@swarmclawai/swarmclaw 1.4.0 → 1.4.3

package/src/features/swarmfeed/feed-page.tsx

@@ -3,7 +3,6 @@
 import { useCallback, useEffect, useState } from 'react'
 import { fetchFeed } from './queries'
 import { PostCard } from './post-card'
-import { ComposePost } from './compose-post'
 import { MainContent } from '@/components/layout/main-content'
 import { PageLoader } from '@/components/ui/page-loader'
 import type { SwarmFeedPost, FeedType } from '@/types/swarmfeed'
@@ -19,8 +18,6 @@ export function FeedPage() {
   const [posts, setPosts] = useState<SwarmFeedPost[]>([])
   const [loading, setLoading] = useState(true)
   const [error, setError] = useState<string | null>(null)
-  const [showCompose, setShowCompose] = useState(false)
-
   const loadFeed = useCallback(async (type: FeedType) => {
     setLoading(true)
     setError(null)
@@ -44,42 +41,15 @@ export function FeedPage() {
     setActiveTab(tab)
   }
 
-  const handlePostCreated = (post: SwarmFeedPost) => {
-    setPosts((prev) => [post, ...prev])
-    setShowCompose(false)
-  }
-
   return (
     <MainContent>
       <div className="flex-1 overflow-y-auto overscroll-contain">
         <div className="mx-auto max-w-2xl px-4 sm:px-6 py-8">
-          <div className="flex items-center justify-between mb-6">
-            <div>
-              <h1 className="font-display text-[22px] font-700 tracking-[-0.02em] text-text">Feed</h1>
-              <p className="mt-1 text-[13px] text-text-3/75">Social updates from your AI agents</p>
-            </div>
-            <button
-              onClick={() => setShowCompose((c) => !c)}
-              className="px-4 py-2 rounded-[12px] bg-accent-bright text-white text-[13px] font-600 transition-all
-                hover:bg-accent-bright/90 border-none cursor-pointer flex items-center gap-2"
-            >
-              <svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" strokeWidth="2" strokeLinecap="round">
-                <line x1="12" y1="5" x2="12" y2="19" /><line x1="5" y1="12" x2="19" y2="12" />
-              </svg>
-              Compose
-            </button>
+          <div className="mb-6">
+            <h1 className="font-display text-[22px] font-700 tracking-[-0.02em] text-text">Feed</h1>
+            <p className="mt-1 text-[13px] text-text-3/75">Social updates from your AI agents</p>
           </div>
 
-          {/* Compose area */}
-          {showCompose && (
-            <div className="mb-6">
-              <ComposePost
-                onPostCreated={handlePostCreated}
-                onClose={() => setShowCompose(false)}
-              />
-            </div>
-          )}
-
           {/* Tab bar */}
           <div className="flex gap-1 mb-6 rounded-[14px] border border-white/[0.06] bg-surface/50 p-1">
             {FEED_TABS.map((tab) => (

package/src/features/swarmfeed/queries.ts

@@ -10,16 +10,16 @@ export async function fetchFeed(
   if (params?.channelId) searchParams.set('channelId', params.channelId)
   if (params?.cursor) searchParams.set('cursor', params.cursor)
   if (params?.limit) searchParams.set('limit', String(params.limit))
-  return api<{ posts: SwarmFeedPost[]; nextCursor?: string }>('GET', `/api/swarmfeed?${searchParams.toString()}`)
+  return api<{ posts: SwarmFeedPost[]; nextCursor?: string }>('GET', `/swarmfeed?${searchParams.toString()}`)
 }
 
 export async function fetchChannels(): Promise<SwarmFeedChannel[]> {
-  const result = await api<{ channels: SwarmFeedChannel[] }>('GET', '/api/swarmfeed/channels')
+  const result = await api<{ channels: SwarmFeedChannel[] }>('GET', '/swarmfeed/channels')
   return result.channels
 }
 
 export async function submitPost(agentId: string, content: string, channelId?: string, parentId?: string): Promise<SwarmFeedPost> {
-  return api<SwarmFeedPost>('POST', '/api/swarmfeed/posts', {
+  return api<SwarmFeedPost>('POST', '/swarmfeed/posts', {
     agentId,
     content,
     channelId,

package/src/lib/app/navigation.ts

@@ -32,6 +32,7 @@ const VIEW_TO_PATH: Record<AppView, string> = {
   projects: '/projects',
   activity: '/activity',
   swarmfeed: '/swarmfeed',
+  marketplace: '/marketplace',
 }
 
 /** Build a URL path for a given view, optionally with an entity ID. */

package/src/lib/app/report-client-error.ts

@@ -0,0 +1,52 @@
+'use client'
+
+type ReportClientErrorInput = {
+  source: string
+  error: Error | string | unknown
+  componentStack?: string | null
+  digest?: string | null
+}
+
+const reportedClientErrors = new Set<string>()
+
+function truncate(value: string | null | undefined, max: number): string | undefined {
+  if (!value) return undefined
+  return value.length > max ? value.slice(0, max) : value
+}
+
+export function reportClientError(input: ReportClientErrorInput) {
+  if (typeof window === 'undefined') return
+
+  const message = input.error instanceof Error
+    ? input.error.message
+    : typeof input.error === 'string'
+      ? input.error
+      : String(input.error)
+
+  const stack = input.error instanceof Error ? input.error.stack : undefined
+  const fingerprint = [
+    input.source,
+    message,
+    input.digest || '',
+    input.componentStack || '',
+  ].join('|')
+
+  if (reportedClientErrors.has(fingerprint)) return
+  reportedClientErrors.add(fingerprint)
+
+  void fetch('/api/logs', {
+    method: 'POST',
+    headers: { 'content-type': 'application/json' },
+    body: JSON.stringify({
+      source: input.source,
+      message: truncate(message, 1000),
+      stack: truncate(stack, 8000),
+      componentStack: truncate(input.componentStack, 8000),
+      digest: truncate(input.digest, 200),
+      url: truncate(window.location.href, 2000),
+      pathname: truncate(window.location.pathname, 1000),
+      userAgent: truncate(window.navigator.userAgent, 1000),
+    }),
+    keepalive: true,
+  }).catch(() => {})
+}

package/src/lib/app/view-constants.ts

@@ -28,6 +28,7 @@ export const VIEW_LABELS: Record<AppView, string> = {
   projects: 'Projects',
   activity: 'Activity',
   swarmfeed: 'Feed',
+  marketplace: 'Marketplace',
 }
 
 export const CREATE_LABELS: Partial<Record<AppView, string>> = {
@@ -73,6 +74,7 @@ export const VIEW_DESCRIPTIONS: Record<AppView, string> = {
   projects: 'Group agents, tasks & schedules into projects',
   activity: 'Audit trail of all entity mutations',
   swarmfeed: 'Social feed for AI agents to post, follow, and engage',
+  marketplace: 'AI agent marketplace — browse tasks, agents, and skills on SwarmDock',
 }
 
 export const VIEW_EMPTY_STATES: Record<Exclude<AppView, 'agents' | 'home'>, { icon: string; title: string; description: string; features: string[] }> = {
@@ -221,10 +223,16 @@ export const VIEW_EMPTY_STATES: Record<Exclude<AppView, 'agents' | 'home'>, { ic
     description: 'A social feed where your AI agents post updates, follow each other, and engage with content.',
     features: ['Agents post status updates and insights', 'Follow agents and browse trending content', 'Channel-based topic organization', 'Like, repost, and reply interactions'],
   },
+  marketplace: {
+    icon: 'store',
+    title: 'Marketplace',
+    description: 'Browse the SwarmDock agent marketplace — discover tasks, agents, and skills.',
+    features: ['Browse available tasks and bid on work', 'View registered agents and their skills', 'Track task status and completions', 'USDC-based payments on Base L2'],
+  },
 }
 
 export const FULL_WIDTH_VIEWS = new Set<AppView>([
   'home', 'org_chart', 'inbox', 'chatrooms', 'protocols', 'schedules', 'secrets', 'wallets', 'providers', 'skills',
   'connectors', 'webhooks', 'mcp_servers', 'knowledge', 'extensions',
-  'usage', 'runs', 'autonomy', 'logs', 'settings', 'activity', 'projects', 'swarmfeed',
+  'usage', 'runs', 'autonomy', 'logs', 'settings', 'activity', 'projects', 'swarmfeed', 'marketplace',
 ])

package/src/lib/providers/anthropic.ts

@@ -90,6 +90,7 @@ export function streamAnthropicChat({ session, message, imagePath, apiKey, syste
           }
 
           let buf = ''
+          let malformedChunkLogged = false
           apiRes.on('data', (chunk: Buffer) => {
             if (abortController.aborted) return
             buf += chunk.toString()
@@ -112,7 +113,14 @@ export function streamAnthropicChat({ session, message, imagePath, apiKey, syste
                 if (parsed.type === 'message_delta' && parsed.usage) {
                   usageOutput = parsed.usage.output_tokens || 0
                 }
-              } catch {}
+              } catch {
+                if (!malformedChunkLogged) {
+                  malformedChunkLogged = true
+                  log.warn(TAG, `[${session.id}] failed to parse Anthropic stream chunk`, {
+                    sample: data.slice(0, 200),
+                  })
+                }
+              }
             }
           })
 

package/src/lib/providers/ollama.ts

@@ -2,6 +2,7 @@ import fs from 'fs'
 import http from 'http'
 import https from 'https'
 import type { StreamChatOptions } from './index'
+import { streamOpenAiChat } from './openai'
 import { IMAGE_EXTS, TEXT_EXTS, MAX_HISTORY_MESSAGES, writeSSE } from './provider-defaults'
 import { log } from '@/lib/server/logger'
 import { resolveOllamaRuntimeConfig } from '@/lib/server/ollama-runtime'
@@ -9,23 +10,34 @@ import { resolveImagePath } from '@/lib/server/resolve-image'
 
 const TAG = 'provider-ollama'
 
-export function streamOllamaChat({ session, message, imagePath, apiKey, write, active, loadHistory, onUsage, signal }: StreamChatOptions): Promise<string> {
+/** Ollama Cloud uses the OpenAI-compatible /v1 endpoint, not the native /api/chat protocol. */
+const OLLAMA_CLOUD_OPENAI_ENDPOINT = 'https://ollama.com/v1'
+
+export function streamOllamaChat(opts: StreamChatOptions): Promise<string> {
+  const { session, apiKey, write, active } = opts
+  const runtime = resolveOllamaRuntimeConfig({
+    model: session.model,
+    ollamaMode: session.ollamaMode,
+    apiKey,
+    apiEndpoint: session.apiEndpoint,
+  })
+
+  if (runtime.useCloud) {
+    if (!runtime.apiKey) {
+      writeSSE(write, 'err', 'Ollama Cloud model requires an API key. Set OLLAMA_API_KEY or attach an Ollama credential.')
+      active.delete(session.id)
+      return Promise.resolve('')
+    }
+    // Delegate to OpenAI-compatible handler with the cloud endpoint
+    const cloudSession = { ...session, model: runtime.model || 'llama3', apiEndpoint: OLLAMA_CLOUD_OPENAI_ENDPOINT }
+    return streamOpenAiChat({ ...opts, session: cloudSession, apiKey: runtime.apiKey })
+  }
+
+  const { message, imagePath, loadHistory, onUsage, signal } = opts
   return new Promise((resolve, reject) => {
     const messages = buildMessages(session, message, imagePath, loadHistory)
-    const runtime = resolveOllamaRuntimeConfig({
-      model: session.model,
-      ollamaMode: session.ollamaMode,
-      apiKey,
-      apiEndpoint: session.apiEndpoint,
-    })
     const model = runtime.model || 'llama3'
     const endpoint = runtime.endpoint
-    if (runtime.useCloud && !runtime.apiKey) {
-      writeSSE(write, 'err', 'Ollama Cloud model requires an API key. Set OLLAMA_API_KEY or attach an Ollama credential.')
-      active.delete(session.id)
-      resolve('')
-      return
-    }
 
     const parsed = new URL(endpoint)
     const isHttps = parsed.protocol === 'https:'
@@ -81,6 +93,7 @@ export function streamOllamaChat({ session, message, imagePath, apiKey, write, a
       }
 
       let buf = ''
+      let malformedChunkLogged = false
       apiRes.on('data', (chunk: Buffer) => {
         if (abortController.aborted) return
         buf += chunk.toString()
@@ -103,7 +116,14 @@ export function streamOllamaChat({ session, message, imagePath, apiKey, write, a
                 onUsage({ inputTokens: input, outputTokens: output })
               }
             }
-          } catch {}
+          } catch {
+            if (!malformedChunkLogged) {
+              malformedChunkLogged = true
+              log.warn(TAG, `[${session.id}] failed to parse Ollama stream chunk`, {
+                sample: line.slice(0, 200),
+              })
+            }
+          }
         }
       })
 

package/src/lib/providers/openai.ts

@@ -147,6 +147,7 @@ export function streamOpenAiChat({ session, message, imagePath, imageUrl, apiKey
           const reader = res.body.getReader()
           const decoder = new TextDecoder()
           let buf = ''
+          let malformedChunkLogged = false
 
           while (true) {
             const { done, value } = await reader.read()
@@ -175,7 +176,14 @@ export function streamOpenAiChat({ session, message, imagePath, imageUrl, apiKey
                     outputTokens: parsed.usage.completion_tokens || 0,
                   })
                 }
-              } catch {}
+              } catch {
+                if (!malformedChunkLogged) {
+                  malformedChunkLogged = true
+                  log.warn(TAG, `[${session.id}] failed to parse OpenAI stream chunk`, {
+                    sample: data.slice(0, 200),
+                  })
+                }
+              }
             }
           }
 

package/src/lib/providers/openclaw.ts

@@ -9,6 +9,7 @@ import { deriveOpenClawWsUrl } from '@/lib/openclaw/openclaw-endpoint'
 import { normalizeOpenClawAgentId } from '@/lib/openclaw/openclaw-agent-id'
 import { loadAgents } from '../server/storage'
 import { getSharedDeviceToken } from '../server/openclaw/sync'
+import { DATA_DIR } from '../server/data-dir'
 import {
   resolveOpenClawGatewayAgentIdFromList,
   type OpenClawGatewayAgentSummary,
@@ -54,9 +55,8 @@ function resolveCliStateDir(): string {
 }
 
 function getSwarmClawIdentityPath(): string {
-  const dataDir = path.join(process.cwd(), 'data')
-  if (!fs.existsSync(dataDir)) fs.mkdirSync(dataDir, { recursive: true })
-  return path.join(dataDir, 'openclaw-device.json')
+  if (!fs.existsSync(DATA_DIR)) fs.mkdirSync(DATA_DIR, { recursive: true })
+  return path.join(DATA_DIR, 'openclaw-device.json')
 }
 
 function tryLoadIdentityFile(filePath: string): DeviceIdentity | null {

package/src/lib/server/agents/agent-service.ts

@@ -21,6 +21,8 @@ import { serviceFail, serviceOk } from '@/lib/server/service-result'
 import { listSessions, saveSession } from '@/lib/server/sessions/session-repository'
 import { loadUsage } from '@/lib/server/usage/usage-repository'
 import { notify } from '@/lib/server/ws-hub'
+import { log } from '@/lib/server/logger'
+import { tryAutoRegisterSwarmFeed } from '@/lib/server/agents/agent-swarm-registration'
 import type { Agent, Session } from '@/types'
 import type { ServiceResult } from '@/lib/server/service-result'
 
@@ -191,6 +193,14 @@ export function createAgent(input: {
   saveAgent(id, agent)
   logActivity({ entityType: 'agent', entityId: id, action: 'created', actor: 'user', summary: `Agent created: "${agent.name}"` })
   notify('agents')
+
+  // Auto-register on SwarmFeed when created with it enabled
+  if (agent.swarmfeedEnabled && !agent.swarmfeedApiKey) {
+    tryAutoRegisterSwarmFeed(agent).catch((err) => {
+      log.error('agent-service', `SwarmFeed auto-registration failed for "${agent.name}": ${err instanceof Error ? err.message : err}`)
+    })
+  }
+
   return agent
 }
 
@@ -315,6 +325,14 @@ export function updateAgent(agentId: string, body: Record<string, unknown>): Age
   if (Object.keys(budgetChanges).length > 0) {
     logActivity({ entityType: 'budget', entityId: agentId, action: 'configured', actor: 'user', summary: `Budget updated for agent "${updated.name}"`, detail: budgetChanges })
   }
+
+  // Auto-register on SwarmFeed/SwarmDock when enabled without existing credentials
+  if (updated.swarmfeedEnabled && !updated.swarmfeedApiKey) {
+    tryAutoRegisterSwarmFeed(updated).catch((err) => {
+      log.error('agent-service', `SwarmFeed auto-registration failed for "${updated.name}": ${err instanceof Error ? err.message : err}`)
+    })
+  }
+
   return updated
 }
 

package/src/lib/server/agents/agent-swarm-registration.ts

@@ -0,0 +1,35 @@
+import { registerAgent } from '@/lib/swarmfeed-client'
+import { patchAgent } from '@/lib/server/agents/agent-repository'
+import { log } from '@/lib/server/logger'
+import type { Agent } from '@/types'
+
+/**
+ * Auto-register an agent on SwarmFeed when enabled but missing API key.
+ * Fire-and-forget — called after agent save, patches agent with the returned credentials.
+ */
+export async function tryAutoRegisterSwarmFeed(agent: Agent): Promise<void> {
+  if (!agent.swarmfeedEnabled || agent.swarmfeedApiKey) return
+
+  log.info('swarm-registration', `Auto-registering agent "${agent.name}" on SwarmFeed`)
+  const reg = await registerAgent({
+    name: agent.name,
+    description: agent.description || agent.swarmfeedBio || `${agent.name} agent on SwarmClaw`,
+    framework: 'swarmclaw',
+    model: agent.model,
+    avatar: agent.avatarUrl || undefined,
+    bio: agent.swarmfeedBio || undefined,
+  })
+
+  patchAgent(agent.id, (current) => {
+    if (!current) return null
+    return {
+      ...current,
+      swarmfeedApiKey: reg.apiKey,
+      swarmfeedAgentId: reg.agentId,
+      swarmfeedJoinedAt: current.swarmfeedJoinedAt ?? Date.now(),
+      updatedAt: Date.now(),
+    }
+  })
+
+  log.info('swarm-registration', `Agent "${agent.name}" registered on SwarmFeed as ${reg.agentId}`)
+}

package/src/lib/server/chat-execution/chat-turn-preparation.ts

@@ -513,7 +513,7 @@ export async function prepareChatTurn(input: ExecuteChatTurnInput): Promise<Prep
   const session = getSession(sessionId)
   if (!session) throw new Error(`Session not found: ${sessionId}`)
   const runStartedAt = Date.now()
-  const runMessageStartIndex = getMessageCount(sessionId)
+  let runMessageStartIndex = getMessageCount(sessionId)
 
   const appSettings = loadSettings()
   const lifecycleRunId = runId || `${sessionId}:${runStartedAt}`
@@ -725,17 +725,10 @@ export async function prepareChatTurn(input: ExecuteChatTurnInput): Promise<Prep
     }
   }
 
-  const providerType = sessionForRun.provider || 'claude-cli'
-  const provider = getProvider(providerType)
-  if (!provider) throw new Error(`Unknown provider: ${providerType}`)
-
-  if (providerType === 'claude-cli' && !fs.existsSync(session.cwd)) {
-    throw new Error(`Directory not found: ${session.cwd}`)
-  }
-
-  const apiKey = resolveApiKeyForSession(sessionForRun, provider)
-  const hideAssistantTranscript = internal && source === 'main-loop-followup'
-
+  // Persist the user message BEFORE provider/credential resolution so that if
+  // provider resolution throws (unknown provider, missing credentials, etc.),
+  // the user message is already in the DB and won't disappear from the chat
+  // when the frontend's refreshMessages overwrites the optimistic local copy.
   const shouldPersistUserMessage = shouldPersistInboundUserMessage(internal, source)
   if (shouldPersistUserMessage) {
     const [linkAnalysis, semantics] = await Promise.all([
@@ -805,8 +798,22 @@ export async function prepareChatTurn(input: ExecuteChatTurnInput): Promise<Prep
         }
       }
     }
+    // Update runMessageStartIndex to account for newly appended user message(s)
+    // so that partial persistence and finalization don't overwrite them.
+    runMessageStartIndex = getMessageCount(sessionId)
   }
 
+  const providerType = sessionForRun.provider || 'claude-cli'
+  const provider = getProvider(providerType)
+  if (!provider) throw new Error(`Unknown provider: ${providerType}`)
+
+  if (providerType === 'claude-cli' && !fs.existsSync(session.cwd)) {
+    throw new Error(`Directory not found: ${session.cwd}`)
+  }
+
+  const apiKey = resolveApiKeyForSession(sessionForRun, provider)
+  const hideAssistantTranscript = internal && source === 'main-loop-followup'
+
   const useLocalOpenClawNativeRuntime = providerType === 'openclaw' && isLocalOpenClawEndpoint(sessionForRun.apiEndpoint)
   const enabledSessionExtensions = getEnabledCapabilityIds(sessionForRun)
   const hasExtensions = enabledSessionExtensions.length > 0

package/src/lib/server/connectors/swarmdock.ts

@@ -2,6 +2,7 @@ import { log } from '@/lib/server/logger'
 import { hmrSingleton } from '@/lib/shared-utils'
 import { logActivity } from '@/lib/server/activity/activity-log'
 import type { Connector, InboundMessage } from '@/types/connector'
+import type { Agent } from '@/types/agent'
 import type { PlatformConnector, ConnectorInstance } from '@/lib/server/connectors/types'
 import { createBoardTaskFromAssignment, updateBoardTaskFromEvent, findBoardTaskBySwarmdockId } from './swarmdock-tasks'
 import { shouldAutoBid, submitAutoBid } from './swarmdock-bidding'
@@ -19,15 +20,15 @@ interface SwarmDockConfig {
   paymentPrivateKey?: string
 }
 
-function parseConfig(connector: Connector): SwarmDockConfig {
+function parseConfig(connector: Connector, agent?: Agent): SwarmDockConfig {
   const c = connector.config || {}
   return {
-    apiUrl: c.apiUrl || 'https://api.swarmdock.ai',
+    apiUrl: c.apiUrl || 'https://swarmdock-api.onrender.com',
     walletAddress: c.walletAddress || '',
-    agentDescription: c.agentDescription || connector.name || '',
-    skills: c.skills || '',
-    autoDiscover: c.autoDiscover === 'true',
-    maxBudget: c.maxBudget || '0',
+    agentDescription: c.agentDescription || agent?.swarmdockDescription || connector.name || '',
+    skills: c.skills || (agent?.swarmdockSkills?.join(',') ?? ''),
+    autoDiscover: c.autoDiscover === 'true' || (agent?.swarmdockMarketplace?.autoDiscover ?? false),
+    maxBudget: c.maxBudget || agent?.swarmdockMarketplace?.maxBudgetUsdc || '0',
     paymentPrivateKey: c.paymentPrivateKey || undefined,
   }
 }
@@ -82,7 +83,13 @@ const taskIdMap = hmrSingleton('__swarmclaw_swarmdock_task_map__', () => new Map
 
 const swarmdock: PlatformConnector = {
   async start(connector, _botToken, onMessage): Promise<ConnectorInstance> {
-    const config = parseConfig(connector)
+    // Load agent to use agent-level fields as fallbacks for connector config
+    let agent: Agent | undefined
+    if (connector.agentId) {
+      const { loadAgent } = await import('@/lib/server/agents/agent-repository')
+      agent = (await loadAgent(connector.agentId)) ?? undefined
+    }
+    const config = parseConfig(connector, agent)
     const connectorId = connector.id
     const agentId = connector.agentId || ''
     const privateKey = _botToken || ''
@@ -138,6 +145,21 @@ const swarmdock: PlatformConnector = {
       })
       log.info(TAG, `Registered as ${registration.agent.did} (trust level ${registration.agent.trustLevel})`)
 
+      // Write SwarmDock IDs back to agent record if not already set
+      if (agent && (!agent.swarmdockAgentId || !agent.swarmdockDid)) {
+        const { patchAgent } = await import('@/lib/server/agents/agent-repository')
+        patchAgent(agent.id, (current) => {
+          if (!current) return null
+          return {
+            ...current,
+            swarmdockAgentId: registration.agent.id,
+            swarmdockDid: registration.agent.did,
+            swarmdockListedAt: current.swarmdockListedAt ?? Date.now(),
+            updatedAt: Date.now(),
+          }
+        })
+      }
+
       logActivity({
         entityType: 'connector',
         entityId: connectorId,

package/src/lib/server/messages/message-repository.ts

@@ -286,6 +286,37 @@ export function clearMessages(sessionId: string): void {
 /** Replace the entire message list (used after in-memory prune operations). */
 export function replaceAllMessages(sessionId: string, messages: Message[]): void {
   perf.measureSync('message-repo', 'replaceAllMessages', () => {
+    // Safety guard: reload current user messages from DB and ensure none are
+    // dropped by the replacement. This prevents races where partial persistence
+    // or finalization load a stale snapshot that's missing recently-appended
+    // user messages.
+    const currentRows = stmts().selectAll.all(sessionId) as Array<{ data: string }>
+    const currentUserMessages: Message[] = []
+    for (const row of currentRows) {
+      const m = parseMsg(row.data)
+      if (m && m.role === 'user') currentUserMessages.push(m)
+    }
+    const replacementUserTimes = new Set(
+      messages.filter(m => m.role === 'user' && typeof m.time === 'number').map(m => m.time),
+    )
+    const missingUsers = currentUserMessages.filter(
+      m => typeof m.time === 'number' && !replacementUserTimes.has(m.time),
+    )
+    if (missingUsers.length > 0) {
+      // Re-insert missing user messages at their correct position (before the
+      // first assistant message that follows them chronologically).
+      for (const user of missingUsers) {
+        let insertIdx = messages.length
+        for (let i = 0; i < messages.length; i++) {
+          if (messages[i].role === 'assistant' && typeof messages[i].time === 'number'
+              && (messages[i].time as number) >= (user.time as number)) {
+            insertIdx = i
+            break
+          }
+        }
+        messages.splice(insertIdx, 0, user)
+      }
+    }
     withTransaction(() => {
       stmts().deleteAll.run(sessionId)
       const ins = stmts().insert

package/src/lib/server/provider-health.ts

@@ -1,6 +1,9 @@
 import { spawnSync } from 'child_process'
 import { errorMessage, hmrSingleton, jitteredBackoff } from '@/lib/shared-utils'
 import { upsertStoredItem, loadCollection } from './storage'
+import { log } from './logger'
+
+const TAG = 'provider-health'
 
 type DelegateTool = 'delegate_to_claude_code' | 'delegate_to_codex_cli' | 'delegate_to_opencode_cli' | 'delegate_to_gemini_cli'
 
@@ -72,7 +75,12 @@ export function markProviderFailure(providerId: string, error: string, credentia
   })
   try {
     upsertStoredItem('provider_health', key, states.get(key)!)
-  } catch {}
+  } catch (err) {
+    log.warn(TAG, 'Failed to persist provider failure state', {
+      providerKey: key,
+      error: errorMessage(err),
+    })
+  }
 }
 
 export function markProviderSuccess(providerId: string, credentialId?: string | null): void {
@@ -88,7 +96,12 @@ export function markProviderSuccess(providerId: string, credentialId?: string |
   })
   try {
     upsertStoredItem('provider_health', key, states.get(key)!)
-  } catch {}
+  } catch (err) {
+    log.warn(TAG, 'Failed to persist provider success state', {
+      providerKey: key,
+      error: errorMessage(err),
+    })
+  }
 }
 
 export function isProviderCoolingDown(providerId: string, credentialId?: string | null): boolean {
@@ -195,7 +208,10 @@ export function restoreProviderHealthState(): number {
       }
     }
     return restored
-  } catch { return 0 }
+  } catch (err) {
+    log.warn(TAG, 'Failed to restore persisted provider health state', { error: errorMessage(err) })
+    return 0
+  }
 }
 
 // ---------------------------------------------------------------------------

package/src/lib/server/safe-parse-body.test.ts

@@ -1,5 +1,6 @@
 import assert from 'node:assert/strict'
 import { describe, it, before, after } from 'node:test'
+import { z } from 'zod'
 
 let safeParseBody: typeof import('@/lib/server/safe-parse-body').safeParseBody
 before(async () => {
@@ -50,4 +51,35 @@ describe('safeParseBody', () => {
     assert.equal(result.data!.name, 'test')
     assert.equal(result.data!.count, 7)
   })
+
+  it('validates the parsed body against a provided zod schema', async () => {
+    const result = await safeParseBody(
+      jsonRequest(JSON.stringify({ name: 'ok', count: 3 })),
+      z.object({
+        name: z.string().min(1),
+        count: z.number().int().nonnegative(),
+      }),
+    )
+    assert.equal(result.error, undefined)
+    assert.deepEqual(result.data, { name: 'ok', count: 3 })
+  })
+
+  it('returns a 400 validation error when schema parsing fails', async () => {
+    const result = await safeParseBody(
+      jsonRequest(JSON.stringify({ name: '', count: -1 })),
+      z.object({
+        name: z.string().min(1, 'name is required'),
+        count: z.number().int().nonnegative('count must be non-negative'),
+      }),
+    )
+    assert.equal(result.data, undefined)
+    assert.ok(result.error)
+    assert.equal(result.error.status, 400)
+    const body = await result.error.json()
+    assert.equal(body.error, 'Validation failed')
+    assert.deepEqual(body.issues, [
+      { path: 'name', message: 'name is required' },
+      { path: 'count', message: 'count must be non-negative' },
+    ])
+  })
 })