@vellumai/assistant 0.3.4 → 0.3.6

package/src/__tests__/tool-executor-shell-integration.test.ts

@@ -1,4 +1,3 @@
-/* eslint-disable @typescript-eslint/no-explicit-any */
 /**
  * Integration tests: ToolExecutor → real checker.js → real shell-identity → real tree-sitter parser.
  *
@@ -10,6 +9,7 @@
  */
 import { describe, test, expect, beforeAll, mock } from 'bun:test';
 import type { ToolContext } from '../tools/types.js';
+import type { AllowlistOption, ScopeOption } from '../permissions/types.js';
 import { PermissionPrompter } from '../permissions/prompter.js';
 
 // ── Config mock ──────────────────────────────────────────────────────
@@ -133,16 +133,16 @@ function makeContext(overrides?: Partial<ToolContext>): ToolContext {
  * passed to the prompter by the executor, then allows the tool.
  */
 function makeCapturingPrompter() {
-  let capturedAllowlist: any[] | undefined;
-  let capturedScopes: any[] | undefined;
+  let capturedAllowlist: AllowlistOption[] | undefined;
+  let capturedScopes: ScopeOption[] | undefined;
 
   const prompter = {
     prompt: async (
       _toolName: string,
       _input: Record<string, unknown>,
       _riskLevel: string,
-      allowlistOptions: any[],
-      scopeOptions: any[],
+      allowlistOptions: AllowlistOption[],
+      scopeOptions: ScopeOption[],
     ) => {
       capturedAllowlist = allowlistOptions;
       capturedScopes = scopeOptions;
@@ -177,7 +177,7 @@ describe('ToolExecutor → real shell allowlist integration', () => {
     expect(allowlist).toBeDefined();
     expect(allowlist!.length).toBeGreaterThan(1);
 
-    const patterns = allowlist!.map((o: any) => o.pattern);
+    const patterns = allowlist!.map((o: AllowlistOption) => o.pattern);
 
     // Should contain the exact command
     expect(patterns).toContain('npm install express');
@@ -197,8 +197,8 @@ describe('ToolExecutor → real shell allowlist integration', () => {
     const scopes = getScopes();
     expect(scopes).toBeDefined();
     expect(scopes!.length).toBeGreaterThanOrEqual(2);
-    expect(scopes!.some((s: any) => s.scope === '/tmp/project')).toBe(true);
-    expect(scopes!.some((s: any) => s.scope === 'everywhere')).toBe(true);
+    expect(scopes!.some((s: ScopeOption) => s.scope === '/tmp/project')).toBe(true);
+    expect(scopes!.some((s: ScopeOption) => s.scope === 'everywhere')).toBe(true);
   });
 
   test('compound command produces only exact compound option (no action keys)', async () => {
@@ -226,7 +226,7 @@ describe('ToolExecutor → real shell allowlist integration', () => {
     expect(allowlist).toBeDefined();
     expect(allowlist!.length).toBeGreaterThan(1);
 
-    const patterns = allowlist!.map((o: any) => o.pattern);
+    const patterns = allowlist!.map((o: AllowlistOption) => o.pattern);
 
     // Should contain the full original command as the exact option
     expect(patterns).toContain('cd /repo && gh pr view 123');
@@ -250,7 +250,7 @@ describe('ToolExecutor → real shell allowlist integration', () => {
     expect(scopes).toBeDefined();
     expect(scopes!.length).toBeGreaterThanOrEqual(2);
 
-    const scopeValues = scopes!.map((s: any) => s.scope);
+    const scopeValues = scopes!.map((s: ScopeOption) => s.scope);
 
     // Project-scoped option
     expect(scopeValues).toContain('/Users/test/my-project');
@@ -276,7 +276,7 @@ describe('ToolExecutor → real shell allowlist integration', () => {
     expect(allowlist).toBeDefined();
     expect(allowlist!.length).toBeGreaterThan(1);
 
-    const patterns = allowlist!.map((o: any) => o.pattern);
+    const patterns = allowlist!.map((o: AllowlistOption) => o.pattern);
 
     // Should contain exact command and action keys
     expect(patterns).toContain('git status');

package/src/__tests__/tool-executor.test.ts

@@ -1,8 +1,7 @@
-/* eslint-disable @typescript-eslint/no-explicit-any */
 import { describe, test, expect, beforeEach, afterEach, afterAll, mock, spyOn } from 'bun:test';
-import type { ToolExecutionResult, Tool } from '../tools/types.js';
+import type { ToolExecutionResult, Tool, ToolLifecycleEvent, ToolPermissionPromptEvent } from '../tools/types.js';
 import { RiskLevel } from '../permissions/types.js';
-import type { PolicyContext } from '../permissions/types.js';
+import type { AllowlistOption, ScopeOption, PolicyContext, TrustRule } from '../permissions/types.js';
 
 const mockConfig = {
   provider: 'anthropic',
@@ -322,8 +321,8 @@ describe('ToolExecutor contextual rule creation', () => {
 
   function setupAddRuleSpy() {
     addRuleSpy = spyOn(trustStore, 'addRule').mockImplementation(
-      (tool: string, pattern: string, scope: string, decision = 'allow', priority = 100, options?: any) => {
-        return { id: 'spy-rule-id', tool, pattern, scope, decision, priority, createdAt: Date.now(), ...options } as any;
+      (tool: string, pattern: string, scope: string, decision = 'allow', priority = 100, options?: { allowHighRisk?: boolean; executionTarget?: string }) => {
+        return { id: 'spy-rule-id', tool, pattern, scope, decision, priority, createdAt: Date.now(), ...options } as TrustRule;
       },
     );
     return addRuleSpy;
@@ -508,8 +507,8 @@ describe('ToolExecutor strict mode + high-risk integration (PR 25)', () => {
 
   function setupAddRuleSpy() {
     addRuleSpy = spyOn(trustStore, 'addRule').mockImplementation(
-      (tool: string, pattern: string, scope: string, decision = 'allow', priority = 100, options?: any) => {
-        return { id: 'spy-rule-id', tool, pattern, scope, decision, priority, createdAt: Date.now(), ...options } as any;
+      (tool: string, pattern: string, scope: string, decision = 'allow', priority = 100, options?: { allowHighRisk?: boolean; executionTarget?: string }) => {
+        return { id: 'spy-rule-id', tool, pattern, scope, decision, priority, createdAt: Date.now(), ...options } as TrustRule;
       },
     );
     return addRuleSpy;
@@ -1481,8 +1480,8 @@ describe('ToolExecutor persistentDecisionsAllowed contract', () => {
 
   function setupAddRuleSpy() {
     addRuleSpy = spyOn(trustStore, 'addRule').mockImplementation(
-      (tool: string, pattern: string, scope: string, decision = 'allow', priority = 100, options?: any) => {
-        return { id: 'spy-rule-id', tool, pattern, scope, decision, priority, createdAt: Date.now(), ...options } as any;
+      (tool: string, pattern: string, scope: string, decision = 'allow', priority = 100, options?: { allowHighRisk?: boolean; executionTarget?: string }) => {
+        return { id: 'spy-rule-id', tool, pattern, scope, decision, priority, createdAt: Date.now(), ...options } as TrustRule;
       },
     );
     return addRuleSpy;
@@ -1534,14 +1533,14 @@ describe('ToolExecutor persistentDecisionsAllowed contract', () => {
   });
 
   test('persistentDecisionsAllowed: false is emitted in lifecycle event for proxied bash', async () => {
-    let capturedEvent: any;
+    let capturedEvent: ToolPermissionPromptEvent | undefined;
     const prompter = makePrompterWithDecision('allow');
     const executor = new ToolExecutor(prompter);
     const result = await executor.execute(
       'bash',
       { command: 'curl https://example.com', network_mode: 'proxied' },
       makeContext({
-        onToolLifecycleEvent: (event: any) => {
+        onToolLifecycleEvent: (event: ToolLifecycleEvent) => {
           if (event.type === 'permission_prompt') {
             capturedEvent = event;
           }
@@ -1551,18 +1550,18 @@ describe('ToolExecutor persistentDecisionsAllowed contract', () => {
 
     expect(result.isError).toBe(false);
     expect(capturedEvent).toBeDefined();
-    expect(capturedEvent.persistentDecisionsAllowed).toBe(false);
+    expect(capturedEvent!.persistentDecisionsAllowed).toBe(false);
   });
 
   test('persistentDecisionsAllowed: true is emitted in lifecycle event for non-proxied bash', async () => {
-    let capturedEvent: any;
+    let capturedEvent: ToolPermissionPromptEvent | undefined;
     const prompter = makePrompterWithDecision('allow');
     const executor = new ToolExecutor(prompter);
     const result = await executor.execute(
       'bash',
       { command: 'echo hello' },
       makeContext({
-        onToolLifecycleEvent: (event: any) => {
+        onToolLifecycleEvent: (event: ToolLifecycleEvent) => {
           if (event.type === 'permission_prompt') {
             capturedEvent = event;
           }
@@ -1572,7 +1571,7 @@ describe('ToolExecutor persistentDecisionsAllowed contract', () => {
 
     expect(result.isError).toBe(false);
     expect(capturedEvent).toBeDefined();
-    expect(capturedEvent.persistentDecisionsAllowed).toBe(true);
+    expect(capturedEvent!.persistentDecisionsAllowed).toBe(true);
   });
 
   test('persistentDecisionsAllowed is passed to prompter confirmation_request for proxied bash', async () => {
@@ -1580,8 +1579,8 @@ describe('ToolExecutor persistentDecisionsAllowed contract', () => {
     const prompter = {
       prompt: async (
         _toolName: string, _input: Record<string, unknown>, _riskLevel: string,
-        _allowlistOptions: any[], _scopeOptions: any[], _diff: any, _sandboxed: any,
-        _sessionId: any, _executionTarget: any, persistentDecisionsAllowed: any,
+        _allowlistOptions: AllowlistOption[], _scopeOptions: ScopeOption[], _diff: unknown, _sandboxed: unknown,
+        _sessionId: unknown, _executionTarget: unknown, persistentDecisionsAllowed: boolean | undefined,
       ) => {
         capturedPersistent = persistentDecisionsAllowed;
         return { decision: 'allow' as const };
@@ -1643,8 +1642,8 @@ describe('E2E: proxied bash activation vs proxy approval persistence', () => {
 
   function setupAddRuleSpy() {
     addRuleSpy = spyOn(trustStore, 'addRule').mockImplementation(
-      (tool: string, pattern: string, scope: string, decision = 'allow', priority = 100, options?: any) => {
-        return { id: 'spy-rule-id', tool, pattern, scope, decision, priority, createdAt: Date.now(), ...options } as any;
+      (tool: string, pattern: string, scope: string, decision = 'allow', priority = 100, options?: { allowHighRisk?: boolean; executionTarget?: string }) => {
+        return { id: 'spy-rule-id', tool, pattern, scope, decision, priority, createdAt: Date.now(), ...options } as TrustRule;
       },
     );
     return addRuleSpy;
@@ -1871,8 +1870,8 @@ describe('ToolExecutor persistent-allow lifecycle', () => {
 
   function setupAddRuleSpy() {
     addRuleSpy = spyOn(trustStore, 'addRule').mockImplementation(
-      (tool: string, pattern: string, scope: string, decision = 'allow', priority = 100, options?: any) => {
-        return { id: 'spy-rule-id', tool, pattern, scope, decision, priority, createdAt: Date.now(), ...options } as any;
+      (tool: string, pattern: string, scope: string, decision = 'allow', priority = 100, options?: { allowHighRisk?: boolean; executionTarget?: string }) => {
+        return { id: 'spy-rule-id', tool, pattern, scope, decision, priority, createdAt: Date.now(), ...options } as TrustRule;
       },
     );
     return addRuleSpy;
@@ -1954,12 +1953,12 @@ describe('integration regressions — prompt payload (PR 11)', () => {
   test('shell command prompt payload includes allowlist and scope options', async () => {
     checkResultOverride = { decision: 'prompt', reason: 'Medium risk: requires approval' };
 
-    let capturedAllowlist: any[] | undefined;
-    let capturedScopes: any[] | undefined;
+    let capturedAllowlist: AllowlistOption[] | undefined;
+    let capturedScopes: ScopeOption[] | undefined;
     const prompter = {
       prompt: async (
         _toolName: string, _input: Record<string, unknown>, _riskLevel: string,
-        allowlistOptions: any[], scopeOptions: any[],
+        allowlistOptions: AllowlistOption[], scopeOptions: ScopeOption[],
       ) => {
         capturedAllowlist = allowlistOptions;
         capturedScopes = scopeOptions;

package/src/__tests__/trust-store.test.ts

@@ -845,7 +845,7 @@ describe('Trust Store', () => {
       const safePath = join(testDir, 'data', 'assistant.db');
       const match = findHighestPriorityRule('file_read', [`file_read:${safePath}`], '/tmp');
       // Should not match a default deny rule
-      expect(match === null || !match.id.startsWith('default:')).toBe(true);
+      expect(match == null || !match.id.startsWith('default:')).toBe(true);
     });
 
     test('default rules are backfilled after malformed JSON in trust file', () => {
@@ -1396,7 +1396,7 @@ describe('Trust Store', () => {
         const match = findHighestPriorityRule('bash', ['run script.js'], '/tmp', {
           executionTarget: '/usr/local/bin/bun',
         });
-        expect(match === null || match.id !== 'et-diff').toBe(true);
+        expect(match == null || match.id !== 'et-diff').toBe(true);
       });
 
       test('rule with executionTarget does NOT match when no target in context', () => {
@@ -1411,7 +1411,7 @@ describe('Trust Store', () => {
           executionTarget: '/usr/local/bin/node',
         }]);
         const match = findHighestPriorityRule('bash', ['run script.js'], '/tmp', {});
-        expect(match === null || match.id !== 'et-no-ctx').toBe(true);
+        expect(match == null || match.id !== 'et-no-ctx').toBe(true);
       });
 
       test('rule WITHOUT executionTarget matches any target (wildcard)', () => {

package/src/__tests__/twilio-rest.test.ts

@@ -0,0 +1,29 @@
+import { describe, test, expect } from 'bun:test';
+import { twilioAuthHeader, twilioBaseUrl } from '../calls/twilio-rest.js';
+
+describe('twilioAuthHeader', () => {
+  test('returns a valid Basic auth header', () => {
+    const header = twilioAuthHeader('AC_test_sid', 'test_token');
+    const expected = 'Basic ' + Buffer.from('AC_test_sid:test_token').toString('base64');
+    expect(header).toBe(expected);
+  });
+
+  test('encodes special characters correctly', () => {
+    const header = twilioAuthHeader('AC_special!@#', 'tok$%^&');
+    const decoded = Buffer.from(header.replace('Basic ', ''), 'base64').toString();
+    expect(decoded).toBe('AC_special!@#:tok$%^&');
+  });
+});
+
+describe('twilioBaseUrl', () => {
+  test('constructs correct base URL for a given account SID', () => {
+    const url = twilioBaseUrl('AC_abc123');
+    expect(url).toBe('https://api.twilio.com/2010-04-01/Accounts/AC_abc123');
+  });
+
+  test('handles different account SIDs', () => {
+    const url = twilioBaseUrl('AC_xyz789');
+    expect(url).toContain('AC_xyz789');
+    expect(url).toStartWith('https://api.twilio.com/2010-04-01/Accounts/');
+  });
+});

package/src/__tests__/twilio-routes-elevenlabs.test.ts

@@ -169,10 +169,13 @@ function ensureConversation(id: string): void {
 
 function resetTables() {
   const db = getDb();
+  db.run('DELETE FROM guardian_action_deliveries');
+  db.run('DELETE FROM guardian_action_requests');
   db.run('DELETE FROM processed_callbacks');
   db.run('DELETE FROM call_pending_questions');
   db.run('DELETE FROM call_events');
   db.run('DELETE FROM call_sessions');
+  db.run('DELETE FROM messages');
   db.run('DELETE FROM conversations');
   ensuredConvIds = new Set();
 }

package/src/__tests__/twilio-routes-twiml.test.ts

@@ -124,4 +124,15 @@ describe('generateTwiML with voice quality profile', () => {
     expect(twiml).toContain('interruptible="true"');
     expect(twiml).toContain('dtmfDetection="true"');
   });
+
+  test('TwiML omits welcomeGreeting attribute when not provided', () => {
+    const twiml = generateTwiML(callSessionId, relayUrl, null, {
+      language: 'en-US',
+      transcriptionProvider: 'Deepgram',
+      ttsProvider: 'Google',
+      voice: 'Google.en-US-Journey-O',
+    });
+
+    expect(twiml).not.toContain('welcomeGreeting=');
+  });
 });

package/src/__tests__/twilio-routes.test.ts

@@ -31,6 +31,7 @@ mock.module('../util/platform.js', () => ({
   getDbPath: () => join(testDir, 'test.db'),
   getLogPath: () => join(testDir, 'test.log'),
   ensureDataDir: () => {},
+  readHttpToken: () => null,
 }));
 
 mock.module('../util/logger.js', () => ({
@@ -39,15 +40,27 @@ mock.module('../util/logger.js', () => ({
   }),
 }));
 
+const mockConfigObj = {
+  model: 'test',
+  provider: 'test',
+  apiKeys: {},
+  memory: { enabled: false },
+  rateLimit: { maxRequestsPerMinute: 0, maxTokensPerSession: 0 },
+  secretDetection: { enabled: false },
+  calls: {
+    voice: {
+      mode: 'twilio_standard',
+      language: 'en-US',
+      transcriptionProvider: 'Deepgram',
+      fallbackToStandardOnError: true,
+      elevenlabs: { voiceId: '' },
+    },
+  },
+};
+
 mock.module('../config/loader.js', () => ({
-  getConfig: () => ({
-    model: 'test',
-    provider: 'test',
-    apiKeys: {},
-    memory: { enabled: false },
-    rateLimit: { maxRequestsPerMinute: 0, maxTokensPerSession: 0 },
-    secretDetection: { enabled: false },
-  }),
+  getConfig: () => mockConfigObj,
+  loadConfig: () => mockConfigObj,
 }));
 
 mock.module('../security/secure-keys.js', () => ({
@@ -84,10 +97,11 @@ import * as callStore from '../calls/call-store.js';
 import {
   createCallSession,
   getCallSession,
+  getCallSessionByCallSid,
   updateCallSession,
   getCallEvents,
 } from '../calls/call-store.js';
-import { resolveRelayUrl, handleStatusCallback, handleVoiceWebhook } from '../calls/twilio-routes.js';
+import { resolveRelayUrl, buildWelcomeGreeting, handleStatusCallback, handleVoiceWebhook } from '../calls/twilio-routes.js';
 import { registerCallCompletionNotifier, unregisterCallCompletionNotifier } from '../calls/call-state.js';
 
 initializeDb();
@@ -111,22 +125,28 @@ function ensureConversation(id: string): void {
 
 function resetTables() {
   const db = getDb();
+  db.run('DELETE FROM guardian_action_deliveries');
+  db.run('DELETE FROM guardian_action_requests');
   db.run('DELETE FROM processed_callbacks');
   db.run('DELETE FROM call_pending_questions');
   db.run('DELETE FROM call_events');
   db.run('DELETE FROM call_sessions');
+  db.run('DELETE FROM external_conversation_bindings');
+  db.run('DELETE FROM conversation_keys');
+  db.run('DELETE FROM tool_invocations');
+  db.run('DELETE FROM messages');
   db.run('DELETE FROM conversations');
   ensuredConvIds = new Set();
 }
 
-function createTestSession(convId: string, callSid: string) {
+function createTestSession(convId: string, callSid: string, task = 'test task') {
   ensureConversation(convId);
   const session = createCallSession({
     conversationId: convId,
     provider: 'twilio',
     fromNumber: '+15550001111',
     toNumber: '+15559998888',
-    task: 'test task',
+    task,
   });
   updateCallSession(session.id, { providerCallSid: callSid });
   return session;
@@ -148,6 +168,14 @@ function makeVoiceRequest(sessionId: string, params: Record<string, string>): Re
   });
 }
 
+function makeInboundVoiceRequest(params: Record<string, string>): Request {
+  return new Request('http://127.0.0.1/v1/calls/twilio/voice-webhook', {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+    body: new URLSearchParams(params).toString(),
+  });
+}
+
 // ── Tests ──────────────────────────────────────────────────────────────
 
 describe('twilio webhook routes', () => {
@@ -155,6 +183,7 @@ describe('twilio webhook routes', () => {
     resetTables();
     mockWssBaseUrl = 'wss://test.example.com';
     mockWebhookBaseUrl = 'https://test.example.com';
+    delete process.env.CALL_WELCOME_GREETING;
   });
 
   afterAll(() => {
@@ -416,6 +445,18 @@ describe('twilio webhook routes', () => {
     });
   });
 
+  describe('buildWelcomeGreeting', () => {
+    test('returns empty by default so orchestrator drives first opener', () => {
+      const greeting = buildWelcomeGreeting('check store hours for tomorrow');
+      expect(greeting).toBe('');
+    });
+
+    test('uses configured greeting override when provided', () => {
+      const greeting = buildWelcomeGreeting('check store hours', 'Custom hello');
+      expect(greeting).toBe('Custom hello');
+    });
+  });
+
   // ── TwiML relay URL generation ──────────────────────────────────────
   // Call handleVoiceWebhook directly since direct routes are blocked.
 
@@ -446,6 +487,33 @@ describe('twilio webhook routes', () => {
       const twiml = await res.text();
       expect(twiml).toContain('wss://gateway.example.com/v1/calls/relay');
     });
+
+    test('TwiML omits welcome greeting by default so call opener is model-driven', async () => {
+      const session = createTestSession(
+        'conv-twiml-3',
+        'CA_twiml_3',
+        'confirm appointment time\n\nContext: Prior email thread',
+      );
+      const req = makeVoiceRequest(session.id, { CallSid: 'CA_twiml_3' });
+
+      const res = await handleVoiceWebhook(req);
+
+      expect(res.status).toBe(200);
+      const twiml = await res.text();
+      expect(twiml).not.toContain('welcomeGreeting=');
+    });
+
+    test('TwiML includes explicit welcome greeting override when configured', async () => {
+      process.env.CALL_WELCOME_GREETING = 'Custom transport greeting';
+      const session = createTestSession('conv-twiml-4', 'CA_twiml_4');
+      const req = makeVoiceRequest(session.id, { CallSid: 'CA_twiml_4' });
+
+      const res = await handleVoiceWebhook(req);
+
+      expect(res.status).toBe(200);
+      const twiml = await res.text();
+      expect(twiml).toContain('welcomeGreeting="Custom transport greeting"');
+    });
   });
 
   // ── Handler-level idempotency concurrency tests ─────────────────
@@ -574,4 +642,92 @@ describe('twilio webhook routes', () => {
       expect(events2.filter(e => e.eventType === 'call_ended').length).toBe(1);
     });
   });
+
+  // ── Inbound voice webhook tests ─────────────────────────────────────
+  // Tests the inbound mode where callSessionId is absent and a session
+  // is created/reused from the Twilio CallSid.
+
+  describe('inbound voice webhook', () => {
+    test('creates a new session from CallSid when callSessionId is absent', async () => {
+      const req = makeInboundVoiceRequest({
+        CallSid: 'CA_inbound_new_1',
+        From: '+14155551234',
+        To: '+15550001111',
+      });
+
+      const res = await handleVoiceWebhook(req);
+
+      expect(res.status).toBe(200);
+      const twiml = await res.text();
+      expect(twiml).toContain('<ConversationRelay');
+      expect(twiml).toContain('callSessionId=');
+
+      // Verify session was created with the CallSid
+      const session = getCallSessionByCallSid('CA_inbound_new_1');
+      expect(session).not.toBeNull();
+      expect(session!.fromNumber).toBe('+14155551234');
+      expect(session!.toNumber).toBe('+15550001111');
+      expect(session!.providerCallSid).toBe('CA_inbound_new_1');
+    });
+
+    test('replayed inbound webhook for same CallSid does not create duplicate sessions', async () => {
+      const params = {
+        CallSid: 'CA_inbound_replay_1',
+        From: '+14155551234',
+        To: '+15550001111',
+      };
+
+      // First call — creates the session
+      const res1 = await handleVoiceWebhook(makeInboundVoiceRequest(params));
+      expect(res1.status).toBe(200);
+
+      const session1 = getCallSessionByCallSid('CA_inbound_replay_1');
+      expect(session1).not.toBeNull();
+
+      // Second call (replay) — reuses the same session
+      const res2 = await handleVoiceWebhook(makeInboundVoiceRequest(params));
+      expect(res2.status).toBe(200);
+
+      const session2 = getCallSessionByCallSid('CA_inbound_replay_1');
+      expect(session2).not.toBeNull();
+      expect(session2!.id).toBe(session1!.id);
+    });
+
+    test('inbound webhook without CallSid returns 400', async () => {
+      const req = makeInboundVoiceRequest({
+        From: '+14155551234',
+        To: '+15550001111',
+      });
+
+      const res = await handleVoiceWebhook(req);
+      expect(res.status).toBe(400);
+    });
+
+    test('inbound webhook with forwarded assistantId creates session with correct assistantId', async () => {
+      const req = makeInboundVoiceRequest({
+        CallSid: 'CA_inbound_assist_1',
+        From: '+14155551234',
+        To: '+15550001111',
+      });
+
+      const res = await handleVoiceWebhook(req, 'my-assistant-id');
+
+      expect(res.status).toBe(200);
+      const session = getCallSessionByCallSid('CA_inbound_assist_1');
+      expect(session).not.toBeNull();
+      expect(session!.assistantId).toBe('my-assistant-id');
+    });
+
+    test('outbound call flow remains non-regressed with callSessionId present', async () => {
+      const session = createTestSession('conv-outbound-compat-1', 'CA_outbound_compat_1');
+      const req = makeVoiceRequest(session.id, { CallSid: 'CA_outbound_compat_1' });
+
+      const res = await handleVoiceWebhook(req);
+
+      expect(res.status).toBe(200);
+      const twiml = await res.text();
+      expect(twiml).toContain('<ConversationRelay');
+      expect(twiml).toContain(`callSessionId=${session.id}`);
+    });
+  });
 });

package/src/__tests__/twitter-cli-error-shaping.test.ts

@@ -100,7 +100,7 @@ describe('CLI error shaping', () => {
 
   test('routed non-session error with suggestAlternative emits structured JSON', () => {
     const err = Object.assign(
-      new Error('OAuth is not configured. Set up OAuth credentials in Settings, or switch to browser strategy.'),
+      new Error('OAuth is not configured. Provide your X developer credentials here in the chat to set up OAuth, or switch to browser strategy.'),
       {
         pathUsed: 'oauth' as const,
         suggestAlternative: 'browser' as const,
@@ -110,7 +110,7 @@ describe('CLI error shaping', () => {
 
     expect(payload).toEqual({
       ok: false,
-      error: 'OAuth is not configured. Set up OAuth credentials in Settings, or switch to browser strategy.',
+      error: 'OAuth is not configured. Provide your X developer credentials here in the chat to set up OAuth, or switch to browser strategy.',
       pathUsed: 'oauth',
       suggestAlternative: 'browser',
     });

package/src/__tests__/user-reference.test.ts

@@ -1,5 +1,6 @@
 import { describe, test, expect, mock, beforeEach } from 'bun:test';
 import { join } from 'node:path';
+import * as realFs from 'node:fs';
 
 const TEST_DIR = '/tmp/vellum-user-ref-test';
 
@@ -12,6 +13,7 @@ let mockFileExists = false;
 let mockFileContent = '';
 
 mock.module('node:fs', () => ({
+  ...realFs,
   existsSync: (path: string) => {
     if (path === join(TEST_DIR, 'USER.md')) return mockFileExists;
     return false;