@swarmclawai/swarmclaw 0.6.0 → 0.6.3

package/README.md

@@ -1,7 +1,8 @@
 # SwarmClaw
 
 [![CI](https://github.com/swarmclawai/swarmclaw/actions/workflows/ci.yml/badge.svg)](https://github.com/swarmclawai/swarmclaw/actions/workflows/ci.yml)
-[![Release](https://img.shields.io/github/v/release/swarmclawai/swarmclaw?sort=semver)](https://github.com/swarmclawai/swarmclaw/releases)
+[![Release](https://img.shields.io/github/v/tag/swarmclawai/swarmclaw)](https://github.com/swarmclawai/swarmclaw/releases)
+[![npm](https://img.shields.io/npm/v/%40swarmclawai%2Fswarmclaw?label=npm)](https://www.npmjs.com/package/@swarmclawai/swarmclaw)
 
 <p align="center">
   <img src="https://raw.githubusercontent.com/swarmclawai/swarmclaw/main/public/branding/swarmclaw-org-avatar.png" alt="SwarmClaw lobster logo" width="120" />
@@ -22,46 +23,6 @@ Inspired by [OpenClaw](https://github.com/openclaw).
 - Review agent system prompts before giving them shell or browser tools
 - Repeated failed access key attempts are rate-limited to slow brute-force attacks
 
-## Features
-
-- **15 Built-in Providers** — Claude Code CLI, OpenAI Codex CLI, OpenCode CLI, Anthropic, OpenAI, Google Gemini, DeepSeek, Groq, Together AI, Mistral AI, xAI (Grok), Fireworks AI, Ollama, plus custom OpenAI-compatible endpoints
-- **OpenClaw Gateway** — Per-agent toggle to connect any agent to a local or remote OpenClaw gateway. Each agent gets its own gateway URL and token — run a swarm of OpenClaws from one dashboard. The `openclaw` CLI ships as a bundled dependency (no separate install needed)
-- **OpenClaw Control Plane** — Built-in gateway connection controls, reload mode switching (hot/hybrid/full), config issue detection/repair, remote history sync, and live execution approval handling
-- **Agent Builder** — Create agents with custom personalities (soul), system prompts, tools, and skills. AI-powered generation from a description
-- **Agent Inspector Panel** — Per-agent side panel for OpenClaw file editing (`SOUL.md`, `IDENTITY.md`, `USER.md`, etc.), guided personality editing, skill install/enable/remove, permission presets, sandbox env allowlist, and cron automations
-- **Agent Fleet Management** — Avatar seeds with generated avatars, running/approval fleet filters, soft-delete agent trash with restore/permanent delete, and approval counters in agent cards
-- **Agent Tools** — Shell, process control for long-running commands, files, edit file, send file, web search, web fetch, CLI delegation (Claude/Codex/OpenCode), Playwright browser automation, persistent memory, and sandboxed code execution (JS/TS via Deno, Python)
-- **Platform Tools** — Agents can manage other agents, tasks, schedules, skills, connectors, sessions, and encrypted secrets via built-in platform tools
-- **Orchestration** — Multi-agent workflows powered by LangGraph with automatic sub-agent routing, checkpointed execution, and rich delegation cards that link to sub-agent chat threads
-- **Agentic Execution Policy** — Tool-first autonomous action loop with progress updates, evidence-driven answers, and better use of platform tools for long-lived work
-- **Task Board** — Queue and track agent tasks with status, comments, results, and archiving. Strict capability policy pauses tasks for human approval before tool execution
-- **Background Daemon** — Auto-processes queued tasks and scheduled jobs with a 30s heartbeat plus recurring health monitoring
-- **Scheduling** — Cron-based agent scheduling with human-friendly presets
-- **Loop Runtime Controls** — Switch between bounded and ongoing loops with configurable step caps, runtime guards, heartbeat cadence, and timeout budgets
-- **Session Run Queue** — Per-session queued runs with followup/steer/collect modes, collect coalescing for bursty inputs, and run-state APIs
-- **Chat Iteration Workflow** — Edit-and-resend user turns, fork a new session from any message, bookmark key messages, use contextual follow-up suggestion chips, and auto-continue after tool access grants
-- **Agent Chatrooms** — Multi-agent room conversations with `@mention` routing, chained agent replies, reactions, and file/image-aware chat context
-- **Live Chat Telemetry** — Thinking/tool/responding stream phases, live main-loop status badges, connector activity presence, tone indicator, and optional sound notifications
-- **Global Search Palette** — `Cmd/Ctrl+K` search across agents, tasks, sessions, schedules, webhooks, and skills from anywhere in the app
-- **Notification Center** — Real-time in-app notifications for task/schedule/daemon events with unread tracking, mark-all/clear-read controls, and optional action links
-- **Preview-Rich Chat UI** — Side preview panel for tool outputs (image/browser/html/code), inline code/PDF previews for attachments, and image lightbox support
-- **Voice Settings** — Per-instance ElevenLabs API key + voice ID for TTS replies, plus configurable speech recognition language for chat input
-- **Chat Connectors** — Bridge agents to Discord, Slack, Telegram, WhatsApp, BlueBubbles (iMessage), Signal, Microsoft Teams, Google Chat, Matrix, and OpenClaw with media-aware inbound handling
-- **Skills System** — Discover local skills, import skills from URL, and load OpenClaw `SKILL.md` files (frontmatter-compatible)
-- **Execution Logging** — Structured audit trail for triggers, tool calls, file ops, commits, and errors in a dedicated `logs.db`
-- **Context Management** — Auto-compaction of conversation history when approaching context limits, with manual `context_status` and `context_summarize` tools for agents
-- **Memory** — Per-agent and per-session memory with hybrid FTS5 + vector embeddings search, relevance-based memory recall injected into runs, and periodic auto-journaling for durable execution context
-- **Cost Tracking** — Per-message token counting and cost estimation displayed in the chat header
-- **Provider Health Metrics** — Usage dashboard surfaces provider request volume, success rates, models used, and last-used timestamps
-- **Model Failover** — Automatic key rotation on rate limits and auth errors with configurable fallback credentials
-- **Plugin System** — Extend agent behavior with JS plugins (hooks: beforeAgentStart, afterAgentComplete, beforeToolExec, afterToolExec, onMessage)
-- **Secrets Vault** — Encrypted storage for API keys and service tokens
-- **Custom Providers** — Add any OpenAI-compatible API as a provider
-- **MCP Servers** — Connect agents to any Model Context Protocol server. Per-agent server selection with tool discovery and per-tool disable toggles
-- **Sandboxed Code Execution** — Agents can write and run JS/TS (Deno) or Python scripts in an isolated sandbox with network access, scoped filesystem, and artifact output
-- **Real-Time Sync** — WebSocket push notifications for instant UI updates across tabs and devices (fallback to polling when WS is unavailable)
-- **Mobile-First UI** — Responsive glass-themed dark interface, works on phone and desktop
-
 ## Requirements
 
 - **Node.js** 22.6+
@@ -86,7 +47,7 @@ curl -fsSL https://raw.githubusercontent.com/swarmclawai/swarmclaw/main/install.
 ```
 
 The installer resolves the latest stable release tag and installs that version by default.
-To pin a version: `SWARMCLAW_VERSION=v0.6.0 curl ... | bash`
+To pin a version: `SWARMCLAW_VERSION=v0.6.2 curl ... | bash`
 
 Or run locally from the repo (friendly for non-technical users):
 
@@ -144,6 +105,48 @@ Notes:
 - OpenClaw is configured per-agent via the **OpenClaw Gateway** toggle (not in the setup wizard).
 - You can skip setup and configure everything later in the sidebar.
 
+## Features
+
+- **15 Built-in Providers** — Claude Code CLI, OpenAI Codex CLI, OpenCode CLI, Anthropic, OpenAI, Google Gemini, DeepSeek, Groq, Together AI, Mistral AI, xAI (Grok), Fireworks AI, Ollama, plus custom OpenAI-compatible endpoints
+- **OpenClaw Gateway** — Per-agent toggle to connect any agent to a local or remote OpenClaw gateway. Each agent gets its own gateway URL and token — run a swarm of OpenClaws from one dashboard. The `openclaw` CLI ships as a bundled dependency (no separate install needed)
+- **OpenClaw Control Plane** — Built-in gateway connection controls, reload mode switching (hot/hybrid/full), config issue detection/repair, remote history sync, and live execution approval handling
+- **Agent Builder** — Create agents with custom personalities (soul), system prompts, tools, and skills. AI-powered generation from a description
+- **Agent Inspector Panel** — Per-agent side panel for OpenClaw file editing (`SOUL.md`, `IDENTITY.md`, `USER.md`, etc.), guided personality editing, skill install/enable/remove, permission presets, sandbox env allowlist, and cron automations
+- **Agent Fleet Management** — Avatar seeds with generated avatars, running/approval fleet filters, soft-delete agent trash with restore/permanent delete, and approval counters in agent cards
+- **Agent Tools** — Shell, process control for long-running commands, files, edit file, send file, web search, web fetch, CLI delegation (Claude/Codex/OpenCode), Playwright browser automation, sub-agent spawning, canvas presentation, direct HTTP requests, git operations, persistent memory, and sandboxed code execution (JS/TS via Deno, Python)
+- **Platform Tools** — Agents can manage other agents, tasks, schedules, skills, connectors, sessions, and encrypted secrets via built-in platform tools
+- **Orchestration** — Multi-agent workflows powered by LangGraph with automatic sub-agent routing, checkpointed execution, and rich delegation cards that link to sub-agent chat threads
+- **Agentic Execution Policy** — Tool-first autonomous action loop with progress updates, evidence-driven answers, and better use of platform tools for long-lived work
+- **Runtime Date/Time Grounding** — Session, orchestrator, chatroom, and connector prompts include authoritative current timestamp context to reduce stale-date behavior
+- **Task Board** — Queue and track agent tasks with status, comments, results, and archiving. Strict capability policy pauses tasks for human approval before tool execution
+- **Task Metrics API** — Built-in analytics endpoint for WIP, cycle times, throughput velocity, completion/failure by agent, and priority distribution
+- **Background Daemon** — Auto-processes queued tasks and scheduled jobs with a 30s heartbeat plus recurring health monitoring
+- **Scheduling** — Cron-based agent scheduling with human-friendly presets
+- **Loop Runtime Controls** — Switch between bounded and ongoing loops with configurable step caps, runtime guards, heartbeat cadence, and timeout budgets
+- **Session Run Queue** — Per-session queued runs with followup/steer/collect modes, collect coalescing for bursty inputs, and run-state APIs
+- **Chat Iteration Workflow** — Edit-and-resend user turns, fork a new session from any message, bookmark key messages, use contextual follow-up suggestion chips, and auto-continue after tool access grants
+- **Agent Chatrooms** — Multi-agent room conversations with `@mention` routing, chained agent replies, reactions, and file/image-aware chat context
+- **Live Chat Telemetry** — Thinking/tool/responding stream phases, live main-loop status badges, connector activity presence, tone indicator, and optional sound notifications
+- **Global Search Palette** — `Cmd/Ctrl+K` search across agents, tasks, sessions, schedules, webhooks, and skills from anywhere in the app
+- **Notification Center** — Real-time in-app notifications for task/schedule/daemon events with unread tracking, mark-all/clear-read controls, and optional action links
+- **Preview-Rich Chat UI** — Side preview panel for tool outputs (image/browser/html/code), inline code/PDF previews for attachments, and image lightbox support
+- **Voice Settings** — Per-instance ElevenLabs API key + voice ID for TTS replies, plus configurable speech recognition language for chat input
+- **Chat Connectors** — Bridge agents to Discord, Slack, Telegram, WhatsApp, BlueBubbles (iMessage), Signal, Microsoft Teams, Google Chat, Matrix, and OpenClaw with media-aware inbound handling
+- **Skills System** — Discover local skills, import skills from URL, and load OpenClaw `SKILL.md` files (frontmatter-compatible)
+- **Execution Logging** — Structured audit trail for triggers, tool calls, file ops, commits, and errors in a dedicated `logs.db`
+- **Context Management** — Auto-compaction of conversation history when approaching context limits, with manual `context_status` and `context_summarize` tools for agents
+- **Memory** — Per-agent and per-session memory with hybrid FTS5 + vector embeddings search, relevance-based memory recall injected into runs, and periodic auto-journaling for durable execution context
+- **Cost Tracking** — Per-message token counting and cost estimation displayed in the chat header
+- **Provider Health Metrics** — Usage dashboard surfaces provider request volume, success rates, models used, and last-used timestamps
+- **Model Failover** — Automatic key rotation on rate limits and auth errors with configurable fallback credentials
+- **Plugin System** — Extend agent behavior with JS plugins (hooks: beforeAgentStart, afterAgentComplete, beforeToolExec, afterToolExec, onMessage)
+- **Secrets Vault** — Encrypted storage for API keys and service tokens
+- **Custom Providers** — Add any OpenAI-compatible API as a provider
+- **MCP Servers** — Connect agents to any Model Context Protocol server. Per-agent server selection with tool discovery and per-tool disable toggles
+- **Sandboxed Code Execution** — Agents can write and run JS/TS (Deno) or Python scripts in an isolated sandbox with network access, scoped filesystem, and artifact output
+- **Real-Time Sync** — WebSocket push notifications for instant UI updates across tabs and devices (fallback to polling when WS is unavailable)
+- **Mobile-First UI** — Responsive glass-themed dark interface, works on phone and desktop
+
 ## Configuration
 
 All config lives in `.env.local` (auto-generated):
@@ -279,7 +282,11 @@ Agents can use the following tools when enabled:
 | Web Search | Search the web via DuckDuckGo HTML scraping |
 | Web Fetch | Fetch and extract text content from URLs (uses cheerio) |
 | CLI Delegation | Delegate complex tasks to Claude Code, Codex CLI, or OpenCode CLI |
+| Spawn Subagent | Delegate a sub-task to another agent and capture its response in the current run |
 | Browser | Playwright-powered web browsing via MCP (navigate, click, type, screenshot, PDF) |
+| Canvas | Present/hide/snapshot live HTML content in a session canvas panel |
+| HTTP Request | Make direct API calls with method, headers, body, redirect control, and timeout |
+| Git | Run structured git subcommands (`status`, `diff`, `log`, `add`, `commit`, `push`, etc.) with repo safety checks |
 | Memory | Store and retrieve long-term memories with FTS5 + vector search, file references, image attachments, and linked memory graph traversal |
 | Sandbox | Run JS/TS (Deno) or Python code in an isolated sandbox. Created files are returned as downloadable artifacts |
 | MCP Servers | Connect to external Model Context Protocol servers. Tools from MCP servers are injected as first-class agent tools |
@@ -319,6 +326,13 @@ Token usage and estimated costs are tracked per message for API-based providers
 - **Data:** Stored in `data/swarmclaw.db` (usage table)
 - Cost estimates use published model pricing (updated manually in `src/lib/server/cost.ts`)
 
+## Task Metrics
+
+Task analytics are available via API for dashboarding and release-readiness checks:
+
+- **API endpoint:** `GET /api/tasks/metrics?range=24h|7d|30d`
+- **Returns:** status totals, WIP count, completion velocity buckets, avg/p50/p90 cycle time, completion/failure by agent, and priority counts
+
 ## Background Daemon
 
 The daemon auto-processes queued tasks from the scheduler on a 30-second interval. It also runs recurring health checks that detect stale heartbeat sessions and can send proactive WhatsApp alerts when issues are detected. Toggle the daemon from the sidebar indicator or via API.

package/bin/server-cmd.js

@@ -21,6 +21,7 @@ const DATA_DIR = path.join(SWARMCLAW_HOME, 'data')
 const BUILD_COPY_ENTRIES = [
   'src',
   'public',
+  'scripts',
   'next.config.ts',
   'tsconfig.json',
   'postcss.config.mjs',

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@swarmclawai/swarmclaw",
-  "version": "0.6.0",
+  "version": "0.6.3",
   "description": "Self-hosted AI agent orchestration dashboard — manage LLM providers, orchestrate agent swarms, schedule tasks, and bridge agents to chat platforms.",
   "license": "MIT",
   "repository": {
@@ -84,6 +84,7 @@
     "radix-ui": "^1.4.3",
     "react": "19.2.3",
     "react-dom": "19.2.3",
+    "react-hot-toast": "^2.6.0",
     "react-icons": "^5.5.0",
     "react-markdown": "^10.1.0",
     "recharts": "^3.7.0",

package/src/app/api/canvas/[sessionId]/route.ts

@@ -0,0 +1,31 @@
+import { NextResponse } from 'next/server'
+import { loadSessions, saveSessions } from '@/lib/server/storage'
+import { notify } from '@/lib/server/ws-hub'
+
+export async function GET(_req: Request, { params }: { params: Promise<{ sessionId: string }> }) {
+  const { sessionId } = await params
+  const sessions = loadSessions()
+  const session = sessions[sessionId]
+  if (!session) return NextResponse.json({ error: 'Session not found' }, { status: 404 })
+
+  return NextResponse.json({
+    sessionId,
+    content: (session as Record<string, unknown>).canvasContent || null,
+  })
+}
+
+export async function POST(req: Request, { params }: { params: Promise<{ sessionId: string }> }) {
+  const { sessionId } = await params
+  const body = await req.json()
+  const sessions = loadSessions()
+  const session = sessions[sessionId]
+  if (!session) return NextResponse.json({ error: 'Session not found' }, { status: 404 })
+
+  ;(session as Record<string, unknown>).canvasContent = body.content || null
+  session.lastActiveAt = Date.now()
+  sessions[sessionId] = session
+  saveSessions(sessions)
+
+  notify(`canvas:${sessionId}`)
+  return NextResponse.json({ ok: true, sessionId })
+}

package/src/app/api/chatrooms/[id]/chat/route.ts

@@ -1,151 +1,25 @@
 import { NextResponse } from 'next/server'
 import { genId } from '@/lib/id'
-import { loadChatrooms, saveChatrooms, loadAgents, loadSettings, loadSkills, loadCredentials, decryptKey } from '@/lib/server/storage'
+import { loadChatrooms, saveChatrooms, loadAgents } from '@/lib/server/storage'
 import { notify } from '@/lib/server/ws-hub'
 import { notFound } from '@/lib/server/collection-helpers'
 import { streamAgentChat } from '@/lib/server/stream-agent-chat'
 import { getProvider } from '@/lib/providers'
-import type { Chatroom, ChatroomMessage, Agent, Session, Message } from '@/types'
+import {
+  resolveApiKey,
+  parseMentions,
+  buildChatroomSystemPrompt,
+  buildSyntheticSession,
+  buildAgentSystemPromptForChatroom,
+  buildHistoryForAgent,
+} from '@/lib/server/chatroom-helpers'
+import type { Chatroom, ChatroomMessage, Agent } from '@/types'
 
 export const dynamic = 'force-dynamic'
 export const maxDuration = 300
 
 const MAX_CHAIN_DEPTH = 5
 
-/** Resolve API key from an agent's credentialId */
-function resolveApiKey(credentialId: string | null | undefined): string | null {
-  if (!credentialId) return null
-  const creds = loadCredentials()
-  const cred = creds[credentialId]
-  if (!cred?.encryptedKey) return null
-  try { return decryptKey(cred.encryptedKey) } catch { return null }
-}
-
-/** Parse @mentions from message text, returns matching agentIds */
-function parseMentions(text: string, agents: Record<string, Agent>, memberIds: string[]): string[] {
-  if (/@all\b/i.test(text)) return [...memberIds]
-  const mentionPattern = /@(\S+)/g
-  const mentioned: string[] = []
-  let match: RegExpExecArray | null
-  while ((match = mentionPattern.exec(text)) !== null) {
-    const name = match[1].toLowerCase()
-    for (const id of memberIds) {
-      const agent = agents[id]
-      if (agent && agent.name.toLowerCase().replace(/\s+/g, '') === name) {
-        if (!mentioned.includes(id)) mentioned.push(id)
-      }
-    }
-  }
-  return mentioned
-}
-
-/** Build chatroom context as a system prompt addendum with agent profiles and collaboration guidelines */
-function buildChatroomSystemPrompt(chatroom: Chatroom, agents: Record<string, Agent>, agentId: string): string {
-  const selfAgent = agents[agentId]
-  const selfName = selfAgent?.name || agentId
-
-  // Build team profiles with capabilities
-  const teamProfiles = chatroom.agentIds
-    .filter((id) => id !== agentId)
-    .map((id) => {
-      const a = agents[id]
-      if (!a) return null
-      const tools = a.tools?.length ? `Tools: ${a.tools.join(', ')}` : 'No specialized tools'
-      const desc = a.description || a.soul || 'No description'
-      return `- **${a.name}**: ${desc}\n  ${tools}`
-    })
-    .filter(Boolean)
-    .join('\n')
-
-  const recentMessages = chatroom.messages.slice(-30).map((m) => {
-    return `[${m.senderName}]: ${m.text}`
-  }).join('\n')
-
-  return [
-    `## Chatroom Context`,
-    `You are **${selfName}** in chatroom "${chatroom.name}".`,
-    selfAgent?.description ? `Your role: ${selfAgent.description}` : '',
-    selfAgent?.tools?.length ? `Your tools: ${selfAgent.tools.join(', ')}` : '',
-    '',
-    '## Team Members',
-    teamProfiles || '(no other agents)',
-    '',
-    '## Collaboration Guidelines',
-    '- Before executing complex tasks, briefly discuss your approach with the team.',
-    '- When delegating to another agent, explain what you need, why they are best suited, and what output you expect. Example: "@DataBot I need a summary of recent API errors from the logs — you have the shell tool to grep through them."',
-    '- If someone mentions a task you are well-suited for, proactively offer to help.',
-    '- Do not just @mention mechanically — explain your reasoning when involving others.',
-    '- If you can handle a request entirely yourself, just do it. Only delegate what you cannot do.',
-    '',
-    '## Recent Messages',
-    recentMessages || '(no messages yet)',
-  ].filter((line) => line !== undefined).join('\n')
-}
-
-/** Build a synthetic session object for an agent in a chatroom */
-function buildSyntheticSession(agent: Agent, chatroomId: string): Session {
-  return {
-    id: `chatroom-${chatroomId}-${agent.id}`,
-    name: `Chatroom session for ${agent.name}`,
-    cwd: process.cwd(),
-    user: 'chatroom',
-    provider: agent.provider,
-    model: agent.model,
-    credentialId: agent.credentialId ?? null,
-    fallbackCredentialIds: agent.fallbackCredentialIds,
-    apiEndpoint: agent.apiEndpoint ?? null,
-    claudeSessionId: null,
-    messages: [],
-    createdAt: Date.now(),
-    lastActiveAt: Date.now(),
-    tools: agent.tools || [],
-    agentId: agent.id,
-  }
-}
-
-/** Build agent's system prompt including skills */
-function buildAgentSystemPromptForChatroom(agent: Agent): string {
-  const settings = loadSettings()
-  const parts: string[] = []
-  if (settings.userPrompt) parts.push(settings.userPrompt)
-  if (agent.soul) parts.push(agent.soul)
-  if (agent.systemPrompt) parts.push(agent.systemPrompt)
-  if (agent.skillIds?.length) {
-    const allSkills = loadSkills()
-    for (const skillId of agent.skillIds) {
-      const skill = allSkills[skillId]
-      if (skill?.content) parts.push(`## Skill: ${skill.name}\n${skill.content}`)
-    }
-  }
-  return parts.join('\n\n')
-}
-
-/** Convert chatroom messages to Message history format for LLM */
-function buildHistoryForAgent(chatroom: Chatroom, agentId: string, imagePath?: string, attachedFiles?: string[]): Message[] {
-  const history = chatroom.messages.slice(-50).map((m) => {
-    let msgText = `[${m.senderName}]: ${m.text}`
-    // Include attachment info in history
-    if (m.attachedFiles?.length) {
-      const names = m.attachedFiles.map((f) => f.split('/').pop()).join(', ')
-      msgText += `\n[Attached: ${names}]`
-    }
-    return {
-      role: m.senderId === agentId ? 'assistant' as const : 'user' as const,
-      text: msgText,
-      time: m.time,
-      ...(m.imagePath ? { imagePath: m.imagePath } : {}),
-      ...(m.attachedFiles ? { attachedFiles: m.attachedFiles } : {}),
-    }
-  })
-  // Pass through imagePath/attachedFiles from the current message to the last history entry
-  if (history.length > 0 && (imagePath || attachedFiles)) {
-    const last = history[history.length - 1]
-    if (imagePath && !last.imagePath) last.imagePath = imagePath
-    if (attachedFiles && !last.attachedFiles) last.attachedFiles = attachedFiles
-  }
-  return history
-}
-
 export async function POST(req: Request, { params }: { params: Promise<{ id: string }> }) {
   const { id } = await params
   const body = await req.json()

package/src/app/api/connectors/[id]/route.ts

@@ -61,6 +61,7 @@ export async function PUT(req: Request, { params }: { params: Promise<{ id: stri
   // Regular update
   if (body.name !== undefined) connector.name = body.name
   if (body.agentId !== undefined) connector.agentId = body.agentId
+  if (body.chatroomId !== undefined) connector.chatroomId = body.chatroomId
   if (body.credentialId !== undefined) connector.credentialId = body.credentialId
   if (body.config !== undefined) connector.config = body.config
   if (body.isEnabled !== undefined) connector.isEnabled = body.isEnabled

package/src/app/api/connectors/route.ts

@@ -33,7 +33,8 @@ export async function POST(req: Request) {
     id,
     name: body.name || `${body.platform} Connector`,
     platform: body.platform,
-    agentId: body.agentId,
+    agentId: body.agentId || null,
+    chatroomId: body.chatroomId || null,
     credentialId: body.credentialId || null,
     config: body.config || {},
     isEnabled: false,

package/src/app/api/files/open/route.ts

@@ -0,0 +1,43 @@
+import { NextResponse } from 'next/server'
+import { exec } from 'child_process'
+import fs from 'fs'
+import path from 'path'
+
+export async function POST(req: Request) {
+  const { path: targetPath } = await req.json() as { path?: string }
+  if (!targetPath || typeof targetPath !== 'string') {
+    return NextResponse.json({ error: 'path is required' }, { status: 400 })
+  }
+
+  const resolved = path.resolve(targetPath)
+
+  // Verify the path exists
+  if (!fs.existsSync(resolved)) {
+    return NextResponse.json({ error: 'Path does not exist' }, { status: 404 })
+  }
+
+  const isDir = fs.statSync(resolved).isDirectory()
+  const platform = process.platform
+
+  // Determine the command to reveal in the OS file manager
+  let cmd: string
+  if (platform === 'darwin') {
+    // macOS: -R reveals in Finder (selects the item), for dirs just open the dir
+    cmd = isDir ? `open "${resolved}"` : `open -R "${resolved}"`
+  } else if (platform === 'win32') {
+    cmd = isDir ? `explorer "${resolved}"` : `explorer /select,"${resolved}"`
+  } else {
+    // Linux: xdg-open on the directory containing the file
+    cmd = `xdg-open "${isDir ? resolved : path.dirname(resolved)}"`
+  }
+
+  return new Promise<NextResponse>((resolve) => {
+    exec(cmd, (err) => {
+      if (err) {
+        resolve(NextResponse.json({ error: err.message }, { status: 500 }))
+      } else {
+        resolve(NextResponse.json({ ok: true }))
+      }
+    })
+  })
+}

package/src/app/api/search/route.ts

@@ -59,22 +59,24 @@ function searchMessages(
   const MAX_MSG_RESULTS = 10
   for (const [sessionId, session] of Object.entries(sessions)) {
     if (results.length >= MAX_MSG_RESULTS) break
-    const messages = session.messages as Array<{ role: string; text: string; time?: number }> | undefined
-    if (!messages?.length) continue
+    if (!Array.isArray(session.messages) || !session.messages.length) continue
+    const messages = session.messages as Array<Record<string, unknown>>
     const agentId = session.agentId as string | undefined
     const agentName = agentId && agents[agentId] ? (agents[agentId].name as string) : undefined
     const sessionName = (session.name as string) || 'Untitled'
     for (let i = 0; i < messages.length; i++) {
       if (results.length >= MAX_MSG_RESULTS) break
       const msg = messages[i]
-      if (!msg?.text) continue
-      const idx = msg.text.toLowerCase().indexOf(needle)
+      const text = typeof msg?.text === 'string' ? msg.text : ''
+      if (!text) continue
+      const idx = text.toLowerCase().indexOf(needle)
       if (idx === -1) continue
       // Build snippet with context around match
       const start = Math.max(0, idx - 30)
-      const end = Math.min(msg.text.length, idx + needle.length + 50)
-      const snippet = (start > 0 ? '...' : '') + msg.text.slice(start, end).replace(/\n/g, ' ') + (end < msg.text.length ? '...' : '')
-      const timeAgo = msg.time ? formatTimeAgo(msg.time) : ''
+      const end = Math.min(text.length, idx + needle.length + 50)
+      const snippet = (start > 0 ? '...' : '') + text.slice(start, end).replace(/\n/g, ' ') + (end < text.length ? '...' : '')
+      const msgTime = typeof msg.time === 'number' ? msg.time : 0
+      const timeAgo = msgTime ? formatTimeAgo(msgTime) : ''
       results.push({
         type: 'message',
         id: sessionId,

package/src/app/api/sessions/[id]/messages/route.ts

@@ -2,11 +2,57 @@ import { NextResponse } from 'next/server'
 import { loadSessions, saveSessions } from '@/lib/server/storage'
 import { notFound } from '@/lib/server/collection-helpers'
 
-export async function GET(_req: Request, { params }: { params: Promise<{ id: string }> }) {
+export async function GET(req: Request, { params }: { params: Promise<{ id: string }> }) {
   const { id } = await params
   const sessions = loadSessions()
   if (!sessions[id]) return notFound()
-  return NextResponse.json(sessions[id].messages)
+
+  const url = new URL(req.url)
+  const limitParam = url.searchParams.get('limit')
+  const beforeParam = url.searchParams.get('before')
+
+  const allMessages = sessions[id].messages
+  const total = allMessages.length
+
+  // If no limit param, return all messages (backward compatible)
+  if (!limitParam) {
+    return NextResponse.json(allMessages)
+  }
+
+  const limit = Math.max(1, Math.min(500, parseInt(limitParam) || 100))
+  const before = beforeParam !== null ? parseInt(beforeParam) : total
+
+  // Return `limit` messages ending just before `before` index
+  const start = Math.max(0, before - limit)
+  const end = Math.max(0, before)
+  const messages = allMessages.slice(start, end)
+
+  return NextResponse.json({
+    messages,
+    total,
+    hasMore: start > 0,
+    startIndex: start,
+  })
+}
+
+export async function POST(req: Request, { params }: { params: Promise<{ id: string }> }) {
+  const { id } = await params
+  const body = await req.json() as { kind?: string }
+  if (body.kind !== 'context-clear') {
+    return NextResponse.json({ error: 'Only context-clear kind is supported' }, { status: 400 })
+  }
+  const sessions = loadSessions()
+  const session = sessions[id]
+  if (!session) return notFound()
+
+  session.messages.push({
+    role: 'user',
+    text: '',
+    kind: 'context-clear',
+    time: Date.now(),
+  })
+  saveSessions(sessions)
+  return NextResponse.json({ ok: true })
 }
 
 export async function PUT(req: Request, { params }: { params: Promise<{ id: string }> }) {
@@ -25,3 +71,25 @@ export async function PUT(req: Request, { params }: { params: Promise<{ id: stri
   saveSessions(sessions)
   return NextResponse.json(session.messages[messageIndex])
 }
+
+export async function DELETE(req: Request, { params }: { params: Promise<{ id: string }> }) {
+  const { id } = await params
+  const body = await req.json() as { messageIndex: number }
+  const sessions = loadSessions()
+  const session = sessions[id]
+  if (!session) return notFound()
+
+  const { messageIndex } = body
+  if (typeof messageIndex !== 'number' || messageIndex < 0 || messageIndex >= session.messages.length) {
+    return NextResponse.json({ error: 'Invalid message index' }, { status: 400 })
+  }
+
+  // Only allow deleting context-clear markers (safety guard)
+  if (session.messages[messageIndex].kind !== 'context-clear') {
+    return NextResponse.json({ error: 'Only context-clear markers can be removed' }, { status: 400 })
+  }
+
+  session.messages.splice(messageIndex, 1)
+  saveSessions(sessions)
+  return NextResponse.json({ ok: true })
+}

package/src/app/api/sessions/[id]/route.ts

@@ -69,6 +69,10 @@ export async function PUT(req: Request, { params }: { params: Promise<{ id: stri
   if (updates.heartbeatEnabled !== undefined) sessions[id].heartbeatEnabled = updates.heartbeatEnabled
   if (updates.heartbeatIntervalSec !== undefined) sessions[id].heartbeatIntervalSec = updates.heartbeatIntervalSec
   if (updates.pinned !== undefined) sessions[id].pinned = !!updates.pinned
+  if (updates.claudeSessionId !== undefined) sessions[id].claudeSessionId = updates.claudeSessionId
+  if (updates.codexThreadId !== undefined) sessions[id].codexThreadId = updates.codexThreadId
+  if (updates.opencodeSessionId !== undefined) sessions[id].opencodeSessionId = updates.opencodeSessionId
+  if (updates.delegateResumeIds !== undefined) sessions[id].delegateResumeIds = updates.delegateResumeIds
   if (!Array.isArray(sessions[id].messages)) sessions[id].messages = []
   ensureMainSessionFlag(sessions[id])