@rubytech/taskmaster 1.18.2 → 1.19.1

package/dist/control-ui/index.html

@@ -6,8 +6,8 @@
     <title>Taskmaster Control</title>
     <meta name="color-scheme" content="dark light" />
     <link rel="icon" type="image/png" href="./favicon.png" />
-    <script type="module" crossorigin src="./assets/index-DYBHelH8.js"></script>
-    <link rel="stylesheet" crossorigin href="./assets/index-XqRo9tNW.css">
+    <script type="module" crossorigin src="./assets/index-mjAT1dyG.js"></script>
+    <link rel="stylesheet" crossorigin href="./assets/index-0WHVrpg7.css">
   </head>
   <body>
     <taskmaster-app></taskmaster-app>

package/dist/cron/isolated-agent/delivery-record.js

@@ -4,14 +4,14 @@ import path from "node:path";
  * Writes a delivery record to the agent's workspace memory so the admin agent
  * can discover what was sent by cron jobs when recipients reply later.
  *
- * Files are stored in `memory/shared/cron-activity/` as dated markdown,
- * discoverable via the agent's normal memory search.
+ * Files are stored in `memory/admin/cron-activity/` as dated markdown,
+ * discoverable via the admin agent's normal memory search.
  */
 export async function writeCronDeliveryRecord(params) {
     const { workspaceDir, jobName, jobId, agentOutput, deliveredTo, timestamp } = params;
     if (!agentOutput.trim() || deliveredTo.length === 0)
         return null;
-    const dir = path.join(workspaceDir, "memory", "shared", "cron-activity");
+    const dir = path.join(workspaceDir, "memory", "admin", "cron-activity");
     await fs.promises.mkdir(dir, { recursive: true });
     const dateSlug = formatDateSlug(timestamp);
     const nameSlug = slugify(jobName);

package/dist/cron/isolated-agent/run.js

@@ -403,8 +403,11 @@ export async function runCronIsolatedAgentTurn(params) {
                 }
             }
             // Also persist delivery record to memory for searchability.
+            // Always write to the admin agent's workspace so records land in memory/admin/,
+            // regardless of which agent is executing the cron job.
+            const adminWorkspaceDir = resolveAgentWorkspaceDir(params.cfg, "admin");
             await writeCronDeliveryRecord({
-                workspaceDir,
+                workspaceDir: adminWorkspaceDir,
                 jobName: params.job.name,
                 jobId: params.job.id,
                 agentOutput: outputText,

package/dist/cron/preloaded.js

@@ -62,6 +62,39 @@ export function loadCronTemplatesFromBundledSkills(bundledSkillsDir) {
 // ---------------------------------------------------------------------------
 // Seeding function — create cron jobs from un-seeded templates
 // ---------------------------------------------------------------------------
+/**
+ * Seed cron jobs from a single workspace's skills directory into a specific account.
+ * Used for workspace-template skills that live outside the bundled skills directory.
+ * Reuses the same tracker, dedup logic, and file format as bundled skill seeding.
+ */
+export async function seedCronJobsFromSkillsDir(params) {
+    const { skillsDir, accountId, trackerPath, cronService } = params;
+    const templates = loadCronTemplatesFromBundledSkills(skillsDir);
+    if (templates.length === 0)
+        return 0;
+    const tracker = await loadSeedTracker(trackerPath);
+    let seeded = 0;
+    for (const template of templates) {
+        if (isTemplateSeeded(tracker, template.templateId, accountId))
+            continue;
+        const job = await cronService.add({
+            name: template.name,
+            description: template.description,
+            enabled: template.enabled,
+            agentId: template.agentId,
+            accountId,
+            schedule: template.schedule,
+            sessionTarget: template.sessionTarget,
+            wakeMode: template.wakeMode,
+            payload: template.payload,
+            isolation: template.isolation,
+        });
+        markTemplateSeeded(tracker, template.templateId, job.id, accountId);
+        await saveSeedTracker(trackerPath, tracker);
+        seeded++;
+    }
+    return seeded;
+}
 export async function seedPreloadedCronJobs(params) {
     const { bundledSkillsDir, trackerPath, cronService, accountIds } = params;
     if (accountIds.length === 0)

package/dist/gateway/control-ui.js

@@ -449,8 +449,9 @@ export function handlePublicChatHttpRequest(req, res, opts) {
     const pathname = url.pathname;
     if (!pathname.startsWith("/public/"))
         return false;
-    // Static asset passthrough (JS/CSS/images served from /public/assets/*)
-    if (pathname.startsWith("/public/assets/")) {
+    // Static asset passthrough (JS/CSS/images served from /public/assets/* and root-level
+    // static files like /public/favicon.png referenced by the SPA via <base href="/public/">)
+    if (pathname.startsWith("/public/assets/") || pathname === "/public/favicon.png") {
         const root = resolveControlUiRoot();
         if (!root) {
             respondNotFound(res);
@@ -558,13 +559,14 @@ export function handlePublicChatHttpRequest(req, res, opts) {
         accentColor,
         backgroundColor,
     });
-    // Inject <base href="/"> right after <head> so relative asset paths (./assets/...)
-    // resolve from root. The URL is /public/chat/:accountId — 3 levels deep, so without
-    // <base> the browser would look for /public/chat/assets/... which doesn't exist.
+    // Inject <base href="/public/"> right after <head> so relative asset paths (./assets/...)
+    // resolve to /public/assets/... — within the /public/* prefix that the Funnel external
+    // request filter allows. Using <base href="/"> would route assets to /assets/... which
+    // is blocked for Funnel (public internet) requests, making the widget blank externally.
     // The <base> tag MUST appear before any tags that use relative URLs.
     const headOpen = injected.indexOf("<head>");
     const baseInjected = headOpen !== -1
-        ? `${injected.slice(0, headOpen + 6)}<base href="/">${injected.slice(headOpen + 6)}`
+        ? `${injected.slice(0, headOpen + 6)}<base href="/public/">${injected.slice(headOpen + 6)}`
         : injected;
     // Detect available OTP delivery channels for the public chat config
     const whatsappAccountId = resolveAgentBoundAccountId(config, publicAgentId, "whatsapp") ?? undefined;

package/dist/gateway/protocol/schema/logs-chat.js

@@ -10,6 +10,8 @@ export const LogsTailParamsSchema = Type.Object({
         Type.Literal("warn"),
         Type.Literal("info"),
     ])),
+    /** PIN access session token. Required when the device has a master PIN and the caller is the control UI. */
+    accessToken: Type.Optional(Type.String()),
 }, { additionalProperties: false });
 export const LogsTailResultSchema = Type.Object({
     file: NonEmptyString,

package/dist/gateway/server-http.js

@@ -217,7 +217,8 @@ export function createGatewayHttpServer(opts) {
             const trustedProxies = getEffectiveTrustedProxies(configSnapshot);
             if (isExternalRequest(req, trustedProxies)) {
                 const pathname = new URL(req.url ?? "/", "http://localhost").pathname;
-                if (!pathname.startsWith("/public/")) {
+                const isAllowedExternal = pathname.startsWith("/public/") || pathname.startsWith("/webhook/");
+                if (!isAllowedExternal) {
                     res.statusCode = 403;
                     res.setHeader("Content-Type", "text/plain; charset=utf-8");
                     res.end("Forbidden");

package/dist/gateway/server-methods/access.js

@@ -60,6 +60,19 @@ function validateSession(token) {
     return session;
 }
 // ---------------------------------------------------------------------------
+// Exported session helpers
+// ---------------------------------------------------------------------------
+/**
+ * Returns true when the given token corresponds to a valid master (device-owner) session.
+ * Used by handlers that must be restricted to admin-only callers.
+ */
+export function isMasterSession(token) {
+    if (!token)
+        return false;
+    const session = validateSession(token);
+    return session !== null && session.master === true;
+}
+// ---------------------------------------------------------------------------
 // RPC Handlers
 // ---------------------------------------------------------------------------
 export const accessHandlers = {

package/dist/gateway/server-methods/logs.js

@@ -1,9 +1,12 @@
 import fs from "node:fs/promises";
 import path from "node:path";
+import { loadConfig } from "../../config/config.js";
 import { getResolvedLoggerSettings } from "../../logging.js";
 import { levelToMinLevel, ALLOWED_LOG_LEVELS } from "../../logging/levels.js";
 import { parseLogLine } from "../../logging/parse-log-line.js";
 import { ErrorCodes, errorShape, formatValidationErrors, validateLogsTailParams, } from "../protocol/index.js";
+import { isMasterSession } from "./access.js";
+const CONTROL_UI_CLIENT_ID = "taskmaster-control-ui";
 const DEFAULT_LIMIT = 500;
 const DEFAULT_MAX_BYTES = 250_000;
 const MAX_LIMIT = 5000;
@@ -121,12 +124,24 @@ async function readLogSlice(params) {
     }
 }
 export const logsHandlers = {
-    "logs.tail": async ({ params, respond }) => {
+    "logs.tail": async ({ params, client, respond }) => {
         if (!validateLogsTailParams(params)) {
             respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, `invalid logs.tail params: ${formatValidationErrors(validateLogsTailParams.errors)}`));
             return;
         }
         const p = params;
+        // System logs are not account-scoped and contain cross-account private information.
+        // When the caller is the control UI and a master PIN is configured, require the
+        // access session token to belong to a master (admin) session.
+        const isControlUi = client?.connect?.client?.id === CONTROL_UI_CLIENT_ID;
+        if (isControlUi) {
+            const config = loadConfig();
+            const hasMasterPin = Boolean(config.access?.masterPin);
+            if (hasMasterPin && !isMasterSession(p.accessToken)) {
+                respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, "unauthorized: system logs require admin login"));
+                return;
+            }
+        }
         const configuredFile = getResolvedLoggerSettings().file;
         try {
             const file = await resolveLogFile(configuredFile);

package/dist/gateway/server.impl.js

@@ -1,4 +1,5 @@
-import { listAgentIds, resolveAgentWorkspaceDir, resolveDefaultAgentId, } from "../agents/agent-scope.js";
+import path from "node:path";
+import { listAgentIds, resolveAgentWorkspaceDir, resolveAgentWorkspaceRoot, resolveDefaultAgentId, } from "../agents/agent-scope.js";
 import { initSubagentRegistry } from "../agents/subagent-registry.js";
 import { bumpSkillsSnapshotVersion, registerSkillsChangeListener, } from "../agents/skills/refresh.js";
 import { syncBundledSkillsToWorkspace } from "../agents/skills/workspace.js";
@@ -38,7 +39,7 @@ import { createChannelManager } from "./server-channels.js";
 import { createAgentEventHandler } from "./server-chat.js";
 import { createGatewayCloseHandler } from "./server-close.js";
 import { resolveBundledSkillsDir } from "../agents/skills/bundled-dir.js";
-import { DEFAULT_SEED_TRACKER_PATH, seedPreloadedCronJobs } from "../cron/preloaded.js";
+import { DEFAULT_SEED_TRACKER_PATH, seedCronJobsFromSkillsDir, seedPreloadedCronJobs, } from "../cron/preloaded.js";
 import { DEFAULT_ACCOUNT_ID } from "../routing/session-key.js";
 import { buildGatewayCronService } from "./server-cron.js";
 import { applyGatewayLaneConcurrency } from "./server-lanes.js";
@@ -496,28 +497,49 @@ export async function startGatewayServer(port = 18789, opts = {}) {
         }
     });
     let heartbeatRunner = startHeartbeatRunner({ cfg: cfgAtStart });
-    // Start cron, then seed preloaded cron jobs from bundled skills (one-time per template).
+    // Start cron, then seed preloaded cron jobs (one-time per template per account).
     void cron
         .start()
         .then(async () => {
         const bundledSkillsDir = resolveBundledSkillsDir();
-        if (!bundledSkillsDir)
-            return;
-        try {
-            const workspaceIds = Object.keys(cfgAtStart.workspaces ?? {});
-            const accountIds = workspaceIds.length > 0 ? workspaceIds : [DEFAULT_ACCOUNT_ID];
-            const seeded = await seedPreloadedCronJobs({
-                bundledSkillsDir,
-                trackerPath: DEFAULT_SEED_TRACKER_PATH,
-                cronService: cron,
-                accountIds,
-            });
-            if (seeded > 0) {
-                logCron.info(`cron: seeded ${seeded} preloaded job(s)`);
+        const workspaceIds = Object.keys(cfgAtStart.workspaces ?? {});
+        const accountIds = workspaceIds.length > 0 ? workspaceIds : [DEFAULT_ACCOUNT_ID];
+        // Seed from bundled skills (same templates for all accounts).
+        if (bundledSkillsDir) {
+            try {
+                const seeded = await seedPreloadedCronJobs({
+                    bundledSkillsDir,
+                    trackerPath: DEFAULT_SEED_TRACKER_PATH,
+                    cronService: cron,
+                    accountIds,
+                });
+                if (seeded > 0) {
+                    logCron.info(`cron: seeded ${seeded} preloaded job(s)`);
+                }
+            }
+            catch (err) {
+                logCron.error(`cron: failed to seed preloaded jobs: ${String(err)}`);
             }
         }
-        catch (err) {
-            logCron.error(`cron: failed to seed preloaded jobs: ${String(err)}`);
+        // Seed from each workspace's own skills directory (per-account templates).
+        // Uses the {accountId}-admin naming convention to resolve the workspace root.
+        for (const accountId of workspaceIds) {
+            try {
+                const workspaceRoot = resolveAgentWorkspaceRoot(cfgAtStart, `${accountId}-admin`);
+                const workspaceSkillsDir = path.join(workspaceRoot, "skills");
+                const wsSeeded = await seedCronJobsFromSkillsDir({
+                    skillsDir: workspaceSkillsDir,
+                    accountId,
+                    trackerPath: DEFAULT_SEED_TRACKER_PATH,
+                    cronService: cron,
+                });
+                if (wsSeeded > 0) {
+                    logCron.info(`cron: seeded ${wsSeeded} workspace job(s) for account ${accountId}`);
+                }
+            }
+            catch (err) {
+                logCron.error(`cron: failed to seed workspace jobs for account ${accountId}: ${String(err)}`);
+            }
         }
     })
         .catch((err) => logCron.error(`failed to start: ${String(err)}`));

package/dist/hooks/bundled/ride-dispatch/handler.js

@@ -233,7 +233,7 @@ function buildTripRequestInstruction(fields, resolvedAccountId) {
     const fareEstimate = fields.fare_estimate ?? "unknown";
     const accountId = resolvedAccountId;
     return (`[System: Ride Dispatch — Trip Request]\n\n` +
-        `A tourist has requested a ride. Process this by contacting available drivers.\n\n` +
+        `A tourist has requested a ride. Execute every step below in exact order. Do not skip or defer any step.\n\n` +
         `Job ID: ${jobId}\n` +
         `Tourist phone: ${touristPhone}\n` +
         `Tourist name: ${touristName}\n` +
@@ -244,63 +244,145 @@ function buildTripRequestInstruction(fields, resolvedAccountId) {
         `Passengers: ${passengers}\n` +
         `Luggage: ${luggage}\n` +
         `Special requests: ${specialRequests}\n` +
-        `Fare estimate: ${fareEstimate}\n` +
+        `Fare estimate (knowledge base): ${fareEstimate}\n` +
         `WhatsApp account: ${accountId}\n\n` +
-        `Process this request:\n` +
-        `1. Call contact_lookup to get the driver roster\n` +
-        `2. For each driver, call memory_get on drivers/{name}.md to check their status\n` +
-        `3. Select up to 3 idle drivers (prefer those with route history for this route)\n` +
-        `4. For each selected driver, update their status to awaiting_response via memory_write\n` +
-        `5. Write shared/active-negotiations/{driver-phone}.md with job_id: ${jobId} for each driver\n` +
-        `6. Message each driver in Swahili with the route details, pickup time, passengers, and job ID [${jobId}]\n` +
-        `   Use the message tool with channel: "whatsapp", accountId: "${accountId}"\n` +
-        `7. Message the tourist at ${touristPhone} confirming you've contacted drivers and are waiting for quotes\n` +
-        `   Use the message tool with channel: "whatsapp", accountId: "${accountId}"\n` +
-        `8. When drivers reply with quotes (dispatched to this session), compile the offers\n` +
-        `9. Message the tourist at ${touristPhone} with up to 3 competing offers: fare, vehicle type, driver rating, estimated journey time\n` +
-        `   Use the message tool with channel: "whatsapp", accountId: "${accountId}"\n` +
-        `   Cross-agent echo will relay the message to the tourist's active session automatically\n` +
-        `   Do NOT reveal driver name, phone, or plate — those are gated by payment\n` +
-        `   NOTE: Do NOT write a dispatch file for the offers — message the tourist directly\n`);
+        `STEP 1 — Get the driver roster\n` +
+        `Call contact_lookup with no filter to get all registered drivers.\n\n` +
+        `STEP 2 — Check driver availability\n` +
+        `For each driver returned, call memory_get on drivers/{name}.md and read the status field.\n` +
+        `Select up to 3 drivers whose status is "idle". Prefer drivers whose Route History includes "${pickup}" or "${destination}".\n\n` +
+        `STEP 3 — Update driver state and write negotiation index\n` +
+        `For each selected driver, do both of the following:\n` +
+        `  a. memory_write to drivers/{name}.md — set status: awaiting_response, current_booking: ${jobId}\n` +
+        `  b. memory_write to shared/active-negotiations/{phone-digits}.md (phone digits only, no + or spaces):\n` +
+        `       job_id: ${jobId}\n` +
+        `       driver_name: [driver name]\n` +
+        `       contacted_at: [current_time output]\n\n` +
+        `STEP 4 — Message each driver (fare enquiry, not a confirmed booking)\n` +
+        `For each selected driver, call message with channel: "whatsapp", accountId: "${accountId}", to: [driver phone].\n` +
+        `Send in Swahili — frame as a competitive quote request, not a confirmed job. Include: route, date, time, passengers, luggage, job ID.\n` +
+        `Example: "Habari [name], nina mteja anayehitaji gari kutoka ${pickup} hadi ${destination}, ${date} saa ${time}. Abiria ${passengers}, mizigo: ${luggage}. Ninapata bei kutoka madereva kadhaa — tafadhali niambie bei yako bora na kama unapatikana. Kumbukumbu: [${jobId}]."\n\n` +
+        `STEP 5 — Acknowledge to the tourist\n` +
+        `Call message with channel: "whatsapp", accountId: "${accountId}", to: ${touristPhone}.\n` +
+        `Send exactly: "I've reached out to our available drivers and I'm collecting quotes for [${jobId}]. I'll send you the options in a few minutes."\n\n` +
+        `--- WAIT FOR DRIVER REPLIES ---\n` +
+        `Driver replies arrive in this session as [System: Ride Dispatch — Driver Reply] messages.\n\n` +
+        `STEP 6 — Record each quote (on each Driver Reply message)\n` +
+        `Via memory_write to drivers/{name}.md — append under "## Quotes": "${jobId}: $[fare] quoted [date]"\n\n` +
+        `STEP 7 — Write offers file and message the tourist (when all expected quotes are in, or after 5 minutes)\n` +
+        `  a. memory_write to shared/offers/${jobId}.md with exactly this format:\n` +
+        `       # Offers: ${jobId}\n` +
+        `       job_id: ${jobId}\n` +
+        `       status: ready\n` +
+        `       tourist_phone: ${touristPhone}\n` +
+        `       offer_1_driver: [name]\n` +
+        `       offer_1_phone: [digits only]\n` +
+        `       offer_1_vehicle: [vehicle type]\n` +
+        `       offer_1_rating: [rating]\n` +
+        `       offer_1_fare: [USD amount as number]\n` +
+        `       offer_1_duration: [estimated minutes as number]\n` +
+        `       [offer_2_* fields if applicable]\n` +
+        `       [offer_3_* fields if applicable]\n` +
+        `     Sort by fare ascending. Only include offers from drivers who actually quoted.\n` +
+        `  b. Call message with channel: "whatsapp", accountId: "${accountId}", to: ${touristPhone}.\n` +
+        `     Send exactly:\n` +
+        `     "Here are the quotes for your trip [${jobId}]:\n` +
+        `     Option 1 — $[fare], [vehicle], [rating]⭐, ~[duration] min\n` +
+        `     Option 2 — $[fare], [vehicle], [rating]⭐, ~[duration] min\n` +
+        `     Option 3 — $[fare], [vehicle], [rating]⭐, ~[duration] min\n` +
+        `     Which option would you prefer?"\n` +
+        `     (Omit Option lines for offers you don't have. Do not include driver names or phone numbers.)\n`);
 }
 function buildBookingConfirmInstruction(fields, resolvedAccountId) {
     const jobId = fields.job_id ?? "UNKNOWN";
     const touristPhone = fields.tourist_phone ?? "unknown";
+    const touristName = fields.tourist_name ?? "unknown";
     const driverName = fields.driver_name ?? "unknown";
     const driverPhone = fields.driver_phone ?? "unknown";
+    const selectedOffer = fields.selected_offer ?? "unknown";
     const fare = fields.fare ?? "unknown";
     const accountId = resolvedAccountId;
     return (`[System: Ride Dispatch — Booking Confirmation]\n\n` +
-        `The tourist has selected a driver. Generate a Stripe payment link and send it.\n\n` +
+        `The tourist has selected a driver. Execute every step below in exact order.\n\n` +
         `Job ID: ${jobId}\n` +
         `Tourist phone: ${touristPhone}\n` +
-        `Selected driver: ${driverName} (${driverPhone})\n` +
-        `Agreed fare: ${fare}\n` +
+        `Tourist name: ${touristName}\n` +
+        `Selected: ${selectedOffer} — ${driverName} (phone digits: ${driverPhone})\n` +
+        `Agreed fare: $${fare}\n` +
         `WhatsApp account: ${accountId}\n\n` +
-        `Process this request:\n` +
-        `1. Load the stripe skill and generate a Checkout Session for the booking fee\n` +
-        `   Set metadata: booking_id="${jobId}", tourist_phone="${touristPhone}"\n` +
-        `2. Message the tourist at ${touristPhone} with the payment link and booking terms\n` +
-        `   Use the message tool with channel: "whatsapp", accountId: "${accountId}"\n` +
-        `3. Record the booking details in shared/bookings/${jobId}.md via memory_write\n` +
-        `4. Clear the active negotiation files for drivers NOT selected (delete their shared/active-negotiations/{phone}.md)\n`);
+        `STEP 1 — Load the Stripe skill\n` +
+        `Load the stripe skill and create a Checkout Session for $2.00 USD (booking fee):\n` +
+        `  - success_url: https://zanzibar.beagle.taxi/booking-confirmed\n` +
+        `  - cancel_url: https://zanzibar.beagle.taxi/booking-cancelled\n` +
+        `  - metadata: booking_id="${jobId}", tourist_phone="${touristPhone}", account_id="${accountId}"\n\n` +
+        `STEP 2 — Write the booking record\n` +
+        `memory_write to shared/bookings/${jobId}.md with exactly this format:\n` +
+        `  # Booking: ${jobId}\n` +
+        `  status: payment_pending\n` +
+        `  tourist_phone: ${touristPhone}\n` +
+        `  tourist_name: ${touristName}\n` +
+        `  driver_name: ${driverName}\n` +
+        `  driver_phone: ${driverPhone}\n` +
+        `  vehicle: [vehicle type from shared/offers/${jobId}.md]\n` +
+        `  plate: [driver's plate from contact record]\n` +
+        `  pickup: [from trip request]\n` +
+        `  destination: [from trip request]\n` +
+        `  date: [from trip request]\n` +
+        `  time: [from trip request]\n` +
+        `  fare: ${fare}\n` +
+        `  payment_url: [Stripe Checkout URL]\n` +
+        `  created_at: [current_time output]\n` +
+        `  pin: \n\n` +
+        `STEP 3 — Message the tourist with the payment link\n` +
+        `Call message with channel: "whatsapp", accountId: "${accountId}", to: ${touristPhone}.\n` +
+        `Send exactly:\n` +
+        `"Great news! I've found your driver for [${jobId}]. To confirm your booking, please pay the $2 reservation fee:\n` +
+        `[payment link]\n` +
+        `This secures your driver for [date] at [time]. Your driver's full details and pickup verification PIN will be sent immediately after payment."\n\n` +
+        `STEP 4 — Clear unselected driver negotiations\n` +
+        `For each driver contacted for ${jobId} who was NOT selected:\n` +
+        `  - memory_write to shared/active-negotiations/{phone-digits}.md with empty content (clears the file)\n` +
+        `  - memory_write to drivers/{name}.md — set status: idle, current_booking: null\n`);
 }
 function buildPaymentConfirmedInstruction(params) {
     const { bookingId, touristPhone, accountId } = params;
     return (`[System: Ride Dispatch — Payment Confirmed]\n\n` +
-        `Stripe has confirmed payment for this booking. Finalise the ride.\n\n` +
+        `Stripe has confirmed payment for this booking. Execute every step below in exact order.\n\n` +
         `Booking ID: ${bookingId}\n` +
         `Tourist phone: ${touristPhone}\n` +
         `WhatsApp account: ${accountId}\n\n` +
-        `Process this request:\n` +
-        `1. Read the booking record at shared/bookings/${bookingId}.md for driver details\n` +
-        `2. Generate the pickup PIN and QR code (see references/pin-qr.md)\n` +
-        `3. Message the tourist at ${touristPhone} with: driver name, phone, vehicle details, plate, and pickup PIN\n` +
-        `   Use the message tool with channel: "whatsapp", accountId: "${accountId}"\n` +
-        `4. Message the driver with: passenger name, pickup time/location, fare, and QR code URL\n` +
-        `   Use the message tool with channel: "whatsapp", accountId: "${accountId}"\n` +
-        `5. Update the booking record status to "confirmed"\n` +
-        `6. Clear the active negotiation file for the driver (shared/active-negotiations/{phone}.md)\n`);
+        `STEP 1 — Read the booking record\n` +
+        `Call memory_get on shared/bookings/${bookingId}.md.\n` +
+        `Extract: tourist_phone, tourist_name, driver_name, driver_phone, vehicle, plate, pickup, destination, date, time, fare.\n\n` +
+        `STEP 2 — Generate the pickup PIN\n` +
+        `Generate a random 4-digit integer between 1000 and 9999 (e.g. 4827).\n` +
+        `QR code URL: https://api.qrserver.com/v1/create-qr-code/?size=300x300&data=PIN%3A+{pin}\n` +
+        `(Replace {pin} with the actual 4 digits. This URL returns a PNG image the driver can show tourists.)\n\n` +
+        `STEP 3 — Message the tourist\n` +
+        `Call message with channel: "whatsapp", accountId: "${accountId}", to: [tourist_phone from booking record].\n` +
+        `Send exactly:\n` +
+        `"[${bookingId}] Your booking is confirmed! Here are your driver details:\n` +
+        `Driver: [driver_name]\n` +
+        `Phone: [driver_phone]\n` +
+        `Vehicle: [vehicle] — Plate: [plate]\n` +
+        `Pickup: [pickup] at [time] on [date]\n` +
+        `\n` +
+        `Your verification PIN: *[pin]*\n` +
+        `When your driver arrives, ask them to say your PIN — it should match this number. This confirms you're in the right car."\n\n` +
+        `STEP 4 — Message the driver with the QR code\n` +
+        `Call message with channel: "whatsapp", accountId: "${accountId}", to: [driver_phone from booking record],\n` +
+        `  media: https://api.qrserver.com/v1/create-qr-code/?size=300x300&data=PIN%3A+[pin],\n` +
+        `  body: "[${bookingId}] You have a confirmed booking.\n` +
+        `Pickup: [pickup] → [destination]\n` +
+        `Time: [time] on [date]\n` +
+        `Passenger: [tourist_name]\n` +
+        `Fare: $[fare]\n` +
+        `\n` +
+        `Your pickup PIN is [pin]. When you meet your passenger, say: 'Your PIN is [pin].' They will confirm it matches theirs. The QR code above is a backup they can scan instead."\n\n` +
+        `STEP 5 — Update the booking record\n` +
+        `memory_write to shared/bookings/${bookingId}.md — set status: confirmed, set pin: [pin].\n\n` +
+        `STEP 6 — Clear the active negotiation file for the confirmed driver\n` +
+        `memory_write to shared/active-negotiations/[driver_phone_digits].md with empty content.\n`);
 }
 // ---------------------------------------------------------------------------
 // Event handlers
@@ -430,19 +512,48 @@ async function handleDriverReply(event) {
     const accountId = resolveAgentBoundAccountId(cfg, agentId, "whatsapp") ??
         (agentId.replace(/-(public|admin)$/, "") || "default");
     const instruction = `[System: Ride Dispatch — Driver Reply]\n\n` +
-        `A driver has replied regarding job ${jobId}.\n\n` +
-        `Driver phone: ${senderPhone}\n` +
+        `A driver has replied for job ${jobId}. Execute the correct branch below.\n\n` +
+        `Driver phone digits: ${senderPhone}\n` +
         `Message: ${text}\n\n` +
-        `Process this reply in the context of the ongoing negotiation for ${jobId}.\n` +
-        `If this is a fare quote:\n` +
-        `  - Record the quote in the driver's memory profile\n` +
-        `  - When all expected quotes are in (or after a reasonable wait), compile the offers\n` +
-        `  - Message the tourist directly using the message tool with the compiled offers\n` +
-        `    The tourist phone is in the earlier trip-request message in this session\n` +
-        `    Use the message tool with channel: "whatsapp", accountId: "${accountId}"\n` +
-        `    Do NOT write a dispatch file — use the message tool to send the offers directly\n` +
-        `    Cross-agent echo will relay it to the tourist's active session automatically\n` +
-        `If the driver is declining, update their status in memory and delete their shared/active-negotiations/{phone-digits}.md file.\n`;
+        `IF THE DRIVER IS QUOTING A FARE:\n` +
+        `  STEP A — Look up the driver's name\n` +
+        `  Call contact_lookup and match the driver by phone digits "${senderPhone}" to get their name and vehicle.\n\n` +
+        `  STEP B — Record the quote\n` +
+        `  memory_write to drivers/{name}.md — append under "## Quotes": "${jobId}: $[fare] quoted [today's date]"\n\n` +
+        `  STEP C — Check whether all expected quotes are in\n` +
+        `  Read shared/active-negotiations/ to count how many drivers were contacted for ${jobId}.\n` +
+        `  If all have replied, OR if it has been 5+ minutes since the trip-request, proceed to STEP D.\n` +
+        `  If still waiting for replies, stop here and wait.\n\n` +
+        `  STEP D — Write the offers file\n` +
+        `  Call memory_get on shared/dispatch/${jobId}-trip-request.md to read tourist_phone.\n` +
+        `  Read shared/offers/${jobId}.md if it exists. If not, create it.\n` +
+        `  Add or update this driver's offer entry in shared/offers/${jobId}.md (memory_write):\n` +
+        `    # Offers: ${jobId}\n` +
+        `    job_id: ${jobId}\n` +
+        `    status: ready\n` +
+        `    tourist_phone: [tourist_phone from shared/dispatch/${jobId}-trip-request.md]\n` +
+        `    offer_N_driver: [name]\n` +
+        `    offer_N_phone: ${senderPhone}\n` +
+        `    offer_N_vehicle: [vehicle type]\n` +
+        `    offer_N_rating: [rating from drivers/{name}.md]\n` +
+        `    offer_N_fare: [quoted fare as USD number]\n` +
+        `    offer_N_duration: [estimated minutes]\n` +
+        `  (N = 1, 2, or 3 for each driver, sorted by fare ascending.)\n\n` +
+        `  STEP E — Message the tourist with formatted options\n` +
+        `  Read tourist_phone from shared/offers/${jobId}.md.\n` +
+        `  Call message with channel: "whatsapp", accountId: "${accountId}", to: [tourist_phone].\n` +
+        `  Send exactly:\n` +
+        `  "Here are the quotes for your trip [${jobId}]:\n` +
+        `  Option 1 — $[fare], [vehicle], [rating]⭐, ~[duration] min\n` +
+        `  Option 2 — $[fare], [vehicle], [rating]⭐, ~[duration] min\n` +
+        `  Option 3 — $[fare], [vehicle], [rating]⭐, ~[duration] min\n` +
+        `  Which option would you prefer?"\n` +
+        `  (Include only available options. Do not include driver names or phone numbers.)\n\n` +
+        `IF THE DRIVER IS DECLINING:\n` +
+        `  STEP A — Update driver status\n` +
+        `  memory_write to drivers/{name}.md — set status: idle, current_booking: null\n\n` +
+        `  STEP B — Clear negotiation index\n` +
+        `  memory_write to shared/active-negotiations/${senderPhone}.md with empty content\n`;
     console.log(`[ride-dispatch] Driver reply from ${senderPhone} for ${jobId}, dispatching to admin agent "${adminAgentId}"`);
     // Fire and forget — suppress is already set, caller will skip processForRoute
     dispatchToAdmin({

package/dist/media-understanding/defaults.js

@@ -7,7 +7,7 @@ export const DEFAULT_MAX_CHARS_BY_CAPABILITY = {
 };
 export const DEFAULT_MAX_BYTES = {
     image: 10 * MB,
-    audio: 20 * MB,
+    audio: 25 * MB,
     video: 50 * MB,
 };
 export const DEFAULT_TIMEOUT_SECONDS = {

package/dist/memory/audit.js

@@ -15,7 +15,7 @@ import fs from "node:fs";
 import path from "node:path";
 const AUDIT_FILENAME = ".memory-audit.json";
 /** Paths that are excluded from audit — expected operational writes. */
-const EXCLUDED_PREFIXES = ["memory/shared/events/", "memory/shared/cron-activity/"];
+const EXCLUDED_PREFIXES = ["memory/shared/events/", "memory/admin/cron-activity/"];
 /**
  * Returns true if a memory write path should be audited.
  * Auditable paths: memory/shared/** and memory/public/** (excluding exemptions).

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rubytech/taskmaster",
-  "version": "1.18.2",
+  "version": "1.19.1",
   "description": "AI-powered business assistant for small businesses",
   "publishConfig": {
     "access": "public"

package/taskmaster-docs/USER-GUIDE.md

@@ -931,7 +931,7 @@ Tap **Filters** to expand the filter chips, then narrow by:
 - **Agent** — show only entries from a specific agent (e.g., public or admin)
 - **Search** — free-text search across all entries
 
-**System Logs** show the internal machinery of the gateway — connections, heartbeats, startup messages. This is mainly useful for troubleshooting when something isn't working. Tap **Filters** to expand the filter chips and select which log levels to show (info, warning, error, etc.). You can also export logs to share with support.
+**System Logs** show the internal machinery of the gateway — connections, heartbeats, startup messages. This is mainly useful for troubleshooting when something isn't working. Tap **Filters** to expand the filter chips and select which log levels to show (info, warning, error, etc.). You can also export logs to share with support. **System Logs are only available when logged in as admin** — account-PIN users see the Session Logs tab only, because system logs contain information from all accounts on the device.
 
 Both views support **auto-follow** (available in the Filters panel — keeps the view scrolled to the latest entries) and **export** to download a log file. Filter chips are collapsed by default to keep the log view uncluttered.