@vellumai/assistant 0.4.14 → 0.4.15

package/src/config/bundled-skills/messaging/tools/gmail-send-draft.ts

@@ -0,0 +1,20 @@
+import { sendDraft } from '../../../../messaging/providers/gmail/client.js';
+import { getMessagingProvider } from '../../../../messaging/registry.js';
+import { withValidToken } from '../../../../security/token-manager.js';
+import type { ToolContext, ToolExecutionResult } from '../../../../tools/types.js';
+import { err, ok } from './shared.js';
+
+export async function run(input: Record<string, unknown>, _context: ToolContext): Promise<ToolExecutionResult> {
+  const draftId = input.draft_id as string;
+  if (!draftId) return err('draft_id is required.');
+
+  try {
+    const provider = getMessagingProvider('gmail');
+    return withValidToken(provider.credentialService, async (token) => {
+      const msg = await sendDraft(token, draftId);
+      return ok(`Draft sent (Message ID: ${msg.id}).`);
+    });
+  } catch (e) {
+    return err(e instanceof Error ? e.message : String(e));
+  }
+}

package/src/config/bundled-skills/messaging/tools/gmail-send-with-attachments.ts

@@ -1,7 +1,7 @@
 import { readFile } from 'node:fs/promises';
 import { basename, extname } from 'node:path';
 
-import { sendMessageRaw } from '../../../../messaging/providers/gmail/client.js';
+import { createDraftRaw } from '../../../../messaging/providers/gmail/client.js';
 import { buildMultipartMime } from '../../../../messaging/providers/gmail/mime-builder.js';
 import { getMessagingProvider } from '../../../../messaging/registry.js';
 import { withValidToken } from '../../../../security/token-manager.js';
@@ -67,11 +67,10 @@ export async function run(input: Record<string, unknown>, _context: ToolContext)
       );
 
       const raw = buildMultipartMime({ to, subject, body, inReplyTo, attachments });
-      const result = await sendMessageRaw(token, raw, threadId);
+      const draft = await createDraftRaw(token, raw, threadId);
 
       const filenames = attachments.map((a) => a.filename).join(', ');
-      const threadSuffix = result.threadId ? `, "thread_id": "${result.threadId}"` : '';
-      return ok(`Message sent with ${attachments.length} attachment(s): ${filenames} (ID: ${result.id}${threadSuffix}).`);
+      return ok(`Gmail draft created with ${attachments.length} attachment(s): ${filenames} (Draft ID: ${draft.id}). Review in Gmail Drafts, then tell me to send it or send it yourself.`);
     });
   } catch (e) {
     return err(e instanceof Error ? e.message : String(e));

package/src/config/bundled-skills/messaging/tools/gmail-sender-digest.ts

@@ -2,10 +2,11 @@ import { batchGetMessages,listMessages } from '../../../../messaging/providers/g
 import { getMessagingProvider } from '../../../../messaging/registry.js';
 import { withValidToken } from '../../../../security/token-manager.js';
 import type { ToolContext, ToolExecutionResult } from '../../../../tools/types.js';
+import { storeScanResult } from './scan-result-store.js';
 import { err,ok } from './shared.js';
 
-const MAX_MESSAGES_CAP = 500;
-const MAX_IDS_PER_SENDER = 500;
+const MAX_MESSAGES_CAP = 5000;
+const MAX_IDS_PER_SENDER = 5000;
 const MAX_SAMPLE_SUBJECTS = 3;
 
 interface SenderAggregation {
@@ -36,7 +37,7 @@ function parseFrom(from: string): { displayName: string; email: string } {
 
 export async function run(input: Record<string, unknown>, _context: ToolContext): Promise<ToolExecutionResult> {
   const query = (input.query as string) ?? 'category:promotions newer_than:90d';
-  const maxMessages = Math.min((input.max_messages as number) ?? 500, MAX_MESSAGES_CAP);
+  const maxMessages = Math.min((input.max_messages as number) ?? 2000, MAX_MESSAGES_CAP);
   const maxSenders = (input.max_senders as number) ?? 30;
   const inputPageToken = input.page_token as string | undefined;
 
@@ -149,7 +150,7 @@ export async function run(input: Record<string, unknown>, _context: ToolContext)
         .sort((a, b) => b.messageCount - a.messageCount)
         .slice(0, maxSenders);
 
-      const result = sorted.map((s) => ({
+      const resultSenders = sorted.map((s) => ({
         id: Buffer.from(s.email).toString('base64url'),
         display_name: s.displayName || s.email.split('@')[0],
         email: s.email,
@@ -161,19 +162,26 @@ export async function run(input: Record<string, unknown>, _context: ToolContext)
           : s.newestMessageId,
         oldest_date: s.oldestDate,
         newest_date: s.newestDate,
-        message_ids: s.messageIds,
-        has_more: s.hasMore,
         // Preserve original query filters so follow-up searches stay scoped
         search_query: `from:${s.email} ${query}`,
         sample_subjects: s.sampleSubjects,
       }));
 
+      // Store message IDs server-side to keep them out of LLM context
+      const scanId = storeScanResult(sorted.map((s) => ({
+        id: Buffer.from(s.email).toString('base64url'),
+        messageIds: s.messageIds,
+        newestMessageId: s.newestMessageId,
+        newestUnsubscribableMessageId: s.newestUnsubscribableMessageId,
+      })));
+
       return ok(JSON.stringify({
-        senders: result,
+        scan_id: scanId,
+        senders: resultSenders,
         total_scanned: allMessageIds.length,
         query_used: query,
         ...(truncated ? { truncated: true, next_page_token: pageToken } : {}),
-        note: `message_count reflects emails found per sender within the ${allMessageIds.length} messages scanned. Use the message_ids array with gmail_batch_archive to archive exactly these messages.`,
+        note: `message_count reflects emails found per sender within the ${allMessageIds.length} messages scanned. Use scan_id with gmail_batch_archive to archive messages (pass scan_id + sender_ids instead of message_ids).`,
       }));
     });
   } catch (e) {

package/src/config/bundled-skills/messaging/tools/messaging-reply.ts

@@ -1,6 +1,11 @@
+import { batchGetMessages, createDraft, getProfile, listMessages } from '../../../../messaging/providers/gmail/client.js';
 import type { ToolContext, ToolExecutionResult } from '../../../../tools/types.js';
 import { err,ok, resolveProvider, withProviderToken } from './shared.js';
 
+function extractHeader(headers: Array<{ name: string; value: string }> | undefined, name: string): string {
+  return headers?.find((h) => h.name.toLowerCase() === name.toLowerCase())?.value ?? '';
+}
+
 export async function run(input: Record<string, unknown>, context: ToolContext): Promise<ToolExecutionResult> {
   const platform = input.platform as string | undefined;
   const conversationId = input.conversation_id as string;
@@ -19,6 +24,77 @@ export async function run(input: Record<string, unknown>, context: ToolContext):
 
   try {
     const provider = resolveProvider(platform);
+
+    // Gmail: create a threaded draft with reply-all recipients
+    if (provider.id === 'gmail') {
+      return withProviderToken(provider, async (token) => {
+        // Fetch thread messages to extract recipients and threading headers
+        const list = await listMessages(token, `thread:${threadId}`, 10);
+        if (!list.messages?.length) {
+          return err('No messages found in this thread.');
+        }
+
+        const messages = await batchGetMessages(token, list.messages.map((m) => m.id), 'metadata', [
+          'From', 'To', 'Cc', 'Message-ID', 'Subject',
+        ]);
+
+        // Use the latest message for threading and recipient extraction
+        const latest = messages[messages.length - 1];
+        const latestHeaders = latest.payload?.headers ?? [];
+
+        const messageIdHeader = extractHeader(latestHeaders, 'Message-ID');
+        let subject = extractHeader(latestHeaders, 'Subject');
+        if (subject && !subject.startsWith('Re:')) {
+          subject = `Re: ${subject}`;
+        }
+
+        // Build reply-all recipient list, excluding the user's own email
+        const profile = await getProfile(token);
+        const userEmail = profile.emailAddress.toLowerCase();
+
+        const allRecipients = new Set<string>();
+        const allCc = new Set<string>();
+
+        // From the latest message: From goes to To, original To/Cc go to Cc
+        const fromAddr = extractHeader(latestHeaders, 'From');
+        const toAddrs = extractHeader(latestHeaders, 'To');
+        const ccAddrs = extractHeader(latestHeaders, 'Cc');
+
+        if (fromAddr) allRecipients.add(fromAddr);
+        for (const addr of toAddrs.split(',').map((a) => a.trim()).filter(Boolean)) {
+          allRecipients.add(addr);
+        }
+        for (const addr of ccAddrs.split(',').map((a) => a.trim()).filter(Boolean)) {
+          allCc.add(addr);
+        }
+
+        // Remove user's own email from recipients
+        const filterSelf = (addr: string) => !addr.toLowerCase().includes(userEmail);
+        const toList = [...allRecipients].filter(filterSelf);
+        const ccList = [...allCc].filter(filterSelf);
+
+        if (toList.length === 0) {
+          return err('Could not determine reply recipients from thread.');
+        }
+
+        const draft = await createDraft(
+          token,
+          toList.join(', '),
+          subject,
+          text,
+          messageIdHeader || undefined,
+          ccList.length > 0 ? ccList.join(', ') : undefined,
+          undefined,
+          threadId,
+        );
+
+        const recipientSummary = ccList.length > 0
+          ? `To: ${toList.join(', ')}; Cc: ${ccList.join(', ')}`
+          : `To: ${toList.join(', ')}`;
+        return ok(`Gmail draft created (ID: ${draft.id}). ${recipientSummary}. Review in Gmail Drafts, then tell me to send it or send it yourself.`);
+      });
+    }
+
     return withProviderToken(provider, async (token) => {
       const result = await provider.sendMessage(token, conversationId, text, {
         threadId,

package/src/config/bundled-skills/messaging/tools/messaging-send.ts

@@ -1,3 +1,4 @@
+import { createDraft } from '../../../../messaging/providers/gmail/client.js';
 import type { ToolContext, ToolExecutionResult } from '../../../../tools/types.js';
 import { err,ok, resolveProvider, withProviderToken } from './shared.js';
 
@@ -17,6 +18,15 @@ export async function run(input: Record<string, unknown>, context: ToolContext):
 
   try {
     const provider = resolveProvider(platform);
+
+    // Gmail: create a draft instead of sending directly
+    if (provider.id === 'gmail') {
+      return withProviderToken(provider, async (token) => {
+        const draft = await createDraft(token, conversationId, subject ?? '', text, inReplyTo);
+        return ok(`Gmail draft created (ID: ${draft.id}). Review it in your Gmail Drafts, then tell me to send it or send it yourself from Gmail.`);
+      });
+    }
+
     return withProviderToken(provider, async (token) => {
       const result = await provider.sendMessage(token, conversationId, text, {
         subject,

package/src/config/bundled-skills/messaging/tools/messaging-sender-digest.ts

@@ -1,4 +1,5 @@
 import type { ToolContext, ToolExecutionResult } from '../../../../tools/types.js';
+import { storeScanResult } from './scan-result-store.js';
 import { err, ok, resolveProvider, withProviderToken } from './shared.js';
 
 export async function run(input: Record<string, unknown>, _context: ToolContext): Promise<ToolExecutionResult> {
@@ -37,16 +38,23 @@ export async function run(input: Record<string, unknown>, _context: ToolContext)
         has_unsubscribe: s.hasUnsubscribe,
         newest_message_id: s.newestMessageId,
         search_query: s.searchQuery,
-        message_ids: s.messageIds,
-        has_more: s.hasMore,
       }));
 
+      // Store message IDs server-side to keep them out of LLM context
+      const scanId = storeScanResult(result.senders.map((s) => ({
+        id: s.id,
+        messageIds: s.messageIds,
+        newestMessageId: s.newestMessageId,
+        newestUnsubscribableMessageId: null,
+      })));
+
       return ok(JSON.stringify({
+        scan_id: scanId,
         senders,
         total_scanned: result.totalScanned,
         query_used: result.queryUsed,
         ...(result.truncated ? { truncated: true, next_page_token: result.nextPageToken } : {}),
-        note: `message_count reflects emails found per sender within the ${result.totalScanned} messages scanned. Use the message_ids array with the archive tool to archive exactly these messages.`,
+        note: `message_count reflects emails found per sender within the ${result.totalScanned} messages scanned. Use scan_id with the archive tool to archive messages (pass scan_id + sender_ids instead of message_ids).`,
       }));
     });
   } catch (e) {

package/src/config/bundled-skills/messaging/tools/scan-result-store.ts

@@ -0,0 +1,86 @@
+import { randomBytes } from 'crypto';
+
+interface SenderData {
+  messageIds: string[];
+  newestMessageId: string;
+  newestUnsubscribableMessageId: string | null;
+}
+
+interface ScanEntry {
+  senders: Map<string, SenderData>;
+  createdAt: number;
+}
+
+const MAX_ENTRIES = 16;
+const TTL_MS = 30 * 60_000; // 30 minutes
+
+const _store = new Map<string, ScanEntry>();
+
+/** Store scan results and return a unique scan ID. */
+export function storeScanResult(
+  senders: Array<{ id: string; messageIds: string[]; newestMessageId: string; newestUnsubscribableMessageId: string | null }>,
+): string {
+  const scanId = randomBytes(8).toString('hex');
+
+  // LRU eviction: remove oldest if at capacity
+  if (_store.size >= MAX_ENTRIES) {
+    const oldest = _store.keys().next().value;
+    if (oldest !== undefined) _store.delete(oldest);
+  }
+
+  const senderMap = new Map<string, SenderData>();
+  for (const s of senders) {
+    senderMap.set(s.id, {
+      messageIds: s.messageIds,
+      newestMessageId: s.newestMessageId,
+      newestUnsubscribableMessageId: s.newestUnsubscribableMessageId,
+    });
+  }
+
+  _store.set(scanId, { senders: senderMap, createdAt: Date.now() });
+  return scanId;
+}
+
+/** Retrieve message IDs for the given senders from a scan result. */
+export function getSenderMessageIds(scanId: string, senderIds: string[]): string[] | null {
+  const entry = _store.get(scanId);
+  if (!entry) return null;
+  if (Date.now() - entry.createdAt > TTL_MS) {
+    _store.delete(scanId);
+    return null;
+  }
+  // LRU: move to end
+  _store.delete(scanId);
+  _store.set(scanId, entry);
+
+  const ids: string[] = [];
+  for (const sid of senderIds) {
+    const data = entry.senders.get(sid);
+    if (data) ids.push(...data.messageIds);
+  }
+  return ids;
+}
+
+/** Retrieve metadata for a single sender from a scan result. */
+export function getSenderMetadata(
+  scanId: string,
+  senderId: string,
+): { newestMessageId: string; newestUnsubscribableMessageId: string | null } | null {
+  const entry = _store.get(scanId);
+  if (!entry) return null;
+  if (Date.now() - entry.createdAt > TTL_MS) {
+    _store.delete(scanId);
+    return null;
+  }
+  const data = entry.senders.get(senderId);
+  if (!data) return null;
+  return { newestMessageId: data.newestMessageId, newestUnsubscribableMessageId: data.newestUnsubscribableMessageId };
+}
+
+/** Clear the store (for tests). */
+export function clearScanStore(): void {
+  _store.clear();
+}
+
+/** Visible for testing: override TTL check by returning internal store reference. */
+export const _internals = { store: _store, TTL_MS };

package/src/config/bundled-skills/phone-calls/SKILL.md

@@ -62,7 +62,7 @@ If `hasCredentials` is `true`, `phoneNumber` is set, and `calls.enabled` is `tru
 
 If Twilio is not yet configured, load the **twilio-setup** skill — it handles credential storage, phone number provisioning, and public ingress setup:
 
-- Call `skill_load` with `skill_id: "twilio-setup"` to load the dependency skill.
+- Call `skill_load` with `skill: "twilio-setup"` to load the dependency skill.
 
 Once twilio-setup completes, return here to enable calls.
 
@@ -293,7 +293,7 @@ No additional configuration is needed beyond Twilio setup and `calls.enabled` be
 
 ### Guardian voice verification for inbound calls
 
-For guardian verification setup, load the skill by calling `skill_load` with `skill_id: "guardian-verify-setup"`. This skill handles the full outbound verification flow; `phone-calls` does not orchestrate it inline. Do not use `call_start` to place guardian verification calls — the guardian outbound verification endpoints already place those calls.
+For guardian verification setup, load the skill by calling `skill_load` with `skill: "guardian-verify-setup"`. This skill handles the full outbound verification flow; `phone-calls` does not orchestrate it inline. Do not use `call_start` to place guardian verification calls — the guardian outbound verification endpoints already place those calls.
 
 Once a guardian binding exists for the voice channel, inbound callers may be prompted for verification before calls proceed. The relay server detects pending challenges and prompts callers: "Please enter your six-digit verification code using your keypad, or speak the digits now." If verification fails after 3 attempts, the call ends with "Verification failed. Goodbye."
 

package/src/config/bundled-skills/skills-catalog/SKILL.md

@@ -19,19 +19,39 @@ The skill catalog shown in the system prompt lists all bundled skills with their
 
 ## Community skills (Clawhub)
 
-Community skills are published on [Clawhub](https://clawhub.com) and can be searched and installed on demand.
+Community skills are published on Clawhub and can be searched, inspected, and installed on demand using the `clawhub` CLI via bash.
 
 ### Searching for community skills
 
-Use the `skill_load` tool to search the catalog, or check the system prompt's available skills list. The IPC `skills_search` message searches community skills on Clawhub. Bundled skills are already listed in the system prompt.
+```bash
+npx clawhub search "<query>" --limit 10
+```
 
-### Installing a community skill
+Returns matching skills with their slug, version, and name. Use this when the user asks for a capability not covered by bundled skills.
+
+To browse trending/popular skills without a specific query:
 
-Community skills are installed via the IPC `skills_install` message with a `slug` parameter. Once installed, they appear in `~/.vellum/workspace/skills/<slug>/` and can be loaded with `skill_load` like any other skill.
+```bash
+npx clawhub explore --json --limit 10
+```
 
 ### Inspecting a community skill
 
-Before installing, you can inspect a community skill via the IPC `skills_inspect` message with a `slug` parameter. This returns metadata (author, stats, version) and optionally the skill's SKILL.md content so the user can review it.
+Before installing, inspect a skill to review its metadata, author, stats, and SKILL.md content:
+
+```bash
+npx clawhub inspect <slug> --json --files --file SKILL.md
+```
+
+Present the results to the user so they can decide whether to install.
+
+### Installing a community skill
+
+```bash
+npx clawhub install <slug> --force --workdir ~/.vellum/workspace
+```
+
+Once installed, the skill appears in `~/.vellum/workspace/skills/<slug>/` and can be loaded with `skill_load` like any other skill.
 
 ## Typical flow
 
@@ -41,9 +61,11 @@ Before installing, you can inspect a community skill via the IPC `skills_inspect
    - Load any that match with `skill_load`
 
 2. **User wants a capability not covered by bundled skills** — "Can you do X?"
-   - Search for community skills that provide the capability
+   - Search with `npx clawhub search "<query>"`
+   - Optionally inspect promising results with `npx clawhub inspect <slug> --json`
    - Present matching results with descriptions and install counts
-   - Install the chosen skill, then load it with `skill_load`
+   - Install the chosen skill with `npx clawhub install <slug> --force --workdir ~/.vellum/workspace`
+   - Load it with `skill_load`
 
 3. **Skill has dependencies** — if `includes` lists other skill IDs, load those first with `skill_load`
 
@@ -51,5 +73,6 @@ Before installing, you can inspect a community skill via the IPC `skills_inspect
 
 - Bundled skills are always available and do not need installation
 - Community skills are installed to `~/.vellum/workspace/skills/<slug>/`
-- After installing a community skill, it may need to be enabled in settings
+- After installing a community skill, it is auto-enabled and immediately loadable
 - Skills can be enabled or disabled via feature flags without uninstalling them
+- Run `npx clawhub --help` to discover additional CLI options

package/src/config/bundled-skills/slack/tools/slack-channel-details.ts

@@ -10,7 +10,7 @@ export async function run(input: Record<string, unknown>, _context: ToolContext)
   }
 
   try {
-    return withSlackToken(async (token) => {
+    return await withSlackToken(async (token) => {
       const resp = await slack.conversationInfo(token, channelId);
       const conv = resp.channel;
 

package/src/config/bundled-skills/slack/tools/slack-scan-digest.ts

@@ -1,8 +1,11 @@
-import * as slack from '../../../../messaging/providers/slack/client.js';
-import type { SlackConversation } from '../../../../messaging/providers/slack/types.js';
-import { getConfig } from '../../../../config/loader.js';
-import type { ToolContext, ToolExecutionResult } from '../../../../tools/types.js';
-import { err, ok, withSlackToken } from './shared.js';
+import { getConfig } from "../../../../config/loader.js";
+import * as slack from "../../../../messaging/providers/slack/client.js";
+import type { SlackConversation } from "../../../../messaging/providers/slack/types.js";
+import type {
+  ToolContext,
+  ToolExecutionResult,
+} from "../../../../tools/types.js";
+import { err, ok, withSlackToken } from "./shared.js";
 
 interface ThreadSummary {
   threadTs: string;
@@ -24,16 +27,17 @@ interface ChannelDigest {
 const userNameCache = new Map<string, string>();
 
 async function resolveUserName(token: string, userId: string): Promise<string> {
-  if (!userId) return 'unknown';
+  if (!userId) return "unknown";
   const cached = userNameCache.get(userId);
   if (cached) return cached;
 
   try {
     const resp = await slack.userInfo(token, userId);
-    const name = resp.user.profile?.display_name
-      || resp.user.profile?.real_name
-      || resp.user.real_name
-      || resp.user.name;
+    const name =
+      resp.user.profile?.display_name ||
+      resp.user.profile?.real_name ||
+      resp.user.real_name ||
+      resp.user.name;
     userNameCache.set(userId, name);
     return name;
   } catch {
@@ -52,7 +56,13 @@ async function scanChannel(
   const isPrivate = conv.is_private ?? conv.is_group ?? false;
 
   try {
-    const history = await slack.conversationHistory(token, channelId, 100, undefined, oldestTs);
+    const history = await slack.conversationHistory(
+      token,
+      channelId,
+      100,
+      undefined,
+      oldestTs,
+    );
     const messages = history.messages;
 
     const participantIds = new Set<string>();
@@ -76,7 +86,12 @@ async function scanChannel(
 
       if (includeThreads) {
         try {
-          const replies = await slack.conversationReplies(token, channelId, msg.ts, 10);
+          const replies = await slack.conversationReplies(
+            token,
+            channelId,
+            msg.ts,
+            10,
+          );
           const threadParticipantIds = new Set<string>();
           for (const reply of replies.messages) {
             if (reply.user) threadParticipantIds.add(reply.user);
@@ -85,7 +100,7 @@ async function scanChannel(
             participants.push(await resolveUserName(token, uid));
           }
         } catch {
-          participants = [await resolveUserName(token, msg.user ?? '')];
+          participants = [await resolveUserName(token, msg.user ?? "")];
         }
       }
 
@@ -120,10 +135,13 @@ async function scanChannel(
 
 function truncate(text: string, maxLen: number): string {
   if (text.length <= maxLen) return text;
-  return text.slice(0, maxLen - 3) + '...';
+  return text.slice(0, maxLen - 3) + "...";
 }
 
-export async function run(input: Record<string, unknown>, _context: ToolContext): Promise<ToolExecutionResult> {
+export async function run(
+  input: Record<string, unknown>,
+  _context: ToolContext,
+): Promise<ToolExecutionResult> {
   const channelIds = input.channel_ids as string[] | undefined;
   const hoursBack = (input.hours_back as number) ?? 24;
   const includeThreads = (input.include_threads as boolean) ?? true;
@@ -141,26 +159,45 @@ export async function run(input: Record<string, unknown>, _context: ToolContext)
           channelIds.map((id) => slack.conversationInfo(token, id)),
         );
         channelsToScan = results
-          .filter((r): r is PromiseFulfilledResult<Awaited<ReturnType<typeof slack.conversationInfo>>> => r.status === 'fulfilled')
+          .filter(
+            (
+              r,
+            ): r is PromiseFulfilledResult<
+              Awaited<ReturnType<typeof slack.conversationInfo>>
+            > => r.status === "fulfilled",
+          )
           .map((r) => r.value.channel);
-        failedLookups = results.filter((r) => r.status === 'rejected').length;
+        failedLookups = results.filter((r) => r.status === "rejected").length;
       } else {
         const config = getConfig();
-        const preferredIds = config.skills?.entries?.slack?.config?.preferredChannels as string[] | undefined;
+        const preferredIds = config.skills?.entries?.slack?.config
+          ?.preferredChannels as string[] | undefined;
 
         if (preferredIds?.length) {
           const results = await Promise.allSettled(
             preferredIds.map((id) => slack.conversationInfo(token, id)),
           );
           channelsToScan = results
-            .filter((r): r is PromiseFulfilledResult<Awaited<ReturnType<typeof slack.conversationInfo>>> => r.status === 'fulfilled')
+            .filter(
+              (
+                r,
+              ): r is PromiseFulfilledResult<
+                Awaited<ReturnType<typeof slack.conversationInfo>>
+              > => r.status === "fulfilled",
+            )
             .map((r) => r.value.channel);
-          failedLookups = results.filter((r) => r.status === 'rejected').length;
+          failedLookups = results.filter((r) => r.status === "rejected").length;
         } else {
           const allChannels: SlackConversation[] = [];
           let cursor: string | undefined;
           do {
-            const resp = await slack.listConversations(token, 'public_channel,private_channel', true, 200, cursor);
+            const resp = await slack.listConversations(
+              token,
+              "public_channel,private_channel",
+              true,
+              200,
+              cursor,
+            );
             allChannels.push(...resp.channels);
             cursor = resp.response_metadata?.next_cursor || undefined;
           } while (cursor);
@@ -177,15 +214,22 @@ export async function run(input: Record<string, unknown>, _context: ToolContext)
       }
 
       const scanResults = await Promise.allSettled(
-        channelsToScan.map((conv) => scanChannel(token, conv, oldestTs, includeThreads)),
+        channelsToScan.map((conv) =>
+          scanChannel(token, conv, oldestTs, includeThreads),
+        ),
       );
 
       const digests: ChannelDigest[] = scanResults
-        .filter((r): r is PromiseFulfilledResult<ChannelDigest> => r.status === 'fulfilled')
+        .filter(
+          (r): r is PromiseFulfilledResult<ChannelDigest> =>
+            r.status === "fulfilled",
+        )
         .map((r) => r.value)
         .filter((d) => d.messageCount > 0 || d.error);
 
-      const skippedCount = scanResults.filter((r) => r.status === 'rejected').length;
+      const skippedCount = scanResults.filter(
+        (r) => r.status === "rejected",
+      ).length;
 
       const result = {
         scannedChannels: digests.length,

package/src/config/bundled-skills/sms-setup/SKILL.md

@@ -156,7 +156,7 @@ Now link the user's phone number as the trusted SMS guardian. Tell the user: "No
 
 Load the **guardian-verify-setup** skill to handle the verification flow:
 
-- Call `skill_load` with `skill_id: "guardian-verify-setup"` to load the dependency skill.
+- Call `skill_load` with `skill: "guardian-verify-setup"` to load the dependency skill.
 
 When invoking the skill, indicate the channel is `sms`. The guardian-verify-setup skill manages the full outbound verification flow, including:
 

package/src/config/bundled-skills/telegram-setup/SKILL.md

@@ -69,7 +69,7 @@ Now link the user's Telegram account as the trusted guardian for this bot. Tell
 
 Load the **guardian-verify-setup** skill to handle the verification flow:
 
-- Call `skill_load` with `skill_id: "guardian-verify-setup"` to load the dependency skill.
+- Call `skill_load` with `skill: "guardian-verify-setup"` to load the dependency skill.
 
 The guardian-verify-setup skill manages the full outbound verification flow for Telegram, including:
 

package/src/config/bundled-skills/twilio-setup/SKILL.md

@@ -229,7 +229,7 @@ Now link the user's phone number as the trusted guardian for SMS and/or voice ch
 
 Load the **guardian-verify-setup** skill to handle the verification flow:
 
-- Call `skill_load` with `skill_id: "guardian-verify-setup"` to load the dependency skill.
+- Call `skill_load` with `skill: "guardian-verify-setup"` to load the dependency skill.
 
 The guardian-verify-setup skill manages the full outbound verification flow for **one channel at a time** (sms, voice, or telegram). Each invocation handles: