@vellumai/assistant 0.4.49 → 0.4.51

package/src/tools/network/script-proxy/session-manager.ts

@@ -19,7 +19,7 @@ import {
   routeConnection,
   stripQueryString,
 } from "../../../outbound-proxy/index.js";
-import { getSecureKey } from "../../../security/secure-keys.js";
+import { getSecureKeyAsync } from "../../../security/secure-keys.js";
 import { getLogger } from "../../../util/logger.js";
 import { silentlyWithLog } from "../../../util/silently.js";
 import {
@@ -97,10 +97,10 @@ const acquireLocks = new Map<string, Promise<ProxySession>>();
  * Handles optional composition with a second credential and value transforms.
  * Returns null if any referenced credential cannot be resolved.
  */
-function buildInjectedValue(
+async function buildInjectedValue(
   tpl: CredentialInjectionTemplate,
   primaryValue: string,
-): string | null {
+): Promise<string | null> {
   let value = primaryValue;
 
   if (tpl.composeWith) {
@@ -109,7 +109,7 @@ function buildInjectedValue(
       tpl.composeWith.field,
     );
     if (!composed) return null;
-    const composedValue = getSecureKey(composed.storageKey);
+    const composedValue = await getSecureKeyAsync(composed.storageKey);
     if (!composedValue) return null;
     value = `${value}${tpl.composeWith.separator}${composedValue}`;
   }
@@ -311,10 +311,10 @@ export async function startSession(
           if (tpl.injectionType === "header" && tpl.headerName) {
             const resolved = resolveById(credId);
             if (!resolved) return req.headers;
-            const value = getSecureKey(resolved.storageKey);
+            const value = await getSecureKeyAsync(resolved.storageKey);
             if (!value) return req.headers;
 
-            const headerValue = buildInjectedValue(tpl, value);
+            const headerValue = await buildInjectedValue(tpl, value);
             if (!headerValue) {
               log.warn(
                 { host: req.hostname, credentialId: credId },
@@ -399,11 +399,11 @@ export async function startSession(
         const { credentialId, template } = decision;
         const resolved = resolveById(credentialId);
         if (!resolved) return {};
-        const value = getSecureKey(resolved.storageKey);
+        const value = await getSecureKeyAsync(resolved.storageKey);
         if (!value) return {};
 
         if (template.injectionType === "header" && template.headerName) {
-          const headerValue = buildInjectedValue(template, value);
+          const headerValue = await buildInjectedValue(template, value);
           if (!headerValue) {
             log.warn(
               { hostname, credentialId },

package/src/tools/schedule/create.ts

@@ -22,8 +22,15 @@ const VALID_ROUTING_INTENTS: RoutingIntent[] = [
 
 export async function executeScheduleCreate(
   input: Record<string, unknown>,
-  _context: ToolContext,
+  context: ToolContext,
 ): Promise<ToolExecutionResult> {
+  if (context.trustClass !== "guardian") {
+    return {
+      content:
+        "Error: schedule_create is restricted to guardian actors because schedules execute with elevated privileges.",
+      isError: true,
+    };
+  }
   const name = input.name as string;
   const timezone = (input.timezone as string) ?? null;
   const message = input.message as string;
@@ -108,7 +115,7 @@ export async function executeScheduleCreate(
       });
 
       const fireDate = formatLocalDate(job.nextRunAt);
-      const integrations = formatIntegrationSummary();
+      const integrations = await formatIntegrationSummary();
       return {
         content: [
           `One-shot schedule created successfully.`,
@@ -190,7 +197,7 @@ export async function executeScheduleCreate(
           : describeCronExpression(job.cronExpression);
 
     const nextRunDate = formatLocalDate(job.nextRunAt);
-    const integrations = formatIntegrationSummary();
+    const integrations = await formatIntegrationSummary();
     return {
       content: [
         `Recurring schedule created successfully.`,

package/src/tools/schedule/update.ts

@@ -25,8 +25,15 @@ const VALID_ROUTING_INTENTS: RoutingIntent[] = [
 
 export async function executeScheduleUpdate(
   input: Record<string, unknown>,
-  _context: ToolContext,
+  context: ToolContext,
 ): Promise<ToolExecutionResult> {
+  if (context.trustClass !== "guardian") {
+    return {
+      content:
+        "Error: schedule_update is restricted to guardian actors because schedules execute with elevated privileges.",
+      isError: true,
+    };
+  }
   const jobId = input.job_id as string;
   if (!jobId || typeof jobId !== "string") {
     return { content: "Error: job_id is required", isError: true };

package/src/tools/skills/load.ts

@@ -8,7 +8,10 @@ import type { SkillSummary, SkillToolManifest } from "../../config/skills.js";
 import { loadSkillBySelector, loadSkillCatalog } from "../../config/skills.js";
 import { RiskLevel } from "../../permissions/types.js";
 import type { ToolDefinition } from "../../providers/types.js";
-import { autoInstallFromCatalog } from "../../skills/catalog-install.js";
+import {
+  autoInstallFromCatalog,
+  resolveCatalog,
+} from "../../skills/catalog-install.js";
 import {
   collectAllMissing,
   indexCatalogById,
@@ -191,15 +194,35 @@ export class SkillLoadTool implements Tool {
       catalogIndex = indexCatalogById(catalog);
 
       // Auto-install missing includes before validation (max 5 rounds for transitive deps)
+      // Defer catalog resolution until we confirm there are missing includes,
+      // then cache the result to avoid redundant network requests per dependency.
+      let remoteCatalog: Awaited<ReturnType<typeof resolveCatalog>> | undefined;
+
       const MAX_INSTALL_ROUNDS = 5;
       for (let round = 0; round < MAX_INSTALL_ROUNDS; round++) {
         const missing = collectAllMissing(skill.id, catalogIndex);
         if (missing.size === 0) break;
 
+        // Lazily resolve catalog on first round with missing includes
+        if (!remoteCatalog) {
+          try {
+            remoteCatalog = await resolveCatalog([...missing][0]);
+          } catch (err) {
+            log.warn(
+              { err, skillId: skill.id },
+              "Failed to resolve catalog for include auto-install",
+            );
+            break;
+          }
+        }
+
         let installedAny = false;
         for (const missingId of missing) {
           try {
-            const installed = await autoInstallFromCatalog(missingId);
+            const installed = await autoInstallFromCatalog(
+              missingId,
+              remoteCatalog,
+            );
             if (installed) {
               log.info(
                 { skillId: missingId, parentSkillId: skill.id },

package/src/watcher/provider-types.ts

@@ -28,7 +28,7 @@ export interface WatcherProvider {
   id: string;
   /** Human-readable name. */
   displayName: string;
-  /** Credential service required (e.g. 'integration:gmail'). */
+  /** Credential service required (e.g. 'integration:google'). */
   requiredCredentialService: string;
 
   /**

package/src/watcher/providers/github.ts

@@ -130,7 +130,7 @@ export const githubProvider: WatcherProvider = {
     _config: Record<string, unknown>,
     _watcherKey: string,
   ): Promise<FetchResult> {
-    const connection = resolveOAuthConnection(credentialService);
+    const connection = await resolveOAuthConnection(credentialService);
     const since = watermark ?? new Date().toISOString();
     const items: WatcherItem[] = [];
     let page = 1;

package/src/watcher/providers/gmail.ts

@@ -115,10 +115,10 @@ class HistoryExpiredError extends Error {
 export const gmailProvider: WatcherProvider = {
   id: "gmail",
   displayName: "Gmail",
-  requiredCredentialService: "integration:gmail",
+  requiredCredentialService: "integration:google",
 
   async getInitialWatermark(credentialService: string): Promise<string> {
-    const connection = resolveOAuthConnection(credentialService);
+    const connection = await resolveOAuthConnection(credentialService);
     const profile = await getProfile(connection);
     if (!profile.historyId) {
       throw new Error("Gmail profile did not return a historyId");
@@ -132,7 +132,7 @@ export const gmailProvider: WatcherProvider = {
     _config: Record<string, unknown>,
     _watcherKey: string,
   ): Promise<FetchResult> {
-    const connection = resolveOAuthConnection(credentialService);
+    const connection = await resolveOAuthConnection(credentialService);
 
     if (!watermark) {
       // No watermark — get initial position, return no items

package/src/watcher/providers/google-calendar.ts

@@ -25,7 +25,7 @@ import type {
 const log = getLogger("watcher:google-calendar");
 
 /** The credential service — calendar shares OAuth tokens with Gmail. */
-const CREDENTIAL_SERVICE = "integration:gmail";
+const CREDENTIAL_SERVICE = "integration:google";
 
 function eventToItem(event: CalendarEvent, eventType: string): WatcherItem {
   const start = event.start?.dateTime ?? event.start?.date ?? "";
@@ -125,7 +125,7 @@ export const googleCalendarProvider: WatcherProvider = {
   requiredCredentialService: CREDENTIAL_SERVICE,
 
   async getInitialWatermark(credentialService: string): Promise<string> {
-    const connection = resolveOAuthConnection(credentialService);
+    const connection = await resolveOAuthConnection(credentialService);
 
     // Do a full sync with a narrow window to get the initial syncToken.
     // The API may paginate even for small result sets, so follow nextPageToken
@@ -157,7 +157,7 @@ export const googleCalendarProvider: WatcherProvider = {
     _config: Record<string, unknown>,
     _watcherKey: string,
   ): Promise<FetchResult> {
-    const connection = resolveOAuthConnection(credentialService);
+    const connection = await resolveOAuthConnection(credentialService);
 
     if (!watermark) {
       // No watermark — paginate through to get the initial syncToken, return no items

package/src/watcher/providers/linear.ts

@@ -512,7 +512,7 @@ export const linearProvider: WatcherProvider = {
     _config: Record<string, unknown>,
     watcherKey: string,
   ): Promise<FetchResult> {
-    const connection = resolveOAuthConnection(credentialService);
+    const connection = await resolveOAuthConnection(credentialService);
     const since = watermark ?? new Date().toISOString();
 
     // Resolve the authenticated viewer's ID once per poll for the assigned-issues query

package/src/__tests__/clarification-resolver.test.ts

@@ -1,193 +0,0 @@
-import { beforeEach, describe, expect, mock, test } from "bun:test";
-
-let llmCallCount = 0;
-let llmDelayMs = 0;
-let llmResolution:
-  | "keep_existing"
-  | "keep_candidate"
-  | "merge"
-  | "still_unclear" = "still_unclear";
-let llmResolvedStatement = "";
-let llmExplanation = "Unclear response from user.";
-
-mock.module("../providers/provider-send-message.js", () => ({
-  getConfiguredProvider: () => ({
-    sendMessage: async (
-      _messages: unknown,
-      _tools: unknown,
-      _system: unknown,
-      opts?: { signal?: AbortSignal },
-    ) => {
-      llmCallCount += 1;
-      if (llmDelayMs > 0) {
-        await new Promise((resolve, reject) => {
-          const timer = setTimeout(resolve, llmDelayMs);
-          opts?.signal?.addEventListener("abort", () => {
-            clearTimeout(timer);
-            reject(new Error("Request was aborted."));
-          });
-        });
-      }
-      return {
-        content: [
-          {
-            type: "tool_use" as const,
-            id: "test-tool-use-id",
-            name: "resolve_conflict",
-            input: {
-              resolution: llmResolution,
-              resolved_statement: llmResolvedStatement,
-              explanation: llmExplanation,
-            },
-          },
-        ],
-        model: "claude-haiku-4-5-20251001",
-        stopReason: "tool_use",
-        usage: { inputTokens: 0, outputTokens: 0 },
-      };
-    },
-  }),
-  createTimeout: (ms: number) => {
-    const controller = new AbortController();
-    const timer = setTimeout(() => controller.abort(), ms);
-    return {
-      signal: controller.signal,
-      cleanup: () => clearTimeout(timer),
-    };
-  },
-  extractToolUse: (response: { content: Array<{ type: string }> }) => {
-    return response.content.find(
-      (b: { type: string }) => b.type === "tool_use",
-    );
-  },
-  userMessage: (text: string) => ({
-    role: "user",
-    content: [{ type: "text", text }],
-  }),
-}));
-
-mock.module("../config/loader.js", () => ({
-  getConfig: () => ({
-    ui: {},
-
-    apiKeys: {
-      anthropic: "test-key",
-    },
-  }),
-}));
-
-import { resolveConflictClarification } from "../memory/clarification-resolver.js";
-
-beforeEach(() => {
-  llmCallCount = 0;
-  llmDelayMs = 0;
-  llmResolution = "still_unclear";
-  llmResolvedStatement = "";
-  llmExplanation = "Unclear response from user.";
-});
-
-describe("resolveConflictClarification", () => {
-  test("returns keep_existing from deterministic heuristic", async () => {
-    const result = await resolveConflictClarification({
-      existingStatement: "Use React for frontend work.",
-      candidateStatement: "Use Vue for frontend work.",
-      userMessage: "Keep the old React preference.",
-    });
-
-    expect(result.resolution).toBe("keep_existing");
-    expect(result.strategy).toBe("heuristic");
-    expect(llmCallCount).toBe(0);
-  });
-
-  test("returns keep_candidate from deterministic heuristic", async () => {
-    const result = await resolveConflictClarification({
-      existingStatement: "Use React for frontend work.",
-      candidateStatement: "Use Vue for frontend work.",
-      userMessage: "Use the new Vue note going forward.",
-    });
-
-    expect(result.resolution).toBe("keep_candidate");
-    expect(result.strategy).toBe("heuristic");
-    expect(llmCallCount).toBe(0);
-  });
-
-  test("returns merge from deterministic heuristic", async () => {
-    const result = await resolveConflictClarification({
-      existingStatement: "React is preferred for dashboards.",
-      candidateStatement: "Vue is preferred for marketing pages.",
-      userMessage:
-        "Both are true: React for dashboards and Vue for marketing pages.",
-    });
-
-    expect(result.resolution).toBe("merge");
-    expect(result.strategy).toBe("heuristic");
-    expect(result.resolvedStatement).toContain("Both are true");
-    expect(llmCallCount).toBe(0);
-  });
-
-  test("uses LLM fallback when heuristics are inconclusive", async () => {
-    llmResolution = "still_unclear";
-    llmExplanation = "The user message does not pick a side.";
-
-    const result = await resolveConflictClarification({
-      existingStatement: "Use React for frontend work.",
-      candidateStatement: "Use Vue for frontend work.",
-      userMessage: "Not sure yet.",
-    });
-
-    expect(result.resolution).toBe("still_unclear");
-    expect(result.strategy).toBe("llm");
-    expect(llmCallCount).toBe(1);
-  });
-
-  test("does not match cue substrings inside unrelated words", async () => {
-    llmResolution = "keep_candidate";
-    llmExplanation = "User wants Vue.";
-
-    // "told" contains "old" as a substring but not as a whole word
-    const result = await resolveConflictClarification({
-      existingStatement: "Use React for frontend work.",
-      candidateStatement: "Use Vue for frontend work.",
-      userMessage: "I told you, use Vue.",
-    });
-
-    expect(result.resolution).toBe("keep_candidate");
-    expect(result.strategy).toBe("llm");
-    expect(llmCallCount).toBe(1);
-  });
-
-  test("delegates to LLM when multiple cue categories match", async () => {
-    llmResolution = "keep_existing";
-    llmExplanation = "User wants the old one.";
-
-    // "either" is a merge cue, "old" is an existing cue — ambiguous
-    const result = await resolveConflictClarification({
-      existingStatement: "Use React for frontend work.",
-      candidateStatement: "Use Vue for frontend work.",
-      userMessage: "I don't want either, keep the old one.",
-    });
-
-    expect(result.resolution).toBe("keep_existing");
-    expect(result.strategy).toBe("llm");
-    expect(llmCallCount).toBe(1);
-  });
-
-  test("enforces timeout bound on LLM fallback", async () => {
-    llmResolution = "keep_candidate";
-    llmExplanation = "Prefer the newer statement.";
-    llmDelayMs = 50;
-
-    const result = await resolveConflictClarification(
-      {
-        existingStatement: "Use React for frontend work.",
-        candidateStatement: "Use Vue for frontend work.",
-        userMessage: "I cannot decide right now.",
-      },
-      { timeoutMs: 5 },
-    );
-
-    expect(result.resolution).toBe("still_unclear");
-    expect(result.strategy).toBe("llm_timeout");
-    expect(llmCallCount).toBe(1);
-  });
-});

package/src/__tests__/conflict-intent-tokenization.test.ts

@@ -1,160 +0,0 @@
-import { describe, expect, test } from "bun:test";
-
-import {
-  areStatementsCoherent,
-  computeConflictRelevance,
-  overlapRatio as _overlapRatio,
-  tokenizeForConflictRelevance as _tokenizeForConflictRelevance,
-} from "../memory/conflict-intent.js";
-
-describe("tokenizeForConflictRelevance hardening", () => {
-  test("excludes numeric-only tokens from relevance", () => {
-    const relevance = computeConflictRelevance("Check PR 5526", {
-      existingStatement: "Track PR 5525 for review.",
-      candidateStatement: "Track PR 5526 for review.",
-    });
-    // Numeric tokens "5526" and "5525" should be excluded, so overlap is minimal
-    expect(relevance).toBeLessThan(0.5);
-  });
-
-  test("excludes URL boilerplate tokens from relevance", () => {
-    const relevance = computeConflictRelevance(
-      "Check https://github.com/org/repo/pull/123",
-      {
-        existingStatement: "Review https://github.com/org/repo/pull/456",
-        candidateStatement: "Review https://github.com/org/repo/pull/789",
-      },
-    );
-    // URL tokens like "https", "github", "pull" should be excluded;
-    // only real content tokens like "repo" remain, keeping relevance low
-    expect(relevance).toBeLessThanOrEqual(0.5);
-  });
-
-  test("URL-embedded tracking tokens are stripped, standalone usage preserved", () => {
-    // URLs containing "issue", "pull", etc. are stripped entirely before tokenizing
-    const urlRelevance = computeConflictRelevance(
-      "Check https://github.com/org/repo/issues/42",
-      {
-        existingStatement: "Review https://github.com/org/repo/issues/10",
-        candidateStatement: "Review https://github.com/org/repo/issues/11",
-      },
-    );
-    expect(urlRelevance).toBeLessThanOrEqual(0.5);
-
-    // Standalone "issue" is preserved as a meaningful token
-    const standaloneRelevance = computeConflictRelevance(
-      "should I file an issue?",
-      {
-        existingStatement: "File an issue when bugs are found.",
-        candidateStatement: "Skip filing an issue for minor bugs.",
-      },
-    );
-    expect(standaloneRelevance).toBeGreaterThan(0);
-  });
-
-  test("strips scheme-less bare domain URLs from relevance", () => {
-    const relevance = computeConflictRelevance(
-      "Check github.com/org/repo/pull/123",
-      {
-        existingStatement: "Review gitlab.com/org/repo/issues/456",
-        candidateStatement: "Review github.com/org/repo/pull/789",
-      },
-    );
-    // Bare URLs should be stripped entirely; tokens like "pull", "issues"
-    // embedded in paths must not contribute to overlap
-    expect(relevance).toBeLessThanOrEqual(0.5);
-  });
-
-  test("preserves dotted identifiers that look like file paths", () => {
-    const relevance = computeConflictRelevance("Use index.ts/runtime parser", {
-      existingStatement: "Keep index.ts/runtime approach.",
-      candidateStatement: "Switch to config.ts/runtime approach.",
-    });
-    // File-like identifiers should NOT be stripped as URLs
-    expect(relevance).toBeGreaterThan(0);
-  });
-
-  test("still computes meaningful relevance for real content tokens", () => {
-    const relevance = computeConflictRelevance(
-      "Should I use React for frontend?",
-      {
-        existingStatement: "Use React for frontend work.",
-        candidateStatement: "Use Vue for frontend work.",
-      },
-    );
-    // Real content tokens like "react", "frontend" should still match
-    expect(relevance).toBeGreaterThan(0);
-  });
-});
-
-describe("statement coherence (areStatementsCoherent)", () => {
-  test("unrelated statements are incoherent", () => {
-    expect(
-      areStatementsCoherent(
-        "The default model for the summarize CLI is google/gemini-3-flash-preview.",
-        "User's favorite color is blue.",
-      ),
-    ).toBe(false);
-  });
-
-  test("related statements are coherent", () => {
-    expect(
-      areStatementsCoherent(
-        "User's favorite color is blue.",
-        "User's favorite color is green.",
-      ),
-    ).toBe(true);
-  });
-
-  test("topically similar preferences are coherent", () => {
-    expect(
-      areStatementsCoherent(
-        "Use React for frontend work.",
-        "Use Vue for frontend work.",
-      ),
-    ).toBe(true);
-  });
-
-  test("completely disjoint technical topics are incoherent", () => {
-    expect(
-      areStatementsCoherent(
-        "Always use PostgreSQL for database storage.",
-        "The preferred terminal font is JetBrains Mono.",
-      ),
-    ).toBe(false);
-  });
-
-  test("short technical terms (3 chars) are preserved for coherence", () => {
-    // "vim" and "css" are 3 chars — should not be filtered
-    expect(
-      areStatementsCoherent(
-        "Use Vim for editing.",
-        "Use Emacs instead of Vim.",
-      ),
-    ).toBe(true);
-
-    expect(
-      areStatementsCoherent(
-        "Use CSS grid for layouts.",
-        "Use CSS flexbox for layouts.",
-      ),
-    ).toBe(true);
-
-    expect(
-      areStatementsCoherent(
-        "Use npm for installs.",
-        "Use npm with --legacy-peer-deps.",
-      ),
-    ).toBe(true);
-  });
-
-  test("short terms with no shared context are still incoherent", () => {
-    // No shared tokens at all — completely different topics
-    expect(
-      areStatementsCoherent(
-        "Vim is the preferred editor.",
-        "CSS grid handles page layouts.",
-      ),
-    ).toBe(false);
-  });
-});