npm - @vellumai/assistant - Versions diffs - 0.3.5 → 0.3.7 - Mend

@vellumai/assistant 0.3.5 → 0.3.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (487) hide show

package/README.md +51 -0
package/eslint.config.mjs +31 -0
package/package.json +1 -1
package/scripts/ipc/check-swift-decoder-drift.ts +4 -1
package/scripts/ipc/generate-swift.ts +18 -2
package/src/__tests__/__snapshots__/ipc-snapshot.test.ts.snap +338 -1
package/src/__tests__/approval-conversation-turn.test.ts +214 -0
package/src/__tests__/browser-manager.test.ts +1 -0
package/src/__tests__/call-conversation-messages.test.ts +130 -0
package/src/__tests__/call-orchestrator.test.ts +752 -271
package/src/__tests__/call-pointer-messages.test.ts +148 -0
package/src/__tests__/call-recovery.test.ts +3 -0
package/src/__tests__/call-routes-http.test.ts +5 -0
package/src/__tests__/call-store.test.ts +3 -0
package/src/__tests__/channel-approval-routes.test.ts +1260 -85
package/src/__tests__/channel-approval.test.ts +37 -0
package/src/__tests__/channel-approvals.test.ts +4 -65
package/src/__tests__/channel-guardian.test.ts +556 -0
package/src/__tests__/channel-readiness-service.test.ts +74 -7
package/src/__tests__/checker.test.ts +14 -7
package/src/__tests__/clarification-resolver.test.ts +44 -24
package/src/__tests__/commit-message-enrichment-service.test.ts +9 -4
package/src/__tests__/computer-use-session-working-dir.test.ts +8 -0
package/src/__tests__/config-schema.test.ts +12 -7
package/src/__tests__/context-window-manager.test.ts +30 -2
package/src/__tests__/contradiction-checker.test.ts +20 -5
package/src/__tests__/credential-security-invariants.test.ts +6 -2
package/src/__tests__/db-migration-rollback.test.ts +752 -0
package/src/__tests__/dynamic-skill-workflow-prompt.test.ts +2 -0
package/src/__tests__/fuzzy-match-property.test.ts +5 -5
package/src/__tests__/guardian-action-store.test.ts +123 -0
package/src/__tests__/guardian-action-sweep.test.ts +277 -0
package/src/__tests__/guardian-dispatch.test.ts +389 -0
package/src/__tests__/guardian-question-copy.test.ts +47 -0
package/src/__tests__/handlers-telegram-config.test.ts +4 -2
package/src/__tests__/handlers-twilio-config.test.ts +126 -0
package/src/__tests__/intent-routing.test.ts +2 -0
package/src/__tests__/ipc-snapshot.test.ts +228 -1
package/src/__tests__/memory-upsert-concurrency.test.ts +828 -0
package/src/__tests__/model-intents.test.ts +96 -0
package/src/__tests__/no-direct-anthropic-sdk-imports.test.ts +42 -0
package/src/__tests__/oauth2-gateway-transport.test.ts +130 -0
package/src/__tests__/onboarding-starter-tasks.test.ts +2 -0
package/src/__tests__/provider-commit-message-generator.test.ts +89 -13
package/src/__tests__/provider-error-scenarios.test.ts +621 -0
package/src/__tests__/provider-fail-open-selection.test.ts +119 -0
package/src/__tests__/qdrant-manager.test.ts +27 -20
package/src/__tests__/relay-server.test.ts +779 -40
package/src/__tests__/run-orchestrator-assistant-events.test.ts +2 -0
package/src/__tests__/run-orchestrator.test.ts +20 -4
package/src/__tests__/runtime-runs-http.test.ts +17 -1
package/src/__tests__/runtime-runs.test.ts +16 -0
package/src/__tests__/schedule-store.test.ts +18 -4
package/src/__tests__/scheduler-recurrence.test.ts +13 -4
package/src/__tests__/session-abort-tool-results.test.ts +6 -0
package/src/__tests__/session-agent-loop.test.ts +857 -0
package/src/__tests__/session-conflict-gate.test.ts +6 -0
package/src/__tests__/session-pre-run-repair.test.ts +6 -0
package/src/__tests__/session-profile-injection.test.ts +6 -0
package/src/__tests__/session-provider-retry-repair.test.ts +6 -0
package/src/__tests__/session-queue.test.ts +6 -0
package/src/__tests__/session-runtime-assembly.test.ts +237 -13
package/src/__tests__/session-slash-known.test.ts +6 -0
package/src/__tests__/session-slash-queue.test.ts +6 -0
package/src/__tests__/session-slash-unknown.test.ts +6 -0
package/src/__tests__/session-surfaces-task-progress.test.ts +2 -0
package/src/__tests__/session-tool-setup-app-refresh.test.ts +1 -0
package/src/__tests__/session-tool-setup-memory-scope.test.ts +1 -0
package/src/__tests__/session-tool-setup-side-effect-flag.test.ts +1 -0
package/src/__tests__/session-workspace-injection.test.ts +6 -0
package/src/__tests__/session-workspace-tool-tracking.test.ts +6 -0
package/src/__tests__/skills.test.ts +2 -0
package/src/__tests__/sms-messaging-provider.test.ts +2 -1
package/src/__tests__/starter-task-flow.test.ts +2 -0
package/src/__tests__/swarm-dag-pathological.test.ts +535 -0
package/src/__tests__/system-prompt.test.ts +2 -0
package/src/__tests__/task-management-tools.test.ts +2 -2
package/src/__tests__/task-runner.test.ts +14 -4
package/src/__tests__/terminal-tools.test.ts +25 -19
package/src/__tests__/tool-execution-abort-cleanup.test.ts +545 -0
package/src/__tests__/tool-executor-shell-integration.test.ts +11 -11
package/src/__tests__/tool-executor.test.ts +23 -24
package/src/__tests__/trust-store.test.ts +3 -3
package/src/__tests__/twilio-rest.test.ts +29 -0
package/src/__tests__/twilio-routes-elevenlabs.test.ts +3 -0
package/src/__tests__/twilio-routes-twiml.test.ts +11 -0
package/src/__tests__/twilio-routes.test.ts +141 -21
package/src/__tests__/user-reference.test.ts +2 -0
package/src/__tests__/voice-quality.test.ts +222 -0
package/src/__tests__/web-search.test.ts +45 -29
package/src/agent/loop.ts +1 -1
package/src/agent-heartbeat/agent-heartbeat-service.ts +2 -10
package/src/amazon/client.ts +1418 -0
package/src/amazon/request-extractor.ts +135 -0
package/src/amazon/session.ts +109 -0
package/src/autonomy/autonomy-store.ts +5 -5
package/src/browser-extension-relay/client.ts +124 -0
package/src/browser-extension-relay/protocol.ts +63 -0
package/src/browser-extension-relay/server.ts +177 -0
package/src/bundler/app-bundler.ts +3 -3
package/src/bundler/bundle-signer.ts +1 -1
package/src/bundler/signature-verifier.ts +1 -1
package/src/calls/call-conversation-messages.ts +33 -0
package/src/calls/call-domain.ts +106 -5
package/src/calls/call-orchestrator.ts +252 -54
package/src/calls/call-pointer-messages.ts +53 -0
package/src/calls/call-recovery.ts +3 -8
package/src/calls/call-store.ts +69 -87
package/src/calls/elevenlabs-config.ts +3 -2
package/src/calls/guardian-action-sweep.ts +105 -0
package/src/calls/guardian-dispatch.ts +203 -0
package/src/calls/guardian-question-copy.ts +133 -0
package/src/calls/relay-server.ts +466 -8
package/src/calls/speaker-identification.ts +1 -1
package/src/calls/twilio-config.ts +7 -5
package/src/calls/twilio-provider.ts +6 -4
package/src/calls/twilio-rest.ts +40 -15
package/src/calls/twilio-routes.ts +60 -45
package/src/calls/types.ts +3 -1
package/src/channels/types.ts +25 -0
package/src/cli/amazon.ts +815 -0
package/src/cli/config-commands.ts +2 -2
package/src/cli/core-commands.ts +4 -3
package/src/cli/influencer.ts +244 -0
package/src/cli/map.ts +89 -6
package/src/cli.ts +1 -1
package/src/config/agent-schema.ts +171 -0
package/src/config/bundled-skills/amazon/SKILL.md +127 -0
package/src/config/bundled-skills/amazon/icon.svg +13 -0
package/src/config/bundled-skills/api-mapping/SKILL.md +78 -0
package/src/config/bundled-skills/browser/SKILL.md +1 -0
package/src/config/bundled-skills/browser/TOOLS.json +17 -0
package/src/config/bundled-skills/browser/tools/browser-wait-for-download.ts +25 -0
package/src/config/bundled-skills/doordash/SKILL.md +51 -51
package/src/config/bundled-skills/email-setup/SKILL.md +14 -5
package/src/config/bundled-skills/google-oauth-setup/SKILL.md +183 -0
package/src/config/bundled-skills/influencer/SKILL.md +144 -0
package/src/config/bundled-skills/macos-automation/icon.svg +12 -0
package/src/config/bundled-skills/media-processing/SKILL.md +72 -95
package/src/config/bundled-skills/media-processing/TOOLS.json +57 -147
package/src/config/bundled-skills/media-processing/__tests__/concurrency-pool.test.ts +77 -0
package/src/config/bundled-skills/media-processing/__tests__/cost-tracker.test.ts +69 -0
package/src/config/bundled-skills/media-processing/__tests__/preprocess.test.ts +303 -0
package/src/config/bundled-skills/media-processing/services/concurrency-pool.ts +55 -0
package/src/config/bundled-skills/media-processing/services/cost-tracker.ts +86 -0
package/src/config/bundled-skills/media-processing/services/gemini-map.ts +339 -0
package/src/config/bundled-skills/media-processing/services/preprocess.ts +551 -0
package/src/config/bundled-skills/media-processing/services/processing-pipeline.ts +7 -9
package/src/config/bundled-skills/media-processing/services/reduce.ts +197 -0
package/src/config/bundled-skills/media-processing/tools/analyze-keyframes.ts +88 -253
package/src/config/bundled-skills/media-processing/tools/extract-keyframes.ts +22 -153
package/src/config/bundled-skills/media-processing/tools/generate-clip.ts +2 -2
package/src/config/bundled-skills/media-processing/tools/media-diagnostics.ts +28 -51
package/src/config/bundled-skills/media-processing/tools/query-media-events.ts +35 -270
package/src/config/bundled-skills/messaging/SKILL.md +12 -2
package/src/config/bundled-skills/messaging/tools/messaging-analyze-style.ts +4 -7
package/src/config/bundled-skills/messaging/tools/messaging-reply.ts +2 -1
package/src/config/bundled-skills/phone-calls/SKILL.md +86 -21
package/src/config/bundled-skills/twitter/icon.svg +14 -0
package/src/config/bundled-tool-registry.ts +310 -0
package/src/config/calls-schema.ts +181 -0
package/src/config/core-schema.ts +309 -0
package/src/config/defaults.ts +27 -3
package/src/config/env-registry.ts +169 -0
package/src/config/env.ts +175 -0
package/src/config/loader.ts +6 -6
package/src/config/memory-schema.ts +528 -0
package/src/config/sandbox-schema.ts +55 -0
package/src/config/schema.ts +157 -1138
package/src/config/skill-state.ts +1 -1
package/src/config/skills-schema.ts +32 -0
package/src/config/skills.ts +35 -24
package/src/config/system-prompt.ts +107 -56
package/src/config/templates/SOUL.md +1 -1
package/src/config/types.ts +1 -0
package/src/config/user-reference.ts +4 -9
package/src/config/vellum-skills/catalog.json +0 -7
package/src/config/vellum-skills/chatgpt-import/tools/chatgpt-import.ts +5 -1
package/src/config/vellum-skills/slack-oauth-setup/SKILL.md +1 -0
package/src/config/vellum-skills/sms-setup/SKILL.md +112 -14
package/src/context/window-manager.ts +27 -7
package/src/daemon/approval-generators.ts +186 -0
package/src/daemon/approved-devices-store.ts +140 -0
package/src/daemon/assistant-attachments.ts +1 -1
package/src/daemon/classifier.ts +35 -32
package/src/daemon/config-watcher.ts +1 -1
package/src/daemon/daemon-control.ts +254 -0
package/src/daemon/handlers/apps.ts +2 -3
package/src/daemon/handlers/config-channels.ts +158 -0
package/src/daemon/handlers/config-inbox.ts +540 -0
package/src/daemon/handlers/config-ingress.ts +231 -0
package/src/daemon/handlers/config-integrations.ts +258 -0
package/src/daemon/handlers/config-model.ts +143 -0
package/src/daemon/handlers/config-parental.ts +163 -0
package/src/daemon/handlers/config-scheduling.ts +172 -0
package/src/daemon/handlers/config-slack.ts +92 -0
package/src/daemon/handlers/config-telegram.ts +301 -0
package/src/daemon/handlers/config-tools.ts +177 -0
package/src/daemon/handlers/config-trust.ts +104 -0
package/src/daemon/handlers/config-twilio.ts +1080 -0
package/src/daemon/handlers/config.ts +53 -2463
package/src/daemon/handlers/diagnostics.ts +1 -1
package/src/daemon/handlers/dictation.ts +4 -6
package/src/daemon/handlers/documents.ts +18 -32
package/src/daemon/handlers/index.ts +9 -0
package/src/daemon/handlers/misc.ts +3 -5
package/src/daemon/handlers/pairing.ts +98 -0
package/src/daemon/handlers/sessions.ts +74 -5
package/src/daemon/handlers/shared.ts +3 -1
package/src/daemon/handlers/skills.ts +1 -1
package/src/daemon/handlers/twitter-auth.ts +2 -0
package/src/daemon/handlers/work-items.ts +2 -2
package/src/daemon/handlers/workspace-files.ts +4 -3
package/src/daemon/install-cli-launchers.ts +113 -0
package/src/daemon/ipc-contract/apps.ts +356 -0
package/src/daemon/ipc-contract/browser.ts +74 -0
package/src/daemon/ipc-contract/computer-use.ts +151 -0
package/src/daemon/ipc-contract/diagnostics.ts +56 -0
package/src/daemon/ipc-contract/documents.ts +74 -0
package/src/daemon/ipc-contract/inbox.ts +209 -0
package/src/daemon/ipc-contract/integrations.ts +284 -0
package/src/daemon/ipc-contract/memory.ts +48 -0
package/src/daemon/ipc-contract/messages.ts +211 -0
package/src/daemon/ipc-contract/pairing.ts +45 -0
package/src/daemon/ipc-contract/parental-control.ts +95 -0
package/src/daemon/ipc-contract/schedules.ts +97 -0
package/src/daemon/ipc-contract/sessions.ts +321 -0
package/src/daemon/ipc-contract/shared.ts +42 -0
package/src/daemon/ipc-contract/skills.ts +120 -0
package/src/daemon/ipc-contract/subagents.ts +58 -0
package/src/daemon/ipc-contract/surfaces.ts +250 -0
package/src/daemon/ipc-contract/trust.ts +60 -0
package/src/daemon/ipc-contract/work-items.ts +225 -0
package/src/daemon/ipc-contract/workspace.ts +113 -0
package/src/daemon/ipc-contract-inventory.json +62 -0
package/src/daemon/ipc-contract-inventory.ts +55 -29
package/src/daemon/ipc-contract.ts +227 -2527
package/src/daemon/ipc-protocol.ts +1 -1
package/src/daemon/ipc-validate.ts +7 -0
package/src/daemon/lifecycle.ts +97 -379
package/src/daemon/pairing-store.ts +177 -0
package/src/daemon/providers-setup.ts +43 -0
package/src/daemon/ride-shotgun-handler.ts +67 -2
package/src/daemon/server.ts +60 -44
package/src/daemon/session-agent-loop-handlers.ts +421 -0
package/src/daemon/session-agent-loop.ts +113 -275
package/src/daemon/session-dynamic-profile.ts +1 -1
package/src/daemon/session-history.ts +1 -1
package/src/daemon/session-media-retry.ts +1 -1
package/src/daemon/session-messaging.ts +37 -2
package/src/daemon/session-notifiers.ts +5 -25
package/src/daemon/session-process.ts +99 -59
package/src/daemon/session-queue-manager.ts +98 -4
package/src/daemon/session-runtime-assembly.ts +149 -15
package/src/daemon/session-surfaces.ts +26 -4
package/src/daemon/session-tool-setup.ts +28 -30
package/src/daemon/session-workspace.ts +1 -1
package/src/daemon/session.ts +24 -1
package/src/daemon/shutdown-handlers.ts +122 -0
package/src/daemon/trace-emitter.ts +1 -1
package/src/daemon/watch-handler.ts +36 -33
package/src/doordash/cart-queries.ts +787 -0
package/src/doordash/client.ts +144 -127
package/src/doordash/order-queries.ts +85 -0
package/src/doordash/queries.ts +10 -1308
package/src/doordash/search-queries.ts +203 -0
package/src/doordash/session.ts +3 -2
package/src/doordash/store-queries.ts +246 -0
package/src/doordash/types.ts +367 -0
package/src/email/providers/agentmail.ts +2 -1
package/src/email/providers/index.ts +3 -2
package/src/email/service.ts +3 -2
package/src/errors.ts +43 -0
package/src/home-base/prebuilt/seed.ts +1 -1
package/src/hooks/cli.ts +6 -5
package/src/hooks/config.ts +6 -8
package/src/hooks/discovery.ts +6 -5
package/src/hooks/manager.ts +4 -3
package/src/hooks/runner.ts +2 -2
package/src/hooks/templates.ts +5 -5
package/src/inbound/public-ingress-urls.ts +3 -1
package/src/index.ts +4 -2
package/src/influencer/client.ts +1104 -0
package/src/instrument.ts +4 -3
package/src/logfire.ts +4 -3
package/src/memory/admin.ts +25 -35
package/src/memory/attachments-store.ts +4 -7
package/src/memory/channel-delivery-store.ts +30 -1
package/src/memory/channel-guardian-store.ts +200 -1
package/src/memory/clarification-resolver.ts +37 -33
package/src/memory/conflict-store.ts +67 -61
package/src/memory/contradiction-checker.ts +141 -117
package/src/memory/conversation-store.ts +335 -51
package/src/memory/db-connection.ts +27 -4
package/src/memory/db-init.ts +121 -4
package/src/memory/db.ts +14 -1
package/src/memory/embedding-backend.ts +27 -5
package/src/memory/embedding-ollama.ts +2 -1
package/src/memory/entity-extractor.ts +38 -35
package/src/memory/guardian-action-store.ts +430 -0
package/src/memory/inbox-escalation-projection.ts +59 -0
package/src/memory/inbox-thread-store.ts +218 -0
package/src/memory/ingress-invite-store.ts +338 -0
package/src/memory/ingress-member-store.ts +350 -0
package/src/memory/items-extractor.ts +91 -97
package/src/memory/job-handlers/index-maintenance.ts +3 -3
package/src/memory/job-handlers/media-processing.ts +11 -42
package/src/memory/job-handlers/summarization.ts +32 -26
package/src/memory/job-utils.ts +3 -10
package/src/memory/jobs-store.ts +6 -9
package/src/memory/jobs-worker.ts +51 -36
package/src/memory/migrations/001-job-deferrals.ts +45 -0
package/src/memory/migrations/002-tool-invocations-fk.ts +43 -0
package/src/memory/migrations/003-memory-fts-backfill.ts +24 -0
package/src/memory/migrations/004-entity-relation-dedup.ts +87 -0
package/src/memory/migrations/005-fingerprint-scope-unique.ts +80 -0
package/src/memory/migrations/006-scope-salted-fingerprints.ts +62 -0
package/src/memory/migrations/007-assistant-id-to-self.ts +254 -0
package/src/memory/migrations/008-remove-assistant-id-columns.ts +208 -0
package/src/memory/migrations/009-llm-usage-events-drop-assistant-id.ts +83 -0
package/src/memory/migrations/010-ext-conv-bindings-channel-chat-unique.ts +56 -0
package/src/memory/migrations/011-call-sessions-provider-sid-dedup.ts +63 -0
package/src/memory/migrations/012-call-sessions-add-initiated-from.ts +19 -0
package/src/memory/migrations/013-guardian-action-tables.ts +68 -0
package/src/memory/migrations/014-backfill-inbox-thread-state.ts +76 -0
package/src/memory/migrations/015-drop-active-search-index.ts +27 -0
package/src/memory/migrations/016-memory-segments-indexes.ts +11 -0
package/src/memory/migrations/017-memory-items-indexes.ts +12 -0
package/src/memory/migrations/018-remaining-table-indexes.ts +13 -0
package/src/memory/migrations/index.ts +24 -0
package/src/memory/migrations/registry.ts +79 -0
package/src/memory/migrations/validate-migration-state.ts +69 -0
package/src/memory/qdrant-manager.ts +49 -8
package/src/memory/query-builder.ts +1 -1
package/src/memory/raw-query.ts +119 -0
package/src/memory/recall-cache.ts +4 -1
package/src/memory/retriever.ts +163 -47
package/src/memory/schema-migration.ts +25 -984
package/src/memory/schema.ts +130 -7
package/src/memory/search/entity.ts +10 -19
package/src/memory/search/lexical.ts +81 -52
package/src/memory/search/ranking.ts +21 -22
package/src/memory/search/semantic.ts +157 -19
package/src/memory/shared-app-links-store.ts +4 -5
package/src/memory/validation.ts +19 -0
package/src/messaging/draft-store.ts +5 -6
package/src/messaging/providers/sms/adapter.ts +3 -6
package/src/messaging/providers/telegram-bot/adapter.ts +2 -5
package/src/messaging/providers/whatsapp/adapter.ts +136 -0
package/src/messaging/providers/whatsapp/client.ts +67 -0
package/src/messaging/style-analyzer.ts +5 -4
package/src/messaging/thread-summarizer.ts +61 -69
package/src/messaging/triage-engine.ts +62 -71
package/src/migrations/config-merge.ts +53 -0
package/src/migrations/data-layout.ts +68 -0
package/src/migrations/data-merge.ts +33 -0
package/src/migrations/hooks-merge.ts +90 -0
package/src/migrations/index.ts +6 -0
package/src/migrations/log.ts +23 -0
package/src/migrations/skills-merge.ts +33 -0
package/src/migrations/workspace-layout.ts +79 -0
package/src/permissions/checker.ts +126 -11
package/src/permissions/prompter.ts +14 -0
package/src/permissions/shell-identity.ts +31 -1
package/src/permissions/trust-store.ts +21 -1
package/src/providers/anthropic/client.ts +4 -4
package/src/providers/failover.ts +2 -2
package/src/providers/model-intents.ts +70 -0
package/src/providers/ollama/client.ts +2 -1
package/src/providers/provider-send-message.ts +176 -0
package/src/providers/registry.ts +71 -30
package/src/providers/retry.ts +35 -1
package/src/providers/types.ts +12 -1
package/src/runtime/approval-conversation-turn.ts +97 -0
package/src/runtime/approval-message-composer.ts +115 -5
package/src/runtime/assistant-event-hub.ts +3 -1
package/src/runtime/channel-approval-parser.ts +36 -2
package/src/runtime/channel-approvals.ts +0 -21
package/src/runtime/channel-guardian-service.ts +48 -7
package/src/runtime/channel-readiness-service.ts +160 -34
package/src/runtime/channel-readiness-types.ts +10 -4
package/src/runtime/channel-retry-sweep.ts +184 -0
package/src/runtime/guardian-context-resolver.ts +108 -0
package/src/runtime/http-server.ts +289 -745
package/src/runtime/http-types.ts +56 -3
package/src/runtime/middleware/auth.ts +116 -0
package/src/runtime/middleware/error-handler.ts +33 -0
package/src/runtime/middleware/twilio-validation.ts +127 -0
package/src/runtime/routes/app-routes.ts +1 -1
package/src/runtime/routes/call-routes.ts +49 -6
package/src/runtime/routes/channel-delivery-routes.ts +170 -0
package/src/runtime/routes/channel-guardian-routes.ts +1191 -0
package/src/runtime/routes/channel-inbound-routes.ts +1152 -0
package/src/runtime/routes/channel-route-shared.ts +144 -0
package/src/runtime/routes/channel-routes.ts +32 -1634
package/src/runtime/routes/conversation-routes.ts +50 -7
package/src/runtime/routes/events-routes.ts +2 -2
package/src/runtime/routes/identity-routes.ts +126 -0
package/src/runtime/routes/pairing-routes.ts +144 -0
package/src/runtime/routes/run-routes.ts +15 -1
package/src/runtime/run-orchestrator.ts +52 -34
package/src/schedule/schedule-store.ts +36 -32
package/src/schedule/scheduler.ts +3 -3
package/src/security/encrypted-store.ts +5 -7
package/src/security/oauth2.ts +45 -15
package/src/security/parental-control-store.ts +183 -0
package/src/security/secret-allowlist.ts +4 -3
package/src/security/secret-scanner.ts +5 -5
package/src/security/secure-keys.ts +1 -1
package/src/security/token-manager.ts +3 -2
package/src/services/vercel-deploy.ts +6 -2
package/src/skills/tool-manifest.ts +3 -3
package/src/skills/vellum-catalog-remote.ts +75 -16
package/src/slack/slack-webhook.ts +2 -1
package/src/swarm/orchestrator.ts +92 -1
package/src/swarm/router-planner.ts +6 -9
package/src/swarm/worker-prompts.ts +9 -12
package/src/tasks/task-compiler.ts +19 -28
package/src/tasks/task-runner.ts +1 -1
package/src/tools/assets/search.ts +15 -14
package/src/tools/browser/__tests__/auth-detector.test.ts +1 -0
package/src/tools/browser/auto-navigate.ts +1 -0
package/src/tools/browser/browser-execution.ts +13 -1
package/src/tools/browser/browser-manager.ts +119 -4
package/src/tools/browser/network-recorder.ts +5 -0
package/src/tools/credentials/broker.ts +11 -2
package/src/tools/credentials/metadata-store.ts +18 -14
package/src/tools/credentials/post-connect-hooks.ts +61 -0
package/src/tools/credentials/vault.ts +49 -23
package/src/tools/executor.ts +80 -18
package/src/tools/host-terminal/cli-discover.ts +1 -1
package/src/tools/network/script-proxy/http-forwarder.ts +1 -1
package/src/tools/network/script-proxy/mitm-handler.ts +1 -1
package/src/tools/network/script-proxy/server.ts +1 -1
package/src/tools/network/script-proxy/session-manager.ts +6 -5
package/src/tools/network/web-fetch.ts +18 -2
package/src/tools/network/web-search.ts +7 -3
package/src/tools/reminder/reminder-store.ts +14 -15
package/src/tools/schedule/create.ts +1 -0
package/src/tools/schedule/list.ts +2 -1
package/src/tools/shared/filesystem/file-ops-service.ts +5 -7
package/src/tools/skills/skill-script-runner.ts +24 -9
package/src/tools/skills/skill-tool-factory.ts +1 -0
package/src/tools/tasks/work-item-enqueue.ts +2 -2
package/src/tools/terminal/evaluate-typescript.ts +21 -12
package/src/tools/terminal/parser.ts +50 -0
package/src/tools/watcher/delete.ts +6 -0
package/src/tools/weather/service.ts +1 -1
package/src/twitter/client.ts +190 -24
package/src/twitter/session.ts +4 -3
package/src/util/clipboard.ts +1 -1
package/src/util/errors.ts +65 -8
package/src/util/fs.ts +40 -0
package/src/util/json.ts +10 -0
package/src/util/log-redact.ts +189 -0
package/src/util/logger.ts +25 -18
package/src/util/object.ts +3 -0
package/src/util/platform.ts +72 -365
package/src/util/pricing.ts +1 -1
package/src/util/promise-guard.ts +1 -1
package/src/util/retry.ts +19 -0
package/src/util/row-mapper.ts +79 -0
package/src/util/silently.ts +21 -0
package/src/watcher/engine.ts +5 -1
package/src/watcher/provider-types.ts +20 -0
package/src/watcher/providers/github.ts +156 -0
package/src/watcher/providers/gmail.ts +1 -0
package/src/watcher/providers/google-calendar.ts +1 -0
package/src/watcher/providers/linear.ts +460 -0
package/src/watcher/providers/slack.ts +1 -0
package/src/work-items/work-item-runner.ts +1 -1
package/src/workspace/git-service.ts +1 -1
package/src/workspace/provider-commit-message-generator.ts +51 -22
package/src/__tests__/call-bridge.test.ts +0 -517
package/src/__tests__/session-process-bridge.test.ts +0 -244
package/src/calls/call-bridge.ts +0 -168
package/src/config/bundled-skills/media-processing/services/capability-registry.ts +0 -137
package/src/config/bundled-skills/media-processing/services/event-detection-service.ts +0 -280
package/src/config/bundled-skills/media-processing/services/feedback-aggregation.ts +0 -144
package/src/config/bundled-skills/media-processing/services/feedback-store.ts +0 -136
package/src/config/bundled-skills/media-processing/services/retrieval-service.ts +0 -95
package/src/config/bundled-skills/media-processing/services/timeline-service.ts +0 -267
package/src/config/bundled-skills/media-processing/tools/detect-events.ts +0 -110
package/src/config/bundled-skills/media-processing/tools/recalibrate.ts +0 -235
package/src/config/bundled-skills/media-processing/tools/select-tracking-profile.ts +0 -142
package/src/config/bundled-skills/media-processing/tools/submit-feedback.ts +0 -150
package/src/config/vellum-skills/google-oauth-setup/SKILL.md +0 -199

package/src/migrations/workspace-layout.ts ADDED Viewed

@@ -0,0 +1,79 @@
+import { existsSync, mkdirSync, renameSync } from 'node:fs';
+import { join, dirname } from 'node:path';
+import { getRootDir, getWorkspaceDir } from '../util/platform.js';
+import { migrationLog } from './log.js';
+import { mergeSkippedConfigKeys } from './config-merge.js';
+import { mergeLegacyHooks } from './hooks-merge.js';
+import { mergeLegacySkills } from './skills-merge.js';
+import { mergeLegacyDataEntries } from './data-merge.js';
+/**
+ * Idempotent move: relocates source to destination for migration.
+ * - No-op if source is missing (already migrated or never existed).
+ * - No-op if destination already exists (avoids clobbering).
+ * - Creates destination parent directories as needed.
+ * - Logs warning on failure instead of throwing.
+ *
+ * Exported for testing; not intended for general use outside migrations.
+ */
+export function migratePath(source: string, destination: string): void {
+  if (!existsSync(source)) return;
+  if (existsSync(destination)) {
+    migrationLog('debug', 'Migration skipped: destination already exists', { source, destination });
+    return;
+  }
+  try {
+    const destDir = dirname(destination);
+    if (!existsSync(destDir)) {
+      mkdirSync(destDir, { recursive: true });
+    }
+    renameSync(source, destination);
+    migrationLog('info', 'Migrated path', { from: source, to: destination });
+  } catch (err) {
+    migrationLog('warn', 'Failed to migrate path', { err: String(err), from: source, to: destination });
+  }
+}
+/**
+ * Migrate from the flat ~/.vellum layout to the workspace-based layout.
+ *
+ * Step (a) is special: if the workspace dir doesn't exist yet but the old
+ * sandbox working dir (data/sandbox/fs) does, its contents are "extracted"
+ * to become the new workspace root via rename. All subsequent moves then
+ * land inside that workspace directory.
+ *
+ * Idempotent: safe to call on every startup — already-migrated items are
+ * skipped, and a second run is a no-op.
+ */
+export function migrateToWorkspaceLayout(): void {
+  const root = getRootDir();
+  if (!existsSync(root)) return;
+  const ws = getWorkspaceDir();
+  // (a) Extract data/sandbox/fs -> workspace (only when workspace doesn't exist yet)
+  if (!existsSync(ws)) {
+    const sandboxFs = join(root, 'data', 'sandbox', 'fs');
+    if (existsSync(sandboxFs)) {
+      try {
+        renameSync(sandboxFs, ws);
+        migrationLog('info', 'Extracted sandbox/fs as workspace root', { from: sandboxFs, to: ws });
+      } catch (err) {
+        migrationLog('warn', 'Failed to extract sandbox/fs', { err: String(err), from: sandboxFs, to: ws });
+      }
+    }
+  }
+  // (b)-(h) Move legacy root-level items into workspace
+  migratePath(join(root, 'config.json'), join(ws, 'config.json'));
+  mergeSkippedConfigKeys(join(root, 'config.json'), join(ws, 'config.json'));
+  migratePath(join(root, 'data'), join(ws, 'data'));
+  mergeLegacyDataEntries(join(root, 'data'), join(ws, 'data'));
+  migratePath(join(root, 'hooks'), join(ws, 'hooks'));
+  mergeLegacyHooks(join(root, 'hooks'), join(ws, 'hooks'));
+  migratePath(join(root, 'IDENTITY.md'), join(ws, 'IDENTITY.md'));
+  migratePath(join(root, 'skills'), join(ws, 'skills'));
+  mergeLegacySkills(join(root, 'skills'), join(ws, 'skills'));
+  migratePath(join(root, 'SOUL.md'), join(ws, 'SOUL.md'));
+  migratePath(join(root, 'USER.md'), join(ws, 'USER.md'));
+}

package/src/permissions/checker.ts CHANGED Viewed

@@ -1,6 +1,6 @@
+import { createHash } from 'node:crypto';
 import { RiskLevel, type PermissionCheckResult, type AllowlistOption, type ScopeOption, type PolicyContext } from './types.js';
-import { findHighestPriorityRule } from './trust-store.js';
-import { parse } from '../tools/terminal/parser.js';
+import { findHighestPriorityRule, onRulesChanged } from './trust-store.js';
 import { resolveSkillSelector } from '../config/skills.js';
 import { computeSkillVersionHash } from '../skills/version-hash.js';
 import { getTool } from '../tools/registry.js';
@@ -11,9 +11,40 @@ import { homedir } from 'node:os';
 import { looksLikeHostPortShorthand, looksLikePathOnlyInput } from '../tools/network/url-safety.js';
 import { normalizeFilePath, isSkillSourcePath } from '../skills/path-classifier.js';
 import { isWorkspaceScopedInvocation } from './workspace-policy.js';
-import { buildShellCommandCandidates, buildShellAllowlistOptions, type ParsedCommand } from './shell-identity.js';
+import { buildShellCommandCandidates, buildShellAllowlistOptions, cachedParse, type ParsedCommand } from './shell-identity.js';
 import type { ManifestOverride } from '../tools/execution-target.js';
+// ── Risk classification cache ────────────────────────────────────────────────
+// classifyRisk() is called on every permission check and can invoke WASM
+// parsing for shell commands. Cache results keyed on
+// (toolName, inputHash, workingDir, manifestOverride).
+// Invalidated when trust rules change since risk classification for file tools
+// depends on skill source path checks which reference config, but the core
+// risk logic is input-deterministic.
+const RISK_CACHE_MAX = 256;
+const riskCache = new Map<string, RiskLevel>();
+function riskCacheKey(toolName: string, input: Record<string, unknown>, workingDir?: string, manifestOverride?: ManifestOverride): string {
+  const inputJson = JSON.stringify(input);
+  const hash = createHash('sha256')
+    .update(inputJson)
+    .update('\0')
+    .update(workingDir ?? '')
+    .update('\0')
+    .update(manifestOverride ? JSON.stringify(manifestOverride) : '')
+    .digest('hex');
+  return `${toolName}\0${hash}`;
+}
+/** Clear the risk classification cache. Called when trust rules change. */
+export function clearRiskCache(): void {
+  riskCache.clear();
+}
+// Invalidate risk cache whenever trust rules change so that risk decisions
+// referencing config-dependent checks (e.g. skill source paths) stay fresh.
+onRulesChanged(clearRiskCache);
 // Ensures the legacy mode deprecation warning fires at most once per process.
 let _legacyDeprecationWarned = false;
@@ -33,8 +64,8 @@ const LOW_RISK_PROGRAMS = new Set([
   'man', 'help', 'info',
   'env', 'printenv', 'set',
   'diff', 'sort', 'uniq', 'cut', 'tr', 'tee', 'xargs',
-  'jq', 'yq', 'sed', 'awk',
-  'curl', 'wget', 'http', 'dig', 'nslookup', 'ping',
+  'jq', 'yq',
+  'http', 'dig', 'nslookup', 'ping',
   'tree', 'du', 'df',
 ]);
@@ -56,6 +87,41 @@ const LOW_RISK_GIT_SUBCOMMANDS = new Set([
   'cat-file', 'reflog',
 ]);
+// Commands that wrap another program — the real program appears as the first
+// non-flag argument.  When one of these is the segment program we look through
+// its args to find the effective program (e.g. `env curl …` → curl).
+const WRAPPER_PROGRAMS = new Set([
+  'env', 'nice', 'nohup', 'time', 'command', 'exec',
+  'strace', 'ltrace', 'ionice', 'taskset', 'timeout',
+]);
+// `env` flags that consume the next positional argument as their value.
+// Without this, `env -u curl echo` would incorrectly identify `curl` (the
+// value of -u) as the wrapped program instead of `echo`.
+const ENV_VALUE_FLAGS = new Set(['-u', '--unset', '-C', '--chdir']);
+/**
+ * Given a segment whose program is a known wrapper, return the first
+ * non-flag argument (i.e. the wrapped program name).  Returns `undefined`
+ * when no suitable argument is found.
+ *
+ * Handles `env` specially: skips `VAR=value` pairs and value-taking flags
+ * like `-u NAME` and `-C DIR`.
+ */
+function getWrappedProgram(seg: { program: string; args: string[] }): string | undefined {
+  const isEnv = seg.program === 'env';
+  for (let i = 0; i < seg.args.length; i++) {
+    const arg = seg.args[i];
+    if (arg.startsWith('-')) {
+      if (isEnv && ENV_VALUE_FLAGS.has(arg)) i++; // skip the value argument
+      continue;
+    }
+    if (isEnv && arg.includes('=')) continue;     // skip env VAR=value pairs
+    return arg;
+  }
+  return undefined;
+}
 function isHighRiskRm(args: string[]): boolean {
   // rm with -r, -rf, -fr, or targeting root/home
   for (const arg of args) {
@@ -245,7 +311,36 @@ async function buildCommandCandidates(toolName: string, input: Record<string, un
   return [...new Set(candidates)];
 }
-export async function classifyRisk(toolName: string, input: Record<string, unknown>, workingDir?: string, preParsed?: ParsedCommand, manifestOverride?: ManifestOverride): Promise<RiskLevel> {
+export async function classifyRisk(toolName: string, input: Record<string, unknown>, workingDir?: string, preParsed?: ParsedCommand, manifestOverride?: ManifestOverride, signal?: AbortSignal): Promise<RiskLevel> {
+  signal?.throwIfAborted();
+  // Check cache first (skip when preParsed is provided since caller already
+  // parsed and we'd just be duplicating the key computation cost).
+  const cacheKey = preParsed ? null : riskCacheKey(toolName, input, workingDir, manifestOverride);
+  if (cacheKey) {
+    const cached = riskCache.get(cacheKey);
+    if (cached !== undefined) {
+      // LRU refresh
+      riskCache.delete(cacheKey);
+      riskCache.set(cacheKey, cached);
+      return cached;
+    }
+  }
+  const result = await classifyRiskUncached(toolName, input, workingDir, preParsed, manifestOverride);
+  if (cacheKey) {
+    if (riskCache.size >= RISK_CACHE_MAX) {
+      const oldest = riskCache.keys().next().value;
+      if (oldest !== undefined) riskCache.delete(oldest);
+    }
+    riskCache.set(cacheKey, result);
+  }
+  return result;
+}
+async function classifyRiskUncached(toolName: string, input: Record<string, unknown>, workingDir?: string, preParsed?: ParsedCommand, manifestOverride?: ManifestOverride): Promise<RiskLevel> {
   if (toolName === 'file_read') return RiskLevel.Low;
   if (toolName === 'file_write' || toolName === 'file_edit') {
     const filePath = getStringField(input, 'path', 'file_path');
@@ -285,7 +380,7 @@ export async function classifyRisk(toolName: string, input: Record<string, unkno
     const command = (input.command as string) ?? '';
     if (!command.trim()) return RiskLevel.Low;
-    const parsed = preParsed ?? await parse(command);
+    const parsed = preParsed ?? await cachedParse(command);
     // Dangerous patterns → High
     if (parsed.dangerousPatterns.length > 0) return RiskLevel.High;
@@ -307,11 +402,27 @@ export async function classifyRisk(toolName: string, input: Record<string, unkno
         continue;
       }
-      if (prog === 'chmod' || prog === 'chown' || prog === 'chgrp') {
+      if (prog === 'chmod' || prog === 'chown' || prog === 'chgrp'
+        || prog === 'sed' || prog === 'awk') {
+        maxRisk = RiskLevel.Medium;
+        continue;
+      }
+      // curl/wget can download and execute arbitrary code from the internet.
+      // Also catch wrapped invocations like `env curl …` or `nice wget …`.
+      if (prog === 'curl' || prog === 'wget') {
         maxRisk = RiskLevel.Medium;
         continue;
       }
+      if (WRAPPER_PROGRAMS.has(prog)) {
+        const wrapped = getWrappedProgram(seg);
+        if (wrapped === 'curl' || wrapped === 'wget') {
+          maxRisk = RiskLevel.Medium;
+          continue;
+        }
+      }
       if (prog === 'git') {
         const subcommand = seg.args[0];
         if (subcommand && LOW_RISK_GIT_SUBCOMMANDS.has(subcommand)) {
@@ -360,17 +471,20 @@ export async function check(
   workingDir: string,
   policyContext?: PolicyContext,
   manifestOverride?: ManifestOverride,
+  signal?: AbortSignal,
 ): Promise<PermissionCheckResult> {
+  signal?.throwIfAborted();
   // For shell tools, parse once and share the result to avoid duplicate tree-sitter work.
   let shellParsed: ParsedCommand | undefined;
   if (toolName === 'bash' || toolName === 'host_bash') {
     const command = ((input.command as string) ?? '').trim();
     if (command) {
-      shellParsed = await parse(command);
+      shellParsed = await cachedParse(command);
     }
   }
-  const risk = await classifyRisk(toolName, input, workingDir, shellParsed, manifestOverride);
+  const risk = await classifyRisk(toolName, input, workingDir, shellParsed, manifestOverride, signal);
   // Build command string candidates for rule matching
   const commandCandidates = await buildCommandCandidates(toolName, input, workingDir, shellParsed);
@@ -500,7 +614,8 @@ function friendlyHostname(url: URL): string {
   return url.hostname.replace(/^www\./, '');
 }
-export async function generateAllowlistOptions(toolName: string, input: Record<string, unknown>): Promise<AllowlistOption[]> {
+export async function generateAllowlistOptions(toolName: string, input: Record<string, unknown>, signal?: AbortSignal): Promise<AllowlistOption[]> {
+  signal?.throwIfAborted();
   if (toolName === 'bash' || toolName === 'host_bash') {
     const command = ((input.command as string) ?? '').trim();
     return buildShellAllowlistOptions(command);

package/src/permissions/prompter.ts CHANGED Viewed

@@ -43,12 +43,15 @@ export class PermissionPrompter {
     sessionId?: string,
     executionTarget?: ExecutionTarget,
     persistentDecisionsAllowed?: boolean,
+    signal?: AbortSignal,
   ): Promise<{
     decision: UserDecision;
     selectedPattern?: string;
     selectedScope?: string;
     decisionContext?: string;
   }> {
+    if (signal?.aborted) return { decision: 'deny' };
     const requestId = uuid();
     return new Promise((resolve, reject) => {
@@ -61,6 +64,17 @@ export class PermissionPrompter {
       this.pending.set(requestId, { resolve, reject, timer });
+      if (signal) {
+        const onAbort = () => {
+          if (this.pending.has(requestId)) {
+            clearTimeout(timer);
+            this.pending.delete(requestId);
+            resolve({ decision: 'deny' });
+          }
+        };
+        signal.addEventListener('abort', onAbort, { once: true });
+      }
       this.sendToClient({
         type: 'confirmation_request',
         requestId,

package/src/permissions/shell-identity.ts CHANGED Viewed

@@ -3,6 +3,36 @@ import type { AllowlistOption } from './types.js';
 export type { ParsedCommand };
+// ── Shell parse result cache ─────────────────────────────────────────────────
+// Shell parsing via web-tree-sitter WASM is deterministic — the same command
+// string always produces the same ParsedCommand. Cache results to avoid
+// redundant WASM invocations on repeated permission checks.
+const PARSE_CACHE_MAX = 256;
+const parseCache = new Map<string, ParsedCommand>();
+export async function cachedParse(command: string): Promise<ParsedCommand> {
+  const cached = parseCache.get(command);
+  if (cached !== undefined) {
+    // LRU refresh: move to end of insertion order
+    parseCache.delete(command);
+    parseCache.set(command, cached);
+    return cached;
+  }
+  const result = await parse(command);
+  // Evict oldest entry if at capacity
+  if (parseCache.size >= PARSE_CACHE_MAX) {
+    const oldest = parseCache.keys().next().value;
+    if (oldest !== undefined) parseCache.delete(oldest);
+  }
+  parseCache.set(command, result);
+  return result;
+}
+/** Clear the shell parse cache. Exposed for testing. */
+export function clearShellParseCache(): void {
+  parseCache.clear();
+}
 export interface ShellActionKey {
   /** e.g. "action:gh", "action:gh pr", "action:gh pr view" */
   key: string;
@@ -40,7 +70,7 @@ const MAX_ACTION_KEY_DEPTH = 3;
  * identity information for permission decisions.
  */
 export async function analyzeShellCommand(command: string, preParsed?: ParsedCommand): Promise<ShellIdentityAnalysis> {
-  const parsed = preParsed ?? await parse(command);
+  const parsed = preParsed ?? await cachedParse(command);
   const operators: string[] = [];
   for (const seg of parsed.segments) {

package/src/permissions/trust-store.ts CHANGED Viewed

@@ -21,6 +21,21 @@ interface TrustFile {
 let cachedRules: TrustRule[] | null = null;
 let cachedStarterBundleAccepted: boolean | null = null;
+// Callbacks invoked when trust rules change (add/update/remove/clear).
+// Used by the permission checker to invalidate dependent caches.
+const rulesChangedListeners: Array<() => void> = [];
+/** Register a callback to be invoked whenever trust rules change. */
+export function onRulesChanged(listener: () => void): void {
+  rulesChangedListeners.push(listener);
+}
+function notifyRulesChanged(): void {
+  for (const listener of rulesChangedListeners) {
+    listener();
+  }
+}
 /**
  * Cache of pre-compiled Minimatch objects keyed by pattern string.
  * Rebuilt whenever cachedRules changes. Avoids re-parsing glob patterns
@@ -326,7 +341,7 @@ function saveToDisk(rules: TrustRule[]): void {
 }
 function getRules(): TrustRule[] {
-  if (cachedRules === null) {
+  if (cachedRules == null) {
     cachedRules = loadFromDisk();
     rebuildPatternCache(cachedRules);
   }
@@ -368,6 +383,7 @@ export function addRule(
   cachedRules = rules;
   rebuildPatternCache(rules);
   saveToDisk(rules);
+  notifyRulesChanged();
   log.info({ rule }, 'Added trust rule');
   return rule;
 }
@@ -395,6 +411,7 @@ export function updateRule(
   cachedRules = rules;
   rebuildPatternCache(rules);
   saveToDisk(rules);
+  notifyRulesChanged();
   log.info({ rule }, 'Updated trust rule');
   return rule;
 }
@@ -412,6 +429,7 @@ export function removeRule(id: string): boolean {
   cachedRules = rules;
   rebuildPatternCache(rules);
   saveToDisk(rules);
+  notifyRulesChanged();
   log.info({ id }, 'Removed trust rule');
   return true;
 }
@@ -508,6 +526,7 @@ export function clearAllRules(): void {
   cachedRules = rules;
   rebuildPatternCache(rules);
   saveToDisk(rules);
+  notifyRulesChanged();
   log.info('Cleared all user trust rules (default rules preserved)');
 }
@@ -608,6 +627,7 @@ export function acceptStarterBundle(): AcceptStarterBundleResult {
   cachedRules = rules;
   rebuildPatternCache(rules);
   saveToDisk(rules);
+  notifyRulesChanged();
   log.info({ rulesAdded: added }, 'Starter approval bundle accepted');
   return { accepted: true, rulesAdded: added, alreadyAccepted: false };

package/src/providers/anthropic/client.ts CHANGED Viewed

@@ -58,12 +58,12 @@ export const PLACEHOLDER_BLOCKS_OMITTED = '\x00__PLACEHOLDER__[internal blocks o
 /** Type-guard for tool_use blocks in Anthropic-formatted content. */
 function isToolUseBlock(block: unknown): block is Anthropic.ToolUseBlockParam {
-  return typeof block === 'object' && block !== null && (block as { type: string }).type === 'tool_use';
+  return typeof block === 'object' && block != null && (block as { type: string }).type === 'tool_use';
 }
 /** Type-guard for tool_result blocks in Anthropic-formatted content. */
 function isToolResultBlock(block: unknown): block is Anthropic.ToolResultBlockParam {
-  return typeof block === 'object' && block !== null && (block as { type: string }).type === 'tool_result';
+  return typeof block === 'object' && block != null && (block as { type: string }).type === 'tool_result';
 }
 /**
@@ -379,12 +379,12 @@ export class AnthropicProvider implements Provider {
         const content = m.content
           .map((block) => {
             const result = this.toAnthropicBlockSafe(block);
-            if (result === null) {
+            if (result == null) {
               droppedUnknownBlock = true;
             }
             return result;
           })
-          .filter((block): block is Anthropic.ContentBlockParam => block !== null)
+          .filter((block): block is Anthropic.ContentBlockParam => block != null)
           .filter((block) => !(block.type === 'text' && !(block as { text?: string }).text?.trim()));
         // Preserve assistant turns that would otherwise become empty after filtering

package/src/providers/failover.ts CHANGED Viewed

@@ -77,7 +77,7 @@ export class FailoverProvider implements Provider {
       const now = Date.now();
       // Skip providers that are still in cooldown
-      if (health.unhealthySince !== null) {
+      if (health.unhealthySince != null) {
         const elapsed = now - health.unhealthySince;
         if (elapsed < this.cooldownMs) {
           log.debug(
@@ -93,7 +93,7 @@ export class FailoverProvider implements Provider {
       try {
         const response = await provider.sendMessage(messages, tools, systemPrompt, options);
         // Success — mark healthy
-        if (health.unhealthySince !== null) {
+        if (health.unhealthySince != null) {
           log.info({ provider: provider.name }, 'Provider recovered, marking healthy');
           health.unhealthySince = null;
         }

package/src/providers/model-intents.ts ADDED Viewed

@@ -0,0 +1,70 @@
+import type { ModelIntent } from './types.js';
+const PROVIDER_DEFAULT_MODELS = {
+  anthropic: 'claude-opus-4-6',
+  openai: 'gpt-5.2',
+  gemini: 'gemini-3-flash',
+  ollama: 'llama3.2',
+  fireworks: 'accounts/fireworks/models/kimi-k2p5',
+  openrouter: 'x-ai/grok-4',
+} as const;
+type KnownProviderName = keyof typeof PROVIDER_DEFAULT_MODELS;
+const PROVIDER_MODEL_INTENTS: Record<KnownProviderName, Record<ModelIntent, string>> = {
+  anthropic: {
+    'latency-optimized': 'claude-haiku-4-5-20251001',
+    'quality-optimized': 'claude-opus-4-6',
+    'vision-optimized': 'claude-sonnet-4-6',
+  },
+  openai: {
+    'latency-optimized': 'gpt-4o-mini',
+    'quality-optimized': 'gpt-5.2',
+    'vision-optimized': 'gpt-4o',
+  },
+  gemini: {
+    'latency-optimized': 'gemini-3-flash',
+    'quality-optimized': 'gemini-3-flash',
+    'vision-optimized': 'gemini-3-flash',
+  },
+  ollama: {
+    'latency-optimized': 'llama3.2',
+    'quality-optimized': 'llama3.2',
+    'vision-optimized': 'llama3.2',
+  },
+  fireworks: {
+    'latency-optimized': 'accounts/fireworks/models/kimi-k2p5',
+    'quality-optimized': 'accounts/fireworks/models/kimi-k2p5',
+    'vision-optimized': 'accounts/fireworks/models/kimi-k2p5',
+  },
+  openrouter: {
+    'latency-optimized': 'x-ai/grok-4',
+    'quality-optimized': 'x-ai/grok-4',
+    'vision-optimized': 'x-ai/grok-4',
+  },
+};
+const MODEL_INTENTS = new Set<ModelIntent>([
+  'latency-optimized',
+  'quality-optimized',
+  'vision-optimized',
+]);
+export function isModelIntent(value: unknown): value is ModelIntent {
+  return typeof value === 'string' && MODEL_INTENTS.has(value as ModelIntent);
+}
+export function getProviderDefaultModel(providerName: string): string {
+  const knownProvider = providerName as KnownProviderName;
+  return PROVIDER_DEFAULT_MODELS[knownProvider] ?? PROVIDER_DEFAULT_MODELS.anthropic;
+}
+export function resolveModelIntent(providerName: string, intent: ModelIntent): string {
+  const knownProvider = providerName as KnownProviderName;
+  const providerIntentModels = PROVIDER_MODEL_INTENTS[knownProvider];
+  if (providerIntentModels) {
+    return providerIntentModels[intent];
+  }
+  return getProviderDefaultModel(providerName);
+}

package/src/providers/ollama/client.ts CHANGED Viewed

@@ -1,4 +1,5 @@
 import { OpenAIProvider } from '../openai/client.js';
+import { getOllamaBaseUrlEnv } from '../../config/env.js';
 export interface OllamaProviderOptions {
   apiKey?: string;
@@ -20,7 +21,7 @@ export class OllamaProvider extends OpenAIProvider {
 }
 function resolveBaseUrl(optionBaseUrl?: string): string {
-  for (const candidate of [optionBaseUrl, process.env.OLLAMA_BASE_URL]) {
+  for (const candidate of [optionBaseUrl, getOllamaBaseUrlEnv()]) {
     if (typeof candidate === 'string') {
       const trimmed = candidate.trim();
       if (trimmed.length > 0) return trimmed;