npm - @rubytech/taskmaster - Versions diffs - 1.9.4 → 1.9.5 - Mend

@rubytech/taskmaster 1.9.4 → 1.9.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (76) hide show

package/dist/agents/pi-embedded-runner/run/attempt.js CHANGED Viewed

@@ -486,6 +486,46 @@ export async function runEmbeddedAttempt(params) {
                     ? validateAnthropicTurns(validatedGemini)
                     : validatedGemini;
                 const limited = limitHistoryTurns(validated, getEffectiveHistoryLimit(params.sessionKey, params.config));
+                // On the first turn of a public-chat session, inject the configured
+                // greeting as a synthetic assistant message so the agent knows what
+                // the visitor is responding to and treats it as its own opening message.
+                // Greetings are keyed by accountId (workspace), not agentId, so we
+                // resolve which accountId maps to this session's agent.
+                if (limited.length === 0 && params.config?.publicChat?.greetings && params.sessionKey) {
+                    const greetings = params.config.publicChat.greetings;
+                    const { sessionAgentId } = resolveSessionAgentIds({
+                        sessionKey: params.sessionKey,
+                        config: params.config,
+                    });
+                    // Find greeting: try agentId first, then find the accountId whose
+                    // public agent matches this session's agent.
+                    let greetingText = greetings[sessionAgentId];
+                    if (!greetingText) {
+                        for (const [accountId, text] of Object.entries(greetings)) {
+                            if (!text)
+                                continue;
+                            try {
+                                const { resolvePublicAgentId } = await import("../../../gateway/public-chat/session.js");
+                                const mapped = resolvePublicAgentId(params.config, accountId);
+                                if (mapped === sessionAgentId) {
+                                    greetingText = text;
+                                    break;
+                                }
+                            }
+                            catch {
+                                break;
+                            }
+                        }
+                    }
+                    if (greetingText) {
+                        log.info(`Injecting greeting as assistant message: agentId=${sessionAgentId} greeting="${greetingText.slice(0, 60)}"`);
+                        limited.unshift({
+                            role: "assistant",
+                            content: [{ type: "text", text: greetingText }],
+                            timestamp: 0,
+                        });
+                    }
+                }
                 cacheTrace?.recordStage("session:limited", { messages: limited });
                 if (limited.length > 0) {
                     activeSession.agent.replaceMessages(limited);

package/dist/agents/taskmaster-tools.js CHANGED Viewed

@@ -34,6 +34,7 @@ import { createSkillReadTool } from "./tools/skill-read-tool.js";
 import { createApiKeysTool } from "./tools/apikeys-tool.js";
 import { createImageGenerateTool } from "./tools/image-generate-tool.js";
 import { createSoftwareUpdateTool } from "./tools/software-update-tool.js";
+import { createVerifyContactTool, createVerifyContactCodeTool, } from "./tools/verify-contact-tool.js";
 export function createTaskmasterTools(options) {
     const imageTool = options?.agentDir?.trim()
         ? createImageTool({
@@ -147,6 +148,8 @@ export function createTaskmasterTools(options) {
         createContactDeleteTool(),
         createContactLookupTool(),
         createContactUpdateTool(),
+        createVerifyContactTool({ agentSessionKey: options?.agentSessionKey }),
+        createVerifyContactCodeTool({ agentSessionKey: options?.agentSessionKey }),
         createRelayMessageTool(),
         createApiKeysTool(),
         createFileDeleteTool({

package/dist/agents/tool-policy.js CHANGED Viewed

@@ -36,7 +36,14 @@ export const TOOL_GROUPS = {
     // Skill management
     "group:skills": ["skill_read", "skill_draft_save"],
     // Contact record management
-    "group:contacts": ["contact_create", "contact_delete", "contact_lookup", "contact_update"],
+    "group:contacts": [
+        "contact_create",
+        "contact_delete",
+        "contact_lookup",
+        "contact_update",
+        "verify_contact",
+        "verify_contact_code",
+    ],
     // Admin management tools
     "group:admin": ["authorize_admin", "revoke_admin", "list_admins"],
     // All Taskmaster native tools (excludes provider plugins).
@@ -71,6 +78,8 @@ export const TOOL_GROUPS = {
         "file_delete",
         "file_list",
         "skill_draft_save",
+        "verify_contact",
+        "verify_contact_code",
     ],
 };
 // Tools that are never granted by profiles — must be explicitly added to the

package/dist/agents/tools/apikeys-tool.js CHANGED Viewed

@@ -13,7 +13,7 @@ const ApiKeysSchema = Type.Object({
         description: 'Action to perform: "set" stores a key, "list" shows which providers have keys configured, "remove" deletes a stored key, "disable" toggles a key on/off without deleting it.',
     }),
     provider: Type.Optional(Type.String({
-        description: "Provider ID (required for set/remove/disable). Valid providers: anthropic, google, tavily, openai, replicate, hume, brave, elevenlabs.",
+        description: "Provider ID (required for set/remove/disable). Valid providers: anthropic, google, tavily, openai, replicate, hume, brave, elevenlabs, resend.",
     })),
     apiKey: Type.Optional(Type.String({
         description: "The API key value (required for set).",
@@ -26,7 +26,7 @@ export function createApiKeysTool() {
     return {
         label: "API Keys",
         name: "api_keys",
-        description: "Manage API keys for external providers. Use action 'set' to store a key (provider + apiKey required), 'list' to check which providers have keys configured, 'remove' to delete a stored key, or 'disable' to toggle a key on/off without deleting it (provider + disabled required). Valid providers: anthropic, google, tavily, openai, replicate, hume, brave, elevenlabs. Keys are applied immediately without restart.",
+        description: "Manage API keys for external providers. Use action 'set' to store a key (provider + apiKey required), 'list' to check which providers have keys configured, 'remove' to delete a stored key, or 'disable' to toggle a key on/off without deleting it (provider + disabled required). Valid providers: anthropic, google, tavily, openai, replicate, hume, brave, elevenlabs, resend. Keys are applied immediately without restart.",
         parameters: ApiKeysSchema,
         execute: async (_toolCallId, args) => {
             const params = args;

package/dist/agents/tools/file-delete-tool.js CHANGED Viewed

@@ -2,7 +2,7 @@ import fs from "node:fs/promises";
 import path from "node:path";
 import { realpath } from "node:fs/promises";
 import { Type } from "@sinclair/typebox";
-import { resolveAgentWorkspaceRoot, resolveSessionAgentId } from "../agent-scope.js";
+import { resolveAgentWorkspaceDir, resolveAgentWorkspaceRoot, resolveSessionAgentId, } from "../agent-scope.js";
 import { jsonResult, readStringParam } from "./common.js";
 const FileDeleteSchema = Type.Object({
     path: Type.String({
@@ -18,13 +18,7 @@ const FileDeleteSchema = Type.Object({
  * Protected top-level entries that cannot be deleted.
  * These are structural directories/files whose removal would break the workspace.
  */
-const PROTECTED_TOP_LEVEL = new Set([
-    "agents",
-    "IDENTITY.md",
-    "SOUL.md",
-    "AGENTS.md",
-    "TOOLS.md",
-]);
+const PROTECTED_TOP_LEVEL = new Set(["agents", "IDENTITY.md", "SOUL.md", "AGENTS.md", "TOOLS.md"]);
 /**
  * Validate that `target` is strictly inside `root` (not equal to root).
  * Both paths must be real (symlinks resolved) before calling.
@@ -56,12 +50,17 @@ export function createFileDeleteTool(options) {
                 config: cfg,
             });
             const workspaceRoot = resolveAgentWorkspaceRoot(cfg, agentId);
+            const agentWorkspaceDir = resolveAgentWorkspaceDir(cfg, agentId);
             // ── Normalise and resolve target ────────────────────────────
             // Reject obviously malicious patterns before touching the filesystem.
             if (rawPath.includes("\0")) {
                 return jsonResult({ error: "Invalid path." });
             }
-            const resolved = path.resolve(workspaceRoot, rawPath);
+            // Memory paths resolve relative to the agent's workspace dir, which
+            // contains shared-scope symlinks alongside agent-scoped subdirectories.
+            const isMemoryPath = rawPath === "memory" || rawPath.startsWith("memory/");
+            const base = isMemoryPath ? agentWorkspaceDir : workspaceRoot;
+            const resolved = path.resolve(base, rawPath);
             // ── Containment check (pre-realpath) ────────────────────────
             if (!isInsideRoot(resolved, workspaceRoot)) {
                 return jsonResult({ error: "Path is outside the workspace." });
@@ -94,12 +93,18 @@ export function createFileDeleteTool(options) {
                 return jsonResult({ error: "Path resolves outside the workspace." });
             }
             // ── Protected path check ────────────────────────────────────
-            const relative = path.relative(realRoot, realTarget);
-            const topSegment = relative.split(path.sep)[0];
-            if (topSegment && PROTECTED_TOP_LEVEL.has(topSegment)) {
-                return jsonResult({
-                    error: `Cannot delete protected path: ${topSegment} is a structural workspace entry.`,
-                });
+            // Memory paths physically reside under agents/<id>/memory/ but the
+            // user addresses them as memory/…  — they are never structural entries.
+            // Only apply the structural protection for non-memory paths resolved
+            // against the workspace root.
+            if (!isMemoryPath) {
+                const relative = path.relative(realRoot, realTarget);
+                const topSegment = relative.split(path.sep)[0];
+                if (topSegment && PROTECTED_TOP_LEVEL.has(topSegment)) {
+                    return jsonResult({
+                        error: `Cannot delete protected path: ${topSegment} is a structural workspace entry.`,
+                    });
+                }
             }
             // ── Delete ──────────────────────────────────────────────────
             try {

package/dist/agents/tools/file-list-tool.js CHANGED Viewed

@@ -2,7 +2,7 @@ import fs from "node:fs/promises";
 import path from "node:path";
 import { realpath } from "node:fs/promises";
 import { Type } from "@sinclair/typebox";
-import { resolveAgentWorkspaceRoot, resolveSessionAgentId } from "../agent-scope.js";
+import { resolveAgentWorkspaceDir, resolveAgentWorkspaceRoot, resolveSessionAgentId, } from "../agent-scope.js";
 import { jsonResult, readStringParam, readNumberParam } from "./common.js";
 const FileListSchema = Type.Object({
     path: Type.Optional(Type.String({
@@ -82,11 +82,18 @@ export function createFileListTool(options) {
                 config: cfg,
             });
             const workspaceRoot = resolveAgentWorkspaceRoot(cfg, agentId);
+            const agentWorkspaceDir = resolveAgentWorkspaceDir(cfg, agentId);
             // ── Normalise and resolve target ────────────────────────────
             if (rawPath.includes("\0")) {
                 return jsonResult({ error: "Invalid path." });
             }
-            const resolved = rawPath ? path.resolve(workspaceRoot, rawPath) : workspaceRoot;
+            // Memory paths resolve relative to the agent's workspace dir, which
+            // contains shared-scope symlinks (groups/, users/, …) alongside
+            // agent-scoped subdirectories (admin/, notes/, uploads/).  The
+            // workspace root's memory/ only has the shared scopes.
+            const isMemoryPath = rawPath === "memory" || rawPath.startsWith("memory/");
+            const base = isMemoryPath ? agentWorkspaceDir : workspaceRoot;
+            const resolved = rawPath ? path.resolve(base, rawPath) : workspaceRoot;
             // ── Containment check ───────────────────────────────────────
             let realTarget;
             try {

package/dist/agents/tools/verify-contact-tool.js ADDED Viewed

@@ -0,0 +1,197 @@
+/**
+ * Cross-authentication tool -- links a second identifier (phone or email) to an
+ * existing contact by sending an OTP to the new identifier and verifying it.
+ *
+ * Two-step flow:
+ *   1. verify_contact -- sends OTP to the unverified identifier
+ *   2. verify_contact_code -- confirms the OTP and updates the contact record
+ */
+import { Type } from "@sinclair/typebox";
+import { loadConfig } from "../../config/config.js";
+import { deliverOtp } from "../../gateway/public-chat/deliver-otp.js";
+import { requestOtp, verifyOtp } from "../../gateway/public-chat/otp.js";
+import { findRecordByEmail, findRecordByPhone, getRecord, setRecord, } from "../../records/records-manager.js";
+import { resolveAgentBoundAccountId } from "../../routing/bindings.js";
+import { jsonResult } from "./common.js";
+/** In-memory pending cross-auth keyed by session key. */
+const pendingCrossAuth = new Map();
+const VerifyContactSchema = Type.Object({
+    type: Type.Union([Type.Literal("phone"), Type.Literal("email")], {
+        description: 'The type of identifier to verify: "phone" or "email".',
+    }),
+    value: Type.String({
+        description: "The phone number (E.164 format) or email address to send the verification code to.",
+    }),
+});
+const VerifyContactCodeSchema = Type.Object({
+    code: Type.String({ description: "The 6-digit verification code." }),
+});
+/** Extract the peer identifier from a DM session key (agent:x:dm:identifier). */
+function extractPeerId(sessionKey) {
+    const match = sessionKey.match(/^agent:[^:]+:dm:(.+)$/);
+    return match?.[1];
+}
+/** Extract the agent ID from a session key (agent:x:...). */
+function extractAgentId(sessionKey) {
+    const match = sessionKey.match(/^agent:([^:]+):/);
+    return match?.[1];
+}
+/** Resolve the contact record for a given peer identifier. */
+function resolveContactForPeer(peerId) {
+    const isEmailPeer = peerId.includes("@");
+    if (isEmailPeer)
+        return findRecordByEmail(peerId);
+    return findRecordByPhone(peerId) ?? getRecord(peerId);
+}
+export function createVerifyContactTool(opts) {
+    const sessionKey = opts?.agentSessionKey;
+    return {
+        label: "Verification",
+        name: "verify_contact",
+        description: "Send a verification code to a phone number or email address to cross-authenticate the current contact. " +
+            "Use this when a contact who authenticated via one method (e.g. email) provides their other identifier " +
+            "(e.g. phone number) and you want to verify and link it to their contact record.",
+        parameters: VerifyContactSchema,
+        execute: async (_toolCallId, args) => {
+            const params = args;
+            if (!sessionKey) {
+                return jsonResult({ success: false, error: "no active session" });
+            }
+            const peerId = extractPeerId(sessionKey);
+            if (!peerId || peerId.startsWith("anon-")) {
+                return jsonResult({
+                    success: false,
+                    error: "contact must be authenticated (not anonymous) to cross-verify",
+                });
+            }
+            const contact = resolveContactForPeer(peerId);
+            if (!contact) {
+                return jsonResult({
+                    success: false,
+                    error: `no contact record found for ${peerId}`,
+                });
+            }
+            // Check they don't already have this identifier
+            if (params.type === "email" && contact.email) {
+                return jsonResult({
+                    success: false,
+                    error: `contact already has email: ${contact.email}`,
+                });
+            }
+            if (params.type === "phone" && contact.phone) {
+                return jsonResult({
+                    success: false,
+                    error: `contact already has phone: ${contact.phone}`,
+                });
+            }
+            // Check for conflicts -- another contact already using this identifier
+            const existing = params.type === "email" ? findRecordByEmail(params.value) : findRecordByPhone(params.value);
+            if (existing && existing.id !== contact.id) {
+                return jsonResult({
+                    success: false,
+                    error: `another contact (${existing.name}) already uses this ${params.type}`,
+                });
+            }
+            // Request and deliver OTP
+            const normalized = params.type === "email" ? params.value.toLowerCase() : params.value;
+            const otpResult = requestOtp(normalized);
+            if (!otpResult.ok) {
+                return jsonResult({
+                    success: false,
+                    error: "rate limited -- try again shortly",
+                    retryAfterMs: otpResult.retryAfterMs,
+                });
+            }
+            const cfg = loadConfig();
+            const agentId = extractAgentId(sessionKey);
+            const whatsappAccountId = agentId
+                ? (resolveAgentBoundAccountId(cfg, agentId, "whatsapp") ?? undefined)
+                : undefined;
+            try {
+                const delivery = await deliverOtp(normalized, otpResult.code, whatsappAccountId);
+                pendingCrossAuth.set(sessionKey, {
+                    type: params.type,
+                    value: normalized,
+                    contactId: contact.id,
+                });
+                return jsonResult({
+                    success: true,
+                    message: `Verification code sent via ${delivery.channel}. Ask the contact for the code.`,
+                    channel: delivery.channel,
+                });
+            }
+            catch (err) {
+                return jsonResult({
+                    success: false,
+                    error: err instanceof Error ? err.message : "failed to send verification code",
+                });
+            }
+        },
+    };
+}
+export function createVerifyContactCodeTool(opts) {
+    const sessionKey = opts?.agentSessionKey;
+    return {
+        label: "Verification",
+        name: "verify_contact_code",
+        description: "Verify a cross-authentication code. Call this after verify_contact when the contact provides the 6-digit code.",
+        parameters: VerifyContactCodeSchema,
+        execute: async (_toolCallId, args) => {
+            const params = args;
+            if (!sessionKey) {
+                return jsonResult({ success: false, error: "no active session" });
+            }
+            const pending = pendingCrossAuth.get(sessionKey);
+            if (!pending) {
+                return jsonResult({
+                    success: false,
+                    error: "no pending cross-verification -- call verify_contact first",
+                });
+            }
+            const result = verifyOtp(pending.value, params.code);
+            if (!result.ok) {
+                const messages = {
+                    not_found: "no pending verification -- code may have expired",
+                    expired: "verification code expired -- request a new one",
+                    max_attempts: "too many attempts -- request a new code",
+                    invalid: "incorrect code",
+                };
+                // Don't clear pending on invalid code -- let them retry
+                if (result.error !== "invalid") {
+                    pendingCrossAuth.delete(sessionKey);
+                }
+                return jsonResult({
+                    success: false,
+                    error: messages[result.error] ?? "verification failed",
+                });
+            }
+            // Update contact record with the linked identifier
+            const contact = getRecord(pending.contactId);
+            if (!contact) {
+                pendingCrossAuth.delete(sessionKey);
+                return jsonResult({ success: false, error: "contact record not found" });
+            }
+            const updateInput = {
+                name: contact.name,
+                fields: contact.fields,
+                workspace: contact.workspace,
+            };
+            if (pending.type === "email")
+                updateInput.email = pending.value;
+            else
+                updateInput.phone = pending.value;
+            const updated = setRecord(contact.id, updateInput);
+            pendingCrossAuth.delete(sessionKey);
+            return jsonResult({
+                success: true,
+                message: `${pending.type} verified and linked to contact ${updated.name}.`,
+                contact: {
+                    id: updated.id,
+                    name: updated.name,
+                    email: updated.email,
+                    phone: updated.phone,
+                },
+            });
+        },
+    };
+}

package/dist/agents/workspace-migrations.js ADDED Viewed

@@ -0,0 +1,163 @@
+/**
+ * Workspace migrations — patches applied to deployed workspace files on gateway startup.
+ *
+ * Unlike bundled skills (which are whole-directory copies), workspace files like
+ * AGENTS.md are customised per-deployment (owner names, phone numbers, business
+ * details). Migrations patch these files in-place — checking for existing content
+ * first so they're idempotent.
+ *
+ * Each migration runs on every startup. They must be safe to re-run (no-op when
+ * the change is already present).
+ */
+import fs from "node:fs/promises";
+import path from "node:path";
+import { createSubsystemLogger } from "../logging/subsystem.js";
+import { listAgentIds, resolveAgentWorkspaceDir } from "./agent-scope.js";
+const log = createSubsystemLogger("workspace-migrations");
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+/** Patterns that indicate a public-facing (non-admin) agent. */
+const PUBLIC_AGENT_INDICATORS = [
+    "customer-facing",
+    "Public Agent",
+    "public agent",
+    "parent and student-facing",
+    "booking agent",
+    "promotional instance",
+];
+/** Formatting section headers commonly found at the end of AGENTS files. */
+const FORMATTING_HEADERS = ["## WhatsApp Formatting", "## Message Formatting", "## Formatting"];
+/** Section headers that typically precede "## Capabilities" in admin agents. */
+const CAPABILITIES_HEADERS = ["## Capabilities", "## Stripe CLI Operations", "## User Management"];
+function isPublicAgent(content) {
+    return PUBLIC_AGENT_INDICATORS.some((p) => content.includes(p));
+}
+/**
+ * Find the index of a formatting-style section to insert before.
+ * Returns -1 if no known section is found.
+ */
+function findFormattingInsertPoint(content) {
+    for (const header of FORMATTING_HEADERS) {
+        const idx = content.lastIndexOf(header);
+        if (idx !== -1)
+            return idx;
+    }
+    return -1;
+}
+/**
+ * Find the index of a "## Capabilities" or similar section to insert before.
+ * Returns -1 if no known section is found.
+ */
+function findCapabilitiesInsertPoint(content) {
+    for (const header of CAPABILITIES_HEADERS) {
+        const idx = content.indexOf(header);
+        if (idx !== -1)
+            return idx;
+    }
+    return -1;
+}
+/**
+ * Insert a section into AGENTS.md content at the best position.
+ * Uses the provided finder to locate an insertion point; falls back to appending.
+ */
+function insertSection(content, section, findInsertPoint) {
+    const insertIdx = findInsertPoint(content);
+    if (insertIdx !== -1) {
+        return content.slice(0, insertIdx) + section + "\n\n---\n\n" + content.slice(insertIdx);
+    }
+    return content.trimEnd() + "\n\n---\n\n" + section + "\n";
+}
+// ---------------------------------------------------------------------------
+// Migration: Skill Recommendations (v1.9)
+// ---------------------------------------------------------------------------
+const ADMIN_SKILL_SECTION = `## Skill Recommendations
+When you notice a task that follows a repeatable pattern — something that has come up before or is likely to recur — proactively suggest creating a skill for it. Skills encode processes so they're followed consistently every time, without relying on memory or re-explanation.
+**Signs a task should be a skill:**
+- You've handled the same type of request more than once
+- The task has clear steps that shouldn't vary between occurrences
+- Getting it wrong has consequences (compliance, accuracy, customer experience)
+- The process involves domain knowledge that shouldn't be guessed at
+Don't wait to be asked. If you spot the pattern, recommend it.`;
+const PUBLIC_SKILL_SECTION = `## Spotting Repeatable Patterns
+When you find yourself repeatedly handling the same type of request — following the same steps, giving the same guidance, or applying the same rules — note the pattern in memory for review. Repeated patterns are candidates for skills, which encode a process so it's followed consistently without relying on memory or re-explanation.`;
+function hasSkillSection(content) {
+    return (content.includes("## Skill Recommendations") ||
+        content.includes("## Spotting Repeatable Patterns"));
+}
+async function patchSkillRecommendations(agentsPath, content) {
+    if (hasSkillSection(content))
+        return null;
+    const section = isPublicAgent(content) ? PUBLIC_SKILL_SECTION : ADMIN_SKILL_SECTION;
+    return insertSection(content, section, findFormattingInsertPoint);
+}
+// ---------------------------------------------------------------------------
+// Migration: Owner Learning (v1.9)
+// ---------------------------------------------------------------------------
+const OWNER_LEARNING_SECTION = `## Learning About Your Operator
+You talk to the same person every day. An assistant that adapts to how someone thinks and works is more useful than one that starts fresh every session.
+Pay attention to how they communicate, what they care about, how they make decisions, and what works well between you. When you notice something worth remembering — a preference, a pattern, a lesson about working with them — update \`USER.md\` or store it in \`memory/admin/\`.
+This isn't a one-time setup. USER.md should grow as your understanding of them deepens: their communication style, decision-making patterns, working rhythms, what they delegate vs handle personally, and what kind of updates they actually find valuable.`;
+function hasOwnerLearningSection(content) {
+    return content.includes("## Learning About") || content.includes("## Learning about");
+}
+async function patchOwnerLearning(agentsPath, content) {
+    // Only admin agents — public agents don't have USER.md or admin memory.
+    if (isPublicAgent(content))
+        return null;
+    if (hasOwnerLearningSection(content))
+        return null;
+    return insertSection(content, OWNER_LEARNING_SECTION, findCapabilitiesInsertPoint);
+}
+const MIGRATIONS = [
+    { name: "skill-recommendations", apply: patchSkillRecommendations },
+    { name: "owner-learning", apply: patchOwnerLearning },
+];
+/**
+ * Run all workspace migrations for every configured agent.
+ * Called once at gateway startup, after bundled skill sync.
+ */
+export async function runWorkspaceMigrations(cfg) {
+    const agentIds = listAgentIds(cfg);
+    for (const agentId of agentIds) {
+        const wsDir = resolveAgentWorkspaceDir(cfg, agentId);
+        const agentsPath = path.join(wsDir, "AGENTS.md");
+        let content;
+        try {
+            content = await fs.readFile(agentsPath, "utf-8");
+        }
+        catch {
+            continue; // No AGENTS.md — nothing to patch.
+        }
+        let current = content;
+        const applied = [];
+        for (const migration of MIGRATIONS) {
+            try {
+                const result = await migration.apply(agentsPath, current);
+                if (result !== null) {
+                    current = result;
+                    applied.push(migration.name);
+                }
+            }
+            catch (err) {
+                log.warn(`migration "${migration.name}" failed for agent "${agentId}": ${String(err)}`);
+            }
+        }
+        if (applied.length > 0) {
+            try {
+                await fs.writeFile(agentsPath, current, "utf-8");
+                log.info(`patched AGENTS.md for agent "${agentId}": ${applied.join(", ")}`);
+            }
+            catch (err) {
+                log.warn(`failed to write AGENTS.md for agent "${agentId}": ${String(err)}`);
+            }
+        }
+    }
+}

package/dist/build-info.json CHANGED Viewed

@@ -1,5 +1,5 @@
 {
-  "version": "1.9.4",
-  "commit": "e9bf5d4257f77aff7d7c7c4e63905bd36b515877",
-  "builtAt": "2026-02-27T08:18:37.555Z"
+  "version": "1.9.5",
+  "commit": "521c1bca1da1357a98d5afc5f71aafcf2a5831b8",
+  "builtAt": "2026-02-28T15:36:00.493Z"
 }

package/dist/config/defaults.js CHANGED Viewed

@@ -443,6 +443,10 @@ export function applyApiKeys(config) {
             };
             continue;
         }
+        if (provider === "resend") {
+            cfg = setNestedKey(cfg, ["publicChat", "email", "apiKey"], trimmedKey);
+            continue;
+        }
     }
     return cfg;
 }

package/dist/config/legacy.migrations.part-3.js CHANGED Viewed

@@ -321,4 +321,28 @@ export const LEGACY_CONFIG_MIGRATIONS_PART_3 = [
             }
         },
     },
+    {
+        id: "publicChat-greeting-to-greetings-map",
+        describe: "Migrate publicChat.greeting (global string) to publicChat.greetings (per-account map)",
+        apply: (raw, changes) => {
+            const pc = getRecord(raw.publicChat);
+            if (!pc)
+                return;
+            if (typeof pc.greeting !== "string" || !pc.greeting)
+                return;
+            const text = pc.greeting;
+            delete pc.greeting;
+            // Associate the old greeting with the default workspace/account
+            const defaultId = resolveDefaultAgentIdFromRaw(raw);
+            if (defaultId) {
+                if (!isRecord(pc.greetings))
+                    pc.greetings = {};
+                pc.greetings[defaultId] = text;
+                changes.push(`Migrated publicChat.greeting to publicChat.greetings["${defaultId}"].`);
+            }
+            else {
+                changes.push("Removed orphaned publicChat.greeting (no default account to associate with).");
+            }
+        },
+    },
 ];

package/dist/config/zod-schema.js CHANGED Viewed

@@ -571,7 +571,28 @@ export const TaskmasterSchema = z
         auth: z
             .union([z.literal("anonymous"), z.literal("verified"), z.literal("choice")])
             .optional(),
+        verifyMethods: z
+            .array(z.union([z.literal("phone"), z.literal("email")]))
+            .min(1)
+            .optional(),
         cookieTtlDays: z.number().int().positive().optional(),
+        greeting: z.string().max(500).optional(), // deprecated — migrated to greetings map
+        greetings: z.record(z.string(), z.string().max(500)).optional(),
+        sms: z
+            .object({
+            accountSid: z.string().optional(),
+            authToken: z.string().optional(),
+            fromNumber: z.string().optional(),
+        })
+            .strict()
+            .optional(),
+        email: z
+            .object({
+            apiKey: z.string().optional(),
+            from: z.string().optional(),
+        })
+            .strict()
+            .optional(),
     })
         .strict()
         .optional(),