@vellumai/assistant 0.4.49 → 0.4.50

package/src/agent/loop.ts

@@ -35,6 +35,7 @@ export interface CheckpointInfo {
   turnIndex: number;
   toolCount: number;
   hasToolUse: boolean;
+  history: Message[]; // current history snapshot for token estimation
 }
 
 export type CheckpointDecision = "continue" | "yield";
@@ -71,7 +72,13 @@ export type AgentEvent =
       toolUseId: string;
       accumulatedJson: string;
     }
-  | { type: "server_tool_start"; name: string; toolUseId: string }
+  | {
+      type: "server_tool_start";
+      name: string;
+      toolUseId: string;
+      input: Record<string, unknown>;
+    }
+  | { type: "server_tool_complete"; toolUseId: string }
   | { type: "error"; error: Error }
   | {
       type: "usage";
@@ -305,6 +312,12 @@ export class AgentLoop {
                   type: "server_tool_start",
                   name: event.name,
                   toolUseId: event.toolUseId,
+                  input: event.input,
+                });
+              } else if (event.type === "server_tool_complete") {
+                onEvent({
+                  type: "server_tool_complete",
+                  toolUseId: event.toolUseId,
                 });
               }
             },
@@ -561,6 +574,7 @@ export class AgentLoop {
             turnIndex: toolUseTurns - 1, // 0-based (toolUseTurns was already incremented)
             toolCount: toolUseBlocks.length,
             hasToolUse: true,
+            history,
           });
           if (decision === "yield") {
             break;
@@ -622,40 +636,53 @@ export function escapeAxTreeContent(content: string): string {
  * `MAX_AX_TREES_IN_HISTORY` `<ax-tree>` blocks have been replaced with a
  * short placeholder.  This keeps the conversation context small so that
  * TTFT does not grow linearly with step count in computer-use sessions.
+ *
+ * Counting is per-block, not per-message — a single user message can
+ * contain multiple tool_result blocks each with their own AX tree snapshot.
  */
 export function compactAxTreeHistory(messages: Message[]): Message[] {
-  // Collect indices of user messages that contain an <ax-tree> block
-  const indicesWithAxTree: number[] = [];
+  // Collect (messageIndex, blockIndex) for every tool_result block with <ax-tree>
+  const axBlocks: Array<{ msgIdx: number; blockIdx: number }> = [];
   for (let i = 0; i < messages.length; i++) {
     const msg = messages[i];
     if (msg.role !== "user") continue;
-    for (const block of msg.content) {
+    for (let j = 0; j < msg.content.length; j++) {
+      const block = msg.content[j];
       if (
         block.type === "tool_result" &&
         typeof block.content === "string" &&
         block.content.includes("<ax-tree>")
       ) {
-        indicesWithAxTree.push(i);
-        break;
+        axBlocks.push({ msgIdx: i, blockIdx: j });
       }
     }
   }
 
-  if (indicesWithAxTree.length <= MAX_AX_TREES_IN_HISTORY) {
+  if (axBlocks.length <= MAX_AX_TREES_IN_HISTORY) {
     return messages;
   }
 
-  const toStrip = new Set(indicesWithAxTree.slice(0, -MAX_AX_TREES_IN_HISTORY));
+  // Build a set of "msgIdx:blockIdx" keys for blocks that should be stripped
+  const toStrip = new Set(
+    axBlocks
+      .slice(0, -MAX_AX_TREES_IN_HISTORY)
+      .map((b) => `${b.msgIdx}:${b.blockIdx}`),
+  );
 
   return messages.map((msg, idx) => {
-    if (!toStrip.has(idx)) return msg;
+    // Quick check: does this message have any blocks to strip?
+    const hasStripTarget = msg.content.some((_, j) =>
+      toStrip.has(`${idx}:${j}`),
+    );
+    if (!hasStripTarget) return msg;
+
     return {
       ...msg,
-      content: msg.content.map((block) => {
+      content: msg.content.map((block, j) => {
         if (
+          toStrip.has(`${idx}:${j}`) &&
           block.type === "tool_result" &&
-          typeof block.content === "string" &&
-          block.content.includes("<ax-tree>")
+          typeof block.content === "string"
         ) {
           return {
             ...block,

package/src/approvals/AGENTS.md

@@ -16,7 +16,7 @@ Conversational guardian verification control-plane invocation is guardian-only.
 
 ## Memory Provenance Invariant
 
-All memory extraction and retrieval decisions must consider actor-role provenance. Untrusted actors (non-guardian, unverified_channel) must not trigger profile extraction or receive memory recall/conflict disclosures. This invariant is enforced in `indexer.ts` (write gate) and `session-memory.ts` (read gate).
+All memory retrieval decisions must consider actor-role provenance. Untrusted actors (non-guardian, unverified_channel) must not receive memory recall results. This invariant is enforced in `indexer.ts` (write gate) and `session-memory.ts` (read gate).
 
 ## Guardian Privilege Isolation Invariant
 

package/src/approvals/guardian-request-resolvers.ts

@@ -424,11 +424,17 @@ const accessRequestResolver: GuardianRequestResolver = {
           dedupeKey: `trusted-contact:denied:${request.id}`,
         });
       } else if (desktopDeliverUrl && requesterChatId) {
+        // For Slack, route to DM via requesterExternalUserId (user ID) instead
+        // of requesterChatId (channel ID) to avoid posting in public channels.
+        const targetChatId =
+          channel === "slack" && requesterExternalUserId
+            ? requesterExternalUserId
+            : requesterChatId;
         try {
           await deliverChannelReply(
             desktopDeliverUrl,
             {
-              chatId: requesterChatId,
+              chatId: targetChatId,
               text: "Your access request has been denied by the guardian.",
               assistantId,
             },
@@ -601,11 +607,17 @@ const accessRequestResolver: GuardianRequestResolver = {
         });
       }
     } else if (desktopDeliverUrl && requesterChatId) {
+      // For Slack, route to DM via requesterExternalUserId (user ID) instead
+      // of requesterChatId (channel ID) to avoid posting in public channels.
+      const targetChatId =
+        channel === "slack" && requesterExternalUserId
+          ? requesterExternalUserId
+          : requesterChatId;
       try {
         await deliverChannelReply(
           desktopDeliverUrl,
           {
-            chatId: requesterChatId,
+            chatId: targetChatId,
             text:
               "Your access request has been approved! " +
               "Please enter the 6-digit verification code you receive from the guardian.",

package/src/bundler/compiler-tools.ts

@@ -6,6 +6,7 @@
  * same pattern as EmbeddingRuntimeManager.
  */
 
+import { createHash } from "node:crypto";
 import {
   chmodSync,
   existsSync,
@@ -54,11 +55,69 @@ function npmTarballUrl(pkg: string, version: string): string {
   return `https://registry.npmjs.org/${encoded}/-/${basename}-${version}.tgz`;
 }
 
+async function fetchNpmIntegrity(
+  pkg: string,
+  version: string,
+): Promise<string> {
+  const encoded = pkg.replace("/", "%2f");
+  const metadataUrl = `https://registry.npmjs.org/${encoded}/${version}`;
+  const response = await fetch(metadataUrl);
+  if (!response.ok) {
+    throw new Error(
+      `Failed to fetch npm metadata for ${pkg}@${version}: ${response.status} ${response.statusText}`,
+    );
+  }
+
+  const data = (await response.json()) as {
+    dist?: { integrity?: string; shasum?: string };
+  };
+
+  if (
+    typeof data.dist?.integrity === "string" &&
+    data.dist.integrity.length > 0
+  ) {
+    return data.dist.integrity;
+  }
+
+  if (typeof data.dist?.shasum === "string" && data.dist.shasum.length > 0) {
+    return `sha1-${Buffer.from(data.dist.shasum, "hex").toString("base64")}`;
+  }
+
+  throw new Error(`Missing npm integrity metadata for ${pkg}@${version}`);
+}
+
+function verifyIntegrity(
+  tarball: Uint8Array,
+  integrity: string,
+  pkg: string,
+  version: string,
+): void {
+  const [algorithm, expectedDigest] = integrity.split("-", 2);
+  if (!algorithm || !expectedDigest) {
+    throw new Error(`Invalid integrity metadata for ${pkg}@${version}`);
+  }
+
+  if (algorithm !== "sha512" && algorithm !== "sha1") {
+    throw new Error(
+      `Unsupported integrity algorithm ${algorithm} for ${pkg}@${version}`,
+    );
+  }
+
+  const actualDigest = createHash(algorithm).update(tarball).digest("base64");
+  if (actualDigest !== expectedDigest) {
+    throw new Error(`Integrity verification failed for ${pkg}@${version}`);
+  }
+}
+
 async function downloadAndExtract(
+  pkg: string,
+  version: string,
   url: string,
   targetDir: string,
 ): Promise<void> {
-  log.info({ url, targetDir }, "Downloading npm package");
+  log.info({ pkg, version, url, targetDir }, "Downloading npm package");
+
+  const integrity = await fetchNpmIntegrity(pkg, version);
 
   const response = await fetch(url);
   if (!response.ok) {
@@ -67,7 +126,8 @@ async function downloadAndExtract(
     );
   }
 
-  const tarball = await response.arrayBuffer();
+  const tarball = new Uint8Array(await response.arrayBuffer());
+  verifyIntegrity(tarball, integrity, pkg, version);
   mkdirSync(targetDir, { recursive: true });
 
   const tmpTar = join(targetDir, `download-${Date.now()}.tgz`);
@@ -191,10 +251,14 @@ async function install(baseDir: string): Promise<void> {
     // Download esbuild binary + preact in parallel
     await Promise.all([
       downloadAndExtract(
+        `@esbuild/${esbuildPlatform}`,
+        ESBUILD_VERSION,
         npmTarballUrl(`@esbuild/${esbuildPlatform}`, ESBUILD_VERSION),
         join(tmpDir, "esbuild-pkg"),
       ),
       downloadAndExtract(
+        "preact",
+        PREACT_VERSION,
         npmTarballUrl("preact", PREACT_VERSION),
         join(tmpDir, "node_modules", "preact"),
       ),

package/src/calls/call-domain.ts

@@ -1017,3 +1017,135 @@ export async function startVerificationCall(
     };
   }
 }
+
+// ── Invite call ───────────────────────────────────────────────────────
+
+export type StartInviteCallInput = {
+  phoneNumber: string;
+  friendName: string;
+  guardianName: string;
+  assistantId?: string;
+};
+
+export type StartInviteCallResult = { ok: true; callSid: string } | CallError;
+
+/**
+ * Initiate an outbound call to deliver a voice invite to a contact.
+ *
+ * Creates a minimal call session with a voice channel binding and
+ * passes invite-specific custom parameters so the relay server can
+ * detect this is an invite redemption call.
+ */
+export async function startInviteCall(
+  input: StartInviteCallInput,
+): Promise<StartInviteCallResult> {
+  const { phoneNumber, friendName, guardianName } = input;
+
+  if (!phoneNumber || !E164_REGEX.test(phoneNumber)) {
+    return {
+      ok: false,
+      error: "phone_number must be in E.164 format",
+      status: 400,
+    };
+  }
+
+  let sessionId: string | null = null;
+
+  try {
+    const config = loadConfig();
+    const provider = new TwilioConversationRelayProvider();
+
+    // Resolve the assistant's Twilio number as the caller ID
+    const identityResult = await resolveCallerIdentity(config);
+    if (!identityResult.ok) {
+      return { ok: false, error: identityResult.error, status: 400 };
+    }
+
+    const preflightResult = await preflightVoiceIngress();
+    if (!preflightResult.ok) {
+      return preflightResult;
+    }
+    const ingressConfig = preflightResult.ingressConfig;
+
+    // Create a minimal conversation so the call session has a valid FK,
+    // and bind it to the voice channel so it never appears as an unbound
+    // desktop thread.
+    const timestamp = Date.now();
+    const convKey = `invite-call:${phoneNumber}:${timestamp}`;
+    const { conversationId } = getOrCreateConversation(convKey);
+
+    upsertBinding({
+      conversationId,
+      sourceChannel: "phone",
+      externalChatId: `invite-call:${phoneNumber}:${timestamp}`,
+    });
+
+    const session = createCallSession({
+      conversationId,
+      provider: "twilio",
+      fromNumber: identityResult.fromNumber,
+      toNumber: phoneNumber,
+      callMode: "invite",
+      inviteFriendName: friendName,
+      inviteGuardianName: guardianName,
+      initiatedFromConversationId: conversationId,
+    });
+    sessionId = session.id;
+
+    const webhookUrl = await resolveCallbackUrl(
+      () => getTwilioVoiceWebhookUrl(ingressConfig, session.id),
+      "webhooks/twilio/voice",
+      "twilio_voice",
+      { callSessionId: session.id },
+    );
+    const statusCallbackUrl = await resolveCallbackUrl(
+      () => getTwilioStatusCallbackUrl(ingressConfig),
+      "webhooks/twilio/status",
+      "twilio_status",
+    );
+
+    upsertActiveCallLease({ callSessionId: session.id });
+
+    const { callSid } = await provider.initiateCall({
+      from: identityResult.fromNumber,
+      to: phoneNumber,
+      webhookUrl,
+      statusCallbackUrl,
+    });
+
+    updateCallSession(session.id, { providerCallSid: callSid });
+
+    log.info(
+      {
+        callSessionId: session.id,
+        callSid,
+        to: phoneNumber,
+        friendName,
+        guardianName,
+      },
+      "Invite call initiated",
+    );
+
+    return { ok: true, callSid };
+  } catch (err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    log.error(
+      { err, phoneNumber, friendName, guardianName },
+      "Failed to initiate invite call",
+    );
+
+    if (sessionId) {
+      updateCallSession(sessionId, {
+        status: "failed",
+        endedAt: Date.now(),
+        lastError: msg,
+      });
+    }
+
+    return {
+      ok: false,
+      error: `Error initiating invite call: ${msg}`,
+      status: 500,
+    };
+  }
+}

package/src/calls/call-store.ts

@@ -37,6 +37,8 @@ const parseCallSession = createRowMapper<
   status: { from: "status", transform: cast<CallSession["status"]>() },
   callMode: { from: "callMode", transform: cast<CallSession["callMode"]>() },
   verificationSessionId: "verificationSessionId",
+  inviteFriendName: "inviteFriendName",
+  inviteGuardianName: "inviteGuardianName",
   callerIdentityMode: "callerIdentityMode",
   callerIdentitySource: "callerIdentitySource",
   initiatedFromConversationId: "initiatedFromConversationId",
@@ -81,6 +83,8 @@ export function createCallSession(opts: {
   task?: string;
   callMode?: string;
   verificationSessionId?: string;
+  inviteFriendName?: string;
+  inviteGuardianName?: string;
   callerIdentityMode?: string;
   callerIdentitySource?: string;
   initiatedFromConversationId?: string;
@@ -98,6 +102,8 @@ export function createCallSession(opts: {
     status: "initiated" as const,
     callMode: (opts.callMode ?? null) as CallSession["callMode"],
     verificationSessionId: opts.verificationSessionId ?? null,
+    inviteFriendName: opts.inviteFriendName ?? null,
+    inviteGuardianName: opts.inviteGuardianName ?? null,
     callerIdentityMode: opts.callerIdentityMode ?? null,
     callerIdentitySource: opts.callerIdentitySource ?? null,
     initiatedFromConversationId: opts.initiatedFromConversationId ?? null,

package/src/calls/relay-server.ts

@@ -575,6 +575,7 @@ export class RelayConnection {
           outcome.fromNumber,
           outcome.friendName,
           outcome.guardianName,
+          !resolved.isInbound,
         );
         return;
       case "name_capture":
@@ -772,6 +773,12 @@ export class RelayConnection {
     fromNumber: string;
     callerName?: string;
     skipMemberActivation?: boolean;
+    activationReason?:
+      | "invite_redeemed"
+      | "access_approved"
+      | "trusted_contact_verified";
+    friendName?: string;
+    guardianName?: string;
   }): void {
     const { assistantId, fromNumber, callerName } = params;
 
@@ -808,7 +815,25 @@ export class RelayConnection {
     updateCallSession(this.callSessionId, { status: "in_progress" });
 
     const guardianLabel = this.resolveGuardianLabel();
-    const handoffText = `Great! ${guardianLabel} said I can speak with you. How can I help?`;
+    let handoffText: string;
+
+    if (params.activationReason === "invite_redeemed") {
+      const name = params.friendName;
+      const assistantName = this.resolveAssistantLabel();
+      const gLabel = params.guardianName || guardianLabel;
+      if (name) {
+        handoffText = assistantName
+          ? `Great, I've verified that you are ${name}. It's nice to meet you! I'm ${assistantName}, ${gLabel}'s assistant. How can I help?`
+          : `Great, I've verified that you are ${name}. It's nice to meet you! How can I help?`;
+      } else {
+        handoffText = assistantName
+          ? `Great, I've verified your identity. It's nice to meet you! I'm ${assistantName}, ${gLabel}'s assistant. How can I help?`
+          : `Great, I've verified your identity. It's nice to meet you! How can I help?`;
+      }
+    } else {
+      handoffText = `Great! ${guardianLabel} said I can speak with you. How can I help?`;
+    }
+
     this.sendTextToken(handoffText, true);
 
     recordCallEvent(this.callSessionId, "assistant_spoke", {
@@ -1000,6 +1025,7 @@ export class RelayConnection {
         this.continueCallAfterTrustedContactActivation({
           assistantId,
           fromNumber,
+          activationReason: "trusted_contact_verified",
         });
       } else {
         // Inbound guardian verification: binding already handled above,
@@ -1096,6 +1122,7 @@ export class RelayConnection {
     fromNumber: string,
     friendName: string | null,
     guardianName: string | null,
+    isOutbound: boolean,
   ): void {
     this.inviteRedemptionActive = true;
     this.inviteRedemptionAssistantId = assistantId;
@@ -1116,10 +1143,17 @@ export class RelayConnection {
 
     const displayFriend = friendName ?? "there";
     const displayGuardian = guardianName ?? "your contact";
-    this.sendTextToken(
-      `Welcome ${displayFriend}. Please enter the 6-digit code that ${displayGuardian} provided you to verify your identity.`,
-      true,
-    );
+
+    let promptText: string;
+    if (isOutbound) {
+      const assistantName = this.resolveAssistantLabel();
+      promptText = assistantName
+        ? `Hi ${displayFriend}, this is ${assistantName}, ${displayGuardian}'s assistant. To get started, please enter the 6-digit code that ${displayGuardian} shared with you.`
+        : `Hi ${displayFriend}, this is ${displayGuardian}'s assistant. To get started, please enter the 6-digit code that ${displayGuardian} shared with you.`;
+    } else {
+      promptText = `Welcome ${displayFriend}. Please enter the 6-digit code that ${displayGuardian} provided you to verify your identity.`;
+    }
+    this.sendTextToken(promptText, true);
 
     log.info(
       { callSessionId: this.callSessionId, assistantId },
@@ -1358,6 +1392,7 @@ export class RelayConnection {
       assistantId,
       fromNumber,
       callerName: callerName ?? undefined,
+      activationReason: "access_approved",
     });
 
     recordCallEvent(
@@ -1541,6 +1576,9 @@ export class RelayConnection {
         fromNumber: this.inviteRedemptionFromNumber,
         callerName: this.inviteRedemptionFriendName ?? undefined,
         skipMemberActivation: true,
+        activationReason: "invite_redeemed",
+        friendName: this.inviteRedemptionFriendName ?? undefined,
+        guardianName: this.inviteRedemptionGuardianName ?? undefined,
       });
     } else {
       this.inviteRedemptionActive = false;

package/src/calls/relay-setup-router.ts

@@ -99,8 +99,24 @@ export function routeSetup(ctx: SetupContext): {
     actorTrust,
   };
 
-  // ── Outbound guardian verification (persisted mode) ──────────────
+  // ── Outbound flow selection based on persisted call mode ──────────
   const persistedMode = ctx.session?.callMode;
+
+  // ── Outbound invite redemption (persisted mode) ─────────────────
+  if (persistedMode === "invite") {
+    return {
+      outcome: {
+        action: "invite_redemption" as const,
+        assistantId,
+        fromNumber: ctx.to,
+        friendName: ctx.session?.inviteFriendName ?? null,
+        guardianName: ctx.session?.inviteGuardianName ?? null,
+      },
+      resolved,
+    };
+  }
+
+  // ── Outbound guardian verification (persisted mode) ──────────────
   const persistedVsId = ctx.session?.verificationSessionId;
   const customParamVsId = ctx.customParameters?.verificationSessionId;
   const verificationSessionId = persistedVsId ?? customParamVsId;

package/src/calls/twilio-config.ts

@@ -20,7 +20,7 @@ export interface TwilioConfig {
 
 /**
  * Resolve the Twilio phone number using a unified fallback chain so that
- * all callers (calls, SMS adapter, readiness checks, invite transports)
+ * all callers (calls, readiness checks, invite transports)
  * agree on the same number.
  *
  * Resolution order:

package/src/calls/types.ts

@@ -58,7 +58,7 @@ export type PendingQuestionStatus =
  * uses this as the primary signal for deterministic flow selection,
  * with Twilio setup custom parameters as a secondary/observability signal.
  */
-export type CallMode = "normal" | "verification";
+export type CallMode = "normal" | "verification" | "invite";
 
 export interface CallSession {
   id: string;
@@ -71,6 +71,8 @@ export interface CallSession {
   status: CallStatus;
   callMode: CallMode | null;
   verificationSessionId: string | null;
+  inviteFriendName: string | null;
+  inviteGuardianName: string | null;
   callerIdentityMode: string | null;
   callerIdentitySource: string | null;
   initiatedFromConversationId?: string | null;

package/src/cli/commands/doctor.ts

@@ -3,8 +3,10 @@ import { existsSync, readFileSync, statSync } from "node:fs";
 
 import type { Command } from "commander";
 
+import { getRuntimeHttpPort } from "../../config/env.js";
 import { loadRawConfig } from "../../config/loader.js";
 import { shouldAutoStartDaemon } from "../../daemon/connection-policy.js";
+import { isHttpHealthy } from "../../daemon/daemon-control.js";
 import {
   getDbPath,
   getLogPath,
@@ -13,7 +15,6 @@ import {
   getWorkspaceHooksDir,
   getWorkspaceSkillsDir,
 } from "../../util/platform.js";
-import { getHttpBaseUrl, httpHealthCheck } from "../http-client.js";
 import { log } from "../logger.js";
 
 export function registerDoctorCommand(program: Command): void {
@@ -57,7 +58,7 @@ Examples:
       log.info("Vellum Doctor\n");
 
       // 0. Connection policy info
-      const httpUrl = getHttpBaseUrl();
+      const httpUrl = `http://127.0.0.1:${getRuntimeHttpPort()}`;
       const autostart = shouldAutoStartDaemon();
       log.info(`  HTTP:      ${httpUrl}`);
       log.info(`  Autostart: ${autostart ? "enabled" : "disabled"}\n`);
@@ -103,7 +104,7 @@ Examples:
 
       // 3. Daemon reachable (HTTP health check)
       try {
-        const healthy = await httpHealthCheck(2000);
+        const healthy = await isHttpHealthy();
         if (healthy) {
           pass("Assistant reachable");
         } else {