npm - @vellumai/assistant - Versions diffs - 0.3.26 → 0.3.28 - Mend

@vellumai/assistant 0.3.26 → 0.3.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (82) hide show

package/ARCHITECTURE.md +48 -1
package/Dockerfile +2 -2
package/package.json +1 -1
package/scripts/ipc/generate-swift.ts +6 -2
package/src/__tests__/agent-loop.test.ts +119 -0
package/src/__tests__/bundled-asset.test.ts +107 -0
package/src/__tests__/canonical-guardian-store.test.ts +636 -0
package/src/__tests__/channel-approval-routes.test.ts +174 -1
package/src/__tests__/emit-signal-routing-intent.test.ts +43 -1
package/src/__tests__/guardian-actions-endpoint.test.ts +205 -345
package/src/__tests__/guardian-decision-primitive-canonical.test.ts +599 -0
package/src/__tests__/guardian-dispatch.test.ts +19 -19
package/src/__tests__/guardian-routing-invariants.test.ts +954 -0
package/src/__tests__/mcp-cli.test.ts +77 -0
package/src/__tests__/non-member-access-request.test.ts +31 -29
package/src/__tests__/notification-decision-fallback.test.ts +61 -3
package/src/__tests__/notification-decision-strategy.test.ts +17 -0
package/src/__tests__/notification-guardian-path.test.ts +13 -15
package/src/__tests__/onboarding-template-contract.test.ts +116 -21
package/src/__tests__/secret-scanner-executor.test.ts +59 -0
package/src/__tests__/secret-scanner.test.ts +8 -0
package/src/__tests__/sensitive-output-placeholders.test.ts +208 -0
package/src/__tests__/session-runtime-assembly.test.ts +76 -47
package/src/__tests__/tool-grant-request-escalation.test.ts +497 -0
package/src/agent/loop.ts +46 -3
package/src/approvals/guardian-decision-primitive.ts +285 -0
package/src/approvals/guardian-request-resolvers.ts +539 -0
package/src/calls/guardian-dispatch.ts +46 -40
package/src/calls/relay-server.ts +147 -2
package/src/calls/types.ts +1 -1
package/src/config/system-prompt.ts +2 -1
package/src/config/templates/BOOTSTRAP.md +47 -31
package/src/config/templates/USER.md +5 -0
package/src/config/update-bulletin-template-path.ts +4 -1
package/src/config/vellum-skills/trusted-contacts/SKILL.md +22 -17
package/src/daemon/handlers/guardian-actions.ts +45 -66
package/src/daemon/ipc-contract/guardian-actions.ts +7 -0
package/src/daemon/lifecycle.ts +3 -16
package/src/daemon/server.ts +18 -0
package/src/daemon/session-agent-loop-handlers.ts +5 -4
package/src/daemon/session-agent-loop.ts +32 -5
package/src/daemon/session-process.ts +68 -307
package/src/daemon/session-runtime-assembly.ts +112 -24
package/src/daemon/session-tool-setup.ts +1 -0
package/src/daemon/session.ts +1 -0
package/src/home-base/prebuilt/seed.ts +2 -1
package/src/hooks/templates.ts +2 -1
package/src/memory/canonical-guardian-store.ts +524 -0
package/src/memory/channel-guardian-store.ts +1 -0
package/src/memory/db-init.ts +16 -0
package/src/memory/guardian-action-store.ts +7 -60
package/src/memory/guardian-approvals.ts +9 -4
package/src/memory/migrations/036-normalize-phone-identities.ts +289 -0
package/src/memory/migrations/118-reminder-routing-intent.ts +3 -3
package/src/memory/migrations/121-canonical-guardian-requests.ts +59 -0
package/src/memory/migrations/122-canonical-guardian-requester-chat-id.ts +15 -0
package/src/memory/migrations/123-canonical-guardian-deliveries-destination-index.ts +15 -0
package/src/memory/migrations/index.ts +4 -0
package/src/memory/migrations/registry.ts +5 -0
package/src/memory/schema-migration.ts +1 -0
package/src/memory/schema.ts +52 -0
package/src/notifications/copy-composer.ts +16 -4
package/src/notifications/decision-engine.ts +57 -0
package/src/permissions/defaults.ts +2 -0
package/src/runtime/access-request-helper.ts +137 -0
package/src/runtime/actor-trust-resolver.ts +225 -0
package/src/runtime/channel-guardian-service.ts +12 -4
package/src/runtime/guardian-context-resolver.ts +32 -7
package/src/runtime/guardian-decision-types.ts +6 -0
package/src/runtime/guardian-reply-router.ts +687 -0
package/src/runtime/http-server.ts +8 -0
package/src/runtime/routes/canonical-guardian-expiry-sweep.ts +116 -0
package/src/runtime/routes/conversation-routes.ts +18 -0
package/src/runtime/routes/guardian-action-routes.ts +100 -109
package/src/runtime/routes/inbound-message-handler.ts +170 -525
package/src/runtime/tool-grant-request-helper.ts +195 -0
package/src/tools/executor.ts +13 -1
package/src/tools/sensitive-output-placeholders.ts +203 -0
package/src/tools/tool-approval-handler.ts +44 -1
package/src/tools/types.ts +11 -0
package/src/util/bundled-asset.ts +31 -0
package/src/util/canonicalize-identity.ts +52 -0

package/src/__tests__/sensitive-output-placeholders.test.ts ADDED Viewed

@@ -0,0 +1,208 @@
+import { describe, expect, test } from 'bun:test';
+import {
+  applyStreamingSubstitution,
+  applySubstitutions,
+  extractAndSanitize,
+} from '../tools/sensitive-output-placeholders.js';
+describe('extractAndSanitize', () => {
+  test('parses a valid invite_code directive and replaces raw value with placeholder', () => {
+    const rawToken = 'abc123def456';
+    const content = `<vellum-sensitive-output kind="invite_code" value="${rawToken}" />\nhttps://t.me/bot?start=iv_${rawToken}`;
+    const { sanitizedContent, bindings } = extractAndSanitize(content);
+    expect(bindings).toHaveLength(1);
+    expect(bindings[0].kind).toBe('invite_code');
+    expect(bindings[0].value).toBe(rawToken);
+    expect(bindings[0].placeholder).toMatch(/^VELLUM_ASSISTANT_INVITE_CODE_[A-Z0-9]{8}$/);
+    // Directive tag should be stripped
+    expect(sanitizedContent).not.toContain('<vellum-sensitive-output');
+    // Raw token should be replaced with placeholder
+    expect(sanitizedContent).not.toContain(rawToken);
+    expect(sanitizedContent).toContain(bindings[0].placeholder);
+    // The link structure should be preserved
+    expect(sanitizedContent).toContain(`https://t.me/bot?start=iv_${bindings[0].placeholder}`);
+  });
+  test('ignores malformed directives safely', () => {
+    const content = 'Some text <vellum-sensitive-output broken />';
+    const { sanitizedContent, bindings } = extractAndSanitize(content);
+    expect(bindings).toHaveLength(0);
+    expect(sanitizedContent).toBe(content);
+  });
+  test('ignores unknown kind values', () => {
+    const content = '<vellum-sensitive-output kind="unknown_kind" value="secret123" />';
+    const { sanitizedContent, bindings } = extractAndSanitize(content);
+    expect(bindings).toHaveLength(0);
+    expect(sanitizedContent).toBe(content);
+  });
+  test('drops empty values', () => {
+    const content = '<vellum-sensitive-output kind="invite_code" value="" />';
+    const { sanitizedContent, bindings } = extractAndSanitize(content);
+    expect(bindings).toHaveLength(0);
+    // Directive should remain since no valid binding was extracted
+    expect(sanitizedContent).toBe(content);
+  });
+  test('deduplicates identical values into a single binding', () => {
+    const rawToken = 'token123';
+    const content = [
+      `<vellum-sensitive-output kind="invite_code" value="${rawToken}" />`,
+      `<vellum-sensitive-output kind="invite_code" value="${rawToken}" />`,
+      `Link1: https://t.me/bot?start=iv_${rawToken}`,
+      `Link2: https://t.me/bot?start=iv_${rawToken}`,
+    ].join('\n');
+    const { sanitizedContent, bindings } = extractAndSanitize(content);
+    expect(bindings).toHaveLength(1);
+    expect(bindings[0].value).toBe(rawToken);
+    // Both occurrences of the raw token should be replaced with the same placeholder
+    const placeholderCount = sanitizedContent.split(bindings[0].placeholder).length - 1;
+    expect(placeholderCount).toBe(2);
+    expect(sanitizedContent).not.toContain(rawToken);
+  });
+  test('supports multiple distinct bindings', () => {
+    const token1 = 'firstToken123';
+    const token2 = 'secondToken456';
+    const content = [
+      `<vellum-sensitive-output kind="invite_code" value="${token1}" />`,
+      `<vellum-sensitive-output kind="invite_code" value="${token2}" />`,
+      `Link1: https://t.me/bot?start=iv_${token1}`,
+      `Link2: https://t.me/bot?start=iv_${token2}`,
+    ].join('\n');
+    const { sanitizedContent, bindings } = extractAndSanitize(content);
+    expect(bindings).toHaveLength(2);
+    expect(bindings[0].value).toBe(token1);
+    expect(bindings[1].value).toBe(token2);
+    // Both raw tokens should be replaced
+    expect(sanitizedContent).not.toContain(token1);
+    expect(sanitizedContent).not.toContain(token2);
+    expect(sanitizedContent).toContain(bindings[0].placeholder);
+    expect(sanitizedContent).toContain(bindings[1].placeholder);
+  });
+  test('returns content unchanged when no directives are present', () => {
+    const content = 'Just a normal tool output with no directives.';
+    const { sanitizedContent, bindings } = extractAndSanitize(content);
+    expect(bindings).toHaveLength(0);
+    expect(sanitizedContent).toBe(content);
+  });
+  test('placeholder format matches required pattern', () => {
+    const content = '<vellum-sensitive-output kind="invite_code" value="tok123" />';
+    const { bindings } = extractAndSanitize(content);
+    expect(bindings).toHaveLength(1);
+    // Must be exactly: VELLUM_ASSISTANT_INVITE_CODE_ followed by 8 uppercase alphanumeric chars
+    expect(bindings[0].placeholder).toMatch(/^VELLUM_ASSISTANT_INVITE_CODE_[A-Z0-9]{8}$/);
+  });
+});
+describe('applySubstitutions', () => {
+  test('replaces placeholders with real values', () => {
+    const map = new Map([
+      ['VELLUM_ASSISTANT_INVITE_CODE_ABCD1234', 'realtoken123'],
+    ]);
+    const text = 'Your link: https://t.me/bot?start=iv_VELLUM_ASSISTANT_INVITE_CODE_ABCD1234';
+    const result = applySubstitutions(text, map);
+    expect(result).toBe('Your link: https://t.me/bot?start=iv_realtoken123');
+  });
+  test('replaces multiple placeholders', () => {
+    const map = new Map([
+      ['VELLUM_ASSISTANT_INVITE_CODE_AAAA1111', 'token1'],
+      ['VELLUM_ASSISTANT_INVITE_CODE_BBBB2222', 'token2'],
+    ]);
+    const text = 'Link1: VELLUM_ASSISTANT_INVITE_CODE_AAAA1111, Link2: VELLUM_ASSISTANT_INVITE_CODE_BBBB2222';
+    const result = applySubstitutions(text, map);
+    expect(result).toBe('Link1: token1, Link2: token2');
+  });
+  test('returns text unchanged when map is empty', () => {
+    const map = new Map<string, string>();
+    const text = 'No placeholders here.';
+    expect(applySubstitutions(text, map)).toBe(text);
+  });
+});
+describe('applyStreamingSubstitution', () => {
+  test('resolves complete placeholders in a single chunk', () => {
+    const map = new Map([
+      ['VELLUM_ASSISTANT_INVITE_CODE_ABCD1234', 'realtoken'],
+    ]);
+    const { emit, pending } = applyStreamingSubstitution(
+      'Your code: VELLUM_ASSISTANT_INVITE_CODE_ABCD1234 is ready.',
+      map,
+    );
+    expect(emit).toContain('realtoken');
+    expect(emit).not.toContain('VELLUM_ASSISTANT_INVITE_CODE_ABCD1234');
+    // No pending text since the placeholder was complete
+    expect(pending).toBe('');
+  });
+  test('buffers text that could be an incomplete placeholder prefix', () => {
+    const map = new Map([
+      ['VELLUM_ASSISTANT_INVITE_CODE_ABCD1234', 'realtoken'],
+    ]);
+    // Chunk ends mid-placeholder
+    const { emit, pending } = applyStreamingSubstitution(
+      'Your code: VELLUM_ASSISTANT_',
+      map,
+    );
+    // The ambiguous tail should be buffered
+    expect(pending.length).toBeGreaterThan(0);
+    // emit should not contain the partial placeholder
+    expect(emit).not.toContain('VELLUM_ASSISTANT_');
+  });
+  test('handles split-chunk placeholder by concatenating pending with next chunk', () => {
+    const map = new Map([
+      ['VELLUM_ASSISTANT_INVITE_CODE_ABCD1234', 'realtoken'],
+    ]);
+    // First chunk: partial placeholder
+    const result1 = applyStreamingSubstitution(
+      'Link: VELLUM_ASSISTANT_',
+      map,
+    );
+    // Second chunk completes the placeholder
+    const combined = result1.pending + 'INVITE_CODE_ABCD1234 done.';
+    const result2 = applyStreamingSubstitution(combined, map);
+    expect(result2.emit).toContain('realtoken');
+    expect(result2.emit).toContain('done.');
+    expect(result2.pending).toBe('');
+  });
+  test('returns text unchanged when map is empty', () => {
+    const map = new Map<string, string>();
+    const { emit, pending } = applyStreamingSubstitution('Hello world', map);
+    expect(emit).toBe('Hello world');
+    expect(pending).toBe('');
+  });
+});

package/src/__tests__/session-runtime-assembly.test.ts CHANGED Viewed

@@ -1,19 +1,19 @@
 import { describe, expect,test } from 'bun:test';
 import { buildChannelAwarenessSection } from '../config/system-prompt.js';
-import type { ChannelCapabilities, ChannelTurnContextParams, GuardianRuntimeContext } from '../daemon/session-runtime-assembly.js';
+import type { ChannelCapabilities, ChannelTurnContextParams, InboundActorContext } from '../daemon/session-runtime-assembly.js';
 import {
   applyRuntimeInjections,
   buildChannelTurnContextBlock,
   injectChannelCapabilityContext,
   injectChannelTurnContext,
-  injectGuardianContext,
+  injectInboundActorContext,
   injectTemporalContext,
   resolveChannelCapabilities,
   sanitizePttActivationKey,
   stripChannelCapabilityContext,
   stripChannelTurnContext,
-  stripGuardianContext,
+  stripInboundActorContext,
   stripTemporalContext,
 } from '../daemon/session-runtime-assembly.js';
 import type { Message } from '../providers/types.js';
@@ -534,90 +534,118 @@ describe('applyRuntimeInjections with temporalContext', () => {
 });
 // ---------------------------------------------------------------------------
-// guardian_context
+// inbound_actor_context
 // ---------------------------------------------------------------------------
-describe('injectGuardianContext', () => {
+describe('injectInboundActorContext', () => {
   const baseUserMessage: Message = {
     role: 'user',
     content: [{ type: 'text', text: 'Can you text me updates?' }],
   };
-  test('prepends guardian_context block to user message', () => {
-    const ctx: GuardianRuntimeContext = {
+  test('prepends inbound_actor_context block to user message', () => {
+    const ctx: InboundActorContext = {
       sourceChannel: 'sms',
-      actorRole: 'guardian',
-      guardianExternalUserId: 'guardian-user-1',
-      guardianChatId: '+15550001111',
-      requesterIdentifier: '+15550001111',
-      requesterExternalUserId: 'guardian-user-1',
-      requesterChatId: '+15550001111',
+      canonicalActorIdentity: 'guardian-user-1',
+      actorIdentifier: '+15550001111',
+      trustClass: 'guardian',
+      guardianIdentity: 'guardian-user-1',
     };
-    const result = injectGuardianContext(baseUserMessage, ctx);
+    const result = injectInboundActorContext(baseUserMessage, ctx);
     expect(result.content.length).toBe(2);
     const injected = result.content[0];
     expect(injected.type).toBe('text');
     const text = (injected as { type: 'text'; text: string }).text;
-    expect(text).toContain('<guardian_context>');
-    expect(text).toContain('actor_role: guardian');
+    expect(text).toContain('<inbound_actor_context>');
+    expect(text).toContain('trust_class: guardian');
     expect(text).toContain('source_channel: sms');
-    expect(text).toContain('</guardian_context>');
+    expect(text).toContain('canonical_actor_identity: guardian-user-1');
+    expect(text).toContain('</inbound_actor_context>');
   });
-  test('includes behavioral guidance for non-guardian actors', () => {
-    const ctx: GuardianRuntimeContext = {
+  test('includes behavioral guidance for trusted_contact actors', () => {
+    const ctx: InboundActorContext = {
       sourceChannel: 'telegram',
-      actorRole: 'non-guardian',
-      guardianExternalUserId: 'guardian-user-1',
-      guardianChatId: 'chat-1',
-      requesterIdentifier: '@someone',
-      requesterExternalUserId: 'other-user-1',
-      requesterChatId: 'chat-2',
+      canonicalActorIdentity: 'other-user-1',
+      actorIdentifier: '@someone',
+      trustClass: 'trusted_contact',
+      guardianIdentity: 'guardian-user-1',
+      memberStatus: 'active',
+      memberPolicy: 'default',
     };
-    const result = injectGuardianContext(baseUserMessage, ctx);
+    const result = injectInboundActorContext(baseUserMessage, ctx);
     const text = (result.content[0] as { type: 'text'; text: string }).text;
     expect(text).toContain('non-guardian account');
     expect(text).toContain('Do not explain the verification system');
+    expect(text).toContain('member_status: active');
+    expect(text).toContain('member_policy: default');
+  });
+  test('includes behavioral guidance for unknown actors', () => {
+    const ctx: InboundActorContext = {
+      sourceChannel: 'telegram',
+      canonicalActorIdentity: null,
+      trustClass: 'unknown',
+      denialReason: 'no_identity',
+    };
+    const result = injectInboundActorContext(baseUserMessage, ctx);
+    const text = (result.content[0] as { type: 'text'; text: string }).text;
+    expect(text).toContain('non-guardian account');
+    expect(text).toContain('Do not explain the verification system');
+    expect(text).toContain('denial_reason: no_identity');
   });
   test('omits non-guardian behavioral guidance for guardian actors', () => {
-    const ctx: GuardianRuntimeContext = {
+    const ctx: InboundActorContext = {
       sourceChannel: 'telegram',
-      actorRole: 'guardian',
-      guardianExternalUserId: 'guardian-user-1',
-      guardianChatId: 'chat-1',
-      requesterIdentifier: '@guardian',
-      requesterExternalUserId: 'guardian-user-1',
-      requesterChatId: 'chat-1',
+      canonicalActorIdentity: 'guardian-user-1',
+      actorIdentifier: '@guardian',
+      trustClass: 'guardian',
+      guardianIdentity: 'guardian-user-1',
     };
-    const result = injectGuardianContext(baseUserMessage, ctx);
+    const result = injectInboundActorContext(baseUserMessage, ctx);
     const text = (result.content[0] as { type: 'text'; text: string }).text;
     expect(text).not.toContain('non-guardian account');
   });
+  test('omits member_status and member_policy when not provided', () => {
+    const ctx: InboundActorContext = {
+      sourceChannel: 'sms',
+      canonicalActorIdentity: 'user-1',
+      trustClass: 'unknown',
+      denialReason: 'no_binding',
+    };
+    const result = injectInboundActorContext(baseUserMessage, ctx);
+    const text = (result.content[0] as { type: 'text'; text: string }).text;
+    expect(text).not.toContain('member_status');
+    expect(text).not.toContain('member_policy');
+  });
 });
-describe('stripGuardianContext', () => {
-  test('strips guardian_context blocks from user messages', () => {
+describe('stripInboundActorContext', () => {
+  test('strips inbound_actor_context blocks from user messages', () => {
     const messages: Message[] = [
       {
         role: 'user',
         content: [
-          { type: 'text', text: '<guardian_context>\nactor_role: guardian\n</guardian_context>' },
+          { type: 'text', text: '<inbound_actor_context>\ntrust_class: guardian\n</inbound_actor_context>' },
           { type: 'text', text: 'Hello' },
         ],
       },
     ];
-    const result = stripGuardianContext(messages);
+    const result = stripInboundActorContext(messages);
     expect(result).toHaveLength(1);
     expect(result[0].content).toHaveLength(1);
     expect((result[0].content[0] as { type: 'text'; text: string }).text).toBe('Hello');
   });
 });
-describe('applyRuntimeInjections with guardianContext', () => {
+describe('applyRuntimeInjections with inboundActorContext', () => {
   const baseMessages: Message[] = [
     {
       role: 'user',
@@ -625,20 +653,21 @@ describe('applyRuntimeInjections with guardianContext', () => {
     },
   ];
-  test('injects guardian context when provided', () => {
+  test('injects inbound actor context when provided', () => {
     const result = applyRuntimeInjections(baseMessages, {
-      guardianContext: {
+      inboundActorContext: {
         sourceChannel: 'sms',
-        actorRole: 'non-guardian',
-        guardianExternalUserId: 'guardian-1',
-        requesterExternalUserId: 'requester-1',
-        requesterIdentifier: '+15550002222',
-        requesterChatId: '+15550002222',
+        canonicalActorIdentity: 'requester-1',
+        actorIdentifier: '+15550002222',
+        trustClass: 'trusted_contact',
+        guardianIdentity: 'guardian-1',
+        memberStatus: 'active',
+        memberPolicy: 'default',
       },
     });
     expect(result).toHaveLength(1);
     expect(result[0].content).toHaveLength(2);
-    expect((result[0].content[0] as { type: 'text'; text: string }).text).toContain('<guardian_context>');
+    expect((result[0].content[0] as { type: 'text'; text: string }).text).toContain('<inbound_actor_context>');
   });
 });