@syengup/friday-channel-next 0.1.30 → 0.1.37

package/dist/src/http/handlers/files.js

@@ -53,6 +53,57 @@ function registerStoredFile(file) {
 function resolveStoredFile(key) {
     return fileIndex.get(key) ?? fileTokenIndex.get(key);
 }
+/** Clear the in-memory file index. Test-only: simulates a gateway restart. */
+export function clearFileIndexForTest() {
+    fileIndex.clear();
+    fileTokenIndex.clear();
+    externalFileSourceIndex.clear();
+}
+const META_SIDECAR_SUFFIX = ".fnmeta";
+function metaSidecarPath(urlToken) {
+    return path.join(getAttachmentsDir(), `${urlToken}${META_SIDECAR_SUFFIX}`);
+}
+function writeAttachmentMetaSidecar(urlToken, filename, mimeType) {
+    try {
+        fs.writeFileSync(metaSidecarPath(urlToken), JSON.stringify({ filename, mimeType }));
+    }
+    catch (err) {
+        logger.warn(`writeAttachmentMetaSidecar failed for "${urlToken}": ${String(err)}`);
+    }
+}
+/**
+ * Remember the original upload filename for an inbound media file.
+ *
+ * When a user sends an attachment, core's media-store copies it to
+ * `~/.openclaw/media/inbound/<uuid>` — a bare uuid with no extension and no original
+ * name — and the transcript records THAT path. So on history rebuild the original name
+ * is unrecoverable. We stash it here (keyed by the inbound basename, reusing the sidecar
+ * scheme but inside our own attachments dir) at send time, while we still know it.
+ */
+export function rememberInboundMediaName(inboundPath, filename, mimeType) {
+    const key = path.basename(inboundPath);
+    const name = filename.trim();
+    if (!key || !name)
+        return;
+    writeAttachmentMetaSidecar(key, name, mimeType);
+}
+function readAttachmentMetaSidecar(urlToken) {
+    try {
+        const raw = fs.readFileSync(metaSidecarPath(urlToken), "utf8");
+        const parsed = JSON.parse(raw);
+        if (parsed && typeof parsed.filename === "string" && parsed.filename) {
+            return {
+                filename: parsed.filename,
+                mimeType: typeof parsed.mimeType === "string" ? parsed.mimeType : "",
+            };
+        }
+    }
+    catch {
+        // Missing or malformed sidecar (e.g. attachment stored before this fix) — caller
+        // falls back to the on-disk basename.
+    }
+    return null;
+}
 /**
  * Read a file from `attachments/` by URL path token (disk basename).
  * Used when the in-memory index was cleared after a gateway restart.
@@ -61,13 +112,21 @@ export function readAttachmentFileFromDisk(fileToken) {
     const safe = path.basename(fileToken);
     if (!safe || safe === "." || safe === "..")
         return null;
+    if (safe.endsWith(META_SIDECAR_SUFFIX))
+        return null;
     const dir = getAttachmentsDir();
     const full = path.join(dir, safe);
     if (!fs.existsSync(full) || !fs.statSync(full).isFile())
         return null;
     try {
         const buffer = fs.readFileSync(full);
-        return { buffer, mimeType: guessMimeType(safe), filename: safe };
+        const meta = readAttachmentMetaSidecar(safe);
+        return {
+            buffer,
+            mimeType: meta?.mimeType || guessMimeType(safe),
+            filename: meta?.filename || safe,
+            diskName: safe,
+        };
     }
     catch {
         return null;
@@ -97,16 +156,19 @@ export function normalizeAgentMediaPath(raw) {
     }
     return s;
 }
-function copyLocalFileToAttachments(sourcePath) {
+function copyLocalFileToAttachments(sourcePath, originalFilename) {
     const resolvedPath = normalizeAgentMediaPath(sourcePath);
-    const filename = path.basename(resolvedPath);
+    const diskBasename = path.basename(resolvedPath);
+    // Prefer the caller-supplied original name (recovered from an inbound sidecar); fall
+    // back to the on-disk basename (which for core inbound media is a bare uuid).
+    const filename = originalFilename?.trim() || diskBasename;
     if (!filename)
         return null;
     try {
         if (!fs.existsSync(resolvedPath) || !fs.statSync(resolvedPath).isFile())
             return null;
         const id = crypto.randomUUID();
-        const ext = path.extname(filename);
+        const ext = path.extname(filename) || path.extname(diskBasename);
         const urlToken = ext ? `${id}${ext}` : id;
         const storedPath = path.join(getAttachmentsDir(), urlToken);
         try {
@@ -131,6 +193,7 @@ function copyLocalFileToAttachments(sourcePath) {
             createdAt: Date.now(),
         };
         registerStoredFile(file);
+        writeAttachmentMetaSidecar(urlToken, filename, mimeType);
         return file;
     }
     catch (err) {
@@ -151,7 +214,7 @@ export function storeFile(buffer, filename, mimeType) {
         fs.writeFileSync(storedPath, buffer);
     }
     catch (err) {
-        throw new Error(`Failed to store file: ${String(err)}`);
+        throw new Error(`Failed to store file: ${String(err)}`, { cause: err });
     }
     const file = {
         id,
@@ -163,6 +226,7 @@ export function storeFile(buffer, filename, mimeType) {
         createdAt: Date.now(),
     };
     registerStoredFile(file);
+    writeAttachmentMetaSidecar(urlToken, safeFilename, mimeType);
     return file;
 }
 /**
@@ -196,7 +260,7 @@ export function fridayFilesPublicUrl(ref) {
     }
     const disk = readAttachmentFileFromDisk(lookupKey);
     if (disk) {
-        return `/friday-next/files/${encodeURIComponent(disk.filename)}`;
+        return `/friday-next/files/${encodeURIComponent(disk.diskName)}`;
     }
     const trimmed = ref.trim();
     if (trimmed.startsWith("/friday-next/files/")) {
@@ -215,10 +279,10 @@ export function readFile(id) {
     if (!file)
         return { buffer: null, mimeType: "application/octet-stream" };
     try {
-        return { buffer: fs.readFileSync(file.path), mimeType: file.mimeType };
+        return { buffer: fs.readFileSync(file.path), mimeType: file.mimeType, filename: file.filename };
     }
     catch {
-        return { buffer: null, mimeType: file.mimeType };
+        return { buffer: null, mimeType: file.mimeType, filename: file.filename };
     }
 }
 /**
@@ -262,19 +326,23 @@ export function resolveMediaAttachment(localPath) {
         const fallback = path.basename(token);
         return { fileName: fallback, url: localPath };
     }
-    const filename = path.basename(localPath);
-    if (!filename)
+    const basename = path.basename(localPath);
+    if (!basename)
         return null;
-    const stored = copyLocalFileToAttachments(localPath);
+    // Core inbound media is stored as a bare uuid (no name/extension). Recover the original
+    // upload name we stashed at send time, keyed by that uuid basename.
+    const remembered = readAttachmentMetaSidecar(basename)?.filename;
+    const originalName = remembered || basename;
+    const stored = copyLocalFileToAttachments(localPath, originalName);
     if (!stored) {
         // Best-effort fallback: still return a Friday URL so app can receive attachment event.
         // Download handler will try reading external source path lazily by token.
         const id = crypto.randomUUID();
-        const ext = path.extname(filename);
+        const ext = path.extname(originalName);
         const token = ext ? `${id}${ext}` : id;
         externalFileSourceIndex.set(token, normalizeAgentMediaPath(localPath));
         return {
-            fileName: filename,
+            fileName: originalName,
             url: `/friday-next/files/${encodeURIComponent(token)}`,
         };
     }

package/dist/src/http/handlers/health.js

@@ -43,7 +43,10 @@ export async function handleHealth(req, res) {
     if (nodeDeviceId) {
         result.nodePairing = await checkNodePairing(nodeDeviceId, selfHeal, result, log);
     }
-    result.ok = !result.nodePairing || (result.nodePairing.status === "ok" || result.nodePairing.status === "pending");
+    result.ok =
+        !result.nodePairing ||
+            result.nodePairing.status === "ok" ||
+            result.nodePairing.status === "pending";
     res.statusCode = 200;
     res.setHeader("Content-Type", "application/json");
     res.end(JSON.stringify(result));
@@ -108,9 +111,16 @@ async function checkNodePairing(nodeDeviceId, selfHeal, result, log) {
     const pendingMatch = pendingNodes.find((entry) => entry.nodeId?.trim().toUpperCase() === normalizedNodeId);
     if (pendingMatch && selfHeal) {
         try {
-            const callerScopes = ["operator.admin", "operator.pairing", "operator.read", "operator.write"];
+            const callerScopes = [
+                "operator.admin",
+                "operator.pairing",
+                "operator.read",
+                "operator.write",
+            ];
             const approved = await approveNodePairing(pendingMatch.requestId, { callerScopes });
-            const succeeded = approved != null && !("status" in approved && approved.status === "forbidden") && "requestId" in approved;
+            const succeeded = approved != null &&
+                !("status" in approved && approved.status === "forbidden") &&
+                "requestId" in approved;
             (result.repairActions ??= []).push({
                 component: "nodePairing",
                 action: "approveNodePairing",
@@ -142,5 +152,9 @@ async function checkNodePairing(nodeDeviceId, selfHeal, result, log) {
     if (pendingMatch) {
         return { status: "pending", detail: "Node is pending approval", nodePaired: false };
     }
-    return { status: "not_found", detail: `Node ${normalizedNodeId} not registered`, nodePaired: false };
+    return {
+        status: "not_found",
+        detail: `Node ${normalizedNodeId} not registered`,
+        nodePaired: false,
+    };
 }

package/dist/src/http/handlers/history-messages.js

@@ -13,7 +13,7 @@ import { fileURLToPath } from "node:url";
 import { getFridayNextRuntime } from "../../runtime.js";
 import { extractBearerToken } from "../middleware/auth.js";
 import { normalizeHistoryMessages } from "../../history/normalize-message.js";
-import { readSessionTranscriptRawMessages, resolveSessionId } from "../../history/read-transcript.js";
+import { readSessionTranscriptRawMessages, resolveSessionId, } from "../../history/read-transcript.js";
 import { resolveMediaAttachment } from "./files.js";
 import { readSessionUsageSnapshotFromStore } from "../../session-usage-store.js";
 const DEFAULT_LIMIT = 200;

package/dist/src/http/handlers/history-sessions.js

@@ -126,12 +126,14 @@ function readAgentSessions(agentId) {
             sessionKey: canonicalKey,
             agentId,
             ...(readString(entry.sessionId) ? { sessionId: readString(entry.sessionId) } : {}),
-            ...(readNumber(entry.updatedAt) !== undefined ? { updatedAt: readNumber(entry.updatedAt) } : {}),
-            ...(readString(entry.model) ?? readString(entry.modelOverride)
+            ...(readNumber(entry.updatedAt) !== undefined
+                ? { updatedAt: readNumber(entry.updatedAt) }
+                : {}),
+            ...((readString(entry.model) ?? readString(entry.modelOverride))
                 ? { model: readString(entry.model) ?? readString(entry.modelOverride) }
                 : {}),
             // Server-side session display name (matches OpenClaw's resolution order).
-            ...(readString(entry.displayName) ?? readString(entry.label)
+            ...((readString(entry.displayName) ?? readString(entry.label))
                 ? { title: readString(entry.displayName) ?? readString(entry.label) }
                 : {}),
         });

package/dist/src/http/handlers/messages.js

@@ -19,7 +19,7 @@ import { extractBearerToken } from "../middleware/auth.js";
 import { readJsonBody } from "../middleware/body.js";
 import { registerFridaySessionDeviceMapping } from "../../friday-session.js";
 import { touchFridayInbound } from "../../friday-inbound-stats.js";
-import { fridayAttachmentLookupKey, fridayFilesPublicUrl, readFile, resolveMediaAttachment, resolveMediaUrl, } from "./files.js";
+import { fridayAttachmentLookupKey, fridayFilesPublicUrl, readFile, rememberInboundMediaName, resolveMediaAttachment, resolveMediaUrl, } from "./files.js";
 import { runFridayDispatch } from "../../agent/dispatch-bridge.js";
 import { saveInboundMediaBuffer } from "../../agent/media-bridge.js";
 import { contextTokensFromUsageRecord, getRunMetadata, getRunRoute, hasRunFinalDelivered, markRunFinalDelivered, registerRunRoute, setRunMetadata, } from "../../run-metadata.js";
@@ -148,7 +148,9 @@ export function translateDeliverPayload(pl, kind, meta) {
     if (typeof meta?.modelName === "string" && meta.modelName.trim()) {
         nextFridayNext.modelName = meta.modelName.trim();
     }
-    if (typeof meta?.totalTokens === "number" && Number.isFinite(meta.totalTokens) && meta.totalTokens > 0) {
+    if (typeof meta?.totalTokens === "number" &&
+        Number.isFinite(meta.totalTokens) &&
+        meta.totalTokens > 0) {
         nextFridayNext.totalTokens = Math.floor(meta.totalTokens);
     }
     if (typeof meta?.contextTokensUsed === "number" &&
@@ -221,10 +223,16 @@ function pickMetadataFromMessageLike(message) {
         ? usage.totalTokens
         : undefined) ??
         (typeof usage?.total === "number" && Number.isFinite(usage.total) ? usage.total : undefined) ??
-        (typeof usage?.total_tokens === "number" && Number.isFinite(usage.total_tokens) ? usage.total_tokens : undefined);
-    const totalFromMessage = (typeof m.totalTokens === "number" && Number.isFinite(m.totalTokens) ? m.totalTokens : undefined) ??
-        (typeof m.total_tokens === "number" && Number.isFinite(m.total_tokens) ? m.total_tokens : undefined);
-    const totalTokens = Math.floor((totalFromUsage ?? totalFromMessage ?? 0));
+        (typeof usage?.total_tokens === "number" && Number.isFinite(usage.total_tokens)
+            ? usage.total_tokens
+            : undefined);
+    const totalFromMessage = (typeof m.totalTokens === "number" && Number.isFinite(m.totalTokens)
+        ? m.totalTokens
+        : undefined) ??
+        (typeof m.total_tokens === "number" && Number.isFinite(m.total_tokens)
+            ? m.total_tokens
+            : undefined);
+    const totalTokens = Math.floor(totalFromUsage ?? totalFromMessage ?? 0);
     let contextTokensUsed;
     if (usage) {
         const ctx = contextTokensFromUsageRecord(usage);
@@ -232,8 +240,12 @@ function pickMetadataFromMessageLike(message) {
             contextTokensUsed = ctx;
         }
     }
-    const ctxMaxRaw = (typeof m.contextWindow === "number" && Number.isFinite(m.contextWindow) ? m.contextWindow : undefined) ??
-        (typeof m.maxContextTokens === "number" && Number.isFinite(m.maxContextTokens) ? m.maxContextTokens : undefined);
+    const ctxMaxRaw = (typeof m.contextWindow === "number" && Number.isFinite(m.contextWindow)
+        ? m.contextWindow
+        : undefined) ??
+        (typeof m.maxContextTokens === "number" && Number.isFinite(m.maxContextTokens)
+            ? m.maxContextTokens
+            : undefined);
     const contextWindowMax = typeof ctxMaxRaw === "number" && ctxMaxRaw > 0 ? Math.floor(ctxMaxRaw) : undefined;
     if (!modelName && !(totalTokens > 0) && !contextTokensUsed && !contextWindowMax)
         return null;
@@ -277,11 +289,16 @@ async function buildBodyForAgentWithAttachments(text, attachmentIds) {
         return text.trim();
     const mediaRefs = [];
     for (const id of attachmentIds) {
-        const { buffer, mimeType } = readFile(fridayAttachmentLookupKey(id));
+        const { buffer, mimeType, filename } = readFile(fridayAttachmentLookupKey(id));
         if (!buffer)
             continue;
-        const saved = await saveInboundMediaBuffer(buffer, mimeType);
+        const saved = await saveInboundMediaBuffer(buffer, mimeType, filename);
         if (saved.id && saved.path) {
+            // Core's media-store renames inbound files to a bare uuid (no name/extension) and
+            // the transcript records that path — stash the original name now so history rebuild
+            // can restore it instead of surfacing the uuid.
+            if (filename)
+                rememberInboundMediaName(saved.path, filename, mimeType);
             mediaRefs.push(`[media attached: file://${saved.path}]`);
         }
     }
@@ -402,7 +419,8 @@ export async function handleMessages(req, res) {
                 dispatcherOptions: {
                     deliver: async (pl, info) => {
                         let meta = getRunMetadata(runId);
-                        if (info.kind.toLowerCase() === "final" && !(meta?.modelName || typeof meta?.totalTokens === "number")) {
+                        if (info.kind.toLowerCase() === "final" &&
+                            !(meta?.modelName || typeof meta?.totalTokens === "number")) {
                             const resolved = await resolveRunMetadataFromRuntimeSession(runtime, baseSessionKey);
                             if (resolved) {
                                 setRunMetadata(runId, resolved);
@@ -457,9 +475,10 @@ export async function handleMessages(req, res) {
                     // OpenClaw `pi-embedded-subscribe` gates `streamReasoning` on `typeof onReasoningStream === "function"`.
                     // Without this, `emitReasoningStream` never runs and Friday SSE never sees `stream: "thinking"`.
                     onReasoningStream: async (pl) => {
-                        const text = typeof pl === "object" && pl !== null && "text" in pl
-                            ? String(pl.text ?? "")
-                            : "";
+                        const rawText = typeof pl === "object" && pl !== null && "text" in pl
+                            ? pl.text
+                            : undefined;
+                        const text = typeof rawText === "string" ? rawText : "";
                         log("REASONING_STREAM", normalizedDeviceId, runId, `textLen=${text.length}`);
                     },
                     onReasoningEnd: async () => {

package/dist/src/http/handlers/models-list.d.ts

@@ -1,4 +1,5 @@
 import type { IncomingMessage, ServerResponse } from "node:http";
+import { type ThinkingLevelOption } from "../../thinking-levels.js";
 export interface FridayModelEntry {
     id: string;
     name?: string;
@@ -6,5 +7,9 @@ export interface FridayModelEntry {
     reasoning?: boolean;
     contextWindow?: number;
     maxTokens?: number;
+    /** Thinking levels this model supports (varies per model). Omitted when only the base set applies. */
+    thinkingLevels?: ThinkingLevelOption[];
+    /** Provider/model default thinking level, when the gateway reports one. */
+    thinkingDefault?: string;
 }
 export declare function handleModelsList(req: IncomingMessage, res: ServerResponse): Promise<boolean>;

package/dist/src/http/handlers/models-list.js

@@ -1,5 +1,6 @@
 import { getFridayAgentForwardRuntime } from "../../agent-forward-runtime.js";
 import { splitModelRef } from "../../session/session-manager.js";
+import { resolveModelThinking } from "../../thinking-levels.js";
 import { extractBearerToken } from "../middleware/auth.js";
 function resolveConfiguredModels() {
     const rt = getFridayAgentForwardRuntime();
@@ -21,7 +22,7 @@ function resolveConfiguredModels() {
             seen.add(modelKey);
             entries.push({
                 id: modelKey,
-                name: typeof info?.alias === "string" ? info.alias : meta?.name ?? split.modelId,
+                name: typeof info?.alias === "string" ? info.alias : (meta?.name ?? split.modelId),
                 provider: split.provider,
                 reasoning: meta?.reasoning,
                 contextWindow: meta?.contextWindow,
@@ -65,6 +66,13 @@ function resolveConfiguredModels() {
             maxTokens: meta?.maxTokens,
         });
     }
+    for (const entry of entries) {
+        const split = splitModelRef(entry.id);
+        const thinking = resolveModelThinking(entry.provider || split.provider, split.modelId);
+        entry.thinkingLevels = thinking.levels;
+        if (thinking.default)
+            entry.thinkingDefault = thinking.default;
+    }
     return { models: entries, defaultModel };
 }
 function buildProviderModelMeta(cfg) {

package/dist/src/http/handlers/nodes-approve.js

@@ -58,12 +58,7 @@ export async function handleNodesApprove(req, res) {
     if (pendingMatch) {
         const requestId = pendingMatch.requestId;
         log.info(`approving nodeId=${normalizedNodeId} requestId=${requestId}`);
-        const callerScopes = [
-            "operator.admin",
-            "operator.pairing",
-            "operator.read",
-            "operator.write",
-        ];
+        const callerScopes = ["operator.admin", "operator.pairing", "operator.read", "operator.write"];
         let approved;
         try {
             approved = await approveNodePairing(requestId, { callerScopes });

package/dist/src/http/handlers/plugin-info.js

@@ -1,6 +1,6 @@
 import { extractBearerToken } from "../middleware/auth.js";
 import { PLUGIN_VERSION } from "../../version.js";
-import { fetchLatestVersion, getInstallSource, semverGreater, } from "../../plugin-install-info.js";
+import { fetchLatestVersion, getInstallSource, semverGreater } from "../../plugin-install-info.js";
 export async function handlePluginInfo(req, res) {
     if (req.method !== "GET") {
         res.statusCode = 405;

package/dist/src/http/handlers/sessions-settings.js

@@ -1,8 +1,8 @@
 import { setSessionSettings, getSessionSettings, splitModelRef, resolveAgentDefaults, } from "../../session/session-manager.js";
 import { readJsonBody } from "../middleware/body.js";
 import { extractBearerToken } from "../middleware/auth.js";
+import { resolveModelThinkingForRef } from "../../thinking-levels.js";
 const VALID_REASONING = new Set(["on", "off", "stream"]);
-const VALID_THINKING = new Set(["off", "minimal", "low", "medium", "high"]);
 export async function handleSessionsSettings(req, res) {
     if (req.method !== "PUT" && req.method !== "GET") {
         res.statusCode = 405;
@@ -44,12 +44,24 @@ export async function handleSessionsSettings(req, res) {
     const reasoningLevel = typeof body?.reasoningLevel === "string" ? body.reasoningLevel : undefined;
     const thinkingLevel = typeof body?.thinkingLevel === "string" ? body.thinkingLevel : undefined;
     const modelRef = typeof body?.modelRef === "string" ? body.modelRef.trim() : undefined;
+    // The app omits (or empties) modelRef to mean "use the agent's default model". Resolve that
+    // default and write it as an *explicit* override, identical in shape to any other selection — so
+    // the agent runs the default exactly the way it runs an explicitly-picked model. Do NOT just
+    // clear the override here: the session entry is shared with the OpenClaw core, which stamps it
+    // with provenance fields (`modelOverrideSource`, `model`, `modelProvider`); deleting only our
+    // three fields leaves those dangling and the core mis-resolves to a fallback model.
+    const effectiveModelRef = modelRef || resolveAgentDefaults(sessionKey).model;
     const errors = [];
     if (reasoningLevel !== undefined && !VALID_REASONING.has(reasoningLevel)) {
         errors.push(`reasoningLevel must be one of: ${[...VALID_REASONING].join(", ")}`);
     }
-    if (thinkingLevel !== undefined && !VALID_THINKING.has(thinkingLevel)) {
-        errors.push(`thinkingLevel must be one of: ${[...VALID_THINKING].join(", ")}`);
+    if (thinkingLevel !== undefined) {
+        // Thinking levels vary per model, so validate against the levels the *effective* model supports
+        // (resolved from the running gateway). Falls back to the base five levels when unresolvable.
+        const supported = resolveModelThinkingForRef(effectiveModelRef).levels.map((l) => l.id);
+        if (!supported.includes(thinkingLevel)) {
+            errors.push(`thinkingLevel must be one of: ${supported.join(", ")}`);
+        }
     }
     if (errors.length > 0) {
         res.statusCode = 400;
@@ -57,13 +69,6 @@ export async function handleSessionsSettings(req, res) {
         res.end(JSON.stringify({ error: errors.join("; ") }));
         return true;
     }
-    // The app omits (or empties) modelRef to mean "use the agent's default model". Resolve that
-    // default and write it as an *explicit* override, identical in shape to any other selection — so
-    // the agent runs the default exactly the way it runs an explicitly-picked model. Do NOT just
-    // clear the override here: the session entry is shared with the OpenClaw core, which stamps it
-    // with provenance fields (`modelOverrideSource`, `model`, `modelProvider`); deleting only our
-    // three fields leaves those dangling and the core mis-resolves to a fallback model.
-    const effectiveModelRef = modelRef || resolveAgentDefaults(sessionKey).model;
     const settings = { reasoningLevel, thinkingLevel };
     if (effectiveModelRef) {
         const split = splitModelRef(effectiveModelRef);

package/dist/src/http/server.js

@@ -14,6 +14,9 @@ import { handleNodesApprove } from "./handlers/nodes-approve.js";
 import { handleSessionsSettings } from "./handlers/sessions-settings.js";
 import { handleModelsList } from "./handlers/models-list.js";
 import { handleAgentsList } from "./handlers/agents-list.js";
+import { handleAgentConfig } from "./handlers/agent-config.js";
+import { handleAgentFiles } from "./handlers/agent-files.js";
+import { handleAgentToolsCatalog } from "./handlers/agent-tools-catalog.js";
 import { handleHistorySessions } from "./handlers/history-sessions.js";
 import { handleHistoryMessages } from "./handlers/history-messages.js";
 import { handleHistorySetTitle } from "./handlers/history-set-title.js";
@@ -62,7 +65,8 @@ async function handleFridayNextRoute(req, res) {
     if (req.method === "POST" && pathname === "/friday-next/nodes-approve") {
         return await handleNodesApprove(req, res);
     }
-    if ((req.method === "PUT" || req.method === "GET") && pathname === "/friday-next/sessions/settings") {
+    if ((req.method === "PUT" || req.method === "GET") &&
+        pathname === "/friday-next/sessions/settings") {
         return await handleSessionsSettings(req, res);
     }
     if (req.method === "GET" && pathname === "/friday-next/models") {
@@ -71,6 +75,26 @@ async function handleFridayNextRoute(req, res) {
     if (req.method === "GET" && pathname === "/friday-next/agents") {
         return await handleAgentsList(req, res);
     }
+    // Routes: GET/PUT /friday-next/agents/{id}/config
+    //         GET     /friday-next/agents/{id}/files
+    //         GET/PUT /friday-next/agents/{id}/files/{name}
+    if (pathname.startsWith("/friday-next/agents/")) {
+        const segs = pathname
+            .slice("/friday-next/agents/".length)
+            .split("/")
+            .filter(Boolean)
+            .map((s) => decodeURIComponent(s));
+        const [id, sub, name] = segs;
+        if (id && sub === "config" && segs.length === 2) {
+            return await handleAgentConfig(req, res, id);
+        }
+        if (id && sub === "files" && (segs.length === 2 || segs.length === 3)) {
+            return await handleAgentFiles(req, res, id, name);
+        }
+        if (id && sub === "tools" && name === "catalog" && segs.length === 3) {
+            return await handleAgentToolsCatalog(req, res, id);
+        }
+    }
     if (req.method === "GET" && pathname === "/friday-next/status") {
         return await handleStatus(req, res);
     }
@@ -83,7 +107,8 @@ async function handleFridayNextRoute(req, res) {
         return await handleHistoryMessages(req, res);
     }
     // Route: PUT /friday-next/sessions/title (sync app session name → server displayName)
-    if ((req.method === "PUT" || req.method === "POST") && pathname === "/friday-next/sessions/title") {
+    if ((req.method === "PUT" || req.method === "POST") &&
+        pathname === "/friday-next/sessions/title") {
         return await handleHistorySetTitle(req, res);
     }
     // Route: GET /friday-next/link-preview?url=... (Open Graph metadata for preview cards)

package/dist/src/link-preview/og-parse.js

@@ -78,7 +78,9 @@ export function parseOpenGraph(html, baseUrl) {
     let metaDescription = null;
     for (const match of slice.matchAll(META_TAG_RE)) {
         const tag = match[0];
-        const key = (attributeValue(tag, "property") ?? attributeValue(tag, "name"))?.trim().toLowerCase();
+        const key = (attributeValue(tag, "property") ?? attributeValue(tag, "name"))
+            ?.trim()
+            .toLowerCase();
         if (!key)
             continue;
         const content = attributeValue(tag, "content");

package/dist/src/link-preview/ssrf-guard.js

@@ -98,8 +98,12 @@ function isPrivateIPv6(ip) {
     if (lower === "::" || lower === "::1")
         return true; // unspecified / loopback
     const head = lower.split(":")[0];
-    if (head.startsWith("fc") || head.startsWith("fd"))
-        return true; // fc00::/7 ULA
+    // fc00::/8 (the reserved, never-assigned half of ULA fc00::/7) intentionally NOT blocked:
+    // RFC 4193 requires locally-assigned ULA to set the L bit, so real LAN services live in
+    // fd00::/8, while fake-IP DNS setups (mihomo/clash tun mode with IPv6, common on gateway
+    // hosts) resolve EVERY domain into fc00::/18. Same rationale as 198.18/15 on the IPv4 side.
+    if (head.startsWith("fd"))
+        return true; // fd00::/8 locally-assigned ULA
     if (/^fe[89ab]/.test(head))
         return true; // fe80::/10 link-local
     return false;

package/dist/src/media-fetch.js

@@ -8,7 +8,10 @@ import { guessMimeType } from "./http/handlers/files.js";
  * gateway's `/friday-next/files/` route — identical to the local-file path. This keeps the app's
  * download story uniform (always talks to the trusted gateway host with a bearer token).
  */
-const MAX_REMOTE_MEDIA_BYTES = 25 * 1024 * 1024; // 25MB
+// Aligns with openclaw's own remote-media ceiling (DEFAULT_FETCH_MEDIA_MAX_BYTES =
+// MAX_DOCUMENT_BYTES = 100MB). The real per-kind limit is enforced downstream by
+// saveMediaBuffer (via resolveMediaMaxBytes); this is just the download ceiling.
+const MAX_REMOTE_MEDIA_BYTES = 100 * 1024 * 1024; // 100MB
 const REMOTE_MEDIA_TIMEOUT_MS = 20_000;
 export function isHttpUrl(value) {
     return /^https?:\/\//i.test(value.trim());

package/dist/src/plugin-install-info.js

@@ -87,7 +87,10 @@ export async function fetchLatestVersion(nowMs) {
         const controller = new AbortController();
         const timer = setTimeout(() => controller.abort(), 5000);
         try {
-            const res = await fetch(`https://registry.npmjs.org/${PLUGIN_PACKAGE_NAME}/latest`, { signal: controller.signal, headers: { Accept: "application/json" } });
+            const res = await fetch(`https://registry.npmjs.org/${PLUGIN_PACKAGE_NAME}/latest`, {
+                signal: controller.signal,
+                headers: { Accept: "application/json" },
+            });
             if (res.ok) {
                 const body = (await res.json());
                 if (typeof body.version === "string" && body.version)

package/dist/src/session/session-manager.js

@@ -118,7 +118,11 @@ export function setSessionSettings(sessionKey, settings, historyDir) {
             return {};
         upsertSessionEntry(data, fileKey, sessionKey);
         const fieldKeys = [
-            "reasoningLevel", "thinkingLevel", "modelRef", "providerOverride", "modelOverride",
+            "reasoningLevel",
+            "thinkingLevel",
+            "modelRef",
+            "providerOverride",
+            "modelOverride",
         ];
         let updated = false;
         for (const key of fieldKeys) {
@@ -193,7 +197,7 @@ export function resolveAgentDefaults(sessionKey) {
         const ocCfg = (forwardRt.getConfig() ?? {});
         const agents = ocCfg.agents;
         const targetAgentId = agentIdFromSessionKey(sessionKey);
-        const agentEntry = agents?.list?.find((a) => agentIdFromSessionKey(`agent:${String(a?.id ?? "")}:x`) === targetAgentId);
+        const agentEntry = agents?.list?.find((a) => agentIdFromSessionKey(`agent:${typeof a?.id === "string" ? a.id : typeof a?.id === "number" ? String(a.id) : ""}:x`) === targetAgentId);
         const agentModel = agentEntry?.model;
         const perAgentModel = typeof agentModel === "string"
             ? agentModel
@@ -204,7 +208,9 @@ export function resolveAgentDefaults(sessionKey) {
         const agentDefaults = agents?.defaults;
         const model = agentDefaults?.model;
         const globalModel = typeof model?.primary === "string" ? model.primary : undefined;
-        const globalThinking = typeof agentDefaults?.thinkingDefault === "string" ? agentDefaults.thinkingDefault : undefined;
+        const globalThinking = typeof agentDefaults?.thinkingDefault === "string"
+            ? agentDefaults.thinkingDefault
+            : undefined;
         return { model: perAgentModel ?? globalModel, thinking: perAgentThinking ?? globalThinking };
     }
     catch {

package/dist/src/session-usage-store.js

@@ -24,7 +24,9 @@ export function readSessionUsageSnapshotFromStore(sessionKeyForStore) {
         const cfg = access.getConfig();
         const storeConfig = cfg?.session?.store;
         const canonical = toSessionStoreKey(sessionKeyForStore);
-        const storePath = access.resolveStorePath(storeConfig, { agentId: agentIdFromSessionKey(canonical) });
+        const storePath = access.resolveStorePath(storeConfig, {
+            agentId: agentIdFromSessionKey(canonical),
+        });
         const store = access.loadSessionStore(storePath, { skipCache: true });
         const entry = store[canonical] ?? store[sessionKeyForStore.trim()];
         if (!entry || typeof entry !== "object")