@swarmclawai/swarmclaw 1.2.9 → 1.3.0

package/README.md

@@ -204,6 +204,15 @@ Read the full setup guide in [`SWARMDOCK.md`](./SWARMDOCK.md), browse the public
 
 ## Release Notes
 
+### v1.3.0 Highlights
+
+- **SwarmDock SDK v0.2.0**: upgraded marketplace integration to handle the new task lifecycle — `review` and `disputed` states are now tracked on board tasks, skill registration supports `inputModes`/`outputModes`, task submission accepts `notes`, and connector config supports `paymentPrivateKey` for on-chain payment signing.
+- **Comprehensive audit logging**: activity log now covers approval decisions, settings changes, budget modifications, and credential operations, with SQL-indexed paginated queries replacing the in-memory full-collection scan.
+- **Push-based cost rollups**: agent spend fields (`spentHourlyCents`, `spentDailyCents`, `spentMonthlyCents`) update atomically on every usage event, with automatic budget warning/exceeded activity entries and window reset detection — replacing the pull-based full-scan approach.
+- **Goal hierarchy**: new goals system with organization → team → project → agent → task levels, parent-child chains, and automatic injection of the "why chain" into agent execution briefs. Full CRUD API and CLI support.
+- **Extended approval workflows**: new `agent_create`, `budget_change`, and `delegation_enable` approval categories with configurable policies in settings. When enabled, agent creation returns a pending approval instead of creating the agent directly.
+- **Shared validation schemas**: Zod schemas in `src/lib/validation/schemas.ts` are now safe for client-side import (server-only DAG validation moved to `server-schemas.ts`), enabling form-level pre-validation.
+
 ### v1.2.9 Highlights
 
 - **SwarmDock marketplace connector**: SwarmClaw agents can now register on SwarmDock, auto-bid on matching work, receive assignments as board tasks, and submit results back through the connector runtime.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@swarmclawai/swarmclaw",
-  "version": "1.2.9",
+  "version": "1.3.0",
   "description": "Self-hosted AI runtime for OpenClaw, delegation, autonomy, runtime skills, crypto wallets, and chat platform connectors.",
   "license": "MIT",
   "publishConfig": {
@@ -87,7 +87,7 @@
     "@multiavatar/multiavatar": "^1.0.7",
     "@playwright/mcp": "^0.0.68",
     "@slack/bolt": "^4.6.0",
-    "@swarmdock/sdk": "^0.1.0",
+    "@swarmdock/sdk": "^0.2.0",
     "@tailwindcss/postcss": "^4",
     "@tanstack/react-query": "^5.91.0",
     "@types/better-sqlite3": "^7.6.13",

package/src/app/api/activity/route.ts

@@ -1,32 +1,18 @@
 import { NextResponse } from 'next/server'
-import { loadActivity } from '@/lib/server/storage'
+import { queryActivity } from '@/lib/server/activity/activity-log'
 export const dynamic = 'force-dynamic'
 
 export async function GET(req: Request) {
   const { searchParams } = new URL(req.url)
-  const entityType = searchParams.get('entityType')
-  const entityId = searchParams.get('entityId')
-  const actor = searchParams.get('actor')
-  const action = searchParams.get('action')
-  const since = searchParams.get('since')
+  const entityType = searchParams.get('entityType') ?? undefined
+  const entityId = searchParams.get('entityId') ?? undefined
+  const actor = searchParams.get('actor') ?? undefined
+  const action = searchParams.get('action') ?? undefined
+  const sinceRaw = searchParams.get('since')
+  const since = sinceRaw ? Number(sinceRaw) : undefined
   const limit = Math.min(200, Math.max(1, Number(searchParams.get('limit')) || 50))
+  const offset = Math.max(0, Number(searchParams.get('offset')) || 0)
 
-  const all = loadActivity()
-  let entries = Object.values(all) as unknown as Array<Record<string, unknown>>
-
-  if (entityType) entries = entries.filter((e) => e.entityType === entityType)
-  if (entityId) entries = entries.filter((e) => e.entityId === entityId)
-  if (actor) entries = entries.filter((e) => e.actor === actor)
-  if (action) entries = entries.filter((e) => e.action === action)
-  if (since) {
-    const sinceMs = Number(since)
-    if (Number.isFinite(sinceMs)) {
-      entries = entries.filter((e) => typeof e.timestamp === 'number' && e.timestamp >= sinceMs)
-    }
-  }
-
-  entries.sort((a, b) => (b.timestamp as number) - (a.timestamp as number))
-  entries = entries.slice(0, limit)
-
+  const entries = queryActivity({ entityType, entityId, actor, action, since, limit, offset })
   return NextResponse.json(entries)
 }

package/src/app/api/agents/route.ts

@@ -5,6 +5,8 @@ import { AgentCreateSchema, formatZodError } from '@/lib/validation/schemas'
 import { ensureDaemonProcessRunning } from '@/lib/server/daemon/controller'
 import { z } from 'zod'
 import { safeParseBody } from '@/lib/server/safe-parse-body'
+import { loadSettings } from '@/lib/server/storage'
+import { requestApproval } from '@/lib/server/approvals'
 export const dynamic = 'force-dynamic'
 
 
@@ -36,6 +38,20 @@ export async function POST(req: Request) {
   if (!parsed.success) {
     return NextResponse.json(formatZodError(parsed.error as z.ZodError), { status: 400 })
   }
-  const agent = createAgent({ body: parsed.data as unknown as Record<string, unknown>, rawRecord })
+  const body = parsed.data as unknown as Record<string, unknown>
+
+  // Check approval policy — if enabled, create an approval request instead of the agent
+  const settings = loadSettings()
+  if (settings.approvalPolicies?.requireApprovalForAgentCreate) {
+    const approval = requestApproval({
+      category: 'agent_create',
+      title: `Create agent: ${body.name}`,
+      description: `Request to create agent "${body.name}" with provider ${body.provider}`,
+      data: { pendingAgentConfig: body, agentName: String(body.name || ''), provider: String(body.provider || '') },
+    })
+    return NextResponse.json({ pendingApproval: true, approvalId: approval.id }, { status: 202 })
+  }
+
+  const agent = createAgent({ body, rawRecord })
   return NextResponse.json(agent)
 }

package/src/app/api/approvals/route.ts

@@ -2,11 +2,22 @@ import { NextResponse } from 'next/server'
 import { listPendingApprovals, submitDecision } from '@/lib/server/approvals'
 import { loadApprovals } from '@/lib/server/storage'
 import { errorMessage } from '@/lib/shared-utils'
+import type { ApprovalCategory } from '@/types'
 
 export const dynamic = 'force-dynamic'
 
-export async function GET() {
-  return NextResponse.json(listPendingApprovals('human_loop'))
+const ALLOWED_CATEGORIES: ApprovalCategory[] = [
+  'human_loop', 'tool_access', 'extension_scaffold', 'extension_install',
+  'task_tool', 'connector_sender', 'agent_create', 'budget_change', 'delegation_enable',
+]
+
+export async function GET(req: Request) {
+  const { searchParams } = new URL(req.url)
+  const categoryParam = searchParams.get('category') as ApprovalCategory | null
+  const category = categoryParam && ALLOWED_CATEGORIES.includes(categoryParam)
+    ? categoryParam
+    : undefined
+  return NextResponse.json(listPendingApprovals(category))
 }
 
 export async function POST(req: Request) {
@@ -20,9 +31,6 @@ export async function POST(req: Request) {
     if (!approval) {
       return NextResponse.json({ error: 'approval not found' }, { status: 404 })
     }
-    if (approval.category !== 'human_loop') {
-      return NextResponse.json({ error: 'only human-loop approvals are supported here' }, { status: 400 })
-    }
     await submitDecision(id, approved)
     return NextResponse.json({ ok: true })
   } catch (err: unknown) {

package/src/app/api/credentials/[id]/route.ts

@@ -2,6 +2,7 @@ import { NextResponse } from 'next/server'
 import { deleteCredentialRecord } from '@/lib/server/credentials/credential-service'
 import { notFound } from '@/lib/server/collection-helpers'
 import { log } from '@/lib/server/logger'
+import { logActivity } from '@/lib/server/activity/activity-log'
 
 const TAG = 'api-credentials'
 
@@ -11,5 +12,6 @@ export async function DELETE(_req: Request, { params }: { params: Promise<{ id:
     return notFound()
   }
   log.info(TAG, `deleted ${credId}`)
+  logActivity({ entityType: 'credential', entityId: credId, action: 'deleted', actor: 'user', summary: `Credential deleted: ${credId}` })
   return new NextResponse('OK')
 }

package/src/app/api/credentials/route.ts

@@ -1,6 +1,7 @@
 import { NextResponse } from 'next/server'
 import { createCredentialRecord, listCredentialSummaries } from '@/lib/server/credentials/credential-service'
 import { safeParseBody } from '@/lib/server/safe-parse-body'
+import { logActivity } from '@/lib/server/activity/activity-log'
 export const dynamic = 'force-dynamic'
 
 
@@ -16,7 +17,9 @@ export async function POST(req: Request) {
     return NextResponse.json({ error: 'provider and apiKey are required' }, { status: 400 })
   }
   try {
-    return NextResponse.json(createCredentialRecord({ provider, name, apiKey }))
+    const result = createCredentialRecord({ provider, name, apiKey })
+    logActivity({ entityType: 'credential', entityId: result.id, action: 'created', actor: 'user', summary: `Credential created: "${name}" (${provider})` })
+    return NextResponse.json(result)
   } catch (err: unknown) {
     return NextResponse.json(
       { error: err instanceof Error ? err.message : 'Failed to create credential' },

package/src/app/api/goals/[id]/route.ts

@@ -0,0 +1,28 @@
+import { NextResponse } from 'next/server'
+import { safeParseBody } from '@/lib/server/safe-parse-body'
+import { getGoalById, updateGoal, deleteGoal, getGoalChain } from '@/lib/server/goals/goal-service'
+import { notFound } from '@/lib/server/collection-helpers'
+export const dynamic = 'force-dynamic'
+
+export async function GET(_req: Request, { params }: { params: Promise<{ id: string }> }) {
+  const { id } = await params
+  const goal = getGoalById(id)
+  if (!goal) return notFound()
+  const chain = getGoalChain(id)
+  return NextResponse.json({ ...goal, chain })
+}
+
+export async function PATCH(req: Request, { params }: { params: Promise<{ id: string }> }) {
+  const { id } = await params
+  const { data: body, error } = await safeParseBody<Record<string, unknown>>(req)
+  if (error) return error
+  const updated = updateGoal(id, body)
+  if (!updated) return notFound()
+  return NextResponse.json(updated)
+}
+
+export async function DELETE(_req: Request, { params }: { params: Promise<{ id: string }> }) {
+  const { id } = await params
+  if (!deleteGoal(id)) return notFound()
+  return new NextResponse('OK')
+}

package/src/app/api/goals/route.ts

@@ -0,0 +1,33 @@
+import { NextResponse } from 'next/server'
+import { z } from 'zod'
+import { safeParseBody } from '@/lib/server/safe-parse-body'
+import { getAllGoals, createGoal } from '@/lib/server/goals/goal-service'
+import { formatZodError } from '@/lib/validation/schemas'
+export const dynamic = 'force-dynamic'
+
+const GoalCreateSchema = z.object({
+  title: z.string().min(1, 'Goal title is required'),
+  description: z.string().optional().default(''),
+  level: z.enum(['organization', 'team', 'project', 'agent', 'task']),
+  parentGoalId: z.string().nullable().optional().default(null),
+  projectId: z.string().nullable().optional().default(null),
+  agentId: z.string().nullable().optional().default(null),
+  taskId: z.string().nullable().optional().default(null),
+  objective: z.string().min(1, 'Objective is required'),
+  constraints: z.array(z.string()).optional().default([]),
+  successMetric: z.string().nullable().optional().default(null),
+  budgetUsd: z.number().positive().nullable().optional().default(null),
+  deadlineAt: z.number().nullable().optional().default(null),
+})
+
+export async function GET() {
+  return NextResponse.json(getAllGoals())
+}
+
+export async function POST(req: Request) {
+  const { data: body, error } = await safeParseBody<Record<string, unknown>>(req)
+  if (error) return error
+  const parsed = GoalCreateSchema.safeParse(body)
+  if (!parsed.success) return NextResponse.json(formatZodError(parsed.error), { status: 400 })
+  return NextResponse.json(createGoal(parsed.data))
+}

package/src/app/api/protocols/templates/[id]/route.ts

@@ -1,7 +1,8 @@
 import { NextResponse } from 'next/server'
 import { z } from 'zod'
 import { notFound } from '@/lib/server/collection-helpers'
-import { formatZodError, ProtocolTemplateUpsertSchema } from '@/lib/validation/schemas'
+import { formatZodError } from '@/lib/validation/schemas'
+import { ProtocolTemplateUpsertSchema } from '@/lib/validation/server-schemas'
 import {
   deleteProtocolTemplateById,
   loadProtocolTemplateById,

package/src/app/api/protocols/templates/route.ts

@@ -1,6 +1,7 @@
 import { NextResponse } from 'next/server'
 import { z } from 'zod'
-import { formatZodError, ProtocolTemplateUpsertSchema } from '@/lib/validation/schemas'
+import { formatZodError } from '@/lib/validation/schemas'
+import { ProtocolTemplateUpsertSchema } from '@/lib/validation/server-schemas'
 import {
   createProtocolTemplate,
   listProtocolTemplates,

package/src/app/api/settings/route.ts

@@ -6,6 +6,7 @@ import { loadPublicSettings, loadSettings, saveSettings } from '@/lib/server/sto
 import { normalizeRuntimeSettingFields } from '@/lib/runtime/runtime-loop'
 import { normalizeSupervisorSettings } from '@/lib/autonomy/supervisor-settings'
 import { ensureDaemonProcessRunning } from '@/lib/server/daemon/controller'
+import { logActivity } from '@/lib/server/activity/activity-log'
 export const dynamic = 'force-dynamic'
 
 
@@ -164,6 +165,18 @@ export async function PUT(req: Request) {
 
   saveSettings(settings)
 
+  const changedKeys = Object.keys(sanitizedBody).filter((k) => !SECRET_SETTING_KEYS.includes(k as typeof SECRET_SETTING_KEYS[number]))
+  if (changedKeys.length > 0) {
+    logActivity({
+      entityType: 'settings',
+      entityId: 'app',
+      action: 'configured',
+      actor: 'user',
+      summary: `Settings updated: ${changedKeys.join(', ')}`,
+      detail: { changedKeys },
+    })
+  }
+
   if ('daemonAutostartEnabled' in sanitizedBody && settings.daemonAutostartEnabled) {
     void ensureDaemonProcessRunning('api/settings:put:daemon-autostart', { manualStart: true }).catch(() => {
       // The daemon launcher may not be available during early bootstrap.

package/src/app/home/page.tsx

@@ -42,6 +42,9 @@ const ACTIVITY_ICONS: Record<ActivityEntry['action'], string> = {
   incident: 'M10.29 3.86L1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0zM12 9v4m0 4h.01',
   running: 'M12 2v4m0 12v4m10-10h-4M6 12H2',
   claimed: 'M9 12l2 2 4-4m6 2a10 10 0 1 1-20 0 10 10 0 0 1 20 0z',
+  configured: 'M12.22 2h-.44a2 2 0 0 0-2 2v.18a2 2 0 0 1-1 1.73l-.43.25a2 2 0 0 1-2 0l-.15-.08a2 2 0 0 0-2.73.73l-.22.38a2 2 0 0 0 .73 2.73l.15.1a2 2 0 0 1 1 1.72v.51a2 2 0 0 1-1 1.74l-.15.09a2 2 0 0 0-.73 2.73l.22.38a2 2 0 0 0 2.73.73l.15-.08a2 2 0 0 1 2 0l.43.25a2 2 0 0 1 1 1.73V20a2 2 0 0 0 2 2h.44a2 2 0 0 0 2-2v-.18a2 2 0 0 1 1-1.73l.43-.25a2 2 0 0 1 2 0l.15.08a2 2 0 0 0 2.73-.73l.22-.39a2 2 0 0 0-.73-2.73l-.15-.08a2 2 0 0 1-1-1.74v-.5a2 2 0 0 1 1-1.74l.15-.09a2 2 0 0 0 .73-2.73l-.22-.38a2 2 0 0 0-2.73-.73l-.15.08a2 2 0 0 1-2 0l-.43-.25a2 2 0 0 1-1-1.73V4a2 2 0 0 0-2-2z',
+  budget_exceeded: 'M12 2a10 10 0 1 0 0 20 10 10 0 0 0 0-20m0 6v4m0 4h.01',
+  budget_warning: 'M10.29 3.86L1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0zM12 9v4m0 4h.01',
 }
 
 const ACTIVITY_COLORS: Record<string, string> = {

package/src/cli/index.js

@@ -757,6 +757,17 @@ const COMMAND_GROUPS = [
       cmd('delete', 'DELETE', '/wallets/:id', 'Delete a wallet'),
     ],
   },
+  {
+    name: 'goals',
+    description: 'Manage goal hierarchy',
+    commands: [
+      cmd('list', 'GET', '/goals', 'List goals'),
+      cmd('get', 'GET', '/goals/:id', 'Get goal by id'),
+      cmd('create', 'POST', '/goals', 'Create a goal', { expectsJsonBody: true }),
+      cmd('update', 'PATCH', '/goals/:id', 'Update a goal', { expectsJsonBody: true }),
+      cmd('delete', 'DELETE', '/goals/:id', 'Delete a goal'),
+    ],
+  },
 ]
 
 const GROUP_MAP = new Map(COMMAND_GROUPS.map((group) => [group.name, group]))

package/src/cli/spec.js

@@ -535,6 +535,16 @@ const COMMAND_GROUPS = {
       delete: { description: 'Delete a wallet', method: 'DELETE', path: '/wallets/:id', params: ['id'] },
     },
   },
+  goals: {
+    description: 'Manage goal hierarchy',
+    commands: {
+      list: { description: 'List goals', method: 'GET', path: '/goals' },
+      get: { description: 'Get goal by id', method: 'GET', path: '/goals/:id', params: ['id'] },
+      create: { description: 'Create a goal', method: 'POST', path: '/goals' },
+      update: { description: 'Update a goal', method: 'PATCH', path: '/goals/:id', params: ['id'], body: true },
+      delete: { description: 'Delete a goal', method: 'DELETE', path: '/goals/:id', params: ['id'] },
+    },
+  },
 }
 
 const GROUP_NAMES = Object.keys(COMMAND_GROUPS)

package/src/lib/server/activity/activity-log.ts

@@ -1,4 +1,4 @@
-import { loadActivity as loadStoredActivity, logActivity as writeActivityLog } from '@/lib/server/storage'
+import { loadActivity as loadStoredActivity, logActivity as writeActivityLog, queryActivity as queryStoredActivity } from '@/lib/server/storage'
 import { perf } from '@/lib/server/runtime/perf'
 
 export function loadActivity() {
@@ -19,3 +19,18 @@ export function logActivity(entry: {
     action: entry.action,
   })
 }
+
+/** Paginated activity query — uses SQL WHERE + LIMIT/OFFSET for efficiency. */
+export function queryActivity(filters: {
+  entityType?: string
+  entityId?: string
+  actor?: string
+  action?: string
+  since?: number
+  limit?: number
+  offset?: number
+}): unknown[] {
+  return perf.measureSync('repository', 'activity.query', () => queryStoredActivity(filters), {
+    entityType: filters.entityType ?? 'all',
+  })
+}

package/src/lib/server/agents/agent-service.ts

@@ -66,19 +66,22 @@ function detachAgentSessions(agentId: string): number {
 
 export function listAgentsForApi(): Record<string, Agent> {
   const agents = loadAgents()
-  const sessions = listSessions()
-  const usage = loadUsage()
-  const now = Date.now()
   for (const agent of Object.values(agents)) {
-    if (
-      (typeof agent.monthlyBudget === 'number' && agent.monthlyBudget > 0)
+    const hasBudget = (typeof agent.monthlyBudget === 'number' && agent.monthlyBudget > 0)
       || (typeof agent.dailyBudget === 'number' && agent.dailyBudget > 0)
       || (typeof agent.hourlyBudget === 'number' && agent.hourlyBudget > 0)
-    ) {
-      const spend = getAgentSpendWindows(agent.id, now, {
-        sessions,
-        usage,
-      })
+    if (!hasBudget) continue
+
+    // Use persisted spend fields when available (push-based rollup)
+    if (typeof agent.lastSpendRollupAt === 'number' && agent.lastSpendRollupAt > 0) {
+      if (typeof agent.monthlyBudget === 'number' && agent.monthlyBudget > 0) agent.monthlySpend = (agent.spentMonthlyCents ?? 0) / 100
+      if (typeof agent.dailyBudget === 'number' && agent.dailyBudget > 0) agent.dailySpend = (agent.spentDailyCents ?? 0) / 100
+      if (typeof agent.hourlyBudget === 'number' && agent.hourlyBudget > 0) agent.hourlySpend = (agent.spentHourlyCents ?? 0) / 100
+    } else {
+      // Fallback: full scan for agents that predate the rollup system
+      const sessions = listSessions()
+      const usage = loadUsage()
+      const spend = getAgentSpendWindows(agent.id, Date.now(), { sessions, usage })
       if (typeof agent.monthlyBudget === 'number' && agent.monthlyBudget > 0) agent.monthlySpend = spend.monthly
       if (typeof agent.dailyBudget === 'number' && agent.dailyBudget > 0) agent.dailySpend = spend.daily
       if (typeof agent.hourlyBudget === 'number' && agent.hourlyBudget > 0) agent.hourlySpend = spend.hourly
@@ -301,7 +304,17 @@ export function updateAgent(agentId: string, body: Record<string, unknown>): Age
     updateThreadShortcutSession(agentId, updated)
   }
 
-  logActivity({ entityType: 'agent', entityId: agentId, action: 'updated', actor: 'user', summary: `Agent updated: "${updated.name}"` })
+  const budgetFields = ['monthlyBudget', 'dailyBudget', 'hourlyBudget', 'budgetAction'] as const
+  const budgetChanges: Record<string, unknown> = {}
+  for (const key of budgetFields) {
+    if (key in body) budgetChanges[key] = body[key]
+  }
+  const detail: Record<string, unknown> = {}
+  if (Object.keys(budgetChanges).length > 0) detail.budgetChanges = budgetChanges
+  logActivity({ entityType: 'agent', entityId: agentId, action: 'updated', actor: 'user', summary: `Agent updated: "${updated.name}"`, detail: Object.keys(detail).length > 0 ? detail : undefined })
+  if (Object.keys(budgetChanges).length > 0) {
+    logActivity({ entityType: 'budget', entityId: agentId, action: 'configured', actor: 'user', summary: `Budget updated for agent "${updated.name}"`, detail: budgetChanges })
+  }
   return updated
 }
 

package/src/lib/server/approval-match.ts

@@ -71,6 +71,20 @@ export function buildApprovalComparablePayload(
         toolName: trimString(data.toolName),
         args: canonicalizeValue(data.args),
       }
+    case 'agent_create':
+      return {
+        agentName: trimString(data.agentName),
+        provider: trimString(data.provider),
+      }
+    case 'budget_change':
+      return {
+        agentId: trimString(data.agentId),
+        budgetChanges: canonicalizeValue(data.budgetChanges),
+      }
+    case 'delegation_enable':
+      return {
+        agentId: trimString(data.agentId),
+      }
     default:
       return canonicalizeValue(data) as Record<string, unknown>
   }

package/src/lib/server/approvals/approval-hooks.ts

@@ -0,0 +1,81 @@
+import type { ApprovalRequest } from '@/types'
+import { logActivity } from '@/lib/server/activity/activity-log'
+import { log } from '@/lib/server/logger'
+
+const TAG = 'approval-hooks'
+
+type ApprovalHookHandler = (request: ApprovalRequest) => void
+
+const approvalHandlers: Partial<Record<string, ApprovalHookHandler>> = {
+  agent_create: onAgentCreateDecided,
+  budget_change: onBudgetChangeDecided,
+  delegation_enable: onDelegationEnableDecided,
+}
+
+/**
+ * Dispatch lifecycle hooks when an approval decision is made.
+ * Called from submitDecision() after the approval is persisted.
+ */
+export function onApprovalDecision(request: ApprovalRequest): void {
+  const handler = approvalHandlers[request.category]
+  if (!handler) return
+  try {
+    handler(request)
+  } catch (err) {
+    log.error(TAG, `Error in approval hook for ${request.category}: ${err}`)
+  }
+}
+
+function onAgentCreateDecided(request: ApprovalRequest): void {
+  if (request.status !== 'approved') return
+  const pendingConfig = request.data.pendingAgentConfig as Record<string, unknown> | undefined
+  if (!pendingConfig) return
+
+  // Dynamically import to avoid circular dependency
+  import('@/lib/server/agents/agent-service').then(({ createAgent }) => {
+    const agent = createAgent({ body: pendingConfig })
+    logActivity({
+      entityType: 'agent',
+      entityId: agent.id,
+      action: 'created',
+      actor: 'system',
+      summary: `Agent "${agent.name}" created after approval ${request.id}`,
+      detail: { approvalId: request.id },
+    })
+  }).catch((err) => {
+    log.error(TAG, `Failed to create agent after approval: ${err}`)
+  })
+}
+
+function onBudgetChangeDecided(request: ApprovalRequest): void {
+  if (request.status !== 'approved') return
+  const agentId = request.data.agentId as string | undefined
+  const budgetChanges = request.data.budgetChanges as Record<string, unknown> | undefined
+  if (!agentId || !budgetChanges) return
+
+  import('@/lib/server/agents/agent-service').then(({ updateAgent }) => {
+    updateAgent(agentId, budgetChanges)
+    logActivity({
+      entityType: 'budget',
+      entityId: agentId,
+      action: 'configured',
+      actor: 'system',
+      summary: `Budget updated for agent after approval ${request.id}`,
+      detail: { approvalId: request.id, budgetChanges },
+    })
+  }).catch((err) => {
+    log.error(TAG, `Failed to apply budget change after approval: ${err}`)
+  })
+}
+
+function onDelegationEnableDecided(request: ApprovalRequest): void {
+  if (request.status !== 'approved') return
+  const agentId = request.data.agentId as string | undefined
+  if (!agentId) return
+
+  import('@/lib/server/agents/agent-service').then(({ updateAgent }) => {
+    updateAgent(agentId, { delegationEnabled: true })
+  }).catch((err) => {
+    log.error(TAG, `Failed to enable delegation after approval: ${err}`)
+  })
+}

package/src/lib/server/approvals.ts

@@ -5,6 +5,8 @@ import { notify } from './ws-hub'
 import { dispatchWake } from '@/lib/server/runtime/wake-dispatcher'
 import { enqueueSystemEvent } from '@/lib/server/runtime/system-events'
 import { enqueueSessionRun } from '@/lib/server/runtime/session-run-manager'
+import { logActivity } from '@/lib/server/activity/activity-log'
+import { onApprovalDecision } from '@/lib/server/approvals/approval-hooks'
 
 function trimToString(value: unknown): string {
   return typeof value === 'string' ? value.trim() : ''
@@ -131,6 +133,15 @@ export async function submitDecision(id: string, approved: boolean): Promise<App
   if (request.status === (approved ? 'approved' : 'rejected')) return request
   if (request.status !== 'pending') return request
   const updated = await persistApprovalDecision(request, approved)
+  logActivity({
+    entityType: 'approval',
+    entityId: id,
+    action: approved ? 'approved' : 'rejected',
+    actor: 'user',
+    summary: `Approval ${approved ? 'approved' : 'rejected'}: ${request.title}`,
+    detail: { category: request.category, agentId: request.agentId, sessionId: request.sessionId },
+  })
+  onApprovalDecision(updated)
   wakeForApprovalDecision(updated, approved)
   return updated
 }

package/src/lib/server/connectors/swarmdock-tasks.ts

@@ -100,6 +100,14 @@ export async function updateBoardTaskFromEvent(
       boardTask.status = 'failed'
       boardTask.checkoutRunId = null
       break
+    case 'task.review':
+      // Work submitted, awaiting requester review on SwarmDock
+      if (boardTask.externalSource) boardTask.externalSource.state = 'review'
+      break
+    case 'task.disputed':
+      // Task disputed on SwarmDock
+      if (boardTask.externalSource) boardTask.externalSource.state = 'disputed'
+      break
   }
 
   boardTask.updatedAt = now

package/src/lib/server/connectors/swarmdock.ts

@@ -35,6 +35,7 @@ interface SwarmDockConfig {
   skills: string
   autoDiscover: boolean
   maxBudget: string
+  paymentPrivateKey?: string
 }
 
 function parseConfig(connector: Connector): SwarmDockConfig {
@@ -46,6 +47,7 @@ function parseConfig(connector: Connector): SwarmDockConfig {
     skills: c.skills || '',
     autoDiscover: c.autoDiscover === 'true',
     maxBudget: c.maxBudget || '0',
+    paymentPrivateKey: c.paymentPrivateKey || undefined,
   }
 }
 
@@ -73,11 +75,13 @@ export async function submitSwarmdockTaskResult(
   client: { tasks: { submit: (taskId: string, input: TaskSubmitInput) => Promise<unknown> } },
   swarmdockTaskId: string,
   text: string,
+  notes?: string,
 ): Promise<void> {
   const payload: TaskSubmitInput = {
     artifacts: [{ type: 'text/markdown', content: text }],
     files: [],
   }
+  if (notes) payload.notes = notes
   await client.tasks.submit(swarmdockTaskId, payload)
 }
 
@@ -106,6 +110,9 @@ const swarmdock: PlatformConnector = {
     const client = new SwarmDockClient({
       baseUrl: config.apiUrl,
       privateKey,
+      ...(config.paymentPrivateKey?.startsWith('0x')
+        ? { paymentPrivateKey: config.paymentPrivateKey as `0x${string}` }
+        : {}),
     })
 
     // Register agent on SwarmDock (Ed25519 challenge-response)
@@ -119,6 +126,8 @@ const swarmdock: PlatformConnector = {
         description: `${skillId} capability`,
         category: skillId,
         basePrice: '1000000', // $1.00 default
+        inputModes: ['text'],
+        outputModes: ['text'],
       }))
 
     log.info(TAG, `Registering agent "${connector.name}" on SwarmDock at ${config.apiUrl}`)
@@ -195,6 +204,27 @@ const swarmdock: PlatformConnector = {
             break
           }
 
+          case 'task.review': {
+            const taskId = (event.data as Record<string, string>).taskId
+            if (taskId) await updateBoardTaskFromEvent(taskId, 'task.review')
+            break
+          }
+
+          case 'task.disputed': {
+            const taskId = (event.data as Record<string, string>).taskId
+            if (taskId) {
+              await updateBoardTaskFromEvent(taskId, 'task.disputed')
+              logActivity({
+                entityType: 'connector',
+                entityId: connectorId,
+                action: 'incident',
+                actor: 'system',
+                summary: `SwarmDock task ${taskId} disputed`,
+              })
+            }
+            break
+          }
+
           case 'payment.released': {
             const data = event.data as Record<string, string>
             logActivity({