@swarmclawai/swarmclaw 1.2.0 → 1.2.1

package/src/lib/server/skills/runtime-skill-resolver.ts

@@ -9,7 +9,7 @@ import type {
   SkillRequirements,
   SkillSecuritySummary,
 } from '@/types'
-import { dedup } from '@/lib/shared-utils'
+import { dedup, hmrSingleton } from '@/lib/shared-utils'
 import { expandExtensionIds, getExtensionAliases, normalizeExtensionId } from '@/lib/server/tool-aliases'
 import { loadLearnedSkills, loadSettings, loadSkills } from '@/lib/server/storage'
 import { cosineSimilarity, getEmbedding } from '@/lib/server/embeddings'
@@ -160,7 +160,8 @@ const SOURCE_PRIORITY: Record<RuntimeSkillSource, number> = {
 }
 
 const DEFAULT_RUNTIME_SKILL_TOP_K = 8
-const embeddingCache = new Map<string, Promise<number[] | null>>()
+const SKILL_EMBEDDING_CACHE_MAX = 200
+const embeddingCache = hmrSingleton('__swarmclaw_skill_embedding_cache__', () => new Map<string, Promise<number[] | null>>())
 
 function normalizeKey(value: string | null | undefined): string {
   return String(value || '')
@@ -859,6 +860,11 @@ async function getCachedSkillEmbedding(
   const key = getSkillEmbeddingCacheKey(skill)
   let cached = embeddingCache.get(key)
   if (!cached) {
+    // FIFO eviction when cache exceeds cap
+    if (embeddingCache.size >= SKILL_EMBEDDING_CACHE_MAX) {
+      const firstKey = embeddingCache.keys().next().value
+      if (firstKey !== undefined) embeddingCache.delete(firstKey)
+    }
     cached = embeddingResolver(buildSkillEmbeddingText(skill))
     embeddingCache.set(key, cached)
   }

package/src/lib/server/skills/skill-eligibility.ts

@@ -10,11 +10,17 @@ export interface SkillEligibilityResult {
   reasons: string[]
 }
 
+const BINARY_CACHE_MAX = 200
 const binaryCache = new Map<string, boolean>()
 
 function hasBinary(name: string): boolean {
   const cached = binaryCache.get(name)
   if (cached !== undefined) return cached
+  // FIFO eviction at cap
+  if (binaryCache.size >= BINARY_CACHE_MAX) {
+    const firstKey = binaryCache.keys().next().value
+    if (firstKey !== undefined) binaryCache.delete(firstKey)
+  }
   try {
     execSync(`which ${name}`, { stdio: 'ignore', timeout: 2000 })
     binaryCache.set(name, true)

package/src/lib/server/solana.ts

@@ -129,11 +129,17 @@ export function getSolanaExplorerUrl(cluster: SolanaCluster | string | null | un
   return `https://explorer.solana.com/${prefix}/${value}${clusterSuffix}`
 }
 
+const CONNECTION_CACHE_MAX = 50
 const connectionCache = new Map<string, Connection>()
 
 function getCachedConnection(url: string): Connection {
   let conn = connectionCache.get(url)
   if (!conn) {
+    // FIFO eviction if cache exceeds cap
+    if (connectionCache.size >= CONNECTION_CACHE_MAX) {
+      const firstKey = connectionCache.keys().next().value
+      if (firstKey !== undefined) connectionCache.delete(firstKey)
+    }
     conn = new Connection(url, {
       commitment: 'confirmed',
       disableRetryOnRateLimit: true,

package/src/lib/server/storage-auth.ts

@@ -3,6 +3,9 @@ import path from 'path'
 import crypto from 'crypto'
 
 import { DATA_DIR, IS_BUILD_BOOTSTRAP } from './data-dir'
+import { log } from '@/lib/server/logger'
+
+const TAG = 'storage-auth'
 
 // --- .env loading ---
 function loadEnv() {
@@ -24,7 +27,7 @@ if (!IS_BUILD_BOOTSTRAP && !process.env.CREDENTIAL_SECRET) {
   const envPath = path.join(process.cwd(), '.env.local')
   fs.appendFileSync(envPath, `\nCREDENTIAL_SECRET=${secret}\n`)
   process.env.CREDENTIAL_SECRET = secret
-  console.log('[credentials] Generated CREDENTIAL_SECRET in .env.local')
+  log.info(TAG, 'Generated CREDENTIAL_SECRET in .env.local')
 }
 
 // Auto-generate ACCESS_KEY if missing (used for simple auth)
@@ -35,10 +38,7 @@ if (!IS_BUILD_BOOTSTRAP && !process.env.ACCESS_KEY) {
   fs.appendFileSync(envPath, `\nACCESS_KEY=${key}\n`)
   process.env.ACCESS_KEY = key
   fs.writeFileSync(SETUP_FLAG, key)
-  console.log(`\n${'='.repeat(50)}`)
-  console.log(`  ACCESS KEY: ${key}`)
-  console.log(`  Use this key to connect from the browser.`)
-  console.log(`${'='.repeat(50)}\n`)
+  log.info(TAG, `ACCESS KEY: ${key} — Use this key to connect from the browser.`)
 }
 
 export function getAccessKey(): string {

package/src/lib/server/storage-normalization.ts

@@ -526,5 +526,9 @@ function normalizeStoredRecordInner(
   if ('missionSummary' in session) delete session.missionSummary
   // Default geminiSessionId for new field
   if (session.geminiSessionId === undefined) session.geminiSessionId = null
+  // Default injectedMemoryIds for proactive recall dedup
+  if (!session.injectedMemoryIds || typeof session.injectedMemoryIds !== 'object') {
+    session.injectedMemoryIds = {}
+  }
   return session
 }

package/src/lib/server/storage.ts

@@ -6,7 +6,10 @@ import type { ChildProcess } from 'node:child_process'
 import Database from 'better-sqlite3'
 
 import { perf } from '@/lib/server/runtime/perf'
+import { log } from '@/lib/server/logger'
 import { notify } from '@/lib/server/ws-hub'
+
+const TAG = 'storage'
 import { DATA_DIR, IS_BUILD_BOOTSTRAP, WORKSPACE_DIR } from './data-dir'
 import { normalizeHeartbeatSettingFields } from '@/lib/runtime/heartbeat-defaults'
 import { normalizeRuntimeSettingFields } from '@/lib/runtime/runtime-loop'
@@ -264,8 +267,8 @@ function saveCollection(table: string, data: Record<string, unknown>) {
   // partial collection instead of a full load-modify-save.  This prevents
   // accidental data wipes (e.g. tests calling saveCredentials with 1 item).
   if (toDelete.length > 0 && next.size > 0 && toDelete.length > next.size) {
-    console.error(
-      `[storage] BLOCKED destructive saveCollection("${table}"): ` +
+    log.error(TAG,
+      `BLOCKED destructive saveCollection("${table}"): ` +
       `would delete ${toDelete.length} rows but only upsert ${next.size}. ` +
       `Use deleteCollectionItem() for explicit deletes or load-modify-save to update.`,
     )
@@ -537,7 +540,7 @@ const MIGRATION_FLAG = path.join(DATA_DIR, '.sqlite_migrated')
 function migrateFromJson() {
   if (fs.existsSync(MIGRATION_FLAG)) return
 
-  console.log('[storage] Migrating from JSON files to SQLite...')
+  log.info(TAG, 'Migrating from JSON files to SQLite...')
 
   const transaction = db.transaction(() => {
     for (const [table, jsonPath] of Object.entries(JSON_FILES)) {
@@ -549,7 +552,7 @@ function migrateFromJson() {
             for (const [id, val] of Object.entries(data)) {
               ins.run(id, JSON.stringify(val))
             }
-            console.log(`[storage]   Migrated ${table}: ${Object.keys(data).length} records`)
+            log.info(TAG, `Migrated ${table}: ${Object.keys(data).length} records`)
           }
         } catch { /* skip malformed files */ }
       }
@@ -562,7 +565,7 @@ function migrateFromJson() {
         const data = JSON.parse(fs.readFileSync(settingsPath, 'utf8'))
         if (data && Object.keys(data).length > 0) {
           saveSingleton('settings', data)
-          console.log('[storage]   Migrated settings')
+          log.info(TAG, 'Migrated settings')
         }
       } catch { /* skip */ }
     }
@@ -574,7 +577,7 @@ function migrateFromJson() {
         const data = JSON.parse(fs.readFileSync(queuePath, 'utf8'))
         if (Array.isArray(data) && data.length > 0) {
           saveSingleton('queue', data)
-          console.log(`[storage]   Migrated queue: ${data.length} items`)
+          log.info(TAG, `Migrated queue: ${data.length} items`)
         }
       } catch { /* skip */ }
     }
@@ -592,14 +595,14 @@ function migrateFromJson() {
             }
           }
         }
-        console.log('[storage]   Migrated usage records')
+        log.info(TAG, 'Migrated usage records')
       } catch { /* skip */ }
     }
   })
 
   transaction()
   fs.writeFileSync(MIGRATION_FLAG, new Date().toISOString())
-  console.log('[storage] Migration complete. JSON files preserved as backup.')
+  log.info(TAG, 'Migration complete. JSON files preserved as backup.')
 }
 
 if (!IS_BUILD_BOOTSTRAP) {
@@ -1400,6 +1403,14 @@ export function appendUsage(sessionId: string, record: unknown) {
   ins.run(sessionId, JSON.stringify(record))
 }
 
+export function pruneOldUsage(maxAgeMs: number): number {
+  const cutoff = Date.now() - maxAgeMs
+  const result = db.prepare(
+    `DELETE FROM usage WHERE CAST(COALESCE(json_extract(data, '$.timestamp'), 0) AS INTEGER) < ?`
+  ).run(cutoff)
+  return result.changes
+}
+
 // --- Connectors ---
 const connectorsStore = createCollectionStore('connectors', { ttlMs: 30_000 })
 export const loadConnectors = connectorsStore.load

package/src/lib/server/tasks/task-followups.ts

@@ -7,6 +7,9 @@ import { WORKSPACE_DIR } from '@/lib/server/data-dir'
 import { loadConnectors, loadSessions, UPLOAD_DIR } from '@/lib/server/storage'
 import { errorMessage } from '@/lib/shared-utils'
 import { isMainSession } from '@/lib/server/agents/main-agent-loop'
+import { log } from '@/lib/server/logger'
+
+const TAG = 'task-followups'
 
 export { normalizeWhatsappTarget }
 
@@ -507,7 +510,7 @@ export async function notifyConnectorTaskFollowups(params: {
       })
     } catch (err: unknown) {
       const errMsg = errorMessage(err)
-      console.warn(`[queue] Failed task follow-up send on connector ${target.connectorId}: ${errMsg}`)
+      log.warn(TAG, `Failed task follow-up send on connector ${target.connectorId}: ${errMsg}`)
     }
   }
 }

package/src/lib/server/tool-loop-detection.ts

@@ -71,9 +71,9 @@ const DEFAULT_THRESHOLDS: LoopDetectionThresholds = {
   pollCritical: 8,
   pingPongWarn: 3,
   pingPongCritical: 5,
-  circuitBreaker: 20,
-  toolFrequencyWarn: 15,
-  toolFrequencyCritical: 30,
+  circuitBreaker: 15,
+  toolFrequencyWarn: 12,
+  toolFrequencyCritical: 25,
 }
 
 // ---------------------------------------------------------------------------
@@ -182,6 +182,11 @@ export class ToolLoopTracker {
     this.keyCount.clear()
   }
 
+  /** Partial reset: clear per-tool frequency counts but preserve circuit breaker and repeat history. */
+  resetFrequencyCounts(): void {
+    this.nameCount.clear()
+  }
+
   /** Get the full call history (for diagnostics). */
   getHistory(): ReadonlyArray<ToolCallRecord> {
     return this.history

package/src/lib/server/tool-planning.ts

@@ -39,6 +39,7 @@ const CORE_TOOL_PLANNING: Record<string, ToolPlanningEntry[]> = {
       capabilities: ['artifact.files'],
       disciplineGuidance: [
         'For `files`, include an explicit action whenever possible. Common patterns: `{"action":"list","dirPath":"."}`, `{"action":"read","filePath":"path/to/file.md"}`, and `{"action":"write","files":[{"path":"path/to/file.md","content":"..."}]}`.',
+        'Prefer a single write call with multiple files over writing one file at a time.',
       ],
       requestMatchers: [],
     },
@@ -49,6 +50,7 @@ const CORE_TOOL_PLANNING: Record<string, ToolPlanningEntry[]> = {
       capabilities: ['runtime.shell'],
       disciplineGuidance: [
         'For `shell`, use `{"action":"execute","command":"..."}` for commands and `{"action":"status","processId":"..."}` or `{"action":"log","processId":"..."}` for long-lived processes.',
+        'Chain related commands in a single shell call using && to reduce round-trips. Avoid running the same build or test command repeatedly — if it fails, diagnose the error before retrying.',
       ],
       requestMatchers: [],
     },
@@ -59,6 +61,7 @@ const CORE_TOOL_PLANNING: Record<string, ToolPlanningEntry[]> = {
       capabilities: [TOOL_CAPABILITY.researchSearch],
       disciplineGuidance: [
         'For `web_search`, use `{"query":"..."}` to research fresh information. For current events, breaking news, or "latest" requests, start with `web_search` before summarizing.',
+        'Gather 2-3 key sources, then synthesize. Do not search-read-search-read in a loop.',
       ],
       requestMatchers: [
         {
@@ -73,6 +76,7 @@ const CORE_TOOL_PLANNING: Record<string, ToolPlanningEntry[]> = {
       capabilities: [TOOL_CAPABILITY.researchFetch],
       disciplineGuidance: [
         'For `web_fetch`, use `{"url":"https://..."}` to read a specific page or article after you know the URL.',
+        'Fetch the pages you need, then synthesize. Do not fetch-read-fetch-read in a loop.',
       ],
       requestMatchers: [
         {
@@ -91,6 +95,7 @@ const CORE_TOOL_PLANNING: Record<string, ToolPlanningEntry[]> = {
         'For `browser`, when the task includes a literal URL, pass that exact URL string to `{"action":"navigate","url":"..."}`. Do not invent placeholder URLs like `[Your URL]`, `Example_URL`, or `MockMailPage_URL`.',
         'For `browser` form work, prefer `{"action":"fill_form","fields":[{"element":"#email","value":"user@example.com"},{"element":"#password","value":"..."}]}`. A shorthand `form` object keyed by input id/name also works for simple forms.',
         'Use `browser` when the user asks for screenshots, visual proof, page capture, PDFs, or a rendered view of a page. `navigate` alone is not a screenshot.',
+        'Limit browser navigations to what is needed. Each navigation is expensive. Plan your browser session: list the pages you need, visit each once, extract what you need.',
       ],
       requestMatchers: [
         {
@@ -117,6 +122,7 @@ const CORE_TOOL_PLANNING: Record<string, ToolPlanningEntry[]> = {
         'For outbound delivery, inspect available channels with `connector_message_tool` using `{"action":"list_running"}` before claiming something cannot be sent.',
         'Use `connector_message_tool` with `{"action":"send","message":"...","mediaPath":"..."}` for text/media and `{"action":"send_voice_note","voiceText":"..."}` for voice notes.',
         'If no channel or recipient is configured, explain that connector/channel setup is missing rather than claiming the capability does not exist.',
+        'Check channel availability once with `list_running`, then send. Do not re-list channels between each message.',
       ],
       requestMatchers: [
         {
@@ -140,6 +146,7 @@ const CORE_TOOL_PLANNING: Record<string, ToolPlanningEntry[]> = {
       capabilities: ['network.http'],
       disciplineGuidance: [
         'For `http_request`, send exact literal URLs from the task or from prior tool results. Keep JSON request bodies as raw JSON strings.',
+        'If an API call fails, inspect the error before retrying with the same request. Do not retry the same failing call in a loop.',
       ],
       requestMatchers: [],
     },
@@ -150,6 +157,7 @@ const CORE_TOOL_PLANNING: Record<string, ToolPlanningEntry[]> = {
       capabilities: ['delivery.email'],
       disciplineGuidance: [
         'For `email`, send mail with `{"action":"send","to":"user@example.com","subject":"...","body":"..."}`. If delivery depends on SMTP setup, check `{"action":"status"}` before claiming success.',
+        'Compose the full message in one send call. Do not send partial drafts followed by corrections.',
       ],
       requestMatchers: [],
     },
@@ -162,6 +170,7 @@ const CORE_TOOL_PLANNING: Record<string, ToolPlanningEntry[]> = {
         'For `google_workspace`, pass exact `gws` arguments in `{"args":[...]}` form. Prefer list/get/read commands first to confirm IDs and current state before mutating Drive, Docs, Sheets, Gmail, Calendar, or Chat resources.',
         'Use `params` and `jsonInput` for `--params` / `--json` payloads instead of packing raw JSON blobs into the `args` array.',
         'Do not call interactive `gws auth login` or `gws auth setup` from the agent. Use the extension settings or a pre-authenticated `gws` install.',
+        'Confirm resource IDs with a single list/get call before mutating. Do not repeatedly list the same resources between edits.',
       ],
       requestMatchers: [
         {
@@ -179,6 +188,223 @@ const CORE_TOOL_PLANNING: Record<string, ToolPlanningEntry[]> = {
         'For `ask_human`, when a workflow needs a code, approval, or out-of-band value from a person, do not guess or keep re-submitting blank forms. Use `{"action":"request_input","question":"..."}` and, for durable pauses, `{"action":"wait_for_reply","correlationId":"..."}`.',
         'Reuse the same `correlationId` from `request_input` when you call `wait_for_reply`. Once the durable wait returns active, stop the turn immediately and wait for the reply instead of calling `request_input` again.',
         'Do not ask the same pending human question twice before the durable wait resumes unless the question materially changes.',
+        'Batch related questions into a single request rather than asking one question at a time.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+
+  // --- Internal platform tools ---
+
+  manage_agents: [
+    {
+      toolName: 'manage_agents',
+      capabilities: ['platform.agents'],
+      disciplineGuidance: [
+        'List agents once at the start of a task, then work with specific agent IDs. Do not re-list between each action.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+  manage_projects: [
+    {
+      toolName: 'manage_projects',
+      capabilities: ['platform.projects'],
+      disciplineGuidance: [
+        'List projects once to orient, then operate on specific project IDs. Do not re-list after each update.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+  manage_tasks: [
+    {
+      toolName: 'manage_tasks',
+      capabilities: ['platform.tasks'],
+      disciplineGuidance: [
+        'Read the task list once, make your changes, then move on. Do not re-read the task list after every update.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+  manage_schedules: [
+    {
+      toolName: 'manage_schedules',
+      capabilities: ['platform.schedules'],
+      disciplineGuidance: [
+        'List schedules once to check current state. Do not re-list after each modification.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+  manage_skills: [
+    {
+      toolName: 'manage_skills',
+      capabilities: ['platform.skills'],
+      disciplineGuidance: [
+        'Use `recommend_for_task` to find a relevant skill efficiently. Do not repeatedly list or search skills between each action.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+  manage_webhooks: [
+    {
+      toolName: 'manage_webhooks',
+      capabilities: ['platform.webhooks'],
+      disciplineGuidance: [
+        'List webhooks once for current state. Do not re-list after each change.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+  manage_secrets: [
+    {
+      toolName: 'manage_secrets',
+      capabilities: ['platform.secrets'],
+      disciplineGuidance: [
+        'Store secrets directly. Use the `check` action (not `list`) to verify if a credential already exists before requesting a new one.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+  manage_chatrooms: [
+    {
+      toolName: 'manage_chatrooms',
+      capabilities: ['platform.chatrooms'],
+      disciplineGuidance: [
+        'List chatrooms once to orient, then operate on specific IDs. Do not re-list after each message or update.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+  manage_protocols: [
+    {
+      toolName: 'manage_protocols',
+      capabilities: ['platform.protocols'],
+      disciplineGuidance: [
+        'Read the protocol definition once, then execute steps. Do not re-read the protocol between each step.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+  manage_platform: [
+    {
+      toolName: 'manage_platform',
+      capabilities: ['platform.umbrella'],
+      disciplineGuidance: [
+        'Prefer the direct `manage_*` tools (manage_agents, manage_tasks, etc.) when they are enabled. Use `manage_platform` only as a fallback when the specific tool is not available.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+  spawn_subagent: [
+    {
+      toolName: 'spawn_subagent',
+      capabilities: ['delegation.subagent'],
+      disciplineGuidance: [
+        'Use `waitForCompletion: true` (the default) or `wait`/`wait_all` actions to await results. Do not poll `status` in a loop.',
+        'Batch related delegations — spawn multiple subagents at once if tasks are independent.',
+        'For multi-step or cross-domain work, delegate to a subagent rather than attempting everything in one long tool chain.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+  delegate: [
+    {
+      toolName: 'delegate',
+      capabilities: ['delegation.cli'],
+      disciplineGuidance: [
+        'Give the delegate a complete task description in one call. Do not send incremental instructions across multiple delegation calls.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+  manage_sessions: [
+    {
+      toolName: 'sessions_tool',
+      capabilities: ['platform.sessions'],
+      disciplineGuidance: [
+        'Check session identity once at the start. Do not re-query session info between each action.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+  memory: [
+    {
+      toolName: 'memory_tool',
+      capabilities: ['memory.search', 'memory.store'],
+      disciplineGuidance: [
+        'Search memory once with a good query, then use the results. Do not run multiple overlapping searches for the same topic.',
+        'For stores and updates, write once with complete content. Do not read-back immediately after writing to confirm.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+  context_mgmt: [
+    {
+      toolName: 'context_status',
+      capabilities: ['context.management'],
+      disciplineGuidance: [
+        'Check context status only when you suspect you are running low. Do not check after every tool call.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+  monitor: [
+    {
+      toolName: 'monitor_tool',
+      capabilities: ['monitoring.watch'],
+      disciplineGuidance: [
+        'Prefer `wait_until`, `wait_for_http`, `wait_for_file`, or other `wait_for_*` shortcut actions — they create a durable wait that resumes your turn automatically. Avoid creating a watch with `create_watch` then polling `get_watch` in a loop.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+  wallet: [
+    {
+      toolName: 'wallet_tool',
+      capabilities: [TOOL_CAPABILITY.walletInspect, TOOL_CAPABILITY.walletExecute],
+      disciplineGuidance: [
+        'Inspect wallet state once, then act. Use `simulate_transaction` to validate before executing. Do not re-inspect balances between each operation unless the operation changes them.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+  image_gen: [
+    {
+      toolName: 'generate_image',
+      capabilities: ['media.image_generation'],
+      disciplineGuidance: [
+        'Describe the image fully in one generation call. Do not generate multiple variations unless the user asks for options.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+  replicate: [
+    {
+      toolName: 'replicate',
+      capabilities: ['media.replicate'],
+      disciplineGuidance: [
+        'Submit the job with complete parameters in one call. Use `wait: true` for synchronous completion. If running async, let the built-in polling handle it — do not add your own polling loop on top.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+  schedule_wake: [
+    {
+      toolName: 'schedule_wake',
+      capabilities: ['runtime.schedule'],
+      disciplineGuidance: [
+        'Schedule the wake once with the correct time. Do not reschedule repeatedly to adjust by small increments.',
+      ],
+      requestMatchers: [],
+    },
+  ],
+  mailbox: [
+    {
+      toolName: 'mailbox',
+      capabilities: ['delivery.mailbox'],
+      disciplineGuidance: [
+        'Use `search_messages` for targeted retrieval instead of listing all messages. Do not poll the inbox in a loop waiting for replies.',
       ],
       requestMatchers: [],
     },

package/src/lib/server/tool-retry.ts

@@ -3,6 +3,9 @@
  */
 
 import { sleep, jitteredBackoff } from '@/lib/shared-utils'
+import { log } from '@/lib/server/logger'
+
+const TAG = 'tool-retry'
 
 export interface RetryOptions {
   maxAttempts?: number
@@ -51,9 +54,7 @@ export async function withRetry<TArgs>(
     if (attempt < maxAttempts && isRetryableError(lastResult, retryable)) {
       await opts?.onRetry?.(attempt, lastResult)
       const delay = jitteredBackoff(backoffMs, attempt - 1, backoffMs * 16)
-      console.warn(
-        `[tool-retry] Attempt ${attempt}/${maxAttempts} matched retryable pattern, retrying in ${delay}ms`,
-      )
+      log.warn(TAG, `Attempt ${attempt}/${maxAttempts} matched retryable pattern, retrying in ${delay}ms`)
       await sleep(delay)
       continue
     }

package/src/lib/server/wallet/wallet-portfolio.ts

@@ -84,9 +84,37 @@ export interface GetWalletPortfolioOptions {
   allowStale?: boolean
 }
 
+const PORTFOLIO_CACHE_MAX = 200
 const portfolioCache = new Map<string, WalletPortfolioCacheEntry>()
 const evmContractDiscoveryCache = new Map<string, EvmContractDiscoveryCacheEntry>()
 
+function pruneExpiredPortfolioCaches(): void {
+  const now = Date.now()
+  for (const [key, entry] of portfolioCache) {
+    if (entry.expiresAt <= now) portfolioCache.delete(key)
+  }
+  for (const [key, entry] of evmContractDiscoveryCache) {
+    if (entry.expiresAt <= now) evmContractDiscoveryCache.delete(key)
+  }
+  // Hard cap as safety net
+  if (portfolioCache.size > PORTFOLIO_CACHE_MAX) {
+    const excess = portfolioCache.size - PORTFOLIO_CACHE_MAX
+    const iter = portfolioCache.keys()
+    for (let i = 0; i < excess; i++) {
+      const k = iter.next().value
+      if (k !== undefined) portfolioCache.delete(k)
+    }
+  }
+  if (evmContractDiscoveryCache.size > PORTFOLIO_CACHE_MAX) {
+    const excess = evmContractDiscoveryCache.size - PORTFOLIO_CACHE_MAX
+    const iter = evmContractDiscoveryCache.keys()
+    for (let i = 0; i < excess; i++) {
+      const k = iter.next().value
+      if (k !== undefined) evmContractDiscoveryCache.delete(k)
+    }
+  }
+}
+
 const KNOWN_SOLANA_TOKENS: Record<string, { symbol: string; name: string }> = {
   EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v: { symbol: 'USDC', name: 'USD Coin' },
 }
@@ -721,6 +749,7 @@ export async function getWalletPortfolio(wallet: AgentWallet, options?: GetWalle
     label: `wallet portfolio ${wallet.id}`,
   })
 
+  pruneExpiredPortfolioCaches()
   portfolioCache.set(cacheKey, {
     expiresAt: Date.now() + PORTFOLIO_CACHE_TTL_MS,
     portfolio,

package/src/lib/server/ws-hub.ts

@@ -2,6 +2,9 @@ import { WebSocketServer, WebSocket } from 'ws'
 import type { IncomingMessage } from 'http'
 import { validateAccessKey } from './storage'
 import { AUTH_COOKIE_NAME, getCookieValue } from '@/lib/auth'
+import { log } from '@/lib/server/logger'
+
+const TAG = 'ws-hub'
 
 interface WsClient {
   ws: WebSocket
@@ -67,10 +70,10 @@ export function initWsServer() {
   })
 
   wss.on('error', (err) => {
-    console.error('[ws-hub] WebSocket server error:', err.message)
+    log.error(TAG, 'WebSocket server error:', err.message)
   })
 
-  console.log(`[ws-hub] WebSocket server listening on port ${port}`)
+  log.info(TAG, `WebSocket server listening on port ${port}`)
 }
 
 export function closeWsServer(): Promise<void> {