@syengup/friday-channel-next 0.1.30 → 0.1.37

package/src/http/server.ts

@@ -16,6 +16,9 @@ import { handleNodesApprove } from "./handlers/nodes-approve.js";
 import { handleSessionsSettings } from "./handlers/sessions-settings.js";
 import { handleModelsList } from "./handlers/models-list.js";
 import { handleAgentsList } from "./handlers/agents-list.js";
+import { handleAgentConfig } from "./handlers/agent-config.js";
+import { handleAgentFiles } from "./handlers/agent-files.js";
+import { handleAgentToolsCatalog } from "./handlers/agent-tools-catalog.js";
 import { handleHistorySessions } from "./handlers/history-sessions.js";
 import { handleHistoryMessages } from "./handlers/history-messages.js";
 import { handleHistorySetTitle } from "./handlers/history-set-title.js";
@@ -31,10 +34,7 @@ import { getFridayNextRuntime } from "../runtime.js";
 import { sseEmitter } from "../sse/emitter.js";
 
 /** Route matcher - returns the matched handler or null. */
-async function handleFridayNextRoute(
-  req: IncomingMessage,
-  res: ServerResponse,
-): Promise<boolean> {
+async function handleFridayNextRoute(req: IncomingMessage, res: ServerResponse): Promise<boolean> {
   const url = new URL(req.url ?? "/", "http://localhost");
   const pathname = url.pathname;
   applyCorsHeaders(res);
@@ -76,7 +76,10 @@ async function handleFridayNextRoute(
     return await handleNodesApprove(req, res);
   }
 
-  if ((req.method === "PUT" || req.method === "GET") && pathname === "/friday-next/sessions/settings") {
+  if (
+    (req.method === "PUT" || req.method === "GET") &&
+    pathname === "/friday-next/sessions/settings"
+  ) {
     return await handleSessionsSettings(req, res);
   }
 
@@ -88,6 +91,27 @@ async function handleFridayNextRoute(
     return await handleAgentsList(req, res);
   }
 
+  // Routes: GET/PUT /friday-next/agents/{id}/config
+  //         GET     /friday-next/agents/{id}/files
+  //         GET/PUT /friday-next/agents/{id}/files/{name}
+  if (pathname.startsWith("/friday-next/agents/")) {
+    const segs = pathname
+      .slice("/friday-next/agents/".length)
+      .split("/")
+      .filter(Boolean)
+      .map((s) => decodeURIComponent(s));
+    const [id, sub, name] = segs;
+    if (id && sub === "config" && segs.length === 2) {
+      return await handleAgentConfig(req, res, id);
+    }
+    if (id && sub === "files" && (segs.length === 2 || segs.length === 3)) {
+      return await handleAgentFiles(req, res, id, name);
+    }
+    if (id && sub === "tools" && name === "catalog" && segs.length === 3) {
+      return await handleAgentToolsCatalog(req, res, id);
+    }
+  }
+
   if (req.method === "GET" && pathname === "/friday-next/status") {
     return await handleStatus(req, res);
   }
@@ -103,7 +127,10 @@ async function handleFridayNextRoute(
   }
 
   // Route: PUT /friday-next/sessions/title (sync app session name → server displayName)
-  if ((req.method === "PUT" || req.method === "POST") && pathname === "/friday-next/sessions/title") {
+  if (
+    (req.method === "PUT" || req.method === "POST") &&
+    pathname === "/friday-next/sessions/title"
+  ) {
     return await handleHistorySetTitle(req, res);
   }
 

package/src/link-preview/og-parse.test.ts

@@ -5,7 +5,9 @@ const BASE = "https://example.com/article/42";
 
 describe("decodeHtmlEntities", () => {
   it("decodes named, decimal, and hex entities", () => {
-    expect(decodeHtmlEntities("Tom & Jerry — "fun"")).toBe('Tom & Jerry — "fun"');
+    expect(decodeHtmlEntities("Tom & Jerry — "fun"")).toBe(
+      'Tom & Jerry — "fun"',
+    );
     expect(decodeHtmlEntities("中文")).toBe("中文");
     expect(decodeHtmlEntities("'quoted'")).toBe("'quoted'");
   });
@@ -143,7 +145,9 @@ describe("parseOpenGraph", () => {
   it("extracts a cover image from inline JSON (extensionless, escaped slashes)", () => {
     const html = `<title>搜索资讯页</title>
       <script>window.__INFO__={"imgUrl":"http:\\/\\/qqpublic.qpic.cn\\/qq_public_cover\\/0\\/0-2342_op"}</script>`;
-    expect(parseOpenGraph(html, BASE).imageUrl).toBe("http://qqpublic.qpic.cn/qq_public_cover/0/0-2342_op");
+    expect(parseOpenGraph(html, BASE).imageUrl).toBe(
+      "http://qqpublic.qpic.cn/qq_public_cover/0/0-2342_op",
+    );
   });
 
   it("standard og tags still win over body/json fallbacks", () => {

package/src/link-preview/og-parse.ts

@@ -91,7 +91,9 @@ export function parseOpenGraph(html: string, baseUrl: string): OpenGraphResult {
   let metaDescription: string | null = null;
   for (const match of slice.matchAll(META_TAG_RE)) {
     const tag = match[0];
-    const key = (attributeValue(tag, "property") ?? attributeValue(tag, "name"))?.trim().toLowerCase();
+    const key = (attributeValue(tag, "property") ?? attributeValue(tag, "name"))
+      ?.trim()
+      .toLowerCase();
     if (!key) continue;
     const content = attributeValue(tag, "content");
     if (content == null || !content.trim()) continue;
@@ -140,10 +142,15 @@ export function parseOpenGraph(html: string, baseUrl: string): OpenGraphResult {
   };
 }
 
-const JSON_LD_RE = /<script[^>]*type\s*=\s*["']application\/ld\+json["'][^>]*>([\s\S]*?)<\/script>/gi;
+const JSON_LD_RE =
+  /<script[^>]*type\s*=\s*["']application\/ld\+json["'][^>]*>([\s\S]*?)<\/script>/gi;
 
 /** Extract title/description/image from JSON-LD blocks (schema.org Article/NewsArticle/etc.). */
-function parseJsonLd(html: string): { title: string | null; description: string | null; image: string | null } {
+function parseJsonLd(html: string): {
+  title: string | null;
+  description: string | null;
+  image: string | null;
+} {
   for (const match of html.matchAll(JSON_LD_RE)) {
     let data: unknown;
     try {

package/src/link-preview/preview-service.ts

@@ -155,7 +155,10 @@ async function buildPreview(pageUrl: string): Promise<LinkPreviewResult> {
 }
 
 /** Re-host a favicon: try the parsed `<link rel icon>`, then `<origin>/favicon.ico`. */
-async function resolveFavicon(parsedIconUrl: string | null, finalUrl: string): Promise<string | null> {
+async function resolveFavicon(
+  parsedIconUrl: string | null,
+  finalUrl: string,
+): Promise<string | null> {
   const candidates: string[] = [];
   if (parsedIconUrl) candidates.push(parsedIconUrl);
   try {

package/src/link-preview/ssrf-guard.test.ts

@@ -46,7 +46,9 @@ describe("parseHttpUrl", () => {
 describe("assertPublicHttpUrl", () => {
   it("rejects non-default ports", () => {
     expect(() => assertPublicHttpUrl(new URL("http://example.com:8080/"))).toThrow(BlockedUrlError);
-    expect(() => assertPublicHttpUrl(new URL("https://example.com:8443/"))).toThrow(BlockedUrlError);
+    expect(() => assertPublicHttpUrl(new URL("https://example.com:8443/"))).toThrow(
+      BlockedUrlError,
+    );
   });
 
   it("allows default and explicit 80/443 ports", () => {
@@ -66,7 +68,7 @@ describe("assertPublicHttpUrl", () => {
     expect(() => assertPublicHttpUrl(new URL("http://127.0.0.1/"))).toThrow(BlockedUrlError);
     expect(() => assertPublicHttpUrl(new URL("http://10.0.0.5/"))).toThrow(BlockedUrlError);
     expect(() => assertPublicHttpUrl(new URL("http://[::1]/"))).toThrow(BlockedUrlError);
-    expect(() => assertPublicHttpUrl(new URL("http://[fc00::1]/"))).toThrow(BlockedUrlError);
+    expect(() => assertPublicHttpUrl(new URL("http://[fd00::1]/"))).toThrow(BlockedUrlError);
   });
 
   it("allows public IP literals", () => {
@@ -95,7 +97,14 @@ describe("isPrivateAddress", () => {
   });
 
   it("passes public IPv4", () => {
-    for (const ip of ["8.8.8.8", "93.184.216.34", "100.63.0.1", "100.128.0.1", "172.32.0.1", "198.20.0.1"]) {
+    for (const ip of [
+      "8.8.8.8",
+      "93.184.216.34",
+      "100.63.0.1",
+      "100.128.0.1",
+      "172.32.0.1",
+      "198.20.0.1",
+    ]) {
       expect(isPrivateAddress(ip), ip).toBe(false);
     }
   });
@@ -106,11 +115,24 @@ describe("isPrivateAddress", () => {
   });
 
   it("flags private/reserved IPv6 and mapped IPv4", () => {
-    for (const ip of ["::1", "::", "fc00::1", "fd12:3456::1", "fe80::1", "::ffff:10.0.0.1", "::ffff:127.0.0.1"]) {
+    for (const ip of [
+      "::1",
+      "::",
+      "fd00::1",
+      "fd12:3456::1",
+      "fe80::1",
+      "::ffff:10.0.0.1",
+      "::ffff:127.0.0.1",
+    ]) {
       expect(isPrivateAddress(ip), ip).toBe(true);
     }
   });
 
+  it("passes fc00::/8 (fake-IP DNS v6 range used by clash/mihomo tun mode)", () => {
+    expect(isPrivateAddress("fc00::1e7")).toBe(false);
+    expect(isPrivateAddress("fc00::ffff:ffff")).toBe(false);
+  });
+
   it("passes public IPv6 and mapped public IPv4", () => {
     expect(isPrivateAddress("2606:2800:220:1:248:1893:25c8:1946")).toBe(false);
     expect(isPrivateAddress("::ffff:93.184.216.34")).toBe(false);
@@ -135,11 +157,15 @@ describe("assertResolvesPublic", () => {
       { address: "93.184.216.34", family: 4 },
       { address: "10.0.0.5", family: 4 },
     ] as never);
-    await expect(assertResolvesPublic(new URL("https://rebind.example.com/"))).rejects.toThrow(BlockedUrlError);
+    await expect(assertResolvesPublic(new URL("https://rebind.example.com/"))).rejects.toThrow(
+      BlockedUrlError,
+    );
   });
 
   it("validates IP-literal hosts without a DNS lookup", async () => {
-    await expect(assertResolvesPublic(new URL("http://127.0.0.1/"))).rejects.toThrow(BlockedUrlError);
+    await expect(assertResolvesPublic(new URL("http://127.0.0.1/"))).rejects.toThrow(
+      BlockedUrlError,
+    );
     await expect(assertResolvesPublic(new URL("http://93.184.216.34/"))).resolves.toBeUndefined();
     expect(lookupMock).not.toHaveBeenCalled();
   });
@@ -159,7 +185,13 @@ describe("fetchPublicUrl", () => {
     mockPublicDns();
     vi.stubGlobal(
       "fetch",
-      vi.fn(async () => new Response("<html>hi</html>", { status: 200, headers: { "content-type": "text/html; charset=utf-8" } })),
+      vi.fn(
+        async () =>
+          new Response("<html>hi</html>", {
+            status: 200,
+            headers: { "content-type": "text/html; charset=utf-8" },
+          }),
+      ),
     );
     const result = await fetchPublicUrl("https://example.com/page", opts);
     expect(result?.finalUrl).toBe("https://example.com/page");
@@ -171,8 +203,15 @@ describe("fetchPublicUrl", () => {
     mockPublicDns();
     const fetchMock = vi
       .fn()
-      .mockResolvedValueOnce(new Response(null, { status: 302, headers: { location: "https://other.example.com/final" } }))
-      .mockResolvedValueOnce(new Response("ok", { status: 200, headers: { "content-type": "text/html" } }));
+      .mockResolvedValueOnce(
+        new Response(null, {
+          status: 302,
+          headers: { location: "https://other.example.com/final" },
+        }),
+      )
+      .mockResolvedValueOnce(
+        new Response("ok", { status: 200, headers: { "content-type": "text/html" } }),
+      );
     vi.stubGlobal("fetch", fetchMock);
     const result = await fetchPublicUrl("https://example.com/start", opts);
     expect(result?.finalUrl).toBe("https://other.example.com/final");
@@ -184,9 +223,14 @@ describe("fetchPublicUrl", () => {
     mockPublicDns();
     vi.stubGlobal(
       "fetch",
-      vi.fn(async () => new Response(null, { status: 302, headers: { location: "http://127.0.0.1/admin" } })),
+      vi.fn(
+        async () =>
+          new Response(null, { status: 302, headers: { location: "http://127.0.0.1/admin" } }),
+      ),
+    );
+    await expect(fetchPublicUrl("https://example.com/start", opts)).rejects.toThrow(
+      BlockedUrlError,
     );
-    await expect(fetchPublicUrl("https://example.com/start", opts)).rejects.toThrow(BlockedUrlError);
   });
 
   it("throws BlockedUrlError for a directly-blocked URL", async () => {
@@ -198,7 +242,13 @@ describe("fetchPublicUrl", () => {
     const big = "x".repeat(2048);
     vi.stubGlobal(
       "fetch",
-      vi.fn(async () => new Response(big, { status: 200, headers: { "content-type": "text/html", "content-length": "10" } })),
+      vi.fn(
+        async () =>
+          new Response(big, {
+            status: 200,
+            headers: { "content-type": "text/html", "content-length": "10" },
+          }),
+      ),
     );
     expect(await fetchPublicUrl("https://example.com/big", opts)).toBeNull();
   });
@@ -207,16 +257,25 @@ describe("fetchPublicUrl", () => {
     mockPublicDns();
     vi.stubGlobal(
       "fetch",
-      vi.fn(async () => new Response("{}", { status: 200, headers: { "content-type": "application/json" } })),
+      vi.fn(
+        async () =>
+          new Response("{}", { status: 200, headers: { "content-type": "application/json" } }),
+      ),
     );
     expect(
-      await fetchPublicUrl("https://example.com/api", { ...opts, requireContentTypePrefixes: ["text/html", "application/xhtml+xml"] }),
+      await fetchPublicUrl("https://example.com/api", {
+        ...opts,
+        requireContentTypePrefixes: ["text/html", "application/xhtml+xml"],
+      }),
     ).toBeNull();
   });
 
   it("returns null on non-2xx and on DNS failure", async () => {
     mockPublicDns();
-    vi.stubGlobal("fetch", vi.fn(async () => new Response("nope", { status: 404 })));
+    vi.stubGlobal(
+      "fetch",
+      vi.fn(async () => new Response("nope", { status: 404 })),
+    );
     expect(await fetchPublicUrl("https://example.com/missing", opts)).toBeNull();
 
     lookupMock.mockRejectedValue(new Error("ENOTFOUND"));
@@ -227,7 +286,10 @@ describe("fetchPublicUrl", () => {
     mockPublicDns();
     vi.stubGlobal(
       "fetch",
-      vi.fn(async () => new Response(null, { status: 302, headers: { location: "https://example.com/loop" } })),
+      vi.fn(
+        async () =>
+          new Response(null, { status: 302, headers: { location: "https://example.com/loop" } }),
+      ),
     );
     expect(await fetchPublicUrl("https://example.com/loop", opts)).toBeNull();
   });

package/src/link-preview/ssrf-guard.ts

@@ -66,7 +66,8 @@ export function isPrivateAddress(ip: string): boolean {
 
 function isPrivateIPv4(ip: string): boolean {
   const parts = ip.split(".").map(Number);
-  if (parts.length !== 4 || parts.some((n) => !Number.isInteger(n) || n < 0 || n > 255)) return true;
+  if (parts.length !== 4 || parts.some((n) => !Number.isInteger(n) || n < 0 || n > 255))
+    return true;
   const [a, b] = parts;
   if (a === 0) return true; // 0.0.0.0/8
   if (a === 10) return true; // 10/8
@@ -90,7 +91,11 @@ function isPrivateIPv6(ip: string): boolean {
   if (mapped) return isPrivateIPv4(mapped[1]);
   if (lower === "::" || lower === "::1") return true; // unspecified / loopback
   const head = lower.split(":")[0];
-  if (head.startsWith("fc") || head.startsWith("fd")) return true; // fc00::/7 ULA
+  // fc00::/8 (the reserved, never-assigned half of ULA fc00::/7) intentionally NOT blocked:
+  // RFC 4193 requires locally-assigned ULA to set the L bit, so real LAN services live in
+  // fd00::/8, while fake-IP DNS setups (mihomo/clash tun mode with IPv6, common on gateway
+  // hosts) resolve EVERY domain into fc00::/18. Same rationale as 198.18/15 on the IPv4 side.
+  if (head.startsWith("fd")) return true; // fd00::/8 locally-assigned ULA
   if (/^fe[89ab]/.test(head)) return true; // fe80::/10 link-local
   return false;
 }

package/src/media-fetch.test.ts

@@ -21,7 +21,9 @@ describe("downloadRemoteMedia", () => {
     const bytes = new Uint8Array([0x89, 0x50, 0x4e, 0x47, 0x0d, 0x0a, 0x1a, 0x0a]);
     vi.stubGlobal(
       "fetch",
-      vi.fn(async () => new Response(bytes, { status: 200, headers: { "content-type": "image/png" } })),
+      vi.fn(
+        async () => new Response(bytes, { status: 200, headers: { "content-type": "image/png" } }),
+      ),
     );
 
     const result = await downloadRemoteMedia("https://picsum.photos/600/400");
@@ -48,7 +50,10 @@ describe("downloadRemoteMedia", () => {
   });
 
   it("returns null on a non-2xx response", async () => {
-    vi.stubGlobal("fetch", vi.fn(async () => new Response("nope", { status: 404 })));
+    vi.stubGlobal(
+      "fetch",
+      vi.fn(async () => new Response("nope", { status: 404 })),
+    );
     expect(await downloadRemoteMedia("https://example.com/missing.png")).toBeNull();
   });
 
@@ -59,7 +64,7 @@ describe("downloadRemoteMedia", () => {
         async () =>
           new Response(new Uint8Array([1, 2, 3]), {
             status: 200,
-            headers: { "content-type": "image/png", "content-length": String(64 * 1024 * 1024) },
+            headers: { "content-type": "image/png", "content-length": String(128 * 1024 * 1024) },
           }),
       ),
     );

package/src/media-fetch.ts

@@ -10,7 +10,10 @@ import { guessMimeType } from "./http/handlers/files.js";
  * download story uniform (always talks to the trusted gateway host with a bearer token).
  */
 
-const MAX_REMOTE_MEDIA_BYTES = 25 * 1024 * 1024; // 25MB
+// Aligns with openclaw's own remote-media ceiling (DEFAULT_FETCH_MEDIA_MAX_BYTES =
+// MAX_DOCUMENT_BYTES = 100MB). The real per-kind limit is enforced downstream by
+// saveMediaBuffer (via resolveMediaMaxBytes); this is just the download ceiling.
+const MAX_REMOTE_MEDIA_BYTES = 100 * 1024 * 1024; // 100MB
 const REMOTE_MEDIA_TIMEOUT_MS = 20_000;
 
 export function isHttpUrl(value: string): boolean {
@@ -50,8 +53,7 @@ export function decodeBase64Media(
   }
   if (!buffer.length) return null;
 
-  const mimeType =
-    mimeHint?.trim().toLowerCase() || dataUrlMime || "application/octet-stream";
+  const mimeType = mimeHint?.trim().toLowerCase() || dataUrlMime || "application/octet-stream";
   return { buffer, mimeType };
 }
 

package/src/openclaw.d.ts

@@ -1,11 +1,26 @@
 declare module "openclaw/plugin-sdk/agent-harness" {
-  export const abortAgentHarnessRun: (runId: string) => void;
+  /** Abort the active embedded run keyed by its internal `sessionId` (NOT the channel runId). */
+  export const abortAgentHarnessRun: (sessionId: string) => boolean;
+  /** Abort the active embedded run and wait for it to actually settle. */
+  export const abortAndDrainAgentHarnessRun: (params: {
+    sessionId: string;
+    sessionKey?: string;
+    settleMs?: number;
+    forceClear?: boolean;
+    reason?: string;
+  }) => Promise<{ aborted: boolean; drained: boolean; forceCleared: boolean }>;
+  /** Map a channel sessionKey → the active embedded run's internal sessionId. */
+  export const resolveActiveEmbeddedRunSessionId: (sessionKey: string) => string | undefined;
   export const runAgentHarness: (...args: any[]) => any;
 }
 
 declare module "openclaw/plugin-sdk/device-bootstrap" {
   export const listDevicePairing: (baseDir?: string) => Promise<DevicePairingList>;
-  export const approveDevicePairing: (requestId: string, options?: { callerScopes?: readonly string[] }, baseDir?: string) => Promise<ApproveDevicePairingResult>;
+  export const approveDevicePairing: (
+    requestId: string,
+    options?: { callerScopes?: readonly string[] },
+    baseDir?: string,
+  ) => Promise<ApproveDevicePairingResult>;
 
   interface DevicePairingPendingRequest {
     requestId: string;
@@ -23,14 +38,17 @@ declare module "openclaw/plugin-sdk/device-bootstrap" {
     pending: DevicePairingPendingRequest[];
     paired: PairedDevice[];
   }
-  type ApproveDevicePairingResult = {
-    status: "approved";
-    requestId: string;
-    device: PairedDevice;
-  } | {
-    status: "forbidden";
-    reason: string;
-  } | null;
+  type ApproveDevicePairingResult =
+    | {
+        status: "approved";
+        requestId: string;
+        device: PairedDevice;
+      }
+    | {
+        status: "forbidden";
+        reason: string;
+      }
+    | null;
 }
 
 declare module "openclaw/plugin-sdk/core" {
@@ -43,6 +61,19 @@ declare module "openclaw/plugin-sdk/media-store" {
   export const saveMediaBuffer: (...args: any[]) => any;
 }
 
+declare module "openclaw/plugin-sdk/channel-lifecycle" {
+  export const waitUntilAbort: (
+    signal?: AbortSignal,
+    onAbort?: () => void | Promise<void>,
+  ) => Promise<void>;
+}
+
+declare module "openclaw/plugin-sdk/media-runtime" {
+  export type MediaKind = "image" | "audio" | "video" | "document";
+  export const mediaKindFromMime: (mime?: string | null) => MediaKind | undefined;
+  export const maxBytesForKind: (kind: MediaKind) => number;
+}
+
 declare module "openclaw/plugin-sdk/plugin-entry" {
   export type OpenClawPluginApi = any;
 }

package/src/plugin-install-info.ts

@@ -7,7 +7,14 @@ import { getUpgradeRuntime } from "./upgrade-runtime.js";
 import { PLUGIN_ID, PLUGIN_PACKAGE_NAME } from "./version.js";
 
 /** Install source from the OpenClaw config `plugins.installs[<id>].source`. */
-export type InstallSource = "npm" | "path" | "archive" | "clawhub" | "git" | "marketplace" | "unknown";
+export type InstallSource =
+  | "npm"
+  | "path"
+  | "archive"
+  | "clawhub"
+  | "git"
+  | "marketplace"
+  | "unknown";
 
 /**
  * Infer the install source from the loaded plugin's filesystem path (`api.source`).
@@ -20,7 +27,9 @@ export type InstallSource = "npm" | "path" | "archive" | "clawhub" | "git" | "ma
  * dev-no-duplicate-plugin-install), so anything under the managed projects dir
  * is treated as "npm".
  */
-export function classifyInstallSourceFromLoadedPath(loadedPath: string | null | undefined): InstallSource {
+export function classifyInstallSourceFromLoadedPath(
+  loadedPath: string | null | undefined,
+): InstallSource {
   if (!loadedPath) return "unknown";
   return loadedPath.includes("/.openclaw/npm/projects/") ? "npm" : "path";
 }
@@ -42,9 +51,11 @@ export function getInstallSource(): InstallSource {
   const rt = getUpgradeRuntime();
   if (!rt) return "unknown";
   try {
-    const cfg = rt.currentConfig() as {
-      plugins?: { installs?: Record<string, { source?: string } | undefined> };
-    } | undefined;
+    const cfg = rt.currentConfig() as
+      | {
+          plugins?: { installs?: Record<string, { source?: string } | undefined> };
+        }
+      | undefined;
     const source = cfg?.plugins?.installs?.[PLUGIN_ID]?.source;
     if (
       source === "npm" ||
@@ -94,10 +105,10 @@ export async function fetchLatestVersion(nowMs: number): Promise<string | null>
     const controller = new AbortController();
     const timer = setTimeout(() => controller.abort(), 5000);
     try {
-      const res = await fetch(
-        `https://registry.npmjs.org/${PLUGIN_PACKAGE_NAME}/latest`,
-        { signal: controller.signal, headers: { Accept: "application/json" } },
-      );
+      const res = await fetch(`https://registry.npmjs.org/${PLUGIN_PACKAGE_NAME}/latest`, {
+        signal: controller.signal,
+        headers: { Accept: "application/json" },
+      });
       if (res.ok) {
         const body = (await res.json()) as { version?: string };
         if (typeof body.version === "string" && body.version) version = body.version;

package/src/run-metadata.ts

@@ -173,7 +173,8 @@ export function ingestAgentEventMetadata(runId: string, data: Record<string, unk
   const cacheRead = pickCacheRead(usageForTokens);
   if (typeof cacheRead === "number" && cacheRead >= 0) next.cacheReadTokens = Math.floor(cacheRead);
   const cacheWrite = pickCacheWrite(usageForTokens);
-  if (typeof cacheWrite === "number" && cacheWrite >= 0) next.cacheWriteTokens = Math.floor(cacheWrite);
+  if (typeof cacheWrite === "number" && cacheWrite >= 0)
+    next.cacheWriteTokens = Math.floor(cacheWrite);
 
   const usageForContext = usage ?? data;
   const ctxUsed = contextTokensFromUsageRecord(usageForContext);

package/src/session/session-manager.ts

@@ -162,7 +162,11 @@ export function setSessionSettings(
     upsertSessionEntry(data, fileKey, sessionKey);
 
     const fieldKeys: (keyof FridaySessionSettingsUpdate)[] = [
-      "reasoningLevel", "thinkingLevel", "modelRef", "providerOverride", "modelOverride",
+      "reasoningLevel",
+      "thinkingLevel",
+      "modelRef",
+      "providerOverride",
+      "modelOverride",
     ];
     let updated = false;
     for (const key of fieldKeys) {
@@ -193,22 +197,21 @@ export function setSessionSettings(
 }
 
 function readSettingsFromEntry(entry: Record<string, unknown>): FridaySessionSettings {
-  const provider = typeof entry["providerOverride"] === "string" ? entry["providerOverride"] : undefined;
+  const provider =
+    typeof entry["providerOverride"] === "string" ? entry["providerOverride"] : undefined;
   const model = typeof entry["modelOverride"] === "string" ? entry["modelOverride"] : undefined;
   const storedModelRef = typeof entry["modelRef"] === "string" ? entry["modelRef"] : undefined;
   const modelRef = storedModelRef ?? (provider && model ? `${provider}/${model}` : undefined);
 
   return {
-    reasoningLevel: typeof entry["reasoningLevel"] === "string" ? entry["reasoningLevel"] : undefined,
+    reasoningLevel:
+      typeof entry["reasoningLevel"] === "string" ? entry["reasoningLevel"] : undefined,
     thinkingLevel: typeof entry["thinkingLevel"] === "string" ? entry["thinkingLevel"] : undefined,
     modelRef,
   };
 }
 
-export function getSessionSettings(
-  sessionKey: string,
-  historyDir?: string,
-): FridaySessionSettings {
+export function getSessionSettings(sessionKey: string, historyDir?: string): FridaySessionSettings {
   try {
     const fileKey = toSessionStoreKey(sessionKey);
     const sessionsFile = resolveSessionsFilePath(historyDir, agentIdFromSessionKey(fileKey));
@@ -243,7 +246,10 @@ export function resolveAgentDefaults(sessionKey: string): { model?: string; thin
     const targetAgentId = agentIdFromSessionKey(sessionKey);
 
     const agentEntry = (agents?.list as Array<Record<string, unknown>> | undefined)?.find(
-      (a) => agentIdFromSessionKey(`agent:${String(a?.id ?? "")}:x`) === targetAgentId,
+      (a) =>
+        agentIdFromSessionKey(
+          `agent:${typeof a?.id === "string" ? a.id : typeof a?.id === "number" ? String(a.id) : ""}:x`,
+        ) === targetAgentId,
     );
     const agentModel = agentEntry?.model;
     const perAgentModel =
@@ -253,13 +259,15 @@ export function resolveAgentDefaults(sessionKey: string): { model?: string; thin
           ? ((agentModel as Record<string, unknown>).primary as string)
           : undefined;
     const perAgentThinking =
-      typeof agentEntry?.thinkingDefault === "string" ? (agentEntry.thinkingDefault as string) : undefined;
+      typeof agentEntry?.thinkingDefault === "string" ? agentEntry.thinkingDefault : undefined;
 
     const agentDefaults = agents?.defaults as Record<string, unknown> | undefined;
     const model = agentDefaults?.model as Record<string, unknown> | undefined;
-    const globalModel = typeof model?.primary === "string" ? (model.primary as string) : undefined;
+    const globalModel = typeof model?.primary === "string" ? model.primary : undefined;
     const globalThinking =
-      typeof agentDefaults?.thinkingDefault === "string" ? (agentDefaults.thinkingDefault as string) : undefined;
+      typeof agentDefaults?.thinkingDefault === "string"
+        ? agentDefaults.thinkingDefault
+        : undefined;
 
     return { model: perAgentModel ?? globalModel, thinking: perAgentThinking ?? globalThinking };
   } catch {

package/src/session-usage-snapshot.ts

@@ -33,7 +33,9 @@ function finiteCost(n: unknown): number | undefined {
 }
 
 /** Build a compact snapshot from a loaded session store entry (unknown shape). */
-export function buildSessionUsageSnapshot(entry: Record<string, unknown>): FridaySessionUsagePayload | undefined {
+export function buildSessionUsageSnapshot(
+  entry: Record<string, unknown>,
+): FridaySessionUsagePayload | undefined {
   const payload: FridaySessionUsagePayload = {};
 
   const modelId = typeof entry.model === "string" ? entry.model.trim() : "";

package/src/session-usage-store.ts

@@ -28,7 +28,9 @@ export function readSessionUsageSnapshotFromStore(
     const cfg = access.getConfig() as { session?: { store?: string } } | null | undefined;
     const storeConfig = cfg?.session?.store;
     const canonical = toSessionStoreKey(sessionKeyForStore);
-    const storePath = access.resolveStorePath(storeConfig, { agentId: agentIdFromSessionKey(canonical) });
+    const storePath = access.resolveStorePath(storeConfig, {
+      agentId: agentIdFromSessionKey(canonical),
+    });
     const store = access.loadSessionStore(storePath, { skipCache: true }) as Record<
       string,
       Record<string, unknown>