npm - @vellumai/assistant - Versions diffs - 0.4.44 → 0.4.45 - Mend

@vellumai/assistant 0.4.44 → 0.4.45

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (681) hide show

package/.prettierignore +4 -0
package/ARCHITECTURE.md +34 -31
package/README.md +4 -4
package/bun.lock +10 -35
package/docs/architecture/integrations.md +102 -197
package/docs/architecture/keychain-broker.md +1 -1
package/docs/architecture/memory.md +2 -2
package/docs/architecture/scheduling.md +1 -1
package/docs/architecture/security.md +11 -11
package/docs/error-handling.md +1 -1
package/docs/trusted-contact-access.md +3 -3
package/drizzle/meta/0000_snapshot.json +34 -100
package/drizzle/meta/_journal.json +1 -1
package/drizzle.config.ts +4 -4
package/package.json +3 -2
package/scripts/capture-x-graphql.ts +237 -141
package/scripts/generate-bundled-tool-registry.ts +223 -0
package/src/__tests__/access-request-decision.test.ts +0 -1
package/src/__tests__/actor-token-service.test.ts +23 -24
package/src/__tests__/agent-loop.test.ts +0 -131
package/src/__tests__/always-loaded-tools-guard.test.ts +71 -0
package/src/__tests__/amazon-cdp-integration.test.ts +11 -9
package/src/__tests__/approval-primitive.test.ts +0 -1
package/src/__tests__/approval-routes-http.test.ts +11 -1
package/src/__tests__/asset-materialize-tool.test.ts +0 -1
package/src/__tests__/asset-search-tool.test.ts +0 -1
package/src/__tests__/assistant-attachment-directive.test.ts +1 -1
package/src/__tests__/assistant-events-sse-hardening.test.ts +0 -1
package/src/__tests__/assistant-feature-flag-guardrails.test.ts +0 -2
package/src/__tests__/assistant-feature-flags-integration.test.ts +70 -18
package/src/__tests__/assistant-id-boundary-guard.test.ts +6 -6
package/src/__tests__/attachments-store.test.ts +0 -1
package/src/__tests__/avatar-e2e.test.ts +74 -115
package/src/__tests__/avatar-router.test.ts +25 -62
package/src/__tests__/browser-manager.test.ts +24 -0
package/src/__tests__/browser-skill-baseline-tool-payload.test.ts +4 -3
package/src/__tests__/browser-skill-endstate.test.ts +8 -11
package/src/__tests__/btw-routes.test.ts +326 -0
package/src/__tests__/bundled-skill-retrieval-guard.test.ts +23 -9
package/src/__tests__/call-controller.test.ts +0 -1
package/src/__tests__/call-conversation-messages.test.ts +0 -1
package/src/__tests__/call-domain.test.ts +0 -1
package/src/__tests__/call-pointer-messages.test.ts +0 -1
package/src/__tests__/call-recovery.test.ts +0 -1
package/src/__tests__/call-routes-http.test.ts +0 -1
package/src/__tests__/call-store.test.ts +0 -1
package/src/__tests__/canonical-guardian-store.test.ts +0 -1
package/src/__tests__/channel-approval-routes.test.ts +1 -1
package/src/__tests__/channel-approvals.test.ts +1 -1
package/src/__tests__/channel-delivery-store.test.ts +0 -1
package/src/__tests__/channel-guardian.test.ts +5 -7
package/src/__tests__/channel-retry-sweep.test.ts +0 -1
package/src/__tests__/checker.test.ts +4 -11
package/src/__tests__/compaction.benchmark.test.ts +16 -14
package/src/__tests__/computer-use-session-lifecycle.test.ts +10 -11
package/src/__tests__/computer-use-session-working-dir.test.ts +2 -6
package/src/__tests__/computer-use-skill-lifecycle-cleanup.test.ts +2 -5
package/src/__tests__/computer-use-tools.test.ts +35 -31
package/src/__tests__/config-schema.test.ts +11 -15
package/src/__tests__/config-watcher.test.ts +0 -1
package/src/__tests__/confirmation-request-guardian-bridge.test.ts +0 -1
package/src/__tests__/conflict-store.test.ts +0 -1
package/src/__tests__/connection-policy.test.ts +4 -7
package/src/__tests__/contacts-tools.test.ts +0 -1
package/src/__tests__/context-memory-e2e.test.ts +2 -4
package/src/__tests__/context-overflow-reducer.test.ts +2 -4
package/src/__tests__/context-window-manager.test.ts +147 -60
package/src/__tests__/contradiction-checker.test.ts +0 -1
package/src/__tests__/conversation-attention-store.test.ts +0 -1
package/src/__tests__/conversation-attention-telegram.test.ts +1 -1
package/src/__tests__/conversation-pairing.test.ts +2 -2
package/src/__tests__/conversation-routes-guardian-reply.test.ts +25 -1
package/src/__tests__/conversation-routes-slash-commands.test.ts +381 -0
package/src/__tests__/conversation-store.test.ts +0 -1
package/src/__tests__/conversation-unread-route.test.ts +1 -2
package/src/__tests__/credential-security-invariants.test.ts +7 -8
package/src/__tests__/cross-provider-web-search.test.ts +353 -0
package/src/__tests__/daemon-assistant-events.test.ts +6 -7
package/src/__tests__/db-schedule-syntax-migration.test.ts +15 -3
package/src/__tests__/delete-managed-skill-tool.test.ts +5 -9
package/src/__tests__/deterministic-verification-control-plane.test.ts +0 -1
package/src/__tests__/diagnostics-export.test.ts +189 -0
package/src/__tests__/dynamic-skill-workflow-prompt.test.ts +0 -1
package/src/__tests__/emit-signal-routing-intent.test.ts +3 -3
package/src/__tests__/entity-extractor.test.ts +0 -1
package/src/__tests__/entity-search.test.ts +0 -1
package/src/__tests__/ephemeral-permissions.test.ts +2 -4
package/src/__tests__/file-read-tool.test.ts +86 -0
package/src/__tests__/followup-tools.test.ts +0 -1
package/src/__tests__/frontmatter.test.ts +77 -34
package/src/__tests__/gateway-only-enforcement.test.ts +0 -1
package/src/__tests__/gateway-only-guard.test.ts +1 -1
package/src/__tests__/guardian-action-conversation-turn.test.ts +0 -1
package/src/__tests__/guardian-action-followup-executor.test.ts +0 -1
package/src/__tests__/guardian-action-followup-store.test.ts +0 -1
package/src/__tests__/guardian-action-grant-mint-consume.test.ts +0 -1
package/src/__tests__/guardian-action-late-reply.test.ts +0 -1
package/src/__tests__/guardian-action-store.test.ts +0 -1
package/src/__tests__/guardian-action-sweep.test.ts +0 -1
package/src/__tests__/guardian-decision-primitive-canonical.test.ts +0 -1
package/src/__tests__/guardian-dispatch.test.ts +1 -2
package/src/__tests__/guardian-grant-minting.test.ts +1 -1
package/src/__tests__/guardian-outbound-http.test.ts +0 -1
package/src/__tests__/guardian-principal-id-roundtrip.test.ts +0 -1
package/src/__tests__/guardian-routing-invariants.test.ts +1 -1
package/src/__tests__/guardian-routing-state.test.ts +0 -1
package/src/__tests__/guardian-verification-voice-binding.test.ts +0 -1
package/src/__tests__/guardian-verify-setup-skill-regression.test.ts +3 -5
package/src/__tests__/handlers-user-message-approval-consumption.test.ts +28 -426
package/src/__tests__/host-bash-proxy.test.ts +335 -0
package/src/__tests__/host-file-proxy.test.ts +374 -0
package/src/__tests__/host-shell-tool.test.ts +147 -1
package/src/__tests__/http-user-message-parity.test.ts +361 -0
package/src/__tests__/inbound-invite-redemption.test.ts +0 -1
package/src/__tests__/integration-status.test.ts +3 -8
package/src/__tests__/intent-routing.test.ts +7 -46
package/src/__tests__/invite-redemption-service.test.ts +0 -1
package/src/__tests__/invite-routes-http.test.ts +0 -1
package/src/__tests__/llm-usage-store.test.ts +0 -1
package/src/__tests__/managed-avatar-client.test.ts +101 -55
package/src/__tests__/managed-skill-lifecycle.test.ts +9 -18
package/src/__tests__/managed-store.test.ts +94 -21
package/src/__tests__/media-reuse-story.e2e.test.ts +0 -1
package/src/__tests__/memory-context-benchmark.benchmark.test.ts +2 -4
package/src/__tests__/memory-lifecycle-e2e.test.ts +0 -1
package/src/__tests__/memory-recall-quality.test.ts +0 -1
package/src/__tests__/memory-regressions.experimental.test.ts +0 -1
package/src/__tests__/memory-regressions.test.ts +0 -1
package/src/__tests__/memory-retrieval.benchmark.test.ts +0 -1
package/src/__tests__/memory-upsert-concurrency.test.ts +0 -1
package/src/__tests__/messaging-send-tool.test.ts +35 -0
package/src/__tests__/messaging-skill-split.test.ts +138 -0
package/src/__tests__/migration-cross-version-compatibility.test.ts +0 -1
package/src/__tests__/migration-export-http.test.ts +2 -3
package/src/__tests__/migration-import-commit-http.test.ts +1 -2
package/src/__tests__/migration-import-preflight-http.test.ts +1 -2
package/src/__tests__/migration-validate-http.test.ts +1 -2
package/src/__tests__/native-web-search.test.ts +475 -0
package/src/__tests__/navigate-settings-tab.test.ts +84 -0
package/src/__tests__/non-member-access-request.test.ts +0 -1
package/src/__tests__/notification-broadcaster.test.ts +15 -15
package/src/__tests__/notification-decision-strategy.test.ts +6 -6
package/src/__tests__/notification-deep-link.test.ts +7 -7
package/src/__tests__/notification-guardian-path.test.ts +2 -3
package/src/__tests__/notification-telegram-adapter.test.ts +1 -1
package/src/__tests__/notification-thread-candidates.test.ts +4 -4
package/src/__tests__/onboarding-starter-tasks.test.ts +0 -1
package/src/__tests__/playbook-execution.test.ts +0 -1
package/src/__tests__/playbook-tools.test.ts +0 -1
package/src/__tests__/profile-compiler.test.ts +0 -1
package/src/__tests__/provider-managed-proxy-integration.test.ts +25 -0
package/src/__tests__/qdrant-collection-migration.test.ts +223 -0
package/src/__tests__/recording-handler.test.ts +30 -94
package/src/__tests__/registry.test.ts +28 -35
package/src/__tests__/relay-server.test.ts +0 -1
package/src/__tests__/ride-shotgun-handler.test.ts +4 -20
package/src/__tests__/runtime-attachment-metadata.test.ts +0 -1
package/src/__tests__/runtime-events-sse-parity.test.ts +3 -4
package/src/__tests__/runtime-events-sse.test.ts +0 -1
package/src/__tests__/sandbox-diagnostics.test.ts +0 -1
package/src/__tests__/scaffold-managed-skill-tool.test.ts +30 -28
package/src/__tests__/schedule-store.test.ts +441 -1
package/src/__tests__/schedule-tools.test.ts +468 -7
package/src/__tests__/scheduler-recurrence.test.ts +196 -23
package/src/__tests__/scoped-approval-grants.test.ts +0 -1
package/src/__tests__/scoped-grant-security-matrix.test.ts +0 -1
package/src/__tests__/secret-prompt-log-hygiene.test.ts +6 -3
package/src/__tests__/secret-response-routing.test.ts +4 -1
package/src/__tests__/send-endpoint-busy.test.ts +14 -2
package/src/__tests__/send-notification-tool.test.ts +0 -7
package/src/__tests__/sequence-store.test.ts +0 -1
package/src/__tests__/server-history-render.test.ts +1 -2
package/src/__tests__/session-abort-tool-results.test.ts +0 -1
package/src/__tests__/session-agent-loop.test.ts +46 -6
package/src/__tests__/session-confirmation-signals.test.ts +0 -1
package/src/__tests__/session-conflict-gate.test.ts +2 -6
package/src/__tests__/session-error.test.ts +5 -14
package/src/__tests__/session-init.benchmark.test.ts +3 -5
package/src/__tests__/session-load-history-repair.test.ts +0 -1
package/src/__tests__/session-media-retry.test.ts +12 -74
package/src/__tests__/session-pre-run-repair.test.ts +0 -1
package/src/__tests__/session-profile-injection.test.ts +2 -6
package/src/__tests__/session-provider-retry-repair.test.ts +2 -6
package/src/__tests__/session-queue.test.ts +94 -139
package/src/__tests__/session-skill-tools.test.ts +115 -115
package/src/__tests__/session-slash-known.test.ts +0 -1
package/src/__tests__/session-slash-queue.test.ts +0 -1
package/src/__tests__/session-slash-unknown.test.ts +0 -1
package/src/__tests__/session-surfaces-task-progress.test.ts +34 -0
package/src/__tests__/session-usage.test.ts +0 -1
package/src/__tests__/session-workspace-cache-state.test.ts +2 -6
package/src/__tests__/session-workspace-injection.test.ts +2 -6
package/src/__tests__/session-workspace-tool-tracking.test.ts +2 -6
package/src/__tests__/skill-feature-flags-integration.test.ts +180 -184
package/src/__tests__/skill-feature-flags.test.ts +125 -18
package/src/__tests__/skill-load-feature-flag.test.ts +1 -2
package/src/__tests__/skill-load-tool.test.ts +194 -2
package/src/__tests__/skill-projection-feature-flag.test.ts +27 -16
package/src/__tests__/skill-projection.benchmark.test.ts +15 -14
package/src/__tests__/skills.test.ts +14 -53
package/src/__tests__/slack-channel-config.test.ts +0 -1
package/src/__tests__/slack-inbound-verification.test.ts +0 -1
package/src/__tests__/slack-skill.test.ts +1 -1
package/src/__tests__/subagent-tools.test.ts +2 -2
package/src/__tests__/system-prompt.test.ts +4 -3
package/src/__tests__/task-compiler.test.ts +0 -1
package/src/__tests__/task-management-tools.test.ts +0 -1
package/src/__tests__/task-memory-cleanup.test.ts +0 -1
package/src/__tests__/task-runner.test.ts +0 -1
package/src/__tests__/task-scheduler.test.ts +0 -1
package/src/__tests__/terminal-tools.test.ts +0 -1
package/src/__tests__/test-support/computer-use-skill-harness.ts +2 -4
package/src/__tests__/thread-seed-composer.test.ts +5 -5
package/src/__tests__/tool-approval-handler.test.ts +0 -1
package/src/__tests__/tool-execution-abort-cleanup.test.ts +0 -1
package/src/__tests__/tool-execution-pipeline.benchmark.test.ts +0 -1
package/src/__tests__/tool-executor.test.ts +8 -86
package/src/__tests__/tool-grant-request-escalation.test.ts +0 -1
package/src/__tests__/tool-notification-listener.test.ts +1 -1
package/src/__tests__/tool-preview-lifecycle.test.ts +416 -0
package/src/__tests__/trust-store.test.ts +80 -4
package/src/__tests__/trusted-contact-approval-notifier.test.ts +0 -1
package/src/__tests__/trusted-contact-inline-approval-integration.test.ts +0 -1
package/src/__tests__/trusted-contact-lifecycle-notifications.test.ts +0 -1
package/src/__tests__/trusted-contact-multichannel.test.ts +0 -1
package/src/__tests__/trusted-contact-verification.test.ts +0 -1
package/src/__tests__/twilio-provider.test.ts +0 -1
package/src/__tests__/twilio-routes.test.ts +0 -1
package/src/__tests__/{request-file-tool.test.ts → ui-file-upload-surface.test.ts} +11 -72
package/src/__tests__/update-bulletin.test.ts +0 -1
package/src/__tests__/usage-cache-backfill-migration.test.ts +0 -1
package/src/__tests__/usage-routes.test.ts +0 -1
package/src/__tests__/verification-control-plane-policy.test.ts +4 -4
package/src/__tests__/voice-invite-redemption.test.ts +0 -1
package/src/__tests__/voice-scoped-grant-consumer.test.ts +0 -1
package/src/__tests__/voice-session-bridge.test.ts +9 -1
package/src/__tests__/web-fetch.test.ts +57 -0
package/src/__tests__/workspace-git-service.test.ts +5 -14
package/src/__tests__/workspace-policy.test.ts +0 -1
package/src/agent/loop.ts +22 -34
package/src/bundler/bundle-signer.ts +4 -4
package/src/calls/call-controller.ts +1 -1
package/src/calls/relay-server.ts +1 -1
package/src/calls/twilio-rest.ts +1 -1
package/src/calls/voice-session-bridge.ts +3 -1
package/src/cli/__tests__/notifications.test.ts +3 -4
package/src/cli/commands/map.ts +2 -6
package/src/cli/commands/mcp.ts +73 -15
package/src/cli/commands/notifications.ts +4 -4
package/src/cli/commands/sessions.ts +9 -1
package/src/cli/commands/skills.ts +6 -10
package/src/cli/http-client.ts +2 -3
package/src/cli/main-screen.tsx +10 -10
package/src/cli/program.ts +0 -4
package/src/cli/reference.ts +0 -2
package/src/cli.ts +15 -9
package/src/config/__tests__/bundled-tool-registry-guard.test.ts +120 -0
package/src/config/bundled-skills/_shared/CLI_RETRIEVAL_PATTERN.md +11 -0
package/src/config/bundled-skills/app-builder/SKILL.md +6 -1
package/src/config/bundled-skills/browser/SKILL.md +6 -1
package/src/config/bundled-skills/chatgpt-import/SKILL.md +5 -1
package/src/config/bundled-skills/claude-code/SKILL.md +5 -1
package/src/config/bundled-skills/computer-use/SKILL.md +6 -1
package/src/config/bundled-skills/computer-use/TOOLS.json +6 -69
package/src/config/bundled-skills/computer-use/tools/computer-use-click.ts +10 -1
package/src/config/bundled-skills/contacts/SKILL.md +10 -1
package/src/config/bundled-skills/contacts/TOOLS.json +35 -0
package/src/config/bundled-skills/{messaging → contacts}/tools/google-contacts.ts +9 -2
package/src/config/bundled-skills/document/SKILL.md +4 -1
package/src/config/bundled-skills/doordash/SKILL.md +8 -1
package/src/config/bundled-skills/doordash/lib/shared/platform.ts +4 -1
package/src/config/bundled-skills/followups/SKILL.md +4 -1
package/src/config/bundled-skills/gmail/SKILL.md +180 -0
package/src/config/bundled-skills/gmail/TOOLS.json +506 -0
package/src/config/bundled-skills/gmail/tools/gmail-archive.ts +149 -0
package/src/config/bundled-skills/gmail/tools/gmail-attachments.ts +110 -0
package/src/config/bundled-skills/{messaging → gmail}/tools/gmail-draft.ts +1 -1
package/src/config/bundled-skills/{messaging → gmail}/tools/gmail-filters.ts +1 -1
package/src/config/bundled-skills/{messaging → gmail}/tools/gmail-follow-up.ts +1 -1
package/src/config/bundled-skills/{messaging → gmail}/tools/gmail-forward.ts +1 -1
package/src/config/bundled-skills/gmail/tools/gmail-label.ts +50 -0
package/src/config/bundled-skills/{messaging → gmail}/tools/gmail-outreach-scan.ts +8 -90
package/src/config/bundled-skills/{messaging → gmail}/tools/gmail-send-draft.ts +1 -1
package/src/config/bundled-skills/{messaging → gmail}/tools/gmail-sender-digest.ts +2 -2
package/src/config/bundled-skills/{messaging → gmail}/tools/gmail-trash.ts +1 -1
package/src/config/bundled-skills/{messaging → gmail}/tools/gmail-unsubscribe.ts +1 -1
package/src/config/bundled-skills/{messaging → gmail}/tools/gmail-vacation.ts +1 -1
package/src/config/bundled-skills/gmail/tools/shared.ts +47 -0
package/src/config/bundled-skills/google-calendar/SKILL.md +5 -1
package/src/config/bundled-skills/image-studio/SKILL.md +5 -1
package/src/config/bundled-skills/knowledge-graph/SKILL.md +4 -1
package/src/config/bundled-skills/media-processing/SKILL.md +7 -13
package/src/config/bundled-skills/media-processing/TOOLS.json +0 -22
package/src/config/bundled-skills/media-processing/tools/generate-clip.ts +12 -1
package/src/config/bundled-skills/messaging/SKILL.md +23 -139
package/src/config/bundled-skills/messaging/TOOLS.json +33 -1215
package/src/config/bundled-skills/messaging/tools/gmail-mime-helpers.ts +42 -0
package/src/config/bundled-skills/messaging/tools/messaging-send.ts +165 -2
package/src/config/bundled-skills/messaging/tools/messaging-sender-digest.ts +1 -13
package/src/config/bundled-skills/messaging/tools/shared.ts +81 -34
package/src/config/bundled-skills/notifications/SKILL.md +5 -1
package/src/config/bundled-skills/orchestration/SKILL.md +30 -0
package/src/config/bundled-skills/orchestration/TOOLS.json +35 -0
package/src/config/bundled-skills/{reminder/tools/reminder-create.ts → orchestration/tools/swarm-delegate.ts} +3 -3
package/src/config/bundled-skills/phone-calls/SKILL.md +9 -1
package/src/config/bundled-skills/playbooks/SKILL.md +4 -1
package/src/config/bundled-skills/schedule/SKILL.md +70 -9
package/src/config/bundled-skills/schedule/TOOLS.json +38 -6
package/src/config/bundled-skills/screen-watch/SKILL.md +28 -0
package/src/config/bundled-skills/screen-watch/TOOLS.json +35 -0
package/src/config/bundled-skills/{reminder/tools/reminder-cancel.ts → screen-watch/tools/start-screen-watch.ts} +3 -3
package/src/config/bundled-skills/sequences/SKILL.md +47 -0
package/src/config/bundled-skills/sequences/TOOLS.json +340 -0
package/src/config/bundled-skills/sequences/tools/sequence-update.ts +128 -0
package/src/config/bundled-skills/sequences/tools/shared.ts +9 -0
package/src/config/bundled-skills/settings/SKILL.md +12 -0
package/src/config/bundled-skills/settings/TOOLS.json +112 -0
package/src/config/bundled-skills/settings/tools/navigate-settings-tab.ts +43 -0
package/src/config/bundled-skills/settings/tools/open-system-settings.ts +52 -0
package/src/config/bundled-skills/{computer-use/tools/computer-use-right-click.ts → settings/tools/set-avatar.ts} +2 -6
package/src/{tools/system/voice-config.ts → config/bundled-skills/settings/tools/voice-config-update.ts} +59 -96
package/src/config/bundled-skills/skill-management/SKILL.md +18 -0
package/src/config/bundled-skills/skill-management/TOOLS.json +90 -0
package/src/config/bundled-skills/{computer-use/tools/computer-use-double-click.ts → skill-management/tools/delete-managed.ts} +2 -6
package/src/config/bundled-skills/skill-management/tools/scaffold-managed.ts +12 -0
package/src/config/bundled-skills/slack/SKILL.md +5 -1
package/src/config/bundled-skills/subagent/SKILL.md +4 -1
package/src/config/bundled-skills/tasks/SKILL.md +5 -2
package/src/config/bundled-skills/transcribe/SKILL.md +4 -1
package/src/config/bundled-skills/watcher/SKILL.md +4 -1
package/src/config/bundled-tool-registry.ts +118 -107
package/src/config/env.ts +5 -2
package/src/config/feature-flag-registry.json +25 -9
package/src/config/loader.ts +10 -2
package/src/config/schema.ts +19 -16
package/src/config/schemas/inference.ts +12 -22
package/src/config/schemas/memory-storage.ts +19 -1
package/src/config/schemas/platform.ts +0 -16
package/src/config/skill-state.ts +11 -8
package/src/config/skills.ts +83 -32
package/src/context/token-estimator.ts +11 -0
package/src/context/window-manager.ts +180 -151
package/src/daemon/computer-use-session.ts +11 -43
package/src/daemon/daemon-control.ts +4 -1
package/src/daemon/handlers/config-channels.ts +5 -9
package/src/daemon/handlers/config-ingress.ts +0 -4
package/src/daemon/handlers/config-model.ts +7 -13
package/src/daemon/handlers/config-telegram.ts +4 -8
package/src/daemon/handlers/config-voice.ts +2 -5
package/src/daemon/handlers/dictation.ts +2 -12
package/src/daemon/handlers/identity.ts +0 -105
package/src/daemon/handlers/recording.ts +3 -23
package/src/daemon/handlers/session-history.ts +1 -1
package/src/daemon/handlers/sessions.ts +53 -72
package/src/daemon/handlers/shared.ts +7 -28
package/src/daemon/handlers/skills.ts +31 -27
package/src/daemon/host-bash-proxy.ts +148 -0
package/src/daemon/host-file-proxy.ts +135 -0
package/src/daemon/lifecycle.ts +49 -24
package/src/daemon/mcp-reload-service.ts +123 -0
package/src/daemon/message-protocol.ts +6 -0
package/src/daemon/message-types/browser.ts +1 -1
package/src/daemon/message-types/computer-use.ts +1 -4
package/src/daemon/message-types/guardian-actions.ts +1 -1
package/src/daemon/message-types/host-bash.ts +18 -0
package/src/daemon/message-types/host-file.ts +44 -0
package/src/daemon/message-types/integrations.ts +1 -67
package/src/daemon/message-types/messages.ts +15 -0
package/src/daemon/message-types/schedules.ts +11 -27
package/src/daemon/message-types/sessions.ts +2 -1
package/src/daemon/message-types/settings.ts +1 -1
package/src/daemon/message-types/shared.ts +1 -1
package/src/daemon/ride-shotgun-handler.ts +2 -42
package/src/daemon/server.ts +43 -10
package/src/daemon/session-agent-loop-handlers.ts +48 -7
package/src/daemon/session-agent-loop.ts +97 -66
package/src/daemon/session-attachments.ts +1 -1
package/src/daemon/session-error.ts +17 -16
package/src/daemon/session-lifecycle.ts +20 -1
package/src/daemon/session-media-retry.ts +1 -15
package/src/daemon/session-messaging.ts +14 -6
package/src/daemon/session-process.ts +36 -7
package/src/daemon/session-queue-manager.ts +62 -103
package/src/daemon/session-runtime-assembly.ts +27 -0
package/src/daemon/session-skill-tools.ts +12 -11
package/src/daemon/session-slash.ts +7 -0
package/src/daemon/session-surfaces.ts +19 -97
package/src/daemon/session-tool-setup.ts +146 -6
package/src/daemon/session.ts +77 -13
package/src/errors.ts +0 -2
package/src/export/formatter.ts +6 -0
package/src/mcp/mcp-oauth-provider.ts +1 -3
package/src/media/avatar-router.ts +20 -28
package/src/media/avatar-types.ts +7 -14
package/src/media/managed-avatar-client.ts +70 -34
package/src/memory/conversation-title-service.ts +1 -2
package/src/memory/db-init.ts +16 -0
package/src/memory/embedding-backend.ts +129 -27
package/src/memory/embedding-gemini.test.ts +256 -0
package/src/memory/embedding-gemini.ts +47 -13
package/src/memory/embedding-local.ts +14 -2
package/src/memory/embedding-ollama.ts +15 -2
package/src/memory/embedding-openai.ts +15 -2
package/src/memory/embedding-types.test.ts +116 -0
package/src/memory/embedding-types.ts +61 -0
package/src/memory/fingerprint.ts +1 -1
package/src/memory/indexer.ts +25 -1
package/src/memory/job-handlers/embedding.test.ts +258 -0
package/src/memory/job-handlers/embedding.ts +81 -1
package/src/memory/job-handlers/index-maintenance.ts +35 -1
package/src/memory/job-handlers/media-processing.ts +11 -1
package/src/memory/job-utils.ts +21 -6
package/src/memory/jobs-store.ts +5 -1
package/src/memory/jobs-worker.ts +8 -0
package/src/memory/message-content.ts +66 -0
package/src/memory/migrations/100-core-tables.ts +1 -31
package/src/memory/migrations/104-core-indexes.ts +0 -11
package/src/memory/migrations/145-drop-accounts-table.ts +19 -0
package/src/memory/migrations/146-schedule-oneshot-routing.ts +94 -0
package/src/memory/migrations/147-migrate-reminders-to-schedules.ts +129 -0
package/src/memory/migrations/148-drop-reminders-table.ts +18 -0
package/src/memory/migrations/index.ts +4 -0
package/src/memory/migrations/registry.ts +19 -0
package/src/memory/qdrant-client.ts +158 -43
package/src/memory/retriever.test.ts +0 -1
package/src/memory/retriever.ts +12 -2
package/src/memory/schema/infrastructure.ts +5 -29
package/src/memory/search/formatting.ts +34 -9
package/src/memory/search/semantic.ts +57 -2
package/src/memory/search/types.ts +2 -1
package/src/notifications/AGENTS.md +2 -2
package/src/notifications/README.md +59 -58
package/src/notifications/adapters/macos.ts +1 -1
package/src/notifications/broadcaster.ts +5 -5
package/src/notifications/copy-composer.ts +1 -1
package/src/notifications/decision-engine.ts +2 -2
package/src/notifications/destination-resolver.ts +2 -2
package/src/notifications/emit-signal.ts +8 -8
package/src/notifications/signal.ts +1 -1
package/src/notifications/thread-seed-composer.ts +1 -1
package/src/oauth/connect-orchestrator.ts +1 -1
package/src/oauth/token-persistence.ts +1 -1
package/src/permissions/checker.ts +12 -1
package/src/permissions/defaults.ts +10 -14
package/src/permissions/trust-store.ts +37 -0
package/src/permissions/workspace-policy.ts +0 -1
package/src/prompts/__tests__/build-cli-reference-section.test.ts +11 -0
package/src/prompts/computer-use-prompt.ts +1 -1
package/src/prompts/system-prompt.ts +29 -30
package/src/prompts/templates/SOUL.md +1 -2
package/src/prompts/templates/UPDATES.md +16 -7
package/src/providers/anthropic/client.ts +87 -33
package/src/providers/gemini/client.ts +6 -0
package/src/providers/managed-proxy/constants.ts +5 -0
package/src/providers/openai/client.ts +15 -0
package/src/providers/registry.ts +2 -2
package/src/providers/types.ts +24 -2
package/src/runtime/AGENTS.md +18 -0
package/src/runtime/assistant-event-hub.ts +2 -3
package/src/runtime/assistant-event.ts +4 -4
package/src/runtime/auth/__tests__/context.test.ts +5 -5
package/src/runtime/auth/__tests__/credential-service.test.ts +0 -1
package/src/runtime/auth/__tests__/guard-tests.test.ts +2 -2
package/src/runtime/auth/__tests__/{ipc-auth-context.test.ts → local-auth-context.test.ts} +21 -21
package/src/runtime/auth/__tests__/route-policy.test.ts +2 -2
package/src/runtime/auth/__tests__/scopes.test.ts +7 -7
package/src/runtime/auth/__tests__/subject.test.ts +8 -8
package/src/runtime/auth/__tests__/token-service.test.ts +0 -1
package/src/runtime/auth/route-policy.ts +8 -4
package/src/runtime/auth/scopes.ts +1 -1
package/src/runtime/auth/subject.ts +4 -4
package/src/runtime/auth/token-service.ts +0 -23
package/src/runtime/auth/types.ts +3 -3
package/src/runtime/guardian-action-followup-executor.ts +1 -1
package/src/runtime/guardian-action-grant-minter.ts +1 -1
package/src/runtime/guardian-action-service.ts +3 -3
package/src/runtime/http-server.ts +15 -2
package/src/runtime/invite-service.ts +3 -3
package/src/runtime/local-actor-identity.ts +17 -22
package/src/runtime/pending-interactions.ts +21 -9
package/src/runtime/routes/app-management-routes.ts +2 -3
package/src/runtime/routes/approval-routes.ts +1 -3
package/src/runtime/routes/btw-routes.ts +155 -0
package/src/runtime/routes/computer-use-routes.ts +77 -31
package/src/runtime/routes/conversation-routes.ts +230 -46
package/src/runtime/routes/diagnostics-routes.ts +63 -29
package/src/runtime/routes/documents-routes.ts +2 -2
package/src/runtime/routes/global-search-routes.ts +1 -1
package/src/runtime/routes/host-bash-routes.ts +83 -0
package/src/runtime/routes/host-file-routes.ts +79 -0
package/src/runtime/routes/integrations/slack/share.ts +1 -1
package/src/runtime/routes/log-export-routes.ts +120 -0
package/src/runtime/routes/mcp-routes.ts +20 -0
package/src/runtime/routes/migration-routes.ts +3 -3
package/src/runtime/routes/pairing-routes.ts +1 -1
package/src/runtime/routes/recording-routes.ts +6 -4
package/src/runtime/routes/schedule-routes.ts +31 -5
package/src/runtime/routes/session-management-routes.ts +2 -6
package/src/runtime/routes/session-query-routes.ts +18 -15
package/src/runtime/routes/settings-routes.ts +7 -261
package/src/runtime/routes/skills-routes.ts +7 -6
package/src/runtime/routes/subagents-routes.ts +4 -10
package/src/runtime/routes/surface-action-routes.ts +3 -14
package/src/runtime/routes/surface-content-routes.ts +22 -5
package/src/runtime/routes/work-items-routes.ts +21 -25
package/src/runtime/routes/workspace-routes.test.ts +3 -3
package/src/runtime/routes/workspace-utils.ts +1 -1
package/src/runtime/telegram-streaming-delivery.ts +3 -0
package/src/runtime/verification-outbound-actions.ts +2 -2
package/src/schedule/integration-status.ts +0 -6
package/src/schedule/schedule-store.ts +234 -43
package/src/schedule/scheduler.ts +73 -74
package/src/security/oauth2.ts +1 -1
package/src/sequence/store.ts +12 -2
package/src/skills/frontmatter.ts +19 -77
package/src/skills/managed-store.ts +11 -2
package/src/subagent/manager.ts +5 -3
package/src/tasks/ephemeral-permissions.ts +3 -5
package/src/tools/AGENTS.md +0 -1
package/src/tools/browser/browser-manager.ts +17 -11
package/src/tools/browser/jit-auth.ts +4 -1
package/src/tools/claude-code/claude-code.ts +1 -1
package/src/tools/computer-use/definitions.ts +48 -60
package/src/tools/document/document-tool.ts +6 -6
package/src/tools/filesystem/edit.ts +2 -1
package/src/tools/filesystem/read.ts +20 -2
package/src/tools/filesystem/write.ts +2 -1
package/src/tools/host-filesystem/edit.ts +17 -1
package/src/tools/host-filesystem/read.ts +16 -1
package/src/tools/host-filesystem/write.ts +15 -1
package/src/tools/host-terminal/host-shell.ts +24 -0
package/src/tools/memory/definitions.ts +45 -81
package/src/tools/memory/handlers.test.ts +0 -1
package/src/tools/memory/handlers.ts +1 -1
package/src/tools/memory/register.ts +26 -60
package/src/tools/network/script-proxy/session-manager.ts +6 -8
package/src/tools/network/web-fetch.ts +7 -1
package/src/tools/network/web-search.ts +2 -1
package/src/tools/registry.ts +23 -0
package/src/tools/schedule/create.ts +113 -5
package/src/tools/schedule/list.ts +57 -15
package/src/tools/schedule/update.ts +73 -3
package/src/tools/shared/filesystem/image-read.ts +192 -0
package/src/tools/side-effects.ts +1 -7
package/src/tools/skills/delete-managed.ts +27 -64
package/src/tools/skills/execute.ts +54 -0
package/src/tools/skills/load.ts +127 -5
package/src/tools/skills/scaffold-managed.ts +93 -172
package/src/tools/subagent/message.ts +0 -7
package/src/tools/subagent/spawn.ts +1 -1
package/src/tools/swarm/delegate.ts +0 -3
package/src/tools/system/avatar-generator.ts +13 -19
package/src/tools/system/request-permission.ts +2 -1
package/src/tools/terminal/safe-env.ts +1 -0
package/src/tools/tool-manifest.ts +41 -47
package/src/tools/types.ts +6 -2
package/src/tools/ui-surface/definitions.ts +0 -55
package/src/util/errors.ts +0 -10
package/src/workspace/git-service.ts +0 -2
package/src/__tests__/account-registry.test.ts +0 -258
package/src/__tests__/email-classifier.test.ts +0 -25
package/src/__tests__/gmail-integration.test.ts +0 -97
package/src/__tests__/handle-user-message-secret-resume.test.ts +0 -172
package/src/__tests__/managed-twitter-guardrails.test.ts +0 -357
package/src/__tests__/recording-intent-fallback.test.ts +0 -199
package/src/__tests__/recording-intent.test.ts +0 -985
package/src/__tests__/recording-state-machine.test.ts +0 -1574
package/src/__tests__/reminder-store.test.ts +0 -350
package/src/__tests__/reminder.test.ts +0 -337
package/src/__tests__/scan-result-store.test.ts +0 -121
package/src/__tests__/twitter-platform-proxy-client.test.ts +0 -475
package/src/__tests__/view-image-tool.test.ts +0 -241
package/src/cli/commands/amazon/cart.ts +0 -513
package/src/cli/commands/amazon/checkout.ts +0 -394
package/src/cli/commands/amazon/client.ts +0 -513
package/src/cli/commands/amazon/index.ts +0 -885
package/src/cli/commands/amazon/product-details.ts +0 -145
package/src/cli/commands/amazon/request-extractor.ts +0 -187
package/src/cli/commands/amazon/search.ts +0 -76
package/src/cli/commands/amazon/session.ts +0 -108
package/src/cli/commands/twitter/__tests__/cli-read-routing.test.ts +0 -345
package/src/cli/commands/twitter/__tests__/cli-routing.test.ts +0 -252
package/src/cli/commands/twitter/__tests__/oauth-client.test.ts +0 -151
package/src/cli/commands/twitter/index.ts +0 -420
package/src/cli/commands/twitter/oauth-client.ts +0 -60
package/src/cli/commands/twitter/router.ts +0 -351
package/src/cli/commands/twitter/types.ts +0 -30
package/src/config/bundled-skills/agentmail/SKILL.md +0 -132
package/src/config/bundled-skills/agentmail/icon.svg +0 -21
package/src/config/bundled-skills/amazon/SKILL.md +0 -136
package/src/config/bundled-skills/amazon/icon.svg +0 -13
package/src/config/bundled-skills/api-mapping/SKILL.md +0 -78
package/src/config/bundled-skills/api-mapping/icon.svg +0 -18
package/src/config/bundled-skills/cli-discover/SKILL.md +0 -68
package/src/config/bundled-skills/deploy-fullstack-vercel/SKILL.md +0 -179
package/src/config/bundled-skills/document-writer/SKILL.md +0 -195
package/src/config/bundled-skills/elevenlabs-voice/SKILL.md +0 -140
package/src/config/bundled-skills/email-setup/SKILL.md +0 -68
package/src/config/bundled-skills/frontend-design/SKILL.md +0 -44
package/src/config/bundled-skills/frontend-design/icon.svg +0 -16
package/src/config/bundled-skills/google-oauth-setup/SKILL.md +0 -452
package/src/config/bundled-skills/guardian-verify-setup/SKILL.md +0 -203
package/src/config/bundled-skills/influencer/SKILL.md +0 -144
package/src/config/bundled-skills/influencer/scripts/client.ts +0 -1269
package/src/config/bundled-skills/influencer/scripts/influencer.ts +0 -267
package/src/config/bundled-skills/macos-automation/SKILL.md +0 -65
package/src/config/bundled-skills/macos-automation/icon.svg +0 -12
package/src/config/bundled-skills/mcp-setup/SKILL.md +0 -75
package/src/config/bundled-skills/media-processing/tools/media-diagnostics.ts +0 -184
package/src/config/bundled-skills/messaging/tools/gmail-archive-by-query.ts +0 -80
package/src/config/bundled-skills/messaging/tools/gmail-archive.ts +0 -29
package/src/config/bundled-skills/messaging/tools/gmail-batch-archive.ts +0 -56
package/src/config/bundled-skills/messaging/tools/gmail-batch-label.ts +0 -34
package/src/config/bundled-skills/messaging/tools/gmail-download-attachment.ts +0 -47
package/src/config/bundled-skills/messaging/tools/gmail-label.ts +0 -31
package/src/config/bundled-skills/messaging/tools/gmail-list-attachments.ts +0 -67
package/src/config/bundled-skills/messaging/tools/gmail-send-with-attachments.ts +0 -97
package/src/config/bundled-skills/messaging/tools/gmail-summarize-thread.ts +0 -87
package/src/config/bundled-skills/messaging/tools/gmail-triage.ts +0 -135
package/src/config/bundled-skills/messaging/tools/messaging-analyze-activity.ts +0 -24
package/src/config/bundled-skills/messaging/tools/messaging-reply.ts +0 -201
package/src/config/bundled-skills/messaging/tools/send-notification.ts +0 -1
package/src/config/bundled-skills/messaging/tools/sequence-cancel.ts +0 -27
package/src/config/bundled-skills/messaging/tools/sequence-pause.ts +0 -48
package/src/config/bundled-skills/messaging/tools/sequence-resume.ts +0 -27
package/src/config/bundled-skills/messaging/tools/sequence-update.ts +0 -56
package/src/config/bundled-skills/notion/SKILL.md +0 -240
package/src/config/bundled-skills/notion-oauth-setup/SKILL.md +0 -126
package/src/config/bundled-skills/oauth-setup/SKILL.md +0 -143
package/src/config/bundled-skills/public-ingress/SKILL.md +0 -258
package/src/config/bundled-skills/reminder/SKILL.md +0 -79
package/src/config/bundled-skills/reminder/TOOLS.json +0 -89
package/src/config/bundled-skills/reminder/tools/reminder-list.ts +0 -12
package/src/config/bundled-skills/restaurant-reservation/SKILL.md +0 -141
package/src/config/bundled-skills/screen-recording/SKILL.md +0 -148
package/src/config/bundled-skills/self-upgrade/SKILL.md +0 -69
package/src/config/bundled-skills/skills-catalog/SKILL.md +0 -78
package/src/config/bundled-skills/slack-app-setup/SKILL.md +0 -178
package/src/config/bundled-skills/slack-digest-setup/SKILL.md +0 -163
package/src/config/bundled-skills/slack-oauth-setup/SKILL.md +0 -157
package/src/config/bundled-skills/start-the-day/SKILL.md +0 -70
package/src/config/bundled-skills/start-the-day/icon.svg +0 -13
package/src/config/bundled-skills/telegram-setup/SKILL.md +0 -105
package/src/config/bundled-skills/time-based-actions/SKILL.md +0 -142
package/src/config/bundled-skills/twilio-setup/SKILL.md +0 -232
package/src/config/bundled-skills/twitter/SKILL.md +0 -206
package/src/config/bundled-skills/twitter/icon.svg +0 -14
package/src/config/bundled-skills/typescript-eval/SKILL.md +0 -60
package/src/config/bundled-skills/vercel-token-setup/SKILL.md +0 -214
package/src/config/bundled-skills/voice-setup/SKILL.md +0 -131
package/src/config/bundled-skills/voice-setup/icon.svg +0 -20
package/src/daemon/handlers/pairing.ts +0 -119
package/src/daemon/handlers/session-user-message.ts +0 -961
package/src/daemon/recording-executor.ts +0 -180
package/src/daemon/recording-intent-fallback.ts +0 -162
package/src/daemon/recording-intent.ts +0 -493
package/src/memory/account-store.ts +0 -117
package/src/messaging/activity-analyzer.ts +0 -76
package/src/messaging/email-classifier.ts +0 -208
package/src/messaging/index.ts +0 -2
package/src/messaging/outreach-classifier.ts +0 -185
package/src/messaging/thread-summarizer.ts +0 -346
package/src/messaging/types.ts +0 -17
package/src/tools/browser/x-auto-navigate.ts +0 -254
package/src/tools/credentials/account-registry.ts +0 -144
package/src/tools/filesystem/view-image.ts +0 -244
package/src/tools/reminder/reminder-store.ts +0 -194
package/src/tools/reminder/reminder.ts +0 -158
package/src/tools/system/navigate-settings.ts +0 -74
package/src/tools/system/open-system-settings.ts +0 -85
package/src/tools/system/version.ts +0 -54
package/src/twitter/platform-proxy-client.ts +0 -408
/package/src/config/bundled-skills/{messaging → gmail}/tools/scan-result-store.ts +0 -0
/package/src/config/bundled-skills/{messaging → sequences}/tools/sequence-analytics.ts +0 -0
/package/src/config/bundled-skills/{messaging → sequences}/tools/sequence-create.ts +0 -0
/package/src/config/bundled-skills/{messaging → sequences}/tools/sequence-delete.ts +0 -0
/package/src/config/bundled-skills/{messaging → sequences}/tools/sequence-enroll.ts +0 -0
/package/src/config/bundled-skills/{messaging → sequences}/tools/sequence-enrollment-list.ts +0 -0
/package/src/config/bundled-skills/{messaging → sequences}/tools/sequence-get.ts +0 -0
/package/src/config/bundled-skills/{messaging → sequences}/tools/sequence-import.ts +0 -0
/package/src/config/bundled-skills/{messaging → sequences}/tools/sequence-list.ts +0 -0

package/src/runtime/auth/__tests__/guard-tests.test.ts CHANGED Viewed

@@ -297,7 +297,7 @@ describe("scope profile contract", () => {
       "attachments.write",
       "internal.write",
     ],
-    ipc_v1: ["ipc.all"],
+    local_v1: ["local.all"],
     ui_page_v1: ["settings.read"],
   };
@@ -320,7 +320,7 @@ describe("scope profile contract", () => {
       "actor_client_v1",
       "gateway_ingress_v1",
       "gateway_service_v1",
-      "ipc_v1",
+      "local_v1",
       "ui_page_v1",
     ];

package/src/runtime/auth/__tests__/{ipc-auth-context.test.ts → local-auth-context.test.ts} RENAMED Viewed

@@ -1,56 +1,56 @@
 import { describe, expect, test } from "bun:test";
 import { DAEMON_INTERNAL_ASSISTANT_ID } from "../../assistant-scope.js";
-import { buildIpcAuthContext } from "../../local-actor-identity.js";
+import { buildLocalAuthContext } from "../../local-actor-identity.js";
 import { CURRENT_POLICY_EPOCH } from "../policy.js";
 import { resolveScopeProfile } from "../scopes.js";
-describe("buildIpcAuthContext", () => {
+describe("buildLocalAuthContext", () => {
   test("produces correct subject pattern", () => {
-    const ctx = buildIpcAuthContext("session-abc");
-    expect(ctx.subject).toBe("ipc:self:session-abc");
+    const ctx = buildLocalAuthContext("session-abc");
+    expect(ctx.subject).toBe("local:self:session-abc");
   });
-  test("sets principalType to ipc", () => {
-    const ctx = buildIpcAuthContext("session-abc");
-    expect(ctx.principalType).toBe("ipc");
+  test("sets principalType to local", () => {
+    const ctx = buildLocalAuthContext("session-abc");
+    expect(ctx.principalType).toBe("local");
   });
   test("uses DAEMON_INTERNAL_ASSISTANT_ID for assistantId", () => {
-    const ctx = buildIpcAuthContext("session-abc");
+    const ctx = buildLocalAuthContext("session-abc");
     expect(ctx.assistantId).toBe(DAEMON_INTERNAL_ASSISTANT_ID);
     expect(ctx.assistantId).toBe("self");
   });
   test("includes sessionId from argument", () => {
-    const ctx = buildIpcAuthContext("my-session-123");
+    const ctx = buildLocalAuthContext("my-session-123");
     expect(ctx.sessionId).toBe("my-session-123");
   });
-  test("uses ipc_v1 scope profile", () => {
-    const ctx = buildIpcAuthContext("session-abc");
-    expect(ctx.scopeProfile).toBe("ipc_v1");
+  test("uses local_v1 scope profile", () => {
+    const ctx = buildLocalAuthContext("session-abc");
+    expect(ctx.scopeProfile).toBe("local_v1");
   });
-  test("resolves scopes from ipc_v1 profile", () => {
-    const ctx = buildIpcAuthContext("session-abc");
-    const expectedScopes = resolveScopeProfile("ipc_v1");
+  test("resolves scopes from local_v1 profile", () => {
+    const ctx = buildLocalAuthContext("session-abc");
+    const expectedScopes = resolveScopeProfile("local_v1");
     expect(ctx.scopes).toBe(expectedScopes);
-    expect(ctx.scopes.has("ipc.all")).toBe(true);
+    expect(ctx.scopes.has("local.all")).toBe(true);
   });
   test("uses current policy epoch", () => {
-    const ctx = buildIpcAuthContext("session-abc");
+    const ctx = buildLocalAuthContext("session-abc");
     expect(ctx.policyEpoch).toBe(CURRENT_POLICY_EPOCH);
   });
   test("does not set actorPrincipalId", () => {
-    const ctx = buildIpcAuthContext("session-abc");
+    const ctx = buildLocalAuthContext("session-abc");
     expect(ctx.actorPrincipalId).toBeUndefined();
   });
   test("matches AuthContext shape from HTTP JWT-derived contexts", () => {
-    const ctx = buildIpcAuthContext("session-xyz");
+    const ctx = buildLocalAuthContext("session-xyz");
     // Verify all required AuthContext fields are present
     expect(typeof ctx.subject).toBe("string");
@@ -63,8 +63,8 @@ describe("buildIpcAuthContext", () => {
   });
   test("different session IDs produce different subjects", () => {
-    const ctx1 = buildIpcAuthContext("session-1");
-    const ctx2 = buildIpcAuthContext("session-2");
+    const ctx1 = buildLocalAuthContext("session-1");
+    const ctx2 = buildLocalAuthContext("session-2");
     expect(ctx1.subject).not.toBe(ctx2.subject);
     expect(ctx1.sessionId).not.toBe(ctx2.sessionId);
   });

package/src/runtime/auth/__tests__/route-policy.test.ts CHANGED Viewed

@@ -129,13 +129,13 @@ describe("enforcePolicy", () => {
     expect(result!.status).toBe(403);
   });
-  test("standard actor endpoints allow actor, svc_gateway, and ipc", () => {
+  test("standard actor endpoints allow actor, svc_gateway, and local", () => {
     authDisabled = false;
     const policy = getPolicy("messages:POST");
     expect(policy).toBeDefined();
     expect(policy!.allowedPrincipalTypes).toContain("actor");
     expect(policy!.allowedPrincipalTypes).toContain("svc_gateway");
-    expect(policy!.allowedPrincipalTypes).toContain("ipc");
+    expect(policy!.allowedPrincipalTypes).toContain("local");
   });
   test("dev bypass allows all requests through regardless of policy", () => {

package/src/runtime/auth/__tests__/scopes.test.ts CHANGED Viewed

@@ -42,7 +42,7 @@ describe("resolveScopeProfile", () => {
     const scopes = resolveScopeProfile("actor_client_v1");
     expect(scopes.has("ingress.write")).toBe(false);
     expect(scopes.has("internal.write")).toBe(false);
-    expect(scopes.has("ipc.all")).toBe(false);
+    expect(scopes.has("local.all")).toBe(false);
   });
   test("gateway_ingress_v1 includes ingress and internal scopes", () => {
@@ -64,9 +64,9 @@ describe("resolveScopeProfile", () => {
     expect(scopes.size).toBe(7);
   });
-  test("ipc_v1 includes only ipc.all", () => {
-    const scopes = resolveScopeProfile("ipc_v1");
-    expect(scopes.has("ipc.all")).toBe(true);
+  test("local_v1 includes only local.all", () => {
+    const scopes = resolveScopeProfile("local_v1");
+    expect(scopes.has("local.all")).toBe(true);
     expect(scopes.size).toBe(1);
   });
 });
@@ -82,9 +82,9 @@ describe("hasScope", () => {
     expect(hasScope(ctx, "ingress.write")).toBe(false);
   });
-  test("returns true for ipc.all on ipc_v1 profile", () => {
-    const ctx = makeCtx("ipc_v1");
-    expect(hasScope(ctx, "ipc.all")).toBe(true);
+  test("returns true for local.all on local_v1 profile", () => {
+    const ctx = makeCtx("local_v1");
+    expect(hasScope(ctx, "local.all")).toBe(true);
   });
 });

package/src/runtime/auth/__tests__/subject.test.ts CHANGED Viewed

@@ -76,14 +76,14 @@ describe("parseSub", () => {
   });
   // -------------------------------------------------------------------------
-  // ipc pattern
+  // local pattern
   // -------------------------------------------------------------------------
-  test("parses ipc:<assistantId>:<sessionId>", () => {
-    const result = parseSub("ipc:self:session-xyz");
+  test("parses local:<assistantId>:<sessionId>", () => {
+    const result = parseSub("local:self:session-xyz");
     expect(result.ok).toBe(true);
     if (result.ok) {
-      expect(result.principalType).toBe("ipc");
+      expect(result.principalType).toBe("local");
       expect(result.assistantId).toBe("self");
       expect(result.sessionId).toBe("session-xyz");
       expect(result.actorPrincipalId).toBeUndefined();
@@ -158,16 +158,16 @@ describe("parseSub", () => {
     }
   });
-  test("fails on ipc with empty sessionId", () => {
-    const result = parseSub("ipc:self:");
+  test("fails on local with empty sessionId", () => {
+    const result = parseSub("local:self:");
     expect(result.ok).toBe(false);
     if (!result.ok) {
       expect(result.reason).toContain("empty");
     }
   });
-  test("fails on ipc with empty assistantId", () => {
-    const result = parseSub("ipc::session-abc");
+  test("fails on local with empty assistantId", () => {
+    const result = parseSub("local::session-abc");
     expect(result.ok).toBe(false);
     if (!result.ok) {
       expect(result.reason).toContain("empty");

package/src/runtime/auth/__tests__/token-service.test.ts CHANGED Viewed

@@ -13,7 +13,6 @@ mock.module("../../../util/platform.js", () => ({
   isMacOS: () => process.platform === "darwin",
   isLinux: () => process.platform === "linux",
   isWindows: () => process.platform === "win32",
-  getSocketPath: () => join(testDir, "test.sock"),
   getPidPath: () => join(testDir, "test.pid"),
   getLogPath: () => join(testDir, "test.log"),
   ensureDataDir: () => {},

package/src/runtime/auth/route-policy.ts CHANGED Viewed

@@ -126,6 +126,7 @@ const ACTOR_ENDPOINTS: Array<{ endpoint: string; scopes: Scope[] }> = [
   // Conversation / messaging
   { endpoint: "messages:GET", scopes: ["chat.read"] },
   { endpoint: "messages:POST", scopes: ["chat.write"] },
+  { endpoint: "btw", scopes: ["chat.write"] },
   { endpoint: "conversations", scopes: ["chat.read"] },
   { endpoint: "conversations:DELETE", scopes: ["chat.write"] },
   { endpoint: "conversations/switch", scopes: ["chat.write"] },
@@ -144,6 +145,7 @@ const ACTOR_ENDPOINTS: Array<{ endpoint: string; scopes: Scope[] }> = [
   { endpoint: "confirm", scopes: ["approval.write"] },
   { endpoint: "secret", scopes: ["approval.write"] },
   { endpoint: "trust-rules", scopes: ["approval.write"] },
+  { endpoint: "host-bash-result", scopes: ["approval.write"] },
   { endpoint: "pending-interactions", scopes: ["approval.read"] },
   // Guardian actions
@@ -379,6 +381,9 @@ const ACTOR_ENDPOINTS: Array<{ endpoint: string; scopes: Scope[] }> = [
   // Delivery ack
   { endpoint: "channels/delivery-ack", scopes: ["internal.write"] },
+  // MCP
+  { endpoint: "mcp/reload", scopes: ["settings.write"] },
   // Migrations
   { endpoint: "migrations/validate", scopes: ["settings.write"] },
   { endpoint: "migrations/export", scopes: ["settings.write"] },
@@ -395,6 +400,7 @@ const ACTOR_ENDPOINTS: Array<{ endpoint: string; scopes: Scope[] }> = [
   { endpoint: "schedules:DELETE", scopes: ["settings.write"] },
   { endpoint: "schedules/toggle", scopes: ["settings.write"] },
   { endpoint: "schedules/run", scopes: ["settings.write"] },
+  { endpoint: "schedules/cancel", scopes: ["settings.write"] },
   // Diagnostics
   { endpoint: "diagnostics/export", scopes: ["settings.read"] },
@@ -405,10 +411,8 @@ const ACTOR_ENDPOINTS: Array<{ endpoint: string; scopes: Scope[] }> = [
   // OAuth / integrations
   { endpoint: "integrations/oauth/start", scopes: ["settings.write"] },
-  { endpoint: "integrations/twitter/auth/start", scopes: ["settings.write"] },
-  { endpoint: "integrations/twitter/auth/status", scopes: ["settings.read"] },
-  // Workspace files (IPC-migrated)
+  // Workspace files
   { endpoint: "workspace-files", scopes: ["settings.read"] },
   { endpoint: "workspace-files/read", scopes: ["settings.read"] },
@@ -420,7 +424,7 @@ const ACTOR_ENDPOINTS: Array<{ endpoint: string; scopes: Scope[] }> = [
 for (const { endpoint, scopes } of ACTOR_ENDPOINTS) {
   registerPolicy(endpoint, {
     requiredScopes: scopes,
-    allowedPrincipalTypes: ["actor", "svc_gateway", "svc_daemon", "ipc"],
+    allowedPrincipalTypes: ["actor", "svc_gateway", "svc_daemon", "local"],
   });
 }

package/src/runtime/auth/scopes.ts CHANGED Viewed

@@ -37,7 +37,7 @@ const PROFILE_SCOPES: Record<ScopeProfile, ReadonlySet<Scope>> = {
     "attachments.write",
     "internal.write",
   ]),
-  ipc_v1: new Set<Scope>(["ipc.all"]),
+  local_v1: new Set<Scope>(["local.all"]),
   ui_page_v1: new Set<Scope>(["settings.read"]),
 };

package/src/runtime/auth/subject.ts CHANGED Viewed

@@ -32,7 +32,7 @@ export type ParseSubResult =
  *   actor:<assistantId>:<actorPrincipalId>
  *   svc:gateway:<assistantId>
  *   svc:daemon:<identifier>
- *   ipc:<assistantId>:<sessionId>
+ *   local:<assistantId>:<sessionId>
  */
 export function parseSub(sub: string): ParseSubResult {
   if (!sub || typeof sub !== "string") {
@@ -68,15 +68,15 @@ export function parseSub(sub: string): ParseSubResult {
     return { ok: true, principalType: "svc_daemon", assistantId: identifier };
   }
-  if (parts[0] === "ipc" && parts.length === 3) {
+  if (parts[0] === "local" && parts.length === 3) {
     const [, assistantId, sessionId] = parts;
     if (!assistantId || !sessionId) {
       return {
         ok: false,
-        reason: "ipc sub has empty assistantId or sessionId",
+        reason: "local sub has empty assistantId or sessionId",
       };
     }
-    return { ok: true, principalType: "ipc", assistantId, sessionId };
+    return { ok: true, principalType: "local", assistantId, sessionId };
   }
   return { ok: false, reason: `unrecognized sub pattern: ${sub}` };

package/src/runtime/auth/token-service.ts CHANGED Viewed

@@ -329,29 +329,6 @@ export function mintUiPageToken(): string {
   });
 }
-// ---------------------------------------------------------------------------
-// CLI edge token
-// ---------------------------------------------------------------------------
-/**
- * Mint a long-lived JWT for the CLI to authenticate with the gateway.
- *
- * Written to ~/.vellum/http-token at daemon startup so the CLI can read it
- * and pass it as a Bearer token. Regenerated on each daemon restart. A 30-day
- * TTL avoids expiry between restarts while keeping the window bounded.
- *
- * Uses aud=vellum-gateway so the gateway's edge-auth middleware accepts it.
- */
-export function mintCliEdgeToken(): string {
-  return mintToken({
-    aud: "vellum-gateway",
-    sub: "svc:daemon:self",
-    scope_profile: "gateway_service_v1",
-    policy_epoch: CURRENT_POLICY_EPOCH,
-    ttlSeconds: 86400 * 30,
-  });
-}
 // ---------------------------------------------------------------------------
 // Pairing bearer token
 // ---------------------------------------------------------------------------

package/src/runtime/auth/types.ts CHANGED Viewed

@@ -13,7 +13,7 @@ export type ScopeProfile =
   | "actor_client_v1"
   | "gateway_ingress_v1"
   | "gateway_service_v1"
-  | "ipc_v1"
+  | "local_v1"
   | "ui_page_v1";
 // ---------------------------------------------------------------------------
@@ -35,13 +35,13 @@ export type Scope =
   | "internal.write"
   | "feature_flags.read"
   | "feature_flags.write"
-  | "ipc.all";
+  | "local.all";
 // ---------------------------------------------------------------------------
 // Principal types — derived from the sub pattern
 // ---------------------------------------------------------------------------
-export type PrincipalType = "actor" | "svc_gateway" | "svc_daemon" | "ipc";
+export type PrincipalType = "actor" | "svc_gateway" | "svc_daemon" | "local";
 // ---------------------------------------------------------------------------
 // Token audience — which service the JWT is intended for

package/src/runtime/guardian-action-followup-executor.ts CHANGED Viewed

@@ -13,7 +13,7 @@
  * reply text for the guardian's confirmation message.
  *
  * This module is channel-agnostic: both inbound-message-handler (Telegram
- * channels) and session-process (mac/IPC channel) use it.
+ * channels) and session-process (desktop channel) use it.
  */
 import { startCall } from "../calls/call-domain.js";

package/src/runtime/guardian-action-grant-minter.ts CHANGED Viewed

@@ -3,7 +3,7 @@
  * request is resolved with tool metadata.
  *
  * Used by both the channel inbound path (inbound-message-handler.ts) and
- * the desktop/IPC path (session-process.ts) to ensure grants are minted
+ * the desktop path (session-process.ts) to ensure grants are minted
  * consistently regardless of which channel the guardian answers on.
  */

package/src/runtime/guardian-action-service.ts CHANGED Viewed

@@ -3,7 +3,7 @@
  *
  * Encapsulates the core business logic — validation, conversation scoping,
  * canonical decision application, and result mapping — so both the HTTP
- * handler and the IPC handler can delegate here without duplicating code.
+ * handler and the message handler can delegate here without duplicating code.
  */
 import { applyCanonicalGuardianDecision } from "../approvals/guardian-decision-primitive.js";
@@ -61,7 +61,7 @@ export type ProcessGuardianDecisionResult =
  *
  * Validates the action, checks conversation scope if applicable, applies the
  * canonical decision, and maps the result to a caller-agnostic shape that
- * both HTTP and IPC handlers can interpret.
+ * both HTTP and message handlers can interpret.
  */
 export async function processGuardianDecision(
   params: ProcessGuardianDecisionParams,
@@ -97,7 +97,7 @@ export async function processGuardianDecision(
     action: action as ApprovalAction,
     actorContext: {
       actorPrincipalId: actorContext.actorPrincipalId,
-      actorExternalUserId: undefined, // Desktop/IPC path — no channel-native ID
+      actorExternalUserId: undefined, // Desktop path — no channel-native ID
       channel,
       guardianPrincipalId: actorContext.guardianPrincipalId,
     },

package/src/runtime/http-server.ts CHANGED Viewed

@@ -97,6 +97,7 @@ import { appRouteDefinitions } from "./routes/app-routes.js";
 import { approvalRouteDefinitions } from "./routes/approval-routes.js";
 import { attachmentRouteDefinitions } from "./routes/attachment-routes.js";
 import { brainGraphRouteDefinitions } from "./routes/brain-graph-routes.js";
+import { btwRouteDefinitions } from "./routes/btw-routes.js";
 import { callRouteDefinitions } from "./routes/call-routes.js";
 import {
   startCanonicalGuardianExpirySweep,
@@ -124,6 +125,8 @@ import { globalSearchRouteDefinitions } from "./routes/global-search-routes.js";
 import { guardianActionRouteDefinitions } from "./routes/guardian-action-routes.js";
 import { handleGuardianBootstrap } from "./routes/guardian-bootstrap-routes.js";
 import { handleGuardianRefresh } from "./routes/guardian-refresh-routes.js";
+import { hostBashRouteDefinitions } from "./routes/host-bash-routes.js";
+import { hostFileRouteDefinitions } from "./routes/host-file-routes.js";
 import { handleHealth } from "./routes/identity-routes.js";
 import { identityRouteDefinitions } from "./routes/identity-routes.js";
 import { slackChannelRouteDefinitions } from "./routes/integrations/slack/channel.js";
@@ -131,6 +134,8 @@ import { slackShareRouteDefinitions } from "./routes/integrations/slack/share.js
 import { telegramRouteDefinitions } from "./routes/integrations/telegram.js";
 import { twilioRouteDefinitions } from "./routes/integrations/twilio.js";
 import { inviteRouteDefinitions } from "./routes/invite-routes.js";
+import { logExportRouteDefinitions } from "./routes/log-export-routes.js";
+import { mcpRouteDefinitions } from "./routes/mcp-routes.js";
 import { migrationRouteDefinitions } from "./routes/migration-routes.js";
 import type { PairingHandlerContext } from "./routes/pairing-routes.js";
 import {
@@ -242,12 +247,12 @@ export class RuntimeHttpServer {
     return this.server?.port ?? this.port;
   }
-  /** Expose the pairing store so the daemon server can wire IPC handlers. */
+  /** Expose the pairing store so the daemon server can wire HTTP handlers. */
   getPairingStore(): PairingStore {
     return this.pairingStore;
   }
-  /** Set a callback for broadcasting IPC messages (wired by daemon server). */
+  /** Set a callback for broadcasting server messages (wired by daemon server). */
   setPairingBroadcast(fn: (msg: ServerMessage) => void): void {
     this.pairingBroadcast = fn;
   }
@@ -712,6 +717,7 @@ export class RuntimeHttpServer {
       ...secretRouteDefinitions(),
       ...identityRouteDefinitions(),
       ...debugRouteDefinitions(),
+      ...mcpRouteDefinitions(),
       ...usageRouteDefinitions(),
       ...workspaceRouteDefinitions(),
       ...settingsRouteDefinitions(),
@@ -719,6 +725,7 @@ export class RuntimeHttpServer {
         sendMessageDeps: this.sendMessageDeps,
       }),
       ...diagnosticsRouteDefinitions(),
+      ...logExportRouteDefinitions(),
       ...documentRouteDefinitions(),
       ...workItemRouteDefinitions(
         this.sendMessageDeps
@@ -920,6 +927,10 @@ export class RuntimeHttpServer {
         },
       },
+      ...btwRouteDefinitions({
+        sendMessageDeps: this.sendMessageDeps,
+      }),
       ...conversationRouteDefinitions({
         interfacesDir: this.interfacesDir,
         sendMessageDeps: this.sendMessageDeps,
@@ -929,6 +940,8 @@ export class RuntimeHttpServer {
       }),
       ...globalSearchRouteDefinitions(),
       ...approvalRouteDefinitions(),
+      ...hostBashRouteDefinitions(),
+      ...hostFileRouteDefinitions(),
       ...(this.getSkillContext
         ? skillRouteDefinitions({
             getSkillContext: this.getSkillContext,

package/src/runtime/invite-service.ts CHANGED Viewed

@@ -1,8 +1,8 @@
 /**
  * Shared business logic for invite management.
  *
- * Extracted from the IPC handlers in daemon/handlers/config-inbox.ts so that
- * both the HTTP routes and the IPC handlers call the same logic.
+ * Extracted from the handlers in daemon/handlers/config-inbox.ts so that
+ * both the HTTP routes and the message handlers call the same logic.
  *
  * Member/contact operations have been migrated to the /v1/contacts and
  * /v1/contacts/channels endpoints.
@@ -38,7 +38,7 @@ import {
 } from "./invite-redemption-service.js";
 // ---------------------------------------------------------------------------
-// Response shapes — used by both HTTP routes and IPC handlers
+// Response shapes — used by both HTTP routes and message handlers
 // ---------------------------------------------------------------------------
 export interface InviteResponseData {

package/src/runtime/local-actor-identity.ts CHANGED Viewed

@@ -1,12 +1,12 @@
 /**
- * Deterministic local actor identity for IPC connections.
+ * Deterministic local actor identity for local connections.
  *
- * IPC (Unix domain socket) connections come from the local macOS native app.
- * No actor token is sent over the socket; instead, the daemon assigns a
+ * Local connections come from the native app via local HTTP sessions.
+ * No actor token is sent over the connection; instead, the daemon assigns a
  * deterministic local actor identity server-side by looking up the vellum
  * channel guardian binding.
  *
- * This routes IPC connections through the same `resolveTrustContext`
+ * This routes local connections through the same `resolveTrustContext`
  * pathway used by HTTP channel ingress, producing equivalent
  * guardian-context behavior for the vellum channel.
  */
@@ -34,34 +34,29 @@ const log = getLogger("local-actor-identity");
  */
 export function buildLocalAuthContext(sessionId: string): AuthContext {
   return {
-    subject: `ipc:self:${sessionId}`,
-    principalType: "ipc",
+    subject: `local:self:${sessionId}`,
+    principalType: "local",
     assistantId: DAEMON_INTERNAL_ASSISTANT_ID,
     sessionId,
-    scopeProfile: "ipc_v1",
-    scopes: resolveScopeProfile("ipc_v1"),
+    scopeProfile: "local_v1",
+    scopes: resolveScopeProfile("local_v1"),
     policyEpoch: CURRENT_POLICY_EPOCH,
   };
 }
 /**
- * @deprecated Use `buildLocalAuthContext` instead.
- */
-export const buildIpcAuthContext = buildLocalAuthContext;
-/**
- * Resolve the guardian runtime context for a local IPC connection.
+ * Resolve the guardian runtime context for a local connection.
  *
  * Looks up the vellum guardian binding to obtain the `guardianPrincipalId`,
  * then passes it as the sender identity through `resolveTrustContext` --
- * the same pathway HTTP channel routes use. This ensures IPC and HTTP
+ * the same pathway HTTP channel routes use. This ensures local and HTTP
  * produce equivalent trust classification for the vellum channel.
  *
  * When no vellum guardian binding exists (e.g. fresh install before
  * bootstrap), falls back to a minimal guardian context so the local
  * user is not incorrectly denied.
  */
-export function resolveLocalIpcTrustContext(
+export function resolveLocalTrustContext(
   sourceChannel: ChannelId = "vellum",
 ): TrustContext {
   const assistantId = DAEMON_INTERNAL_ASSISTANT_ID;
@@ -81,7 +76,7 @@ export function resolveLocalIpcTrustContext(
   // No guardian contact with a principalId — bootstrap via ensureVellumGuardianBinding
   // to self-heal (creates the binding + contact if missing).
-  log.debug("No vellum guardian contact found; bootstrapping binding for IPC");
+  log.debug("No vellum guardian contact found; bootstrapping binding for local session");
   try {
     const principalId = ensureVellumGuardianBinding(assistantId);
     const trustCtx = resolveTrustContext({
@@ -107,15 +102,15 @@ export function resolveLocalIpcTrustContext(
 }
 /**
- * Build an AuthContext for a local IPC connection.
+ * Build an AuthContext for a local connection.
  *
  * Produces the same AuthContext shape that HTTP routes receive from JWT
- * verification, using the `ipc_v1` scope profile. The `actorPrincipalId`
+ * verification, using the `local_v1` scope profile. The `actorPrincipalId`
  * is populated from the vellum guardian binding when available, enabling
  * downstream code to resolve guardian context using the same
  * `authContext.actorPrincipalId` path as HTTP sessions.
  */
-export function resolveLocalIpcAuthContext(sessionId: string): AuthContext {
+export function resolveLocalAuthContext(sessionId: string): AuthContext {
   const authContext = buildLocalAuthContext(sessionId);
   // Enrich with the guardian principal ID from contacts-first path
@@ -128,10 +123,10 @@ export function resolveLocalIpcAuthContext(sessionId: string): AuthContext {
   }
   // Self-heal: no guardian contact with principalId — bootstrap via
-  // ensureVellumGuardianBinding (mirrors resolveLocalIpcTrustContext).
+  // ensureVellumGuardianBinding (mirrors resolveLocalTrustContext).
   try {
     log.debug(
-      "No vellum guardian contact found; bootstrapping binding for IPC auth",
+      "No vellum guardian contact found; bootstrapping binding for local auth",
     );
     const principalId = ensureVellumGuardianBinding(authContext.assistantId);
     return { ...authContext, actorPrincipalId: principalId };

package/src/runtime/pending-interactions.ts CHANGED Viewed

@@ -1,11 +1,12 @@
 /**
  * In-memory tracker that maps requestId to session info for pending
- * confirmation and secret interactions.
+ * confirmation, secret, host_bash, and host_file interactions.
  *
- * When the agent loop emits a confirmation_request or secret_request,
- * the onEvent callback registers the interaction here. Standalone HTTP
- * endpoints (/v1/confirm, /v1/secret, /v1/trust-rules) look up the
- * session from this tracker to resolve the interaction.
+ * When the agent loop emits a confirmation_request, secret_request,
+ * host_bash_request, or host_file_request, the onEvent callback registers
+ * the interaction here. Standalone HTTP endpoints (/v1/confirm, /v1/secret,
+ * /v1/trust-rules, /v1/host-bash-result, /v1/host-file-result) look up
+ * the session from this tracker to resolve the interaction.
  */
 import type { Session } from "../daemon/session.js";
@@ -28,7 +29,7 @@ export interface ConfirmationDetails {
 export interface PendingInteraction {
   session: Session;
   conversationId: string;
-  kind: "confirmation" | "secret";
+  kind: "confirmation" | "secret" | "host_bash" | "host_file";
   confirmationDetails?: ConfirmationDetails;
 }
@@ -78,12 +79,23 @@ export function getByConversation(
 }
 /**
- * Remove all pending interactions for a given session.
- * Used when auto-denying all pending confirmations (e.g. new user message).
+ * Remove pending confirmation and secret interactions for a given session.
+ * Used when auto-denying all pending interactions (e.g. new user message).
+ *
+ * host_bash and host_file interactions are intentionally skipped — they
+ * represent in-flight tool executions proxied to the client, not
+ * confirmations to auto-deny. Removing them would orphan the request: the
+ * client would POST to /v1/host-bash-result or /v1/host-file-result after
+ * completing the operation, get a 404, and the proxy timer would fire with
+ * a spurious timeout error.
  */
 export function removeBySession(session: Session): void {
   for (const [requestId, interaction] of pending) {
-    if (interaction.session === session) {
+    if (
+      interaction.session === session &&
+      interaction.kind !== "host_bash" &&
+      interaction.kind !== "host_file"
+    ) {
       pending.delete(requestId);
     }
   }