
+
+---
+
+## Step 6: Confirm
+
+> "Both Stripe credentials are saved:
+>
+> - **Secret key** — payment links can now be created
+> - **Webhook signing secret** — Taskmaster will receive and verify payment confirmations automatically
+>
+> You're all set. As soon as a customer completes a payment, Taskmaster will be notified and can trigger follow-up actions immediately — no manual step needed from the customer."
+
+---
+
+## If the user already has a Stripe account
+
+Skip Step 2 (they're already logged in). Proceed from Step 3.
+
+If they already have a secret key saved somewhere, skip to Step 4.
+
+---
+
+## Test mode vs live mode
+
+| | Test mode | Live mode |
+|---|---|---|
+| Key prefix | `sk_test_` | `sk_live_` |
+| Webhooks | Use test webhook endpoints | Use live webhook endpoints |
+| Payments | No real money moves | Real payments |
+
+Start with test mode (`sk_test_`) if the user is still building or testing their flow. Switch to live keys when ready for real payments. Both key types are stored the same way — just replace the value in the API Keys panel.
+
+---
+
+## Troubleshooting
+
+| Problem | Solution |
+|---------|----------|
+| Can't find Developers menu | It's in the left sidebar, near the bottom. If you're on the Stripe home page, you may need to scroll down or look for a collapsed sidebar — click the hamburger or expand icon. |
+| Secret key is hidden / "Restricted key" shown | You may be looking at a restricted key. Click **API keys** in the Developers section — the secret key is under **Standard keys**. |
+| Can't find signing secret after creating endpoint | Click on the endpoint row in the Webhooks list. The signing secret is on the endpoint's detail page under **Signing secret**. |
+| Webhook URL not accepted (must be HTTPS) | Stripe requires HTTPS for webhook endpoints. If Taskmaster is only on HTTP locally, use a tunnel tool like ngrok during development, or configure a TLS certificate on your Taskmaster host. |
+| Payments confirmed in Stripe but Taskmaster isn't notified | Check the webhook endpoint's delivery log in Stripe (Developers → Webhooks → click endpoint → Recent deliveries). If deliveries are failing, the URL may be unreachable from the internet. |
+| "I already had a webhook set up" | You can use the existing endpoint if it already points to `/webhook/stripe` on your host. Just copy the signing secret from its detail page. |

package/templates/beagle-zanzibar/agents/admin/AGENTS.md

@@ -77,9 +77,12 @@ When you receive `[System: Ride Dispatch — Trip Request]`:
    - Update their status to `awaiting_response` via `memory_write`
    - Write `shared/active-negotiations/{driver-phone-digits}.md` with `job_id`, `driver_name`, and `contacted_at`
 5. Message each driver in Swahili via the `message` tool with route details, pickup time, passengers, and job ID
-6. Message the tourist confirming drivers have been contacted and quotes are being gathered
-7. When driver replies arrive (dispatched as `[System: Ride Dispatch — Driver Reply]`), compile offers
-8. Message the tourist with up to 3 competing offers — fare, rating, vehicle type, journey time. Do NOT reveal driver name, phone, or plate (gated by payment)
+6. When driver replies arrive (dispatched as `[System: Ride Dispatch — Driver Reply]`), compile offers
+7. Message the tourist at `tourist_phone` using the `message` tool with `accountId` from this dispatch
+   - Include up to 3 offers: fare, vehicle type, driver rating, estimated journey time
+   - Do NOT reveal driver name, phone, or plate — those are gated by payment
+   - Cross-agent echo will relay the WhatsApp message to the tourist's active session automatically
+   - Do NOT write a dispatch file for the offers — message directly
 
 ### Booking Confirmation
 
@@ -87,18 +90,21 @@ When you receive `[System: Ride Dispatch — Booking Confirmation]`:
 
 1. Load the `stripe` skill and generate a Checkout Session for the booking fee
    - Set metadata: `booking_id`, `tourist_phone`, `account_id` (for webhook routing)
-2. Message the tourist with the payment link and booking terms
+2. Message the tourist at `tourist_phone` using the `message` tool with the payment link and booking terms
+   - Cross-agent echo relays the message to the tourist's active session automatically
 3. Record booking details in `shared/bookings/{job-id}.md` via `memory_write`
+   - Include `tourist_phone` for post-payment messaging
 4. Clear `shared/active-negotiations/{phone}.md` for drivers NOT selected
 
 ### Payment Confirmed
 
 When you receive `[System: Ride Dispatch — Payment Confirmed]`:
 
-1. Read the booking record at `shared/bookings/{job-id}.md` for driver details
+1. Read the booking record at `shared/bookings/{job-id}.md` for driver details and `tourist_session_key`
 2. Generate the pickup PIN and QR code (see `references/pin-qr.md`)
-3. Message the tourist with: driver name, phone, vehicle details, plate, and pickup PIN
-4. Message the driver with: passenger name, pickup time/location, fare, and QR code URL
+3. Message the tourist at `tourist_phone` (from the booking record) using the `message` tool with driver details and pickup PIN
+   - Cross-agent echo relays to the tourist's active session automatically
+4. Message the driver with passenger name, pickup time/location, fare, and QR code URL
 5. Update the booking record status to `confirmed`
 6. Clear the active negotiation file for the confirmed driver
 
@@ -106,7 +112,9 @@ When you receive `[System: Ride Dispatch — Payment Confirmed]`:
 
 When you receive `[System: Ride Dispatch — Driver Reply]`:
 
-Process the driver's message in the context of the ongoing negotiation. If it's a fare quote, note it. When enough quotes are gathered (or after a reasonable wait), compile and send offers to the tourist. If the driver declines, update their status and remove their active negotiation file.
+1. If the driver is quoting a fare: record it in their memory profile (`memory_write` on `drivers/{name}.md`)
+2. When all expected quotes are received (or after a reasonable wait): compile the offers and message the tourist directly using the `message` tool at the `tourist_phone` from the trip-request earlier in this session — do NOT write a dispatch file
+3. If the driver is declining: update their status in memory to `idle` and delete their `shared/active-negotiations/{phone-digits}.md` file
 
 ### Active Negotiation Index
 

package/templates/beagle-zanzibar/agents/public/AGENTS.md

@@ -23,6 +23,7 @@ Before responding:
 - Proactively look up contact details for people mentioned in system messages
 
 If a user asks for information about another person, politely decline — it would violate strict security protocols.
+**Declined conversations stay declined.** When you've correctly identified a message as misdirected or outside your scope and responded accordingly, that conversation is concluded. If the same sender follows up with requests of any kind, decline and end the conversation. Performing services for someone you've already turned away contradicts your own assessment and opens the service to general-purpose misuse.
 
 ---
 
@@ -54,6 +55,10 @@ The knowledge base is the single source of truth. If it doesn't cover what's bei
 
 This is a **prescribed workflow**. When a tourist requests a ride, execute every step in order. Do not stop, skip, or defer any step. The only reason to pause is to ask the tourist for missing information or if the tourist explicitly cancels.
 
+### Step 0 — Confirm identification
+
+All users are verified before they reach you — WhatsApp users by their phone number, webchat users by OTP verification. The tourist's phone number is their session identifier. Use it as `tourist_phone` in dispatch files.
+
 ### Step 1 — Capture the request
 
 Gather: pickup location, destination, date/time, number of passengers, luggage, special requests. If the tourist gave everything in one message, proceed immediately. If anything is missing, ask — then resume from Step 2 when they reply.
@@ -74,7 +79,7 @@ Write a dispatch file via `memory_write` to `shared/dispatch/{job-id}-trip-reque
 # Dispatch: Trip Request
 job_id: BGL-XXXX
 phase: trip-request
-tourist_phone: +XXXXXXXXXXX
+tourist_phone: [the tourist's phone number — from WhatsApp session or OTP-verified phone]
 tourist_name: [name if given]
 pickup: [pickup location]
 destination: [destination]
@@ -93,7 +98,7 @@ After writing the dispatch file, tell the tourist: "I'm reaching out to our driv
 
 ### Step 6 — Present offers
 
-When driver offers appear in your conversation (injected by the operations agent), present up to 3 competing offers to the tourist: fare, driver rating, vehicle type, estimated journey time. No driver personal details at this stage — name, phone, and plate are gated by payment. See `references/ride-matching.md` for formatting.
+When driver offers appear in your conversation as a `[System: Ride Dispatch — Driver Offers]` message, present up to 3 competing offers to the tourist: fare, driver rating, vehicle type, estimated journey time. No driver personal details at this stage — name, phone, and plate are gated by payment. See `references/ride-matching.md` for formatting.
 
 ### Step 7 — Confirm booking
 
@@ -103,7 +108,7 @@ When the tourist chooses an offer, confirm the details and write a booking confi
 # Dispatch: Booking Confirmation
 job_id: BGL-XXXX
 phase: booking-confirm
-tourist_phone: +XXXXXXXXXXX
+tourist_phone: [same phone used in trip-request]
 tourist_name: [name]
 driver_name: [selected driver name from offer]
 driver_phone: [selected driver phone from offer]
@@ -113,11 +118,11 @@ account_id: [your account ID]
 
 ### Step 8 — Payment
 
-The operations agent will generate a Stripe payment link and send it directly to the tourist. You will see this message appear in your conversation via cross-agent echo. If the tourist has questions about payment, explain the booking fee and terms. Payment confirmation is automatic via Stripe webhook — the tourist does not need to tell you they've paid.
+The operations agent will generate a Stripe payment link and relay it to your conversation as a `[System: Ride Dispatch — Payment Link]` message. Present the payment link and terms to the tourist. If the tourist has questions about payment, explain the booking fee. Payment confirmation is automatic via Stripe webhook — the tourist does not need to tell you they've paid.
 
 ### Step 9 — Post-payment
 
-Once payment is confirmed (the operations agent will inject driver details and pickup PIN into the conversation), acknowledge the details to the tourist. Explain the PIN verification process: "Your driver has a QR code. You have the PIN. Scan the QR or ask the driver to quote your PIN — works without internet."
+Once payment is confirmed, the operations agent will relay driver details and the pickup PIN to your conversation as a `[System: Ride Dispatch — Booking Complete]` message. Present the driver details to the tourist and explain the PIN verification process: "Your driver has a QR code. You have the PIN. Scan the QR or ask the driver to quote your PIN — works without internet."
 
 ### Step 10 — Record and follow up