@rubytech/taskmaster 1.42.0 → 1.42.1

package/dist/agents/tools/brand-settings-tool.js

@@ -2,45 +2,52 @@
  * Agent tool for managing branding settings.
  *
  * Wraps `config.get`/`config.patch` for accent/background color and
- * `brand.hasLogo`/`brand.removeLogo` for logo management. Logo upload
- * is excluded — it requires binary data better handled through the UI.
+ * `brand.hasLogo`/`brand.removeLogo`/`brand.uploadLogo` for logo management.
  */
 import { Type } from "@sinclair/typebox";
 import { stringEnum } from "../schema/typebox.js";
 import { jsonResult, readStringParam } from "./common.js";
 import { callGatewayTool } from "./gateway.js";
-const BRAND_ACTIONS = ["get", "set_colors", "remove_logo"];
+const BRAND_ACTIONS = ["get", "set_colors", "set_logo", "remove_logo"];
 const BrandSettingsSchema = Type.Object({
     action: stringEnum(BRAND_ACTIONS, {
         description: '"get" returns current branding (accent color, background color, logo status). ' +
             '"set_colors" updates accent and/or background colors. ' +
+            '"set_logo" uploads a workspace logo from base64 data. ' +
             '"remove_logo" removes the workspace logo.',
     }),
-    workspace: Type.Optional(Type.String({
-        description: "Workspace name. Required for logo operations. Defaults to the active workspace.",
-    })),
+    workspace: Type.String({
+        description: "Workspace name (e.g. \"taskmaster\"). Required for all actions.",
+    }),
     accentColor: Type.Optional(Type.String({
         description: 'Hex color for the accent/primary color (e.g. "#3B82F6"). Used with set_colors.',
     })),
     backgroundColor: Type.Optional(Type.String({
         description: 'Hex color for the background (e.g. "#1A1A2E"). Used with set_colors.',
     })),
+    imageData: Type.Optional(Type.String({
+        description: "Base64-encoded image data for the logo. Required for set_logo.",
+    })),
+    mimeType: Type.Optional(Type.String({
+        description: 'MIME type of the logo image (e.g. "image/png", "image/svg+xml"). Required for set_logo.',
+    })),
 });
 export function createBrandSettingsTool() {
     return {
         label: "Brand Settings",
         name: "brand_settings",
-        description: "Read and update branding settings. " +
+        description: "Read and update workspace branding settings. Workspace name is required for all actions. " +
             '"get" returns current accent color, background color, and logo status. ' +
             '"set_colors" updates accent and/or background colors (hex values). ' +
-            '"remove_logo" removes the workspace logo. ' +
-            "Logo upload requires the UI due to binary data — suggest the user upload through the Setup page.",
+            '"set_logo" uploads a logo from base64-encoded image data (imageData + mimeType required). ' +
+            '"remove_logo" removes the workspace logo.',
         parameters: BrandSettingsSchema,
         execute: async (_toolCallId, args) => {
             const params = args;
             const action = readStringParam(params, "action", { required: true });
             const gatewayOpts = {};
             if (action === "get") {
+                const workspace = readStringParam(params, "workspace", { required: true, label: "workspace" });
                 const config = await callGatewayTool("config.get", gatewayOpts, {});
                 let brand = {};
                 if (config &&
@@ -48,23 +55,20 @@ export function createBrandSettingsTool() {
                     typeof config.raw === "string") {
                     try {
                         const parsed = JSON.parse(config.raw);
-                        brand = parsed?.brand ?? {};
+                        brand = parsed?.workspaces?.[workspace]?.brand ?? {};
                     }
                     catch {
                         // fallback to empty
                     }
                 }
                 // Also check logo status
-                const workspace = readStringParam(params, "workspace");
                 let hasLogo;
-                if (workspace) {
-                    try {
-                        const logoResult = await callGatewayTool("brand.hasLogo", gatewayOpts, { workspace });
-                        hasLogo = logoResult?.hasLogo;
-                    }
-                    catch {
-                        // non-critical
-                    }
+                try {
+                    const logoResult = await callGatewayTool("brand.hasLogo", gatewayOpts, { workspace });
+                    hasLogo = logoResult?.hasLogo;
+                }
+                catch {
+                    // non-critical
                 }
                 return jsonResult({
                     accentColor: brand.accentColor ?? null,
@@ -73,6 +77,7 @@ export function createBrandSettingsTool() {
                 });
             }
             if (action === "set_colors") {
+                const workspace = readStringParam(params, "workspace", { required: true, label: "workspace" });
                 const accentColor = readStringParam(params, "accentColor");
                 const backgroundColor = readStringParam(params, "backgroundColor");
                 if (!accentColor && !backgroundColor) {
@@ -85,18 +90,42 @@ export function createBrandSettingsTool() {
                     brandPatch.backgroundColor = backgroundColor;
                 const snapshot = await callGatewayTool("config.get", gatewayOpts, {});
                 const baseHash = typeof snapshot?.hash === "string" ? snapshot.hash : undefined;
+                // Preserve existing workspace config, only updating brand colors
+                let existingWorkspace = {};
+                if (typeof snapshot?.raw === "string") {
+                    try {
+                        const parsed = JSON.parse(snapshot.raw);
+                        existingWorkspace = parsed?.workspaces?.[workspace] ?? {};
+                    }
+                    catch {
+                        // fallback to empty
+                    }
+                }
+                const existingBrand = existingWorkspace.brand ?? {};
                 const result = await callGatewayTool("config.patch", gatewayOpts, {
-                    raw: JSON.stringify({ brand: brandPatch }),
+                    raw: JSON.stringify({
+                        workspaces: {
+                            [workspace]: { ...existingWorkspace, brand: { ...existingBrand, ...brandPatch } },
+                        },
+                    }),
                     baseHash,
                     note: "agent: update brand colors",
                 });
                 return jsonResult({ ok: true, ...brandPatch, result });
             }
-            if (action === "remove_logo") {
-                const workspace = readStringParam(params, "workspace", {
-                    required: true,
-                    label: "workspace",
+            if (action === "set_logo") {
+                const workspace = readStringParam(params, "workspace", { required: true, label: "workspace" });
+                const imageData = readStringParam(params, "imageData", { required: true, label: "imageData" });
+                const mimeType = readStringParam(params, "mimeType", { required: true, label: "mimeType" });
+                const result = await callGatewayTool("brand.uploadLogo", gatewayOpts, {
+                    workspace,
+                    data: imageData,
+                    mimeType,
                 });
+                return jsonResult(result);
+            }
+            if (action === "remove_logo") {
+                const workspace = readStringParam(params, "workspace", { required: true, label: "workspace" });
                 const result = await callGatewayTool("brand.removeLogo", gatewayOpts, { workspace });
                 return jsonResult(result);
             }

package/dist/agents/tools/file-manage-tool.js

@@ -0,0 +1,193 @@
+import fs from "node:fs/promises";
+import path from "node:path";
+import { realpath } from "node:fs/promises";
+import { Type } from "@sinclair/typebox";
+import { resolveAgentWorkspaceRoot, resolveSessionAgentId } from "../agent-scope.js";
+import { stringEnum } from "../schema/typebox.js";
+import { jsonResult, readStringParam } from "./common.js";
+const FileManageSchema = Type.Object({
+    action: stringEnum(["mkdir", "move"], {
+        description: "The operation to perform: 'mkdir' to create a directory, 'move' to move/rename a file or directory.",
+    }),
+    path: Type.String({
+        description: "Target path relative to the workspace root " +
+            "(e.g. 'uploads/invoices', 'memory/users/scratch.md').",
+    }),
+    destination: Type.Optional(Type.String({
+        description: "Destination path relative to the workspace root (required for 'move').",
+    })),
+});
+/**
+ * Protected top-level entries that cannot be created over or moved.
+ * These are structural directories/files whose modification would break the workspace.
+ */
+const PROTECTED_TOP_LEVEL = new Set(["agents", "IDENTITY.md", "SOUL.md", "AGENTS.md"]);
+/**
+ * Validate that `target` is strictly inside `root` (not equal to root).
+ * Both paths must be real (symlinks resolved) before calling.
+ */
+function isInsideRoot(target, root) {
+    const prefix = root.endsWith("/") ? root : `${root}/`;
+    return target.startsWith(prefix);
+}
+/**
+ * Check whether a resolved path's top-level segment is a protected entry.
+ */
+function isProtectedPath(resolved, root) {
+    const relative = path.relative(root, resolved);
+    const topSegment = relative.split(path.sep)[0];
+    if (topSegment && PROTECTED_TOP_LEVEL.has(topSegment)) {
+        return topSegment;
+    }
+    return null;
+}
+export function createFileManageTool(options) {
+    return {
+        label: "File Management",
+        name: "file_manage",
+        description: "Create directories or move/rename files and folders in the workspace. " +
+            "All paths are relative to the workspace root. " +
+            "Cannot modify protected structural paths (agents/, IDENTITY.md, SOUL.md, etc.).",
+        parameters: FileManageSchema,
+        execute: async (_toolCallId, args) => {
+            const params = args;
+            const action = readStringParam(params, "action", { required: true });
+            const rawPath = readStringParam(params, "path", { required: true });
+            // ── Resolve workspace root ──────────────────────────────────
+            const cfg = options?.config;
+            if (!cfg) {
+                return jsonResult({ error: "No config available — cannot resolve workspace." });
+            }
+            const agentId = resolveSessionAgentId({
+                sessionKey: options?.agentSessionKey,
+                config: cfg,
+            });
+            const workspaceRoot = resolveAgentWorkspaceRoot(cfg, agentId);
+            // ── Validate path ───────────────────────────────────────────
+            if (rawPath.includes("\0")) {
+                return jsonResult({ error: "Invalid path." });
+            }
+            const resolved = path.resolve(workspaceRoot, rawPath);
+            // ── Containment check (pre-realpath) ────────────────────────
+            if (!isInsideRoot(resolved, workspaceRoot)) {
+                return jsonResult({ error: "Path is outside the workspace." });
+            }
+            // ── Resolve real workspace root for post-realpath checks ───
+            let realRoot;
+            try {
+                realRoot = await realpath(workspaceRoot);
+            }
+            catch {
+                return jsonResult({ error: "Workspace root is not accessible." });
+            }
+            // ── mkdir ─────────────────────────────────────────────────
+            if (action === "mkdir") {
+                // Protected path check
+                const protectedSegment = isProtectedPath(resolved, workspaceRoot);
+                if (protectedSegment) {
+                    return jsonResult({
+                        error: `Cannot create directory over protected path: ${protectedSegment} is a structural workspace entry.`,
+                    });
+                }
+                try {
+                    await fs.mkdir(resolved, { recursive: true });
+                }
+                catch (err) {
+                    const message = err instanceof Error ? err.message : String(err);
+                    return jsonResult({ error: `Failed to create directory: ${message}` });
+                }
+                // Post-creation containment check (resolves any symlinks created during mkdir)
+                let realTarget;
+                try {
+                    realTarget = await realpath(resolved);
+                }
+                catch {
+                    realTarget = resolved;
+                }
+                if (!isInsideRoot(realTarget, realRoot)) {
+                    // Roll back — the created directory escapes the workspace
+                    try {
+                        await fs.rm(resolved, { recursive: true });
+                    }
+                    catch {
+                        // best-effort cleanup
+                    }
+                    return jsonResult({ error: "Path resolves outside the workspace." });
+                }
+                return jsonResult({
+                    ok: true,
+                    action: "mkdir",
+                    path: rawPath,
+                });
+            }
+            // ── move ──────────────────────────────────────────────────
+            if (action === "move") {
+                const rawDestination = readStringParam(params, "destination");
+                if (!rawDestination) {
+                    return jsonResult({ error: "The 'destination' parameter is required for the 'move' action." });
+                }
+                if (rawDestination.includes("\0")) {
+                    return jsonResult({ error: "Invalid destination path." });
+                }
+                const resolvedDest = path.resolve(workspaceRoot, rawDestination);
+                // Containment check for destination (pre-realpath)
+                if (!isInsideRoot(resolvedDest, workspaceRoot)) {
+                    return jsonResult({ error: "Destination is outside the workspace." });
+                }
+                // Check source exists
+                try {
+                    await fs.lstat(resolved);
+                }
+                catch {
+                    return jsonResult({ error: `Not found: ${rawPath}` });
+                }
+                // Post-realpath containment check for source
+                let realSource;
+                try {
+                    realSource = await realpath(resolved);
+                }
+                catch {
+                    realSource = resolved;
+                }
+                if (!isInsideRoot(realSource, realRoot)) {
+                    return jsonResult({ error: "Source path resolves outside the workspace." });
+                }
+                // Protected path check — cannot move protected entries
+                const protectedSource = isProtectedPath(realSource, realRoot);
+                if (protectedSource) {
+                    return jsonResult({
+                        error: `Cannot move protected path: ${protectedSource} is a structural workspace entry.`,
+                    });
+                }
+                const protectedDest = isProtectedPath(resolvedDest, workspaceRoot);
+                if (protectedDest) {
+                    return jsonResult({
+                        error: `Cannot move to protected path: ${protectedDest} is a structural workspace entry.`,
+                    });
+                }
+                // Ensure destination parent directory exists
+                const destParent = path.dirname(resolvedDest);
+                try {
+                    await fs.mkdir(destParent, { recursive: true });
+                }
+                catch {
+                    // parent may already exist — ignore
+                }
+                try {
+                    await fs.rename(resolved, resolvedDest);
+                }
+                catch (err) {
+                    const message = err instanceof Error ? err.message : String(err);
+                    return jsonResult({ error: `Failed to move: ${message}` });
+                }
+                return jsonResult({
+                    ok: true,
+                    action: "move",
+                    from: rawPath,
+                    to: rawDestination,
+                });
+            }
+            return jsonResult({ error: `Unknown action: ${action}` });
+        },
+    };
+}

package/dist/agents/tools/license-manage-tool.js

@@ -0,0 +1,50 @@
+/**
+ * Agent tool for managing license activation and removal.
+ *
+ * Wraps the gateway `license.status`, `license.activate`, and `license.remove`
+ * RPC methods so the agent can check license state, activate a new license
+ * token, or clear the stored license — without asking the user to open the
+ * Setup UI.
+ */
+import { Type } from "@sinclair/typebox";
+import { stringEnum } from "../schema/typebox.js";
+import { jsonResult, readStringParam } from "./common.js";
+import { callGatewayTool } from "./gateway.js";
+const LICENSE_ACTIONS = ["status", "activate", "remove"];
+const LicenseManageSchema = Type.Object({
+    action: stringEnum(LICENSE_ACTIONS, {
+        description: 'Action to perform: "status" shows current license info and device ID, "activate" validates and stores a license token, "remove" clears the stored license (e.g. for transferring to another device).',
+    }),
+    key: Type.Optional(Type.String({
+        description: "The license token string (required for activate).",
+    })),
+});
+export function createLicenseManageTool() {
+    return {
+        label: "License Management",
+        name: "license_manage",
+        description: "Manage the device license. Use action 'status' to show current license info and device ID, 'activate' to validate and store a license token (key required), or 'remove' to clear the stored license (e.g. for transferring to another device).",
+        parameters: LicenseManageSchema,
+        execute: async (_toolCallId, args) => {
+            const params = args;
+            const action = readStringParam(params, "action", { required: true });
+            switch (action) {
+                case "status": {
+                    const result = await callGatewayTool("license.status", {});
+                    return jsonResult(result);
+                }
+                case "activate": {
+                    const key = readStringParam(params, "key", { required: true });
+                    const result = await callGatewayTool("license.activate", {}, { key });
+                    return jsonResult(result);
+                }
+                case "remove": {
+                    const result = await callGatewayTool("license.remove", {});
+                    return jsonResult(result);
+                }
+                default:
+                    throw new Error(`Unknown action: ${action}. Use "status", "activate", or "remove".`);
+            }
+        },
+    };
+}

package/dist/agents/tools/skill-manage-tool.js

@@ -9,14 +9,16 @@ import { Type } from "@sinclair/typebox";
 import { stringEnum } from "../schema/typebox.js";
 import { jsonResult, readStringParam } from "./common.js";
 import { callGatewayTool } from "./gateway.js";
-const SKILL_MANAGE_ACTIONS = ["list", "create", "update", "delete", "install"];
+const SKILL_MANAGE_ACTIONS = ["list", "create", "update", "delete", "install", "list_drafts", "delete_draft"];
 const SkillManageSchema = Type.Object({
     action: stringEnum(SKILL_MANAGE_ACTIONS, {
         description: '"list" returns all skills with their status. ' +
             '"create" creates a new user skill (name + skillContent required). ' +
             '"update" modifies a skill setting (skillKey required, plus enabled/apiKey/env). ' +
             '"delete" removes a user skill (name required; preloaded skills cannot be deleted). ' +
-            '"install" installs a skill from a remote source (name + installId required).',
+            '"install" installs a skill from a remote source (name + installId required). ' +
+            '"list_drafts" returns all saved skill drafts. ' +
+            '"delete_draft" removes a saved draft (name required).',
     }),
     name: Type.Optional(Type.String({
         description: "Skill name/key (required for create, delete, install).",
@@ -50,7 +52,9 @@ export function createSkillManageTool() {
             '"create" makes a new skill (provide name + skillContent with YAML frontmatter). ' +
             '"update" modifies settings (enabled, apiKey). ' +
             '"delete" removes a user skill (preloaded skills are protected). ' +
-            '"install" adds a skill from a remote source.',
+            '"install" adds a skill from a remote source. ' +
+            '"list_drafts" shows all saved skill drafts. ' +
+            '"delete_draft" removes a saved draft (name required).',
         parameters: SkillManageSchema,
         execute: async (_toolCallId, args) => {
             const params = args;
@@ -99,6 +103,15 @@ export function createSkillManageTool() {
                 const result = await callGatewayTool("skills.install", {}, { name, installId });
                 return jsonResult(result);
             }
+            if (action === "list_drafts") {
+                const result = await callGatewayTool("skills.drafts", {}, {});
+                return jsonResult(result);
+            }
+            if (action === "delete_draft") {
+                const name = readStringParam(params, "name", { required: true, label: "name" });
+                const result = await callGatewayTool("skills.deleteDraft", {}, { name });
+                return jsonResult(result);
+            }
             throw new Error(`Unknown action: ${action}`);
         },
     };

package/dist/auto-reply/reply/commands-context-report.js

@@ -56,7 +56,7 @@ async function resolveContextReport(params) {
             });
         }
         catch {
-            return { prompt: "", skills: [], resolvedSkills: [] };
+            return { prompt: "", skills: [], resolvedSkills: [], skillSpawnEntries: [] };
         }
     })();
     const skillsPrompt = skillsSnapshot.prompt ?? "";
@@ -135,6 +135,7 @@ async function resolveContextReport(params) {
         userTimeFormat,
         contextFiles: injectedFiles,
         skillsPrompt,
+        skillSpawnEntries: skillsSnapshot.skillSpawnEntries,
         heartbeatPrompt: undefined,
         ttsHint,
         runtimeInfo,

package/dist/browser/chrome.js

@@ -219,6 +219,17 @@ export async function launchTaskmasterChrome(resolved, profile) {
     catch (err) {
         log.warn(`Taskmaster browser clean-exit prefs failed: ${String(err)}`);
     }
+    // Remove stale Chromium singleton lock files before launch. These are left
+    // behind after a crash or when the hostname changes (SingletonSocket encodes
+    // the hostname). If present, Chromium refuses to start.
+    for (const name of ["SingletonLock", "SingletonCookie", "SingletonSocket"]) {
+        try {
+            fs.rmSync(path.join(userDataDir, name), { force: true });
+        }
+        catch {
+            // ignore — file may not exist
+        }
+    }
     const proc = spawnOnce();
     // Wait for CDP to come up.
     const readyDeadline = Date.now() + 15_000;

package/dist/build-info.json

@@ -1,5 +1,5 @@
 {
-  "version": "1.42.0",
-  "commit": "a5066df83a7f83107c9e714922f980e35bf44a0e",
-  "builtAt": "2026-03-13T17:11:29.024Z"
+  "version": "1.42.1",
+  "commit": "d860a07a6a2c8b8db885801f38ec7d4d5503d1e0",
+  "builtAt": "2026-03-14T21:34:46.499Z"
 }

package/dist/cli/skills-cli.js

@@ -22,8 +22,7 @@ function formatSkillStatus(skill) {
     return theme.error("✗ missing");
 }
 function formatSkillName(skill) {
-    const emoji = skill.emoji ?? "📦";
-    return `${emoji} ${theme.command(skill.name)}`;
+    return `🧩 ${theme.command(skill.name)}`;
 }
 function formatSkillMissingSummary(skill) {
     const missing = [];
@@ -56,7 +55,6 @@ export function formatSkillsList(report, opts) {
             skills: skills.map((s) => ({
                 name: s.name,
                 description: s.description,
-                emoji: s.emoji,
                 eligible: s.eligible,
                 disabled: s.disabled,
                 blockedByAllowlist: s.blockedByAllowlist,
@@ -119,7 +117,6 @@ export function formatSkillInfo(report, skillName, opts) {
         return JSON.stringify(skill, null, 2);
     }
     const lines = [];
-    const emoji = skill.emoji ?? "📦";
     const status = skill.eligible
         ? theme.success("✓ Ready")
         : skill.disabled
@@ -127,7 +124,7 @@ export function formatSkillInfo(report, skillName, opts) {
             : skill.blockedByAllowlist
                 ? theme.warn("🚫 Blocked by allowlist")
                 : theme.error("✗ Missing requirements");
-    lines.push(`${emoji} ${theme.heading(skill.name)} ${status}`);
+    lines.push(`🧩 ${theme.heading(skill.name)} ${status}`);
     lines.push("");
     lines.push(skill.description);
     lines.push("");
@@ -236,15 +233,13 @@ export function formatSkillsCheck(report, opts) {
         lines.push("");
         lines.push(theme.heading("Ready to use:"));
         for (const skill of eligible) {
-            const emoji = skill.emoji ?? "📦";
-            lines.push(`  ${emoji} ${skill.name}`);
+            lines.push(`  🧩 ${skill.name}`);
         }
     }
     if (missingReqs.length > 0) {
         lines.push("");
         lines.push(theme.heading("Missing requirements:"));
         for (const skill of missingReqs) {
-            const emoji = skill.emoji ?? "📦";
             const missing = [];
             if (skill.missing.bins.length > 0) {
                 missing.push(`bins: ${skill.missing.bins.join(", ")}`);
@@ -261,7 +256,7 @@ export function formatSkillsCheck(report, opts) {
             if (skill.missing.os.length > 0) {
                 missing.push(`os: ${skill.missing.os.join(", ")}`);
             }
-            lines.push(`  ${emoji} ${skill.name} ${theme.muted(`(${missing.join("; ")})`)}`);
+            lines.push(`  🧩 ${skill.name} ${theme.muted(`(${missing.join("; ")})`)}`);
         }
     }
     return appendTaskmasterHubHint(lines.join("\n"), opts.json);

package/dist/commands/onboard-skills.js

@@ -91,7 +91,7 @@ export async function setupSkills(cfg, workspaceDir, runtime, prompter) {
                 },
                 ...installable.map((skill) => ({
                     value: skill.name,
-                    label: `${skill.emoji ?? "🧩"} ${skill.name}`,
+                    label: `🧩 ${skill.name}`,
                     hint: formatSkillHint(skill),
                 })),
             ],

package/dist/config/zod-schema.js

@@ -514,8 +514,12 @@ export const TaskmasterSchema = z
             apiKey: z.string().optional(),
             env: z.record(z.string(), z.string()).optional(),
             config: z.record(z.string(), z.unknown()).optional(),
+            agents: z
+                .array(z.union([z.literal("admin"), z.literal("public"), z.literal("subagent")]))
+                .optional(),
         })
-            .strict())
+            .strict()
+            .refine((val) => !val.agents?.includes("subagent") || val.agents.length === 1, { message: '"subagent" must be the sole value in agents' }))
             .optional(),
     })
         .strict()