@vama/openclaw 2026.5.5

package/dist/probe-B2hFOc2Y.js

@@ -0,0 +1,959 @@
+import { i as createBotHubClient, n as attachmentHintFromExtension } from "./client-AsD46gcK.js";
+import { t as getVamaRuntime } from "./runtime-w-1oL50p.js";
+import * as fs from "node:fs";
+import { promises } from "node:fs";
+import * as http from "node:http";
+import { createDedupeCache } from "openclaw/plugin-sdk/dedupe-runtime";
+import { installRequestBodyLimitGuard } from "openclaw/plugin-sdk/webhook-request-guards";
+import { logTypingFailure } from "openclaw/plugin-sdk/channel-logging";
+import { PAIRING_APPROVED_MESSAGE } from "openclaw/plugin-sdk/channel-plugin-common";
+import { createReplyPrefixContext, createTypingCallbacks } from "openclaw/plugin-sdk/channel-message";
+import { createPersistentDedupe } from "openclaw/plugin-sdk/persistent-dedupe";
+import { buildBaseChannelStatusSummary, createDefaultChannelRuntimeState } from "openclaw/plugin-sdk/status-helpers";
+import { DEFAULT_ACCOUNT_ID, DEFAULT_ACCOUNT_ID as DEFAULT_ACCOUNT_ID$1, normalizeAccountId } from "openclaw/plugin-sdk/account-id";
+import path from "node:path";
+import { homedir } from "node:os";
+import { resolvePreferredOpenClawTmpDir } from "openclaw/plugin-sdk/temp-path";
+import * as crypto from "node:crypto";
+import { createHash } from "node:crypto";
+//#region extensions/vama/src/host-pairing-access.ts
+/** Scope pairing store operations to one channel/account pair for plugin-facing helpers. */
+function createScopedPairingAccess(params) {
+	const resolvedAccountId = normalizeAccountId(params.accountId);
+	return {
+		accountId: resolvedAccountId,
+		readAllowFromStore: () => params.core.channel.pairing.readAllowFromStore({
+			channel: params.channel,
+			accountId: resolvedAccountId
+		}),
+		readStoreForDmPolicy: (provider, accountId) => params.core.channel.pairing.readAllowFromStore({
+			channel: provider,
+			accountId: normalizeAccountId(accountId)
+		}),
+		upsertPairingRequest: (input) => params.core.channel.pairing.upsertPairingRequest({
+			channel: params.channel,
+			accountId: resolvedAccountId,
+			...input
+		})
+	};
+}
+//#endregion
+//#region extensions/vama/src/accounts.ts
+function listConfiguredAccountIds(cfg) {
+	const accounts = (cfg.channels?.vama)?.accounts;
+	if (!accounts || typeof accounts !== "object") return [];
+	return Object.keys(accounts).filter(Boolean);
+}
+function listVamaAccountIds(cfg) {
+	const ids = listConfiguredAccountIds(cfg);
+	if (ids.length === 0) return [DEFAULT_ACCOUNT_ID];
+	return [...ids].toSorted((a, b) => a.localeCompare(b));
+}
+function resolveDefaultVamaAccountId(cfg) {
+	const ids = listVamaAccountIds(cfg);
+	if (ids.includes(DEFAULT_ACCOUNT_ID)) return DEFAULT_ACCOUNT_ID;
+	return ids[0] ?? DEFAULT_ACCOUNT_ID;
+}
+function resolveAccountConfig(cfg, accountId) {
+	const accounts = (cfg.channels?.vama)?.accounts;
+	if (!accounts || typeof accounts !== "object") return;
+	return accounts[accountId];
+}
+function mergeVamaAccountConfig(cfg, accountId) {
+	const { accounts: _ignored, ...base } = cfg.channels?.vama ?? {};
+	const account = resolveAccountConfig(cfg, accountId) ?? {};
+	return {
+		...base,
+		...account
+	};
+}
+function resolveVamaAccount(params) {
+	const accountId = normalizeAccountId(params.accountId);
+	const baseEnabled = (params.cfg.channels?.vama)?.enabled !== false;
+	const merged = mergeVamaAccountConfig(params.cfg, accountId);
+	const accountEnabled = merged.enabled !== false;
+	const enabled = baseEnabled && accountEnabled;
+	const botToken = merged.botToken?.trim() || void 0;
+	const webhookSecret = merged.webhookSecret?.trim() || void 0;
+	const webhookSecretFile = merged.webhookSecretFile?.trim() || void 0;
+	const bothubUrl = merged.bothubUrl?.trim() || "https://bothub.vama.com";
+	return {
+		accountId,
+		enabled,
+		configured: Boolean(botToken),
+		name: merged.name?.trim() || void 0,
+		botToken,
+		webhookSecret,
+		webhookSecretFile,
+		bothubUrl,
+		config: merged
+	};
+}
+//#endregion
+//#region extensions/vama/src/dedup.ts
+const DEDUP_TTL_MS = 1440 * 60 * 1e3;
+const MEMORY_MAX_SIZE = 1e3;
+const FILE_MAX_ENTRIES = 1e4;
+createDedupeCache({
+	ttlMs: DEDUP_TTL_MS,
+	maxSize: MEMORY_MAX_SIZE
+});
+function resolveStateDirFromEnv(env = process.env) {
+	const stateOverride = env.OPENCLAW_STATE_DIR?.trim() || env.CLAWDBOT_STATE_DIR?.trim();
+	if (stateOverride) return stateOverride;
+	if (env.VITEST || env.NODE_ENV === "test") return path.join(resolvePreferredOpenClawTmpDir(), ["openclaw-vitest", String(process.pid)].join("-"));
+	return path.join(homedir(), ".openclaw");
+}
+function resolveNamespaceFilePath(namespace) {
+	const safe = namespace.replace(/[^a-zA-Z0-9_-]/g, "_");
+	return path.join(resolveStateDirFromEnv(), "vama", "dedup", `${safe}.json`);
+}
+const persistentDedupe = createPersistentDedupe({
+	ttlMs: DEDUP_TTL_MS,
+	memoryMaxSize: MEMORY_MAX_SIZE,
+	fileMaxEntries: FILE_MAX_ENTRIES,
+	resolveFilePath: resolveNamespaceFilePath
+});
+async function tryRecordMessagePersistent(messageId, namespace = "global", log) {
+	return persistentDedupe.checkAndRecord(messageId, {
+		namespace,
+		onDiskError: (error) => {
+			log?.(`vama-dedup: disk error, falling back to memory: ${String(error)}`);
+		}
+	});
+}
+//#endregion
+//#region extensions/vama/src/fc-keepalive.ts
+/**
+* FC keepalive bridge — keeps the host's vmctl idle-pauser at bay
+* while a VAMA dispatch is in flight.
+*
+* Why this lives in the VAMA extension:
+*
+* Firecracker hosts auto-pause idle VMs after 2 minutes of no
+* `lastAccess` bumps. The cascade-side keepalive (`packages/core/src/
+* keepalive.ts` in the OCC platform) doesn't actually reach FC VMs —
+* cascade is on EKS, FC `instanceUrl` is a Tailscale CGNAT address
+* (`http://100.x.x.x:80`), and EKS pods can't route to those without
+* going through the `tailscale-router` HTTP proxy. The keepalive
+* pings silently 404 / time out.
+*
+* Inbound webhooks DO bump `lastAccess` (smart-proxy.js calls vmctl's
+* `/keepalive` endpoint on each delivery), so a VM that's actively
+* receiving user messages stays alive. The gap is during long agent
+* tool calls — e.g. an SSE listen of a 4-minute audio stream — where
+* the agent goes minutes without making any cascade request and no
+* fresh webhook arrives. After 2 minutes of no `lastAccess` bump,
+* vmctl's auto-pauser sees CPU at ~0% (Node event loop awaiting a
+* network read) and pauses the VM mid-tool. Carlos's instance hit
+* exactly this on 2026-04-25.
+*
+* Threat model: the signal MUST be specific to "OpenClaw is doing a
+* dispatch turn." Network-throughput signals are jailbreakable (a
+* user-spawned `curl` loop would keep the VM alive). Log-tail signals
+* are also jailbreakable (an agent subprocess inheriting the gateway's
+* cgroup can `echo` fake log lines that journalctl attributes to
+* `openclaw-gateway.service`). The only signal that's both reliable
+* AND not jailbreakable is in-process gateway state — which is what
+* this module exposes via `dispatchStarted()` / `dispatchEnded()`
+* called from the VAMA dispatch entry/exit points in bot.ts.
+*
+* Scope: VAMA channel only. Telegram dispatches are not covered here.
+* That's acceptable for OCC because non-VAMA channels run on dedicated
+* (paid) FC instances which vmctl doesn't auto-pause anyway (see
+* `pauseIdleVMs` skipping `vm.Dedicated == true`).
+*/
+const VMCTL_HOST = "10.0.200.1";
+const VMCTL_PORT = 9090;
+const KEEPALIVE_INTERVAL_MS = 3e4;
+const VMCTL_REQUEST_TIMEOUT_MS = 3e3;
+let activeDispatches = 0;
+let interval = null;
+let envCacheLoaded = false;
+let cachedVmName;
+let cachedAuthToken;
+function loadFcEnv() {
+	if (envCacheLoaded) return;
+	envCacheLoaded = true;
+	try {
+		cachedVmName = fs.readFileSync("/etc/openclaw/vm-name", "utf8").trim() || void 0;
+	} catch {}
+	try {
+		const m = fs.readFileSync("/etc/vmctl.env", "utf8").match(/FC_AUTH_TOKEN=["']?([^"'\n]+)/);
+		if (m) cachedAuthToken = m[1];
+	} catch {
+		if (process.env.FC_AUTH_TOKEN) cachedAuthToken = process.env.FC_AUTH_TOKEN;
+	}
+}
+function sendVmctlKeepalive() {
+	loadFcEnv();
+	if (!cachedVmName) return;
+	const path = `/api/v1/vms/${encodeURIComponent(cachedVmName)}/keepalive`;
+	const headers = {};
+	if (cachedAuthToken) headers["Authorization"] = `Bearer ${cachedAuthToken}`;
+	const req = http.request({
+		hostname: VMCTL_HOST,
+		port: VMCTL_PORT,
+		path,
+		method: "POST",
+		timeout: VMCTL_REQUEST_TIMEOUT_MS,
+		headers
+	}, (res) => {
+		res.resume();
+	});
+	req.on("error", () => {});
+	req.on("timeout", () => {
+		req.destroy();
+	});
+	req.end();
+}
+/**
+* Marks a VAMA dispatch as in-flight. Idempotent across concurrent
+* dispatches: each call increments a counter, only the FIRST starts
+* the keepalive interval. The counter is decremented by
+* `dispatchEnded()`. Always pair these in a try/finally so a thrown
+* error doesn't leak the counter.
+*
+* Outside of FC (no `/etc/openclaw/vm-name`) this is a true no-op:
+* the counter still increments for symmetry with `dispatchEnded`,
+* but no interval is armed and no HTTP call is ever made. This keeps
+* dev / local runs free of a stray 30s timer.
+*/
+function dispatchStarted() {
+	activeDispatches += 1;
+	if (interval !== null) return;
+	loadFcEnv();
+	if (!cachedVmName) return;
+	sendVmctlKeepalive();
+	interval = setInterval(sendVmctlKeepalive, KEEPALIVE_INTERVAL_MS);
+}
+/**
+* Pairs with `dispatchStarted()`. When the last in-flight dispatch
+* settles, the keepalive interval stops and vmctl's `lastAccess`
+* naturally ages out as designed.
+*/
+function dispatchEnded() {
+	if (activeDispatches > 0) activeDispatches -= 1;
+	if (activeDispatches === 0 && interval !== null) {
+		clearInterval(interval);
+		interval = null;
+	}
+}
+//#endregion
+//#region extensions/vama/src/send.ts
+async function sendMessageVama(params) {
+	const { cfg, to, text, parentId, accountId } = params;
+	const account = resolveVamaAccount({
+		cfg,
+		accountId
+	});
+	if (!account.configured) throw new Error(`Vama account "${account.accountId}" not configured`);
+	const result = await createBotHubClient(account).sendMessage({
+		channelId: to,
+		text,
+		parentId
+	});
+	return {
+		messageId: result.message_id,
+		channelId: result.channel_id
+	};
+}
+//#endregion
+//#region extensions/vama/src/reply-dispatcher.ts
+/**
+* Strip `MEDIA:` directives out of an agent reply, returning the cleaned
+* text plus the list of media targets the agent asked to attach.
+*
+* This intentionally re-implements a focused subset of openclaw core's
+* `splitMediaFromOutput`. The bundled `plugin-sdk/reply-payload` exports
+* `resolvePayloadMediaUrls` (which inspects already-populated
+* `payload.mediaUrl[s]`), but the directive-parsing helper that turns
+* inline `MEDIA: /path/to/file` lines into `mediaUrls` lives in
+* `auto-reply/reply/reply-directives.ts` — not on the public plugin-SDK
+* surface. Pulling it through that boundary is a separate refactor;
+* inlining the line-prefix parser here avoids that detour and matches
+* the directive shape openclaw renders into the agent's response stream.
+*
+* Recognised inputs (one per line, leading whitespace tolerated):
+*   MEDIA:/abs/path/to/file.pdf
+*   MEDIA: ./relative/file.png
+*   MEDIA: https://example.com/image.jpg     (remote — outbound adapter
+*                                              falls back to text)
+*   MEDIA: `quoted/path with spaces.txt`
+*/
+function parseInlineMediaTargets(raw) {
+	if (!raw || !raw.toLowerCase().includes("media:")) return {
+		text: raw ?? "",
+		mediaUrls: []
+	};
+	const lines = raw.split("\n");
+	const kept = [];
+	const mediaUrls = [];
+	for (const line of lines) {
+		const m = /^\s*MEDIA:\s*(.+?)\s*$/i.exec(line);
+		if (!m) {
+			kept.push(line);
+			continue;
+		}
+		let candidate = m[1].trim();
+		candidate = candidate.replace(/^[`"']|[`"']$/g, "").trim();
+		if (!candidate) {
+			kept.push(line);
+			continue;
+		}
+		mediaUrls.push(candidate);
+	}
+	return {
+		text: kept.join("\n").replace(/\n{3,}/g, "\n\n").trim(),
+		mediaUrls
+	};
+}
+/**
+* Resolve the merged set of media targets to send for one payload, with
+* dedup. Order of precedence: `payload.mediaUrls`, `payload.mediaUrl`,
+* then any `MEDIA:` directives left in the agent text. The cleaned text
+* (with `MEDIA:` lines stripped) is returned alongside.
+*/
+function resolveOutboundMedia(payload) {
+	const { text: cleanedText, mediaUrls: inline } = parseInlineMediaTargets(payload.text ?? "");
+	const merged = [];
+	const seen = /* @__PURE__ */ new Set();
+	const push = (url) => {
+		if (!url) return;
+		const trimmed = url.trim();
+		if (!trimmed || seen.has(trimmed)) return;
+		seen.add(trimmed);
+		merged.push(trimmed);
+	};
+	if (Array.isArray(payload.mediaUrls)) for (const url of payload.mediaUrls) push(url);
+	push(payload.mediaUrl);
+	for (const url of inline) push(url);
+	return {
+		text: cleanedText,
+		mediaUrls: merged
+	};
+}
+/**
+* Decide whether a media URL points at a local workspace artefact we can
+* upload via BotHub's multipart endpoint. Mirrors `localPathFromMediaUrl`
+* in `outbound.ts` so the dispatcher and the standalone outbound adapter
+* agree on what counts as "uploadable from disk" — keeps the fallback
+* behaviour identical regardless of which path delivers the payload.
+*/
+function localPathFromMediaUrl(mediaUrl) {
+	if (mediaUrl.startsWith("file://")) return mediaUrl.slice(7);
+	if (mediaUrl.startsWith("/") || mediaUrl.startsWith("./")) return mediaUrl;
+	return null;
+}
+function extensionOf(path) {
+	const idx = path.lastIndexOf(".");
+	if (idx < 0 || idx === path.length - 1) return "";
+	if (idx < Math.max(path.lastIndexOf("/"), path.lastIndexOf("\\"))) return "";
+	return path.slice(idx + 1).toLowerCase();
+}
+function createVamaReplyDispatcher(params) {
+	const core = getVamaRuntime();
+	const { cfg, agentId, channelId, replyToMessageId, accountId } = params;
+	const account = resolveVamaAccount({
+		cfg,
+		accountId
+	});
+	const prefixContext = createReplyPrefixContext({
+		cfg,
+		agentId
+	});
+	const typingCallbacks = createTypingCallbacks({
+		start: async () => {
+			if (!account.configured) return;
+			try {
+				await createBotHubClient(account).sendTyping({ channelId });
+			} catch {}
+		},
+		stop: async () => {},
+		onStartError: (err) => logTypingFailure({
+			log: (message) => params.runtime?.log?.(message),
+			channel: "vama",
+			action: "start",
+			error: err
+		}),
+		onStopError: (err) => logTypingFailure({
+			log: (message) => params.runtime?.log?.(message),
+			channel: "vama",
+			action: "stop",
+			error: err
+		})
+	});
+	const textChunkLimit = core.channel.text.resolveTextChunkLimit(cfg, "vama", accountId, { fallbackLimit: 1e4 });
+	const chunkMode = core.channel.text.resolveChunkMode(cfg, "vama");
+	const sentMediaHashes = /* @__PURE__ */ new Set();
+	const PERSISTED_ID_RE = /^(.+?)---[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}(\.[A-Za-z0-9]{1,16})?$/;
+	const deriveFriendlyFileName = (localPath) => {
+		const ext = extensionOf(localPath);
+		const match = (localPath.split("/").pop() ?? localPath).match(PERSISTED_ID_RE);
+		if (match) {
+			const [, original, suffixExt] = match;
+			return `${original}${suffixExt ?? (ext ? `.${ext}` : "")}`;
+		}
+		return ext ? `attachment.${ext}` : "attachment";
+	};
+	const computeContentHash = async (localPath) => {
+		try {
+			const bytes = await promises.readFile(localPath);
+			return createHash("sha256").update(bytes).digest("hex");
+		} catch {
+			return;
+		}
+	};
+	const { dispatcher, replyOptions, markDispatchIdle } = core.channel.reply.createReplyDispatcherWithTyping({
+		responsePrefix: prefixContext.responsePrefix,
+		responsePrefixContextProvider: prefixContext.responsePrefixContextProvider,
+		humanDelay: core.channel.reply.resolveHumanDelayConfig(cfg, agentId),
+		onReplyStart: () => {
+			typingCallbacks.onReplyStart?.();
+		},
+		deliver: async (payload) => {
+			const { text, mediaUrls } = resolveOutboundMedia(payload);
+			let captionAttached = false;
+			for (let i = 0; i < mediaUrls.length; i += 1) {
+				const mediaUrl = mediaUrls[i];
+				const localPath = localPathFromMediaUrl(mediaUrl);
+				const captionForThisItem = i === 0 && text.trim() ? text.trim() : void 0;
+				if (!localPath) {
+					await sendMessageVama({
+						cfg,
+						to: channelId,
+						text: captionForThisItem ? `${captionForThisItem}\n${mediaUrl}` : mediaUrl,
+						parentId: replyToMessageId,
+						accountId
+					});
+					if (captionForThisItem) captionAttached = true;
+					continue;
+				}
+				if (!account.configured) {
+					params.runtime?.error?.(`vama[${account.accountId}] sendFile skipped: account not configured`);
+					continue;
+				}
+				const contentHash = await computeContentHash(localPath);
+				if (contentHash && sentMediaHashes.has(contentHash)) {
+					if (captionForThisItem) {
+						await sendMessageVama({
+							cfg,
+							to: channelId,
+							text: captionForThisItem,
+							parentId: replyToMessageId,
+							accountId
+						});
+						captionAttached = true;
+					}
+					continue;
+				}
+				try {
+					await createBotHubClient(account).sendFile({
+						channelId,
+						path: localPath,
+						fileName: deriveFriendlyFileName(localPath),
+						caption: captionForThisItem,
+						parentId: replyToMessageId,
+						attachmentType: attachmentHintFromExtension(extensionOf(localPath))
+					});
+					if (contentHash) sentMediaHashes.add(contentHash);
+					if (captionForThisItem) captionAttached = true;
+				} catch (err) {
+					params.runtime?.error?.(`vama[${account.accountId}] sendFile failed for ${localPath}: ${String(err)}`);
+					await sendMessageVama({
+						cfg,
+						to: channelId,
+						text: captionForThisItem ? `${captionForThisItem}\n[attachment unavailable: ${localPath}]` : `[attachment unavailable: ${localPath}]`,
+						parentId: replyToMessageId,
+						accountId
+					});
+					if (captionForThisItem) captionAttached = true;
+				}
+			}
+			const trimmed = text.trim();
+			if (trimmed && !captionAttached) for (const chunk of core.channel.text.chunkTextWithMode(trimmed, textChunkLimit, chunkMode)) await sendMessageVama({
+				cfg,
+				to: channelId,
+				text: chunk,
+				parentId: replyToMessageId,
+				accountId
+			});
+		},
+		onError: async (error) => {
+			params.runtime?.error?.(`vama[${account.accountId}] reply failed: ${String(error)}`);
+			typingCallbacks.onIdle?.();
+		},
+		onIdle: async () => {
+			typingCallbacks.onIdle?.();
+		},
+		onCleanup: () => {
+			typingCallbacks.onCleanup?.();
+		}
+	});
+	return {
+		dispatcher,
+		replyOptions: {
+			...replyOptions,
+			onModelSelected: prefixContext.onModelSelected
+		},
+		markDispatchIdle
+	};
+}
+//#endregion
+//#region extensions/vama/src/bot.ts
+/**
+* Per-attachment fetch ceiling. Mirrors the limit `core.channel.media`
+* already enforces internally on most provider channels (Telegram /
+* WhatsApp / Zalo); kept explicit here so the ceiling is visible at the
+* call site and can be surfaced later as a config knob without changing
+* the `core` API contract.
+*/
+const VAMA_ATTACHMENT_MAX_BYTES = 25 * 1024 * 1024;
+async function handleVamaMessage(params) {
+	const { cfg, event, runtime, accountId, replayId } = params;
+	const account = resolveVamaAccount({
+		cfg,
+		accountId
+	});
+	const vamaCfg = account.config;
+	const log = runtime?.log ?? console.log;
+	const error = runtime?.error ?? console.error;
+	if (replayId) log(`vama[${account.accountId}]: replay (${replayId}) — bypassing dedup for ${event.message_id}`);
+	else if (!await tryRecordMessagePersistent(event.message_id, account.accountId, log)) {
+		log(`vama: skipping duplicate message ${event.message_id}`);
+		return;
+	}
+	const senderId = event.sender_id;
+	const senderName = event.sender_name ?? senderId;
+	const text = event.text ?? "";
+	const channelId = event.channel_id;
+	const messageId = event.message_id;
+	const parentId = event.parent_id;
+	const parentText = typeof event.parent_text === "string" && event.parent_text.trim().length > 0 ? event.parent_text : void 0;
+	const parentSenderName = typeof event.parent_sender_name === "string" && event.parent_sender_name.trim().length > 0 ? event.parent_sender_name : void 0;
+	const parentSenderId = typeof event.parent_sender_id === "string" && event.parent_sender_id.trim().length > 0 ? event.parent_sender_id : void 0;
+	const parentSender = parentSenderName ?? parentSenderId;
+	const attachments = Array.isArray(event.attachments) ? event.attachments.filter((a) => Boolean(a) && typeof a.url === "string" && a.url.length > 0) : [];
+	const parentAttachments = Array.isArray(event.parent_attachments) ? event.parent_attachments.filter((a) => Boolean(a) && typeof a.url === "string" && a.url.length > 0) : [];
+	if (!text.trim() && attachments.length === 0) {
+		log(`vama[${account.accountId}]: ignoring empty message ${messageId}`);
+		return;
+	}
+	log(`vama[${account.accountId}]: received message from ${senderId} in ${channelId}`);
+	try {
+		const core = getVamaRuntime();
+		const dmPolicy = vamaCfg?.dmPolicy ?? "open";
+		const configAllowFrom = (vamaCfg?.allowFrom ?? []).map((e) => String(e));
+		const useAccessGroups = cfg.commands?.useAccessGroups !== false;
+		const pairing = createScopedPairingAccess({
+			core,
+			channel: "vama",
+			accountId: account.accountId
+		});
+		const shouldComputeCommandAuthorized = core.channel.commands.shouldComputeCommandAuthorized(text, cfg);
+		const storeAllowFrom = dmPolicy !== "allowlist" && (dmPolicy !== "open" || shouldComputeCommandAuthorized) ? await pairing.readAllowFromStore().catch(() => []) : [];
+		const effectiveDmAllowFrom = [...configAllowFrom, ...storeAllowFrom];
+		const dmAllowed = dmPolicy === "open" ? effectiveDmAllowFrom.length === 0 || effectiveDmAllowFrom.includes(senderId) : effectiveDmAllowFrom.includes(senderId);
+		if (dmPolicy !== "open" && !dmAllowed) {
+			if (dmPolicy === "pairing") {
+				const { code, created } = await pairing.upsertPairingRequest({
+					id: senderId,
+					meta: { name: senderName }
+				});
+				if (created) {
+					log(`vama[${account.accountId}]: pairing request sender=${senderId}`);
+					try {
+						await sendMessageVama({
+							cfg,
+							to: channelId,
+							text: core.channel.pairing.buildPairingReply({
+								channel: "vama",
+								idLine: `Your Vama user id: ${senderId}`,
+								code
+							}),
+							accountId: account.accountId
+						});
+					} catch (err) {
+						log(`vama[${account.accountId}]: pairing reply failed for ${senderId}: ${String(err)}`);
+					}
+				}
+			} else log(`vama[${account.accountId}]: blocked unauthorized sender ${senderId} (dmPolicy=${dmPolicy})`);
+			return;
+		}
+		const commandAllowFrom = effectiveDmAllowFrom;
+		const senderAllowedForCommands = commandAllowFrom.length === 0 || commandAllowFrom.includes(senderId);
+		const commandAuthorized = shouldComputeCommandAuthorized ? core.channel.commands.resolveCommandAuthorizedFromAuthorizers({
+			useAccessGroups,
+			authorizers: [{
+				configured: commandAllowFrom.length > 0,
+				allowed: senderAllowedForCommands
+			}]
+		}) : void 0;
+		const vamaFrom = `vama:${senderId}`;
+		const vamaTo = `channel:${channelId}`;
+		const route = core.channel.routing.resolveAgentRoute({
+			cfg,
+			channel: "vama",
+			accountId: account.accountId,
+			peer: {
+				kind: "direct",
+				id: senderId
+			}
+		});
+		const preview = text.replace(/\s+/g, " ").slice(0, 160);
+		core.system.enqueueSystemEvent(`Vama[${account.accountId}] DM from ${senderName}: ${preview}`, {
+			sessionKey: route.sessionKey,
+			contextKey: `vama:message:${channelId}:${messageId}`
+		});
+		const envelopeOptions = core.channel.reply.resolveEnvelopeFormatOptions(cfg);
+		const messageBody = `${senderName}: ${text}`;
+		const body = core.channel.reply.formatAgentEnvelope({
+			channel: "Vama",
+			from: senderId,
+			timestamp: /* @__PURE__ */ new Date(),
+			envelope: envelopeOptions,
+			body: messageBody
+		});
+		const dispatchMessageSid = replayId ? `${messageId}#replay-${replayId.slice(-12)}` : messageId;
+		const fetchAttachments = async (items, label) => {
+			const resolved = [];
+			for (const attachment of items) try {
+				const fetched = await core.channel.media.fetchRemoteMedia({
+					url: attachment.url,
+					maxBytes: VAMA_ATTACHMENT_MAX_BYTES
+				});
+				const saved = await core.channel.media.saveMediaBuffer(fetched.buffer, fetched.contentType, "inbound", VAMA_ATTACHMENT_MAX_BYTES);
+				resolved.push({
+					path: saved.path,
+					contentType: saved.contentType
+				});
+			} catch (err) {
+				error(`vama[${account.accountId}]: failed to fetch ${label} ${attachment.url}: ${String(err)}`);
+			}
+			return resolved;
+		};
+		const resolvedCurrentMedia = await fetchAttachments(attachments, "attachment");
+		const resolvedParentMedia = await fetchAttachments(parentAttachments, "reply-target attachment");
+		const resolvedMedia = [...resolvedCurrentMedia, ...resolvedParentMedia];
+		const mediaPaths = resolvedMedia.map((m) => m.path);
+		const mediaTypes = resolvedMedia.map((m) => m.contentType).filter((value) => typeof value === "string" && value.length > 0);
+		const replyTargetMediaNote = resolvedParentMedia.length > 0 ? `[reply target media attachments included as additional media inputs: ${resolvedParentMedia.length}]` : void 0;
+		const replyToBody = parentText && replyTargetMediaNote ? `${parentText}\n\n${replyTargetMediaNote}` : parentText ?? replyTargetMediaNote;
+		const ctxPayload = core.channel.reply.finalizeInboundContext({
+			Body: body,
+			BodyForAgent: messageBody,
+			RawBody: text,
+			CommandBody: text,
+			From: vamaFrom,
+			To: vamaTo,
+			SessionKey: route.sessionKey,
+			AccountId: route.accountId,
+			ChatType: "direct",
+			SenderName: senderName,
+			SenderId: senderId,
+			Provider: "vama",
+			Surface: "vama",
+			MessageSid: dispatchMessageSid,
+			ReplyToId: parentId,
+			ReplyToBody: replyToBody,
+			ReplyToSender: parentSender,
+			ReplyToIsQuote: replyToBody ? true : void 0,
+			Timestamp: Date.now(),
+			CommandAuthorized: commandAuthorized,
+			OriginatingChannel: "vama",
+			OriginatingTo: vamaTo,
+			MediaPath: mediaPaths[0],
+			MediaType: mediaTypes[0],
+			MediaUrl: mediaPaths[0],
+			MediaPaths: mediaPaths.length > 0 ? mediaPaths : void 0,
+			MediaUrls: mediaPaths.length > 0 ? mediaPaths : void 0,
+			MediaTypes: mediaTypes.length > 0 ? mediaTypes : void 0
+		});
+		const { dispatcher, replyOptions, markDispatchIdle } = createVamaReplyDispatcher({
+			cfg,
+			agentId: route.agentId,
+			runtime,
+			channelId,
+			replyToMessageId: parentId,
+			accountId: account.accountId
+		});
+		log(`vama[${account.accountId}]: dispatching to agent (session=${route.sessionKey})`);
+		let keepaliveActive = false;
+		try {
+			dispatchStarted();
+			keepaliveActive = true;
+			const { queuedFinal, counts } = await core.channel.reply.withReplyDispatcher({
+				dispatcher,
+				onSettled: () => {
+					markDispatchIdle();
+				},
+				run: () => core.channel.reply.dispatchReplyFromConfig({
+					ctx: ctxPayload,
+					cfg,
+					dispatcher,
+					replyOptions
+				})
+			});
+			log(`vama[${account.accountId}]: dispatch complete (queuedFinal=${queuedFinal}, replies=${counts.final})`);
+		} finally {
+			if (keepaliveActive) dispatchEnded();
+		}
+	} catch (err) {
+		error(`vama[${account.accountId}]: failed to dispatch message: ${String(err)}`);
+	}
+}
+//#endregion
+//#region extensions/vama/src/webhook.ts
+const MAX_TIMESTAMP_AGE_S = 300;
+/**
+* Verify a BotHub webhook signature.
+*
+* BotHub signs webhooks as: HMAC-SHA256(secret, "{timestamp}.{body}")
+* The signature header value is prefixed with "sha256=".
+*/
+function verifyWebhookSignature(params) {
+	const { body, secret, signature, timestamp } = params;
+	if (!signature || !timestamp || !secret) return false;
+	const ts = Number.parseInt(timestamp, 10);
+	if (Number.isNaN(ts)) return false;
+	const nowS = Math.floor(Date.now() / 1e3);
+	if (Math.abs(nowS - ts) > MAX_TIMESTAMP_AGE_S) return false;
+	const expectedHex = signature.startsWith("sha256=") ? signature.slice(7) : signature;
+	if (!expectedHex) return false;
+	const payload = `${timestamp}.${body}`;
+	const mac = crypto.createHmac("sha256", secret);
+	mac.update(payload);
+	const computedHex = mac.digest("hex");
+	try {
+		return crypto.timingSafeEqual(Buffer.from(computedHex, "hex"), Buffer.from(expectedHex, "hex"));
+	} catch {
+		return false;
+	}
+}
+//#endregion
+//#region extensions/vama/src/monitor.ts
+const SECRET_CACHE = /* @__PURE__ */ new Map();
+function readSecretFromFile(path, log) {
+	let stat;
+	try {
+		stat = fs.statSync(path);
+	} catch (e) {
+		log(`vama: webhookSecretFile stat failed (${path}): ${e instanceof Error ? e.message : String(e)}`);
+		return;
+	}
+	const cached = SECRET_CACHE.get(path);
+	if (cached && cached.mtimeMs === stat.mtimeMs && cached.sizeBytes === stat.size) return cached.secret;
+	let raw;
+	try {
+		raw = fs.readFileSync(path, "utf8");
+	} catch (e) {
+		log(`vama: webhookSecretFile read failed (${path}): ${e instanceof Error ? e.message : String(e)}`);
+		return;
+	}
+	const secret = raw.trim();
+	if (!secret) {
+		log(`vama: webhookSecretFile is empty (${path}) — treating as absent`);
+		return;
+	}
+	SECRET_CACHE.set(path, {
+		mtimeMs: stat.mtimeMs,
+		sizeBytes: stat.size,
+		secret
+	});
+	return secret;
+}
+const WEBHOOK_MAX_BODY_BYTES = 1024 * 1024;
+const WEBHOOK_BODY_TIMEOUT_MS = 3e4;
+const WEBHOOK_RATE_LIMIT_WINDOW_MS = 6e4;
+const WEBHOOK_RATE_LIMIT_MAX_REQUESTS = 120;
+const WEBHOOK_RATE_LIMIT_MAX_TRACKED_KEYS = 4096;
+const rateLimits = /* @__PURE__ */ new Map();
+let lastRateLimitCleanupMs = 0;
+function isRateLimited(key, nowMs) {
+	if (rateLimits.size > 0 && nowMs - lastRateLimitCleanupMs >= WEBHOOK_RATE_LIMIT_WINDOW_MS) {
+		lastRateLimitCleanupMs = nowMs;
+		for (const [k, state] of rateLimits) if (nowMs - state.windowStartMs >= WEBHOOK_RATE_LIMIT_WINDOW_MS) rateLimits.delete(k);
+	}
+	const state = rateLimits.get(key);
+	if (!state || nowMs - state.windowStartMs >= WEBHOOK_RATE_LIMIT_WINDOW_MS) {
+		rateLimits.set(key, {
+			count: 1,
+			windowStartMs: nowMs
+		});
+		while (rateLimits.size > WEBHOOK_RATE_LIMIT_MAX_TRACKED_KEYS) {
+			const oldest = rateLimits.keys().next().value;
+			if (typeof oldest !== "string") break;
+			rateLimits.delete(oldest);
+		}
+		return false;
+	}
+	state.count += 1;
+	return state.count > WEBHOOK_RATE_LIMIT_MAX_REQUESTS;
+}
+function isJsonContentType(value) {
+	const first = Array.isArray(value) ? value[0] : value;
+	if (!first) return false;
+	const mediaType = first.split(";", 1)[0]?.trim().toLowerCase();
+	return mediaType === "application/json" || (mediaType?.endsWith("+json") ?? false);
+}
+function collectBody(req) {
+	return new Promise((resolve, reject) => {
+		const chunks = [];
+		req.on("data", (chunk) => chunks.push(chunk));
+		req.on("end", () => resolve(Buffer.concat(chunks).toString("utf8")));
+		req.on("error", reject);
+	});
+}
+async function monitorVamaProvider(opts = {}) {
+	const cfg = opts.config;
+	if (!cfg) throw new Error("Config is required for Vama monitor");
+	if (!opts.accountId) throw new Error("accountId is required for Vama monitor");
+	const account = resolveVamaAccount({
+		cfg,
+		accountId: opts.accountId
+	});
+	if (!account.enabled || !account.configured) throw new Error(`Vama account "${opts.accountId}" not configured or disabled`);
+	const log = opts.runtime?.log ?? console.log;
+	const error = opts.runtime?.error ?? console.error;
+	const accountId = account.accountId;
+	const port = account.config?.webhookPort ?? 3001;
+	const webhookPath = account.config?.webhookPath ?? "/vama/events";
+	const host = account.config?.webhookHost ?? "127.0.0.1";
+	log(`vama[${accountId}]: starting webhook server on ${host}:${port}, path ${webhookPath}...`);
+	const server = http.createServer();
+	server.on("request", (req, res) => {
+		if (isRateLimited(`${accountId}:${req.socket.remoteAddress ?? "unknown"}`, Date.now())) {
+			res.statusCode = 429;
+			res.end("Too Many Requests");
+			return;
+		}
+		if (req.method !== "POST" || req.url !== webhookPath) {
+			res.statusCode = 404;
+			res.end("Not Found");
+			return;
+		}
+		if (!isJsonContentType(req.headers["content-type"])) {
+			res.statusCode = 415;
+			res.end("Unsupported Media Type");
+			return;
+		}
+		const guard = installRequestBodyLimitGuard(req, res, {
+			maxBytes: WEBHOOK_MAX_BODY_BYTES,
+			timeoutMs: WEBHOOK_BODY_TIMEOUT_MS,
+			responseFormat: "text"
+		});
+		if (guard.isTripped()) return;
+		collectBody(req).then((rawBody) => {
+			guard.dispose();
+			const signature = req.headers["x-bothub-signature"];
+			const timestamp = req.headers["x-bothub-timestamp"];
+			const webhookSecret = (account.webhookSecretFile ? readSecretFromFile(account.webhookSecretFile, log) : void 0) ?? account.webhookSecret;
+			if (webhookSecret && signature && timestamp) {
+				if (!verifyWebhookSignature({
+					body: rawBody,
+					secret: webhookSecret,
+					signature,
+					timestamp
+				})) {
+					log(`vama[${accountId}]: webhook signature verification failed`);
+					res.statusCode = 401;
+					res.end("Invalid Signature");
+					return;
+				}
+			} else if (webhookSecret) {
+				log(`vama[${accountId}]: webhook missing signature headers`);
+				res.statusCode = 401;
+				res.end("Missing Signature");
+				return;
+			}
+			res.statusCode = 200;
+			res.end("OK");
+			let event;
+			try {
+				event = JSON.parse(rawBody);
+			} catch {
+				error(`vama[${accountId}]: failed to parse webhook body`);
+				return;
+			}
+			const eventType = event.type;
+			const deliveryId = req.headers["x-bothub-delivery-id"];
+			const replayId = req.headers["x-replay-id"];
+			if (eventType === "message.create") {
+				const messageEvent = event.data;
+				handleVamaMessage({
+					cfg,
+					event: messageEvent,
+					runtime: opts.runtime,
+					accountId,
+					replayId
+				}).catch((err) => {
+					error(`vama[${accountId}]: error handling message: ${String(err)}`);
+				});
+			} else log(`vama[${accountId}]: ignoring event type=${eventType} delivery=${deliveryId}`);
+		}).catch((err) => {
+			if (!guard.isTripped()) error(`vama[${accountId}]: webhook handler error: ${String(err)}`);
+			guard.dispose();
+		});
+	});
+	return new Promise((resolve, reject) => {
+		const cleanup = () => {
+			server.close();
+		};
+		const handleAbort = () => {
+			log(`vama[${accountId}]: abort signal received, stopping webhook server`);
+			cleanup();
+			resolve();
+		};
+		if (opts.abortSignal?.aborted) {
+			cleanup();
+			resolve();
+			return;
+		}
+		opts.abortSignal?.addEventListener("abort", handleAbort, { once: true });
+		server.listen(port, host, () => {
+			log(`vama[${accountId}]: webhook server listening on ${host}:${port}`);
+		});
+		server.on("error", (err) => {
+			error(`vama[${accountId}]: webhook server error: ${err}`);
+			opts.abortSignal?.removeEventListener("abort", handleAbort);
+			cleanup();
+			reject(err);
+		});
+	});
+}
+//#endregion
+//#region extensions/vama/src/probe.ts
+const probeCache = /* @__PURE__ */ new Map();
+const PROBE_CACHE_TTL_MS = 600 * 1e3;
+const MAX_PROBE_CACHE_SIZE = 64;
+async function probeVama(account) {
+	if (!account.botToken) return {
+		ok: false,
+		error: "missing credentials (botToken)"
+	};
+	const cacheKey = account.accountId;
+	const cached = probeCache.get(cacheKey);
+	if (cached && cached.expiresAt > Date.now()) return cached.result;
+	try {
+		const result = {
+			ok: true,
+			botId: (await createBotHubClient(account).getMe()).bot_id
+		};
+		probeCache.set(cacheKey, {
+			result,
+			expiresAt: Date.now() + PROBE_CACHE_TTL_MS
+		});
+		if (probeCache.size > MAX_PROBE_CACHE_SIZE) {
+			const oldest = probeCache.keys().next().value;
+			if (oldest !== void 0) probeCache.delete(oldest);
+		}
+		return result;
+	} catch (err) {
+		return {
+			ok: false,
+			error: err instanceof Error ? err.message : String(err)
+		};
+	}
+}
+//#endregion
+export { dispatchStarted as a, resolveVamaAccount as c, buildBaseChannelStatusSummary as d, createDefaultChannelRuntimeState as f, dispatchEnded as i, DEFAULT_ACCOUNT_ID$1 as l, monitorVamaProvider as n, listVamaAccountIds as o, sendMessageVama as r, resolveDefaultVamaAccountId as s, probeVama as t, PAIRING_APPROVED_MESSAGE as u };