@tt-a1i/hive 1.4.3 → 1.5.0

package/dist/src/server/dispatch-ledger-store.d.ts

@@ -6,19 +6,27 @@ export interface DispatchRecord {
     deliveredAt: number | null;
     fromAgentId: string | null;
     id: string;
+    label: string | null;
+    phase: string | null;
     reportedAt: number | null;
     reportText: string | null;
     sequence: number | null;
     status: DispatchStatus;
+    stepIndex: number | null;
     submittedAt: number | null;
     text: string;
     toAgentId: string;
+    workflowRunId: string | null;
     workspaceId: string;
 }
 interface CreateDispatchInput {
     fromAgentId?: string;
+    label?: string;
+    phase?: string;
+    stepIndex?: number;
     text: string;
     toAgentId: string;
+    workflowRunId?: string;
     workspaceId: string;
 }
 interface ReportDispatchInput {
@@ -50,6 +58,12 @@ export declare const createDispatchLedgerStore: (db: Database) => {
         worker_id: string;
         workspace_id: string;
     }>;
+    listOpenDispatchIdsForRun: (runId: string) => string[];
+    listOpenWorkflowDispatchesForWorker: (workspaceId: string, workerId: string) => Array<{
+        dispatchId: string;
+        runId: string;
+    }>;
+    listWorkflowRunDispatches: (runId: string) => DispatchRecord[];
     listWorkspaceDispatches: (workspaceId: string, options?: ListDispatchesOptions) => DispatchRecord[];
     markCancelled: (input: CancelDispatchInput) => {
         reportedAt: number;
@@ -60,10 +74,14 @@ export declare const createDispatchLedgerStore: (db: Database) => {
         deliveredAt: number | null;
         fromAgentId: string | null;
         id: string;
+        label: string | null;
+        phase: string | null;
         sequence: number | null;
+        stepIndex: number | null;
         submittedAt: number | null;
         text: string;
         toAgentId: string;
+        workflowRunId: string | null;
         workspaceId: string;
     } | undefined;
     markReportedByWorker: (input: ReportDispatchInput) => {
@@ -75,10 +93,14 @@ export declare const createDispatchLedgerStore: (db: Database) => {
         deliveredAt: number | null;
         fromAgentId: string | null;
         id: string;
+        label: string | null;
+        phase: string | null;
         sequence: number | null;
+        stepIndex: number | null;
         submittedAt: number | null;
         text: string;
         toAgentId: string;
+        workflowRunId: string | null;
         workspaceId: string;
     } | undefined;
     markSubmitted: (dispatchId: string) => void;

package/dist/src/server/dispatch-ledger-store.js

@@ -18,13 +18,17 @@ const toRecord = (row) => ({
     deliveredAt: row.delivered_at,
     fromAgentId: row.from_agent_id,
     id: row.id,
+    label: row.label ?? null,
+    phase: row.phase ?? null,
     reportedAt: row.reported_at,
     reportText: row.report_text,
     sequence: row.sequence,
     status: row.status,
+    stepIndex: row.step_index,
     submittedAt: row.submitted_at,
     text: row.text,
     toAgentId: row.to_agent_id,
+    workflowRunId: row.workflow_run_id,
     workspaceId: row.workspace_id,
 });
 export const createDispatchLedgerStore = (db) => {
@@ -35,13 +39,17 @@ export const createDispatchLedgerStore = (db) => {
             deliveredAt: null,
             fromAgentId: input.fromAgentId ?? null,
             id: randomUUID(),
+            label: input.label ?? null,
+            phase: input.phase ?? null,
             reportedAt: null,
             reportText: null,
             sequence: null,
             status: 'queued',
+            stepIndex: input.stepIndex ?? null,
             submittedAt: null,
             text: input.text,
             toAgentId: input.toAgentId,
+            workflowRunId: input.workflowRunId ?? null,
             workspaceId: input.workspaceId,
         };
         db.prepare(`INSERT INTO dispatches (
@@ -56,8 +64,12 @@ export const createDispatchLedgerStore = (db) => {
         submitted_at,
         reported_at,
         report_text,
-        artifacts
-      ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`).run(record.id, record.workspaceId, record.fromAgentId, record.toAgentId, record.text, record.status, record.createdAt, record.deliveredAt, record.submittedAt, record.reportedAt, record.reportText, JSON.stringify(record.artifacts));
+        artifacts,
+        workflow_run_id,
+        step_index,
+        phase,
+        label
+      ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`).run(record.id, record.workspaceId, record.fromAgentId, record.toAgentId, record.text, record.status, record.createdAt, record.deliveredAt, record.submittedAt, record.reportedAt, record.reportText, JSON.stringify(record.artifacts), record.workflowRunId, record.stepIndex, record.phase, record.label);
         return record;
     };
     const deleteDispatch = (dispatchId) => {
@@ -175,8 +187,41 @@ export const createDispatchLedgerStore = (db) => {
         db.prepare('DELETE FROM dispatches WHERE workspace_id = ?').run(workspaceId);
     };
     const deleteWorkerDispatches = (workspaceId, workerId) => {
-        db.prepare('DELETE FROM dispatches WHERE workspace_id = ? AND to_agent_id = ?').run(workspaceId, workerId);
+        // Preserve workflow-run dispatch history (`workflow_run_id IS NOT NULL`)
+        // so the UI's run-detail timeline can still show what each ephemeral
+        // worker did after the worker itself is dismissed. Orchestrator-issued
+        // dispatches are tied to the worker identity and are dropped with it.
+        db.prepare(`DELETE FROM dispatches
+       WHERE workspace_id = ? AND to_agent_id = ? AND workflow_run_id IS NULL`).run(workspaceId, workerId);
     };
+    // Every dispatch fired by a workflow run carries the run id (M1-B added the
+    // column; M2-C plumbs it through). This is the timeline query the UI uses to
+    // explode a run row into per-worker activity.
+    const listWorkflowRunDispatches = (runId) => {
+        const rows = db
+            .prepare('SELECT * FROM dispatches WHERE workflow_run_id = ? ORDER BY sequence, created_at')
+            .all(runId);
+        return rows.map(toRecord);
+    };
+    // Open dispatch ids tied to a workflow run — drives the runner's stop path
+    // (each id gets a notifyCancel so the runner's await rejects).
+    const listOpenDispatchIdsForRun = (runId) => db
+        .prepare(`SELECT id FROM dispatches
+           WHERE workflow_run_id = ? AND status IN ('queued', 'submitted')`)
+        .all(runId).map((row) => row.id);
+    // Open workflow-tagged dispatches addressed to a specific worker. Drives the
+    // PTY-exit cancel path (TIER 1 #1): when a workflow-spawned worker dies
+    // without calling `team report`, the runner's `awaitReport` would otherwise
+    // hang for DEFAULT_TIMEOUT_MS (10 min). The exit handler enumerates these
+    // and `notifyCancel`s each so the surrounding `agent()`/`parallel`/`pipeline`
+    // sees an immediate reject.
+    const listOpenWorkflowDispatchesForWorker = (workspaceId, workerId) => db
+        .prepare(`SELECT id, workflow_run_id FROM dispatches
+           WHERE workspace_id = ?
+             AND to_agent_id = ?
+             AND workflow_run_id IS NOT NULL
+             AND status IN ('queued', 'submitted')`)
+        .all(workspaceId, workerId).map((row) => ({ dispatchId: row.id, runId: row.workflow_run_id }));
     return {
         createDispatch,
         deleteDispatch,
@@ -185,6 +230,9 @@ export const createDispatchLedgerStore = (db) => {
         findOpenDispatch,
         findOpenDispatchById,
         listOpenDispatchKinds,
+        listOpenDispatchIdsForRun,
+        listOpenWorkflowDispatchesForWorker,
+        listWorkflowRunDispatches,
         listWorkspaceDispatches,
         markCancelled,
         markReportedByWorker,

package/dist/src/server/env-sync-message.js

@@ -4,7 +4,7 @@ import { TASKS_RELATIVE_PATH } from './tasks-file.js';
 const TASKS_HEAD_LIMIT = 1024;
 const formatWorkers = (workers) => {
     if (workers.length === 0)
-        return ['- 当前没有其他 worker'];
+        return ['- (no other workers)'];
     return workers.map((worker) => `- ${worker.name} (${worker.role}, ${worker.status}, pending_task_count: ${worker.pendingTaskCount})`);
 };
 const formatRestartWindow = (messages) => {
@@ -12,18 +12,18 @@ const formatRestartWindow = (messages) => {
         return message.type === 'send';
     });
     if (sends.length === 0)
-        return ['- 重启期间未派新单'];
+        return ['- no new dispatches during the restart'];
     return sends.slice(-5).map((message) => `- send -> ${message.to}: ${message.text}`);
 };
 export const buildEnvSyncMessage = ({ agent, tasksContent, workers, workspace, restartWindowMessages, }) => wrapSystemMessage([
-    '你刚被 Hive 重启了。期间环境变化：',
-    `- 当前 workspace: ${workspace.name}`,
-    '- 现有 worker:',
+    'Hive just restarted you. Environment changes during the restart:',
+    `- Current workspace: ${workspace.name}`,
+    '- Existing workers:',
     ...formatWorkers(workers),
-    `- ${TASKS_RELATIVE_PATH} 当前内容:`,
-    tasksContent.slice(0, TASKS_HEAD_LIMIT) || '(空)',
+    `- Current ${TASKS_RELATIVE_PATH} contents:`,
+    tasksContent.slice(0, TASKS_HEAD_LIMIT) || '(empty)',
     ...formatRestartWindow(restartWindowMessages),
-    agent.role === 'orchestrator' ? '- Hive worker 派单规则:' : '- Hive worker 边界:',
+    agent.role === 'orchestrator' ? '- Hive worker dispatch rules:' : '- Hive worker boundaries:',
     ...getHiveTeamRules(agent).map((rule) => `  - ${rule}`),
-    `请继续。如果不确定，用 team list / Read ${TASKS_RELATIVE_PATH} 自查或问 user。`,
+    `Continue. If unsure, run team list / Read ${TASKS_RELATIVE_PATH} to self-check, or ask the user.`,
 ].join('\n'));

package/dist/src/server/fs-browse.d.ts

@@ -22,4 +22,17 @@ export interface FsProbeResponse {
     suggested_name: string;
 }
 export declare const browseDirectory: (requestedPath: string) => Promise<FsBrowseResponse>;
-export declare const probeDirectory: (requestedPath: string) => Promise<FsProbeResponse>;
+export interface ProbeDirectoryOptions {
+    /**
+     * When `true` (default), probe rejects paths outside `$HOME` so the
+     * in-browser FS tree can't be tricked into revealing arbitrary disk
+     * contents via a hand-crafted path string.
+     *
+     * When `false`, the sandbox check is skipped — callers who already
+     * have a user-authorized path (e.g. paths returned by the OS-native
+     * folder picker) must use this so a Windows user picking `D:\projects`
+     * isn't rejected just because their `$HOME` lives on `C:`.
+     */
+    enforceSandbox?: boolean;
+}
+export declare const probeDirectory: (requestedPath: string, options?: ProbeDirectoryOptions) => Promise<FsProbeResponse>;

package/dist/src/server/fs-browse.js

@@ -5,6 +5,29 @@ import { promisify } from 'node:util';
 import { getFsBrowseRoot, isPathWithinRoot } from './fs-sandbox.js';
 const execFileP = promisify(execFile);
 const GIT_BRANCH_TIMEOUT_MS = 800;
+/**
+ * Map a filesystem rejection (from `readdir`, `stat`, etc.) to a string
+ * suitable for surfacing in the browse response. The common Windows
+ * failure paths — System Volume Information / $Recycle.Bin (EACCES),
+ * dangling junctions (EBUSY / EINVAL), paths past MAX_PATH on systems
+ * without long-path support (ENAMETOOLONG) — each get a recognizable
+ * prefix so the UI does not just show the raw errno.
+ */
+const formatFilesystemError = (error) => {
+    if (!(error instanceof Error))
+        return 'Failed to read directory';
+    const code = error.code;
+    if (code === 'EACCES' || code === 'EPERM') {
+        return `Permission denied: ${error.message}`;
+    }
+    if (code === 'ENAMETOOLONG') {
+        return `Path is too long for this filesystem: ${error.message}`;
+    }
+    if (code === 'EBUSY' || code === 'EINVAL') {
+        return `Path is busy or unavailable: ${error.message}`;
+    }
+    return error.message;
+};
 const detectGitRepository = async (entryPath) => {
     try {
         const info = await stat(resolve(entryPath, '.git'));
@@ -49,7 +72,7 @@ export const browseDirectory = async (requestedPath) => {
         return {
             current_path: candidate,
             entries: [],
-            error: error instanceof Error ? error.message : 'Failed to stat directory',
+            error: formatFilesystemError(error),
             ok: false,
             parent_path: null,
             root_path: rootPath,
@@ -65,7 +88,24 @@ export const browseDirectory = async (requestedPath) => {
             root_path: rootPath,
         };
     }
-    const rawEntries = await readdir(candidate, { withFileTypes: true });
+    let rawEntries;
+    try {
+        rawEntries = await readdir(candidate, { withFileTypes: true });
+    }
+    catch (error) {
+        // Windows hits this for System Volume Information, $Recycle.Bin,
+        // broken junctions, and long paths on hosts without long-path
+        // support. Returning ok:false lets the picker surface a readable
+        // message instead of crashing the HTTP handler.
+        return {
+            current_path: candidate,
+            entries: [],
+            error: formatFilesystemError(error),
+            ok: false,
+            parent_path: null,
+            root_path: rootPath,
+        };
+    }
     const directoryEntries = rawEntries
         .filter((entry) => entry.isDirectory() && !entry.name.startsWith('.'))
         .sort((a, b) => a.name.localeCompare(b.name));
@@ -91,9 +131,12 @@ export const browseDirectory = async (requestedPath) => {
         root_path: rootPath,
     };
 };
-export const probeDirectory = async (requestedPath) => {
+export const probeDirectory = async (requestedPath, options = {}) => {
+    const enforceSandbox = options.enforceSandbox ?? true;
     const rootPath = getFsBrowseRoot();
-    const candidate = resolve(rootPath, requestedPath.trim());
+    const candidate = enforceSandbox
+        ? resolve(rootPath, requestedPath.trim())
+        : resolve(requestedPath.trim());
     const base = {
         current_branch: null,
         exists: false,
@@ -103,7 +146,7 @@ export const probeDirectory = async (requestedPath) => {
         path: candidate,
         suggested_name: candidate.split(/[\\/]/).filter(Boolean).pop() ?? '',
     };
-    if (!isPathWithinRoot(rootPath, candidate)) {
+    if (enforceSandbox && !isPathWithinRoot(rootPath, candidate)) {
         return base;
     }
     try {

package/dist/src/server/fs-pick-folder.js

@@ -5,6 +5,13 @@ import { probeDirectory } from './fs-browse.js';
 const MACOS_CANCEL_PATTERNS = [/-128/, /-1743/, /user canceled/i, /execution error/i];
 // zenity documents exit code 1 on Cancel. kdialog uses exit code 1 as well.
 const LINUX_CANCEL_EXIT_CODES = new Set([1]);
+// Cap how long we'll wait for a single picker invocation. A reasonable
+// modal-dialog dwell time is well under this — the cap exists to catch
+// genuinely wedged pickers (PowerShell startup hang under restricted
+// execution policy, zenity hung on a missing DBus, osascript blocked on
+// the macOS Accessibility prompt) so the HTTP request returns instead
+// of pinning a connection forever.
+const PICKER_TIMEOUT_MS = 5 * 60 * 1000;
 const defaultRunCommand = (command, args, options) => new Promise((resolve) => {
     const child = execFile(command, args, options, (error, stdout, stderr) => {
         const errno = error;
@@ -30,10 +37,15 @@ const emptyResponse = (overrides = {}) => ({
     ...overrides,
 });
 const finalizeWithProbe = async (path) => {
-    const probe = await probeDirectory(path);
+    // The OS-native folder picker is itself a user-authorization surface
+    // — sandboxing again here would reject any drive other than the one
+    // hosting `$HOME` (a common Windows case: `D:\projects`, `E:\code`).
+    // The in-browser FS tree (fs-browse.ts:browseDirectory) keeps its
+    // own sandbox; only the native picker bypasses it.
+    const probe = await probeDirectory(path, { enforceSandbox: false });
     if (!probe.ok || !probe.is_dir) {
         return emptyResponse({
-            error: 'Selected path is outside the Hive browse sandbox or is not a directory.',
+            error: 'Selected path is not a directory.',
             path,
             probe,
         });
@@ -42,7 +54,7 @@ const finalizeWithProbe = async (path) => {
 };
 const macOsPick = async (run) => {
     const script = 'POSIX path of (choose folder with prompt "Select Hive workspace")';
-    const result = await run('osascript', ['-e', script], {});
+    const result = await run('osascript', ['-e', script], { timeout: PICKER_TIMEOUT_MS });
     if (result.spawnError?.code === 'ENOENT') {
         return emptyResponse({ error: 'osascript is unavailable on this host.', supported: false });
     }
@@ -65,7 +77,7 @@ const macOsPick = async (run) => {
     return finalizeWithProbe(picked);
 };
 const linuxPick = async (run) => {
-    const result = await run('zenity', ['--file-selection', '--directory', '--title=Select Hive workspace'], {});
+    const result = await run('zenity', ['--file-selection', '--directory', '--title=Select Hive workspace'], { timeout: PICKER_TIMEOUT_MS });
     if (result.spawnError?.code === 'ENOENT') {
         return emptyResponse({
             error: 'zenity not installed. Install zenity or use Advanced: paste path.',
@@ -84,16 +96,51 @@ const linuxPick = async (run) => {
     return finalizeWithProbe(picked);
 };
 const windowsPick = async (run) => {
+    /* Hive's PowerShell child has no visible main window, so a bare
+       `$dialog.ShowDialog()` inherits the desktop as IWin32Window parent —
+       and ends up below the foreground browser in z-order. To the user
+       that looks like a hang ("Add Workspace pops up then nothing"); the
+       picker is open, just occluded.
+  
+       Fix: build a TopMost invisible owner Form, `Show()` it so it has a
+       real HWND (an unshown Form has none, and ShowDialog silently falls
+       back to desktop-parent), then pass the owner to `ShowDialog($owner)`.
+       The owner inherits TopMost z-order onto the dialog. The owner itself
+       stays invisible — Opacity 0, parked at (-32000, -32000), 1x1 size,
+       no taskbar entry — so the user only sees the picker. Dispose in
+       `finally` to release the HWND each invocation.
+  
+       `Add-Type -AssemblyName System.Drawing` is required because Point /
+       Size live in System.Drawing.dll, not System.Windows.Forms.dll. */
+    // PS 5.1 on zh-CN Windows defaults [Console]::OutputEncoding to cp936/GBK;
+    // Node decodes stdout as UTF-8 and CJK paths arrive mojibake'd. Force UTF-8
+    // before any output. No-op on PS 7+ which already defaults to UTF-8.
     const script = [
+        '[Console]::OutputEncoding = [System.Text.Encoding]::UTF8',
         'Add-Type -AssemblyName System.Windows.Forms',
-        '$dialog = New-Object System.Windows.Forms.FolderBrowserDialog',
-        '$dialog.Description = "Select Hive workspace"',
-        '$dialog.ShowNewFolderButton = $false',
-        '$result = $dialog.ShowDialog()',
-        'if ($result -eq [System.Windows.Forms.DialogResult]::OK) { [Console]::Out.WriteLine($dialog.SelectedPath); exit 0 }',
-        'exit 1',
+        'Add-Type -AssemblyName System.Drawing',
+        '$owner = New-Object System.Windows.Forms.Form',
+        "$owner.FormBorderStyle = 'None'",
+        '$owner.Opacity = 0',
+        '$owner.ShowInTaskbar = $false',
+        "$owner.StartPosition = 'Manual'",
+        '$owner.Location = New-Object System.Drawing.Point(-32000, -32000)',
+        '$owner.Size = New-Object System.Drawing.Size(1, 1)',
+        '$owner.TopMost = $true',
+        '$owner.Show()',
+        'try {',
+        '  $dialog = New-Object System.Windows.Forms.FolderBrowserDialog',
+        '  $dialog.Description = "Select Hive workspace"',
+        '  $dialog.ShowNewFolderButton = $false',
+        '  $result = $dialog.ShowDialog($owner)',
+        '  if ($result -eq [System.Windows.Forms.DialogResult]::OK) { [Console]::Out.WriteLine($dialog.SelectedPath); exit 0 }',
+        '  exit 1',
+        '} finally {',
+        '  $owner.Close()',
+        '  $owner.Dispose()',
+        '}',
     ].join('; ');
-    const result = await run('powershell.exe', ['-NoProfile', '-STA', '-ExecutionPolicy', 'Bypass', '-Command', script], {});
+    const result = await run('powershell.exe', ['-NoProfile', '-STA', '-ExecutionPolicy', 'Bypass', '-Command', script], { timeout: PICKER_TIMEOUT_MS });
     if (result.spawnError?.code === 'ENOENT') {
         return emptyResponse({
             error: 'PowerShell is unavailable on this host. Use Advanced: paste path.',

package/dist/src/server/fs-sandbox.js

@@ -1,5 +1,6 @@
 import { homedir } from 'node:os';
 import { isAbsolute, relative, resolve, sep } from 'node:path';
+import { realpathNative } from './path-canonicalization.js';
 /**
  * Root directory the FS-browse API is allowed to reveal. We sandbox to
  * `$HOME` (override via `HIVE_FS_BROWSE_ROOT` for tests). Anything outside
@@ -7,7 +8,19 @@ import { isAbsolute, relative, resolve, sep } from 'node:path';
  */
 export const getFsBrowseRoot = () => {
     const override = process.env.HIVE_FS_BROWSE_ROOT;
-    return override && override.length > 0 ? resolve(override) : resolve(homedir());
+    const root = override && override.length > 0 ? resolve(override) : resolve(homedir());
+    try {
+        return realpathNative(root);
+    }
+    catch {
+        return root;
+    }
+};
+const isResolvedPathWithinRoot = (rootPath, candidatePath) => {
+    if (candidatePath === rootPath)
+        return true;
+    const rel = relative(rootPath, candidatePath);
+    return rel !== '..' && !rel.startsWith(`..${sep}`) && !isAbsolute(rel);
 };
 /**
  * True when `candidatePath` is `rootPath` itself or a descendant of it.
@@ -16,10 +29,26 @@ export const getFsBrowseRoot = () => {
  * isPathWithinRoot so the semantics match a project we already trust.
  */
 export const isPathWithinRoot = (rootPath, candidatePath) => {
-    const resolvedRoot = resolve(rootPath);
-    const resolvedCandidate = resolve(candidatePath);
-    if (resolvedCandidate === resolvedRoot)
-        return true;
-    const rel = relative(resolvedRoot, resolvedCandidate);
-    return rel !== '..' && !rel.startsWith(`..${sep}`) && !isAbsolute(rel);
+    const lexicalRoot = resolve(rootPath);
+    const lexicalCandidate = resolve(candidatePath);
+    let resolvedRoot = lexicalRoot;
+    let resolvedCandidate = lexicalCandidate;
+    try {
+        resolvedRoot = realpathNative(resolvedRoot);
+    }
+    catch {
+        // Missing / inaccessible roots are handled by the caller's readdir/stat path.
+    }
+    try {
+        resolvedCandidate = realpathNative(resolvedCandidate);
+    }
+    catch {
+        // Non-existent children still need lexical sandboxing for "create later"
+        // probes; existing symlinks/junctions use the realpath branch above.
+        if (isResolvedPathWithinRoot(lexicalRoot, lexicalCandidate)) {
+            resolvedRoot = lexicalRoot;
+            resolvedCandidate = lexicalCandidate;
+        }
+    }
+    return isResolvedPathWithinRoot(resolvedRoot, resolvedCandidate);
 };

package/dist/src/server/hive-team-guidance.d.ts

@@ -1,4 +1,5 @@
 import type { AgentSummary } from '../shared/types.js';
+import { type WorkflowCliPolicy } from './workflow-cli-policy.js';
 /**
  * Tail reminder appended to every message that flows INTO the orchestrator
  * (worker reports, worker status updates, user chat input). Re-anchors the
@@ -11,10 +12,12 @@ import type { AgentSummary } from '../shared/types.js';
  * banner noise after a few occurrences, but `<...-system-reminder>` tags
  * mirror the out-of-band envelope LLMs are trained to attend to; placement
  * at the tail (right before the agent's reply turn) maximizes recency
- * weighting; phrasing as a two-option action menu is more actionable than
- * abstract identity restatement.
+ * weighting; phrasing as a short action menu is more actionable than abstract
+ * identity restatement. Kept deliberately SHORT — the full command syntax and
+ * the workflow DSL live in `.hive/PROTOCOL.md`, which agents re-read on demand.
+ * A long banner on every turn is itself the noise this envelope exists to beat.
  */
-export declare const ORCHESTRATOR_REMINDER_TAIL: string;
+export declare const buildOrchestratorReminderTail: (workflowsEnabled: boolean) => string;
 /**
  * Tail reminder appended to dispatches sent TO a worker. Reinforces the
  * worker identity (so the agent does not regress into its normal CLI
@@ -22,12 +25,14 @@ export declare const ORCHESTRATOR_REMINDER_TAIL: string;
  * with dispatch_id pre-bound.
  */
 export declare const buildWorkerReminderTail: (dispatchId: string) => string;
-export declare const getHiveTeamRules: (agent: Pick<AgentSummary, "role">) => string[];
+export declare const getHiveTeamRules: (agent: Pick<AgentSummary, "role">, workflowsEnabled?: boolean, autostaffEnabled?: boolean) => readonly string[];
 /**
  * Workspace-local protocol cheat sheet written to `.hive/PROTOCOL.md`. Agents
  * are explicitly trained to look at project root markdown when confused, so
  * keeping a single canonical doc next to `.hive/tasks.md` doubles as a
  * "cat-recover" path when both the startup prompt and the in-message
- * reminders fail to anchor.
+ * reminders fail to anchor. This is also the single home of the full command
+ * syntax and the workflow DSL reference — the always-on injections only carry
+ * the lean core rules and point here.
  */
-export declare const buildProtocolDoc: () => string;
+export declare const buildProtocolDoc: (cliPolicy?: WorkflowCliPolicy, workflowsEnabled?: boolean, autostaffEnabled?: boolean) => string;