@sentry/junior 0.44.0 → 0.46.0

package/dist/app.js

@@ -31,7 +31,7 @@ import {
   runNonInteractiveCommand,
   sandboxSkillDir,
   sandboxSkillFile
-} from "./chunk-QAMTCT2R.js";
+} from "./chunk-ELM6HJ6S.js";
 import {
   CredentialUnavailableError,
   buildOAuthTokenRequest,
@@ -1274,6 +1274,37 @@ async function addReactionToMessage(input) {
   }
   return { ok: true };
 }
+async function removeReactionFromMessage(input) {
+  const channelId = requireSlackConversationId(
+    input.channelId,
+    "Slack reaction removal"
+  );
+  const timestamp = requireSlackMessageTimestamp(
+    input.timestamp,
+    "Slack reaction removal"
+  );
+  const emoji = normalizeSlackEmojiName(input.emoji);
+  if (!emoji) {
+    throw new Error("Slack reaction removal requires a valid emoji alias name");
+  }
+  try {
+    await withSlackRetries(
+      () => getSlackClient().reactions.remove({
+        channel: channelId,
+        timestamp,
+        name: emoji
+      }),
+      3,
+      { action: "reactions.remove" }
+    );
+  } catch (error) {
+    if (error instanceof SlackActionError && error.code === "no_reaction") {
+      return { ok: true };
+    }
+    throw error;
+  }
+  return { ok: true };
+}
 
 // src/chat/oauth-flow.ts
 var OAUTH_STATE_TTL_MS = 10 * 60 * 1e3;
@@ -2088,6 +2119,10 @@ function markTurnFailed(args) {
 }
 
 // src/chat/runtime/turn-user-message.ts
+function normalizeSlackMessageTs(value) {
+  const trimmed = value?.trim();
+  return trimmed && /^\d+(?:\.\d+)?$/.test(trimmed) ? trimmed : void 0;
+}
 function getTurnUserMessage(conversation, sessionId) {
   for (let index = conversation.messages.length - 1; index >= 0; index -= 1) {
     const message = conversation.messages[index];
@@ -2103,6 +2138,9 @@ function getTurnUserMessage(conversation, sessionId) {
 function getTurnUserMessageId(conversation, sessionId) {
   return getTurnUserMessage(conversation, sessionId)?.id;
 }
+function getTurnUserSlackMessageTs(message) {
+  return normalizeSlackMessageTs(message?.meta?.slackTs) ?? normalizeSlackMessageTs(message?.id);
+}
 function getTurnUserReplyAttachmentContext(message) {
   const inboundAttachmentCount = message?.meta?.attachmentCount ?? 0;
   const imageAttachmentCount = message?.meta?.imageAttachmentCount ?? 0;
@@ -8600,7 +8638,6 @@ function resolveChannelCapabilities(channelId) {
 import fs4 from "fs/promises";
 
 // src/chat/sandbox/egress-policy.ts
-var SANDBOX_EGRESS_PROXY_PATH = "/api/internal/sandbox-egress";
 function matchesSandboxEgressDomain(host, domain) {
   return host.toLowerCase() === domain.toLowerCase();
 }
@@ -8622,31 +8659,24 @@ function resolveSandboxEgressProviderForHost(host) {
     (entry) => entry.domains.some((domain) => matchesSandboxEgressDomain(host, domain))
   )?.provider;
 }
-function proxyUrl(egressId) {
+function sandboxProxyUrl() {
   const baseUrl = resolveBaseUrl();
   if (!baseUrl) {
-    return void 0;
-  }
-  const url = new URL(
-    `${SANDBOX_EGRESS_PROXY_PATH}/${encodeURIComponent(egressId)}`,
-    baseUrl
-  );
-  return url.toString();
-}
-function buildSandboxEgressNetworkPolicy(egressId) {
-  const entries = providerEntries();
-  if (entries.length === 0) {
-    return void 0;
-  }
-  const forwardURL = proxyUrl(egressId);
-  if (!forwardURL) {
     throw new Error(
       "Cannot determine base URL for sandbox credential egress (set JUNIOR_BASE_URL or deploy to Vercel)"
     );
   }
+  return new URL("/", baseUrl).toString();
+}
+function buildSandboxEgressNetworkPolicy() {
   const allow = {
     "*": []
   };
+  const entries = providerEntries();
+  if (entries.length === 0) {
+    return { allow };
+  }
+  const forwardURL = sandboxProxyUrl();
   for (const entry of entries) {
     for (const domain of entry.domains) {
       allow[domain] = [{ forwardURL }];
@@ -8654,11 +8684,14 @@ function buildSandboxEgressNetworkPolicy(egressId) {
   }
   return { allow };
 }
-async function resolveSandboxCommandEnvironment() {
+async function resolveSandboxCommandEnvironment(provider) {
   const env = {};
   for (const plugin of getPluginProviders().sort(
     (left, right) => left.manifest.name.localeCompare(right.manifest.name)
   )) {
+    if (provider && plugin.manifest.name !== provider) {
+      continue;
+    }
     Object.assign(env, resolvePluginCommandEnv(plugin.manifest));
     const credentials = plugin.manifest.credentials;
     if (credentials) {
@@ -9975,7 +10008,6 @@ function createSandboxSessionManager(options) {
     return {
       bash: async (input) => {
         const commandEgressId = sandboxInstance.sandboxEgressId;
-        await options?.beforeCommand?.(commandEgressId);
         let timedOut = false;
         let timeoutId;
         let commandFinished = false;
@@ -9985,6 +10017,7 @@ function createSandboxSessionManager(options) {
           }
           commandFinished = true;
           await options?.afterCommand?.(commandEgressId);
+          await refreshNetworkPolicy(sandboxInstance);
         };
         const finishCommandBestEffort = async () => {
           try {
@@ -10002,6 +10035,8 @@ function createSandboxSessionManager(options) {
           }
         };
         try {
+          await options?.beforeCommand?.(commandEgressId);
+          await refreshNetworkPolicy(sandboxInstance);
           const sandboxCommandEnv = await resolveCommandEnv();
           const script = buildNonInteractiveShellScript(input.command, {
             env: { ...sandboxCommandEnv, ...input.env ?? {} },
@@ -10125,14 +10160,14 @@ function createSandboxExecutor(options) {
   let referenceFiles = [];
   const traceContext = options?.traceContext ?? {};
   const credentialEgress = options?.credentialEgress;
-  const syncSandboxEgressSession = credentialEgress ? async (egressId) => {
+  const authorizeSandboxEgressForCommand = credentialEgress ? async (egressId) => {
     await upsertSandboxEgressSession({
       egressId,
       requesterId: credentialEgress.requesterId,
       ttlMs: options?.timeoutMs
     });
   } : void 0;
-  const clearSandboxEgressSessionForCommand = credentialEgress ? async (egressId) => {
+  const clearSandboxEgressForCommand = credentialEgress ? async (egressId) => {
     await clearSandboxEgressSession(egressId);
   } : void 0;
   const sessionManager = createSandboxSessionManager({
@@ -10140,10 +10175,13 @@ function createSandboxExecutor(options) {
     sandboxDependencyProfileHash: options?.sandboxDependencyProfileHash,
     timeoutMs: options?.timeoutMs,
     traceContext,
-    commandEnv: credentialEgress ? async () => await resolveSandboxCommandEnvironment() : void 0,
+    commandEnv: credentialEgress ? async () => {
+      const provider = credentialEgress.activeProvider?.();
+      return provider ? await resolveSandboxCommandEnvironment(provider) : {};
+    } : void 0,
     createNetworkPolicy: credentialEgress ? buildSandboxEgressNetworkPolicy : void 0,
-    beforeCommand: syncSandboxEgressSession,
-    afterCommand: clearSandboxEgressSessionForCommand,
+    beforeCommand: authorizeSandboxEgressForCommand,
+    afterCommand: clearSandboxEgressForCommand,
     onSandboxAcquired: async (sandbox) => {
       await options?.onSandboxAcquired?.(sandbox);
     }
@@ -10620,70 +10658,461 @@ function normalizeToolResult(result, isSandboxResult) {
   };
 }
 
-// src/chat/tools/execution/tool-error-handler.ts
-function getToolErrorAttributes(error) {
-  if (!(error instanceof SlackActionError)) {
-    return {};
+// src/chat/credentials/unlink-provider.ts
+async function unlinkProvider(userId, provider, userTokenStore) {
+  await Promise.all([
+    userTokenStore.delete(userId, provider),
+    deleteMcpStoredOAuthCredentials(userId, provider),
+    deleteMcpServerSessionId(userId, provider),
+    deleteMcpAuthSessionsForUserProvider(userId, provider)
+  ]);
+}
+
+// src/chat/state/turn-session-store.ts
+var AGENT_TURN_SESSION_PREFIX = "junior:agent_turn_session";
+var AGENT_TURN_SESSION_TTL_MS = 24 * 60 * 60 * 1e3;
+function agentTurnSessionKey(conversationId, sessionId) {
+  return `${AGENT_TURN_SESSION_PREFIX}:${conversationId}:${sessionId}`;
+}
+function parseAgentTurnSessionCheckpoint(value) {
+  if (typeof value !== "string") {
+    return void 0;
   }
-  return {
-    "app.slack.error_code": error.code,
-    ...error.apiError ? { "app.slack.api_error": error.apiError } : {},
-    ...error.detail ? { "app.slack.detail": error.detail } : {},
-    ...error.detailLine !== void 0 ? { "app.slack.detail_line": error.detailLine } : {},
-    ...error.detailRule ? { "app.slack.detail_rule": error.detailRule } : {}
+  try {
+    const parsed = JSON.parse(value);
+    if (!isRecord(parsed)) {
+      return void 0;
+    }
+    const status = parsed.state;
+    if (status !== "running" && status !== "awaiting_resume" && status !== "completed" && status !== "failed" && status !== "superseded") {
+      return void 0;
+    }
+    const conversationId = parsed.conversationId;
+    const sessionId = parsed.sessionId;
+    const sliceId = parsed.sliceId;
+    const checkpointVersion = parsed.checkpointVersion;
+    const updatedAtMs = parsed.updatedAtMs;
+    if (typeof conversationId !== "string" || typeof sessionId !== "string" || typeof sliceId !== "number" || typeof checkpointVersion !== "number" || typeof updatedAtMs !== "number") {
+      return void 0;
+    }
+    return {
+      checkpointVersion,
+      conversationId,
+      sessionId,
+      sliceId,
+      state: status,
+      updatedAtMs,
+      piMessages: Array.isArray(parsed.piMessages) ? parsed.piMessages : [],
+      ...Array.isArray(parsed.loadedSkillNames) ? {
+        loadedSkillNames: parsed.loadedSkillNames.filter(
+          (value2) => typeof value2 === "string"
+        )
+      } : {},
+      ...parsed.resumeReason === "timeout" || parsed.resumeReason === "auth" ? { resumeReason: parsed.resumeReason } : {},
+      ...typeof parsed.errorMessage === "string" ? { errorMessage: parsed.errorMessage } : {},
+      ...typeof parsed.resumedFromSliceId === "number" ? { resumedFromSliceId: parsed.resumedFromSliceId } : {}
+    };
+  } catch {
+    return void 0;
+  }
+}
+async function getAgentTurnSessionCheckpoint(conversationId, sessionId) {
+  const stateAdapter = getStateAdapter();
+  await stateAdapter.connect();
+  const value = await stateAdapter.get(
+    agentTurnSessionKey(conversationId, sessionId)
+  );
+  return parseAgentTurnSessionCheckpoint(value);
+}
+async function upsertAgentTurnSessionCheckpoint(args) {
+  const stateAdapter = getStateAdapter();
+  await stateAdapter.connect();
+  const existing = await getAgentTurnSessionCheckpoint(
+    args.conversationId,
+    args.sessionId
+  );
+  const checkpoint = {
+    checkpointVersion: (existing?.checkpointVersion ?? 0) + 1,
+    conversationId: args.conversationId,
+    sessionId: args.sessionId,
+    sliceId: args.sliceId,
+    state: args.state,
+    updatedAtMs: Date.now(),
+    piMessages: Array.isArray(args.piMessages) ? args.piMessages : [],
+    ...Array.isArray(args.loadedSkillNames) ? {
+      loadedSkillNames: args.loadedSkillNames.filter(
+        (value) => typeof value === "string"
+      )
+    } : {},
+    ...args.resumeReason ? { resumeReason: args.resumeReason } : {},
+    ...args.errorMessage ? { errorMessage: args.errorMessage } : {},
+    ...typeof args.resumedFromSliceId === "number" ? { resumedFromSliceId: args.resumedFromSliceId } : {}
   };
+  const ttlMs = Math.max(1, args.ttlMs ?? AGENT_TURN_SESSION_TTL_MS);
+  await stateAdapter.set(
+    agentTurnSessionKey(args.conversationId, args.sessionId),
+    JSON.stringify(checkpoint),
+    ttlMs
+  );
+  return checkpoint;
 }
-function handleToolExecutionError(error, toolName, toolCallId, shouldTrace, traceContext) {
-  const errorType = getMcpAwareErrorType(error, "tool_execution_error");
-  const errorMessage = getMcpAwareErrorMessage(error);
-  setSpanAttributes({
-    "error.type": errorType
+async function supersedeAgentTurnSessionCheckpoint(args) {
+  const existing = await getAgentTurnSessionCheckpoint(
+    args.conversationId,
+    args.sessionId
+  );
+  if (!existing || existing.state === "completed" || existing.state === "failed" || existing.state === "superseded") {
+    return void 0;
+  }
+  return await upsertAgentTurnSessionCheckpoint({
+    conversationId: existing.conversationId,
+    sessionId: existing.sessionId,
+    sliceId: existing.sliceId,
+    state: "superseded",
+    piMessages: existing.piMessages,
+    loadedSkillNames: existing.loadedSkillNames,
+    resumeReason: existing.resumeReason,
+    resumedFromSliceId: existing.resumedFromSliceId,
+    errorMessage: args.errorMessage ?? existing.errorMessage
   });
-  if (shouldTrace) {
-    logWarn(
-      "agent_tool_call_failed",
-      traceContext,
-      {
-        "gen_ai.provider.name": GEN_AI_PROVIDER_NAME,
-        "gen_ai.operation.name": "execute_tool",
-        "gen_ai.tool.name": toolName,
-        ...toolCallId ? { "gen_ai.tool.call.id": toolCallId } : {},
-        "error.type": errorType,
-        "exception.message": errorMessage
-      },
-      "Agent tool call failed"
-    );
+}
+
+// src/chat/services/pending-auth.ts
+var AUTH_LINK_REUSE_WINDOW_MS = 10 * 60 * 1e3;
+function canReusePendingAuthLink(args) {
+  const { pendingAuth } = args;
+  if (!pendingAuth) {
+    return false;
   }
-  if (!(error instanceof McpToolError)) {
-    logException(
-      error,
-      "agent_tool_call_failed",
-      {},
-      {
-        "gen_ai.provider.name": GEN_AI_PROVIDER_NAME,
-        "gen_ai.operation.name": "execute_tool",
-        "gen_ai.tool.name": toolName,
-        ...toolCallId ? { "gen_ai.tool.call.id": toolCallId } : {},
-        ...getToolErrorAttributes(error)
-      },
-      "Agent tool call failed"
-    );
+  return pendingAuth.kind === args.kind && pendingAuth.provider === args.provider && pendingAuth.requesterId === args.requesterId && pendingAuth.linkSentAtMs + AUTH_LINK_REUSE_WINDOW_MS > (args.nowMs ?? Date.now());
+}
+function getConversationPendingAuth(args) {
+  const pendingAuth = args.conversation.processing.pendingAuth;
+  if (!pendingAuth) {
+    return void 0;
   }
-  throw error;
+  if (pendingAuth.kind !== args.kind || pendingAuth.provider !== args.provider || pendingAuth.requesterId !== args.requesterId) {
+    return void 0;
+  }
+  return pendingAuth;
+}
+function clearPendingAuth(conversation, sessionId) {
+  if (!conversation.processing.pendingAuth) {
+    return;
+  }
+  if (sessionId && conversation.processing.pendingAuth.sessionId !== sessionId) {
+    return;
+  }
+  conversation.processing.pendingAuth = void 0;
+}
+async function applyPendingAuthUpdate(args) {
+  const previousPendingAuth = args.conversation.processing.pendingAuth;
+  args.conversation.processing.pendingAuth = args.nextPendingAuth;
+  if (previousPendingAuth && previousPendingAuth.sessionId !== args.nextPendingAuth.sessionId && args.conversationId) {
+    await supersedeAgentTurnSessionCheckpoint({
+      conversationId: args.conversationId,
+      sessionId: previousPendingAuth.sessionId,
+      errorMessage: "Superseded by a newer auth-blocked request in the same conversation."
+    });
+  }
+}
+function isPendingAuthLatestRequest(conversation, pendingAuth) {
+  for (let index = conversation.messages.length - 1; index >= 0; index -= 1) {
+    const message = conversation.messages[index];
+    if (message?.role !== "user") {
+      continue;
+    }
+    return buildDeterministicTurnId(message.id) === pendingAuth.sessionId;
+  }
+  return false;
 }
 
-// src/chat/tools/agent-tools.ts
-function createAgentTools(tools, sandbox, spanContext, onStatus, sandboxExecutor, pluginAuthOrchestration, onToolCall) {
-  const shouldTrace = shouldEmitDevAgentTrace();
-  return Object.entries(tools).map(([toolName, toolDef]) => ({
-    name: toolName,
-    label: toolName,
-    description: toolDef.description,
-    parameters: toolDef.inputSchema,
-    prepareArguments: toolDef.prepareArguments,
-    executionMode: toolDef.executionMode,
-    execute: async (toolCallId, params) => {
-      const normalizedToolCallId = typeof toolCallId === "string" && toolCallId.length > 0 ? toolCallId : void 0;
+// src/chat/services/plugin-auth-orchestration.ts
+var PluginAuthorizationPauseError = class extends AuthorizationPauseError {
+  constructor(provider, disposition) {
+    super("plugin", provider, disposition);
+  }
+};
+var PluginCredentialFailureError = class extends Error {
+  provider;
+  constructor(provider, message) {
+    super(message);
+    this.name = "PluginCredentialFailureError";
+    this.provider = provider;
+  }
+};
+function isCommandAuthFailure(details) {
+  if (!details || typeof details !== "object") {
+    return false;
+  }
+  const result = details;
+  if (typeof result.exit_code !== "number" || result.exit_code === 0) {
+    return false;
+  }
+  const text = `${typeof result.stdout === "string" ? result.stdout : ""}
+${typeof result.stderr === "string" ? result.stderr : ""}`.toLowerCase();
+  if (!text.trim()) {
+    return false;
+  }
+  return [
+    /\bjunior-auth-required\b/,
+    /\b401\b/,
+    /\bunauthorized\b/,
+    /\bbad credentials\b/,
+    /\binvalid token\b/,
+    /\bgithub_token\b.*\binvalid\b/,
+    /\btoken (?:expired|revoked)\b/,
+    /\bexpired token\b/,
+    /\bmissing scopes?\b/,
+    /\binsufficient scope\b/,
+    /\binvalid grant\b/,
+    /\breauthoriz/
+  ].some((pattern) => pattern.test(text));
+}
+function commandText(details) {
+  if (!details || typeof details !== "object") {
+    return "";
+  }
+  const result = details;
+  return `${typeof result.stdout === "string" ? result.stdout : ""}
+${typeof result.stderr === "string" ? result.stderr : ""}`;
+}
+function isGitHubSmartHttpAuthFailure(provider, command, details) {
+  if (provider !== "github" || !/^\s*(?:gh|git)\b/i.test(command)) {
+    return false;
+  }
+  const text = commandText(details).toLowerCase();
+  return /\bgzip:\s*invalid header\b/.test(text);
+}
+function explicitAuthRequiredProvider(details) {
+  const match = /\bjunior-auth-required\s+provider=([a-z0-9-]+)\b/.exec(
+    commandText(details).toLowerCase()
+  );
+  return match?.[1];
+}
+function registeredProviderNames() {
+  const providers = /* @__PURE__ */ new Set();
+  for (const plugin of getPluginProviders()) {
+    const domains = [
+      ...plugin.manifest.credentials?.domains ?? [],
+      ...plugin.manifest.domains ?? []
+    ];
+    if (domains.length > 0) {
+      providers.add(plugin.manifest.name);
+    }
+  }
+  return [...providers].sort((left, right) => left.localeCompare(right));
+}
+function commandTargetsProvider(provider, command, details) {
+  const normalizedCommand = command.trim().toLowerCase();
+  if (!normalizedCommand) {
+    return false;
+  }
+  if (provider === "github" && /^(gh|git)\b/.test(normalizedCommand)) {
+    return true;
+  }
+  const plugin = getPluginDefinition(provider);
+  const candidates = /* @__PURE__ */ new Set([provider.toLowerCase()]);
+  const manifest = plugin?.manifest;
+  const credentials = manifest?.credentials;
+  if (credentials) {
+    candidates.add(credentials.authTokenEnv.toLowerCase());
+    for (const domain of credentials.domains) {
+      candidates.add(domain.toLowerCase());
+    }
+  }
+  for (const domain of manifest?.domains ?? []) {
+    candidates.add(domain.toLowerCase());
+  }
+  const combinedText = `${normalizedCommand}
+${commandText(details).toLowerCase()}`;
+  return [...candidates].some((candidate) => combinedText.includes(candidate));
+}
+function formatCommand(command) {
+  const collapsed = command.replace(/\s+/g, " ").trim();
+  return collapsed.length > 160 ? `${collapsed.slice(0, 157)}...` : collapsed;
+}
+function buildCredentialFailureError(provider, command) {
+  const providerLabel = provider === "github" ? "GitHub" : formatProviderLabel(provider);
+  const plugin = getPluginDefinition(provider);
+  const credentialType = plugin?.manifest.credentials?.type;
+  const commandSummary = formatCommand(command);
+  const remediation = provider === "github" && credentialType === "github-app" ? "Verify the GitHub App installation covers the target repository and the host GitHub App environment variables are current." : `Verify the ${providerLabel} provider credentials before retrying.`;
+  return new PluginCredentialFailureError(
+    provider,
+    `${providerLabel} credentials were rejected while running \`${commandSummary}\`. ${remediation}`
+  );
+}
+function createPluginAuthOrchestration(deps, abortAgent) {
+  let pendingPause;
+  const startAuthorizationPause = async (provider, activeSkill, options) => {
+    if (pendingPause) {
+      throw pendingPause;
+    }
+    if (!deps.requesterId || !getPluginOAuthConfig(provider)) {
+      throw new Error(`Cannot start plugin authorization for ${provider}`);
+    }
+    const providerLabel = formatProviderLabel(provider);
+    const reusingPendingLink = canReusePendingAuthLink({
+      pendingAuth: deps.currentPendingAuth,
+      kind: "plugin",
+      provider,
+      requesterId: deps.requesterId
+    });
+    if (!reusingPendingLink) {
+      const oauthResult = await startOAuthFlow(provider, {
+        requesterId: deps.requesterId,
+        channelId: deps.channelId,
+        threadTs: deps.threadTs,
+        userMessage: deps.userMessage,
+        channelConfiguration: deps.channelConfiguration,
+        activeSkillName: activeSkill?.name ?? void 0,
+        resumeConversationId: deps.conversationId,
+        resumeSessionId: deps.sessionId
+      });
+      if (!oauthResult.ok) {
+        throw new Error(oauthResult.error);
+      }
+      if (!oauthResult.delivery) {
+        throw new Error(
+          `I need to connect your ${providerLabel} account first, but I wasn't able to send you a private authorization link. Please send me a direct message and try again.`
+        );
+      }
+    }
+    if (options?.unlinkExistingProvider && deps.requesterId && deps.userTokenStore) {
+      await unlinkProvider(deps.requesterId, provider, deps.userTokenStore);
+    }
+    if (deps.sessionId) {
+      await deps.onPendingAuth?.({
+        kind: "plugin",
+        provider,
+        requesterId: deps.requesterId,
+        sessionId: deps.sessionId,
+        linkSentAtMs: reusingPendingLink ? deps.currentPendingAuth.linkSentAtMs : Date.now()
+      });
+    }
+    pendingPause = new PluginAuthorizationPauseError(
+      provider,
+      reusingPendingLink ? "link_already_sent" : "link_sent"
+    );
+    abortAgent();
+    throw pendingPause;
+  };
+  return {
+    handleCommandFailure: async (input) => {
+      const providers = registeredProviderNames();
+      const explicitProvider = explicitAuthRequiredProvider(input.details);
+      const provider = explicitProvider && providers.includes(explicitProvider) ? explicitProvider : providers.find(
+        (availableProvider) => commandTargetsProvider(
+          availableProvider,
+          input.command,
+          input.details
+        )
+      );
+      if (!provider) {
+        return;
+      }
+      const authFailure = isCommandAuthFailure(input.details) || isGitHubSmartHttpAuthFailure(provider, input.command, input.details);
+      if (!authFailure) {
+        return;
+      }
+      if (!deps.requesterId || !deps.userTokenStore) {
+        throw buildCredentialFailureError(provider, input.command);
+      }
+      if (!getPluginOAuthConfig(provider)) {
+        throw buildCredentialFailureError(provider, input.command);
+      }
+      await startAuthorizationPause(provider, input.activeSkill, {
+        unlinkExistingProvider: true
+      });
+    },
+    getPendingPause: () => pendingPause
+  };
+}
+
+// src/chat/tools/execution/tool-error-handler.ts
+function getToolErrorAttributes(error) {
+  if (!(error instanceof SlackActionError)) {
+    return {};
+  }
+  return {
+    "app.slack.error_code": error.code,
+    ...error.apiError ? { "app.slack.api_error": error.apiError } : {},
+    ...error.detail ? { "app.slack.detail": error.detail } : {},
+    ...error.detailLine !== void 0 ? { "app.slack.detail_line": error.detailLine } : {},
+    ...error.detailRule ? { "app.slack.detail_rule": error.detailRule } : {}
+  };
+}
+function handleToolExecutionError(error, toolName, toolCallId, shouldTrace, traceContext) {
+  const errorType = getMcpAwareErrorType(error, "tool_execution_error");
+  const errorMessage = getMcpAwareErrorMessage(error);
+  setSpanAttributes({
+    "error.type": errorType,
+    ...error instanceof PluginCredentialFailureError ? { "app.credential.provider": error.provider } : {}
+  });
+  if (error instanceof PluginCredentialFailureError) {
+    if (shouldTrace) {
+      logInfo(
+        "plugin_credential_rejected",
+        traceContext,
+        {
+          "app.credential.provider": error.provider,
+          "gen_ai.provider.name": GEN_AI_PROVIDER_NAME,
+          "gen_ai.operation.name": "execute_tool",
+          "gen_ai.tool.name": toolName,
+          ...toolCallId ? { "gen_ai.tool.call.id": toolCallId } : {},
+          "error.type": errorType
+        },
+        "Plugin credentials were rejected during tool execution"
+      );
+    }
+    throw error;
+  }
+  if (shouldTrace) {
+    logWarn(
+      "agent_tool_call_failed",
+      traceContext,
+      {
+        "gen_ai.provider.name": GEN_AI_PROVIDER_NAME,
+        "gen_ai.operation.name": "execute_tool",
+        "gen_ai.tool.name": toolName,
+        ...toolCallId ? { "gen_ai.tool.call.id": toolCallId } : {},
+        "error.type": errorType,
+        "exception.message": errorMessage
+      },
+      "Agent tool call failed"
+    );
+  }
+  if (!(error instanceof McpToolError)) {
+    logException(
+      error,
+      "agent_tool_call_failed",
+      {},
+      {
+        "gen_ai.provider.name": GEN_AI_PROVIDER_NAME,
+        "gen_ai.operation.name": "execute_tool",
+        "gen_ai.tool.name": toolName,
+        ...toolCallId ? { "gen_ai.tool.call.id": toolCallId } : {},
+        ...getToolErrorAttributes(error)
+      },
+      "Agent tool call failed"
+    );
+  }
+  throw error;
+}
+
+// src/chat/tools/agent-tools.ts
+function createAgentTools(tools, sandbox, spanContext, onStatus, sandboxExecutor, pluginAuthOrchestration, onToolCall) {
+  const shouldTrace = shouldEmitDevAgentTrace();
+  return Object.entries(tools).map(([toolName, toolDef]) => ({
+    name: toolName,
+    label: toolName,
+    description: toolDef.description,
+    parameters: toolDef.inputSchema,
+    prepareArguments: toolDef.prepareArguments,
+    executionMode: toolDef.executionMode,
+    execute: async (toolCallId, params) => {
+      const normalizedToolCallId = typeof toolCallId === "string" && toolCallId.length > 0 ? toolCallId : void 0;
       const toolArgumentsAttribute = serializeGenAiAttribute(params);
       if (toolName === "reportProgress") {
         const status = buildReportedProgressStatus(params);
@@ -10997,9 +11426,31 @@ var TURN_THINKING_LEVELS = [
   "high",
   "xhigh"
 ];
-var turnExecutionProfileSchema = z.object({
-  thinking_level: z.enum(TURN_THINKING_LEVELS),
-  confidence: z.number().min(0).max(1),
+var CONFIDENCE_LABELS = {
+  low: 0.5,
+  medium: CLASSIFIER_CONFIDENCE_THRESHOLD,
+  high: 0.9
+};
+function coerceClassifierConfidence(value) {
+  if (typeof value !== "string") {
+    return value;
+  }
+  const trimmed = value.trim().toLowerCase();
+  if (!trimmed) {
+    return value;
+  }
+  const numeric = Number.parseFloat(trimmed);
+  if (Number.isFinite(numeric)) {
+    return numeric;
+  }
+  return CONFIDENCE_LABELS[trimmed] ?? value;
+}
+var turnExecutionProfileSchema = z.object({
+  thinking_level: z.enum(TURN_THINKING_LEVELS),
+  confidence: z.preprocess(
+    coerceClassifierConfidence,
+    z.number().min(0).max(1)
+  ),
   reason: z.string().min(1)
 });
 var DEFAULT_THINKING_LEVEL = "medium";
@@ -11044,7 +11495,8 @@ function buildClassifierSystemPrompt() {
     "",
     "Classify based on the substance of the task, not the length of the current message. When the current instruction is a short affirmation (for example: 'go', 'do it', 'yes please', 'proceed') and the thread-background contains a pending task, classify the pending task \u2014 not the affirmation.",
     "",
-    "Return JSON only with thinking_level, confidence, and reason."
+    "Return JSON only with thinking_level, confidence, and reason.",
+    "confidence must be a number from 0 to 1, not a word label."
   ].join("\n");
 }
 function buildClassifierPrompt(args) {
@@ -11186,115 +11638,6 @@ function toAgentThinkingLevel(level) {
   }
 }
 
-// src/chat/state/turn-session-store.ts
-var AGENT_TURN_SESSION_PREFIX = "junior:agent_turn_session";
-var AGENT_TURN_SESSION_TTL_MS = 24 * 60 * 60 * 1e3;
-function agentTurnSessionKey(conversationId, sessionId) {
-  return `${AGENT_TURN_SESSION_PREFIX}:${conversationId}:${sessionId}`;
-}
-function parseAgentTurnSessionCheckpoint(value) {
-  if (typeof value !== "string") {
-    return void 0;
-  }
-  try {
-    const parsed = JSON.parse(value);
-    if (!isRecord(parsed)) {
-      return void 0;
-    }
-    const status = parsed.state;
-    if (status !== "running" && status !== "awaiting_resume" && status !== "completed" && status !== "failed" && status !== "superseded") {
-      return void 0;
-    }
-    const conversationId = parsed.conversationId;
-    const sessionId = parsed.sessionId;
-    const sliceId = parsed.sliceId;
-    const checkpointVersion = parsed.checkpointVersion;
-    const updatedAtMs = parsed.updatedAtMs;
-    if (typeof conversationId !== "string" || typeof sessionId !== "string" || typeof sliceId !== "number" || typeof checkpointVersion !== "number" || typeof updatedAtMs !== "number") {
-      return void 0;
-    }
-    return {
-      checkpointVersion,
-      conversationId,
-      sessionId,
-      sliceId,
-      state: status,
-      updatedAtMs,
-      piMessages: Array.isArray(parsed.piMessages) ? parsed.piMessages : [],
-      ...Array.isArray(parsed.loadedSkillNames) ? {
-        loadedSkillNames: parsed.loadedSkillNames.filter(
-          (value2) => typeof value2 === "string"
-        )
-      } : {},
-      ...parsed.resumeReason === "timeout" || parsed.resumeReason === "auth" ? { resumeReason: parsed.resumeReason } : {},
-      ...typeof parsed.errorMessage === "string" ? { errorMessage: parsed.errorMessage } : {},
-      ...typeof parsed.resumedFromSliceId === "number" ? { resumedFromSliceId: parsed.resumedFromSliceId } : {}
-    };
-  } catch {
-    return void 0;
-  }
-}
-async function getAgentTurnSessionCheckpoint(conversationId, sessionId) {
-  const stateAdapter = getStateAdapter();
-  await stateAdapter.connect();
-  const value = await stateAdapter.get(
-    agentTurnSessionKey(conversationId, sessionId)
-  );
-  return parseAgentTurnSessionCheckpoint(value);
-}
-async function upsertAgentTurnSessionCheckpoint(args) {
-  const stateAdapter = getStateAdapter();
-  await stateAdapter.connect();
-  const existing = await getAgentTurnSessionCheckpoint(
-    args.conversationId,
-    args.sessionId
-  );
-  const checkpoint = {
-    checkpointVersion: (existing?.checkpointVersion ?? 0) + 1,
-    conversationId: args.conversationId,
-    sessionId: args.sessionId,
-    sliceId: args.sliceId,
-    state: args.state,
-    updatedAtMs: Date.now(),
-    piMessages: Array.isArray(args.piMessages) ? args.piMessages : [],
-    ...Array.isArray(args.loadedSkillNames) ? {
-      loadedSkillNames: args.loadedSkillNames.filter(
-        (value) => typeof value === "string"
-      )
-    } : {},
-    ...args.resumeReason ? { resumeReason: args.resumeReason } : {},
-    ...args.errorMessage ? { errorMessage: args.errorMessage } : {},
-    ...typeof args.resumedFromSliceId === "number" ? { resumedFromSliceId: args.resumedFromSliceId } : {}
-  };
-  const ttlMs = Math.max(1, args.ttlMs ?? AGENT_TURN_SESSION_TTL_MS);
-  await stateAdapter.set(
-    agentTurnSessionKey(args.conversationId, args.sessionId),
-    JSON.stringify(checkpoint),
-    ttlMs
-  );
-  return checkpoint;
-}
-async function supersedeAgentTurnSessionCheckpoint(args) {
-  const existing = await getAgentTurnSessionCheckpoint(
-    args.conversationId,
-    args.sessionId
-  );
-  if (!existing || existing.state === "completed" || existing.state === "failed" || existing.state === "superseded") {
-    return void 0;
-  }
-  return await upsertAgentTurnSessionCheckpoint({
-    conversationId: existing.conversationId,
-    sessionId: existing.sessionId,
-    sliceId: existing.sliceId,
-    state: "superseded",
-    piMessages: existing.piMessages,
-    loadedSkillNames: existing.loadedSkillNames,
-    resumeReason: existing.resumeReason,
-    resumedFromSliceId: existing.resumedFromSliceId,
-    errorMessage: args.errorMessage ?? existing.errorMessage
-  });
-}
-
 // src/chat/services/turn-checkpoint.ts
 async function loadTurnCheckpoint(ctx) {
   const canUseTurnSession = Boolean(ctx.conversationId && ctx.sessionId);
@@ -11408,56 +11751,6 @@ async function persistTimeoutCheckpoint(args) {
   }
 }
 
-// src/chat/services/pending-auth.ts
-var AUTH_LINK_REUSE_WINDOW_MS = 10 * 60 * 1e3;
-function canReusePendingAuthLink(args) {
-  const { pendingAuth } = args;
-  if (!pendingAuth) {
-    return false;
-  }
-  return pendingAuth.kind === args.kind && pendingAuth.provider === args.provider && pendingAuth.requesterId === args.requesterId && pendingAuth.linkSentAtMs + AUTH_LINK_REUSE_WINDOW_MS > (args.nowMs ?? Date.now());
-}
-function getConversationPendingAuth(args) {
-  const pendingAuth = args.conversation.processing.pendingAuth;
-  if (!pendingAuth) {
-    return void 0;
-  }
-  if (pendingAuth.kind !== args.kind || pendingAuth.provider !== args.provider || pendingAuth.requesterId !== args.requesterId) {
-    return void 0;
-  }
-  return pendingAuth;
-}
-function clearPendingAuth(conversation, sessionId) {
-  if (!conversation.processing.pendingAuth) {
-    return;
-  }
-  if (sessionId && conversation.processing.pendingAuth.sessionId !== sessionId) {
-    return;
-  }
-  conversation.processing.pendingAuth = void 0;
-}
-async function applyPendingAuthUpdate(args) {
-  const previousPendingAuth = args.conversation.processing.pendingAuth;
-  args.conversation.processing.pendingAuth = args.nextPendingAuth;
-  if (previousPendingAuth && previousPendingAuth.sessionId !== args.nextPendingAuth.sessionId && args.conversationId) {
-    await supersedeAgentTurnSessionCheckpoint({
-      conversationId: args.conversationId,
-      sessionId: previousPendingAuth.sessionId,
-      errorMessage: "Superseded by a newer auth-blocked request in the same conversation."
-    });
-  }
-}
-function isPendingAuthLatestRequest(conversation, pendingAuth) {
-  for (let index = conversation.messages.length - 1; index >= 0; index -= 1) {
-    const message = conversation.messages[index];
-    if (message?.role !== "user") {
-      continue;
-    }
-    return buildDeterministicTurnId(message.id) === pendingAuth.sessionId;
-  }
-  return false;
-}
-
 // src/chat/services/mcp-auth-orchestration.ts
 var McpAuthorizationPauseError = class extends AuthorizationPauseError {
   constructor(provider, disposition) {
@@ -11492,236 +11785,60 @@ function createMcpAuthOrchestration(deps, abortAgent) {
     }
     const authSessionId = authSessionIdsByProvider.get(provider);
     if (!authSessionId || !deps.requesterId) {
-      throw new Error(
-        `Missing MCP auth session context for plugin "${provider}"`
-      );
-    }
-    const latestArtifactState = deps.getMergedArtifactState();
-    await patchMcpAuthSession(authSessionId, {
-      configuration: { ...deps.getConfiguration() },
-      artifactState: latestArtifactState,
-      toolChannelId: deps.toolChannelId ?? latestArtifactState.assistantContextChannelId ?? deps.channelId
-    });
-    const authSession = await getMcpAuthSession(authSessionId);
-    if (!authSession?.authorizationUrl) {
-      throw new Error(`Missing MCP authorization URL for plugin "${provider}"`);
-    }
-    const reusingPendingLink = canReusePendingAuthLink({
-      pendingAuth: deps.currentPendingAuth,
-      kind: "mcp",
-      provider,
-      requesterId: deps.requesterId
-    });
-    if (!reusingPendingLink) {
-      const delivery = await deliverPrivateMessage({
-        channelId: authSession.channelId,
-        threadTs: authSession.threadTs,
-        userId: authSession.userId,
-        text: `<${authSession.authorizationUrl}|Click here to link your ${formatProviderLabel(provider)} MCP access>. Once you've authorized, this thread will continue automatically.`
-      });
-      if (!delivery) {
-        throw new Error(
-          `Unable to deliver MCP authorization link for plugin "${provider}"`
-        );
-      }
-    } else {
-      await deleteMcpAuthSession(authSessionId);
-    }
-    if (deps.sessionId && deps.requesterId) {
-      await deps.onPendingAuth?.({
-        kind: "mcp",
-        provider,
-        requesterId: deps.requesterId,
-        sessionId: deps.sessionId,
-        linkSentAtMs: reusingPendingLink ? deps.currentPendingAuth.linkSentAtMs : Date.now()
-      });
-    }
-    pendingPause = new McpAuthorizationPauseError(
-      provider,
-      reusingPendingLink ? "link_already_sent" : "link_sent"
-    );
-    abortAgent();
-    return true;
-  };
-  return {
-    authProviderFactory,
-    onAuthorizationRequired,
-    getPendingPause: () => pendingPause
-  };
-}
-
-// src/chat/credentials/unlink-provider.ts
-async function unlinkProvider(userId, provider, userTokenStore) {
-  await Promise.all([
-    userTokenStore.delete(userId, provider),
-    deleteMcpStoredOAuthCredentials(userId, provider),
-    deleteMcpServerSessionId(userId, provider),
-    deleteMcpAuthSessionsForUserProvider(userId, provider)
-  ]);
-}
-
-// src/chat/services/plugin-auth-orchestration.ts
-var PluginAuthorizationPauseError = class extends AuthorizationPauseError {
-  constructor(provider, disposition) {
-    super("plugin", provider, disposition);
-  }
-};
-function isCommandAuthFailure(details) {
-  if (!details || typeof details !== "object") {
-    return false;
-  }
-  const result = details;
-  if (typeof result.exit_code !== "number" || result.exit_code === 0) {
-    return false;
-  }
-  const text = `${typeof result.stdout === "string" ? result.stdout : ""}
-${typeof result.stderr === "string" ? result.stderr : ""}`.toLowerCase();
-  if (!text.trim()) {
-    return false;
-  }
-  return [
-    /\bjunior-auth-required\b/,
-    /\b401\b/,
-    /\bunauthorized\b/,
-    /\bbad credentials\b/,
-    /\binvalid token\b/,
-    /\btoken (?:expired|revoked)\b/,
-    /\bexpired token\b/,
-    /\bmissing scopes?\b/,
-    /\binsufficient scope\b/,
-    /\binvalid grant\b/,
-    /\breauthoriz/
-  ].some((pattern) => pattern.test(text));
-}
-function commandText(details) {
-  if (!details || typeof details !== "object") {
-    return "";
-  }
-  const result = details;
-  return `${typeof result.stdout === "string" ? result.stdout : ""}
-${typeof result.stderr === "string" ? result.stderr : ""}`;
-}
-function explicitAuthRequiredProvider(details) {
-  const match = /\bjunior-auth-required\s+provider=([a-z0-9-]+)\b/.exec(
-    commandText(details).toLowerCase()
-  );
-  return match?.[1];
-}
-function registeredProviderNames() {
-  const providers = /* @__PURE__ */ new Set();
-  for (const plugin of getPluginProviders()) {
-    const domains = [
-      ...plugin.manifest.credentials?.domains ?? [],
-      ...plugin.manifest.domains ?? []
-    ];
-    if (domains.length > 0) {
-      providers.add(plugin.manifest.name);
-    }
-  }
-  return [...providers].sort((left, right) => left.localeCompare(right));
-}
-function commandTargetsProvider(provider, command, details) {
-  const normalizedCommand = command.trim().toLowerCase();
-  if (!normalizedCommand) {
-    return false;
-  }
-  if (provider === "github" && /^(gh|git)\b/.test(normalizedCommand)) {
-    return true;
-  }
-  const plugin = getPluginDefinition(provider);
-  const candidates = /* @__PURE__ */ new Set([provider.toLowerCase()]);
-  const manifest = plugin?.manifest;
-  const credentials = manifest?.credentials;
-  if (credentials) {
-    candidates.add(credentials.authTokenEnv.toLowerCase());
-    for (const domain of credentials.domains) {
-      candidates.add(domain.toLowerCase());
-    }
-  }
-  for (const domain of manifest?.domains ?? []) {
-    candidates.add(domain.toLowerCase());
-  }
-  const combinedText = `${normalizedCommand}
-${commandText(details).toLowerCase()}`;
-  return [...candidates].some((candidate) => combinedText.includes(candidate));
-}
-function createPluginAuthOrchestration(deps, abortAgent) {
-  let pendingPause;
-  const startAuthorizationPause = async (provider, activeSkill, options) => {
-    if (pendingPause) {
-      throw pendingPause;
+      throw new Error(
+        `Missing MCP auth session context for plugin "${provider}"`
+      );
     }
-    if (!deps.requesterId || !getPluginOAuthConfig(provider)) {
-      throw new Error(`Cannot start plugin authorization for ${provider}`);
+    const latestArtifactState = deps.getMergedArtifactState();
+    await patchMcpAuthSession(authSessionId, {
+      configuration: { ...deps.getConfiguration() },
+      artifactState: latestArtifactState,
+      toolChannelId: deps.toolChannelId ?? latestArtifactState.assistantContextChannelId ?? deps.channelId
+    });
+    const authSession = await getMcpAuthSession(authSessionId);
+    if (!authSession?.authorizationUrl) {
+      throw new Error(`Missing MCP authorization URL for plugin "${provider}"`);
     }
-    const providerLabel = formatProviderLabel(provider);
     const reusingPendingLink = canReusePendingAuthLink({
       pendingAuth: deps.currentPendingAuth,
-      kind: "plugin",
+      kind: "mcp",
       provider,
       requesterId: deps.requesterId
     });
     if (!reusingPendingLink) {
-      const oauthResult = await startOAuthFlow(provider, {
-        requesterId: deps.requesterId,
-        channelId: deps.channelId,
-        threadTs: deps.threadTs,
-        userMessage: deps.userMessage,
-        channelConfiguration: deps.channelConfiguration,
-        activeSkillName: activeSkill?.name ?? void 0,
-        resumeConversationId: deps.conversationId,
-        resumeSessionId: deps.sessionId
+      const delivery = await deliverPrivateMessage({
+        channelId: authSession.channelId,
+        threadTs: authSession.threadTs,
+        userId: authSession.userId,
+        text: `<${authSession.authorizationUrl}|Click here to link your ${formatProviderLabel(provider)} MCP access>. Once you've authorized, this thread will continue automatically.`
       });
-      if (!oauthResult.ok) {
-        throw new Error(oauthResult.error);
-      }
-      if (!oauthResult.delivery) {
+      if (!delivery) {
         throw new Error(
-          `I need to connect your ${providerLabel} account first, but I wasn't able to send you a private authorization link. Please send me a direct message and try again.`
+          `Unable to deliver MCP authorization link for plugin "${provider}"`
         );
       }
+    } else {
+      await deleteMcpAuthSession(authSessionId);
     }
-    if (options?.unlinkExistingProvider && deps.requesterId && deps.userTokenStore) {
-      await unlinkProvider(deps.requesterId, provider, deps.userTokenStore);
-    }
-    if (deps.sessionId) {
+    if (deps.sessionId && deps.requesterId) {
       await deps.onPendingAuth?.({
-        kind: "plugin",
+        kind: "mcp",
         provider,
         requesterId: deps.requesterId,
         sessionId: deps.sessionId,
         linkSentAtMs: reusingPendingLink ? deps.currentPendingAuth.linkSentAtMs : Date.now()
       });
     }
-    pendingPause = new PluginAuthorizationPauseError(
+    pendingPause = new McpAuthorizationPauseError(
       provider,
       reusingPendingLink ? "link_already_sent" : "link_sent"
     );
     abortAgent();
-    throw pendingPause;
+    return true;
   };
   return {
-    handleCommandFailure: async (input) => {
-      const providers = registeredProviderNames();
-      const authFailure = isCommandAuthFailure(input.details);
-      if (!authFailure) {
-        return;
-      }
-      const explicitProvider = explicitAuthRequiredProvider(input.details);
-      const provider = explicitProvider && providers.includes(explicitProvider) ? explicitProvider : providers.find(
-        (availableProvider) => commandTargetsProvider(
-          availableProvider,
-          input.command,
-          input.details
-        )
-      );
-      if (!provider || !deps.requesterId || !deps.userTokenStore || !getPluginOAuthConfig(provider)) {
-        return;
-      }
-      await startAuthorizationPause(provider, input.activeSkill, {
-        unlinkExistingProvider: true
-      });
-    },
+    authProviderFactory,
+    onAuthorizationRequired,
     getPendingPause: () => pendingPause
   };
 }
@@ -11988,7 +12105,8 @@ async function generateAssistantReply(messageText, context = {}) {
       sandboxDependencyProfileHash: context.sandbox?.sandboxDependencyProfileHash,
       traceContext: spanContext,
       credentialEgress: requesterId ? {
-        requesterId
+        requesterId,
+        activeProvider: () => skillSandbox.getActiveSkill()?.pluginProvider
       } : void 0,
       onSandboxAcquired: async (sandbox2) => {
         lastKnownSandboxId = sandbox2.sandboxId;
@@ -12708,6 +12826,12 @@ function finalizeFailedTurnReply(args) {
   };
 }
 
+// src/chat/services/turn-continuation-response.ts
+var TURN_CONTINUATION_RESPONSE = "I'm still working on this in the background. I'll post the final response here when it finishes.";
+function buildTurnContinuationResponse() {
+  return TURN_CONTINUATION_RESPONSE;
+}
+
 // src/chat/slack/assistant-thread/status-render.ts
 var DEFAULT_STATUS_CONTEXTS = {
   thinking: "\u2026",
@@ -13360,8 +13484,249 @@ async function postSlackApiReplyPosts(args) {
       });
       throw error;
     }
-  }
-  return lastPostedMessageTs;
+  }
+  return lastPostedMessageTs;
+}
+
+// src/chat/slack/errors.ts
+function getSlackApiErrorCode(error) {
+  if (!error || typeof error !== "object") {
+    return void 0;
+  }
+  const candidate = error;
+  if (typeof candidate.data?.error === "string" && candidate.data.error.trim().length > 0) {
+    return candidate.data.error;
+  }
+  if (typeof candidate.code === "string" && candidate.code.trim().length > 0) {
+    return candidate.code;
+  }
+  return void 0;
+}
+function getSlackErrorObservabilityAttributes(error) {
+  if (!error || typeof error !== "object") {
+    return {};
+  }
+  const candidate = error;
+  const attributes = {};
+  if (typeof candidate.code === "string" && candidate.code.trim().length > 0) {
+    attributes["app.slack.error_code"] = candidate.code;
+  }
+  if (typeof candidate.data?.error === "string" && candidate.data.error.trim().length > 0) {
+    attributes["app.slack.api_error"] = candidate.data.error;
+  }
+  const requestId = getHeaderString(candidate.headers, "x-slack-req-id");
+  if (requestId) {
+    attributes["app.slack.request_id"] = requestId;
+  }
+  if (typeof candidate.statusCode === "number" && Number.isFinite(candidate.statusCode)) {
+    attributes["http.response.status_code"] = candidate.statusCode;
+  }
+  return attributes;
+}
+function isSlackTitlePermissionError(error) {
+  const code = getSlackApiErrorCode(error);
+  return code === "no_permission" || code === "missing_scope" || code === "not_allowed_token_type";
+}
+
+// src/chat/slack/context.ts
+function toTrimmedSlackString(value) {
+  const normalized = toOptionalString(value);
+  return normalized?.trim() || void 0;
+}
+function parseSlackThreadId(threadId) {
+  const normalizedThreadId = toTrimmedSlackString(threadId);
+  if (!normalizedThreadId) {
+    return void 0;
+  }
+  const parts = normalizedThreadId.split(":");
+  if (parts.length !== 3 || parts[0] !== "slack") {
+    return void 0;
+  }
+  const channelId = toTrimmedSlackString(parts[1]);
+  const threadTs = toTrimmedSlackString(parts[2]);
+  if (!channelId || !threadTs) {
+    return void 0;
+  }
+  return { channelId, threadTs };
+}
+function resolveSlackChannelIdFromThreadId(threadId) {
+  return parseSlackThreadId(threadId)?.channelId;
+}
+function resolveSlackChannelIdFromMessage(message) {
+  const messageChannelId = toTrimmedSlackString(
+    message.channelId
+  );
+  if (messageChannelId) {
+    return messageChannelId;
+  }
+  const raw = message.raw;
+  if (raw && typeof raw === "object") {
+    const rawChannel = toTrimmedSlackString(
+      raw.channel
+    );
+    if (rawChannel) {
+      return rawChannel;
+    }
+  }
+  const threadId = toTrimmedSlackString(
+    message.threadId
+  );
+  return resolveSlackChannelIdFromThreadId(threadId);
+}
+
+// src/chat/runtime/thread-context.ts
+function escapeRegExp2(value) {
+  return value.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+}
+function stripLeadingBotMention(text, options = {}) {
+  if (!text.trim()) return text;
+  let next = text;
+  if (options.stripLeadingSlackMentionToken) {
+    next = next.replace(/^\s*<@[^>]+>[\s,:-]*/, "").trim();
+  }
+  const mentionByNameRe = new RegExp(
+    `^\\s*@${escapeRegExp2(botConfig.userName)}\\b[\\s,:-]*`,
+    "i"
+  );
+  next = next.replace(mentionByNameRe, "").trim();
+  const mentionByLabeledEntityRe = new RegExp(
+    `^\\s*<@[^>|]+\\|${escapeRegExp2(botConfig.userName)}>[\\s,:-]*`,
+    "i"
+  );
+  next = next.replace(mentionByLabeledEntityRe, "").trim();
+  return next;
+}
+function getThreadId(thread, _message) {
+  return toOptionalString(thread.id);
+}
+function getRunId(thread, message) {
+  return toOptionalString(thread.runId) ?? toOptionalString(message.runId);
+}
+function getChannelId(thread, message) {
+  return resolveSlackChannelIdFromThreadId(toOptionalString(thread.id)) ?? normalizeSlackConversationId(toOptionalString(thread.channelId)) ?? resolveSlackChannelIdFromMessage(message);
+}
+function getThreadTs(threadId) {
+  return parseSlackThreadId(threadId)?.threadTs;
+}
+function getAssistantThreadContext(message) {
+  const raw = message.raw;
+  const rawRecord = raw && typeof raw === "object" ? raw : void 0;
+  const channelId = toOptionalString(rawRecord?.channel);
+  if (channelId) {
+    const rawThreadTs = toOptionalString(rawRecord?.thread_ts);
+    const threadTs = isDmChannel(channelId) ? rawThreadTs : rawThreadTs ?? toOptionalString(rawRecord?.ts);
+    if (threadTs) {
+      return { channelId, threadTs };
+    }
+  }
+  const parsedThreadId = parseSlackThreadId(
+    toOptionalString(message.threadId)
+  );
+  if (!parsedThreadId || isDmChannel(parsedThreadId.channelId)) {
+    return void 0;
+  }
+  return parsedThreadId;
+}
+function getMessageTs(message) {
+  const directTs = toOptionalString(
+    message.ts
+  );
+  if (directTs) {
+    return directTs;
+  }
+  const raw = message.raw;
+  if (!raw || typeof raw !== "object") {
+    return void 0;
+  }
+  const rawRecord = raw;
+  return toOptionalString(rawRecord.ts) ?? toOptionalString(rawRecord.event_ts) ?? toOptionalString(rawRecord.message?.ts);
+}
+
+// src/chat/runtime/processing-reaction.ts
+var PROCESSING_REACTION_EMOJI = "eyes";
+var noProcessingReaction = {
+  keep: () => void 0,
+  stop: async () => void 0
+};
+function isProcessingReactionEmoji(value) {
+  return typeof value === "string" && normalizeSlackEmojiName(value) === PROCESSING_REACTION_EMOJI;
+}
+function shouldKeepProcessingReactionForToolInvocation(input) {
+  return input.toolName === "slackMessageAddReaction" && isProcessingReactionEmoji(input.params.emoji);
+}
+async function startSlackProcessingReaction(args) {
+  if (args.message.author.isMe) {
+    return noProcessingReaction;
+  }
+  const channelId = getChannelId(args.thread, args.message);
+  const messageTs = getMessageTs(args.message);
+  if (!channelId || !messageTs) {
+    return noProcessingReaction;
+  }
+  return startSlackProcessingReactionForMessage({
+    channelId,
+    timestamp: messageTs,
+    logException: args.logException,
+    logContext: args.logContext
+  });
+}
+async function startSlackProcessingReactionForMessage(args) {
+  try {
+    await addReactionToMessage({
+      channelId: args.channelId,
+      timestamp: args.timestamp,
+      emoji: PROCESSING_REACTION_EMOJI
+    });
+  } catch (error) {
+    args.logException(
+      error,
+      "slack_processing_reaction_add_failed",
+      args.logContext,
+      {
+        "app.slack.action": "reactions.add",
+        "messaging.message.id": args.timestamp,
+        ...getSlackErrorObservabilityAttributes(error)
+      },
+      "Failed to add Slack processing reaction"
+    );
+    return noProcessingReaction;
+  }
+  let shouldRemove = true;
+  return {
+    keep: () => {
+      shouldRemove = false;
+    },
+    stop: async () => {
+      if (!shouldRemove) {
+        return;
+      }
+      try {
+        await removeReactionFromMessage({
+          channelId: args.channelId,
+          timestamp: args.timestamp,
+          emoji: PROCESSING_REACTION_EMOJI
+        });
+      } catch (error) {
+        args.logException(
+          error,
+          "slack_processing_reaction_remove_failed",
+          args.logContext,
+          {
+            "app.slack.action": "reactions.remove",
+            "messaging.message.id": args.timestamp,
+            ...getSlackErrorObservabilityAttributes(error)
+          },
+          "Failed to remove Slack processing reaction"
+        );
+      }
+    }
+  };
+}
+
+// src/chat/services/auth-pause-response.ts
+var AUTH_PAUSE_RESPONSE = "I need authorization to continue. Check your private link to connect.";
+function buildAuthPauseResponse() {
+  return AUTH_PAUSE_RESPONSE;
 }
 
 // src/chat/runtime/slack-resume.ts
@@ -13453,6 +13818,25 @@ async function postResumeFailureReply(args) {
     throw error;
   }
 }
+async function postTurnContinuationNoticeBestEffort(args) {
+  try {
+    await postSlackMessage({
+      channelId: args.resumeArgs.channelId,
+      threadTs: args.resumeArgs.threadTs,
+      text: buildTurnContinuationResponse()
+    });
+  } catch (error) {
+    logException(
+      error,
+      "slack_turn_continuation_notice_post_failed",
+      getResumeLogContext(args.resumeArgs, args.lockKey),
+      {
+        "app.slack.reply_stage": "thread_reply_turn_continuation_notice"
+      },
+      "Failed to post turn continuation notice"
+    );
+  }
+}
 async function handleResumeFailure(args) {
   const logContext = getResumeLogContext(args.resumeArgs, args.lockKey);
   const capturedEventId = logException(
@@ -13520,9 +13904,19 @@ async function resumeSlackTurn(args) {
     channelId: args.channelId,
     threadTs: args.threadTs
   });
+  let processingReaction;
+  let deferredPauseKind;
   let deferredPauseHandler;
   let deferredFailureHandler;
   try {
+    if (args.messageTs) {
+      processingReaction = await startSlackProcessingReactionForMessage({
+        channelId: args.channelId,
+        timestamp: args.messageTs,
+        logException,
+        logContext: { ...getResumeLogContext(args, lockKey) }
+      });
+    }
     if (args.initialText) {
       await postSlackMessageBestEffort(
         args.channelId,
@@ -13573,10 +13967,12 @@ async function resumeSlackTurn(args) {
     const onAuthPause = args.onAuthPause;
     const onTimeoutPause = args.onTimeoutPause;
     if ((isRetryableTurnError(error, "mcp_auth_resume") || isRetryableTurnError(error, "plugin_auth_resume")) && onAuthPause) {
+      deferredPauseKind = "auth";
       deferredPauseHandler = async () => {
         await onAuthPause(error);
       };
     } else if (isRetryableTurnError(error, "turn_timeout_resume") && onTimeoutPause) {
+      deferredPauseKind = "timeout";
       deferredPauseHandler = async () => {
         await onTimeoutPause(error);
       };
@@ -13592,11 +13988,25 @@ async function resumeSlackTurn(args) {
       };
     }
   } finally {
+    await processingReaction?.stop();
     await stateAdapter.releaseLock(lock);
   }
   if (deferredPauseHandler) {
     try {
       await deferredPauseHandler();
+      if (deferredPauseKind === "auth") {
+        await postSlackMessageBestEffort(
+          args.channelId,
+          args.threadTs,
+          buildAuthPauseResponse()
+        );
+      }
+      if (deferredPauseKind === "timeout") {
+        await postTurnContinuationNoticeBestEffort({
+          lockKey,
+          resumeArgs: args
+        });
+      }
       return;
     } catch (pauseError) {
       await handleResumeFailure({
@@ -13618,6 +14028,7 @@ async function resumeAuthorizedRequest(args) {
     messageText: args.messageText,
     channelId: args.channelId,
     threadTs: args.threadTs,
+    messageTs: args.messageTs,
     replyContext: args.replyContext,
     lockKey: args.lockKey,
     initialText: args.connectedText,
@@ -13668,6 +14079,20 @@ var MAX_TURN_TIMEOUT_RESUME_SLICE_ID = 5;
 function canScheduleTurnTimeoutResume(nextSliceId) {
   return typeof nextSliceId === "number" && nextSliceId > 1 && nextSliceId <= MAX_TURN_TIMEOUT_RESUME_SLICE_ID;
 }
+async function getAwaitingTurnContinuationRequest(args) {
+  const checkpoint = await getAgentTurnSessionCheckpoint(
+    args.conversationId,
+    args.sessionId
+  );
+  if (!checkpoint || checkpoint.state !== "awaiting_resume" || checkpoint.resumeReason !== "timeout" || !canScheduleTurnTimeoutResume(checkpoint.sliceId)) {
+    return void 0;
+  }
+  return {
+    conversationId: args.conversationId,
+    sessionId: args.sessionId,
+    expectedCheckpointVersion: checkpoint.checkpointVersion
+  };
+}
 function getTurnTimeoutResumeSecret() {
   const explicit = process.env.JUNIOR_INTERNAL_RESUME_SECRET?.trim();
   if (explicit) {
@@ -13926,6 +14351,7 @@ async function resumeAuthorizedMcpTurn(args) {
     messageText: userMessage.text,
     channelId: authSession.channelId,
     threadTs: authSession.threadTs,
+    messageTs: getTurnUserSlackMessageTs(userMessage),
     lockKey: authSession.conversationId,
     connectedText: "",
     replyContext: {
@@ -14367,6 +14793,7 @@ async function resumeCheckpointedOAuthTurn(stored) {
     messageText: stored.pendingMessage ?? userMessage.text,
     channelId: stored.channelId,
     threadTs: stored.threadTs,
+    messageTs: getTurnUserSlackMessageTs(userMessage),
     lockKey: stored.resumeConversationId,
     initialText: "",
     replyContext: {
@@ -14459,14 +14886,15 @@ async function resumePendingOAuthMessage(stored) {
   const conversation = coerceThreadConversationState(
     await getPersistedThreadState(threadId)
   );
-  const latestUserMessageId = [...conversation.messages].reverse().find((message) => message.role === "user")?.id;
+  const latestUserMessage = [...conversation.messages].reverse().find((message) => message.role === "user");
   const conversationContext = buildConversationContext(conversation, {
-    excludeMessageId: latestUserMessageId
+    excludeMessageId: latestUserMessage?.id
   });
   await resumeAuthorizedRequest({
     messageText: stored.pendingMessage,
     channelId: stored.channelId,
     threadTs: stored.threadTs,
+    messageTs: getTurnUserSlackMessageTs(latestUserMessage),
     connectedText: "",
     replyContext: {
       requester: { userId: stored.userId },
@@ -14723,12 +15151,7 @@ async function getJwks(issuer) {
   });
   return jwks;
 }
-function validateSandboxClaim(payload, egressId) {
-  if (payload.sandbox_id !== egressId) {
-    throw new Error("Vercel OIDC token belongs to a different sandbox");
-  }
-}
-async function verifyVercelSandboxOidcToken(token, egressId) {
+async function verifyVercelSandboxOidcToken(token) {
   const unverified = decodeJwt(token);
   if (typeof unverified.iss !== "string") {
     throw new Error("Vercel OIDC token did not include an issuer");
@@ -14737,7 +15160,6 @@ async function verifyVercelSandboxOidcToken(token, egressId) {
   const verified = await jwtVerify(token, jwks, {
     issuer: unverified.iss
   });
-  validateSandboxClaim(verified.payload, egressId);
   return verified.payload;
 }
 
@@ -14746,7 +15168,7 @@ var OIDC_TOKEN_HEADER = "vercel-sandbox-oidc-token";
 var FORWARDED_HOST_HEADER = "vercel-forwarded-host";
 var FORWARDED_SCHEME_HEADER = "vercel-forwarded-scheme";
 var FORWARDED_PORT_HEADER = "vercel-forwarded-port";
-var ROUTE_PREFIX = "/api/internal/sandbox-egress";
+var FORWARDED_PATH_HEADER = "vercel-forwarded-path";
 var HOP_BY_HOP_HEADERS = /* @__PURE__ */ new Set([
   "connection",
   "host",
@@ -14762,12 +15184,63 @@ var PROXY_ONLY_HEADERS = /* @__PURE__ */ new Set([
   OIDC_TOKEN_HEADER,
   FORWARDED_HOST_HEADER,
   FORWARDED_SCHEME_HEADER,
-  FORWARDED_PORT_HEADER
+  FORWARDED_PORT_HEADER,
+  FORWARDED_PATH_HEADER
+]);
+var DECODED_RESPONSE_HEADERS = /* @__PURE__ */ new Set([
+  "content-encoding",
+  "content-length"
 ]);
 var AUTH_REJECTION_STATUS = /* @__PURE__ */ new Set([401, 403]);
 function jsonError(message, status) {
   return Response.json({ error: message }, { status });
 }
+function shouldLogSandboxEgressInfo() {
+  const environment = (process.env.SENTRY_ENVIRONMENT ?? process.env.VERCEL_ENV ?? process.env.NODE_ENV ?? "").trim().toLowerCase();
+  return environment !== "production";
+}
+function egressAttributes(input) {
+  return {
+    ...input.egressId ? { "app.sandbox.egress_id": input.egressId } : {},
+    ...input.provider ? { "app.credential.provider": input.provider } : {},
+    ...input.host ? { "server.address": input.host } : {},
+    ...input.method ? { "http.request.method": input.method } : {},
+    ...input.path ? { "url.path": input.path } : {},
+    ...input.status ? { "http.response.status_code": input.status } : {}
+  };
+}
+function routingAttributes(request, upstreamUrl) {
+  const proxyUrl = new URL(request.url);
+  const attributes = {
+    "app.sandbox.egress.proxy_path": proxyUrl.pathname
+  };
+  if (upstreamUrl) {
+    attributes["app.sandbox.egress.upstream_path"] = upstreamUrl.pathname;
+  }
+  return attributes;
+}
+function logSandboxEgressUpstreamRequest(input) {
+  if (!shouldLogSandboxEgressInfo()) {
+    return;
+  }
+  logInfo(
+    "sandbox_egress_upstream_request",
+    {},
+    {
+      ...egressAttributes({
+        egressId: input.egressId,
+        host: input.upstreamUrl.hostname,
+        method: input.request.method,
+        path: input.upstreamUrl.pathname,
+        provider: input.provider,
+        status: input.upstream.status
+      }),
+      ...routingAttributes(input.request, input.upstreamUrl),
+      "app.sandbox.egress.upstream_ok": input.upstream.ok
+    },
+    `Sandbox egress ${input.request.method} ${input.upstreamUrl.hostname}${input.upstreamUrl.pathname} -> ${input.upstream.status}`
+  );
+}
 function normalizeHost(value) {
   const trimmed = value.trim().toLowerCase();
   if (!trimmed || trimmed.includes("/") || trimmed.includes("\\") || trimmed.includes(":")) {
@@ -14789,18 +15262,27 @@ function normalizePort(value) {
   const port = Number.parseInt(trimmed, 10);
   return port >= 1 && port <= 65535 ? trimmed : void 0;
 }
-function upstreamPath(request, egressId) {
-  const url = new URL(request.url);
-  const prefix = `${ROUTE_PREFIX}/${encodeURIComponent(egressId)}`;
-  if (url.pathname === prefix) {
-    return `/${url.search}`;
-  }
-  if (url.pathname.startsWith(`${prefix}/`)) {
-    return `${url.pathname.slice(prefix.length)}${url.search}`;
+function sandboxIdFromPayload(payload) {
+  return typeof payload.sandbox_id === "string" ? payload.sandbox_id : void 0;
+}
+function upstreamPath(request) {
+  const forwardedPath = request.headers.get(FORWARDED_PATH_HEADER);
+  if (forwardedPath?.trim()) {
+    const path11 = forwardedPath.trim();
+    if (!path11.startsWith("/") || path11.startsWith("//") || path11.includes("#") || /[\r\n]/.test(path11)) {
+      return { ok: false, error: "Invalid forwarded path" };
+    }
+    try {
+      const url2 = new URL(path11, "https://sandbox-forwarded.local");
+      return { ok: true, path: `${url2.pathname}${url2.search}` };
+    } catch {
+      return { ok: false, error: "Invalid forwarded path" };
+    }
   }
-  return void 0;
+  const url = new URL(request.url);
+  return { ok: true, path: `${url.pathname}${url.search}` };
 }
-function buildUpstreamUrl(request, egressId) {
+function buildUpstreamUrl(request) {
   const forwardedHost = request.headers.get(FORWARDED_HOST_HEADER);
   if (!forwardedHost?.trim()) {
     return { ok: false, error: "Missing forwarded host" };
@@ -14822,12 +15304,14 @@ function buildUpstreamUrl(request, egressId) {
   if (forwardedPort && !port) {
     return { ok: false, error: "Invalid forwarded port" };
   }
-  const path11 = upstreamPath(request, egressId);
-  if (!path11) {
-    return { ok: false, error: "Invalid egress route" };
+  const path11 = upstreamPath(request);
+  if (!path11.ok) {
+    return { ok: false, error: path11.error };
   }
   try {
-    const url = new URL(`${scheme}://${host}${port ? `:${port}` : ""}${path11}`);
+    const url = new URL(
+      `${scheme}://${host}${port ? `:${port}` : ""}${path11.path}`
+    );
     return { ok: true, url };
   } catch {
     return { ok: false, error: "Invalid forwarded URL" };
@@ -14862,7 +15346,7 @@ function responseHeaders(upstream) {
   const headers = new Headers();
   upstream.headers.forEach((value, key) => {
     const normalized = key.toLowerCase();
-    if (!HOP_BY_HOP_HEADERS.has(normalized)) {
+    if (!HOP_BY_HOP_HEADERS.has(normalized) && !DECODED_RESPONSE_HEADERS.has(normalized)) {
       headers.append(key, value);
     }
   });
@@ -14901,15 +15385,20 @@ function hasTransformForHost(lease, host) {
     (transform) => matchesSandboxEgressDomain(host, transform.domain)
   );
 }
-async function proxySandboxEgressRequest(request, egressId, deps = {}) {
+function isSandboxEgressForwardedRequest(request) {
+  return Boolean(
+    request.headers.get(OIDC_TOKEN_HEADER)?.trim() && request.headers.get(FORWARDED_HOST_HEADER)?.trim() && request.headers.get(FORWARDED_SCHEME_HEADER)?.trim()
+  );
+}
+async function proxySandboxEgressRequest(request, deps = {}) {
   const oidcToken = request.headers.get(OIDC_TOKEN_HEADER)?.trim();
   if (!oidcToken) {
     return jsonError("Missing Vercel Sandbox OIDC token", 401);
   }
+  let oidcPayload;
   try {
-    await (deps.verifyOidc ?? verifyVercelSandboxOidcToken)(
-      oidcToken,
-      egressId
+    oidcPayload = await (deps.verifyOidc ?? verifyVercelSandboxOidcToken)(
+      oidcToken
     );
   } catch (error) {
     logWarn(
@@ -14922,24 +15411,101 @@ async function proxySandboxEgressRequest(request, egressId, deps = {}) {
     );
     return jsonError("Invalid Vercel Sandbox OIDC token", 401);
   }
-  const upstreamResult = buildUpstreamUrl(request, egressId);
+  const activeEgressId = sandboxIdFromPayload(oidcPayload);
+  if (!activeEgressId) {
+    logWarn(
+      "sandbox_egress_oidc_session_missing",
+      {},
+      {
+        "http.request.method": request.method,
+        "url.path": new URL(request.url).pathname
+      },
+      "Sandbox egress OIDC payload did not include a VM session id"
+    );
+    return jsonError(
+      "Vercel Sandbox OIDC token did not include sandbox_id",
+      401
+    );
+  }
+  const upstreamResult = buildUpstreamUrl(request);
   if (!upstreamResult.ok) {
+    logWarn(
+      "sandbox_egress_upstream_url_invalid",
+      {},
+      {
+        ...egressAttributes({
+          egressId: activeEgressId,
+          method: request.method,
+          path: new URL(request.url).pathname,
+          status: 400
+        }),
+        ...routingAttributes(request)
+      },
+      "Sandbox egress forwarded request had invalid upstream routing headers"
+    );
     return jsonError(upstreamResult.error, 400);
   }
   const upstreamUrl = upstreamResult.url;
   const provider = resolveSandboxEgressProviderForHost(upstreamUrl.hostname);
   if (!provider) {
+    logWarn(
+      "sandbox_egress_provider_unresolved",
+      {},
+      {
+        ...egressAttributes({
+          egressId: activeEgressId,
+          host: upstreamUrl.hostname,
+          method: request.method,
+          path: upstreamUrl.pathname,
+          status: 403
+        }),
+        ...routingAttributes(request, upstreamUrl)
+      },
+      "Sandbox egress forwarded host is not owned by any credential provider"
+    );
     return jsonError("No provider owns forwarded host", 403);
   }
-  const session = await getSandboxEgressSession(egressId);
+  const session = await getSandboxEgressSession(activeEgressId);
   if (!session) {
+    logWarn(
+      "sandbox_egress_session_unauthorized",
+      {},
+      {
+        ...egressAttributes({
+          egressId: activeEgressId,
+          host: upstreamUrl.hostname,
+          method: request.method,
+          path: upstreamUrl.pathname,
+          provider,
+          status: 403
+        }),
+        ...routingAttributes(request, upstreamUrl)
+      },
+      "Sandbox egress VM session is not authorized for requester credentials"
+    );
     return jsonError("Sandbox egress session is not authorized", 403);
   }
   let lease;
   try {
-    lease = await credentialLease(egressId, provider, session);
+    lease = await credentialLease(activeEgressId, provider, session);
   } catch (error) {
     if (error instanceof CredentialUnavailableError) {
+      logWarn(
+        "sandbox_egress_credential_unavailable",
+        {},
+        {
+          ...egressAttributes({
+            egressId: activeEgressId,
+            host: upstreamUrl.hostname,
+            method: request.method,
+            path: upstreamUrl.pathname,
+            provider,
+            status: 401
+          }),
+          ...routingAttributes(request, upstreamUrl)
+        },
+        "Sandbox egress provider credential is unavailable"
+      );
       return new Response(
         `junior-auth-required provider=${error.provider} 401 unauthorized
 ${error.message}`,
@@ -14952,28 +15518,80 @@ ${error.message}`,
     throw error;
   }
   if (!hasTransformForHost(lease, upstreamUrl.hostname)) {
+    logWarn(
+      "sandbox_egress_transform_missing",
+      {},
+      {
+        ...egressAttributes({
+          egressId: activeEgressId,
+          host: upstreamUrl.hostname,
+          method: request.method,
+          path: upstreamUrl.pathname,
+          provider,
+          status: 403
+        }),
+        "app.sandbox.egress.transform_domains": lease.headerTransforms.map(
+          (transform) => transform.domain
+        ),
+        ...routingAttributes(request, upstreamUrl)
+      },
+      "Sandbox egress credential lease does not cover forwarded host"
+    );
     return jsonError("Credential lease does not cover forwarded host", 403);
   }
   const body = await requestBodyBytes(request);
-  const upstream = await (deps.fetch ?? fetch)(upstreamUrl, {
+  const fetchImpl = deps.fetch ?? fetch;
+  const headers = requestHeaders(request, lease, upstreamUrl.hostname);
+  const upstream = await fetchImpl(upstreamUrl, {
     method: request.method,
-    headers: requestHeaders(request, lease, upstreamUrl.hostname),
-    ...body ? { body } : {},
+    headers,
+    ...body !== void 0 ? { body } : {},
     redirect: "manual"
   });
+  logSandboxEgressUpstreamRequest({
+    egressId: activeEgressId,
+    provider,
+    request,
+    upstream,
+    upstreamUrl
+  });
+  if (upstream.status >= 400) {
+    logWarn(
+      "sandbox_egress_upstream_error_response",
+      {},
+      {
+        ...egressAttributes({
+          egressId: activeEgressId,
+          host: upstreamUrl.hostname,
+          method: request.method,
+          path: upstreamUrl.pathname,
+          provider,
+          status: upstream.status
+        }),
+        ...routingAttributes(request, upstreamUrl),
+        "error.type": `http_${upstream.status}`
+      },
+      `Sandbox egress upstream returned HTTP ${upstream.status}`
+    );
+  }
   if (AUTH_REJECTION_STATUS.has(upstream.status)) {
     logWarn(
       "sandbox_egress_upstream_auth_rejected",
       {},
       {
-        "app.credential.provider": provider,
-        "http.request.method": request.method,
-        "http.response.status_code": upstream.status,
-        "server.address": upstreamUrl.hostname
+        ...egressAttributes({
+          egressId: activeEgressId,
+          host: upstreamUrl.hostname,
+          method: request.method,
+          path: upstreamUrl.pathname,
+          provider,
+          status: upstream.status
+        }),
+        ...routingAttributes(request, upstreamUrl)
       },
       "Sandbox egress upstream auth rejected"
     );
-    await clearSandboxEgressCredentialLease(egressId, provider, session);
+    await clearSandboxEgressCredentialLease(activeEgressId, provider, session);
   }
   return new Response(upstream.body, {
     status: upstream.status,
@@ -14983,57 +15601,18 @@ ${error.message}`,
 }
 
 // src/handlers/sandbox-egress-proxy.ts
-async function ALL(request, egressId) {
-  return await proxySandboxEgressRequest(request, egressId);
-}
-
-// src/chat/slack/context.ts
-function toTrimmedSlackString(value) {
-  const normalized = toOptionalString(value);
-  return normalized?.trim() || void 0;
+async function ALL(request) {
+  return await proxySandboxEgressRequest(request);
 }
-function parseSlackThreadId(threadId) {
-  const normalizedThreadId = toTrimmedSlackString(threadId);
-  if (!normalizedThreadId) {
-    return void 0;
-  }
-  const parts = normalizedThreadId.split(":");
-  if (parts.length !== 3 || parts[0] !== "slack") {
-    return void 0;
-  }
-  const channelId = toTrimmedSlackString(parts[1]);
-  const threadTs = toTrimmedSlackString(parts[2]);
-  if (!channelId || !threadTs) {
-    return void 0;
-  }
-  return { channelId, threadTs };
-}
-function resolveSlackChannelIdFromThreadId(threadId) {
-  return parseSlackThreadId(threadId)?.channelId;
-}
-function resolveSlackChannelIdFromMessage(message) {
-  const messageChannelId = toTrimmedSlackString(
-    message.channelId
-  );
-  if (messageChannelId) {
-    return messageChannelId;
-  }
-  const raw = message.raw;
-  if (raw && typeof raw === "object") {
-    const rawChannel = toTrimmedSlackString(
-      raw.channel
-    );
-    if (rawChannel) {
-      return rawChannel;
-    }
-  }
-  const threadId = toTrimmedSlackString(
-    message.threadId
-  );
-  return resolveSlackChannelIdFromThreadId(threadId);
+function isSandboxEgressRequest(request) {
+  return isSandboxEgressForwardedRequest(request);
 }
 
 // src/handlers/turn-resume.ts
+var TIMEOUT_RESUME_LOCK_RETRY_DELAYS_MS = [250, 1e3, 2e3];
+function sleep3(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
 async function persistCompletedReplyState2(args) {
   const currentState = await getPersistedThreadState(
     args.checkpoint.conversationId
@@ -15233,25 +15812,53 @@ async function resumeTimedOutTurn(payload) {
     }
   });
 }
-async function POST(request, waitUntil) {
-  const payload = await verifyTurnTimeoutResumeRequest(request);
-  if (!payload) {
-    return new Response("Unauthorized", { status: 401 });
-  }
-  waitUntil(
-    () => resumeTimedOutTurn(payload).catch((error) => {
-      if (error instanceof ResumeTurnBusyError) {
+async function resumeTimedOutTurnWithLockRetry(payload) {
+  for (const [attempt, delayMs] of [
+    ...TIMEOUT_RESUME_LOCK_RETRY_DELAYS_MS,
+    void 0
+  ].entries()) {
+    try {
+      await resumeTimedOutTurn(payload);
+      return;
+    } catch (error) {
+      if (!(error instanceof ResumeTurnBusyError)) {
+        throw error;
+      }
+      if (typeof delayMs !== "number") {
         logWarn(
           "timeout_resume_lock_busy",
           {},
           {
             "app.ai.conversation_id": payload.conversationId,
-            "app.ai.session_id": payload.sessionId
+            "app.ai.session_id": payload.sessionId,
+            "app.ai.resume_lock_retry_count": attempt
           },
-          "Skipped timeout resume because another turn owns the thread lock"
+          "Skipped timeout resume because another turn still owns the thread lock"
         );
         return;
       }
+      logWarn(
+        "timeout_resume_lock_busy_retrying",
+        {},
+        {
+          "app.ai.conversation_id": payload.conversationId,
+          "app.ai.session_id": payload.sessionId,
+          "app.ai.resume_lock_retry_attempt": attempt + 1,
+          "app.ai.resume_lock_retry_delay_ms": delayMs
+        },
+        "Timeout resume lock was busy; retrying"
+      );
+      await sleep3(delayMs);
+    }
+  }
+}
+async function POST(request, waitUntil) {
+  const payload = await verifyTurnTimeoutResumeRequest(request);
+  if (!payload) {
+    return new Response("Unauthorized", { status: 401 });
+  }
+  waitUntil(
+    () => resumeTimedOutTurnWithLockRetry(payload).catch((error) => {
       logException(
         error,
         "timeout_resume_handler_failed",
@@ -15293,11 +15900,11 @@ var DIRECTED_FOLLOW_UP_CUE_RE = /\b(?:you said|you just said|your last response|
 var TERSE_CLARIFICATION_RE = /^(?:which one|which ones|why|how so|what do you mean|what did you mean|say more|explain that|clarify that|expand on that|elaborate on that)\??$/i;
 var GENERIC_IMMEDIATE_SIDE_CONVERSATION_RE = /^(?:is that (?:the )?right (?:approach|call|move)|(?:can|could|would) you check on this)\??$/i;
 var RECENT_THREAD_WINDOW = 6;
-function escapeRegExp2(value) {
+function escapeRegExp3(value) {
   return value.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
 }
 function containsAssistantInvocation(text, botUserName) {
-  const escapedUserName = escapeRegExp2(botUserName);
+  const escapedUserName = escapeRegExp3(botUserName);
   const plainNameMentionRe = new RegExp(`(^|\\s)@${escapedUserName}\\b`, "i");
   const labeledEntityMentionRe = new RegExp(
     `<@[^>|]+\\|${escapedUserName}>`,
@@ -15567,69 +16174,29 @@ async function decideSubscribedThreadReply(args) {
     if (!parsed.should_reply) {
       return {
         shouldReply: false,
-        reason: "side_conversation" /* SideConversation */,
-        reasonDetail: reason
-      };
-    }
-    if (parsed.confidence < replyConfidenceThreshold) {
-      return {
-        shouldReply: false,
-        reason: "low_confidence" /* LowConfidence */,
-        reasonDetail: `${parsed.confidence.toFixed(2)}: ${reason}`
-      };
-    }
-    return {
-      shouldReply: true,
-      reason: "llm_classifier" /* Classifier */,
-      reasonDetail: reason
-    };
-  } catch (error) {
-    args.logClassifierFailure(error, args.input);
-    return {
-      shouldReply: false,
-      reason: "classifier_error" /* ClassifierError */
-    };
-  }
-}
-
-// src/chat/slack/errors.ts
-function getSlackApiErrorCode(error) {
-  if (!error || typeof error !== "object") {
-    return void 0;
-  }
-  const candidate = error;
-  if (typeof candidate.data?.error === "string" && candidate.data.error.trim().length > 0) {
-    return candidate.data.error;
-  }
-  if (typeof candidate.code === "string" && candidate.code.trim().length > 0) {
-    return candidate.code;
-  }
-  return void 0;
-}
-function getSlackErrorObservabilityAttributes(error) {
-  if (!error || typeof error !== "object") {
-    return {};
-  }
-  const candidate = error;
-  const attributes = {};
-  if (typeof candidate.code === "string" && candidate.code.trim().length > 0) {
-    attributes["app.slack.error_code"] = candidate.code;
-  }
-  if (typeof candidate.data?.error === "string" && candidate.data.error.trim().length > 0) {
-    attributes["app.slack.api_error"] = candidate.data.error;
-  }
-  const requestId = getHeaderString(candidate.headers, "x-slack-req-id");
-  if (requestId) {
-    attributes["app.slack.request_id"] = requestId;
-  }
-  if (typeof candidate.statusCode === "number" && Number.isFinite(candidate.statusCode)) {
-    attributes["http.response.status_code"] = candidate.statusCode;
+        reason: "side_conversation" /* SideConversation */,
+        reasonDetail: reason
+      };
+    }
+    if (parsed.confidence < replyConfidenceThreshold) {
+      return {
+        shouldReply: false,
+        reason: "low_confidence" /* LowConfidence */,
+        reasonDetail: `${parsed.confidence.toFixed(2)}: ${reason}`
+      };
+    }
+    return {
+      shouldReply: true,
+      reason: "llm_classifier" /* Classifier */,
+      reasonDetail: reason
+    };
+  } catch (error) {
+    args.logClassifierFailure(error, args.input);
+    return {
+      shouldReply: false,
+      reason: "classifier_error" /* ClassifierError */
+    };
   }
-  return attributes;
-}
-function isSlackTitlePermissionError(error) {
-  const code = getSlackApiErrorCode(error);
-  return code === "no_permission" || code === "missing_scope" || code === "not_allowed_token_type";
 }
 
 // src/chat/runtime/slack-runtime.ts
@@ -15657,6 +16224,14 @@ function buildLogContext(deps, args) {
 }
 function createSlackTurnRuntime(deps) {
   const logContext = (args) => buildLogContext(deps, args);
+  const createToolInvocationHook = (processingReaction, hooks) => {
+    return (invocation) => {
+      if (shouldKeepProcessingReactionForToolInvocation(invocation)) {
+        processingReaction.keep();
+      }
+      hooks?.onToolInvocation?.(invocation);
+    };
+  };
   const postFallbackErrorReplyWithLogging = async (args) => {
     try {
       await args.thread.post(buildTurnFailureResponse(args.eventId));
@@ -15710,6 +16285,7 @@ function createSlackTurnRuntime(deps) {
   };
   return {
     async handleNewMention(thread, message, hooks) {
+      let processingReaction;
       try {
         const threadId = deps.getThreadId(thread, message);
         const channelId = deps.getChannelId(thread, message);
@@ -15721,11 +16297,22 @@ function createSlackTurnRuntime(deps) {
           requesterUserName: message.author.userName,
           runId
         });
+        processingReaction = await startSlackProcessingReaction({
+          thread,
+          message,
+          logException: deps.logException,
+          logContext: context
+        });
+        const toolInvocationHook = createToolInvocationHook(
+          processingReaction,
+          hooks
+        );
         await deps.withSpan("chat.turn", "chat.turn", context, async () => {
           await thread.subscribe();
           await deps.replyToThread(thread, message, {
             explicitMention: true,
-            beforeFirstResponsePost: hooks?.beforeFirstResponsePost
+            beforeFirstResponsePost: hooks?.beforeFirstResponsePost,
+            onToolInvocation: toolInvocationHook
           });
         });
       } catch (error) {
@@ -15766,113 +16353,123 @@ function createSlackTurnRuntime(deps) {
           postFailureEventName: "mention_handler_failure_reply_post_failed",
           postFailureBody: "Failed to post fallback error reply for mention handler"
         });
+      } finally {
+        await processingReaction?.stop();
       }
     },
     async handleSubscribedMessage(thread, message, hooks) {
+      let processingReaction;
       try {
         const threadId = deps.getThreadId(thread, message);
         const channelId = deps.getChannelId(thread, message);
         const runId = deps.getRunId(thread, message);
-        await deps.withSpan(
-          "chat.turn",
-          "chat.turn",
-          logContext({
+        const context = logContext({
+          threadId,
+          requesterId: message.author.userId,
+          requesterUserName: message.author.userName,
+          channelId,
+          runId
+        });
+        processingReaction = await startSlackProcessingReaction({
+          thread,
+          message,
+          logException: deps.logException,
+          logContext: context
+        });
+        const toolInvocationHook = createToolInvocationHook(
+          processingReaction,
+          hooks
+        );
+        await deps.withSpan("chat.turn", "chat.turn", context, async () => {
+          const legacyAttachmentText = renderSlackLegacyAttachmentText(
+            message.raw
+          );
+          const rawUserText = appendSlackLegacyAttachmentText(
+            message.text,
+            message.raw
+          );
+          const strippedUserText = deps.stripLeadingBotMention(message.text, {
+            stripLeadingSlackMentionToken: Boolean(message.isMention)
+          });
+          const userText = appendSlackLegacyAttachmentText(
+            strippedUserText,
+            message.raw
+          );
+          const context2 = {
             threadId,
             requesterId: message.author.userId,
-            requesterUserName: message.author.userName,
             channelId,
             runId
-          }),
-          async () => {
-            const legacyAttachmentText = renderSlackLegacyAttachmentText(
-              message.raw
-            );
-            const rawUserText = appendSlackLegacyAttachmentText(
-              message.text,
-              message.raw
-            );
-            const strippedUserText = deps.stripLeadingBotMention(message.text, {
-              stripLeadingSlackMentionToken: Boolean(message.isMention)
-            });
-            const userText = appendSlackLegacyAttachmentText(
-              strippedUserText,
-              message.raw
-            );
-            const context = {
-              threadId,
-              requesterId: message.author.userId,
-              channelId,
-              runId
-            };
-            const preflightDecision = getSubscribedReplyPreflightDecision({
-              botUserName: deps.assistantUserName,
-              rawText: rawUserText,
-              text: userText,
-              isExplicitMention: Boolean(message.isMention)
-            });
-            if (preflightDecision && !preflightDecision.shouldReply) {
-              const reason = preflightDecision.reasonDetail ? `${preflightDecision.reason}:${preflightDecision.reasonDetail}` : preflightDecision.reason;
-              await skipSubscribedMessage({
-                thread,
-                message,
-                decision: { shouldReply: false, reason },
-                context,
-                userText
-              });
-              return;
-            }
-            const preparedState = await deps.prepareTurnState({
+          };
+          const preflightDecision = getSubscribedReplyPreflightDecision({
+            botUserName: deps.assistantUserName,
+            rawText: rawUserText,
+            text: userText,
+            isExplicitMention: Boolean(message.isMention)
+          });
+          if (preflightDecision && !preflightDecision.shouldReply) {
+            const reason = preflightDecision.reasonDetail ? `${preflightDecision.reason}:${preflightDecision.reasonDetail}` : preflightDecision.reason;
+            await skipSubscribedMessage({
               thread,
               message,
-              userText,
-              explicitMention: Boolean(message.isMention),
-              context
+              decision: { shouldReply: false, reason },
+              context: context2,
+              userText
             });
-            await deps.persistPreparedState({
+            return;
+          }
+          const preparedState = await deps.prepareTurnState({
+            thread,
+            message,
+            userText,
+            explicitMention: Boolean(message.isMention),
+            context: context2
+          });
+          await deps.persistPreparedState({
+            thread,
+            preparedState
+          });
+          const decision = await deps.decideSubscribedReply({
+            rawText: rawUserText,
+            text: userText,
+            conversationContext: deps.getPreparedConversationContext(preparedState),
+            hasAttachments: message.attachments.length > 0 || legacyAttachmentText !== "",
+            isExplicitMention: Boolean(message.isMention),
+            context: context2
+          });
+          if (await maybeHandleThreadOptOutDecision({
+            thread,
+            decision,
+            beforeFirstResponsePost: hooks?.beforeFirstResponsePost
+          })) {
+            await skipSubscribedMessage({
               thread,
-              preparedState
-            });
-            const decision = await deps.decideSubscribedReply({
-              rawText: rawUserText,
-              text: userText,
-              conversationContext: deps.getPreparedConversationContext(preparedState),
-              hasAttachments: message.attachments.length > 0 || legacyAttachmentText !== "",
-              isExplicitMention: Boolean(message.isMention),
-              context
+              message,
+              decision,
+              context: context2,
+              preparedState,
+              userText
             });
-            if (await maybeHandleThreadOptOutDecision({
+            return;
+          }
+          if (!decision.shouldReply) {
+            await skipSubscribedMessage({
               thread,
+              message,
               decision,
-              beforeFirstResponsePost: hooks?.beforeFirstResponsePost
-            })) {
-              await skipSubscribedMessage({
-                thread,
-                message,
-                decision,
-                context,
-                preparedState,
-                userText
-              });
-              return;
-            }
-            if (!decision.shouldReply) {
-              await skipSubscribedMessage({
-                thread,
-                message,
-                decision,
-                context,
-                preparedState,
-                userText
-              });
-              return;
-            }
-            await deps.replyToThread(thread, message, {
-              explicitMention: Boolean(message.isMention),
+              context: context2,
               preparedState,
-              beforeFirstResponsePost: hooks?.beforeFirstResponsePost
+              userText
             });
+            return;
           }
-        );
+          await deps.replyToThread(thread, message, {
+            explicitMention: Boolean(message.isMention),
+            preparedState,
+            beforeFirstResponsePost: hooks?.beforeFirstResponsePost,
+            onToolInvocation: toolInvocationHook
+          });
+        });
       } catch (error) {
         const errorContext = logContext({
           threadId: deps.getThreadId(thread, message),
@@ -15911,6 +16508,8 @@ function createSlackTurnRuntime(deps) {
           postFailureEventName: "subscribed_message_handler_failure_reply_post_failed",
           postFailureBody: "Failed to post fallback error reply for subscribed message handler"
         });
+      } finally {
+        await processingReaction?.stop();
       }
     },
     async handleAssistantThreadStarted(event) {
@@ -16608,6 +17207,7 @@ function createJuniorRuntimeServices(overrides = {}) {
     conversationMemory,
     replyExecutor: {
       generateAssistantReply: overrides.replyExecutor?.generateAssistantReply ?? generateAssistantReply,
+      getAwaitingTurnContinuationRequest: overrides.replyExecutor?.getAwaitingTurnContinuationRequest ?? getAwaitingTurnContinuationRequest,
       lookupSlackUser: overrides.replyExecutor?.lookupSlackUser ?? lookupSlackUser,
       scheduleTurnTimeoutResume: overrides.replyExecutor?.scheduleTurnTimeoutResume ?? scheduleTurnTimeoutResume,
       generateThreadTitle: conversationMemory.generateThreadTitle
@@ -16620,8 +17220,14 @@ function createJuniorRuntimeServices(overrides = {}) {
 }
 
 // src/chat/slack/message.ts
+function isSlackMessageTs(value) {
+  return /^\d+(?:\.\d+)?$/.test(value.trim());
+}
 function getSlackMessageTs(message) {
-  if (message.id.endsWith(":message_changed_mention") && message.raw && typeof message.raw === "object") {
+  if (isSlackMessageTs(message.id)) {
+    return message.id;
+  }
+  if (message.raw && typeof message.raw === "object") {
     const ts = message.raw.ts;
     if (typeof ts === "string" && ts.length > 0) {
       return ts;
@@ -16630,74 +17236,6 @@ function getSlackMessageTs(message) {
   return message.id;
 }
 
-// src/chat/runtime/thread-context.ts
-function escapeRegExp3(value) {
-  return value.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
-}
-function stripLeadingBotMention(text, options = {}) {
-  if (!text.trim()) return text;
-  let next = text;
-  if (options.stripLeadingSlackMentionToken) {
-    next = next.replace(/^\s*<@[^>]+>[\s,:-]*/, "").trim();
-  }
-  const mentionByNameRe = new RegExp(
-    `^\\s*@${escapeRegExp3(botConfig.userName)}\\b[\\s,:-]*`,
-    "i"
-  );
-  next = next.replace(mentionByNameRe, "").trim();
-  const mentionByLabeledEntityRe = new RegExp(
-    `^\\s*<@[^>|]+\\|${escapeRegExp3(botConfig.userName)}>[\\s,:-]*`,
-    "i"
-  );
-  next = next.replace(mentionByLabeledEntityRe, "").trim();
-  return next;
-}
-function getThreadId(thread, _message) {
-  return toOptionalString(thread.id);
-}
-function getRunId(thread, message) {
-  return toOptionalString(thread.runId) ?? toOptionalString(message.runId);
-}
-function getChannelId(thread, message) {
-  return resolveSlackChannelIdFromThreadId(toOptionalString(thread.id)) ?? normalizeSlackConversationId(toOptionalString(thread.channelId)) ?? resolveSlackChannelIdFromMessage(message);
-}
-function getThreadTs(threadId) {
-  return parseSlackThreadId(threadId)?.threadTs;
-}
-function getAssistantThreadContext(message) {
-  const raw = message.raw;
-  const rawRecord = raw && typeof raw === "object" ? raw : void 0;
-  const channelId = toOptionalString(rawRecord?.channel);
-  if (channelId) {
-    const rawThreadTs = toOptionalString(rawRecord?.thread_ts);
-    const threadTs = isDmChannel(channelId) ? rawThreadTs : rawThreadTs ?? toOptionalString(rawRecord?.ts);
-    if (threadTs) {
-      return { channelId, threadTs };
-    }
-  }
-  const parsedThreadId = parseSlackThreadId(
-    toOptionalString(message.threadId)
-  );
-  if (!parsedThreadId || isDmChannel(parsedThreadId.channelId)) {
-    return void 0;
-  }
-  return parsedThreadId;
-}
-function getMessageTs(message) {
-  const directTs = toOptionalString(
-    message.ts
-  );
-  if (directTs) {
-    return directTs;
-  }
-  const raw = message.raw;
-  if (!raw || typeof raw !== "object") {
-    return void 0;
-  }
-  const rawRecord = raw;
-  return toOptionalString(rawRecord.ts) ?? toOptionalString(rawRecord.event_ts) ?? toOptionalString(rawRecord.message?.ts);
-}
-
 // src/chat/slack/assistant-thread/title.ts
 function maybeUpdateAssistantTitle(args) {
   const assistantThreadContext = args.assistantThreadContext;
@@ -16814,11 +17352,6 @@ function createReplyToThread(deps) {
         });
         const slackMessageTs = getSlackMessageTs(message);
         const turnId = buildDeterministicTurnId(message.id);
-        startActiveTurn({
-          conversation: preparedState.conversation,
-          nextTurnId: turnId,
-          updateConversationStats
-        });
         const turnTraceContext = {
           conversationId,
           slackThreadId: threadId,
@@ -16828,6 +17361,98 @@ function createReplyToThread(deps) {
           assistantUserName: botConfig.userName,
           modelId: botConfig.modelId
         };
+        let beforeFirstResponsePostCalled = false;
+        const beforeFirstResponsePost = async () => {
+          if (beforeFirstResponsePostCalled) {
+            return;
+          }
+          beforeFirstResponsePostCalled = true;
+          await options.beforeFirstResponsePost?.();
+        };
+        const postTurnContinuationNotice = async () => {
+          try {
+            await beforeFirstResponsePost();
+            await thread.post(
+              buildSlackOutputMessage(buildTurnContinuationResponse())
+            );
+          } catch (error) {
+            logException(
+              error,
+              "slack_turn_continuation_notice_post_failed",
+              turnTraceContext,
+              {
+                "app.slack.reply_stage": "thread_reply_turn_continuation_notice",
+                ...messageTs ? { "messaging.message.id": messageTs } : {},
+                ...getSlackErrorObservabilityAttributes(error)
+              },
+              "Failed to post turn continuation notice"
+            );
+            throw error;
+          }
+        };
+        const postAuthPauseNotice = async () => {
+          try {
+            await beforeFirstResponsePost();
+            await thread.post(
+              buildSlackOutputMessage(buildAuthPauseResponse())
+            );
+          } catch (error) {
+            logException(
+              error,
+              "slack_auth_pause_notice_post_failed",
+              turnTraceContext,
+              {
+                "app.slack.reply_stage": "thread_reply_auth_pause_notice",
+                ...messageTs ? { "messaging.message.id": messageTs } : {},
+                ...getSlackErrorObservabilityAttributes(error)
+              },
+              "Failed to post auth pause notice"
+            );
+          }
+        };
+        const activeTurnId = preparedState.conversation.processing.activeTurnId;
+        if (conversationId && activeTurnId) {
+          const resumeRequest = await deps.services.getAwaitingTurnContinuationRequest({
+            conversationId,
+            sessionId: activeTurnId
+          });
+          if (resumeRequest) {
+            try {
+              await deps.services.scheduleTurnTimeoutResume(resumeRequest);
+            } catch (error) {
+              logException(
+                error,
+                "agent_turn_continuation_retry_schedule_failed",
+                turnTraceContext,
+                {
+                  "app.ai.resume_checkpoint_version": resumeRequest.expectedCheckpointVersion,
+                  "app.ai.resume_session_id": resumeRequest.sessionId,
+                  ...messageTs ? { "messaging.message.id": messageTs } : {}
+                },
+                "Failed to reschedule active turn continuation"
+              );
+              throw error;
+            }
+            await postTurnContinuationNotice();
+            markConversationMessage(
+              preparedState.conversation,
+              preparedState.userMessageId,
+              {
+                replied: true,
+                skippedReason: void 0
+              }
+            );
+            await persistThreadState(thread, {
+              conversation: preparedState.conversation
+            });
+            return;
+          }
+        }
+        startActiveTurn({
+          conversation: preparedState.conversation,
+          nextTurnId: turnId,
+          updateConversationStats
+        });
         setTags({
           conversationId
         });
@@ -16869,14 +17494,6 @@ function createReplyToThread(deps) {
           threadTs: assistantThreadContext?.threadTs,
           getSlackAdapter: deps.getSlackAdapter
         });
-        let beforeFirstResponsePostCalled = false;
-        const beforeFirstResponsePost = async () => {
-          if (beforeFirstResponsePostCalled) {
-            return;
-          }
-          beforeFirstResponsePostCalled = true;
-          await options.beforeFirstResponsePost?.();
-        };
         const postThreadReply = async (payload, stage) => {
           await beforeFirstResponsePost();
           try {
@@ -16963,7 +17580,8 @@ function createReplyToThread(deps) {
                 conversation: preparedState.conversation
               });
             },
-            onStatus: (nextStatus) => status.update(nextStatus)
+            onStatus: (nextStatus) => status.update(nextStatus),
+            onToolInvocation: options.onToolInvocation
           });
           const diagnosticsContext = {
             slackThreadId: threadId,
@@ -17106,6 +17724,7 @@ function createReplyToThread(deps) {
           }
         } catch (error) {
           if (isRetryableTurnError(error, "mcp_auth_resume") || isRetryableTurnError(error, "plugin_auth_resume")) {
+            await postAuthPauseNotice();
             completeAuthPauseTurn({
               conversation: preparedState.conversation,
               sessionId: error.metadata?.sessionId ?? turnId
@@ -17130,7 +17749,6 @@ function createReplyToThread(deps) {
                   expectedCheckpointVersion: checkpointVersion
                 });
                 shouldPersistFailureState = false;
-                return;
               } catch (scheduleError) {
                 logException(
                   scheduleError,
@@ -17142,7 +17760,11 @@ function createReplyToThread(deps) {
                   },
                   "Failed to schedule timeout resume callback"
                 );
+                shouldPersistFailureState = true;
+                throw scheduleError;
               }
+              await postTurnContinuationNotice();
+              return;
             } else if (conversationIdForResume && sessionIdForResume && typeof checkpointVersion === "number") {
               logWarn(
                 "agent_turn_timeout_resume_slice_limit_reached",
@@ -17599,75 +18221,53 @@ function enqueueBackgroundTask(options, task) {
     throw new Error("Chat background processing requires waitUntil");
   }
   options.waitUntil(task);
+  return task;
 }
 var JuniorChat = class extends Chat {
   /**
    * Normalize Slack thread IDs before the SDK's concurrency queue.
    *
-   * The SDK uses the `threadId` parameter as the lock/queue key
-   * (Chat.handleIncomingMessage → getLockKey). @chat-adapter/slack
-   * (as of 4.22.0) builds DM thread IDs as `slack:<channel>:` (empty
-   * thread_ts) when the Slack event has no `thread_ts` field — it uses
-   * `event.thread_ts || ""` instead of falling back to `event.ts`.
-   * See @chat-adapter/slack/dist/index.js:1466.
-   *
-   * A DM root event arrives as `slack:D123:` while a reply in the same
-   * thread carries `slack:D123:<ts>`, splitting the lock/state/subscription
-   * keys and breaking conversation continuity.
-   *
-   * We fix this by resolving the message eagerly (even when the adapter
-   * provides a factory), deriving the canonical thread ID from
-   * `raw.channel` + `raw.thread_ts ?? raw.ts`, and passing both the
-   * normalized threadId and concrete message to super.processMessage.
-   *
-   * Remove this override when @chat-adapter/slack uses `event.ts` as
-   * the DM thread_ts fallback.
+   * Slack DM roots can arrive with an empty thread timestamp, while
+   * later replies include the root timestamp. Resolve factories before
+   * delegating so the lock/state/subscription key is canonicalized before
+   * the SDK computes its per-thread queue key.
    */
   processMessage(adapter, threadId, messageOrFactory, options) {
     if (typeof messageOrFactory === "function") {
       const runtime = this;
-      enqueueBackgroundTask(
+      return enqueueBackgroundTask(
         options,
         (async () => {
+          let message2;
           try {
-            const message = await messageOrFactory();
-            if (isExternalSlackUser(message.raw)) {
-              return;
-            }
-            const normalized = normalizeIncomingSlackThreadId(
-              threadId,
-              message
-            );
-            if (normalized !== threadId && "threadId" in message) {
-              message.threadId = normalized;
-            }
-            super.processMessage(adapter, normalized, message, options);
+            message2 = await messageOrFactory();
           } catch (error) {
             runtime.logger?.error?.("Message factory resolution error", {
               error,
               threadId
             });
+            return;
+          }
+          if (isExternalSlackUser(message2.raw)) {
+            return;
           }
+          const normalized2 = normalizeIncomingSlackThreadId(threadId, message2);
+          if (normalized2 !== threadId && "threadId" in message2) {
+            message2.threadId = normalized2;
+          }
+          await super.processMessage(adapter, normalized2, message2, options);
         })()
       );
-      return;
     }
-    if (isExternalSlackUser(messageOrFactory.raw)) {
-      return;
+    const message = messageOrFactory;
+    if (isExternalSlackUser(message.raw)) {
+      return Promise.resolve();
     }
-    enqueueBackgroundTask(
-      options,
-      (async () => {
-        const normalized = normalizeIncomingSlackThreadId(
-          threadId,
-          messageOrFactory
-        );
-        if (normalized !== threadId && "threadId" in messageOrFactory) {
-          messageOrFactory.threadId = normalized;
-        }
-        super.processMessage(adapter, normalized, messageOrFactory, options);
-      })()
-    );
+    const normalized = normalizeIncomingSlackThreadId(threadId, message);
+    if (normalized !== threadId && "threadId" in message) {
+      message.threadId = normalized;
+    }
+    return super.processMessage(adapter, normalized, message, options);
   }
   processReaction(event, options) {
     const runtime = this;
@@ -18351,6 +18951,12 @@ async function createApp(options) {
     logException(err, "unhandled_route_error");
     return c.text("Internal Server Error", 500);
   });
+  app.use("*", async (c, next) => {
+    if (isSandboxEgressRequest(c.req.raw)) {
+      return await ALL(c.req.raw);
+    }
+    await next();
+  });
   app.get("/", () => GET3());
   app.get("/health", () => GET2());
   app.get("/api/info", () => GET());
@@ -18363,12 +18969,6 @@ async function createApp(options) {
   app.post("/api/internal/turn-resume", (c) => {
     return POST(c.req.raw, waitUntil);
   });
-  app.all("/api/internal/sandbox-egress/:egressId", (c) => {
-    return ALL(c.req.raw, c.req.param("egressId"));
-  });
-  app.all("/api/internal/sandbox-egress/:egressId/*", (c) => {
-    return ALL(c.req.raw, c.req.param("egressId"));
-  });
   app.post("/api/webhooks/:platform", (c) => {
     return POST2(c.req.raw, c.req.param("platform"), waitUntil);
   });