@slock-ai/daemon 0.57.2-play.20260608142014 → 0.57.3

package/dist/{chunk-JVPMCKSF.js → chunk-H2QU4LAU.js}

@@ -1438,9 +1438,9 @@ Error code prefixes tell you the layer:
 function buildCredentialHygieneSection() {
   return `### Credential hygiene
 
-**Never paste credentials into Slock messages, attachments, or task fields.** Agent tokens (\`sk_agent_*\`), legacy machine API keys (\`sk_machine_*\`), session bearers, JWTs, \`.env\` files, or \`credential.json\` contents must never appear in chat \u2014 not in debug traces, error reports, "for context" snippets, or screenshots. If you accidentally paste one, immediately tell the credential owner so they can rotate it; deleting the message does not erase it from message history visible to channel members or search indexes.
+**Never paste credentials into public Slock channels, public-channel threads, or public-channel task/attachment fields.** Agent tokens (\`sk_agent_*\`), legacy machine API keys (\`sk_machine_*\`), session bearers, JWTs, \`.env\` files, or \`credential.json\` contents must not appear in public channel chat. DMs and private channels are allowed for authorized secret handoff, but verify the audience first. If you accidentally paste one into a public channel, immediately tell the credential owner so they can rotate it.
 
-If a tool or error output contains credential-shaped strings, redact them to \`sk_agent_<redacted>\` / \`sk_machine_<redacted>\` shape before reposting.
+If a tool or error output contains credential-shaped strings, redact them to \`sk_agent_<redacted>\` / \`sk_machine_<redacted>\` shape before posting to a public channel.
 
 **Profile credential resolution is strict.** When invoked as \`slock --profile <slug>\` or with \`SLOCK_PROFILE=<slug>\`, the CLI resolves credentials from \`$SLOCK_PROFILE_DIR\` \u2192 \`$SLOCK_HOME/profiles/<slug>\` \u2192 \`$HOME/.slock/profiles/<slug>\` in that order. It does **not** fall back to a different profile's credential, to an ambient user-level token, or to environment-leaked secrets \u2014 if your designated profile credential is missing or unreadable, the CLI fails closed rather than authenticating as someone else.`;
 }
@@ -1808,9 +1808,9 @@ You have MCP tools from the "chat" server. Use ONLY these for communication:
 17. **${cancelReminderCmd}** \u2014 Cancel one of your reminders by ID.`;
   const credentialHygieneSection = isCli ? cliGuideSections.credentialHygiene : `### Credential hygiene
 
-**Never paste credentials into Slock messages, attachments, or task fields.** Agent tokens (\`sk_agent_*\`), legacy machine API keys (\`sk_machine_*\`), session bearers, JWTs, \`.env\` files, or \`credential.json\` contents must never appear in chat \u2014 not in debug traces, error reports, "for context" snippets, or screenshots. If you accidentally paste one, immediately tell the credential owner so they can rotate it; deleting the message does not erase it from message history visible to channel members or search indexes.
+**Never paste credentials into public Slock channels, public-channel threads, or public-channel task/attachment fields.** Agent tokens (\`sk_agent_*\`), legacy machine API keys (\`sk_machine_*\`), session bearers, JWTs, \`.env\` files, or \`credential.json\` contents must not appear in public channel chat. DMs and private channels are allowed for authorized secret handoff, but verify the audience first. If you accidentally paste one into a public channel, immediately tell the credential owner so they can rotate it.
 
-If a tool or error output contains credential-shaped strings, redact them to \`sk_agent_<redacted>\` / \`sk_machine_<redacted>\` shape before reposting.`;
+If a tool or error output contains credential-shaped strings, redact them to \`sk_agent_<redacted>\` / \`sk_machine_<redacted>\` shape before posting to a public channel.`;
   const reminderSection = isCli ? cliGuideSections.reminders : `### Reminders
 
 Use reminders for follow-up that depends on future state you cannot resolve now, whether user-requested or self-driven. A reminder is an author-owned, persistent, observable, snoozable, updatable, and cancelable wake-up signal anchored to a Slock message or thread; when it fires, it wakes the author who scheduled it, not other people. If anchored to a message or thread, the receipt/fire system message is visible in that surface, but wake ownership does not transfer. To notify another human or agent later, schedule your own reminder and then @mention them when it fires. Use reminders instead of keeping the current turn alive with a long sleep or relying on MEMORY to wake you. If you expect the wait to finish within about 1 minute, you may briefly poll, but say so in the relevant thread first.
@@ -2081,19 +2081,6 @@ function listLegacySlockStatePaths(slockHome = resolveSlockHome(), homeDir = os.
   return candidates.filter((candidate) => existsSync(candidate.path));
 }
 
-// src/authEnv.ts
-var DAEMON_API_KEY_ENV = "SLOCK_MACHINE_API_KEY";
-var SLOCK_AGENT_TOKEN_ENV = "SLOCK_AGENT_TOKEN";
-function scrubDaemonAuthEnv(env) {
-  delete env[DAEMON_API_KEY_ENV];
-  return env;
-}
-function scrubDaemonChildEnv(env) {
-  delete env[DAEMON_API_KEY_ENV];
-  delete env[SLOCK_AGENT_TOKEN_ENV];
-  return env;
-}
-
 // src/agentCredentialProxy.ts
 import { randomBytes } from "crypto";
 import http from "http";
@@ -3580,9 +3567,7 @@ var LOOPBACK_NO_PROXY = "127.0.0.1,localhost";
 var CLI_TRANSPORT_TRACE_DIR_ENV = "SLOCK_CLI_TRANSPORT_TRACE_DIR";
 var safePathPart = (value) => value.replace(/[^a-zA-Z0-9_.-]/g, "_");
 var RAW_CREDENTIAL_ENV_DENYLIST = [
-  "SLOCK_AGENT_TOKEN",
-  "SLOCK_AGENT_CREDENTIAL_KEY",
-  "SLOCK_AGENT_CREDENTIAL_KEY_FILE"
+  "SLOCK_AGENT_CREDENTIAL_KEY"
 ];
 var cachedOpencliBinPath;
 function resolveOpencliBinPath() {
@@ -3797,7 +3782,7 @@ exec ${shellSingleQuote(process.execPath)} ${shellSingleQuote(opencliBinPath)} "
     ...agentCredentialProxy ? {} : { SLOCK_AGENT_TOKEN_FILE: tokenFile },
     PATH: `${slockDir}${path2.delimiter}${process.env.PATH ?? ""}`
   };
-  scrubDaemonChildEnv(spawnEnv);
+  delete spawnEnv.SLOCK_AGENT_TOKEN;
   for (const key of RAW_CREDENTIAL_ENV_DENYLIST) {
     delete spawnEnv[key];
   }
@@ -4226,7 +4211,7 @@ function resolveCommandOnWindows(command, env, execFileSyncFn, existsSyncFn) {
 }
 function resolveCommandOnPath(command, deps = {}) {
   const platform = deps.platform ?? process.platform;
-  const env = scrubDaemonChildEnv({ ...withWindowsUserEnvironment(deps.env ?? process.env, deps) });
+  const env = withWindowsUserEnvironment(deps.env ?? process.env, deps);
   const execFileSyncFn = deps.execFileSyncFn ?? execFileSync;
   const existsSyncFn = deps.existsSyncFn ?? existsSync2;
   if (platform === "win32") {
@@ -4252,7 +4237,7 @@ function firstExistingPath(candidates, deps = {}) {
   return null;
 }
 function readCommandVersion(command, args = [], deps = {}) {
-  const env = scrubDaemonChildEnv({ ...withWindowsUserEnvironment(deps.env ?? process.env, deps) });
+  const env = withWindowsUserEnvironment(deps.env ?? process.env, deps);
   const execFileSyncFn = deps.execFileSyncFn ?? execFileSync;
   try {
     const output = normalizeExecOutput(execFileSyncFn(command, [...args, "--version"], {
@@ -5606,11 +5591,11 @@ function detectCursorModels(runCommand = runCursorModelsCommand) {
   return parseCursorModelsOutput(String(result.stdout || ""));
 }
 function buildCursorModelProbeEnv(deps = {}) {
-  return scrubDaemonChildEnv(withWindowsUserEnvironment({
+  return withWindowsUserEnvironment({
     ...deps.env ?? process.env,
     FORCE_COLOR: "0",
     NO_COLOR: "1"
-  }, deps));
+  }, deps);
 }
 function runCursorModelsCommand() {
   return spawnSync("cursor-agent", ["models"], {
@@ -5666,7 +5651,7 @@ function resolveGeminiSpawn(commandArgs, deps = {}) {
   }
   const execFileSyncFn = deps.execFileSyncFn ?? execFileSync3;
   const existsSyncFn = deps.existsSyncFn ?? existsSync4;
-  const env = scrubDaemonChildEnv({ ...deps.env ?? process.env });
+  const env = deps.env ?? process.env;
   const winPath = path6.win32;
   let geminiEntry = null;
   try {
@@ -5806,15 +5791,12 @@ var GeminiDriver = class {
 // src/drivers/kimi.ts
 import { randomUUID as randomUUID2 } from "crypto";
 import { spawn as spawn7 } from "child_process";
-import { chmodSync, existsSync as existsSync5, readFileSync as readFileSync3, writeFileSync as writeFileSync3 } from "fs";
+import { existsSync as existsSync5, readFileSync as readFileSync3, writeFileSync as writeFileSync3 } from "fs";
 import os3 from "os";
 import path7 from "path";
 var KIMI_WIRE_PROTOCOL_VERSION = "1.3";
 var KIMI_SYSTEM_PROMPT_FILE = ".slock-kimi-system.md";
 var KIMI_AGENT_FILE = ".slock-kimi-agent.yaml";
-var KIMI_GENERATED_CONFIG_FILE = ".slock-kimi-config.toml";
-var SLOCK_KIMI_CONFIG_CONTENT_ENV = "SLOCK_KIMI_CONFIG_CONTENT";
-var SLOCK_KIMI_CONFIG_FILE_ENV = "SLOCK_KIMI_CONFIG_FILE";
 function parseToolArguments(raw) {
   if (typeof raw !== "string") return raw;
   try {
@@ -5823,73 +5805,6 @@ function parseToolArguments(raw) {
     return raw;
   }
 }
-function readKimiConfigSource(home = os3.homedir(), env = process.env) {
-  const inlineConfig = env[SLOCK_KIMI_CONFIG_CONTENT_ENV];
-  if (inlineConfig && inlineConfig.trim()) {
-    return {
-      raw: inlineConfig,
-      explicitPath: null,
-      sourcePath: SLOCK_KIMI_CONFIG_CONTENT_ENV
-    };
-  }
-  const explicitPath = env[SLOCK_KIMI_CONFIG_FILE_ENV];
-  const configPath = explicitPath && explicitPath.trim() ? explicitPath : path7.join(home, ".kimi", "config.toml");
-  try {
-    return {
-      raw: readFileSync3(configPath, "utf8"),
-      explicitPath: explicitPath && explicitPath.trim() ? explicitPath : null,
-      sourcePath: configPath
-    };
-  } catch {
-    return {
-      raw: null,
-      explicitPath: explicitPath && explicitPath.trim() ? explicitPath : null,
-      sourcePath: configPath
-    };
-  }
-}
-function buildKimiSpawnEnv(env = process.env) {
-  const spawnEnv = { ...env, FORCE_COLOR: "0", NO_COLOR: "1" };
-  delete spawnEnv[SLOCK_KIMI_CONFIG_CONTENT_ENV];
-  delete spawnEnv[SLOCK_KIMI_CONFIG_FILE_ENV];
-  return scrubDaemonChildEnv(spawnEnv);
-}
-function buildKimiEffectiveEnv(ctx, overrideEnv) {
-  return {
-    ...process.env,
-    ...ctx.config.envVars || {},
-    ...overrideEnv || {}
-  };
-}
-function buildKimiLaunchOptions(ctx, opts = {}) {
-  const env = buildKimiEffectiveEnv(ctx, opts.env);
-  const source = readKimiConfigSource(opts.home ?? os3.homedir(), env);
-  const args = [];
-  let configFilePath = null;
-  let configContent = null;
-  if (source.explicitPath) {
-    configFilePath = source.explicitPath;
-  } else if (source.raw !== null && source.sourcePath === SLOCK_KIMI_CONFIG_CONTENT_ENV) {
-    configFilePath = path7.join(ctx.workingDirectory, KIMI_GENERATED_CONFIG_FILE);
-    configContent = source.raw;
-    if (opts.writeGeneratedConfig !== false) {
-      writeFileSync3(configFilePath, source.raw, { encoding: "utf8", mode: 384 });
-      chmodSync(configFilePath, 384);
-    }
-  }
-  if (configFilePath) {
-    args.push("--config-file", configFilePath);
-  }
-  if (ctx.config.model && ctx.config.model !== "default") {
-    args.push("--model", ctx.config.model);
-  }
-  return {
-    args,
-    env: buildKimiSpawnEnv(env),
-    configFilePath,
-    configContent
-  };
-}
 function resolveKimiSpawn(commandArgs, deps = {}) {
   return {
     command: resolveCommandOnPath("kimi", deps) ?? "kimi",
@@ -5913,25 +5828,7 @@ var KimiDriver = class {
   };
   model = {
     detectedModelsVerifiedAs: "launchable",
-    toLaunchSpec: (modelId, ctx, opts) => {
-      if (!ctx) return { args: ["--model", modelId] };
-      const launchCtx = {
-        ...ctx,
-        config: {
-          ...ctx.config,
-          model: modelId
-        }
-      };
-      const launch = buildKimiLaunchOptions(launchCtx, {
-        home: opts?.home,
-        writeGeneratedConfig: false
-      });
-      return {
-        args: launch.args,
-        env: launch.env,
-        configFiles: launch.configFilePath ? [launch.configFilePath] : void 0
-      };
-    }
+    toLaunchSpec: (modelId) => ({ args: ["--model", modelId] })
   };
   supportsStdinNotification = true;
   mcpToolPrefix = "";
@@ -5957,23 +5854,21 @@ var KimiDriver = class {
       `  system_prompt_path: ./${KIMI_SYSTEM_PROMPT_FILE}`,
       ""
     ].join("\n"), "utf8");
-    const launch = buildKimiLaunchOptions(ctx);
     const args = [
       "--wire",
       "--yolo",
       "--agent-file",
       agentFilePath,
       "--session",
-      this.sessionId,
-      ...launch.args
+      this.sessionId
     ];
     const launchRuntimeFields = runtimeConfigToLaunchFields(ctx.config);
     if (launchRuntimeFields.model && launchRuntimeFields.model !== "default") {
       args.push("--model", launchRuntimeFields.model);
     }
     const spawnEnv = (await prepareCliTransport(ctx, { NO_COLOR: "1" })).spawnEnv;
-    const spawnTarget = resolveKimiSpawn(args);
-    const proc = spawn7(spawnTarget.command, spawnTarget.args, {
+    const launch = resolveKimiSpawn(args);
+    const proc = spawn7(launch.command, launch.args, {
       cwd: ctx.workingDirectory,
       stdio: ["pipe", "pipe", "pipe"],
       env: spawnEnv,
@@ -5981,7 +5876,7 @@ var KimiDriver = class {
       // and has an 8191-character command-line limit. Kimi's official
       // installer/uv entrypoint is an executable, so launch it directly and
       // keep prompts on stdin / files instead of routing through cmd.exe.
-      shell: spawnTarget.shell
+      shell: launch.shell
     });
     proc.stdin?.write(JSON.stringify({
       jsonrpc: "2.0",
@@ -6095,9 +5990,14 @@ var KimiDriver = class {
     return detectKimiModels();
   }
 };
-function detectKimiModels(home = os3.homedir(), opts = {}) {
-  const raw = readKimiConfigSource(home, opts.env).raw;
-  if (raw === null) return null;
+function detectKimiModels(home = os3.homedir()) {
+  const configPath = path7.join(home, ".kimi", "config.toml");
+  let raw;
+  try {
+    raw = readFileSync3(configPath, "utf8");
+  } catch {
+    return null;
+  }
   const models = [];
   const sectionRe = /^\s*\[models(?:\.([^\]]+)|"\.[^"]+"|\."[^"]+")\s*\]\s*$/gm;
   const lineRe = /^\s*\[models\.(.+?)\s*\]\s*$/gm;
@@ -6337,7 +6237,7 @@ function runOpenCodeModelsCommand(home, deps = {}) {
   const platform = deps.platform ?? process.platform;
   const spawnSyncFn = deps.spawnSyncFn ?? spawnSync2;
   const result = spawnSyncFn("opencode", ["models"], {
-    env: scrubDaemonChildEnv({ ...process.env, HOME: home, FORCE_COLOR: "0", NO_COLOR: "1" }),
+    env: { ...process.env, HOME: home, FORCE_COLOR: "0", NO_COLOR: "1" },
     encoding: "utf8",
     timeout: 5e3,
     shell: platform === "win32"
@@ -8085,6 +7985,9 @@ var STDIN_NOTIFICATION_INITIAL_DELAY_MS = 3e3;
 var STDIN_NOTIFICATION_RETRY_DELAY_MS = 15e3;
 var RUNTIME_ERROR_DELIVERY_BACKOFF_BASE_MS = 1e4;
 var RUNTIME_ERROR_DELIVERY_BACKOFF_MAX_MS = 5 * 6e4;
+var SPAWN_FAIL_BACKOFF_BASE_MS = 1e3;
+var SPAWN_FAIL_BACKOFF_MAX_MS = 3e4;
+var SPAWN_FAIL_BACKOFF_THRESHOLD = 3;
 var COMPACTION_STALE_MS = 5 * 6e4;
 var RUNTIME_PROGRESS_STALE_MS = 15 * 6e4;
 var DEFAULT_RUNTIME_START_TIMEOUT_MS = 2 * 6e4;
@@ -8592,6 +8495,12 @@ function summarizeCrash(code, signal) {
   if (typeof code === "number") return `exit code ${code}`;
   return "unknown exit";
 }
+function currentErrorCandidates(ap) {
+  return [
+    ap.runtimeErrorSinceProgress ? ap.lastRuntimeError : null,
+    ...ap.recentDecisionStderr
+  ].filter((value) => !!value);
+}
 function classifyTerminalFailure(ap) {
   const candidates = [
     ap.lastRuntimeError,
@@ -8635,21 +8544,16 @@ function isCodexProviderReconnectLog(text) {
 function isCodexBenignTransportLog(text) {
   return /Falling back from WebSockets/i.test(text);
 }
+function isStdinClassRecoveryLine(text) {
+  return /write_stdin failed|stdin is closed|closed for this session|session.*closed/i.test(text);
+}
 function hasDirectStdinRecoveryEvidence(ap) {
-  const candidates = [
-    ap.lastRuntimeError,
-    ...ap.recentStderr
-  ].filter((value) => !!value);
-  return candidates.some(
-    (text) => /write_stdin failed|stdin is closed|closed for this session|session.*closed/i.test(text)
-  );
+  const candidates = currentErrorCandidates(ap);
+  return candidates.some((text) => isStdinClassRecoveryLine(text));
 }
 function resumeSessionRecoveryReason(ap) {
   if (!ap.sessionId) return null;
-  const candidates = [
-    ap.lastRuntimeError,
-    ...ap.recentStderr
-  ].filter((value) => !!value);
+  const candidates = currentErrorCandidates(ap);
   if (ap.driver.id === "claude") {
     return candidates.some((text) => /No conversation found with session ID/i.test(text)) ? "missing" : null;
   }
@@ -8960,6 +8864,11 @@ var AgentProcessManager = class _AgentProcessManager {
   runtimeExitTraceAttrs = /* @__PURE__ */ new WeakMap();
   agentVisibleBoundaries = /* @__PURE__ */ new Map();
   agentVisibleMessageIds = /* @__PURE__ */ new Map();
+  // Spawn-fail backoff state per-agent (lifted outside AgentProcess because spawn fails
+  // BEFORE ap exists; rate-state must persist across stop/respawn so churn can't bypass).
+  // Explicit stop clears (fresh launch resets dedup clock — CC1 lifecycle pattern); silent
+  // stop preserves (same-launch respawn must keep counter or churn bypasses the cap).
+  agentSpawnFailBackoff = /* @__PURE__ */ new Map();
   daemonVersion;
   computerVersion;
   constructor(sendToServer, daemonApiKey, opts) {
@@ -9039,6 +8948,57 @@ var AgentProcessManager = class _AgentProcessManager {
     const id = typeof message.message_id === "string" ? message.message_id : typeof message.id === "string" ? message.id : "";
     return id.length > 0 && this.getVisibleMessageIdSet(agentId, target)?.has(id) === true;
   }
+  // ----- SPAWN-FAIL BACKOFF (per-agent) ----------------------------------
+  // Anchored at auto_restart_from_idle (apm:3596) + runtime_profile_auto_restart (apm:4137).
+  // Threshold > 1 → first SPAWN_FAIL_BACKOFF_THRESHOLD failures behave as today (preserves
+  // single-transient-hiccup); subsequent failure schedules a per-agent cooldown gating new
+  // spawn attempts. Successful spawn resets state. State lives outside AgentProcess because
+  // spawn fails BEFORE ap exists and the rate-window must persist across stop/respawn
+  // (else stop/start churn bypasses the cap — CC1 lifecycle pattern). Never advances any
+  // consume cursor or model-seen state (3-cursor orthogonality with CC1/CC2).
+  getOrCreateSpawnFailBackoff(agentId) {
+    let state = this.agentSpawnFailBackoff.get(agentId);
+    if (!state) {
+      state = createRuntimeErrorDeliveryBackoffState();
+      this.agentSpawnFailBackoff.set(agentId, state);
+    }
+    return state;
+  }
+  isSpawnFailBackoffActive(agentId) {
+    const state = this.agentSpawnFailBackoff.get(agentId);
+    if (!state) return false;
+    return state.untilMs > 0 && this.clockNow() < state.untilMs;
+  }
+  clockNow() {
+    return Date.now();
+  }
+  recordSpawnFailure(agentId, reason) {
+    const state = this.getOrCreateSpawnFailBackoff(agentId);
+    state.attempts += 1;
+    state.reason = reason;
+    if (state.attempts <= SPAWN_FAIL_BACKOFF_THRESHOLD) {
+      state.untilMs = 0;
+      return { backoffActive: false, attempts: state.attempts, untilMs: 0 };
+    }
+    const exponent = Math.min(state.attempts - SPAWN_FAIL_BACKOFF_THRESHOLD, 10);
+    const baseDelay = Math.min(SPAWN_FAIL_BACKOFF_MAX_MS, SPAWN_FAIL_BACKOFF_BASE_MS * Math.pow(2, exponent));
+    state.untilMs = this.clockNow() + Math.floor(baseDelay);
+    if (state.timer) clearTimeout(state.timer);
+    state.timer = setTimeout(() => {
+      const s = this.agentSpawnFailBackoff.get(agentId);
+      if (s) {
+        s.timer = null;
+        s.untilMs = 0;
+      }
+    }, Math.max(1, state.untilMs - this.clockNow()));
+    return { backoffActive: true, attempts: state.attempts, untilMs: state.untilMs };
+  }
+  resetSpawnFailBackoff(agentId) {
+    const state = this.agentSpawnFailBackoff.get(agentId);
+    if (!state) return;
+    if (state.timer) clearTimeout(state.timer);
+    this.agentSpawnFailBackoff.delete(agentId);
+  }
   scheduleStdinNotification(agentId, ap, delayMs) {
     return ap.notifications.schedule(() => {
       this.sendStdinNotification(agentId);
@@ -9893,6 +9853,8 @@ Use ${communicationCommand(driver, "read_history")} to catch up on the channels
         recentStdout: [],
         recentStderr: [],
         lastRuntimeError: null,
+        recentDecisionStderr: [],
+        runtimeErrorSinceProgress: false,
         runtimeErrorDeliveryBackoff: createRuntimeErrorDeliveryBackoffState(),
         spawnError: null,
         exitCode: null,
@@ -9936,6 +9898,7 @@ Use ${communicationCommand(driver, "read_history")} to catch up on the channels
         if (driver.id === "codex" && isCodexProviderReconnectLog(text)) {
           if (current) {
             current.recentStderr = pushRecentStderr(current.recentStderr, text);
+            current.recentDecisionStderr = pushRecentStderr(current.recentDecisionStderr, text);
           }
           this.recordDaemonTrace("daemon.agent.provider_reconnect", {
             agentId,
@@ -9952,6 +9915,7 @@ Use ${communicationCommand(driver, "read_history")} to catch up on the channels
         if (driver.id === "codex" && isCodexBenignTransportLog(text)) return;
         if (current) {
           current.recentStderr = pushRecentStderr(current.recentStderr, text);
+          current.recentDecisionStderr = pushRecentStderr(current.recentDecisionStderr, text);
         }
         logger.error(`[Agent ${agentId} stderr]: ${text}`);
       });
@@ -10442,6 +10406,7 @@ Use ${communicationCommand(driver, "read_history")} to catch up on the channels
       this.activityClientSeqByAgent.delete(agentId);
       this.agentVisibleBoundaries.delete(agentId);
       this.agentVisibleMessageIds.delete(agentId);
+      this.resetSpawnFailBackoff(agentId);
     }
     this.runtimeExitTraceAttrs.set(ap.runtime, {
       stop_source: silent ? "daemon_internal" : "explicit_request",
@@ -10538,6 +10503,25 @@ Use ${communicationCommand(driver, "read_history")} to catch up on the channels
           return true;
         }
         logger.info(`[Agent ${agentId}] Starting from idle state for new message`);
+        if (this.isSpawnFailBackoffActive(agentId)) {
+          const state = this.agentSpawnFailBackoff.get(agentId);
+          const pending = this.startingInboxes.get(agentId) || [];
+          pending.push(message);
+          this.startingInboxes.set(agentId, pending);
+          this.recordDaemonTrace("daemon.agent.delivery.routed", this.deliveryTraceAttrs(agentId, message, {
+            outcome: "spawn_fail_cooldown_active",
+            accepted: true,
+            process_present: false,
+            cached_idle_config_present: true,
+            runtime: cached.config.runtime,
+            session_id_present: Boolean(cached.sessionId),
+            launchId: cached.launchId || void 0,
+            spawn_fail_attempts: state.attempts,
+            spawn_fail_until_ms: state.untilMs,
+            starting_inbox_count: pending.length
+          }));
+          return true;
+        }
         this.idleAgentConfigs.delete(agentId);
         this.recordDaemonTrace("daemon.agent.delivery.routed", this.deliveryTraceAttrs(agentId, message, {
           outcome: "auto_restart_from_idle",
@@ -10548,12 +10532,33 @@ Use ${communicationCommand(driver, "read_history")} to catch up on the channels
           session_id_present: Boolean(cached.sessionId),
           launchId: cached.launchId || void 0
         }));
-        return this.startAgent(agentId, cached.config, message, void 0, void 0, cached.launchId || void 0, transientDelivery).then(() => true, (err) => {
+        return this.startAgent(agentId, cached.config, message, void 0, void 0, cached.launchId || void 0, transientDelivery).then(() => {
+          this.resetSpawnFailBackoff(agentId);
+          return true;
+        }, (err) => {
           logger.error(`[Agent ${agentId}] Failed to auto-restart`, err);
           if (this.reportRunnerCredentialMintFailure(agentId, err, cached.launchId, "idle_auto_restart")) {
+            const report2 = this.recordSpawnFailure(agentId, "runner_credential_mint");
+            this.recordDaemonTrace("daemon.agent.spawn.fail_backoff", {
+              agentId,
+              source: "idle_auto_restart",
+              reason: "runner_credential_mint",
+              attempts: report2.attempts,
+              cooldown_active: report2.backoffActive,
+              until_ms: report2.untilMs
+            });
             return false;
           }
           this.idleAgentConfigs.set(agentId, cached);
+          const report = this.recordSpawnFailure(agentId, "spawn_error");
+          this.recordDaemonTrace("daemon.agent.spawn.fail_backoff", {
+            agentId,
+            source: "idle_auto_restart",
+            reason: "spawn_error",
+            attempts: report.attempts,
+            cooldown_active: report.backoffActive,
+            until_ms: report.untilMs
+          });
           return false;
         });
       }
@@ -11028,10 +11033,35 @@ Use ${communicationCommand(driver, "read_history")} to catch up on the channels
     const cached = this.idleAgentConfigs.get(agentId);
     if (cached) {
       logger.info(`[Agent ${agentId}] Starting from idle state for runtime profile ${kind} ${key}`);
+      if (this.isSpawnFailBackoffActive(agentId)) {
+        const state = this.agentSpawnFailBackoff.get(agentId);
+        span.end("ok", {
+          attrs: {
+            outcome: "spawn_fail_cooldown_active",
+            runtime: cached.config.runtime,
+            launchId: cached.launchId || void 0,
+            spawn_fail_attempts: state.attempts,
+            spawn_fail_until_ms: state.untilMs
+          }
+        });
+        return true;
+      }
       this.idleAgentConfigs.delete(agentId);
-      return this.startAgent(agentId, cached.config, message, void 0, void 0, cached.launchId || void 0).then(() => true, (err) => {
+      return this.startAgent(agentId, cached.config, message, void 0, void 0, cached.launchId || void 0).then(() => {
+        this.resetSpawnFailBackoff(agentId);
+        return true;
+      }, (err) => {
         logger.error(`[Agent ${agentId}] Failed to auto-restart for runtime profile notification`, err);
         if (this.reportRunnerCredentialMintFailure(agentId, err, cached.launchId, "runtime_profile_auto_restart")) {
+          const report2 = this.recordSpawnFailure(agentId, "runner_credential_mint");
+          this.recordDaemonTrace("daemon.agent.spawn.fail_backoff", {
+            agentId,
+            source: "runtime_profile_auto_restart",
+            reason: "runner_credential_mint",
+            attempts: report2.attempts,
+            cooldown_active: report2.backoffActive,
+            until_ms: report2.untilMs
+          });
           span.end("error", {
             attrs: {
               outcome: "runner_credential_mint_failed",
@@ -11042,6 +11072,15 @@ Use ${communicationCommand(driver, "read_history")} to catch up on the channels
           return false;
         }
         this.idleAgentConfigs.set(agentId, cached);
+        const report = this.recordSpawnFailure(agentId, "spawn_error");
+        this.recordDaemonTrace("daemon.agent.spawn.fail_backoff", {
+          agentId,
+          source: "runtime_profile_auto_restart",
+          reason: "spawn_error",
+          attempts: report.attempts,
+          cooldown_active: report.backoffActive,
+          until_ms: report.untilMs
+        });
         span.end("error", {
           attrs: {
             outcome: "restart_failed",
@@ -11635,6 +11674,21 @@ Use ${communicationCommand(driver, "read_history")} to catch up on the channels
   }
   noteRuntimeProgress(ap, eventKind) {
     ap.runtimeProgress.noteRuntimeEvent(eventKind);
+    this.invalidateRecoveryErrorView(ap);
+  }
+  /**
+   * Invalidate the decision-only error view on a liveness signal. The process is
+   * alive and has moved past any error it logged earlier in the turn, so a stale
+   * error must not keep restarting/re-routing a recovered agent. Error-class
+   * agnostic; a genuinely current failure re-populates the view after this point.
+   * Called on BOTH progress paths — ordinary runtime events and
+   * `internal_progress` (raw runtime activity that stale-recovery already treats
+   * as liveness). `recentStderr`/`lastRuntimeError` are untouched and stay full
+   * for diagnostics, user-facing reporting, and sticky terminal-failure gating.
+   */
+  invalidateRecoveryErrorView(ap) {
+    ap.recentDecisionStderr = [];
+    ap.runtimeErrorSinceProgress = false;
   }
   recordGatedSteeringEvent(agentId, ap, event, attrs = {}) {
     if (ap.runtime.descriptor.busyDelivery !== "gated") return;
@@ -11825,6 +11879,7 @@ Use ${communicationCommand(driver, "read_history")} to catch up on the channels
     const terminalFailureDetail = classifyTerminalFailure(ap);
     const detail = terminalFailureDetail?.detail ?? formatRuntimeStartTimeoutMessage(ap.driver.id);
     ap.lastRuntimeError = detail;
+    ap.runtimeErrorSinceProgress = true;
     ap.runtimeProgress.markStale();
     const staleForMs = Math.max(timeoutMs, ap.runtimeProgress.ageMs());
     const diagnostic = buildRuntimeStallDiagnostic(ap, staleForMs, Math.max(1, Math.floor(staleForMs / 6e4)));
@@ -11979,6 +12034,7 @@ Use ${communicationCommand(driver, "read_history")} to catch up on the channels
       }
       if (event.kind === "internal_progress") {
         ap.runtimeProgress.noteInternalProgress();
+        this.invalidateRecoveryErrorView(ap);
         this.clearRuntimeErrorDeliveryBackoffAfterProgress(agentId, ap, event.kind);
         this.recordRuntimeTraceEvent(agentId, ap, "runtime.progress.internal_observed", {
           turn_outcome: "held",
@@ -12153,7 +12209,10 @@ Use ${communicationCommand(driver, "read_history")} to catch up on the channels
       case "error": {
         this.interruptCompactionIfActive(agentId);
         this.flushPendingTrajectory(agentId);
-        if (ap) ap.lastRuntimeError = event.message;
+        if (ap) {
+          ap.lastRuntimeError = event.message;
+          ap.runtimeErrorSinceProgress = true;
+        }
         let visibleErrorMessage = event.message;
         if (ap) {
           const runtimeErrorDiagnostics = buildRuntimeErrorDiagnosticEnvelope(event.message);
@@ -13863,7 +13922,7 @@ var DAEMON_CORE_TRACE_ATTR_CONTRACTS = {
     spanAttrs: ["running_agents_count", "idle_agents_count"]
   }
 };
-var DAEMON_CLI_USAGE = `Usage: slock-daemon --server-url <url> (--api-key <key> or ${DAEMON_API_KEY_ENV}=<key>)`;
+var DAEMON_CLI_USAGE = "Usage: slock-daemon --server-url <url> --api-key <key>";
 var RunnerCredentialMintError2 = class extends Error {
   code;
   retryable;
@@ -13899,9 +13958,9 @@ function runnerCredentialErrorDetail2(error) {
 async function waitForRunnerCredentialRetry2() {
   await new Promise((resolve) => setTimeout(resolve, RUNNER_CREDENTIAL_MINT_RETRY_DELAY_MS2));
 }
-function parseDaemonCliArgs(args, env = {}) {
+function parseDaemonCliArgs(args) {
   let serverUrl = "";
-  let apiKey = env[DAEMON_API_KEY_ENV] ?? "";
+  let apiKey = "";
   for (let i = 0; i < args.length; i++) {
     if (args[i] === "--server-url" && args[i + 1]) serverUrl = args[++i];
     if (args[i] === "--api-key" && args[i + 1]) apiKey = args[++i];
@@ -14682,8 +14741,6 @@ var DaemonCore = class {
 };
 
 export {
-  DAEMON_API_KEY_ENV,
-  scrubDaemonAuthEnv,
   subscribeDaemonLogs,
   resolveWorkspaceDirectoryPath,
   scanWorkspaceDirectories,

package/dist/core.js

@@ -1,5 +1,4 @@
 import {
-  DAEMON_API_KEY_ENV,
   DAEMON_CLI_USAGE,
   DaemonCore,
   deleteWorkspaceDirectory,
@@ -9,11 +8,9 @@ import {
   resolveSlockCliPath,
   resolveWorkspaceDirectoryPath,
   scanWorkspaceDirectories,
-  scrubDaemonAuthEnv,
   subscribeDaemonLogs
-} from "./chunk-JVPMCKSF.js";
+} from "./chunk-H2QU4LAU.js";
 export {
-  DAEMON_API_KEY_ENV,
   DAEMON_CLI_USAGE,
   DaemonCore,
   deleteWorkspaceDirectory,
@@ -23,6 +20,5 @@ export {
   resolveSlockCliPath,
   resolveWorkspaceDirectoryPath,
   scanWorkspaceDirectories,
-  scrubDaemonAuthEnv,
   subscribeDaemonLogs
 };

package/dist/index.js

@@ -2,13 +2,11 @@
 import {
   DAEMON_CLI_USAGE,
   DaemonCore,
-  parseDaemonCliArgs,
-  scrubDaemonAuthEnv
-} from "./chunk-JVPMCKSF.js";
+  parseDaemonCliArgs
+} from "./chunk-H2QU4LAU.js";
 
 // src/index.ts
-var parsedArgs = parseDaemonCliArgs(process.argv.slice(2), process.env);
-scrubDaemonAuthEnv(process.env);
+var parsedArgs = parseDaemonCliArgs(process.argv.slice(2));
 if (!parsedArgs) {
   console.error(DAEMON_CLI_USAGE);
   process.exit(1);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@slock-ai/daemon",
-  "version": "0.57.2-play.20260608142014",
+  "version": "0.57.3",
   "type": "module",
   "bin": {
     "slock-daemon": "dist/index.js"
@@ -31,7 +31,7 @@
     "prepublishOnly": "pnpm run build",
     "typecheck": "tsc --noEmit",
     "generate:slock-cli-guide": "tsx scripts/generate-slock-cli-guide.ts",
-    "check:slock-cli-guide-fresh": "pnpm generate:slock-cli-guide && git diff --exit-code ../../docs/agent-knowledge/slock-cli-overview.mdx",
+    "check:slock-cli-guide-fresh": "pnpm generate:slock-cli-guide && git diff --exit-code ../../manual/agent-knowledge/slock-cli-overview.md",
     "release:patch": "npm version patch --no-git-tag-version && cd ../.. && pnpm install --lockfile-only && git add packages/daemon/package.json pnpm-lock.yaml && git commit -m \"chore: bump @slock-ai/daemon to v$(node -p \"require('./packages/daemon/package.json').version\")\" && git tag daemon-v$(node -p \"require('./packages/daemon/package.json').version\") && git push && git push --tags",
     "release:minor": "npm version minor --no-git-tag-version && cd ../.. && pnpm install --lockfile-only && git add packages/daemon/package.json pnpm-lock.yaml && git commit -m \"chore: bump @slock-ai/daemon to v$(node -p \"require('./packages/daemon/package.json').version\")\" && git tag daemon-v$(node -p \"require('./packages/daemon/package.json').version\") && git push && git push --tags",
     "release:major": "npm version major --no-git-tag-version && cd ../.. && pnpm install --lockfile-only && git add packages/daemon/package.json pnpm-lock.yaml && git commit -m \"chore: bump @slock-ai/daemon to v$(node -p \"require('./packages/daemon/package.json').version\")\" && git tag daemon-v$(node -p \"require('./packages/daemon/package.json').version\") && git push && git push --tags",

package/dist/drivers/piSdkRunner.js

@@ -1,96 +0,0 @@
-// src/drivers/piSdkRunner.ts
-import { readFile } from "fs/promises";
-import path from "path";
-import {
-  AuthStorage,
-  createAgentSessionFromServices,
-  createAgentSessionServices,
-  SessionManager
-} from "@earendil-works/pi-coding-agent";
-function writeJson(value) {
-  process.stdout.write(`${JSON.stringify(value)}
-`);
-}
-function parseArgs(argv) {
-  const index = argv.indexOf("--config");
-  const configPath = index >= 0 ? argv[index + 1] : void 0;
-  if (!configPath) throw new Error("Missing --config <path>");
-  return { configPath };
-}
-function resolveConfiguredModel(modelId, modelRegistry) {
-  if (!modelId) return void 0;
-  const [provider, ...rest] = modelId.split("/");
-  const providerScopedId = rest.join("/");
-  if (provider && providerScopedId) {
-    const exact = modelRegistry.find(provider, providerScopedId);
-    if (exact) return exact;
-  }
-  return modelRegistry.getAll().find(
-    (model) => model.id === modelId || `${model.provider}/${model.id}` === modelId || (providerScopedId ? model.id === providerScopedId : false)
-  );
-}
-async function createSessionManager(config) {
-  if (!config.sessionId) return SessionManager.create(config.cwd, config.sessionDir);
-  const localSessions = await SessionManager.list(config.cwd, config.sessionDir);
-  const match = localSessions.find((session) => session.id.startsWith(config.sessionId));
-  if (match) return SessionManager.open(match.path, config.sessionDir);
-  return SessionManager.create(config.cwd, config.sessionDir);
-}
-async function run() {
-  const { configPath } = parseArgs(process.argv.slice(2));
-  const config = JSON.parse(await readFile(configPath, "utf8"));
-  const authStorage = AuthStorage.create(path.join(config.agentDir, "auth.json"));
-  const services = await createAgentSessionServices({
-    cwd: config.cwd,
-    agentDir: config.agentDir,
-    authStorage,
-    resourceLoaderOptions: {
-      appendSystemPrompt: [config.standingPrompt],
-      noContextFiles: true,
-      noExtensions: true,
-      noPromptTemplates: true,
-      noSkills: true,
-      noThemes: true
-    }
-  });
-  for (const diagnostic of services.diagnostics) {
-    const line = `[Pi SDK] ${diagnostic.type}: ${diagnostic.message}`;
-    if (diagnostic.type === "error") throw new Error(line);
-    process.stderr.write(`${line}
-`);
-  }
-  const sessionManager = await createSessionManager(config);
-  const model = resolveConfiguredModel(config.model, services.modelRegistry);
-  if (config.model && !model) {
-    throw new Error(`Configured Pi model '${config.model}' was not found in Pi model registry.`);
-  }
-  const { session } = await createAgentSessionFromServices({
-    services,
-    sessionManager,
-    model
-  });
-  const header = session.sessionManager.getHeader();
-  if (header) writeJson(header);
-  const unsubscribe = session.subscribe((event) => writeJson(event));
-  try {
-    await session.prompt(config.prompt);
-  } finally {
-    unsubscribe();
-    session.dispose();
-    await services.settingsManager.flush();
-  }
-}
-run().catch((error) => {
-  const message = error instanceof Error ? error.message : String(error);
-  writeJson({
-    type: "message_end",
-    message: {
-      role: "assistant",
-      content: [],
-      stopReason: "error",
-      errorMessage: message
-    }
-  });
-  writeJson({ type: "turn_end" });
-  process.exitCode = 1;
-});