@vellumai/assistant 0.4.53 → 0.4.55

package/src/prompts/system-prompt.ts

@@ -466,7 +466,7 @@ function buildToolPermissionSection(): string {
     "",
     "### Always-Available Tools (No Approval Required)",
     "",
-    "- **file_read** on your workspace directory — You can freely read any file under your `.vellum` workspace at any time. Use this proactively to check files, load context, and inform your responses without asking. **Always use `file_read` for workspace files (IDENTITY.md, USER.md, SOUL.md, etc.), never `host_file_read`.**",
+    "- **file_read** on your workspace directory — You can freely read any file under your `.vellum` workspace at any time. Use this proactively to check files, load context, and inform your responses without asking. **Always use `file_read` for workspace files, never `host_file_read`.** Note: your core prompt files (IDENTITY.md, SOUL.md, USER.md) are already loaded into your system prompt — no need to re-read them at the start of a conversation.",
     "- **web_search** — You can search the web at any time without approval. Use this to look up documentation, current information, or anything you need.",
   ].join("\n");
 }
@@ -706,7 +706,7 @@ function buildLearningMemorySection(): string {
     "",
     "When you make a mistake, hit a dead end, or discover something non-obvious, save it to memory so you don't repeat it.",
     "",
-    'Use `memory_manage` with `op: "save", kind: "learning"` for:',
+    'Use `memory_manage` with `op: "save", kind: "constraint"` for:',
     "- **Mistakes and corrections** — wrong assumptions, failed approaches, gotchas you ran into",
     "- **Discoveries** — undocumented behaviors, surprising API quirks, things that weren't obvious",
     "- **Working solutions** — the approach that actually worked after trial and error",
@@ -715,8 +715,8 @@ function buildLearningMemorySection(): string {
     "The statement should capture both what happened and the takeaway. Write it as advice to your future self.",
     "",
     "Examples:",
-    '- `memory_manage({ op: "save", kind: "learning", subject: "macOS Shortcuts CLI", statement: "shortcuts CLI requires full disk access to export shortcuts — if permission is denied, guide the user to grant it in System Settings rather than retrying." })`',
-    '- `memory_manage({ op: "save", kind: "learning", subject: "Gmail API pagination", statement: "Gmail search returns max 100 results per page. Always check nextPageToken and loop if the user asks for \'all\' messages." })`',
+    '- `memory_manage({ op: "save", kind: "constraint", subject: "macOS Shortcuts CLI", statement: "shortcuts CLI requires full disk access to export shortcuts — if permission is denied, guide the user to grant it in System Settings rather than retrying." })`',
+    '- `memory_manage({ op: "save", kind: "constraint", subject: "Gmail API pagination", statement: "Gmail search returns max 100 results per page. Always check nextPageToken and loop if the user asks for \'all\' messages." })`',
     "",
     "Don't overthink it. If you catch yourself thinking \"I'll remember that for next time,\" save it.",
   ].join("\n");

package/src/prompts/templates/SOUL.md

@@ -34,7 +34,7 @@ You are your own entity, with an identity that’s still forming. You can have t
 
 ## Continuity
 
-Each session, you wake up fresh. Your workspace files and saved memories are your continuity — they're how you persist across conversations. Read them. Update them. Save what matters.
+Each session, you wake up fresh. Your workspace files and saved memories are your continuity — they're how you persist across conversations. Your core prompt files (IDENTITY.md, SOUL.md, USER.md) are already loaded into this conversation — you don't need to read them again. Update them when things change. Save what matters.
 
 If you change this file, tell your user — it's your soul, and they should know.
 

package/src/providers/managed-proxy/constants.ts

@@ -19,12 +19,16 @@ export interface ManagedProviderMeta {
  * Explicit provider metadata for all known providers.
  * Managed providers get a deterministic proxy path; non-managed providers
  * are marked accordingly and have no proxy path.
+ *
+ * This table describes managed proxy routing capability only. It does not
+ * control which providers auto-bootstrap into the text-model registry when
+ * managed credentials are present; that policy lives in the registry/context
+ * fallback allowlists.
  */
 export const MANAGED_PROVIDER_META: Record<string, ManagedProviderMeta> = {
   openai: {
     name: "openai",
-    managed: true,
-    proxyPath: "/v1/runtime-proxy/openai",
+    managed: false,
   },
   anthropic: {
     name: "anthropic",
@@ -38,13 +42,11 @@ export const MANAGED_PROVIDER_META: Record<string, ManagedProviderMeta> = {
   },
   fireworks: {
     name: "fireworks",
-    managed: true,
-    proxyPath: "/v1/runtime-proxy/fireworks",
+    managed: false,
   },
   openrouter: {
     name: "openrouter",
-    managed: true,
-    proxyPath: "/v1/runtime-proxy/openrouter",
+    managed: false,
   },
   vertex: {
     name: "vertex",
@@ -54,7 +56,3 @@ export const MANAGED_PROVIDER_META: Record<string, ManagedProviderMeta> = {
   ollama: { name: "ollama", managed: false },
 };
 
-/** Provider names that support managed proxy routing. */
-export const MANAGED_PROVIDER_NAMES = Object.entries(MANAGED_PROVIDER_META)
-  .filter(([, meta]) => meta.managed)
-  .map(([name]) => name);

package/src/providers/managed-proxy/context.ts

@@ -11,7 +11,7 @@
 
 import { getPlatformBaseUrl } from "../../config/env.js";
 import { credentialKey } from "../../security/credential-key.js";
-import { getSecureKey } from "../../security/secure-keys.js";
+import { getSecureKeyAsync } from "../../security/secure-keys.js";
 import { MANAGED_PROVIDER_META } from "./constants.js";
 
 /** Storage key for the assistant API key credential. */
@@ -35,9 +35,10 @@ export interface ManagedProxyContext {
  * Returns an enabled context only when both the platform base URL and
  * the assistant API key are present. Otherwise returns a disabled context.
  */
-export function resolveManagedProxyContext(): ManagedProxyContext {
+export async function resolveManagedProxyContext(): Promise<ManagedProxyContext> {
   const platformBaseUrl = getPlatformBaseUrl().replace(/\/+$/, "");
-  const assistantApiKey = getSecureKey(ASSISTANT_API_KEY_STORAGE_KEY) ?? "";
+  const assistantApiKey =
+    (await getSecureKeyAsync(ASSISTANT_API_KEY_STORAGE_KEY)) ?? "";
 
   const enabled = !!platformBaseUrl && !!assistantApiKey;
 
@@ -48,8 +49,8 @@ export function resolveManagedProxyContext(): ManagedProxyContext {
  * Check whether managed proxy prerequisites are available.
  * Shorthand for checking that both platform URL and assistant API key exist.
  */
-export function hasManagedProxyPrereqs(): boolean {
-  return resolveManagedProxyContext().enabled;
+export async function hasManagedProxyPrereqs(): Promise<boolean> {
+  return (await resolveManagedProxyContext()).enabled;
 }
 
 /**
@@ -58,11 +59,13 @@ export function hasManagedProxyPrereqs(): boolean {
  * Combines the platform base URL with the provider's deterministic proxy path.
  * Returns undefined if the provider is not managed or prerequisites are missing.
  */
-export function buildManagedBaseUrl(provider: string): string | undefined {
+export async function buildManagedBaseUrl(
+  provider: string,
+): Promise<string | undefined> {
   const meta = MANAGED_PROVIDER_META[provider];
   if (!meta?.managed || !meta.proxyPath) return undefined;
 
-  const ctx = resolveManagedProxyContext();
+  const ctx = await resolveManagedProxyContext();
   if (!ctx.enabled) return undefined;
 
   return `${ctx.platformBaseUrl}${meta.proxyPath}`;
@@ -74,8 +77,10 @@ export function buildManagedBaseUrl(provider: string): string | undefined {
  * Returns true when the provider supports managed proxy routing and
  * all prerequisites (platform URL + assistant API key) are satisfied.
  */
-export function managedFallbackEnabledFor(provider: string): boolean {
+export async function managedFallbackEnabledFor(
+  provider: string,
+): Promise<boolean> {
   const meta = MANAGED_PROVIDER_META[provider];
   if (!meta?.managed) return false;
-  return hasManagedProxyPrereqs();
+  return await hasManagedProxyPrereqs();
 }

package/src/providers/provider-send-message.ts

@@ -40,12 +40,12 @@ let fallbackWarningLogged = false;
  *
  * Returns `null` when no providers are available at all.
  */
-export function resolveConfiguredProvider(): ConfiguredProviderResult | null {
+export async function resolveConfiguredProvider(): Promise<ConfiguredProviderResult | null> {
   const config = getConfig();
 
   if (listProviders().length === 0) {
     try {
-      initializeProviders(config);
+      await initializeProviders(config);
     } catch {
       return null;
     }
@@ -89,8 +89,8 @@ export function resolveConfiguredProvider(): ConfiguredProviderResult | null {
  *
  * Returns `null` when no providers are available.
  */
-export function getConfiguredProvider(): Provider | null {
-  const result = resolveConfiguredProvider();
+export async function getConfiguredProvider(): Promise<Provider | null> {
+  const result = await resolveConfiguredProvider();
   return result?.provider ?? null;
 }
 
@@ -170,51 +170,3 @@ export function extractToolUse(
 export function userMessage(text: string): Message {
   return { role: "user", content: [{ type: "text", text }] };
 }
-
-/**
- * Build a single user message with image + text content.
- */
-export function userMessageWithImage(
-  imageBase64: string,
-  mediaType: string,
-  text: string,
-): Message {
-  return {
-    role: "user",
-    content: [
-      {
-        type: "image",
-        source: {
-          type: "base64",
-          media_type: mediaType,
-          data: imageBase64,
-        },
-      },
-      { type: "text", text },
-    ],
-  };
-}
-
-/**
- * Build a single user message with multiple images followed by a text block.
- * Each image becomes its own content block; the text block comes last.
- */
-export function userMessageWithImages(
-  images: Array<{ base64: string; mediaType: string }>,
-  text: string,
-): Message {
-  return {
-    role: "user",
-    content: [
-      ...images.map((img) => ({
-        type: "image" as const,
-        source: {
-          type: "base64" as const,
-          media_type: img.mediaType,
-          data: img.base64,
-        },
-      })),
-      { type: "text" as const, text },
-    ],
-  };
-}

package/src/providers/registry.ts

@@ -1,5 +1,5 @@
 import { wrapWithLogfire } from "../logfire.js";
-import { getSecureKey } from "../security/secure-keys.js";
+import { getSecureKeyAsync } from "../security/secure-keys.js";
 import { ConfigError, ProviderNotConfiguredError } from "../util/errors.js";
 import { AnthropicProvider } from "./anthropic/client.js";
 import { FailoverProvider, type ProviderHealthStatus } from "./failover.js";
@@ -202,7 +202,9 @@ export function getProviderDebugStatus(
   };
 }
 
-export function initializeProviders(config: ProvidersConfig): void {
+export async function initializeProviders(
+  config: ProvidersConfig,
+): Promise<void> {
   providers.clear();
   routingSources.clear();
   cachedFailoverProvider = null;
@@ -211,7 +213,7 @@ export function initializeProviders(config: ProvidersConfig): void {
   const streamTimeoutMs =
     (config.timeouts?.providerStreamTimeoutSec ?? 300) * 1000;
 
-  const anthropicKey = getSecureKey("anthropic");
+  const anthropicKey = await getSecureKeyAsync("anthropic");
   if (anthropicKey) {
     const model = resolveModel(config, "anthropic");
     registerProvider(
@@ -228,9 +230,9 @@ export function initializeProviders(config: ProvidersConfig): void {
     routingSources.set("anthropic", "user-key");
   } else {
     // No user Anthropic key — route through managed proxy
-    const managedBaseUrl = buildManagedBaseUrl("anthropic");
+    const managedBaseUrl = await buildManagedBaseUrl("anthropic");
     if (managedBaseUrl) {
-      const ctx = resolveManagedProxyContext();
+      const ctx = await resolveManagedProxyContext();
       const model = resolveModel(config, "anthropic");
       registerProvider(
         "anthropic",
@@ -248,7 +250,7 @@ export function initializeProviders(config: ProvidersConfig): void {
       routingSources.set("anthropic", "managed-proxy");
     }
   }
-  const openaiKey = getSecureKey("openai");
+  const openaiKey = await getSecureKeyAsync("openai");
   if (openaiKey) {
     const model = resolveModel(config, "openai");
     registerProvider(
@@ -261,9 +263,9 @@ export function initializeProviders(config: ProvidersConfig): void {
     );
     routingSources.set("openai", "user-key");
   } else {
-    const managedBaseUrl = buildManagedBaseUrl("openai");
+    const managedBaseUrl = await buildManagedBaseUrl("openai");
     if (managedBaseUrl) {
-      const ctx = resolveManagedProxyContext();
+      const ctx = await resolveManagedProxyContext();
       const model = resolveModel(config, "openai");
       registerProvider(
         "openai",
@@ -279,7 +281,7 @@ export function initializeProviders(config: ProvidersConfig): void {
       routingSources.set("openai", "managed-proxy");
     }
   }
-  const geminiKey = getSecureKey("gemini");
+  const geminiKey = await getSecureKeyAsync("gemini");
   if (geminiKey) {
     const model = resolveModel(config, "gemini");
     registerProvider(
@@ -293,9 +295,9 @@ export function initializeProviders(config: ProvidersConfig): void {
     routingSources.set("gemini", "user-key");
   } else {
     // No user Gemini key — route through Vertex managed proxy
-    const managedBaseUrl = buildManagedBaseUrl("vertex");
+    const managedBaseUrl = await buildManagedBaseUrl("vertex");
     if (managedBaseUrl) {
-      const ctx = resolveManagedProxyContext();
+      const ctx = await resolveManagedProxyContext();
       const model = resolveModel(config, "gemini");
       registerProvider(
         "gemini",
@@ -311,7 +313,7 @@ export function initializeProviders(config: ProvidersConfig): void {
       routingSources.set("gemini", "managed-proxy");
     }
   }
-  const ollamaKey = getSecureKey("ollama");
+  const ollamaKey = await getSecureKeyAsync("ollama");
   if (config.provider === "ollama" || ollamaKey) {
     const model = resolveModel(config, "ollama");
     registerProvider(
@@ -327,7 +329,7 @@ export function initializeProviders(config: ProvidersConfig): void {
     );
     routingSources.set("ollama", "user-key");
   }
-  const fireworksKey = getSecureKey("fireworks");
+  const fireworksKey = await getSecureKeyAsync("fireworks");
   if (fireworksKey) {
     const model = resolveModel(config, "fireworks");
     registerProvider(
@@ -341,26 +343,8 @@ export function initializeProviders(config: ProvidersConfig): void {
       ),
     );
     routingSources.set("fireworks", "user-key");
-  } else {
-    const managedBaseUrl = buildManagedBaseUrl("fireworks");
-    if (managedBaseUrl) {
-      const ctx = resolveManagedProxyContext();
-      const model = resolveModel(config, "fireworks");
-      registerProvider(
-        "fireworks",
-        new RetryProvider(
-          wrapWithLogfire(
-            new FireworksProvider(ctx.assistantApiKey, model, {
-              baseURL: managedBaseUrl,
-              streamTimeoutMs,
-            }),
-          ),
-        ),
-      );
-      routingSources.set("fireworks", "managed-proxy");
-    }
   }
-  const openrouterKey = getSecureKey("openrouter");
+  const openrouterKey = await getSecureKeyAsync("openrouter");
   if (openrouterKey) {
     const model = resolveModel(config, "openrouter");
     registerProvider(
@@ -374,23 +358,5 @@ export function initializeProviders(config: ProvidersConfig): void {
       ),
     );
     routingSources.set("openrouter", "user-key");
-  } else {
-    const managedBaseUrl = buildManagedBaseUrl("openrouter");
-    if (managedBaseUrl) {
-      const ctx = resolveManagedProxyContext();
-      const model = resolveModel(config, "openrouter");
-      registerProvider(
-        "openrouter",
-        new RetryProvider(
-          wrapWithLogfire(
-            new OpenRouterProvider(ctx.assistantApiKey, model, {
-              baseURL: managedBaseUrl,
-              streamTimeoutMs,
-            }),
-          ),
-        ),
-      );
-      routingSources.set("openrouter", "managed-proxy");
-    }
   }
 }

package/src/runtime/actor-token-store.ts

@@ -155,29 +155,6 @@ export function revokeByDeviceBinding(
   return matching.length;
 }
 
-/**
- * Find all active actor token records for a given guardianPrincipalId.
- * Used for multi-device guardian fanout — returns all bound devices (macOS, iOS, etc.)
- * so notification targeting can reach every device for the same guardian identity.
- */
-export function findActiveByGuardianPrincipalId(
-  guardianPrincipalId: string,
-): ActorTokenRecord[] {
-  const db = getDb();
-  const rows = db
-    .select()
-    .from(actorTokenRecords)
-    .where(
-      and(
-        eq(actorTokenRecords.guardianPrincipalId, guardianPrincipalId),
-        eq(actorTokenRecords.status, "active"),
-      ),
-    )
-    .all();
-
-  return rows.map(rowToRecord);
-}
-
 /**
  * Revoke a single token by its hash.
  */

package/src/runtime/auth/__tests__/guard-tests.test.ts

@@ -8,6 +8,7 @@
  * 2. No X-Actor-Token references in production code.
  * 3. No legacy gateway-origin proof in production code.
  * 4. Scope profile contract — every profile resolves to the expected scopes.
+ * 5. CURRENT_POLICY_EPOCH sync — the constant matches across all packages.
  */
 
 import { execSync } from "node:child_process";
@@ -330,3 +331,66 @@ describe("scope profile contract", () => {
     }
   });
 });
+
+// ---------------------------------------------------------------------------
+// 5. CURRENT_POLICY_EPOCH sync across packages
+// ---------------------------------------------------------------------------
+
+describe("CURRENT_POLICY_EPOCH sync", () => {
+  /**
+   * The policy epoch constant is duplicated in assistant, gateway, and cli
+   * packages. This test reads the exported value from each source file and
+   * asserts they are all equal.
+   */
+
+  const EPOCH_FILES = [
+    {
+      label: "assistant",
+      path: resolve(PROJECT_ROOT, "assistant/src/runtime/auth/policy.ts"),
+    },
+    {
+      label: "gateway",
+      path: resolve(PROJECT_ROOT, "gateway/src/auth/policy.ts"),
+    },
+    {
+      label: "cli",
+      path: resolve(PROJECT_ROOT, "cli/src/lib/policy.ts"),
+    },
+  ];
+
+  function extractEpoch(filePath: string): number {
+    const src = readFileSync(filePath, "utf-8");
+    const match = src.match(
+      /export\s+const\s+CURRENT_POLICY_EPOCH\s*=\s*(\d+)/,
+    );
+    if (!match) {
+      throw new Error(`Could not find CURRENT_POLICY_EPOCH in ${filePath}`);
+    }
+    return parseInt(match[1], 10);
+  }
+
+  test("all non-skill packages export the same CURRENT_POLICY_EPOCH value", () => {
+    const values = EPOCH_FILES.map((f) => ({
+      label: f.label,
+      epoch: extractEpoch(f.path),
+    }));
+
+    const canonical = values[0];
+    const mismatches = values.filter((v) => v.epoch !== canonical.epoch);
+
+    if (mismatches.length > 0) {
+      const summary = values
+        .map((v) => `  - ${v.label}: ${v.epoch}`)
+        .join("\n");
+      const message = [
+        "CURRENT_POLICY_EPOCH is out of sync across packages:",
+        "",
+        summary,
+        "",
+        "All three locations must have the same value.",
+        "The canonical source is assistant/src/runtime/auth/policy.ts.",
+      ].join("\n");
+      expect(mismatches, message).toEqual([]);
+    }
+  });
+});

package/src/runtime/http-router.ts

@@ -86,10 +86,14 @@ export class HttpRouter {
     server: ReturnType<typeof Bun.serve>,
     authContext: AuthContext,
   ): Promise<Response | null> {
+    // Normalize trailing slashes so "/integrations/twilio/config/" matches
+    // a route defined as "integrations/twilio/config".
+    const normalized = endpoint.endsWith("/") ? endpoint.slice(0, -1) : endpoint;
+
     for (const compiled of this.compiledRoutes) {
       if (compiled.def.method !== req.method) continue;
 
-      const match = endpoint.match(compiled.regex);
+      const match = normalized.match(compiled.regex);
       if (!match) continue;
 
       // Extract named params

package/src/runtime/http-server.ts

@@ -42,6 +42,10 @@ import {
   recordConversationSeenSignal,
   type SignalType,
 } from "../memory/conversation-attention-store.js";
+import {
+  getConversation,
+  getDisplayMetaForConversations,
+} from "../memory/conversation-crud.js";
 import {
   countConversations,
   listConversations,
@@ -271,16 +275,16 @@ export class RuntimeHttpServer {
   }
 
   private get pairingContext(): PairingHandlerContext {
-    const ipcBroadcast = this.pairingBroadcast;
+    const broadcast = this.pairingBroadcast;
     return {
       pairingStore: this.pairingStore,
       bearerToken: this.bearerToken,
       featureFlagToken: this.readFeatureFlagToken(),
-      pairingBroadcast: ipcBroadcast
+      pairingBroadcast: broadcast
         ? (msg) => {
             // Broadcast to all clients via the event hub so HTTP/SSE clients
             // (e.g. macOS app) receive pairing approval requests.
-            ipcBroadcast(msg);
+            broadcast(msg);
             void assistantEventHub.publish(
               buildAssistantEvent(DAEMON_INTERNAL_ASSISTANT_ID, msg),
             );
@@ -795,6 +799,7 @@ export class RuntimeHttpServer {
           const conversations = listConversations(limit, false, offset);
           const totalCount = countConversations();
           const conversationIds = conversations.map((c) => c.id);
+          const displayMeta = getDisplayMetaForConversations(conversationIds);
           const bindings =
             externalConversationStore.getBindingsForConversations(
               conversationIds,
@@ -856,13 +861,22 @@ export class RuntimeHttpServer {
                   ? { conversationOriginChannel: originChannel }
                   : {}),
                 ...(assistantAttention ? { assistantAttention } : {}),
+                ...(displayMeta.get(c.id)?.isPinned
+                  ? {
+                      isPinned: true,
+                      displayOrder: displayMeta.get(c.id)!.displayOrder,
+                    }
+                  : displayMeta.get(c.id)?.displayOrder != null
+                    ? {
+                        displayOrder: displayMeta.get(c.id)!.displayOrder,
+                      }
+                    : {}),
               };
             }),
             hasMore: offset + conversations.length < totalCount,
           });
         },
       },
-
       ...conversationAttentionRouteDefinitions(),
 
       ...(this.sessionManagementDeps
@@ -933,6 +947,89 @@ export class RuntimeHttpServer {
         },
       },
 
+      // conversations/:id must be registered AFTER all literal conversations/<word>
+      // routes above (attention, seen, unread) so the parameterized :id does not
+      // shadow them.
+      {
+        endpoint: "conversations/:id",
+        method: "GET",
+        handler: ({ params }) => {
+          const conversation = getConversation(params.id);
+          if (!conversation) {
+            return httpError(
+              "NOT_FOUND",
+              `Conversation ${params.id} not found`,
+              404,
+            );
+          }
+          const bindings =
+            externalConversationStore.getBindingsForConversations([
+              conversation.id,
+            ]);
+          const attentionStates = getAttentionStateByConversationIds([
+            conversation.id,
+          ]);
+          const binding = bindings.get(conversation.id);
+          const originChannel = parseChannelId(conversation.originChannel);
+          const attn = attentionStates.get(conversation.id);
+          const assistantAttention = attn
+            ? {
+                hasUnseenLatestAssistantMessage:
+                  attn.latestAssistantMessageAt != null &&
+                  (attn.lastSeenAssistantMessageAt == null ||
+                    attn.lastSeenAssistantMessageAt <
+                      attn.latestAssistantMessageAt),
+                ...(attn.latestAssistantMessageAt != null
+                  ? {
+                      latestAssistantMessageAt: attn.latestAssistantMessageAt,
+                    }
+                  : {}),
+                ...(attn.lastSeenAssistantMessageAt != null
+                  ? {
+                      lastSeenAssistantMessageAt:
+                        attn.lastSeenAssistantMessageAt,
+                    }
+                  : {}),
+                ...(attn.lastSeenConfidence != null
+                  ? { lastSeenConfidence: attn.lastSeenConfidence }
+                  : {}),
+                ...(attn.lastSeenSignalType != null
+                  ? { lastSeenSignalType: attn.lastSeenSignalType }
+                  : {}),
+              }
+            : undefined;
+          return Response.json({
+            session: {
+              id: conversation.id,
+              title: conversation.title ?? "Untitled",
+              createdAt: conversation.createdAt,
+              updatedAt: conversation.updatedAt,
+              threadType:
+                conversation.threadType === "private" ? "private" : "standard",
+              source: conversation.source ?? "user",
+              ...(conversation.scheduleJobId
+                ? { scheduleJobId: conversation.scheduleJobId }
+                : {}),
+              ...(binding
+                ? {
+                    channelBinding: {
+                      sourceChannel: binding.sourceChannel,
+                      externalChatId: binding.externalChatId,
+                      externalUserId: binding.externalUserId,
+                      displayName: binding.displayName,
+                      username: binding.username,
+                    },
+                  }
+                : {}),
+              ...(originChannel
+                ? { conversationOriginChannel: originChannel }
+                : {}),
+              ...(assistantAttention ? { assistantAttention } : {}),
+            },
+          });
+        },
+      },
+
       ...btwRouteDefinitions({
         sendMessageDeps: this.sendMessageDeps,
       }),