@vellumai/assistant 0.4.56 → 0.5.0

package/src/__tests__/slack-app-setup-skill-regression.test.ts

@@ -0,0 +1,37 @@
+import { readFileSync } from "node:fs";
+import { resolve } from "node:path";
+import { describe, expect, test } from "bun:test";
+
+const REPO_ROOT = resolve(import.meta.dirname ?? __dirname, "..", "..", "..");
+const SKILL_PATH = resolve(REPO_ROOT, "skills", "slack-app-setup", "SKILL.md");
+
+const skillContent = readFileSync(SKILL_PATH, "utf-8");
+
+describe("slack-app-setup skill regression", () => {
+  test("keeps Slack token collection on the secure credential prompt path", () => {
+    expect(skillContent).toContain('`credential_store` with `action: "prompt"`');
+    expect(skillContent).toContain(
+      "same Slack settings handler used by Settings",
+    );
+  });
+
+  test("forbids plaintext forms and chat-pasted secrets", () => {
+    expect(skillContent).toContain("Do NOT use `ui_show`");
+    expect(skillContent).toContain("Do NOT ask the user to paste them in chat");
+  });
+
+  test("does not instruct the agent to reimplement Slack validation in shell", () => {
+    expect(skillContent).not.toContain(
+      "assistant credentials reveal --service slack_channel",
+    );
+    expect(skillContent).not.toContain(
+      'curl -sf -X POST "https://slack.com/api/auth.test"',
+    );
+    expect(skillContent).not.toContain("assistant config set slack.teamId");
+    expect(skillContent).not.toContain("assistant config set slack.teamName");
+    expect(skillContent).not.toContain("assistant config set slack.botUserId");
+    expect(skillContent).not.toContain(
+      "assistant config set slack.botUsername",
+    );
+  });
+});

package/src/__tests__/slack-channel-config.test.ts

@@ -4,6 +4,11 @@ import { join } from "node:path";
 import { afterAll, beforeEach, describe, expect, mock, test } from "bun:test";
 
 const testDir = mkdtempSync(join(tmpdir(), "slack-channel-cfg-test-"));
+const secureStorePath = join(testDir, "keys.enc");
+const metadataPath = join(testDir, "metadata.json");
+const originalVellumDev = process.env.VELLUM_DEV;
+
+process.env.VELLUM_DEV = "1";
 
 // In-memory config store for tests
 let configStore: Record<string, unknown> = {};
@@ -84,32 +89,6 @@ mock.module("../util/logger.js", () => ({
   }),
 }));
 
-// Mock secure key storage
-let secureKeyStore: Record<string, string> = {};
-
-mock.module("../security/secure-keys.js", () => {
-  const syncSet = (account: string, value: string) => {
-    secureKeyStore[account] = value;
-    return true;
-  };
-  const syncDelete = (account: string) => {
-    if (account in secureKeyStore) {
-      delete secureKeyStore[account];
-      return "deleted" as const;
-    }
-    return "not-found" as const;
-  };
-  return {
-    getSecureKeyAsync: async (account: string) =>
-      secureKeyStore[account] ?? undefined,
-    setSecureKeyAsync: async (account: string, value: string) =>
-      syncSet(account, value),
-    deleteSecureKeyAsync: async (account: string) => syncDelete(account),
-    listSecureKeysAsync: async () => Object.keys(secureKeyStore),
-    _resetBackend: () => {},
-  };
-});
-
 // Mock oauth-store (getConnectionByProvider)
 let oauthConnectionStore: Record<
   string,
@@ -148,54 +127,28 @@ mock.module("../oauth/manual-token-connection.js", () => ({
   removeManualTokenConnection: (providerKey: string) => {
     delete oauthConnectionStore[providerKey];
   },
-}));
-
-// Mock credential metadata store
-let credentialMetadataStore: Array<{
-  service: string;
-  field: string;
-  accountInfo?: string;
-}> = [];
-
-mock.module("../tools/credentials/metadata-store.js", () => ({
-  getCredentialMetadata: (service: string, field: string) =>
-    credentialMetadataStore.find(
-      (m) => m.service === service && m.field === field,
-    ) ?? undefined,
-  upsertCredentialMetadata: (
-    service: string,
-    field: string,
-    policy?: Record<string, unknown>,
+  syncManualTokenConnection: async (
+    providerKey: string,
+    accountInfo?: string,
   ) => {
-    const existing = credentialMetadataStore.find(
-      (m) => m.service === service && m.field === field,
-    );
-    if (existing) {
-      if (policy?.accountInfo !== undefined)
-        existing.accountInfo = policy.accountInfo as string;
-      return existing;
+    const { getSecureKeyAsync } = await import("../security/secure-keys.js");
+    if (providerKey !== "slack_channel") return;
+    const hasBotToken = !!(await getSecureKeyAsync(
+      credentialKey("slack_channel", "bot_token"),
+    ));
+    const hasAppToken = !!(await getSecureKeyAsync(
+      credentialKey("slack_channel", "app_token"),
+    ));
+    if (hasBotToken && hasAppToken) {
+      oauthConnectionStore[providerKey] = {
+        id: `conn-${providerKey}`,
+        status: "active",
+        accountInfo: accountInfo ?? null,
+      };
+      return;
     }
-    const record = {
-      service,
-      field,
-      accountInfo: policy?.accountInfo as string | undefined,
-    };
-    credentialMetadataStore.push(record);
-    return record;
-  },
-  deleteCredentialMetadata: (service: string, field: string) => {
-    const idx = credentialMetadataStore.findIndex(
-      (m) => m.service === service && m.field === field,
-    );
-    if (idx !== -1) {
-      credentialMetadataStore.splice(idx, 1);
-      return true;
-    }
-    return false;
+    delete oauthConnectionStore[providerKey];
   },
-  listCredentialMetadata: () => credentialMetadataStore,
-  assertMetadataWritable: () => {},
-  _setMetadataPath: () => {},
 }));
 
 // Mock fetch for Slack API validation
@@ -207,9 +160,28 @@ import {
   setSlackChannelConfig,
 } from "../daemon/handlers/config-slack-channel.js";
 import { credentialKey } from "../security/credential-key.js";
+import { _setStorePath } from "../security/encrypted-store.js";
+import {
+  _resetBackend,
+  getSecureKeyAsync,
+  setSecureKeyAsync,
+} from "../security/secure-keys.js";
+import {
+  _setMetadataPath,
+  listCredentialMetadata,
+  upsertCredentialMetadata,
+} from "../tools/credentials/metadata-store.js";
 
 afterAll(() => {
   globalThis.fetch = originalFetch;
+  _setMetadataPath(null);
+  _setStorePath(null);
+  _resetBackend();
+  if (originalVellumDev === undefined) {
+    delete process.env.VELLUM_DEV;
+  } else {
+    process.env.VELLUM_DEV = originalVellumDev;
+  }
   try {
     rmSync(testDir, { recursive: true });
   } catch {
@@ -219,11 +191,14 @@ afterAll(() => {
 
 describe("Slack channel config handler", () => {
   beforeEach(() => {
-    secureKeyStore = {};
-    credentialMetadataStore = [];
     oauthConnectionStore = {};
     configStore = {};
     globalThis.fetch = originalFetch;
+    rmSync(secureStorePath, { force: true });
+    rmSync(metadataPath, { force: true });
+    _setStorePath(secureStorePath);
+    _resetBackend();
+    _setMetadataPath(metadataPath);
   });
 
   test("GET returns correct shape when not configured", async () => {
@@ -239,8 +214,16 @@ describe("Slack channel config handler", () => {
       id: "conn-slack",
       status: "active",
     };
-    secureKeyStore[credentialKey("slack_channel", "bot_token")] = "xoxb-test";
-    secureKeyStore[credentialKey("slack_channel", "app_token")] = "xapp-test";
+    await Promise.all([
+      setSecureKeyAsync(
+        credentialKey("slack_channel", "bot_token"),
+        "xoxb-test",
+      ),
+      setSecureKeyAsync(
+        credentialKey("slack_channel", "app_token"),
+        "xapp-test",
+      ),
+    ]);
 
     const result = await getSlackChannelConfig();
     expect(result.success).toBe(true);
@@ -249,13 +232,35 @@ describe("Slack channel config handler", () => {
     expect(result.connected).toBe(true);
   });
 
+  test("GET backfills the slack_channel connection row when chat setup stored both credentials", async () => {
+    await Promise.all([
+      setSecureKeyAsync(
+        credentialKey("slack_channel", "bot_token"),
+        "xoxb-test",
+      ),
+      setSecureKeyAsync(
+        credentialKey("slack_channel", "app_token"),
+        "xapp-test",
+      ),
+    ]);
+
+    const result = await getSlackChannelConfig();
+
+    expect(result.success).toBe(true);
+    expect(result.connected).toBe(true);
+    expect(oauthConnectionStore["slack_channel"]).toBeDefined();
+  });
+
   test("GET reports per-field token presence independently of connection row", async () => {
     // Only bot_token in keychain, no app_token, but connection row exists
     oauthConnectionStore["slack_channel"] = {
       id: "conn-slack",
       status: "active",
     };
-    secureKeyStore[credentialKey("slack_channel", "bot_token")] = "xoxb-test";
+    await setSecureKeyAsync(
+      credentialKey("slack_channel", "bot_token"),
+      "xoxb-test",
+    );
 
     const result = await getSlackChannelConfig();
     expect(result.success).toBe(true);
@@ -270,8 +275,16 @@ describe("Slack channel config handler", () => {
       id: "conn-slack",
       status: "active",
     };
-    secureKeyStore[credentialKey("slack_channel", "bot_token")] = "xoxb-test";
-    secureKeyStore[credentialKey("slack_channel", "app_token")] = "xapp-test";
+    await Promise.all([
+      setSecureKeyAsync(
+        credentialKey("slack_channel", "bot_token"),
+        "xoxb-test",
+      ),
+      setSecureKeyAsync(
+        credentialKey("slack_channel", "app_token"),
+        "xapp-test",
+      ),
+    ]);
     configStore = {
       slack: {
         teamId: "T123",
@@ -301,9 +314,9 @@ describe("Slack channel config handler", () => {
     );
     expect(result.success).toBe(true);
     expect(result.hasAppToken).toBe(true);
-    expect(secureKeyStore[credentialKey("slack_channel", "app_token")]).toBe(
-      "xapp-valid-token-123",
-    );
+    expect(
+      await getSecureKeyAsync(credentialKey("slack_channel", "app_token")),
+    ).toBe("xapp-valid-token-123");
   });
 
   test("POST validates bot token via Slack auth.test API and writes config", async () => {
@@ -357,16 +370,18 @@ describe("Slack channel config handler", () => {
   });
 
   test("DELETE clears credentials and config", async () => {
-    secureKeyStore[credentialKey("slack_channel", "bot_token")] = "xoxb-test";
-    secureKeyStore[credentialKey("slack_channel", "app_token")] = "xapp-test";
-    credentialMetadataStore.push({
-      service: "slack_channel",
-      field: "bot_token",
-    });
-    credentialMetadataStore.push({
-      service: "slack_channel",
-      field: "app_token",
-    });
+    await Promise.all([
+      setSecureKeyAsync(
+        credentialKey("slack_channel", "bot_token"),
+        "xoxb-test",
+      ),
+      setSecureKeyAsync(
+        credentialKey("slack_channel", "app_token"),
+        "xapp-test",
+      ),
+    ]);
+    upsertCredentialMetadata("slack_channel", "bot_token", {});
+    upsertCredentialMetadata("slack_channel", "app_token", {});
     configStore = {
       slack: {
         teamId: "T123",
@@ -383,12 +398,12 @@ describe("Slack channel config handler", () => {
     expect(result.connected).toBe(false);
 
     expect(
-      secureKeyStore[credentialKey("slack_channel", "bot_token")],
+      await getSecureKeyAsync(credentialKey("slack_channel", "bot_token")),
     ).toBeUndefined();
     expect(
-      secureKeyStore[credentialKey("slack_channel", "app_token")],
+      await getSecureKeyAsync(credentialKey("slack_channel", "app_token")),
     ).toBeUndefined();
-    expect(credentialMetadataStore).toHaveLength(0);
+    expect(listCredentialMetadata()).toHaveLength(0);
 
     // Assert config values were cleared
     const slack = configStore.slack as Record<string, unknown>;

package/src/__tests__/swarm-conversation-integration.test.ts

@@ -44,9 +44,9 @@ mock.module("../config/loader.js", () => ({
       "image-generation": {
         mode: "your-own",
         provider: "gemini",
-        model: "gemini-2.5-flash-image",
+        model: "gemini-3.1-flash-image-preview",
       },
-      "web-search": { mode: "your-own", provider: "anthropic-native" },
+      "web-search": { mode: "your-own", provider: "inference-provider-native" },
     },
   }),
 }));

package/src/__tests__/swarm-recursion.test.ts

@@ -56,9 +56,9 @@ mock.module("../config/loader.js", () => ({
       "image-generation": {
         mode: "your-own",
         provider: "gemini",
-        model: "gemini-2.5-flash-image",
+        model: "gemini-3.1-flash-image-preview",
       },
-      "web-search": { mode: "your-own", provider: "anthropic-native" },
+      "web-search": { mode: "your-own", provider: "inference-provider-native" },
     },
   }),
 }));

package/src/__tests__/swarm-tool.test.ts

@@ -36,9 +36,9 @@ mock.module("../config/loader.js", () => ({
       "image-generation": {
         mode: "your-own",
         provider: "gemini",
-        model: "gemini-2.5-flash-image",
+        model: "gemini-3.1-flash-image-preview",
       },
-      "web-search": { mode: "your-own", provider: "anthropic-native" },
+      "web-search": { mode: "your-own", provider: "inference-provider-native" },
     },
   }),
   getSwarmDisabledConfig: () => ({

package/src/__tests__/system-prompt.test.ts

@@ -43,9 +43,12 @@ mock.module("../util/platform.js", () => ({
   readSessionToken: () => null,
 }));
 
-const noopLogger = new Proxy({} as Record<string, unknown>, {
-  get: (_target, prop) => (prop === "child" ? () => noopLogger : () => {}),
-});
+const noopLogger: Record<string, unknown> = new Proxy(
+  {} as Record<string, unknown>,
+  {
+    get: (_target, prop) => (prop === "child" ? () => noopLogger : () => {}),
+  },
+);
 
 // eslint-disable-next-line @typescript-eslint/no-require-imports
 const realLogger = require("../util/logger.js");
@@ -62,7 +65,6 @@ mock.module("../config/loader.js", () => ({
   getConfig: () => ({
     ui: {},
 
-    sandbox: { enabled: true },
     services: {
       inference: {
         mode: "your-own",
@@ -72,9 +74,9 @@ mock.module("../config/loader.js", () => ({
       "image-generation": {
         mode: "your-own",
         provider: "gemini",
-        model: "gemini-2.5-flash-image",
+        model: "gemini-3.1-flash-image-preview",
       },
-      "web-search": { mode: "your-own", provider: "anthropic-native" },
+      "web-search": { mode: "your-own", provider: "inference-provider-native" },
     },
   }),
   loadConfig: () => ({}),
@@ -100,7 +102,6 @@ const {
   buildSystemPrompt,
   ensurePromptFiles,
   stripCommentLines,
-  buildExternalCommsIdentitySection,
   SYSTEM_PROMPT_CACHE_BOUNDARY,
 } = await import("../prompts/system-prompt.js");
 
@@ -119,16 +120,13 @@ function basePrompt(result: string): string {
     boundaryIdx >= 0
       ? result.slice(boundaryIdx + SYSTEM_PROMPT_CACHE_BOUNDARY.length)
       : result;
-  // Strip the hardcoded em-dash instruction preamble (in case boundary is absent)
-  const emDashLine =
-    "IMPORTANT: Never use em dashes (\u2014) in your messages. Use commas, periods, or just start a new sentence instead.";
-  if (s.startsWith(emDashLine)) {
-    s = s.slice(emDashLine.length).replace(/^\n\n/, "");
-  }
   for (const heading of [
     "## Configuration",
     "## Skills Catalog",
     "## Available Skills",
+    "## External Communications Identity",
+    "## Connected Services",
+    "## Dynamic Skill Authoring Workflow",
   ]) {
     if (s.startsWith(heading)) {
       s = "";
@@ -211,13 +209,7 @@ describe("buildSystemPrompt", () => {
     const result = buildSystemPrompt();
     expect(result).toContain("Custom identity");
     expect(result).toContain("## Available Skills");
-    expect(result).toContain("<available_skills>");
-    expect(result).toContain('id="release-checklist"');
-    expect(result).toContain('name="Release Checklist"');
-    expect(result).toContain('description="Deployment checks."');
-    expect(result).toContain(
-      "call `skill_load` to load the full instructions, then use `skill_execute` to invoke the skill's tools.",
-    );
+    expect(result).toContain("**release-checklist**: Deployment checks");
   });
 
   test("keeps SOUL.md and IDENTITY.md additive with skills", () => {
@@ -239,39 +231,15 @@ describe("buildSystemPrompt", () => {
     );
   });
 
-  test("includes swarm guidance section", () => {
-    const result = buildSystemPrompt();
-    expect(result).toContain("## Parallel Task Orchestration");
-    expect(result).toContain("swarm_delegate");
-  });
-
-  test("includes external service access preference section", () => {
+  test("includes external service access section", () => {
     const result = buildSystemPrompt();
-    expect(result).toContain("## External Service Access Preference");
-    expect(result).toContain("CLI tools via host_bash");
-    expect(result).toContain("Browser automation as last resort");
+    expect(result).toContain("## External Service Access");
+    expect(result).toContain("browser automation as last resort");
   });
 
-  test("includes external comms identity section", () => {
+  test("does not include removed sections", () => {
     const result = buildSystemPrompt();
-    expect(result).toContain("## External Communications Identity");
-  });
-
-  test("external comms identity section contains assistant guidance and resolved user reference", () => {
-    const result = buildSystemPrompt();
-    expect(result).toContain("Refer to yourself as an **assistant**");
-    expect(result).toContain("on behalf of **John**");
-  });
-
-  test("buildExternalCommsIdentitySection returns section with expected content", () => {
-    const section = buildExternalCommsIdentitySection();
-    expect(section).toContain("## External Communications Identity");
-    expect(section).toContain("assistant");
-    expect(section).toContain("John");
-    expect(section).toContain(
-      "Do not volunteer that you are an AI unless directly asked",
-    );
-    expect(section).toContain("Occasional variations are acceptable");
+    expect(result).not.toContain("## External Communications Identity");
   });
 
   test("does not include removed domain routing sections", () => {
@@ -282,18 +250,9 @@ describe("buildSystemPrompt", () => {
     expect(result).not.toContain("## Routing: Starter Tasks");
   });
 
-  test("includes memory persistence section", () => {
+  test("does not include removed memory persistence section", () => {
     const result = buildSystemPrompt();
-    expect(result).toContain("## Memory Persistence");
-    expect(result).toContain("memory_manage");
-    expect(result).toContain("Saved > unsaved. Always.");
-  });
-
-  test("config section uses workspace directory from platform util", () => {
-    const result = buildSystemPrompt();
-    expect(result).toContain(
-      `Your configuration directory is \`${TEST_DIR}/\`.`,
-    );
+    expect(result).not.toContain("## Memory Persistence");
   });
 
   test("omits user skills from catalog when none are configured", () => {
@@ -380,12 +339,6 @@ describe("buildSystemPrompt", () => {
     expect(result).not.toContain("### Update Handling");
   });
 
-  test("config section lists UPDATES.md", () => {
-    const result = buildSystemPrompt();
-    expect(result).toContain("`UPDATES.md`");
-    expect(result).toContain("Release update notes");
-  });
-
   test("strips comment lines starting with _ from prompt files", () => {
     writeFileSync(
       join(TEST_DIR, "IDENTITY.md"),

package/src/__tests__/telegram-config.test.ts

@@ -0,0 +1,121 @@
+import { afterEach, beforeEach, describe, expect, mock, test } from "bun:test";
+
+import { credentialKey } from "../security/credential-key.js";
+
+let secureKeyStore: Record<string, string> = {};
+let oauthConnectionStore: Record<
+  string,
+  { id: string; status: string; accountInfo?: string | null }
+> = {};
+const syncCalls: Array<{ providerKey: string; accountInfo?: string }> = [];
+
+mock.module("../config/loader.js", () => ({
+  getConfig: () => ({ telegram: {}, ui: {} }),
+  loadRawConfig: () => ({}),
+  saveRawConfig: () => {},
+  saveConfig: () => {},
+  invalidateConfigCache: () => {},
+  setNestedValue: () => {},
+}));
+
+mock.module("../inbound/platform-callback-registration.js", () => ({
+  registerCallbackRoute: async () => {},
+  shouldUsePlatformCallbacks: () => false,
+}));
+
+mock.module("../daemon/handlers/shared.js", () => ({
+  log: {
+    warn: () => {},
+    info: () => {},
+    error: () => {},
+    debug: () => {},
+  },
+}));
+
+mock.module("../security/secure-keys.js", () => ({
+  getSecureKeyAsync: async (account: string) =>
+    secureKeyStore[account] ?? undefined,
+  setSecureKeyAsync: async (account: string, value: string) => {
+    secureKeyStore[account] = value;
+    return true;
+  },
+  deleteSecureKeyAsync: async (account: string) => {
+    if (account in secureKeyStore) {
+      delete secureKeyStore[account];
+      return "deleted" as const;
+    }
+    return "not-found" as const;
+  },
+}));
+
+mock.module("../oauth/oauth-store.js", () => ({
+  getConnectionByProvider: (providerKey: string) =>
+    oauthConnectionStore[providerKey] ?? undefined,
+}));
+
+mock.module("../oauth/manual-token-connection.js", () => ({
+  ensureManualTokenConnection: async () => {},
+  removeManualTokenConnection: () => {},
+  syncManualTokenConnection: async (
+    providerKey: string,
+    accountInfo?: string,
+  ) => {
+    syncCalls.push({ providerKey, accountInfo });
+    if (providerKey !== "telegram") return;
+    const hasBotToken =
+      !!secureKeyStore[credentialKey("telegram", "bot_token")];
+    const hasWebhookSecret =
+      !!secureKeyStore[credentialKey("telegram", "webhook_secret")];
+    if (hasBotToken && hasWebhookSecret) {
+      oauthConnectionStore[providerKey] = {
+        id: `conn-${providerKey}`,
+        status: "active",
+        accountInfo: accountInfo ?? null,
+      };
+      return;
+    }
+    delete oauthConnectionStore[providerKey];
+  },
+}));
+
+mock.module("../telegram/bot-username.js", () => ({
+  getTelegramBotId: () => "123456",
+  getTelegramBotUsername: () => "testbot",
+}));
+
+mock.module("../tools/credentials/metadata-store.js", () => ({
+  deleteCredentialMetadata: () => true,
+  upsertCredentialMetadata: () => ({}),
+}));
+
+const originalFetch = globalThis.fetch;
+
+import { getTelegramConfig } from "../daemon/handlers/config-telegram.js";
+
+describe("Telegram config handler", () => {
+  beforeEach(() => {
+    secureKeyStore = {};
+    oauthConnectionStore = {};
+    syncCalls.length = 0;
+    globalThis.fetch = originalFetch;
+  });
+
+  afterEach(() => {
+    globalThis.fetch = originalFetch;
+  });
+
+  test("GET backfills telegram connection metadata with @botUsername", async () => {
+    secureKeyStore[credentialKey("telegram", "bot_token")] = "123:abc";
+    secureKeyStore[credentialKey("telegram", "webhook_secret")] = "secret";
+
+    const result = await getTelegramConfig();
+
+    expect(result.success).toBe(true);
+    expect(result.botUsername).toBe("testbot");
+    expect(result.connected).toBe(true);
+    expect(syncCalls).toEqual([
+      { providerKey: "telegram", accountInfo: "@testbot" },
+    ]);
+    expect(oauthConnectionStore["telegram"]?.accountInfo).toBe("@testbot");
+  });
+});

package/src/__tests__/terminal-tools.test.ts

@@ -662,7 +662,7 @@ describe("Shell tool input validation", () => {
     };
     expect(def.name).toBe("bash");
     expect(schema.required).toContain("command");
-    expect(schema.required).toContain("reason");
+    expect(schema.required).toContain("activity");
     expect(schema.properties.command).toBeDefined();
     expect(schema.properties.timeout_seconds).toBeDefined();
     expect(schema.properties.network_mode).toBeDefined();

package/src/__tests__/tool-execution-abort-cleanup.test.ts

@@ -32,8 +32,7 @@ mock.module("../config/loader.js", () => ({
       shellMaxTimeoutSec: 600,
       permissionTimeoutSec: 300,
     },
-    sandbox: { enabled: false, backend: "native" as const },
-    rateLimit: { maxRequestsPerMinute: 0, maxTokensPerSession: 0 },
+    rateLimit: { maxRequestsPerMinute: 0 },
     secretDetection: {
       enabled: false,
       action: "warn" as const,

package/src/__tests__/tool-executor-lifecycle-events.test.ts

@@ -26,7 +26,7 @@ const mockConfig = {
       network: "none" as const,
     },
   },
-  rateLimit: { maxRequestsPerMinute: 0, maxTokensPerSession: 0 },
+  rateLimit: { maxRequestsPerMinute: 0 },
   secretDetection: {
     enabled: false,
     action: "warn" as const,