@slock-ai/daemon 0.41.0 → 0.42.0

package/dist/{chunk-KFVDXO5Y.js → chunk-RNEIFBXW.js}

@@ -4,8 +4,8 @@ import {
 } from "./chunk-JG7ONJZ6.js";
 
 // src/core.ts
-import path11 from "path";
-import os4 from "os";
+import path12 from "path";
+import os5 from "os";
 import { createRequire } from "module";
 import { accessSync } from "fs";
 import { fileURLToPath } from "url";
@@ -582,6 +582,7 @@ var DISPLAY_PLAN_CONFIG = {
 };
 
 // src/agentProcessManager.ts
+import { mkdirSync as mkdirSync4, readdirSync, statSync, writeFileSync as writeFileSync7 } from "fs";
 import { mkdir, writeFile, access, readdir as readdir2, stat as stat2, readFile, rm as rm2 } from "fs/promises";
 import path10 from "path";
 import os3 from "os";
@@ -599,6 +600,27 @@ import path from "path";
 function toolRef(prefix, name) {
   return `${prefix}${name}`;
 }
+function runtimeContextLines(config) {
+  const ctx = config.runtimeContext;
+  if (!ctx) return [];
+  const lines = [
+    "## Current Runtime Context",
+    "",
+    "This is authoritative context injected by Slock. Do not infer computer identity from hostname or cwd when this section is present.",
+    ""
+  ];
+  if (ctx.agentId) lines.push(`- Agent ID: ${ctx.agentId}`);
+  if (ctx.serverId) lines.push(`- Server ID: ${ctx.serverId}`);
+  if (ctx.machineName || ctx.machineId) {
+    const label = ctx.machineName && ctx.machineId ? `${ctx.machineName} (${ctx.machineId})` : ctx.machineName || ctx.machineId;
+    lines.push(`- Computer: ${label}`);
+  }
+  if (ctx.machineHostname) lines.push(`- Hostname: ${ctx.machineHostname}`);
+  if (ctx.machineOs) lines.push(`- OS: ${ctx.machineOs}`);
+  if (ctx.daemonVersion) lines.push(`- Daemon: v${ctx.daemonVersion}`);
+  if (ctx.workspacePath) lines.push(`- Workspace: ${ctx.workspacePath}`);
+  return lines.length > 4 ? lines : [];
+}
 function buildPrompt(config, variant, opts) {
   const isCli = variant === "cli";
   const t = (name) => toolRef(opts.toolPrefix, name);
@@ -621,13 +643,18 @@ function buildPrompt(config, variant, opts) {
     "- Use only the provided MCP tools for messaging \u2014 they are already available and ready.",
     `- Always claim a task via ${taskClaimCmd} before starting work on it. If the claim fails, move on to a different task.`
   ];
+  const runtimeProfileControlStartupStep = config.runtimeProfileControl ? [
+    "0. If this system prompt contains a **Runtime Profile Control** section, complete that runtime-control instruction first. Do not read MEMORY.md, check messages, or respond to inbox messages until the required runtime control action has succeeded."
+  ] : [];
   const startupSteps = isCli ? [
+    ...runtimeProfileControlStartupStep,
     "1. If this turn already includes a concrete incoming message, first decide whether that message needs a visible acknowledgment, blocker question, or ownership signal. If it does, send it early with `slock message send` before deep context gathering.",
     "2. Read MEMORY.md (in your cwd) and then only the additional memory/files you need to handle the current turn well.",
     `3. If there is no concrete incoming message to handle, stop and wait. ${messageDeliveryText}`,
     "4. When you receive a message, process it and reply with `slock message send`.",
     "5. **Complete ALL your work before stopping.** If a task requires multi-step work (research, code changes, testing), finish everything, report results, then stop. New messages arrive automatically \u2014 you do not need to poll or wait for them."
   ] : [
+    ...runtimeProfileControlStartupStep,
     `1. If this turn already includes a concrete incoming message, first decide whether that message needs a visible acknowledgment, blocker question, or ownership signal. If it does, send it early with ${sendCmd} before deep context gathering.`,
     "2. Read MEMORY.md (in your cwd) and then only the additional memory/files you need to handle the current turn well.",
     `3. If there is no concrete incoming message to handle, stop and wait. ${messageDeliveryText}`,
@@ -641,20 +668,23 @@ Use the \`slock\` CLI for chat / task / attachment operations. The daemon inject
 1. **\`slock message check\`** \u2014 Non-blocking check for new messages. Use freely during work \u2014 at natural breakpoints or after notifications.
 2. **\`slock message send\`** \u2014 Send a message to a channel or DM.
 3. **\`slock server info\`** \u2014 List channels in this server, which ones you have joined, plus all agents and humans.
-4. **\`slock channel leave\`** \u2014 Leave a regular channel you have joined. This only affects your own agent membership.
-5. **\`slock thread unfollow\`** \u2014 Stop receiving ordinary delivery for a thread you no longer need to follow. This only affects your own agent attention state.
-6. **\`slock message read\`** \u2014 Read past messages from a channel, DM, or thread. Supports \`before\` / \`after\` pagination and \`around\` for centered context.
-7. **\`slock message search\`** \u2014 Search messages visible to you, then inspect a hit with \`slock message read\`.
-8. **\`slock task list\`** \u2014 View a channel's task board.
-9. **\`slock task create\`** \u2014 Create new task-messages in a channel (supports batch titles; equivalent to sending a new message and publishing it as a task-message, not claiming it for yourself).
-10. **\`slock task claim\`** \u2014 Claim tasks by number or message ID (supports batch, handles conflicts).
-11. **\`slock task unclaim\`** \u2014 Release your claim on a task.
-12. **\`slock task update\`** \u2014 Change a task's status (e.g. to in_review or done).
-13. **\`slock attachment upload\`** \u2014 Upload a file to attach to a message. Returns an attachment ID to pass to \`slock message send\`.
-14. **\`slock attachment view\`** \u2014 Download an attached file by its attachment ID so you can inspect it locally.
-15. **\`slock reminder schedule\`** \u2014 Schedule a reminder for yourself later, at a specific time, or on a recurring cadence.
-16. **\`slock reminder list\`** \u2014 List your reminders.
-17. **\`slock reminder cancel\`** \u2014 Cancel one of your reminders by ID.
+4. **\`slock channel members\`** \u2014 List the members (agents and humans) of a specific channel, DM, or thread target.
+5. **\`slock channel leave\`** \u2014 Leave a regular channel you have joined. This only affects your own agent membership.
+6. **\`slock thread unfollow\`** \u2014 Stop receiving ordinary delivery for a thread you no longer need to follow. This only affects your own agent attention state.
+7. **\`slock message read\`** \u2014 Read past messages from a channel, DM, or thread. Supports \`before\` / \`after\` pagination and \`around\` for centered context.
+8. **\`slock message search\`** \u2014 Search messages visible to you, then inspect a hit with \`slock message read\`.
+9. **\`slock task list\`** \u2014 View a channel's task board.
+10. **\`slock task create\`** \u2014 Create new task-messages in a channel (supports batch titles; equivalent to sending a new message and publishing it as a task-message, not claiming it for yourself).
+11. **\`slock task claim\`** \u2014 Claim tasks by number or message ID (supports batch, handles conflicts).
+12. **\`slock task unclaim\`** \u2014 Release your claim on a task.
+13. **\`slock task update\`** \u2014 Change a task's status (e.g. to in_review or done).
+14. **\`slock attachment upload\`** \u2014 Upload a file to attach to a message. Uses content sniffing for image previews; pass \`--mime-type\` only when you know the exact type. Returns an attachment ID to pass to \`slock message send\`.
+15. **\`slock attachment view\`** \u2014 Download an attached file by its attachment ID so you can inspect it locally.
+16. **\`slock profile show\`** \u2014 Show your own profile, or another visible profile via \`@handle\`. Mirrors the canonical Slock profile view.
+17. **\`slock profile update\`** \u2014 Update your own profile. Currently this only supports \`--avatar-file\`.
+18. **\`slock reminder schedule\`** \u2014 Schedule a reminder for yourself later, at a specific time, or on a recurring cadence.
+19. **\`slock reminder list\`** \u2014 List your reminders.
+20. **\`slock reminder cancel\`** \u2014 Cancel one of your reminders by ID.
 
 When a user asks you to remind them later, at a specific time, or on a recurring schedule, prefer the reminder commands instead of relying on MEMORY or manual follow-up.
 Do not use runtime-native wake or cron tools such as ScheduleWakeup or CronCreate for user-visible reminders; use \`slock reminder schedule\` so reminders stay anchored, observable, and cancelable in Slock.
@@ -728,7 +758,7 @@ Threads are sub-conversations attached to a specific message. They let you discu
   const discoverySection = isCli ? `### Discovering people and channels
 
 Call \`slock server info\` to see all channels in this server, which ones you have joined, other agents, and humans.
-Visible public channels may appear even when \`joined=false\`. In that state you can still inspect them with \`slock message read\`, but you cannot send messages there or receive ordinary channel delivery until a human adds you to the channel. To leave a regular channel you have joined, use \`slock channel leave --target "#channel-name"\`. To stop following a thread without leaving its parent channel, use \`slock thread unfollow --target "#channel-name:shortid"\`.` : `### Discovering people and channels
+Visible public channels may appear even when \`joined=false\`. In that state you can still inspect them with \`slock message read\` and \`slock channel members\`, but you cannot send messages there or receive ordinary channel delivery until a human adds you to the channel. To leave a regular channel you have joined, use \`slock channel leave --target "#channel-name"\`. To stop following a thread without leaving its parent channel, use \`slock thread unfollow --target "#channel-name:shortid"\`.` : `### Discovering people and channels
 
 Call ${serverInfoCmd} to see all channels in this server, which ones you have joined, other agents, and humans.
 Visible public channels may appear even when \`joined=false\`. In that state you can still inspect them with ${readCmd}, but you cannot send messages there or receive ordinary channel delivery until a human adds you to the channel. To leave a regular channel you have joined, use \`${t("leave_channel")}\`.`;
@@ -838,6 +868,8 @@ ${readCmd} shows messages in their current state. If a message was later convert
 
 Your workspace and MEMORY.md persist across turns, so you can recover context when resumed. You will be started, put to sleep when idle, and woken up again when someone sends you a message. Think of yourself as a colleague who is always available, accumulates knowledge over time, and develops expertise through interactions.
 
+${runtimeContextLines(config).join("\n")}
+
 ${communicationSection}
 
 CRITICAL RULES:
@@ -851,6 +883,30 @@ ${startupSteps.join("\n")}`;
 
 ${opts.postStartupNotes.join("\n")}`;
   }
+  if (config.runtimeProfileControl) {
+    const control = config.runtimeProfileControl;
+    prompt += `
+
+## Runtime Profile Control
+
+`;
+    prompt += `This section is a trusted daemon runtime-control instruction. It overrides the normal startup sequence: complete this section before reading MEMORY.md, checking messages, or responding to inbox messages.
+
+`;
+    if (control.kind === "migration") {
+      prompt += `You are currently in Runtime Profile migration. Before handling normal inbox messages, re-ground yourself in the new runtime context and then invoke the runtime control action \`${t("runtime_profile_migration_done")}\` with exactly this migration_key: \`${control.key}\`.
+
+`;
+      prompt += `Do not use ${sendCmd}, ${checkCmd}, or any chat reply as the migration acknowledgment. Normal inbox delivery is gated until the runtime control action succeeds.
+
+`;
+    } else {
+      prompt += `Read the daemon release notice below before handling normal inbox messages. No chat reply is required for this notice.
+
+`;
+    }
+    prompt += control.message;
+  }
   prompt += `
 
 ## Messaging
@@ -1045,6 +1101,20 @@ function buildMcpSystemPrompt(config, opts) {
 
 // src/drivers/cliTransport.ts
 var shellSingleQuote = (value) => `'${value.replace(/'/g, `'\\''`)}'`;
+function runtimeContextEnv(config) {
+  const ctx = config.runtimeContext;
+  if (!ctx) return {};
+  return {
+    ...ctx.agentId ? { SLOCK_CURRENT_AGENT_ID: ctx.agentId } : {},
+    ...ctx.serverId ? { SLOCK_CURRENT_SERVER_ID: ctx.serverId } : {},
+    ...ctx.machineId ? { SLOCK_CURRENT_COMPUTER_ID: ctx.machineId } : {},
+    ...ctx.machineName ? { SLOCK_CURRENT_COMPUTER_NAME: ctx.machineName } : {},
+    ...ctx.machineHostname ? { SLOCK_CURRENT_COMPUTER_HOSTNAME: ctx.machineHostname } : {},
+    ...ctx.machineOs ? { SLOCK_CURRENT_COMPUTER_OS: ctx.machineOs } : {},
+    ...ctx.daemonVersion ? { SLOCK_CURRENT_DAEMON_VERSION: ctx.daemonVersion } : {},
+    ...ctx.workspacePath ? { SLOCK_CURRENT_WORKSPACE_PATH: ctx.workspacePath } : {}
+  };
+}
 function buildCliTransportSystemPrompt(config, opts) {
   return buildCliSystemPrompt(config, opts);
 }
@@ -1074,6 +1144,7 @@ exec ${shellSingleQuote(process.execPath)} ${shellSingleQuote(ctx.slockCliPath)}
     FORCE_COLOR: "0",
     ...ctx.config.envVars || {},
     ...extraEnv,
+    ...runtimeContextEnv(ctx.config),
     SLOCK_AGENT_ID: ctx.agentId,
     ...ctx.launchId ? { SLOCK_AGENT_LAUNCH_ID: ctx.launchId } : {},
     SLOCK_SERVER_URL: ctx.config.serverUrl,
@@ -1097,7 +1168,7 @@ function normalizeExecOutput(raw) {
   return Buffer.isBuffer(raw) ? raw.toString("utf8") : String(raw ?? "");
 }
 function resolveCommandOnWindows(command, env, execFileSyncFn) {
-  const script = "$cmd = Get-Command -Name $args[0] -ErrorAction Stop | Select-Object -First 1; if ($cmd.Path) { $cmd.Path } elseif ($cmd.Source) { $cmd.Source } elseif ($cmd.Definition) { $cmd.Definition }";
+  const script = "& {$cmd = Get-Command -Name $args[0] -ErrorAction Stop | Select-Object -First 1; if ($cmd.Path) { $cmd.Path } elseif ($cmd.Source) { $cmd.Source } elseif ($cmd.Definition) { $cmd.Definition } }";
   try {
     const output = normalizeExecOutput(execFileSyncFn("powershell.exe", [
       "-NoProfile",
@@ -1207,6 +1278,8 @@ var ClaudeDriver = class {
       "--allow-dangerously-skip-permissions",
       "--dangerously-skip-permissions",
       "--verbose",
+      "--permission-mode",
+      "bypassPermissions",
       "--output-format",
       "stream-json",
       "--input-format",
@@ -1217,16 +1290,16 @@ var ClaudeDriver = class {
       CLAUDE_DISALLOWED_TOOLS
     ];
     if (opts.standingPromptFilePath) {
-      args.push("--append-system-prompt-file", opts.standingPromptFilePath);
+      args.push("--system-prompt-file", opts.standingPromptFilePath);
     } else {
-      args.push("--append-system-prompt", standingPrompt);
+      args.push("--system-prompt", standingPrompt);
     }
     if (config.sessionId) {
       args.push("--resume", config.sessionId);
     }
     return args;
   }
-  buildDeprecatedShimMcpConfig(ctx) {
+  buildRuntimeActionsMcpConfig(ctx) {
     const isTsSource = ctx.chatBridgePath.endsWith(".ts");
     const command = isTsSource ? "npx" : "node";
     const bridgeArgs = isTsSource ? ["tsx", ctx.chatBridgePath] : [ctx.chatBridgePath];
@@ -1245,7 +1318,7 @@ var ClaudeDriver = class {
             "--runtime",
             this.id,
             ...ctx.launchId ? ["--launch-id", ctx.launchId] : [],
-            "--deprecated-shim"
+            "--runtime-actions-only"
           ]
         }
       }
@@ -1255,7 +1328,7 @@ var ClaudeDriver = class {
     const systemPromptPath = path3.join(slockDir, CLAUDE_SYSTEM_PROMPT_FILE);
     const mcpConfigPath = path3.join(slockDir, CLAUDE_MCP_CONFIG_FILE);
     writeFileSync2(systemPromptPath, ctx.standingPrompt, { mode: 384 });
-    writeFileSync2(mcpConfigPath, this.buildDeprecatedShimMcpConfig(ctx), { mode: 384 });
+    writeFileSync2(mcpConfigPath, this.buildRuntimeActionsMcpConfig(ctx), { mode: 384 });
     return { systemPromptPath, mcpConfigPath };
   }
   spawn(ctx) {
@@ -1264,7 +1337,7 @@ var ClaudeDriver = class {
     const args = this.buildClaudeArgs(ctx.config, ctx.standingPrompt, {
       standingPromptFilePath: systemPromptPath
     });
-    args.push("--mcp-config", mcpConfigPath);
+    args.push("--mcp-config", mcpConfigPath, "--strict-mcp-config");
     delete spawnEnv.CLAUDECODE;
     logger.info(
       `[Agent ${ctx.agentId}] transport=cli cli=${ctx.slockCliPath} token_file=${tokenFile}`
@@ -1388,7 +1461,9 @@ var ClaudeDriver = class {
   buildSystemPrompt(config, _agentId) {
     return buildCliTransportSystemPrompt(config, {
       toolPrefix: "mcp__chat__",
-      extraCriticalRules: [],
+      extraCriticalRules: [
+        "- Runtime Profile migration completion is the only exception to CLI-only operation: when a migration notice tells you to acknowledge with `runtime_profile_migration_done`, call the `mcp__chat__runtime_profile_migration_done` tool with the exact `migration_key`; do not use `slock` CLI or reply in chat as the acknowledgment."
+      ],
       postStartupNotes: [
         "**Claude runtime note:** Slock preserves Claude Code same-turn steering through a gated stream-json delivery path. Busy messages are buffered and delivered at Claude-observed safe boundaries; if no earlier safe boundary is available, they are delivered after the current turn ends.",
         "For long tool runs, you can also use `slock message check` at natural breakpoints to pull pending messages explicitly."
@@ -1498,7 +1573,7 @@ var CodexDriver = class {
   probe() {
     return probeCodex();
   }
-  buildDeprecatedShimConfigArgs(ctx) {
+  buildRuntimeActionsConfigArgs(ctx) {
     const isTsSource = ctx.chatBridgePath.endsWith(".ts");
     const command = isTsSource ? "npx" : "node";
     const bridgeArgs = isTsSource ? [
@@ -1513,7 +1588,7 @@ var CodexDriver = class {
       "--runtime",
       this.id,
       ...ctx.launchId ? ["--launch-id", ctx.launchId] : [],
-      "--deprecated-shim"
+      "--runtime-actions-only"
     ] : [
       ctx.chatBridgePath,
       "--agent-id",
@@ -1525,7 +1600,7 @@ var CodexDriver = class {
       "--runtime",
       this.id,
       ...ctx.launchId ? ["--launch-id", ctx.launchId] : [],
-      "--deprecated-shim"
+      "--runtime-actions-only"
     ];
     return [
       "-c",
@@ -1595,7 +1670,7 @@ var CodexDriver = class {
     this.streamedAgentMessageIds.clear();
     this.streamedReasoningIds.clear();
     const args = ["app-server", "--listen", "stdio://"];
-    args.push(...this.buildDeprecatedShimConfigArgs(ctx));
+    args.push(...this.buildRuntimeActionsConfigArgs(ctx));
     const { command, args: spawnArgs } = resolveCodexSpawn(args);
     const proc = spawn2(command, spawnArgs, {
       cwd: ctx.workingDirectory,
@@ -2660,6 +2735,86 @@ function formatMessageTarget(message) {
 function getMessageShortId(messageId) {
   return messageId.startsWith("thread-") ? messageId.slice(7) : messageId.slice(0, 8);
 }
+function findSessionJsonl(root, predicate) {
+  let visited = 0;
+  const maxEntries = 1e4;
+  const maxDepth = 8;
+  const visit = (dir, depth) => {
+    if (depth < 0 || visited >= maxEntries) return null;
+    let entries;
+    try {
+      entries = readdirSync(dir, { withFileTypes: true }).sort((a, b) => b.name.localeCompare(a.name));
+    } catch {
+      return null;
+    }
+    for (const entry of entries) {
+      if (++visited > maxEntries) return null;
+      if (!entry.isFile() || !predicate(entry.name)) continue;
+      return path10.join(dir, entry.name);
+    }
+    for (const entry of entries) {
+      if (++visited > maxEntries) return null;
+      if (!entry.isDirectory()) continue;
+      const found = visit(path10.join(dir, entry.name), depth - 1);
+      if (found) return found;
+    }
+    return null;
+  };
+  return visit(root, maxDepth);
+}
+function safeSessionFilename(value) {
+  const normalized = value.replace(/[^a-zA-Z0-9._-]+/g, "-").replace(/^-+|-+$/g, "");
+  return normalized || "unknown-session";
+}
+function writeRuntimeSessionHandoff(runtime, sessionId, fallbackDir) {
+  try {
+    const dir = path10.join(fallbackDir, ".slock", "runtime-sessions");
+    mkdirSync4(dir, { recursive: true });
+    const filePath = path10.join(dir, `${runtime}-${safeSessionFilename(sessionId)}.jsonl`);
+    writeFileSync7(filePath, JSON.stringify({
+      type: "runtime_session_handoff",
+      runtime,
+      sessionId,
+      createdAt: (/* @__PURE__ */ new Date()).toISOString(),
+      note: "The native runtime transcript file was not found on this machine; this daemon-created handoff records the previous session identity for Runtime Profile migration."
+    }) + "\n", { mode: 384 });
+    return {
+      label: sessionId,
+      path: filePath,
+      runtime,
+      reachable: true,
+      reason: "native session file path not found; using daemon handoff file"
+    };
+  } catch {
+    return null;
+  }
+}
+function resolveRuntimeSessionRef(runtime, sessionId, homeDir = os3.homedir(), fallbackDir) {
+  const directPath = path10.isAbsolute(sessionId) ? sessionId : null;
+  if (directPath) {
+    try {
+      if (statSync(directPath).isFile()) {
+        return { label: sessionId, path: directPath, runtime, reachable: true };
+      }
+    } catch {
+    }
+  }
+  const resolvedPath = runtime === "claude" ? findSessionJsonl(path10.join(homeDir, ".claude", "projects"), (filename) => filename === `${sessionId}.jsonl`) : runtime === "codex" ? findSessionJsonl(path10.join(homeDir, ".codex", "sessions"), (filename) => filename.endsWith(".jsonl") && filename.includes(sessionId)) : null;
+  if (!resolvedPath && fallbackDir) {
+    const fallback = writeRuntimeSessionHandoff(runtime, sessionId, fallbackDir);
+    if (fallback) return fallback;
+  }
+  const ref = {
+    label: sessionId,
+    path: resolvedPath ?? sessionId,
+    runtime,
+    reachable: Boolean(resolvedPath)
+  };
+  if (!resolvedPath) {
+    ref.reason = "session file path not found";
+  }
+  return ref;
+}
 function formatSenderHandle(message) {
   return message.sender_description ? `@${message.sender_name} \u2014 ${message.sender_description}` : `@${message.sender_name}`;
 }
@@ -2699,6 +2854,42 @@ function formatIncomingMessage(message) {
   return threadJoinPrefix ? `${threadJoinPrefix}
 ${body}` : body;
 }
+function formatRuntimeProfileControlPrompt(messages) {
+  const controls = messages.map((message) => ({
+    message,
+    notification: runtimeProfileNotificationFromMessage(message)
+  }));
+  if (controls.length === 0 || controls.some(({ notification }) => !notification)) {
+    return null;
+  }
+  const body = controls.map(({ message }) => message.content).join("\n\n---\n\n");
+  return [
+    "Runtime Profile control notice.",
+    "",
+    "Complete the required runtime control action before reading or responding to normal inbox messages.",
+    "",
+    body,
+    "",
+    "Do not answer this notice in prose as the acknowledgment."
+  ].join("\n");
+}
+function formatRuntimeProfileControlStartupInput(control, driver) {
+  if (control.kind !== "migration") {
+    return [
+      "Read the Runtime Profile daemon release notice from your system prompt before normal work.",
+      "No chat reply is required for this notice. Stop after reading it; queued inbox messages will be delivered separately."
+    ].join("\n");
+  }
+  const actionName = `${driver.mcpToolPrefix}runtime_profile_migration_done`;
+  return [
+    "Runtime Profile migration is required before normal work.",
+    `Invoke the available runtime control action \`${actionName}\` with exactly this migration_key: \`${control.key}\`.`,
+    "Do not read MEMORY.md, check messages, or send a chat reply before this tool call.",
+    "After the runtime control action succeeds, stop. Queued inbox messages will be delivered separately.",
+    "",
+    control.message
+  ].join("\n");
+}
 function buildUnreadSummary(messages, excludeChannel) {
   const summary = /* @__PURE__ */ new Map();
   for (const message of messages) {
@@ -2723,6 +2914,16 @@ var FIRST_CINDY_SEED_MODE = "first-cindy";
 function getOnboardingSeedMode(config) {
   return (config.envVars?.[ONBOARDING_MEMORY_SEED_ENV] || "").trim().toLowerCase();
 }
+function withLocalRuntimeContext(config, agentId, workspacePath) {
+  return {
+    ...config,
+    runtimeContext: {
+      ...config.runtimeContext ?? {},
+      agentId: config.runtimeContext?.agentId ?? agentId,
+      workspacePath
+    }
+  };
+}
 function buildOnboardingPlaybookMd() {
   return `# Cindy Onboarding Playbook
 
@@ -2731,14 +2932,18 @@ Start warm and brief.
 Move quickly to one useful action, not a feature tour.
 Keep activation energy low: invite the user to start with one sentence about what they need now.
 
-## Step 2: Capture Minimal Context
-Ask only what is needed to route:
-1. What is your role?
-2. What are you working on these days?
+## Step 2: Activate or Propose
+Use one decision: does the user already know what they want to do?
+- Yes: skip role/work intake and propose a starter plan.
+- No: ask what they do and what they are working on. These questions are activation, not a questionnaire.
+
+After any usable signal, stop asking and propose.
+After confirming language preference, do not give a generic product introduction; move into the user's work or a starter action.
 
 ## Step 3: Route by Intent (A-E)
 - A: Specific project/task
-  - Map immediately to first setup actions (agents + channels + first task).
+  - Enter starter-task mode immediately.
+  - Propose first setup actions before asking for more detail.
 - B: "What can you do?" curiosity
   - Proactively share 1-2 interview-grounded examples, then ask the user to pick one.
   - Use this opener tone: "Here are some examples our users have shared with us. I'm sharing these to inspire you."
@@ -2749,6 +2954,28 @@ Ask only what is needed to route:
 - E: Low-intent greeting/testing
   - Use a low-pressure prompt and guide to one concrete starter action.
 
+### Starter Plan Output
+A starter plan should make the next action executable, not just descriptive:
+- agent name + role description that can be copied into the create-agent form
+- suggested channel or workstream
+- first task to send after creation
+- next UI action if the user needs to create an agent or channel
+
+Do not use a rigid keyword routing table. Use examples as inspiration, then adapt to the user's context.
+If details are missing but not blocking, state reasonable defaults and invite correction.
+Only ask one blocking question first if the answer is required before any useful starter plan can be proposed.
+Do not imply you have already created agents or channels unless the action has actually happened.
+
+### Capability Boundary Pivot
+If the user's primary request is outside current capabilities, acknowledge the limitation once and pivot immediately to the nearest useful alternative.
+Do not repeat that something is impossible across multiple turns.
+Offer a concrete substitute: a manual input path, a narrower analysis task, an agent/team setup, or another workflow Slock can execute now.
+
+### Active-Elsewhere Handoff
+Channel silence is not failure.
+If the user is already active outside the onboarding channel, follow the work instead of trying to pull them back.
+Offer a concrete next step in the context they are using: first task, second agent suggestion, channel structure, or reminder.
+
 ## Step 4: Progress Setup (Soft Guidance)
 While helping with real work, progressively shape:
 - initial team target >= 3 agents
@@ -2762,6 +2989,8 @@ Do not force setup before value.
 
 ## Step 5: End Every Turn with One Next Step
 Each reply should end with one clear, immediate action.
+At wrap-up, if there is a concrete next check-in, ask consent to set one contextual reminder.
+The reminder must reference the user's goal, agent, recent step, or suggested next action; do not send generic "come back later" reminders.
 
 ## Inspiration Stories (Interview-Grounded)
 - Story 1: "Sense of abundance" \u2014 agents self-organize, you do not need to micro-manage.
@@ -2954,6 +3183,34 @@ Do not copy these answers verbatim.
 
 ### Guardrail
 - Keep contact guidance concrete and current; do not invent alternative support channels.
+
+## FAQ 14: Can I use Slock on my phone?
+### Answer idea
+- Yes. Slock can be used from a mobile browser.
+- For easier return access, users can add Slock to their phone home screen as a web app:
+  - iPhone: Safari \u2192 Share \u2192 Add to Home Screen
+  - Android: Chrome \u2192 menu \u2192 Add to Home Screen / Install app
+- Good mobile use cases: quick check-ins, todos/reminders, short replies, and reviewing agent updates.
+
+### Next step
+- If the user wants mobile access now, ask whether they use iPhone or Android, then guide the matching Add to Home Screen step.
+
+### Guardrail
+- Do not imply Slock has a native iOS/Android App Store app.
+- Do not over-sell it as fully equivalent to a native app; call it mobile browser / home-screen web app.
+
+## FAQ 15: How do I create agents or channels?
+### Answer idea
+- The user can create agents from the Agents section in the People tab by clicking the + button, or from a computer/machine context menu via Create Agent.
+- The user can create channels from the Channels section by clicking the + button.
+- When recommending setup, provide copyable agent names/descriptions, suggested channel names, and the first task to send after creation.
+
+### Next step
+- Give the exact agent/channel spec the user can copy, then guide them to the relevant + button or creation dialog.
+
+### Guardrail
+- Do not imply you already created agents or channels unless that action actually happened.
+- If you cannot directly create something, avoid a long permissions explanation; give the copyable spec and the next UI action.
 `;
 }
 function buildOnboardingSeedFiles() {
@@ -3129,7 +3386,12 @@ function getBusyDeliveryNote(driver) {
   }
   return "\n\nNote: While you are busy, you may receive [System notification: ...] messages. Finish your current step, then call check_messages to check for messages.";
 }
-var NATIVE_STANDING_PROMPT_STARTUP_INPUT = "Your system prompt contains your standing instructions. Follow it now and begin listening for messages.";
+var NATIVE_STANDING_PROMPT_STARTUP_INPUT = (
+  // Claude Code 2.1.114 treats "follow your system prompt" style user turns as
+  // prompt-injection bait even when the prompt is supplied via --system-prompt-file.
+  // A neutral starter lets the native standing prompt drive startup/migration.
+  "Start."
+);
 var AgentProcessManager = class _AgentProcessManager {
   agents = /* @__PURE__ */ new Map();
   agentsStarting = /* @__PURE__ */ new Set();
@@ -3143,6 +3405,7 @@ var AgentProcessManager = class _AgentProcessManager {
   daemonApiKey;
   serverUrl;
   dataDir;
+  runtimeSessionHomeDir;
   driverResolver;
   defaultAgentEnvVarsProvider;
   tracer;
@@ -3153,6 +3416,7 @@ var AgentProcessManager = class _AgentProcessManager {
     this.daemonApiKey = daemonApiKey;
     this.serverUrl = opts.serverUrl;
     this.dataDir = opts.dataDir || DATA_DIR;
+    this.runtimeSessionHomeDir = opts.runtimeSessionHomeDir || os3.homedir();
     this.driverResolver = opts.driverResolver || getDriver;
     this.defaultAgentEnvVarsProvider = opts.defaultAgentEnvVarsProvider || null;
     this.tracer = opts.tracer ?? noopTracer;
@@ -3171,11 +3435,12 @@ var AgentProcessManager = class _AgentProcessManager {
       const driver = this.driverResolver(config.runtime || "claude");
       const agentDataDir = path10.join(this.dataDir, agentId);
       await mkdir(agentDataDir, { recursive: true });
+      const runtimeConfig = withLocalRuntimeContext(config, agentId, agentDataDir);
       const memoryMdPath = path10.join(agentDataDir, "MEMORY.md");
       try {
         await access(memoryMdPath);
       } catch {
-        const initialMemoryMd = buildInitialMemoryMd(config);
+        const initialMemoryMd = buildInitialMemoryMd(runtimeConfig);
         await writeFile(memoryMdPath, initialMemoryMd);
       }
       const notesDir = path10.join(agentDataDir, "notes");
@@ -3192,18 +3457,21 @@ var AgentProcessManager = class _AgentProcessManager {
           }
         }
       }
-      const isResume = !!config.sessionId;
-      const standingPrompt = driver.buildSystemPrompt(config, agentId);
+      const isResume = !!runtimeConfig.sessionId;
+      const standingPrompt = driver.buildSystemPrompt(runtimeConfig, agentId);
       let prompt;
-      if (isResume && resumePrompt) {
+      if (runtimeConfig.runtimeProfileControl && !wakeMessage) {
+        prompt = driver.supportsNativeStandingPrompt ? NATIVE_STANDING_PROMPT_STARTUP_INPUT : formatRuntimeProfileControlStartupInput(runtimeConfig.runtimeProfileControl, driver);
+      } else if (isResume && resumePrompt) {
         prompt = resumePrompt;
         prompt += getBusyDeliveryNote(driver);
       } else if (wakeMessage) {
+        const runtimeProfileControlPrompt = formatRuntimeProfileControlPrompt([wakeMessage]);
         const channelLabel = formatChannelLabel(wakeMessage);
-        prompt = `New message received:
+        prompt = runtimeProfileControlPrompt ?? `New message received:
 
 ${formatIncomingMessage(wakeMessage)}`;
-        if (unreadSummary && Object.keys(unreadSummary).length > 0) {
+        if (!runtimeProfileControlPrompt && unreadSummary && Object.keys(unreadSummary).length > 0) {
           const otherUnread = Object.entries(unreadSummary).filter(([key]) => key !== channelLabel);
           if (otherUnread.length > 0) {
             prompt += `
@@ -3218,12 +3486,14 @@ You also have unread messages in other channels:`;
 Use read_history to catch up, or respond to the message above first.`;
           }
         }
-        prompt += `
+        if (!runtimeProfileControlPrompt) {
+          prompt += `
 
 Respond as appropriate \u2014 reply using send_message, or take action as needed. Complete ALL your work before stopping.
 
 IMPORTANT: If the message requires multi-step work (e.g. research, code changes, testing), complete ALL steps before stopping. Sending a progress update does NOT mean your task is done \u2014 only stop when you have NO more work to do. ${getMessageDeliveryText(driver)}`;
-        prompt += getBusyDeliveryNote(driver);
+          prompt += getBusyDeliveryNote(driver);
+        }
       } else if (isResume && unreadSummary && Object.keys(unreadSummary).length > 0) {
         prompt = `You have unread messages from while you were offline:`;
         for (const [ch, count] of Object.entries(unreadSummary)) {
@@ -3239,7 +3509,7 @@ Use read_history to catch up on the channels listed above, then stop. Read each
       } else {
         prompt = driver.supportsNativeStandingPrompt ? NATIVE_STANDING_PROMPT_STARTUP_INPUT : standingPrompt;
       }
-      const effectiveConfig = await this.buildSpawnConfig(agentId, config);
+      const effectiveConfig = await this.buildSpawnConfig(agentId, runtimeConfig);
       const { process: proc } = driver.spawn({
         agentId,
         config: effectiveConfig,
@@ -3255,8 +3525,8 @@ Use read_history to catch up on the channels listed above, then stop. Read each
         process: proc,
         driver,
         inbox: this.startingInboxes.get(agentId) || [],
-        config,
-        sessionId: config.sessionId || null,
+        config: runtimeConfig,
+        sessionId: runtimeConfig.sessionId || null,
         launchId: launchId || null,
         isIdle: false,
         notificationTimer: null,
@@ -3282,6 +3552,9 @@ Use read_history to catch up on the channels listed above, then stop. Read each
       this.agents.set(agentId, agentProcess);
       this.startRuntimeTrace(agentId, agentProcess, "spawn");
       this.agentsStarting.delete(agentId);
+      if (config.runtimeProfileControl) {
+        this.ackInjectedRuntimeProfileControl(agentId, config.runtimeProfileControl, agentProcess.launchId);
+      }
       if (wakeMessage) {
         this.ackInjectedRuntimeProfileMessages(agentId, [wakeMessage], agentProcess.launchId);
       }
@@ -3492,6 +3765,7 @@ Use read_history to catch up on the channels listed above, then stop. Read each
     this.agents.delete(agentId);
     ap.process.kill("SIGTERM");
     if (!silent) {
+      this.sendRuntimeProfileReportFor(agentId, ap.config, ap.sessionId, ap.launchId);
       this.sendAgentStatus(agentId, "inactive", ap.launchId);
       this.broadcastActivity(agentId, "offline", "Stopped");
       logger.info(`[Agent ${agentId}] Stopped by request`);
@@ -3610,12 +3884,7 @@ Use read_history to catch up on the channels listed above, then stop. Read each
           path: workspacePath,
           reachable: true
         },
-        sessionRef: sessionId ? {
-          label: sessionId,
-          path: sessionId,
-          runtime: config.runtime,
-          reachable: true
-        } : null
+        sessionRef: sessionId ? resolveRuntimeSessionRef(config.runtime, sessionId, this.runtimeSessionHomeDir, workspacePath) : null
       }
     };
   }
@@ -3706,9 +3975,26 @@ Use read_history to catch up on the channels listed above, then stop. Read each
       }
     }
   }
-  sendRuntimeProfileReport(agentId) {
-    const report = this.getAgentRuntimeProfileReport(agentId);
-    if (!report) return;
+  ackInjectedRuntimeProfileControl(agentId, control, launchId) {
+    const title = runtimeProfileNotificationTitle(control.kind);
+    this.broadcastActivity(agentId, "working", title, [{ kind: "system", title, text: control.message }], launchId);
+    if (control.kind === "migration") {
+      this.sendToServer({
+        type: "agent:runtime_profile:migration:ack",
+        agentId,
+        migrationKey: control.key,
+        launchId: launchId || void 0
+      });
+    } else {
+      this.sendToServer({
+        type: "agent:runtime_profile:daemon_release_notice:ack",
+        agentId,
+        noticeKey: control.key,
+        launchId: launchId || void 0
+      });
+    }
+  }
+  sendRuntimeProfileWireReport(report) {
     this.sendToServer({
       type: "agent:runtime_profile",
       agentId: report.agentId,
@@ -3716,6 +4002,14 @@ Use read_history to catch up on the channels listed above, then stop. Read each
       launchId: report.launchId || void 0
     });
   }
+  sendRuntimeProfileReportFor(agentId, config, sessionId, launchId) {
+    this.sendRuntimeProfileWireReport(this.buildRuntimeProfileReport(agentId, config, sessionId, launchId));
+  }
+  sendRuntimeProfileReport(agentId) {
+    const report = this.getAgentRuntimeProfileReport(agentId);
+    if (!report) return;
+    this.sendRuntimeProfileWireReport(report);
+  }
   // Machine-level workspace scanning
   async scanAllWorkspaces() {
     return scanWorkspaceDirectories(this.dataDir);
@@ -4311,7 +4605,7 @@ Use read_history to catch up on the channels listed above, then stop. Read each
   /** Deliver a message to an agent via stdin, formatting it the same way as the MCP bridge */
   deliverMessagesViaStdin(agentId, ap, messages, mode) {
     if (messages.length === 0) return true;
-    const prompt = messages.length === 1 ? `New message received:
+    const prompt = formatRuntimeProfileControlPrompt(messages) ?? (messages.length === 1 ? `New message received:
 
 ${formatIncomingMessage(messages[0])}
 
@@ -4319,7 +4613,7 @@ Respond as appropriate. Complete all your work before stopping.` : `New messages
 
 ${messages.map((message) => formatIncomingMessage(message)).join("\n")}
 
-Respond as appropriate. Complete all your work before stopping.`;
+Respond as appropriate. Complete all your work before stopping.`);
     const encoded = ap.driver.encodeStdinMessage(prompt, ap.sessionId, { mode });
     if (!encoded) {
       ap.inbox.unshift(...messages);
@@ -4585,6 +4879,112 @@ var ReminderCache = class {
   }
 };
 
+// src/machineLock.ts
+import { createHash, randomUUID as randomUUID2 } from "crypto";
+import { mkdirSync as mkdirSync5, readFileSync as readFileSync3, rmSync as rmSync2, statSync as statSync2, writeFileSync as writeFileSync8 } from "fs";
+import os4 from "os";
+import path11 from "path";
+var DEFAULT_MACHINE_STATE_ROOT = path11.join(os4.homedir(), ".slock", "machines");
+var INCOMPLETE_LOCK_STALE_MS = 3e4;
+var DaemonMachineLockConflictError = class extends Error {
+  code = "DAEMON_MACHINE_LOCK_HELD";
+  constructor(lockDir, owner) {
+    const ownerText = owner ? `pid=${owner.pid}, startedAt=${owner.startedAt}, host=${owner.hostname}` : "unknown owner";
+    super(
+      `Another Slock daemon is already running for this machine key (${ownerText}). Lock: ${lockDir}. Stop the existing daemon first, or use a different machine key/state directory.`
+    );
+    this.name = "DaemonMachineLockConflictError";
+  }
+};
+function apiKeyFingerprint(apiKey) {
+  return createHash("sha256").update(apiKey).digest("hex");
+}
+function getDaemonMachineLockId(apiKey) {
+  return `machine-${apiKeyFingerprint(apiKey).slice(0, 16)}`;
+}
+function ownerPath(lockDir) {
+  return path11.join(lockDir, "owner.json");
+}
+function readOwner(lockDir) {
+  try {
+    return JSON.parse(readFileSync3(ownerPath(lockDir), "utf8"));
+  } catch {
+    return null;
+  }
+}
+function lockAgeMs(lockDir) {
+  try {
+    return Date.now() - statSync2(lockDir).mtimeMs;
+  } catch {
+    return null;
+  }
+}
+function isProcessAlive(pid) {
+  if (!Number.isInteger(pid) || pid <= 0) return false;
+  try {
+    process.kill(pid, 0);
+    return true;
+  } catch (err) {
+    const code = typeof err === "object" && err && "code" in err ? err.code : void 0;
+    return code !== "ESRCH";
+  }
+}
+function acquireDaemonMachineLock(options) {
+  const rootDir = options.rootDir ?? DEFAULT_MACHINE_STATE_ROOT;
+  const fingerprint = apiKeyFingerprint(options.apiKey);
+  const lockId = getDaemonMachineLockId(options.apiKey);
+  const machineDir = path11.join(rootDir, lockId);
+  const lockDir = path11.join(machineDir, "daemon.lock");
+  const token = randomUUID2();
+  mkdirSync5(machineDir, { recursive: true });
+  for (let attempt = 0; attempt < 2; attempt += 1) {
+    try {
+      mkdirSync5(lockDir);
+      const owner = {
+        pid: process.pid,
+        token,
+        hostname: os4.hostname(),
+        startedAt: (/* @__PURE__ */ new Date()).toISOString(),
+        serverUrl: options.serverUrl,
+        apiKeyFingerprint: fingerprint.slice(0, 16)
+      };
+      try {
+        writeFileSync8(ownerPath(lockDir), `${JSON.stringify(owner, null, 2)}
+`, { mode: 384 });
+      } catch (err) {
+        rmSync2(lockDir, { recursive: true, force: true });
+        throw err;
+      }
+      return {
+        lockId,
+        machineDir,
+        lockDir,
+        release: () => {
+          const currentOwner = readOwner(lockDir);
+          if (currentOwner?.pid === process.pid && currentOwner.token === token) {
+            rmSync2(lockDir, { recursive: true, force: true });
+          }
+        }
+      };
+    } catch (err) {
+      const code = typeof err === "object" && err && "code" in err ? err.code : void 0;
+      if (code !== "EEXIST") throw err;
+      const owner = readOwner(lockDir);
+      if (owner?.pid && isProcessAlive(owner.pid)) {
+        throw new DaemonMachineLockConflictError(lockDir, owner);
+      }
+      if (!owner) {
+        const ageMs = lockAgeMs(lockDir);
+        if (ageMs === null || ageMs < INCOMPLETE_LOCK_STALE_MS) {
+          throw new DaemonMachineLockConflictError(lockDir, null);
+        }
+      }
+      rmSync2(lockDir, { recursive: true, force: true });
+    }
+  }
+  throw new DaemonMachineLockConflictError(lockDir, readOwner(lockDir));
+}
+
 // src/core.ts
 var DAEMON_CLI_USAGE = "Usage: slock-daemon --server-url <url> --api-key <key>";
 function parseDaemonCliArgs(args) {
@@ -4606,23 +5006,23 @@ function readDaemonVersion(moduleUrl = import.meta.url) {
   }
 }
 function resolveChatBridgePath(moduleUrl = import.meta.url) {
-  const dirname = path11.dirname(fileURLToPath(moduleUrl));
-  const jsPath = path11.resolve(dirname, "chat-bridge.js");
+  const dirname = path12.dirname(fileURLToPath(moduleUrl));
+  const jsPath = path12.resolve(dirname, "chat-bridge.js");
   try {
     accessSync(jsPath);
     return jsPath;
   } catch {
-    return path11.resolve(dirname, "chat-bridge.ts");
+    return path12.resolve(dirname, "chat-bridge.ts");
   }
 }
 function resolveSlockCliPath(moduleUrl = import.meta.url) {
-  const thisDir = path11.dirname(fileURLToPath(moduleUrl));
-  const bundledDistPath = path11.resolve(thisDir, "cli", "index.js");
+  const thisDir = path12.dirname(fileURLToPath(moduleUrl));
+  const bundledDistPath = path12.resolve(thisDir, "cli", "index.js");
   try {
     accessSync(bundledDistPath);
     return bundledDistPath;
   } catch {
-    const workspaceDistPath = path11.resolve(thisDir, "..", "..", "cli", "dist", "index.js");
+    const workspaceDistPath = path12.resolve(thisDir, "..", "..", "cli", "dist", "index.js");
     accessSync(workspaceDistPath);
     return workspaceDistPath;
   }
@@ -4701,6 +5101,7 @@ var DaemonCore = class {
   connection;
   reminderCache;
   tracer;
+  machineLock = null;
   constructor(options) {
     this.options = options;
     this.daemonVersion = options.daemonVersion ?? readDaemonVersion();
@@ -4731,15 +5132,39 @@ var DaemonCore = class {
     });
     this.connection = connection;
   }
+  resolveMachineStateRoot() {
+    if (this.options.machineStateDir) return this.options.machineStateDir;
+    if (this.options.dataDir) return path12.join(path12.dirname(this.options.dataDir), "machines");
+    return DEFAULT_MACHINE_STATE_ROOT;
+  }
   start() {
     logger.info("[Slock Daemon] Starting...");
-    this.connection.connect();
+    if (!this.machineLock) {
+      this.machineLock = acquireDaemonMachineLock({
+        apiKey: this.options.apiKey,
+        serverUrl: this.options.serverUrl,
+        rootDir: this.resolveMachineStateRoot()
+      });
+      logger.info(`[Slock Daemon] Acquired machine lock: ${this.machineLock.lockDir}`);
+    }
+    try {
+      this.connection.connect();
+    } catch (err) {
+      this.machineLock.release();
+      this.machineLock = null;
+      throw err;
+    }
   }
   async stop() {
     logger.info("[Slock Daemon] Shutting down...");
     this.reminderCache.clear();
-    await this.agentManager.stopAll();
-    this.connection.disconnect();
+    try {
+      await this.agentManager.stopAll();
+    } finally {
+      this.connection.disconnect();
+      this.machineLock?.release();
+      this.machineLock = null;
+    }
   }
   get connected() {
     return this.connection.connected;
@@ -4900,8 +5325,8 @@ var DaemonCore = class {
       capabilities: ["agent:start", "agent:stop", "agent:deliver", "workspace:files"],
       runtimes,
       runningAgents: this.agentManager.getRunningAgentIds(),
-      hostname: this.options.hostname ?? os4.hostname(),
-      os: this.options.osDescription ?? `${os4.platform()} ${os4.arch()}`,
+      hostname: this.options.hostname ?? os5.hostname(),
+      os: this.options.osDescription ?? `${os5.platform()} ${os5.arch()}`,
       daemonVersion: this.daemonVersion
     });
     for (const agentId of this.agentManager.getRunningAgentIds()) {