@vellumai/assistant 0.3.19 → 0.3.20

package/src/config/vellum-skills/trusted-contacts/SKILL.md

@@ -1,11 +1,11 @@
 ---
 name: "Trusted Contacts"
-description: "Manage trusted contacts — list, allow, revoke, and block users who can message the assistant through external channels"
+description: "Manage trusted contacts and Telegram invite links — list, allow, revoke, block users, and create/list/revoke invite links for external channels"
 user-invocable: true
 metadata: {"vellum": {"emoji": "\ud83d\udc65"}}
 ---
 
-You are helping your user manage trusted contacts for the Vellum Assistant. Trusted contacts control who is allowed to send messages to the assistant through external channels like Telegram and SMS. All operations go through the gateway HTTP API using `curl` with bearer auth.
+You are helping your user manage trusted contacts and invite links for the Vellum Assistant. Trusted contacts control who is allowed to send messages to the assistant through external channels like Telegram and SMS. Invite links let the guardian share a Telegram deep link that automatically grants access when opened. All operations go through the gateway HTTP API using `curl` with bearer auth.
 
 ## Prerequisites
 
@@ -18,6 +18,7 @@ You are helping your user manage trusted contacts for the Vellum Assistant. Trus
 - **Policy**: Controls what the member can do — `allow` (can message freely) or `deny` (blocked from messaging).
 - **Status**: The member's lifecycle state — `active` (currently effective), `revoked` (access removed), or `blocked` (explicitly denied).
 - **Source channel**: The messaging platform the contact uses (e.g., `telegram`, `sms`).
+- **Invite link**: A shareable Telegram deep link that, when opened by someone, automatically grants them trusted-contact access. Each invite has a token, usage limits, and optional expiration.
 
 ## Available Actions
 
@@ -117,9 +118,101 @@ curl -s -X POST "http://localhost:7830/v1/ingress/members/<member_id>/block" \
   -d '{"reason": "<optional reason>"}'
 ```
 
+### 5. Create a Telegram invite link
+
+Use this when the guardian wants to invite someone to message the assistant on Telegram without needing their user ID upfront. The invite link is a shareable Telegram deep link — when someone opens it, they automatically get trusted-contact access.
+
+```bash
+TOKEN=$(cat ~/.vellum/http-token)
+curl -s -X POST http://localhost:7830/v1/ingress/invites \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer $TOKEN" \
+  -d '{
+    "sourceChannel": "telegram",
+    "maxUses": 1,
+    "note": "<optional note, e.g. the person it is for>"
+  }'
+```
+
+Optional fields:
+- `maxUses` — how many times the link can be used (default: 1). Use a higher number for group invites.
+- `expiresInMs` — expiration time in milliseconds from now (e.g., `86400000` for 24 hours). Defaults to 7 days (`604800000`) if omitted.
+- `note` — a human-readable label for the invite (e.g., "For Mom", "Family group").
+
+The response contains `{ ok: true, invite: { id, token, ... } }`. The `token` field is the raw invite token — it is only returned at creation time and cannot be retrieved later.
+
+**Building the shareable link**: After creating the invite, look up the Telegram bot username so you can build the deep link. Query the Telegram integration config:
+
+```bash
+TOKEN=$(cat ~/.vellum/http-token)
+curl -s http://localhost:7830/v1/integrations/telegram/config \
+  -H "Authorization: Bearer $TOKEN"
+```
+
+The response includes `botUsername`. Use it to construct the deep link:
+
+```
+https://t.me/<botUsername>?start=iv_<token>
+```
+
+**Presenting to the guardian**: Give the guardian the link with clear copy-paste instructions:
+
+> Here's your Telegram invite link:
+>
+> `https://t.me/<botUsername>?start=iv_<token>`
+>
+> Share this link with the person you want to invite. When they open it in Telegram and press "Start", they'll automatically be added as a trusted contact and can message the assistant directly.
+>
+> This link can be used <maxUses> time(s)<and expires in X hours/days if applicable>.
+
+If the Telegram bot username is not available (integration not set up), tell the guardian they need to set up the Telegram integration first using the Telegram Setup skill.
+
+### 6. List invite links
+
+Use this to show the guardian their active (and optionally all) invite links.
+
+```bash
+TOKEN=$(cat ~/.vellum/http-token)
+curl -s "http://localhost:7830/v1/ingress/invites?sourceChannel=telegram" \
+  -H "Authorization: Bearer $TOKEN"
+```
+
+Optional query parameters:
+- `sourceChannel` — filter by channel (e.g., `telegram`)
+- `status` — filter by status (`active`, `revoked`, `redeemed`, `expired`)
+
+The response contains `{ ok: true, invites: [...] }` where each invite has:
+- `id` — unique invite ID (needed for revoke)
+- `sourceChannel` — the channel
+- `tokenHash` — hashed token (the raw token is only available at creation time)
+- `maxUses` — total allowed uses
+- `useCount` — how many times it has been redeemed
+- `expiresAt` — expiration timestamp (null if no expiration)
+- `status` — current status (`active`, `revoked`, `redeemed`, `expired`)
+- `note` — the label set at creation
+- `createdAt` — when the invite was created
+
+**Presenting results**: Format as a readable list. Show the note (or "unnamed" as fallback), status, uses remaining (`maxUses - useCount`), and expiration. Highlight active invites and note which ones have been fully used or expired.
+
+### 7. Revoke an invite link
+
+Use this when the guardian wants to cancel an active invite link. **Always confirm before revoking.**
+
+Ask the user: *"I'll revoke the invite link [note or ID]. It will no longer be usable. Should I proceed?"*
+
+First, list invites to find the invite's `id`, then revoke:
+
+```bash
+TOKEN=$(cat ~/.vellum/http-token)
+curl -s -X DELETE "http://localhost:7830/v1/ingress/invites/<invite_id>" \
+  -H "Authorization: Bearer $TOKEN"
+```
+
+Replace `<invite_id>` with the invite's `id` from the list response.
+
 ## Confirmation Requirements
 
-**All mutating actions (allow, revoke, block) require explicit user confirmation before execution.** This is a safety measure — modifying who can access the assistant should always be a deliberate choice.
+**All mutating actions (allow, revoke, block, revoke invite) require explicit user confirmation before execution.** This is a safety measure — modifying who can access the assistant should always be a deliberate choice. Creating an invite link does not require confirmation since it does not grant access until someone opens it.
 
 - Clearly state what action you are about to take and who it affects.
 - Wait for the user to confirm before running the curl command.
@@ -133,6 +226,8 @@ curl -s -X POST "http://localhost:7830/v1/ingress/members/<member_id>/block" \
   - `At least one of externalUserId or externalChatId is required` — ask the user for the contact's channel-specific identifier.
   - `Member not found or cannot be revoked` — the member ID may be invalid or the member is already revoked.
   - `Member not found or already blocked` — the member ID may be invalid or the member is already blocked.
+  - `sourceChannel is required for create` — when creating an invite, always pass `"sourceChannel": "telegram"`.
+  - `Invite not found or already revoked` — the invite ID may be invalid or the invite is already revoked.
 
 ## Typical Workflows
 
@@ -145,3 +240,9 @@ curl -s -X POST "http://localhost:7830/v1/ingress/members/<member_id>/block" \
 **"Block [name]"** — List members to find them, confirm the block, then execute.
 
 **"Show me blocked contacts"** — List with `status=blocked` filter.
+
+**"Create a Telegram invite link"** / **"Invite someone on Telegram"** — Create an invite with `sourceChannel: "telegram"`, look up the bot username, build the deep link, and present it with sharing instructions.
+
+**"Show my invites"** / **"List active invite links"** — List invites filtered by `sourceChannel=telegram`, present active invites with uses remaining and expiration info.
+
+**"Revoke invite"** / **"Cancel invite link"** — List invites to identify the target, confirm, then revoke by ID.

package/src/config/vellum-skills/twilio-setup/SKILL.md

@@ -210,7 +210,7 @@ Install and load the **guardian-verify-setup** skill to handle the verification
 
 The guardian-verify-setup skill manages the full outbound verification flow for **one channel at a time** (sms, voice, or telegram). Each invocation handles:
 - Collecting the user's phone number as the destination (accepts any common format -- the API normalizes to E.164)
-- Starting the outbound verification session via `POST /v1/integrations/guardian/outbound/start`
+- Starting the outbound verification session via the gateway endpoint `POST /v1/integrations/guardian/outbound/start`
 - For **SMS**: sending a 6-digit code to the phone number that the user must reply with from the SMS channel
 - For **voice**: calling the phone number and providing a code for the user to enter via their phone's keypad
 - Checking guardian status to confirm the binding was created

package/src/daemon/config-watcher.ts

@@ -109,7 +109,6 @@ export class ConfigWatcher {
       'SOUL.md': () => onSessionEvict(),
       'IDENTITY.md': () => { onSessionEvict(); onIdentityChanged?.(); },
       'USER.md': () => onSessionEvict(),
-      'LOOKS.md': () => onSessionEvict(),
       'UPDATES.md': () => onSessionEvict(),
     };
 

package/src/daemon/daemon-control.ts

@@ -106,7 +106,7 @@ function isProcessRunning(pid: number): boolean {
  */
 function isVellumDaemonProcess(pid: number): boolean {
   try {
-    const cmd = execSync(`ps -p ${pid} -o command=`, {
+    const cmd = execSync(`ps -ww -p ${pid} -o command=`, {
       encoding: 'utf-8',
       timeout: 3000,
       stdio: ['ignore', 'pipe', 'ignore'],

package/src/daemon/guardian-invite-intent.ts

@@ -0,0 +1,124 @@
+// Guardian invite intent resolution for deterministic first-turn routing.
+// Exports `resolveGuardianInviteIntent` as the single public entry point.
+// When a guardian invite management request is detected, the session pipeline
+// rewrites the message to force immediate entry into the trusted-contacts
+// skill flow, bypassing the normal agent loop's tendency to produce conceptual
+// preambles before loading the skill.
+
+export type GuardianInviteIntentResult =
+  | { kind: 'none' }
+  | { kind: 'invite_management'; rewrittenContent: string; action?: 'create' | 'list' | 'revoke' };
+
+// ── Direct invite patterns ────────────────────────────────────────────────
+// These capture imperative requests to manage Telegram invite links.
+
+const CREATE_INVITE_PATTERNS: RegExp[] = [
+  /\bcreate\s+(?:an?\s+)?(?:telegram\s+)?invite\s*(?:link)?\b/i,
+  /\binvite\s+(?:someone|somebody|a\s+friend|a\s+person)\s+(?:on|to|via|through)\s+telegram\b/i,
+  /\b(?:make|generate|get)\s+(?:a\s+|an\s+)?(?:telegram\s+)?invite\s*(?:link)?\b/i,
+  /\btelegram\s+invite\s*(?:link)?\b/i,
+  /\bsend\s+(?:a\s+|an\s+)?invite\s+(?:link\s+)?(?:on|for|via|through)\s+telegram\b/i,
+  /\bshare\s+(?:a\s+|an\s+)?(?:telegram\s+)?invite\s*(?:link)?\b/i,
+  /\binvite\s+(?:link\s+)?for\s+telegram\b/i,
+];
+
+const LIST_INVITE_PATTERNS: RegExp[] = [
+  /\b(?:show|list|view|see|display)\s+(?:my\s+)?(?:active\s+)?invite(?:s|\s*links?)\b/i,
+  /\b(?:show|list|view|see|display)\s+(?:my\s+)?(?:telegram\s+)?invite(?:s|\s*links?)\b/i,
+  /\bwhat\s+invite(?:s|\s*links?)\s+(?:do\s+I\s+have|are\s+active|exist)\b/i,
+  /\bhow\s+many\s+invite(?:s|\s*links?)\b/i,
+];
+
+const REVOKE_INVITE_PATTERNS: RegExp[] = [
+  /\b(?:revoke|cancel|disable|invalidate|delete|remove)\s+(?:the\s+|my\s+|an?\s+)?invite\s*(?:link)?\b/i,
+  /\b(?:revoke|cancel|disable|invalidate|delete|remove)\s+(?:the\s+|my\s+|an?\s+)?(?:telegram\s+)?invite\s*(?:link)?\b/i,
+  /\binvite\s*(?:link)?\s+(?:revoke|cancel|disable|invalidate|delete|remove)\b/i,
+];
+
+// ── Conceptual / question patterns ──────────────────────────────────────
+// These indicate the user is asking *about* invites rather than requesting
+// to manage them. Return passthrough for these.
+
+const CONCEPTUAL_PATTERNS: RegExp[] = [
+  /^\s*(?:how|what|why|when|where|who|which)\b.*\binvite/i,
+  /\bwhat\s+(?:is|are)\s+(?:an?\s+)?invite\s*(?:link)?\b/i,
+  /\bhow\s+(?:do|does|can)\s+(?:invite|invitation)s?\s+work\b/i,
+  /\bexplain\s+(?:the\s+)?invite\b/i,
+  /\btell\s+me\s+about\s+invite\b/i,
+];
+
+/** Common polite/filler words stripped before checking intent-only status. */
+const FILLER_PATTERN =
+  /\b(please|pls|plz|can\s+you|could\s+you|would\s+you|now|right\s+now|thanks|thank\s+you|thx|ty|for\s+me|ok(ay)?|hey|hi|hello|just|i\s+want\s+to|i'd\s+like\s+to|i\s+need\s+to|let's|let\s+me)\b/gi;
+
+// ── Internal helpers ─────────────────────────────────────────────────────
+
+function isConceptualQuestion(text: string): boolean {
+  const cleaned = text.replace(/^\s*(hey|hi|hello|please|pls|plz)[,\s]+/i, '');
+  // Allow actionable requests through even though they start with
+  // question-like words — these are imperative invite management requests.
+  if (LIST_INVITE_PATTERNS.some((p) => p.test(cleaned))) return false;
+  if (CREATE_INVITE_PATTERNS.some((p) => p.test(cleaned))) return false;
+  if (REVOKE_INVITE_PATTERNS.some((p) => p.test(cleaned))) return false;
+  return CONCEPTUAL_PATTERNS.some((p) => p.test(cleaned));
+}
+
+function detectAction(text: string): 'create' | 'list' | 'revoke' | undefined {
+  // Check revoke and list before create — create patterns include the broad
+  // `telegram invite link` matcher that would otherwise swallow revoke/list inputs.
+  if (REVOKE_INVITE_PATTERNS.some((p) => p.test(text))) return 'revoke';
+  if (LIST_INVITE_PATTERNS.some((p) => p.test(text))) return 'list';
+  if (CREATE_INVITE_PATTERNS.some((p) => p.test(text))) return 'create';
+  return undefined;
+}
+
+// ── Structured intent resolver ───────────────────────────────────────────
+
+/**
+ * Resolves guardian invite management intent from user text.
+ *
+ * Pipeline:
+ * 1. Skip slash commands entirely
+ * 2. Conceptual question gate -- questions return `none`
+ * 3. Detect create/list/revoke invite patterns
+ * 4. On match, build a deterministic model instruction to load trusted-contacts
+ */
+export function resolveGuardianInviteIntent(text: string): GuardianInviteIntentResult {
+  const trimmed = text.trim();
+
+  // Never intercept slash commands
+  if (trimmed.startsWith('/')) {
+    return { kind: 'none' };
+  }
+
+  // Conceptual questions pass through to normal agent processing
+  if (isConceptualQuestion(trimmed)) {
+    return { kind: 'none' };
+  }
+
+  // Strip fillers for pattern matching but keep original for context
+  const withoutFillers = trimmed.replace(FILLER_PATTERN, '').replace(/\s{2,}/g, ' ').trim();
+
+  const action = detectAction(withoutFillers);
+  if (!action) {
+    return { kind: 'none' };
+  }
+
+  // Build the rewritten content that deterministically loads the skill
+  const actionDescriptions: Record<string, string> = {
+    create: 'The user wants to create a Telegram invite link. Create the invite, look up the bot username, and present the shareable deep link with copy-paste instructions.',
+    list: 'The user wants to see their invite links. List all invites (especially active ones for Telegram) and present them in a readable format.',
+    revoke: 'The user wants to revoke an invite link. List invites to identify the target, confirm with the user, then revoke it.',
+  };
+
+  const rewrittenContent = [
+    actionDescriptions[action],
+    'Please invoke the "Trusted Contacts" skill (ID: trusted-contacts) immediately using skill_load.',
+  ].join('\n');
+
+  return {
+    kind: 'invite_management',
+    rewrittenContent,
+    action,
+  };
+}

package/src/daemon/handlers/avatar.ts

@@ -0,0 +1,68 @@
+import * as net from 'node:net';
+import { join } from 'node:path';
+
+import { setAvatarTool } from '../../tools/system/avatar-generator.js';
+import { getWorkspaceDir } from '../../util/platform.js';
+import type { GenerateAvatarRequest } from '../ipc-contract/settings.js';
+import { defineHandlers, type HandlerContext, log } from './shared.js';
+
+/**
+ * Handle a client request to generate a custom avatar via Gemini.
+ * Invokes the set_avatar tool directly, sends a response to the requesting
+ * client, and broadcasts avatar_updated to all clients on success.
+ */
+async function handleGenerateAvatar(
+  msg: GenerateAvatarRequest,
+  socket: net.Socket,
+  ctx: HandlerContext,
+): Promise<void> {
+  const description = msg.description?.trim();
+  if (!description) {
+    ctx.send(socket, {
+      type: 'generate_avatar_response',
+      success: false,
+      error: 'Description is required.',
+    });
+    return;
+  }
+
+  log.info({ description }, 'Generating avatar via IPC request');
+
+  try {
+    const result = await setAvatarTool.execute(
+      { description },
+      // Minimal tool context — avatar generation needs no session context
+      {} as Parameters<typeof setAvatarTool.execute>[1],
+    );
+
+    if (result.isError) {
+      ctx.send(socket, {
+        type: 'generate_avatar_response',
+        success: false,
+        error: result.content,
+      });
+      return;
+    }
+
+    // Broadcast avatar change to all connected clients
+    const avatarPath = join(getWorkspaceDir(), 'data', 'avatar', 'custom-avatar.png');
+    ctx.broadcast({ type: 'avatar_updated', avatarPath });
+
+    ctx.send(socket, {
+      type: 'generate_avatar_response',
+      success: true,
+    });
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    log.error({ error: message }, 'Avatar generation failed unexpectedly');
+    ctx.send(socket, {
+      type: 'generate_avatar_response',
+      success: false,
+      error: message,
+    });
+  }
+}
+
+export const avatarHandlers = defineHandlers({
+  generate_avatar: handleGenerateAvatar,
+});

package/src/daemon/handlers/browser.ts

@@ -1,4 +1,4 @@
-import { browserManager } from '../../tools/browser/browser-manager.js';
+import { browserManager, SCREENCAST_HEIGHT,SCREENCAST_WIDTH } from '../../tools/browser/browser-manager.js';
 import { defineHandlers,log } from './shared.js';
 
 export const browserHandlers = defineHandlers({
@@ -10,7 +10,7 @@ export const browserHandlers = defineHandlers({
     try {
       const page = await browserManager.getOrCreateSessionPage(msg.sessionId);
       const viewport = await page.evaluate('(() => ({ vw: window.innerWidth, vh: window.innerHeight }))()') as { vw: number; vh: number };
-      const scale = Math.min(1280 / viewport.vw, 960 / viewport.vh);
+      const scale = Math.min(SCREENCAST_WIDTH / viewport.vw, SCREENCAST_HEIGHT / viewport.vh);
       const pageX = msg.x / scale;
       const pageY = msg.y / scale;
       const options: Record<string, unknown> = {};

package/src/daemon/handlers/guardian-actions.ts

@@ -0,0 +1,120 @@
+import { applyGuardianDecision } from '../../approvals/guardian-decision-primitive.js';
+import { getPendingApprovalForRequest } from '../../memory/channel-guardian-store.js';
+import type { ApprovalAction } from '../../runtime/channel-approval-types.js';
+import { handleChannelDecision } from '../../runtime/channel-approvals.js';
+import * as pendingInteractions from '../../runtime/pending-interactions.js';
+import { handleAccessRequestDecision } from '../../runtime/routes/access-request-decision.js';
+import { listGuardianDecisionPrompts } from '../../runtime/routes/guardian-action-routes.js';
+import type { GuardianActionDecision, GuardianActionsPendingRequest } from '../ipc-protocol.js';
+import { defineHandlers, log } from './shared.js';
+
+const VALID_ACTIONS = new Set<string>(['approve_once', 'approve_always', 'reject']);
+
+export const guardianActionsHandlers = defineHandlers({
+  guardian_actions_pending_request: (msg: GuardianActionsPendingRequest, socket, ctx) => {
+    const prompts = listGuardianDecisionPrompts({ conversationId: msg.conversationId });
+    ctx.send(socket, { type: 'guardian_actions_pending_response', conversationId: msg.conversationId, prompts });
+  },
+
+  guardian_action_decision: (msg: GuardianActionDecision, socket, ctx) => {
+    // Validate the action is one of the known actions
+    if (!VALID_ACTIONS.has(msg.action)) {
+      log.warn({ requestId: msg.requestId, action: msg.action }, 'Invalid guardian action');
+      ctx.send(socket, {
+        type: 'guardian_action_decision_response',
+        applied: false,
+        reason: 'invalid_action',
+        requestId: msg.requestId,
+      });
+      return;
+    }
+
+    // Try the channel guardian approval store first (tool approval prompts)
+    const approval = getPendingApprovalForRequest(msg.requestId);
+    if (approval) {
+      // Enforce conversationId scoping when provided.
+      if (msg.conversationId && msg.conversationId !== approval.conversationId) {
+        log.warn({ requestId: msg.requestId, expected: approval.conversationId, got: msg.conversationId }, 'conversationId mismatch');
+        ctx.send(socket, {
+          type: 'guardian_action_decision_response',
+          applied: false,
+          reason: 'conversation_mismatch',
+          requestId: msg.requestId,
+        });
+        return;
+      }
+
+      // Access request approvals need a separate decision path — they don't have
+      // pending interactions and use verification sessions instead.
+      if (approval.toolName === 'ingress_access_request') {
+        const mappedAction = msg.action === 'reject' ? 'deny' as const : 'approve' as const;
+        // Use 'desktop' as the actor identity because this endpoint is
+        // unauthenticated — we cannot verify the caller is the assigned
+        // guardian, so we record a generic desktop origin instead of
+        // falsely attributing the decision to guardianExternalUserId.
+        const decisionResult = handleAccessRequestDecision(
+          approval,
+          mappedAction,
+          'desktop',
+        );
+        ctx.send(socket, {
+          type: 'guardian_action_decision_response',
+          applied: decisionResult.type !== 'stale',
+          requestId: msg.requestId,
+          reason: decisionResult.type === 'stale' ? 'stale' : undefined,
+        });
+        return;
+      }
+
+      const result = applyGuardianDecision({
+        approval,
+        decision: { action: msg.action as 'approve_once' | 'approve_always' | 'reject', source: 'plain_text', requestId: msg.requestId },
+        actorExternalUserId: undefined,
+        actorChannel: 'vellum',
+      });
+      ctx.send(socket, {
+        type: 'guardian_action_decision_response',
+        applied: result.applied,
+        reason: result.reason,
+        requestId: result.requestId ?? msg.requestId,
+      });
+      return;
+    }
+
+    // Fall back to the pending interactions tracker (direct confirmation requests).
+    // Route through handleChannelDecision so approve_always properly persists trust rules.
+    const interaction = pendingInteractions.get(msg.requestId);
+    if (interaction) {
+      // Enforce conversationId scoping when provided.
+      if (msg.conversationId && msg.conversationId !== interaction.conversationId) {
+        log.warn({ requestId: msg.requestId, expected: interaction.conversationId, got: msg.conversationId }, 'conversationId mismatch');
+        ctx.send(socket, {
+          type: 'guardian_action_decision_response',
+          applied: false,
+          reason: 'conversation_mismatch',
+          requestId: msg.requestId,
+        });
+        return;
+      }
+
+      const result = handleChannelDecision(
+        interaction.conversationId,
+        { action: msg.action as ApprovalAction, source: 'plain_text', requestId: msg.requestId },
+      );
+      ctx.send(socket, {
+        type: 'guardian_action_decision_response',
+        applied: result.applied,
+        requestId: result.requestId ?? msg.requestId,
+      });
+      return;
+    }
+
+    log.warn({ requestId: msg.requestId }, 'No pending guardian action found for requestId');
+    ctx.send(socket, {
+      type: 'guardian_action_decision_response',
+      applied: false,
+      reason: 'not_found',
+      requestId: msg.requestId,
+    });
+  },
+});

package/src/daemon/handlers/index.ts

@@ -6,6 +6,7 @@ import type { ClientMessage } from '../ipc-protocol.js';
 import { handleRideShotgunStart, handleRideShotgunStop } from '../ride-shotgun-handler.js';
 import { handleWatchObservation } from '../watch-handler.js';
 import { appHandlers } from './apps.js';
+import { avatarHandlers } from './avatar.js';
 import { browserHandlers } from './browser.js';
 import { computerUseHandlers } from './computer-use.js';
 import { configHandlers } from './config.js';
@@ -13,6 +14,7 @@ import { inboxInviteHandlers } from './config-inbox.js';
 import { diagnosticsHandlers } from './diagnostics.js';
 import { dictationHandlers } from './dictation.js';
 import { documentHandlers } from './documents.js';
+import { guardianActionsHandlers } from './guardian-actions.js';
 import { homeBaseHandlers } from './home-base.js';
 import { identityHandlers } from './identity.js';
 import { miscHandlers } from './misc.js';
@@ -140,6 +142,7 @@ const handlers = {
   ...sessionHandlers,
   ...skillHandlers,
   ...appHandlers,
+  ...avatarHandlers,
   ...configHandlers,
   ...computerUseHandlers,
   ...publishHandlers,
@@ -147,6 +150,7 @@ const handlers = {
   ...diagnosticsHandlers,
   ...miscHandlers,
   ...documentHandlers,
+  ...guardianActionsHandlers,
   ...workItemHandlers,
   ...subagentHandlers,
   ...browserHandlers,

package/src/daemon/handlers/sessions.ts

@@ -24,6 +24,7 @@ import type {
   HistoryRequest,
   MessageContentRequest,
   RegenerateRequest,
+  ReorderThreadsRequest,
   SandboxSetRequest,
   SecretResponse,
   ServerMessage,
@@ -547,6 +548,7 @@ export function handleSessionList(socket: net.Socket, ctx: HandlerContext, offse
   const conversationIds = conversations.map((c) => c.id);
   const bindings = externalConversationStore.getBindingsForConversations(conversationIds);
   const attentionStates = getAttentionStateByConversationIds(conversationIds);
+  const displayMetas = conversationStore.getDisplayMetaForConversations(conversationIds);
   ctx.send(socket, {
     type: 'session_list_response',
     sessions: conversations.map((c) => {
@@ -554,6 +556,7 @@ export function handleSessionList(socket: net.Socket, ctx: HandlerContext, offse
       const originChannel = parseChannelId(c.originChannel);
       const originInterface = parseInterfaceId(c.originInterface);
       const attn = attentionStates.get(c.id);
+      const displayMeta = displayMetas.get(c.id);
       const assistantAttention = attn ? {
         hasUnseenLatestAssistantMessage: attn.latestAssistantMessageAt != null &&
           (attn.lastSeenAssistantMessageAt == null || attn.lastSeenAssistantMessageAt < attn.latestAssistantMessageAt),
@@ -581,6 +584,8 @@ export function handleSessionList(socket: net.Socket, ctx: HandlerContext, offse
         ...(originChannel ? { conversationOriginChannel: originChannel } : {}),
         ...(originInterface ? { conversationOriginInterface: originInterface } : {}),
         ...(assistantAttention ? { assistantAttention } : {}),
+        ...(displayMeta?.displayOrder != null ? { displayOrder: displayMeta.displayOrder } : {}),
+        ...(displayMeta?.isPinned ? { isPinned: displayMeta.isPinned } : {}),
       };
     }),
     hasMore: offset + conversations.length < totalCount,
@@ -1145,6 +1150,19 @@ export function handleMessageContentRequest(
   });
 }
 
+export function handleReorderThreads(
+  msg: ReorderThreadsRequest,
+  _socket: net.Socket,
+  _ctx: HandlerContext,
+): void {
+  if (!Array.isArray(msg.updates)) {
+    return;
+  }
+  conversationStore.batchSetDisplayOrders(
+    msg.updates.map((u) => ({ id: u.sessionId, displayOrder: u.displayOrder ?? null, isPinned: u.isPinned ?? false })),
+  );
+}
+
 export const sessionHandlers = defineHandlers({
   user_message: handleUserMessage,
   confirmation_response: handleConfirmationResponse,
@@ -1163,4 +1181,5 @@ export const sessionHandlers = defineHandlers({
   usage_request: handleUsageRequest,
   sandbox_set: handleSandboxSet,
   conversation_search: handleConversationSearch,
+  reorder_threads: handleReorderThreads,
 });

package/src/daemon/handlers/shared.ts

@@ -177,8 +177,10 @@ export function getScreenDimensions(): { width: number; height: number } {
   if (cachedScreenDims) return cachedScreenDims;
   if (process.platform !== 'darwin') return FALLBACK_SCREEN;
   try {
+    // Use osascript (JXA) instead of `swift` to avoid the
+    // "Install Command Line Developer Tools" popup on fresh macOS installs.
     const out = execSync(
-      `swift -e 'import CoreGraphics; let b = CGDisplayBounds(CGMainDisplayID()); print("\\(Int(b.width))x\\(Int(b.height))")'`,
+      `osascript -l JavaScript -e 'ObjC.import("AppKit"); var f = $.NSScreen.mainScreen.frame; Math.round(f.size.width) + "x" + Math.round(f.size.height)'`,
       { timeout: 10_000, encoding: 'utf-8' },
     ).trim();
     const [w, h] = out.split('x').map(Number);