@vellumai/assistant 0.3.2 → 0.3.4

package/src/__tests__/channel-approval.test.ts

@@ -65,8 +65,10 @@ function ensureConversation(conversationId: string): void {
 }
 
 function ensureMessage(messageId: string, conversationId: string): void {
+  // eslint-disable-next-line @typescript-eslint/no-require-imports
   const { getDb } = require('../memory/db.js');
   const db = getDb();
+  // eslint-disable-next-line @typescript-eslint/no-require-imports
   const { messages } = require('../memory/schema.js');
   try {
     db.insert(messages).values({

package/src/__tests__/channel-approvals.test.ts

@@ -298,6 +298,53 @@ describe('handleChannelDecision', () => {
     expect(orchestrator.submitDecision).toHaveBeenCalledWith(run.id, 'deny');
   });
 
+  test('uses decision.runId to target the matching pending run', () => {
+    ensureConversation('conv-1');
+    const olderRun = createRun('conv-1');
+    setRunConfirmation(olderRun.id, {
+      ...sampleConfirmation,
+      toolName: 'shell',
+      toolUseId: 'req-older',
+    });
+    const newerRun = createRun('conv-1');
+    setRunConfirmation(newerRun.id, {
+      ...sampleConfirmation,
+      toolName: 'browser',
+      toolUseId: 'req-newer',
+    });
+
+    const orchestrator = makeMockOrchestrator();
+    const decision: ApprovalDecisionResult = {
+      action: 'approve_once',
+      source: 'telegram_button',
+      runId: newerRun.id,
+    };
+
+    const result = handleChannelDecision('conv-1', decision, orchestrator);
+    expect(result.applied).toBe(true);
+    expect(result.runId).toBe(newerRun.id);
+    expect(orchestrator.submitDecision).toHaveBeenCalledWith(newerRun.id, 'allow');
+    expect(orchestrator.submitDecision).not.toHaveBeenCalledWith(olderRun.id, 'allow');
+  });
+
+  test('returns applied: false when decision.runId does not match a pending run', () => {
+    ensureConversation('conv-1');
+    const run = createRun('conv-1');
+    setRunConfirmation(run.id, sampleConfirmation);
+
+    const orchestrator = makeMockOrchestrator();
+    const decision: ApprovalDecisionResult = {
+      action: 'approve_once',
+      source: 'telegram_button',
+      runId: 'run-missing',
+    };
+
+    const result = handleChannelDecision('conv-1', decision, orchestrator);
+    expect(result.applied).toBe(false);
+    expect(result.runId).toBeUndefined();
+    expect(orchestrator.submitDecision).not.toHaveBeenCalled();
+  });
+
   test('approve_always adds a trust rule and submits "allow"', () => {
     ensureConversation('conv-1');
     const run = createRun('conv-1');
@@ -319,14 +366,16 @@ describe('handleChannelDecision', () => {
     expect(result.applied).toBe(true);
     expect(result.runId).toBe(run.id);
 
-    // Trust rule added with first allowlist and scope option
+    // Trust rule added with first allowlist and scope option.
+    // executionTarget is undefined for core tools like 'shell' — only
+    // skill-origin tools persist it (see channel-approvals.ts).
     expect(addRuleSpy).toHaveBeenCalledWith(
       'shell',
       'rm -rf *',
       '/tmp/project',
       'allow',
       100,
-      { executionTarget: 'sandbox' },
+      { executionTarget: undefined },
     );
 
     // The run is still approved with a simple "allow"

package/src/__tests__/channel-delivery-store.test.ts

@@ -24,7 +24,7 @@ mock.module('../util/logger.js', () => ({
 }));
 
 import { initializeDb, getDb, resetDb } from '../memory/db.js';
-import { channelInboundEvents, messages } from '../memory/schema.js';
+import { channelInboundEvents, conversations, externalConversationBindings, messages } from '../memory/schema.js';
 import {
   recordInbound,
   linkMessage,
@@ -40,6 +40,8 @@ import {
 } from '../memory/channel-delivery-store.js';
 import { RETRY_MAX_ATTEMPTS } from '../memory/job-utils.js';
 import { eq } from 'drizzle-orm';
+import { setConversationKey, getConversationByKey } from '../memory/conversation-key-store.js';
+import { handleDeleteConversation } from '../runtime/routes/channel-routes.js';
 
 initializeDb();
 
@@ -135,6 +137,27 @@ describe('channel-delivery-store', () => {
     expect(r1.conversationId).not.toBe(r2.conversationId);
   });
 
+  test('same chat/channel but different assistantId uses different conversations', () => {
+    const r1 = recordInbound('telegram', 'chat-1', 'msg-1', { assistantId: 'asst-A' });
+    const r2 = recordInbound('telegram', 'chat-1', 'msg-2', { assistantId: 'asst-B' });
+
+    expect(r1.conversationId).not.toBe(r2.conversationId);
+  });
+
+  test('self assistant reuses legacy key and creates scoped alias', () => {
+    // Create a conversation via the legacy (no assistantId) path
+    const legacy = recordInbound('telegram', 'chat-1', 'msg-1');
+
+    // Now use assistantId='self' — should reuse the legacy conversation
+    const scoped = recordInbound('telegram', 'chat-1', 'msg-2', { assistantId: 'self' });
+    expect(scoped.conversationId).toBe(legacy.conversationId);
+
+    // The scoped alias key should exist, so subsequent calls with 'self'
+    // resolve directly without falling back to the legacy key
+    const again = recordInbound('telegram', 'chat-1', 'msg-3', { assistantId: 'self' });
+    expect(again.conversationId).toBe(legacy.conversationId);
+  });
+
   // ── Deduplication ─────────────────────────────────────────────────
 
   test('duplicate inbound returns duplicate: true with same eventId', () => {
@@ -444,4 +467,110 @@ describe('channel-delivery-store', () => {
     const found = findMessageBySourceId('telegram', 'chat-1', 'src-1');
     expect(found!.messageId).toBe(msgId);
   });
+
+  // ── handleDeleteConversation assistantId parameter ───────────────
+
+  test('handleDeleteConversation with non-self assistant deletes only scoped key', async () => {
+    // Set up a scoped conversation key like the one created by recordInbound
+    // with a specific assistantId.
+    const convId = 'conv-delete-test';
+    const scopedKey = 'asst:my-assistant:telegram:chat-del';
+    const legacyKey = 'telegram:chat-del';
+
+    // Insert a conversation row so FK constraints are satisfied
+    const now = Date.now();
+    const db = getDb();
+    db.insert(conversations).values({
+      id: convId,
+      title: 'test',
+      createdAt: now,
+      updatedAt: now,
+    }).run();
+    setConversationKey(scopedKey, convId);
+    setConversationKey(legacyKey, convId);
+    db.insert(externalConversationBindings).values({
+      conversationId: convId,
+      sourceChannel: 'telegram',
+      externalChatId: 'chat-del',
+      createdAt: now,
+      updatedAt: now,
+    }).run();
+
+    // Verify both keys exist
+    expect(getConversationByKey(scopedKey)).not.toBeNull();
+    expect(getConversationByKey(legacyKey)).not.toBeNull();
+
+    // Call handleDeleteConversation with assistantId as a parameter (not in body)
+    const req = new Request('http://localhost/channels/conversation', {
+      method: 'DELETE',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({
+        sourceChannel: 'telegram',
+        externalChatId: 'chat-del',
+        // Note: no assistantId in the body — it comes from the route param
+      }),
+    });
+
+    const res = await handleDeleteConversation(req, 'my-assistant');
+    expect(res.status).toBe(200);
+
+    const json = await res.json() as { ok: boolean };
+    expect(json.ok).toBe(true);
+
+    // Non-self delete should only remove the scoped key and preserve legacy.
+    expect(getConversationByKey(scopedKey)).toBeNull();
+    expect(getConversationByKey(legacyKey)).not.toBeNull();
+    // Non-self delete should not mutate assistant-agnostic external bindings.
+    const remainingBinding = db.select()
+      .from(externalConversationBindings)
+      .where(eq(externalConversationBindings.conversationId, convId))
+      .get();
+    expect(remainingBinding).not.toBeNull();
+  });
+
+  test('handleDeleteConversation defaults to "self" when no assistantId provided', async () => {
+    const convId = 'conv-delete-default';
+    const scopedKey = 'asst:self:telegram:chat-def';
+    const legacyKey = 'telegram:chat-def';
+
+    const now = Date.now();
+    const db = getDb();
+    db.insert(conversations).values({
+      id: convId,
+      title: 'test',
+      createdAt: now,
+      updatedAt: now,
+    }).run();
+    setConversationKey(scopedKey, convId);
+    setConversationKey(legacyKey, convId);
+    db.insert(externalConversationBindings).values({
+      conversationId: convId,
+      sourceChannel: 'telegram',
+      externalChatId: 'chat-def',
+      createdAt: now,
+      updatedAt: now,
+    }).run();
+
+    const req = new Request('http://localhost/channels/conversation', {
+      method: 'DELETE',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({
+        sourceChannel: 'telegram',
+        externalChatId: 'chat-def',
+      }),
+    });
+
+    // No assistantId parameter — should default to 'self'
+    const res = await handleDeleteConversation(req);
+    expect(res.status).toBe(200);
+
+    expect(getConversationByKey(scopedKey)).toBeNull();
+    expect(getConversationByKey(legacyKey)).toBeNull();
+    // Self delete should keep external bindings in sync for the canonical route.
+    const remainingBinding = db.select()
+      .from(externalConversationBindings)
+      .where(eq(externalConversationBindings.conversationId, convId))
+      .get();
+    expect(remainingBinding).toBeUndefined();
+  });
 });

package/src/__tests__/channel-guardian.test.ts

@@ -52,6 +52,10 @@ import {
   isGuardian,
   revokeBinding as serviceRevokeBinding,
 } from '../runtime/channel-guardian-service.js';
+import { handleGuardianVerification } from '../daemon/handlers/config.js';
+import type { GuardianVerificationRequest, GuardianVerificationResponse } from '../daemon/ipc-contract.js';
+import type { HandlerContext } from '../daemon/handlers/shared.js';
+import type * as net from 'node:net';
 
 initializeDb();
 
@@ -949,7 +953,7 @@ describe('guardian service rate limiting', () => {
 
   test('valid challenge still succeeds when under threshold', () => {
     // Record a couple invalid attempts
-    const { secret } = createVerificationChallenge('asst-1', 'telegram');
+    const { secret: _secret } = createVerificationChallenge('asst-1', 'telegram');
     validateAndConsumeChallenge('asst-1', 'telegram', 'wrong-1', 'user-42', 'chat-42');
     validateAndConsumeChallenge('asst-1', 'telegram', 'wrong-2', 'user-42', 'chat-42');
 
@@ -1003,3 +1007,369 @@ describe('guardian service rate limiting', () => {
     expect(result.success).toBe(true);
   });
 });
+
+// ═══════════════════════════════════════════════════════════════════════════
+// 8. Assistant-scoped guardian resolution
+// ═══════════════════════════════════════════════════════════════════════════
+
+describe('assistant-scoped guardian resolution', () => {
+  beforeEach(() => {
+    resetTables();
+  });
+
+  test('isGuardian resolves independently per assistantId', () => {
+    // Create guardian binding for asst-A on telegram
+    createBinding({
+      assistantId: 'asst-A',
+      channel: 'telegram',
+      guardianExternalUserId: 'user-alpha',
+      guardianDeliveryChatId: 'chat-alpha',
+    });
+    // Create guardian binding for asst-B on telegram with a different user
+    createBinding({
+      assistantId: 'asst-B',
+      channel: 'telegram',
+      guardianExternalUserId: 'user-beta',
+      guardianDeliveryChatId: 'chat-beta',
+    });
+
+    // user-alpha is guardian for asst-A but not asst-B
+    expect(isGuardian('asst-A', 'telegram', 'user-alpha')).toBe(true);
+    expect(isGuardian('asst-B', 'telegram', 'user-alpha')).toBe(false);
+
+    // user-beta is guardian for asst-B but not asst-A
+    expect(isGuardian('asst-B', 'telegram', 'user-beta')).toBe(true);
+    expect(isGuardian('asst-A', 'telegram', 'user-beta')).toBe(false);
+  });
+
+  test('getGuardianBinding returns different bindings for different assistants', () => {
+    createBinding({
+      assistantId: 'asst-A',
+      channel: 'telegram',
+      guardianExternalUserId: 'user-alpha',
+      guardianDeliveryChatId: 'chat-alpha',
+    });
+    createBinding({
+      assistantId: 'asst-B',
+      channel: 'telegram',
+      guardianExternalUserId: 'user-beta',
+      guardianDeliveryChatId: 'chat-beta',
+    });
+
+    const bindingA = getGuardianBinding('asst-A', 'telegram');
+    const bindingB = getGuardianBinding('asst-B', 'telegram');
+
+    expect(bindingA).not.toBeNull();
+    expect(bindingB).not.toBeNull();
+    expect(bindingA!.guardianExternalUserId).toBe('user-alpha');
+    expect(bindingB!.guardianExternalUserId).toBe('user-beta');
+  });
+
+  test('revoking binding for one assistant does not affect another', () => {
+    createBinding({
+      assistantId: 'asst-A',
+      channel: 'telegram',
+      guardianExternalUserId: 'user-alpha',
+      guardianDeliveryChatId: 'chat-alpha',
+    });
+    createBinding({
+      assistantId: 'asst-B',
+      channel: 'telegram',
+      guardianExternalUserId: 'user-beta',
+      guardianDeliveryChatId: 'chat-beta',
+    });
+
+    serviceRevokeBinding('asst-A', 'telegram');
+
+    expect(getGuardianBinding('asst-A', 'telegram')).toBeNull();
+    expect(getGuardianBinding('asst-B', 'telegram')).not.toBeNull();
+  });
+
+  test('validateAndConsumeChallenge scoped to assistantId', () => {
+    // Create challenge for asst-A
+    const { secret: secretA } = createVerificationChallenge('asst-A', 'telegram');
+    // Create challenge for asst-B
+    const { secret: secretB } = createVerificationChallenge('asst-B', 'telegram');
+
+    // Attempting to consume asst-A challenge with asst-B should fail
+    const crossResult = validateAndConsumeChallenge(
+      'asst-B', 'telegram', secretA, 'user-1', 'chat-1',
+    );
+    expect(crossResult.success).toBe(false);
+
+    // Consuming with correct assistantId should succeed
+    const resultA = validateAndConsumeChallenge(
+      'asst-A', 'telegram', secretA, 'user-1', 'chat-1',
+    );
+    expect(resultA.success).toBe(true);
+
+    const resultB = validateAndConsumeChallenge(
+      'asst-B', 'telegram', secretB, 'user-2', 'chat-2',
+    );
+    expect(resultB.success).toBe(true);
+
+    // Verify bindings are scoped correctly
+    const bindingA = getGuardianBinding('asst-A', 'telegram');
+    const bindingB = getGuardianBinding('asst-B', 'telegram');
+    expect(bindingA!.guardianExternalUserId).toBe('user-1');
+    expect(bindingB!.guardianExternalUserId).toBe('user-2');
+  });
+});
+
+// ═══════════════════════════════════════════════════════════════════════════
+// 9. Assistant-scoped approval request lookups
+// ═══════════════════════════════════════════════════════════════════════════
+
+describe('assistant-scoped approval request lookups', () => {
+  beforeEach(() => {
+    resetTables();
+  });
+
+  test('createApprovalRequest stores assistantId and defaults to self', () => {
+    const reqWithoutId = createApprovalRequest({
+      runId: 'run-1',
+      conversationId: 'conv-1',
+      channel: 'telegram',
+      requesterExternalUserId: 'user-99',
+      requesterChatId: 'chat-99',
+      guardianExternalUserId: 'user-42',
+      guardianChatId: 'chat-42',
+      toolName: 'shell',
+      expiresAt: Date.now() + 300_000,
+    });
+    expect(reqWithoutId.assistantId).toBe('self');
+
+    const reqWithId = createApprovalRequest({
+      runId: 'run-2',
+      conversationId: 'conv-2',
+      assistantId: 'asst-A',
+      channel: 'telegram',
+      requesterExternalUserId: 'user-99',
+      requesterChatId: 'chat-99',
+      guardianExternalUserId: 'user-42',
+      guardianChatId: 'chat-42',
+      toolName: 'browser',
+      expiresAt: Date.now() + 300_000,
+    });
+    expect(reqWithId.assistantId).toBe('asst-A');
+  });
+
+  test('approval requests from different assistants are independent', () => {
+    createApprovalRequest({
+      runId: 'run-A',
+      conversationId: 'conv-A',
+      assistantId: 'asst-A',
+      channel: 'telegram',
+      requesterExternalUserId: 'user-99',
+      requesterChatId: 'chat-99',
+      guardianExternalUserId: 'user-42',
+      guardianChatId: 'chat-42',
+      toolName: 'shell',
+      expiresAt: Date.now() + 300_000,
+    });
+    createApprovalRequest({
+      runId: 'run-B',
+      conversationId: 'conv-B',
+      assistantId: 'asst-B',
+      channel: 'telegram',
+      requesterExternalUserId: 'user-88',
+      requesterChatId: 'chat-88',
+      guardianExternalUserId: 'user-42',
+      guardianChatId: 'chat-42',
+      toolName: 'browser',
+      expiresAt: Date.now() + 300_000,
+    });
+
+    const foundA = getPendingApprovalForRun('run-A');
+    const foundB = getPendingApprovalForRun('run-B');
+    expect(foundA).not.toBeNull();
+    expect(foundB).not.toBeNull();
+    expect(foundA!.assistantId).toBe('asst-A');
+    expect(foundB!.assistantId).toBe('asst-B');
+    expect(foundA!.toolName).toBe('shell');
+    expect(foundB!.toolName).toBe('browser');
+  });
+});
+
+// ═══════════════════════════════════════════════════════════════════════════
+// 10. IPC handler — channel-aware guardian status response
+// ═══════════════════════════════════════════════════════════════════════════
+
+/**
+ * Creates a minimal mock HandlerContext that captures the response sent via ctx.send().
+ */
+function createMockCtx(): { ctx: HandlerContext; lastResponse: () => GuardianVerificationResponse | null } {
+  let captured: GuardianVerificationResponse | null = null;
+  const ctx = {
+    sessions: new Map(),
+    socketToSession: new Map(),
+    cuSessions: new Map(),
+    socketToCuSession: new Map(),
+    cuObservationParseSequence: new Map(),
+    socketSandboxOverride: new Map(),
+    sharedRequestTimestamps: [],
+    debounceTimers: { schedule: () => {}, cancel: () => {} } as unknown as HandlerContext['debounceTimers'],
+    suppressConfigReload: false,
+    setSuppressConfigReload: () => {},
+    updateConfigFingerprint: () => {},
+    send: (_socket: net.Socket, msg: unknown) => { captured = msg as GuardianVerificationResponse; },
+    broadcast: () => {},
+    clearAllSessions: () => 0,
+    getOrCreateSession: () => Promise.resolve({} as never),
+    touchSession: () => {},
+  } as unknown as HandlerContext;
+  return { ctx, lastResponse: () => captured };
+}
+
+const mockSocket = {} as net.Socket;
+
+describe('IPC handler channel-aware guardian status', () => {
+  beforeEach(() => {
+    resetTables();
+  });
+
+  test('status action for telegram returns channel and assistantId fields', () => {
+    const { ctx, lastResponse } = createMockCtx();
+    const msg: GuardianVerificationRequest = {
+      type: 'guardian_verification',
+      action: 'status',
+      channel: 'telegram',
+      assistantId: 'self',
+    };
+
+    handleGuardianVerification(msg, mockSocket, ctx);
+
+    const resp = lastResponse();
+    expect(resp).not.toBeNull();
+    expect(resp!.success).toBe(true);
+    expect(resp!.channel).toBe('telegram');
+    expect(resp!.assistantId).toBe('self');
+    expect(resp!.bound).toBe(false);
+    expect(resp!.guardianDeliveryChatId).toBeUndefined();
+  });
+
+  test('status action for sms returns channel: sms and assistantId: self', () => {
+    const { ctx, lastResponse } = createMockCtx();
+    const msg: GuardianVerificationRequest = {
+      type: 'guardian_verification',
+      action: 'status',
+      channel: 'sms',
+      assistantId: 'self',
+    };
+
+    handleGuardianVerification(msg, mockSocket, ctx);
+
+    const resp = lastResponse();
+    expect(resp).not.toBeNull();
+    expect(resp!.success).toBe(true);
+    expect(resp!.channel).toBe('sms');
+    expect(resp!.assistantId).toBe('self');
+    expect(resp!.bound).toBe(false);
+  });
+
+  test('status action returns guardianDeliveryChatId when bound', () => {
+    createBinding({
+      assistantId: 'self',
+      channel: 'telegram',
+      guardianExternalUserId: 'user-42',
+      guardianDeliveryChatId: 'chat-42',
+    });
+
+    const { ctx, lastResponse } = createMockCtx();
+    const msg: GuardianVerificationRequest = {
+      type: 'guardian_verification',
+      action: 'status',
+      channel: 'telegram',
+      assistantId: 'self',
+    };
+
+    handleGuardianVerification(msg, mockSocket, ctx);
+
+    const resp = lastResponse();
+    expect(resp).not.toBeNull();
+    expect(resp!.success).toBe(true);
+    expect(resp!.bound).toBe(true);
+    expect(resp!.guardianExternalUserId).toBe('user-42');
+    expect(resp!.guardianDeliveryChatId).toBe('chat-42');
+    expect(resp!.channel).toBe('telegram');
+    expect(resp!.assistantId).toBe('self');
+  });
+
+  test('status action defaults channel to telegram when omitted (backward compat)', () => {
+    const { ctx, lastResponse } = createMockCtx();
+    const msg: GuardianVerificationRequest = {
+      type: 'guardian_verification',
+      action: 'status',
+      // channel omitted — should default to 'telegram'
+    };
+
+    handleGuardianVerification(msg, mockSocket, ctx);
+
+    const resp = lastResponse();
+    expect(resp).not.toBeNull();
+    expect(resp!.channel).toBe('telegram');
+    expect(resp!.assistantId).toBe('self');
+  });
+
+  test('status action defaults assistantId to self when omitted (backward compat)', () => {
+    const { ctx, lastResponse } = createMockCtx();
+    const msg: GuardianVerificationRequest = {
+      type: 'guardian_verification',
+      action: 'status',
+      channel: 'sms',
+      // assistantId omitted — should default to 'self'
+    };
+
+    handleGuardianVerification(msg, mockSocket, ctx);
+
+    const resp = lastResponse();
+    expect(resp).not.toBeNull();
+    expect(resp!.assistantId).toBe('self');
+    expect(resp!.channel).toBe('sms');
+  });
+
+  test('status action with custom assistantId returns correct value', () => {
+    createBinding({
+      assistantId: 'asst-custom',
+      channel: 'telegram',
+      guardianExternalUserId: 'user-77',
+      guardianDeliveryChatId: 'chat-77',
+    });
+
+    const { ctx, lastResponse } = createMockCtx();
+    const msg: GuardianVerificationRequest = {
+      type: 'guardian_verification',
+      action: 'status',
+      channel: 'telegram',
+      assistantId: 'asst-custom',
+    };
+
+    handleGuardianVerification(msg, mockSocket, ctx);
+
+    const resp = lastResponse();
+    expect(resp).not.toBeNull();
+    expect(resp!.success).toBe(true);
+    expect(resp!.bound).toBe(true);
+    expect(resp!.assistantId).toBe('asst-custom');
+    expect(resp!.channel).toBe('telegram');
+    expect(resp!.guardianExternalUserId).toBe('user-77');
+    expect(resp!.guardianDeliveryChatId).toBe('chat-77');
+  });
+
+  test('status action for unbound sms does not return guardianDeliveryChatId', () => {
+    const { ctx, lastResponse } = createMockCtx();
+    const msg: GuardianVerificationRequest = {
+      type: 'guardian_verification',
+      action: 'status',
+      channel: 'sms',
+    };
+
+    handleGuardianVerification(msg, mockSocket, ctx);
+
+    const resp = lastResponse();
+    expect(resp).not.toBeNull();
+    expect(resp!.bound).toBe(false);
+    expect(resp!.guardianDeliveryChatId).toBeUndefined();
+    expect(resp!.guardianExternalUserId).toBeUndefined();
+  });
+});

package/src/__tests__/config-schema.test.ts

@@ -681,7 +681,7 @@ describe('AssistantConfigSchema', () => {
       userConsultTimeoutSeconds: 120,
       disclosure: {
         enabled: true,
-        text: 'At the very beginning of the call, disclose that you are an AI assistant calling on behalf of the user.',
+        text: 'At the very beginning of the call, introduce yourself as an assistant calling on behalf of the user.',
       },
       safety: {
         denyCategories: [],

package/src/__tests__/credential-security-invariants.test.ts

@@ -189,6 +189,7 @@ describe('Invariant 2: no generic plaintext secret read API', () => {
       'calls/elevenlabs-config.ts',     // ElevenLabs voice quality API key lookup
       'calls/twilio-config.ts',         // call infrastructure credential lookup
       'calls/twilio-provider.ts',       // call infrastructure credential lookup
+      'calls/twilio-rest.ts',            // Twilio REST API credential lookup
       'cli/config-commands.ts',         // CLI credential management commands
       'runtime/http-server.ts',         // HTTP server credential lookup
       'daemon/handlers/twitter-auth.ts', // Twitter OAuth token storage