@tt-a1i/hive 2.0.1 → 2.1.0

package/dist/src/server/role-templates.js

@@ -1,42 +1,54 @@
 import { TASKS_RELATIVE_PATH } from './tasks-file.js';
 export const ORCHESTRATOR_ROLE_DESCRIPTION = [
-    '你是 Hive 的 Orchestrator，负责直接响应用户并组织右侧真实成员协作。',
-    '工作方式：',
-    '- 澄清目标，把需求拆成可派发的小任务。',
-    `- 维护 ${TASKS_RELATIVE_PATH}，让当前计划、进度和阻塞可追踪。`,
-    '- 根据成员汇报推进下一步，不把选择题无谓丢回给用户。',
+    'You are the Hive Orchestrator. You reply to the user directly and coordinate real workers shown on the right.',
+    '工作方式 / How to work:',
+    '- Clarify the goal and split it into dispatchable tasks. / 澄清目标，把需求拆成可派发的小任务。',
+    '- Default to Hive dispatch: use `team send`, `team spawn`, or Hive `team workflow` for implementation, audit/review, test, validation, multi-file, or parallel work; do not use your CLI built-in subagents/workflows or keep a non-trivial branch for yourself. / 默认走 Hive 派单：实现、审计/复核、测试、验证、多文件或并行任务用 `team send`、`team spawn` 或 Hive `team workflow`；不要用当前 CLI 内建子代理/工作流，也不要把非平凡分支留给自己。',
+    `- Maintain ${TASKS_RELATIVE_PATH} so plan, progress, and blockers stay trackable. / 维护 ${TASKS_RELATIVE_PATH}，让当前计划、进度和阻塞可追踪。`,
+    '- Drive the next step from worker reports; do not bounce choices back to the user unless a real decision is missing. / 根据成员汇报推进下一步，不把选择题无谓丢回给用户。',
 ].join('\n');
 export const CODER_ROLE_DESCRIPTION = [
-    '你是实现型 Coder，负责把明确任务落成最小正确代码改动。',
-    '工作方式：',
-    '- 先阅读相关文件和现有模式，再动手。',
-    '- 优先小步修改，避免无关重构和范围扩张。',
-    '- 改动后运行能覆盖风险的验证命令；不能验证时说明原因。',
-    '交付说明要包含：改动文件、验证结果、剩余风险或阻塞。',
+    'You are an implementation Coder. Turn clear tasks into minimal, correct code changes.',
+    '工作方式 / How to work:',
+    '- Read relevant files and existing patterns before editing. / 先阅读相关文件和现有模式，再动手。',
+    '- Prefer small scoped changes; avoid unrelated refactors and scope creep. / 优先小步修改，避免无关重构和范围扩张。',
+    '- After editing, run validation commands that cover the risk; if you cannot validate, say why. / 改动后运行能覆盖风险的验证命令；不能验证时说明原因。',
+    'Delivery / 交付说明: include changed files, validation results, and remaining risks or blockers.',
 ].join('\n');
 export const REVIEWER_ROLE_DESCRIPTION = [
-    '你是监工型 Reviewer，负责质量审查，不替代 Orchestrator，也不默认改代码。',
-    '工作方式：',
-    '- 优先找真实 bug、回归风险、边界条件和测试缺口。',
-    '- 发现问题时给出严重度、文件/行号、触发条件和最小修复建议。',
-    '- 没有高风险问题时明确说清剩余风险和未验证范围。',
-    '交付说明按严重度排序，先列 blocking 问题。',
+    'You are a Reviewer. Audit quality; do not replace the Orchestrator and do not edit code by default.',
+    '工作方式 / How to work:',
+    '- Prioritize real bugs, regression risks, edge cases, and test gaps. / 优先找真实 bug、回归风险、边界条件和测试缺口。',
+    '- For each issue, give severity, file/line, trigger condition, and the smallest credible fix. / 发现问题时给出严重度、文件/行号、触发条件和最小修复建议。',
+    '- If there is no high-risk issue, state residual risk and what was not verified. / 没有高风险问题时明确说清剩余风险和未验证范围。',
+    'Delivery / 交付说明: sort by severity and list blocking issues first.',
 ].join('\n');
 export const TESTER_ROLE_DESCRIPTION = [
-    '你是验证型 Tester，负责复现、测试和证据化验证。',
-    '工作方式：',
-    '- 先明确要验证的行为、入口和失败条件。',
-    '- 优先跑真实命令或真实链路；必要时补充最小测试。',
-    '- 记录命令、结果、关键输出和不能覆盖的场景。',
-    '交付说明要区分通过、失败、未验证和建议下一步。',
+    'You are a Tester. Reproduce, test, and produce evidence-backed validation.',
+    '工作方式 / How to work:',
+    '- First identify the behavior, entry point, and failure condition to validate. / 先明确要验证的行为、入口和失败条件。',
+    '- Prefer real commands or real end-to-end paths; add minimal tests only when needed. / 优先跑真实命令或真实链路；必要时补充最小测试。',
+    '- Record commands, results, key output, and scenarios you could not cover. / 记录命令、结果、关键输出和不能覆盖的场景。',
+    'Delivery / 交付说明: separate passed, failed, unverified, and recommended next steps.',
+].join('\n');
+export const SENTINEL_ROLE_DESCRIPTION = [
+    'You are a read-only Sentinel. Observe team health; do not execute tasks or modify anything.',
+    '工作方式 / How to work:',
+    '- Hive periodically injects workspace snapshots: member states, open dispatches, and possible orphaned work. / 系统会定期向你注入工作区快照。',
+    '- Compare snapshots with your own observations and escalate only anomalies worth Orchestrator attention. / 把快照与你自己的观察对照，只上报值得 Orchestrator 注意的异常。',
+    '- Long silence is not automatically stuck; large tasks can be slow. / 长时间无汇报不等于卡死。',
+    'Hard boundaries / 硬性边界:',
+    '- Observe only: do not edit files, run side-effecting commands, or dispatch work. / 只观察：不改文件、不跑有副作用的命令、不派活。',
+    '- You take no dispatches and do not have `team report`; use `team status "<finding>"` for findings. / 你不接派单，也没有 `team report`；发现统一用 `team status "<巡检发现>"` 汇报。',
+    '- Stay quiet when nothing is abnormal. / 没有异常时保持安静。',
 ].join('\n');
 export const CUSTOM_ROLE_DESCRIPTION = [
-    '你是自定义成员。请把这段改成该成员的行为契约。',
-    '建议包含：',
-    '- 目标：这个成员主要负责什么。',
-    '- 边界：哪些事可以做，哪些事不要做。',
-    '- 工作方式：如何调查、修改、验证或审查。',
-    '- 完成标准：交付时需要说明哪些结果、风险和阻塞。',
+    'You are a custom Hive member. Replace this with the member-specific behavior contract.',
+    '建议包含 / Include:',
+    '- Goal: what this member is responsible for. / 目标：这个成员主要负责什么。',
+    '- Boundaries: what it may and may not do. / 边界：哪些事可以做，哪些事不要做。',
+    '- Working style: how it investigates, edits, validates, or reviews. / 工作方式：如何调查、修改、验证或审查。',
+    '- Done criteria: what results, risks, and blockers to report. / 完成标准：交付时需要说明哪些结果、风险和阻塞。',
 ].join('\n');
 export const getDefaultRoleDescription = (role) => {
     switch (role) {
@@ -48,6 +60,8 @@ export const getDefaultRoleDescription = (role) => {
             return REVIEWER_ROLE_DESCRIPTION;
         case 'tester':
             return TESTER_ROLE_DESCRIPTION;
+        case 'sentinel':
+            return SENTINEL_ROLE_DESCRIPTION;
         case 'custom':
             return CUSTOM_ROLE_DESCRIPTION;
     }

package/dist/src/server/routes-action-center.d.ts

@@ -0,0 +1,2 @@
+import type { RouteDefinition } from './route-types.js';
+export declare const actionCenterRoutes: RouteDefinition[];

package/dist/src/server/routes-action-center.js

@@ -0,0 +1,37 @@
+import { buildActionCenterSummary } from './action-center-summary.js';
+import { getRequiredParam, route, sendJson } from './route-helpers.js';
+import { buildTeamRecapMarkdown } from './team-recap.js';
+import { requireUiTokenFromRequest } from './ui-auth-helpers.js';
+const RECAP_DISPATCH_LIMIT = 12;
+export const actionCenterRoutes = [
+    route('GET', '/api/ui/workspaces/:workspaceId/action-center', ({ params, request, response, store }) => {
+        const workspaceId = getRequiredParam(response, params, 'workspaceId', 'Workspace id is required');
+        if (!workspaceId)
+            return;
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
+        if (!store.listWorkspaces().some((workspace) => workspace.id === workspaceId)) {
+            sendJson(response, 404, { error: 'Workspace not found' });
+            return;
+        }
+        sendJson(response, 200, buildActionCenterSummary({ store, workspaceId }));
+    }),
+    route('GET', '/api/workspaces/:workspaceId/recap', ({ params, request, response, store }) => {
+        const workspaceId = getRequiredParam(response, params, 'workspaceId', 'Workspace id is required');
+        if (!workspaceId)
+            return;
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
+        const workspace = store.listWorkspaces().find((entry) => entry.id === workspaceId);
+        if (!workspace) {
+            sendJson(response, 404, { error: 'Workspace not found' });
+            return;
+        }
+        const now = Date.now();
+        const markdown = buildTeamRecapMarkdown({
+            dispatches: store.listRecentDispatches(workspaceId, RECAP_DISPATCH_LIMIT),
+            now,
+            workers: store.listWorkers(workspaceId),
+            workspaceName: workspace.name,
+        });
+        sendJson(response, 200, { generated_at: now, markdown });
+    }),
+];

package/dist/src/server/routes-diagnostics.d.ts

@@ -0,0 +1,2 @@
+import type { RouteDefinition } from './route-types.js';
+export declare const diagnosticsRoutes: RouteDefinition[];

package/dist/src/server/routes-diagnostics.js

@@ -0,0 +1,17 @@
+import { buildDiagnosticsSupportBundle } from './diagnostics-support-bundle.js';
+import { route, sendJson } from './route-helpers.js';
+import { requireUiTokenFromRequest } from './ui-auth-helpers.js';
+export const diagnosticsRoutes = [
+    route('GET', '/api/diagnostics/support-bundle', async ({ request, response, store, versionService }) => {
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
+        const version = await versionService.getVersionInfo();
+        sendJson(response, 200, buildDiagnosticsSupportBundle({ store, version }));
+    }),
+    /* Local retention signals (issue #23): per-day protocol event counts kept in
+       SQLite. Read-only, local-only — this endpoint plus the support bundle is
+       the whole consumption surface, nothing is ever transmitted. */
+    route('GET', '/api/diagnostics/retention', async ({ request, response, store }) => {
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
+        sendJson(response, 200, store.getRetentionSignals());
+    }),
+];

package/dist/src/server/routes-scenarios.d.ts

@@ -0,0 +1,25 @@
+import type { WorkerRole } from '../shared/types.js';
+import type { RouteDefinition } from './route-types.js';
+import type { RuntimeStore } from './runtime-store-contract.js';
+import { type ScenarioPreset } from './scenario-presets.js';
+import { type CliAvailabilityProbe } from './spawn-cli-resolver.js';
+export declare const scenarioRoutes: RouteDefinition[];
+/**
+ * Materialize the scenario team and hand the goal to the orchestrator.
+ * Exported for direct testing (the route harness has no PTY, so the
+ * active-run gate above would mask this logic).
+ *
+ * Workers derive a FRESH launch config from the orchestrator's CLI brand via
+ * the same resolver `team spawn` uses — never a clone of the orchestrator's
+ * own config, which may carry session-resume arguments that would make every
+ * worker resume the orchestrator's session.
+ *
+ * Worker creation is sequential and NOT transactional across workers: each
+ * addWorkerWithLaunch is atomic, but a mid-loop failure (e.g. a name race)
+ * leaves earlier workers in place and surfaces the error to the caller.
+ */
+export declare const applyScenario: (store: RuntimeStore, workspaceId: string, scenario: ScenarioPreset, goal: string, isCommandAvailable?: CliAvailabilityProbe) => Array<{
+    id: string;
+    name: string;
+    role: WorkerRole;
+}>;

package/dist/src/server/routes-scenarios.js

@@ -0,0 +1,89 @@
+import { BadRequestError, ConflictError } from './http-errors.js';
+import { getRequiredParam, readJsonBody, route, sendJson } from './route-helpers.js';
+import { buildScenarioKickoffMessage, buildScenarioWorkerName, getScenarioPreset, } from './scenario-presets.js';
+import { resolveDefaultSpawnCliLaunchConfig, } from './spawn-cli-resolver.js';
+import { requireUiTokenFromRequest } from './ui-auth-helpers.js';
+import { getOrchestratorId } from './workspace-store-support.js';
+export const scenarioRoutes = [
+    /**
+     * One-click team assembly: materialize a scenario preset's workers (each
+     * inheriting the orchestrator's launch config) and hand the user's goal to
+     * the orchestrator as a normal user message. Deliberately NOT dispatching —
+     * splitting the goal and calling `team send` stays the orchestrator's job.
+     */
+    route('POST', '/api/workspaces/:workspaceId/scenarios/:scenarioId/apply', async ({ params, request, response, store }) => {
+        const workspaceId = getRequiredParam(response, params, 'workspaceId', 'Workspace id and scenario id are required');
+        const scenarioId = getRequiredParam(response, params, 'scenarioId', 'Workspace id and scenario id are required');
+        if (!workspaceId || !scenarioId) {
+            return;
+        }
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
+        if (!store.listWorkspaces().some((workspace) => workspace.id === workspaceId)) {
+            sendJson(response, 404, { error: 'Workspace not found' });
+            return;
+        }
+        const scenario = getScenarioPreset(scenarioId);
+        if (!scenario) {
+            sendJson(response, 404, { error: `Unknown scenario: ${scenarioId}` });
+            return;
+        }
+        const body = await readJsonBody(request);
+        const goal = typeof body.goal === 'string' ? body.goal.trim() : '';
+        if (!goal) {
+            throw new BadRequestError('Missing goal');
+        }
+        // The kickoff is delivered to the orchestrator's live terminal and is NOT
+        // persisted for replay, so an offline orchestrator would silently lose the
+        // goal. Gate up front: no live run, no team assembly.
+        if (!store.getActiveRunByAgentId(workspaceId, getOrchestratorId(workspaceId))) {
+            throw new ConflictError('Start the Orchestrator first — the scenario goal is handed to its terminal');
+        }
+        const created = applyScenario(store, workspaceId, scenario, goal);
+        sendJson(response, 201, {
+            created_workers: created,
+            injected: true,
+        });
+    }),
+];
+/**
+ * Materialize the scenario team and hand the goal to the orchestrator.
+ * Exported for direct testing (the route harness has no PTY, so the
+ * active-run gate above would mask this logic).
+ *
+ * Workers derive a FRESH launch config from the orchestrator's CLI brand via
+ * the same resolver `team spawn` uses — never a clone of the orchestrator's
+ * own config, which may carry session-resume arguments that would make every
+ * worker resume the orchestrator's session.
+ *
+ * Worker creation is sequential and NOT transactional across workers: each
+ * addWorkerWithLaunch is atomic, but a mid-loop failure (e.g. a name race)
+ * leaves earlier workers in place and surfaces the error to the caller.
+ */
+export const applyScenario = (store, workspaceId, scenario, goal, isCommandAvailable) => {
+    const ports = {
+        getCommandPreset: (id) => store.settings.getCommandPreset(id),
+        getOrchestratorLaunchConfig: () => store.peekAgentLaunchConfig(workspaceId, getOrchestratorId(workspaceId)),
+        ...(isCommandAvailable ? { isCommandAvailable } : {}),
+    };
+    const launchConfig = resolveDefaultSpawnCliLaunchConfig(ports);
+    const takenNames = new Set(store.listWorkers(workspaceId).map((worker) => worker.name));
+    const created = [];
+    for (const spec of scenario.workers) {
+        const name = buildScenarioWorkerName(spec, (candidate) => takenNames.has(candidate));
+        takenNames.add(name);
+        const worker = store.addWorkerWithLaunch(workspaceId, {
+            name,
+            role: spec.role,
+            ...(spec.descriptionOverride !== undefined
+                ? { description: spec.descriptionOverride }
+                : {}),
+        }, launchConfig);
+        created.push({ id: worker.id, name: worker.name, role: spec.role });
+    }
+    store.recordUserInput(workspaceId, getOrchestratorId(workspaceId), buildScenarioKickoffMessage({
+        scenarioId: scenario.id,
+        goal,
+        workers: created.map((worker) => ({ name: worker.name, role: worker.role })),
+    }));
+    return created;
+};

package/dist/src/server/routes-settings.js

@@ -1,4 +1,4 @@
-import { resolveCommandPath } from './agent-command-resolver.js';
+import { isCommandAvailableOnPath } from './agent-command-resolver.js';
 import { readFeatureFlags } from './feature-flags.js';
 import { BadRequestError } from './http-errors.js';
 import { getRequiredParam, readJsonBody, route, sendJson } from './route-helpers.js';
@@ -8,16 +8,7 @@ import { requireUiTokenFromRequest } from './ui-auth-helpers.js';
 import { assertValidWorkflowCliPolicy, CANONICAL_WORKFLOW_CLIS, readWorkflowCliPolicy, WORKFLOW_CLI_POLICY_KEY, } from './workflow-cli-policy.js';
 import { readWorkflowEnabled, serializeWorkflowEnabled, WORKFLOW_ENABLED_KEY, } from './workflow-feature.js';
 const serializeCommandPreset = (preset) => {
-    let available = false;
-    try {
-        if (preset.command.trim()) {
-            resolveCommandPath(preset.command, process.cwd(), { ...process.env, ...preset.env });
-            available = true;
-        }
-    }
-    catch {
-        available = false;
-    }
+    const available = isCommandAvailableOnPath(preset.command, preset.env);
     return {
         id: preset.id,
         display_name: preset.displayName,

package/dist/src/server/routes-team-memory.js

@@ -2,6 +2,8 @@ import { isMemoryKind, MEMORY_BODY_MAX_CHARS, MEMORY_KINDS, MEMORY_QUERY_MAX_CHA
 import { BadRequestError } from './http-errors.js';
 import { readJsonBody, route, sendJson } from './route-helpers.js';
 import { authenticateCliAgent, requireCommandForRole } from './team-authz.js';
+import { serializeDreamRun } from './team-memory-dream-http-serializers.js';
+import { DreamRunNotFoundError, DreamRunValidationError } from './team-memory-dream-store.js';
 import { serializeMemoryEntry, serializeMemorySearchResult, } from './team-memory-http-serializers.js';
 import { MemoryEntryStatusError } from './team-memory-store.js';
 const requireNonEmptyString = (value, field) => {
@@ -125,6 +127,56 @@ export const teamMemoryRoutes = [
             results: results.map(serializeMemorySearchResult),
         });
     }),
+    route('POST', '/api/team/memory/dream/show', async ({ request, response, store }) => {
+        const body = await readJsonBody(request);
+        const { agent, workspaceId } = authenticateMemoryRequest(body, store);
+        requireCommandForRole(agent, 'memory_dream_show');
+        const runId = requireNonEmptyString(body.run_id, 'run_id');
+        try {
+            const input = store.getMemoryDreamInput(workspaceId, runId);
+            sendJson(response, 200, {
+                ok: true,
+                prompt: input.prompt,
+                run: serializeDreamRun(input.run),
+            });
+        }
+        catch (error) {
+            if (error instanceof DreamRunNotFoundError) {
+                sendJson(response, 404, { error: `Dream run not found: ${error.runId}` });
+                return;
+            }
+            if (error instanceof DreamRunValidationError) {
+                sendJson(response, 409, { error: error.message });
+                return;
+            }
+            throw error;
+        }
+    }),
+    route('POST', '/api/team/memory/apply', async ({ request, response, store }) => {
+        const body = await readJsonBody(request);
+        const { agent, workspaceId } = authenticateMemoryRequest(body, store);
+        requireCommandForRole(agent, 'memory_apply');
+        const runId = requireNonEmptyString(body.run_id, 'run_id');
+        if (body.ops === undefined)
+            throw new BadRequestError('Missing ops');
+        try {
+            sendJson(response, 200, {
+                ok: true,
+                run: serializeDreamRun(store.applyMemoryDreamRun(workspaceId, runId, body.ops)),
+            });
+        }
+        catch (error) {
+            if (error instanceof DreamRunNotFoundError) {
+                sendJson(response, 404, { error: `Dream run not found: ${error.runId}` });
+                return;
+            }
+            if (error instanceof DreamRunValidationError) {
+                sendJson(response, 409, { error: error.message });
+                return;
+            }
+            throw error;
+        }
+    }),
     route('POST', '/api/team/memory/forget', async ({ request, response, store }) => {
         const body = await readJsonBody(request);
         const { agent, workspaceId } = authenticateMemoryRequest(body, store);

package/dist/src/server/routes-team.js

@@ -1,12 +1,11 @@
-import { randomUUID } from 'node:crypto';
-import { resolveCommandPresetLaunchConfig } from './agent-launch-resolver.js';
 import { validateCronNextRunAt } from './cron-util.js';
 import { BadRequestError, ForbiddenError } from './http-errors.js';
 import { readJsonBody, route, sendJson } from './route-helpers.js';
+import { resolveDefaultSpawnCliLaunchConfig, resolveExplicitSpawnCliLaunchConfig, } from './spawn-cli-resolver.js';
+import { resolveSpawnWorkerDefaults } from './spawn-worker-defaults.js';
 import { authenticateCliAgent, requireCommandForRole } from './team-authz.js';
 import { readWorkflowEnabled, WORKFLOW_ENABLED_KEY } from './workflow-feature.js';
-const WORKER_ROLES = new Set(['coder', 'reviewer', 'tester', 'custom']);
-const toWorkerRole = (value) => value && WORKER_ROLES.has(value) ? value : 'coder';
+import { getOrchestratorId } from './workspace-store-support.js';
 // Experimental gate: `team workflow run` / `team workflow schedule` only work
 // when the user has enabled workflows in Settings. Off by default. The PTY
 // runner itself isn't gated (internal API + the scheduler gate handle that) —
@@ -35,16 +34,20 @@ const getReportStatus = (value) => {
     }
     return value;
 };
-const resolveSpawnLaunchConfig = (store, cli) => {
+/* P0-B2 (growth research 2026-06-11): when `team spawn` omits `--cli`, the
+   default used to be a hardcoded 'claude' — instantly broken for non-Claude
+   users. Now it inherits the orchestrator's CLI, falls back to the first
+   built-in CLI visible on PATH, and only then to 'claude'. An explicit
+   `--cli` that is missing from PATH is rejected (400) with a suggestion. */
+const resolveSpawnLaunchConfig = (store, workspaceId, cli) => {
+    const ports = {
+        getCommandPreset: (id) => store.settings.getCommandPreset(id),
+        getOrchestratorLaunchConfig: () => store.peekAgentLaunchConfig(workspaceId, getOrchestratorId(workspaceId)),
+    };
     if (cli === undefined || cli === null || cli === '') {
-        return (resolveCommandPresetLaunchConfig(store.settings, 'claude') ?? { command: 'claude', args: [] });
+        return resolveDefaultSpawnCliLaunchConfig(ports);
     }
-    const cliId = requireNonEmptyString(cli, 'cli');
-    const launchConfig = resolveCommandPresetLaunchConfig(store.settings, cliId);
-    if (!launchConfig) {
-        throw new BadRequestError(`Unsupported cli '${cliId}'`);
-    }
-    return launchConfig;
+    return resolveExplicitSpawnCliLaunchConfig(ports, requireNonEmptyString(cli, 'cli'));
 };
 export const teamRoutes = [
     route('POST', '/api/team/send', async ({ request, response, store }) => {
@@ -68,11 +71,16 @@ export const teamRoutes = [
         });
         /* The user-facing team send route queues work for stopped workers without
            auto-starting them; internal workflow dispatches may still surface
-           restarted_worker when they intentionally wake a worker. */
+           restarted_worker when they intentionally wake a worker. A parked
+           dispatch is flagged so the orchestrator can tell the user the worker
+           needs a start (replay delivers it automatically on that start). */
         sendJson(response, 202, {
             dispatch_id: dispatch.id,
             ok: true,
             restarted_worker: dispatch.restartedWorker,
+            ...(dispatch.queuedForStoppedWorker === true
+                ? { queued: true, worker_status: 'stopped' }
+                : {}),
         });
     }),
     route('POST', '/api/team/spawn', async ({ request, response, store }) => {
@@ -87,19 +95,26 @@ export const teamRoutes = [
             workspaceId: projectId,
         });
         requireCommandForRole(agent, 'spawn');
-        const role = toWorkerRole(body.role);
-        const name = typeof body.name === 'string' && body.name.trim().length > 0
-            ? body.name.trim()
-            : `${role}-${randomUUID()}`;
-        const launchConfig = resolveSpawnLaunchConfig(store, body.cli);
+        const { role, name, description } = resolveSpawnWorkerDefaults({
+            requestedRole: typeof body.role === 'string' ? body.role : undefined,
+            requestedName: typeof body.name === 'string' ? body.name : undefined,
+            takenNames: new Set(store.listWorkers(projectId).map((worker) => worker.name)),
+        });
+        const launchConfig = resolveSpawnLaunchConfig(store, projectId, body.cli);
         // M11: default is persistent (acts like a normal member); --ephemeral
         // opts into auto-dismiss-after-first-report (mirrors workflow workers,
         // but orchestrator-spawned). Existing M1-D cascade-on-orchestrator-exit
         // still applies to whatever ephemeral workers remain.
         const ephemeral = body.ephemeral === true;
         const workerInput = ephemeral
-            ? { name, role, ephemeral: true, spawnedBy: 'orchestrator' }
-            : { name, role };
+            ? {
+                name,
+                role,
+                ...(description !== undefined ? { description } : {}),
+                ephemeral: true,
+                spawnedBy: 'orchestrator',
+            }
+            : { name, role, ...(description !== undefined ? { description } : {}) };
         const worker = store.addWorkerWithLaunch(projectId, workerInput, launchConfig);
         sendJson(response, 201, {
             name: worker.name,
@@ -191,6 +206,11 @@ export const teamRoutes = [
             workspaceId: projectId,
         });
         requireCommandForRole(agent, 'workflow');
+        const run = store.getWorkflowRun(runId);
+        if (!run || run.workspaceId !== projectId) {
+            sendJson(response, 404, { error: `Workflow run not found: ${runId}` });
+            return;
+        }
         const stopped = store.stopWorkflowRun(runId);
         sendJson(response, stopped ? 202 : 409, { ok: stopped, run_id: runId });
     }),

package/dist/src/server/routes-workspace-memory-dreams.js

@@ -56,6 +56,14 @@ export const workspaceMemoryDreamRoutes = [
             await readJsonBody(request);
         try {
             const run = await store.runMemoryDream(workspaceId);
+            if (run.status === 'failed') {
+                sendJson(response, 409, {
+                    error: run.error ?? 'Dream run failed before it could be applied',
+                    ok: false,
+                    run: serializeDreamRun(run),
+                });
+                return;
+            }
             sendJson(response, 200, { ok: true, run: serializeDreamRun(run) });
         }
         catch (error) {

package/dist/src/server/routes-workspace-uploads.d.ts

@@ -0,0 +1,2 @@
+import type { RouteDefinition } from './route-types.js';
+export declare const workspaceUploadRoutes: RouteDefinition[];