npm - @vellumai/assistant - Versions diffs - 0.5.16 → 0.6.0 - Mend

@vellumai/assistant 0.5.16 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (407) hide show

package/ARCHITECTURE.md +1 -1
package/Dockerfile +0 -3
package/knip.json +2 -1
package/openapi.yaml +660 -80
package/package.json +1 -1
package/src/__tests__/actor-token-service.test.ts +68 -0
package/src/__tests__/agent-loop.test.ts +0 -32
package/src/__tests__/always-loaded-tools-guard.test.ts +2 -2
package/src/__tests__/anthropic-provider.test.ts +57 -3
package/src/__tests__/app-compiler.test.ts +120 -0
package/src/__tests__/assistant-feature-flags-integration.test.ts +2 -2
package/src/__tests__/call-conversation-messages.test.ts +2 -6
package/src/__tests__/call-domain.test.ts +2 -6
package/src/__tests__/call-pointer-messages.test.ts +2 -14
package/src/__tests__/call-recovery.test.ts +2 -6
package/src/__tests__/call-routes-http.test.ts +2 -6
package/src/__tests__/call-store.test.ts +2 -6
package/src/__tests__/cancel-resolves-conversation-key.test.ts +2 -6
package/src/__tests__/canonical-guardian-store.test.ts +2 -6
package/src/__tests__/channel-delivery-store.test.ts +2 -6
package/src/__tests__/channel-retry-sweep.test.ts +2 -6
package/src/__tests__/checker.test.ts +25 -3
package/src/__tests__/clawhub.test.ts +54 -24
package/src/__tests__/cli-command-risk-guard.test.ts +14 -0
package/src/__tests__/cli-memory.test.ts +74 -69
package/src/__tests__/config-schema.test.ts +1 -1
package/src/__tests__/config-set-platform-guard.test.ts +302 -0
package/src/__tests__/confirmation-request-guardian-bridge.test.ts +2 -6
package/src/__tests__/contacts-tools.test.ts +31 -0
package/src/__tests__/context-overflow-reducer.test.ts +86 -0
package/src/__tests__/context-token-estimator.test.ts +175 -10
package/src/__tests__/conversation-agent-loop-overflow.test.ts +9 -0
package/src/__tests__/conversation-agent-loop.test.ts +9 -0
package/src/__tests__/conversation-attachments.test.ts +2 -6
package/src/__tests__/conversation-attention-store.test.ts +2 -6
package/src/__tests__/conversation-clear-safety.test.ts +2 -6
package/src/__tests__/conversation-delete-schedule-cleanup.test.ts +4 -10
package/src/__tests__/conversation-disk-view-integration.test.ts +2 -6
package/src/__tests__/conversation-disk-view.test.ts +2 -6
package/src/__tests__/conversation-error.test.ts +33 -2
package/src/__tests__/conversation-fork-crud.test.ts +2 -6
package/src/__tests__/conversation-history-web-search.test.ts +5 -0
package/src/__tests__/conversation-load-history-repair.test.ts +5 -1
package/src/__tests__/conversation-media-retry.test.ts +91 -0
package/src/__tests__/conversation-starter-routes.test.ts +20 -11
package/src/__tests__/conversation-store.test.ts +2 -6
package/src/__tests__/conversation-usage.test.ts +2 -6
package/src/__tests__/conversation-wipe.test.ts +11 -408
package/src/__tests__/credential-execution-feature-gates.test.ts +3 -3
package/src/__tests__/credential-execution-shell-lockdown.test.ts +2 -2
package/src/__tests__/credential-security-e2e.test.ts +2 -0
package/src/__tests__/followup-tools.test.ts +2 -6
package/src/__tests__/graph-extraction-event-date.test.ts +186 -0
package/src/__tests__/guardian-action-conversation-turn.test.ts +2 -6
package/src/__tests__/guardian-action-followup-executor.test.ts +2 -6
package/src/__tests__/guardian-action-followup-store.test.ts +2 -6
package/src/__tests__/guardian-action-grant-mint-consume.test.ts +2 -6
package/src/__tests__/guardian-action-late-reply.test.ts +2 -6
package/src/__tests__/guardian-action-store.test.ts +2 -6
package/src/__tests__/guardian-binding-drift-heal.test.ts +2 -6
package/src/__tests__/guardian-decision-primitive-canonical.test.ts +8 -8
package/src/__tests__/guardian-dispatch.test.ts +2 -6
package/src/__tests__/guardian-grant-minting.test.ts +2 -14
package/src/__tests__/guardian-principal-id-roundtrip.test.ts +2 -6
package/src/__tests__/guardian-routing-invariants.test.ts +192 -6
package/src/__tests__/guardian-routing-state.test.ts +2 -6
package/src/__tests__/guardian-verification-voice-binding.test.ts +2 -6
package/src/__tests__/inbound-invite-redemption.test.ts +2 -6
package/src/__tests__/injection-block.test.ts +154 -0
package/src/__tests__/install-meta.test.ts +506 -0
package/src/__tests__/install-skill-routing.test.ts +292 -0
package/src/__tests__/invite-redemption-service.test.ts +2 -6
package/src/__tests__/invite-routes-http.test.ts +2 -6
package/src/__tests__/jobs-store-qdrant-breaker.test.ts +2 -14
package/src/__tests__/list-messages-attachments.test.ts +2 -6
package/src/__tests__/llm-context-route-provider.test.ts +2 -6
package/src/__tests__/llm-request-log-turn-query.test.ts +2 -6
package/src/__tests__/llm-usage-store.test.ts +2 -6
package/src/__tests__/log-export-workspace.test.ts +2 -6
package/src/__tests__/managed-store.test.ts +38 -11
package/src/__tests__/memory-jobs-worker-backoff.test.ts +2 -8
package/src/__tests__/memory-recall-log-store.test.ts +2 -6
package/src/__tests__/memory-upsert-concurrency.test.ts +4 -112
package/src/__tests__/non-member-access-request.test.ts +2 -6
package/src/__tests__/notification-guardian-path.test.ts +2 -6
package/src/__tests__/oauth-cli.test.ts +364 -2
package/src/__tests__/oauth2-gateway-transport.test.ts +18 -3
package/src/__tests__/outlook-attachments.test.ts +301 -0
package/src/__tests__/outlook-automation-tools.test.ts +425 -0
package/src/__tests__/outlook-categories.test.ts +212 -0
package/src/__tests__/outlook-client-automation.test.ts +246 -0
package/src/__tests__/outlook-compose-tools.test.ts +325 -0
package/src/__tests__/outlook-declutter-tools.test.ts +585 -0
package/src/__tests__/outlook-email-watcher.test.ts +322 -0
package/src/__tests__/outlook-follow-up.test.ts +196 -0
package/src/__tests__/outlook-messaging-provider.test.ts +498 -3
package/src/__tests__/outlook-trash.test.ts +77 -0
package/src/__tests__/outlook-unsubscribe.test.ts +250 -0
package/src/__tests__/platform-callback-registration.test.ts +4 -4
package/src/__tests__/playbook-execution.test.ts +76 -80
package/src/__tests__/playbook-tools.test.ts +5 -7
package/src/__tests__/provider-error-scenarios.test.ts +21 -0
package/src/__tests__/rebuild-index-graph-nodes.test.ts +273 -0
package/src/__tests__/registry.test.ts +2 -2
package/src/__tests__/require-fresh-approval.test.ts +64 -2
package/src/__tests__/runtime-events-sse-parity.test.ts +2 -6
package/src/__tests__/runtime-events-sse.test.ts +2 -6
package/src/__tests__/schedule-store.test.ts +2 -6
package/src/__tests__/schedule-tools.test.ts +2 -6
package/src/__tests__/scheduler-recurrence.test.ts +1 -5
package/src/__tests__/scoped-approval-grants.test.ts +2 -6
package/src/__tests__/scoped-grant-security-matrix.test.ts +2 -6
package/src/__tests__/search-skills-unified.test.ts +421 -0
package/src/__tests__/secret-onetime-send.test.ts +2 -0
package/src/__tests__/send-endpoint-busy.test.ts +2 -6
package/src/__tests__/sequence-store.test.ts +2 -6
package/src/__tests__/server-history-render.test.ts +2 -6
package/src/__tests__/skill-feature-flags-integration.test.ts +38 -31
package/src/__tests__/skill-feature-flags.test.ts +6 -6
package/src/__tests__/skill-load-feature-flag.test.ts +11 -11
package/src/__tests__/skill-memory.test.ts +140 -98
package/src/__tests__/skills-uninstall.test.ts +2 -2
package/src/__tests__/skills.test.ts +1 -1
package/src/__tests__/slack-inbound-verification.test.ts +2 -6
package/src/__tests__/task-compiler.test.ts +2 -6
package/src/__tests__/task-management-tools.test.ts +2 -6
package/src/__tests__/task-memory-cleanup.test.ts +173 -229
package/src/__tests__/task-runner.test.ts +2 -6
package/src/__tests__/task-scheduler.test.ts +2 -6
package/src/__tests__/test-preload.ts +3 -0
package/src/__tests__/tool-approval-handler.test.ts +2 -6
package/src/__tests__/tool-grant-request-escalation.test.ts +2 -6
package/src/__tests__/tool-side-effects-slack-dm.test.ts +276 -0
package/src/__tests__/trust-store.test.ts +1 -1
package/src/__tests__/trusted-contact-inline-approval-integration.test.ts +2 -6
package/src/__tests__/trusted-contact-lifecycle-notifications.test.ts +2 -6
package/src/__tests__/trusted-contact-multichannel.test.ts +2 -6
package/src/__tests__/trusted-contact-verification.test.ts +2 -6
package/src/__tests__/turn-boundary-resolution.test.ts +2 -6
package/src/__tests__/usage-cache-backfill-migration.test.ts +1 -6
package/src/__tests__/usage-routes.test.ts +2 -6
package/src/__tests__/verification-control-plane-policy.test.ts +0 -2
package/src/__tests__/voice-invite-redemption.test.ts +2 -6
package/src/__tests__/voice-scoped-grant-consumer.test.ts +2 -6
package/src/__tests__/voice-session-bridge.test.ts +2 -6
package/src/__tests__/volume-security-guard.test.ts +2 -0
package/src/__tests__/workspace-lifecycle.test.ts +29 -1
package/src/__tests__/workspace-migration-009-backfill-conversation-disk-view.test.ts +2 -6
package/src/__tests__/workspace-migration-013-repair-conversation-disk-view.test.ts +2 -6
package/src/__tests__/workspace-migration-026-backfill-install-meta.test.ts +558 -0
package/src/__tests__/workspace-policy.test.ts +1 -1
package/src/agent/attachments.ts +7 -2
package/src/agent/image-optimize.ts +165 -0
package/src/agent/loop.ts +1 -15
package/src/bundler/app-compiler.ts +179 -2
package/src/bundler/package-resolver.ts +3 -5
package/src/cli/__tests__/notifications.test.ts +1 -2
package/src/cli/cli-memory.ts +67 -64
package/src/cli/commands/avatar.ts +3 -3
package/src/cli/commands/config.ts +26 -13
package/src/cli/commands/doctor.ts +2 -2
package/src/cli/commands/memory.ts +41 -55
package/src/cli/commands/oauth/__tests__/connect.test.ts +2 -2
package/src/cli/commands/oauth/__tests__/disconnect.test.ts +2 -2
package/src/cli/commands/oauth/__tests__/mode.test.ts +8 -1
package/src/cli/commands/oauth/__tests__/status.test.ts +2 -2
package/src/cli/commands/oauth/connect.ts +11 -6
package/src/cli/commands/oauth/mode.ts +7 -0
package/src/cli/commands/oauth/shared.ts +39 -3
package/src/cli/commands/platform/__tests__/connect.test.ts +1 -1
package/src/cli/commands/platform/__tests__/disconnect.test.ts +1 -1
package/src/cli/commands/platform/__tests__/status.test.ts +5 -5
package/src/cli/commands/platform/index.ts +16 -16
package/src/cli/commands/skills.ts +88 -16
package/src/cli/commands/trust.ts +2 -2
package/src/cli/lib/daemon-credential-client.ts +2 -3
package/src/config/bundled-skills/acp/TOOLS.json +1 -1
package/src/config/bundled-skills/contacts/SKILL.md +0 -1
package/src/config/bundled-skills/contacts/TOOLS.json +0 -8
package/src/config/bundled-skills/contacts/tools/contact-upsert.ts +0 -4
package/src/config/bundled-skills/gmail/SKILL.md +2 -10
package/src/config/bundled-skills/google-calendar/SKILL.md +1 -9
package/src/config/bundled-skills/messaging/SKILL.md +10 -18
package/src/config/bundled-skills/messaging/tools/messaging-analyze-style.ts +40 -33
package/src/config/bundled-skills/outlook/SKILL.md +189 -0
package/src/config/bundled-skills/outlook/TOOLS.json +530 -0
package/src/config/bundled-skills/outlook/tools/outlook-attachments.ts +85 -0
package/src/config/bundled-skills/outlook/tools/outlook-categories.ts +77 -0
package/src/config/bundled-skills/outlook/tools/outlook-draft.ts +84 -0
package/src/config/bundled-skills/outlook/tools/outlook-follow-up.ts +94 -0
package/src/config/bundled-skills/outlook/tools/outlook-forward.ts +49 -0
package/src/config/bundled-skills/outlook/tools/outlook-outreach-scan.ts +237 -0
package/src/config/bundled-skills/outlook/tools/outlook-rules.ts +161 -0
package/src/config/bundled-skills/outlook/tools/outlook-send-draft.ts +32 -0
package/src/config/bundled-skills/outlook/tools/outlook-sender-digest.ts +272 -0
package/src/config/bundled-skills/outlook/tools/outlook-trash.ts +29 -0
package/src/config/bundled-skills/outlook/tools/outlook-unsubscribe.ts +129 -0
package/src/config/bundled-skills/outlook/tools/outlook-vacation.ts +87 -0
package/src/config/bundled-skills/outlook/tools/shared.ts +20 -0
package/src/config/bundled-skills/outlook-calendar/SKILL.md +51 -0
package/src/config/bundled-skills/outlook-calendar/TOOLS.json +221 -0
package/src/config/bundled-skills/outlook-calendar/calendar-client.ts +252 -0
package/src/config/bundled-skills/outlook-calendar/tools/outlook-calendar-check-availability.ts +53 -0
package/src/config/bundled-skills/outlook-calendar/tools/outlook-calendar-create-event.ts +74 -0
package/src/config/bundled-skills/outlook-calendar/tools/outlook-calendar-get-event.ts +18 -0
package/src/config/bundled-skills/outlook-calendar/tools/outlook-calendar-list-events.ts +46 -0
package/src/config/bundled-skills/outlook-calendar/tools/outlook-calendar-rsvp.ts +36 -0
package/src/config/bundled-skills/outlook-calendar/tools/shared.ts +17 -0
package/src/config/bundled-skills/outlook-calendar/types.ts +120 -0
package/src/config/bundled-skills/playbooks/tools/playbook-create.ts +47 -40
package/src/config/bundled-skills/playbooks/tools/playbook-delete.ts +16 -29
package/src/config/bundled-skills/playbooks/tools/playbook-list.ts +16 -18
package/src/config/bundled-skills/playbooks/tools/playbook-update.ts +39 -47
package/src/config/bundled-skills/slack/SKILL.md +1 -7
package/src/config/bundled-tool-registry.ts +56 -4
package/src/config/env-registry.ts +15 -8
package/src/config/feature-flag-registry.json +21 -124
package/src/config/schemas/platform.ts +8 -0
package/src/config/schemas/timeouts.ts +1 -1
package/src/config/skills.ts +18 -7
package/src/context/token-estimator.ts +25 -18
package/src/context/window-manager.ts +6 -2
package/src/credential-execution/process-manager.ts +3 -1
package/src/daemon/context-overflow-reducer.ts +46 -2
package/src/daemon/conversation-agent-loop-handlers.ts +123 -82
package/src/daemon/conversation-agent-loop.ts +96 -61
package/src/daemon/conversation-error.ts +31 -8
package/src/daemon/conversation-lifecycle.ts +33 -0
package/src/daemon/conversation-media-retry.ts +85 -7
package/src/daemon/conversation-notifiers.ts +4 -1
package/src/daemon/conversation-runtime-assembly.ts +5 -0
package/src/daemon/conversation.ts +41 -2
package/src/daemon/daemon-control.ts +8 -2
package/src/daemon/handlers/shared.ts +22 -12
package/src/daemon/handlers/skills.ts +416 -202
package/src/daemon/lifecycle.ts +40 -1
package/src/daemon/main.ts +5 -1
package/src/daemon/message-types/conversations.ts +4 -1
package/src/daemon/message-types/messages.ts +3 -1
package/src/daemon/message-types/skills.ts +97 -36
package/src/daemon/providers-setup.ts +5 -0
package/src/daemon/server.ts +11 -2
package/src/daemon/tool-side-effects.ts +27 -5
package/src/heartbeat/heartbeat-service.ts +1 -0
package/src/hooks/cli.ts +2 -2
package/src/hooks/runner.ts +15 -38
package/src/inbound/platform-callback-registration.ts +14 -14
package/src/memory/admin.ts +11 -45
package/src/memory/conversation-bootstrap.ts +2 -0
package/src/memory/conversation-crud.ts +242 -348
package/src/memory/conversation-group-migration.ts +157 -0
package/src/memory/conversation-queries.ts +4 -2
package/src/memory/db-init.ts +30 -3
package/src/memory/embed.ts +73 -0
package/src/memory/embedding-backend.ts +8 -14
package/src/memory/embedding-runtime-manager.ts +12 -114
package/src/memory/fingerprint.ts +2 -2
package/src/memory/graph/bootstrap.ts +512 -0
package/src/memory/graph/capability-seed.ts +297 -0
package/src/memory/graph/consolidation.ts +691 -0
package/src/memory/graph/conversation-graph-memory.ts +630 -0
package/src/memory/graph/decay.test.ts +208 -0
package/src/memory/graph/decay.ts +195 -0
package/src/memory/graph/extraction-job.ts +69 -0
package/src/memory/graph/extraction.test.ts +936 -0
package/src/memory/graph/extraction.ts +1254 -0
package/src/memory/graph/graph-search.ts +266 -0
package/src/memory/graph/image-ref-utils.ts +29 -0
package/src/memory/graph/injection.test.ts +513 -0
package/src/memory/graph/injection.ts +439 -0
package/src/memory/graph/inspect.ts +534 -0
package/src/memory/graph/narrative.ts +267 -0
package/src/memory/graph/pattern-scan.ts +269 -0
package/src/memory/graph/retriever.ts +1008 -0
package/src/memory/graph/scoring.test.ts +548 -0
package/src/memory/graph/scoring.ts +232 -0
package/src/memory/graph/serendipity.ts +65 -0
package/src/memory/graph/store.test.ts +1050 -0
package/src/memory/graph/store.ts +699 -0
package/src/memory/graph/tool-handlers.ts +426 -0
package/src/memory/graph/tools.ts +141 -0
package/src/memory/graph/triggers.test.ts +487 -0
package/src/memory/graph/triggers.ts +223 -0
package/src/memory/graph/types.ts +271 -0
package/src/memory/group-crud.ts +191 -0
package/src/memory/indexer.ts +37 -19
package/src/memory/job-handlers/cleanup.ts +0 -53
package/src/memory/job-handlers/conversation-starters.ts +91 -53
package/src/memory/job-handlers/embedding.ts +5 -31
package/src/memory/job-handlers/index-maintenance.ts +23 -11
package/src/memory/job-handlers/summarization.ts +32 -17
package/src/memory/job-utils.ts +1 -1
package/src/memory/jobs-store.ts +50 -70
package/src/memory/jobs-worker.ts +147 -112
package/src/memory/message-content.ts +1 -0
package/src/memory/migrations/202-memory-graph-tables.ts +130 -0
package/src/memory/migrations/203-drop-memory-items-tables.ts +23 -0
package/src/memory/migrations/204-rename-memory-graph-type-values.ts +46 -0
package/src/memory/migrations/205-memory-graph-image-refs.ts +11 -0
package/src/memory/migrations/index.ts +4 -0
package/src/memory/migrations/registry.ts +8 -0
package/src/memory/qdrant-client.ts +44 -17
package/src/memory/schema/index.ts +1 -0
package/src/memory/schema/memory-graph.ts +139 -0
package/src/memory/search/semantic.ts +47 -91
package/src/memory/task-memory-cleanup.ts +28 -50
package/src/messaging/providers/outlook/adapter.ts +8 -1
package/src/messaging/providers/outlook/client.ts +299 -0
package/src/messaging/providers/outlook/types.ts +118 -0
package/src/notifications/adapters/macos.ts +1 -0
package/src/notifications/copy-composer.ts +9 -0
package/src/notifications/signal.ts +16 -0
package/src/oauth/seed-providers.ts +2 -1
package/src/permissions/checker.ts +24 -3
package/src/permissions/defaults.ts +4 -4
package/src/permissions/workspace-policy.ts +1 -1
package/src/playbooks/playbook-compiler.ts +19 -18
package/src/playbooks/types.ts +4 -3
package/src/prompts/system-prompt.ts +3 -29
package/src/providers/anthropic/client.ts +47 -19
package/src/providers/gemini/client.ts +1 -1
package/src/providers/openai/client.ts +1 -1
package/src/providers/registry.ts +1 -1
package/src/providers/retry.ts +19 -3
package/src/runtime/actor-trust-resolver.ts +5 -1
package/src/runtime/auth/route-policy.ts +7 -0
package/src/runtime/guardian-reply-router.ts +5 -1
package/src/runtime/http-server.ts +23 -3
package/src/runtime/middleware/auth.ts +20 -0
package/src/runtime/routes/attachment-routes.test.ts +106 -0
package/src/runtime/routes/attachment-routes.ts +106 -16
package/src/runtime/routes/brain-graph-routes.ts +21 -22
package/src/runtime/routes/btw-routes.ts +8 -0
package/src/runtime/routes/conversation-management-routes.ts +2 -0
package/src/runtime/routes/conversation-starter-routes.ts +2 -2
package/src/runtime/routes/debug-routes.ts +1 -1
package/src/runtime/routes/global-search-routes.ts +21 -19
package/src/runtime/routes/group-routes.ts +207 -0
package/src/runtime/routes/guardian-action-routes.ts +21 -10
package/src/runtime/routes/guardian-bootstrap-routes.ts +23 -19
package/src/runtime/routes/inbound-message-handler.ts +19 -0
package/src/runtime/routes/inbound-stages/guardian-activation-intercept.test.ts +292 -0
package/src/runtime/routes/inbound-stages/guardian-activation-intercept.ts +207 -0
package/src/runtime/routes/memory-item-routes.test.ts +2 -14
package/src/runtime/routes/memory-item-routes.ts +341 -388
package/src/runtime/routes/schedule-routes.ts +2 -0
package/src/runtime/routes/skills-routes.ts +103 -37
package/src/runtime/routes/work-items-routes.test.ts +2 -6
package/src/schedule/scheduler.ts +8 -1
package/src/security/oauth2.ts +1 -1
package/src/security/secure-keys.ts +4 -8
package/src/shared/provider-env-vars.ts +19 -0
package/src/skills/catalog-cache.ts +5 -0
package/src/skills/catalog-install.ts +15 -14
package/src/skills/clawhub.ts +134 -154
package/src/skills/install-meta.ts +208 -0
package/src/skills/managed-store.ts +27 -16
package/src/skills/skill-memory.ts +152 -77
package/src/skills/skillssh-registry.ts +19 -17
package/src/tasks/task-runner.ts +3 -1
package/src/telemetry/usage-telemetry-reporter.test.ts +3 -5
package/src/tools/browser/runtime-check.ts +3 -1
package/src/tools/memory/register.ts +63 -46
package/src/tools/permission-checker.ts +7 -1
package/src/tools/shared/filesystem/image-read.ts +22 -85
package/src/tools/terminal/safe-env.ts +1 -0
package/src/tools/tool-manifest.ts +3 -3
package/src/util/browser.ts +25 -10
package/src/util/bun-runtime.ts +172 -0
package/src/watcher/providers/outlook-calendar.ts +343 -0
package/src/watcher/providers/outlook.ts +198 -0
package/src/workspace/migrations/025-remove-oauth-app-setup-skills.ts +76 -0
package/src/workspace/migrations/026-backfill-install-meta.ts +325 -0
package/src/workspace/migrations/027-remove-orphaned-optimized-images-cache.ts +42 -0
package/src/workspace/migrations/registry.ts +6 -0
package/src/__tests__/context-memory-e2e.test.ts +0 -415
package/src/__tests__/journal-context.test.ts +0 -268
package/src/__tests__/memory-context-benchmark.benchmark.test.ts +0 -297
package/src/__tests__/memory-lifecycle-e2e.test.ts +0 -459
package/src/__tests__/memory-query-builder.test.ts +0 -59
package/src/__tests__/memory-recall-quality.test.ts +0 -1046
package/src/__tests__/memory-regressions.experimental.test.ts +0 -629
package/src/__tests__/memory-regressions.test.ts +0 -3696
package/src/__tests__/memory-retrieval.benchmark.test.ts +0 -295
package/src/daemon/conversation-memory.ts +0 -207
package/src/memory/conversation-starters-cadence.ts +0 -74
package/src/memory/items-extractor.ts +0 -860
package/src/memory/job-handlers/batch-extraction.ts +0 -753
package/src/memory/job-handlers/extraction.ts +0 -40
package/src/memory/job-handlers/journal-carry-forward.test.ts +0 -355
package/src/memory/job-handlers/journal-carry-forward.ts +0 -255
package/src/memory/journal-memory.ts +0 -224
package/src/memory/query-builder.ts +0 -47
package/src/memory/query-expansion.ts +0 -83
package/src/memory/retriever.test.ts +0 -1592
package/src/memory/retriever.ts +0 -1331
package/src/memory/search/formatting.test.ts +0 -140
package/src/memory/search/formatting.ts +0 -262
package/src/memory/search/mmr.ts +0 -139
package/src/memory/search/ranking.ts +0 -15
package/src/memory/search/staleness.ts +0 -40
package/src/memory/search/tier-classifier.ts +0 -18
package/src/memory/search/types.ts +0 -121
package/src/prompts/journal-context.ts +0 -154
package/src/tools/memory/definitions.ts +0 -69
package/src/tools/memory/handlers.test.ts +0 -562
package/src/tools/memory/handlers.ts +0 -434

package/src/skills/skill-memory.ts CHANGED Viewed

@@ -1,17 +1,25 @@
-import { and, eq } from "drizzle-orm";
+import { and, eq, sql } from "drizzle-orm";
 import { v4 as uuid } from "uuid";
+import { isAssistantFeatureFlagEnabled } from "../config/assistant-feature-flags.js";
 import { getConfig } from "../config/loader.js";
 import { resolveSkillStates } from "../config/skill-state.js";
 import { loadSkillCatalog, type SkillSummary } from "../config/skills.js";
 import { getDb } from "../memory/db.js";
-import { computeMemoryFingerprint } from "../memory/fingerprint.js";
 import { enqueueMemoryJob } from "../memory/jobs-store.js";
-import { memoryItems } from "../memory/schema.js";
+import { memoryGraphNodes } from "../memory/schema.js";
 import { getLogger } from "../util/logger.js";
+import { getCachedCatalogSync } from "./catalog-cache.js";
+import type { CatalogSkill } from "./catalog-install.js";
 const log = getLogger("skill-memory");
+/** Escape SQL LIKE wildcards so they match literally.
+ * Uses backslash as the escape character — callers must pair with ESCAPE '\\'. */
+function escapeLike(s: string): string {
+  return s.replace(/\\/g, "\\\\").replace(/%/g, "\\%").replace(/_/g, "\\_");
+}
 /**
  * Generic input for building capability statements.
  * Decoupled from CatalogSkill so other skill sources (e.g. bundled skills) can
@@ -39,6 +47,20 @@ export function fromSkillSummary(entry: SkillSummary): SkillCapabilityInput {
   };
 }
+/**
+ * Convert a CatalogSkill to a SkillCapabilityInput.
+ * CatalogSkill stores display-name and hints inside nested metadata.
+ */
+export function fromCatalogSkill(entry: CatalogSkill): SkillCapabilityInput {
+  return {
+    id: entry.id,
+    displayName: entry.metadata?.vellum?.["display-name"] ?? entry.name,
+    description: entry.description,
+    activationHints: entry.metadata?.vellum?.["activation-hints"],
+    avoidWhen: entry.metadata?.vellum?.["avoid-when"],
+  };
+}
 /**
  * Build a semantically rich capability statement from a skill capability input.
  * Truncated to 500 chars max (matching the limit used by memory item extraction).
@@ -62,8 +84,17 @@ export function buildCapabilityStatement(input: SkillCapabilityInput): string {
   return statement;
 }
+/** Default emotional charge for capability graph nodes. */
+const DEFAULT_EMOTIONAL_CHARGE = JSON.stringify({
+  valence: 0,
+  intensity: 0.1,
+  decayCurve: "linear",
+  decayRate: 0.05,
+  originalIntensity: 0.1,
+});
 /**
- * Upsert a capability memory item for a skill.
+ * Upsert a capability memory graph node for a skill.
  * Best-effort: errors are logged but never thrown.
  */
 export function upsertSkillCapabilityMemory(
@@ -72,124 +103,121 @@ export function upsertSkillCapabilityMemory(
 ): void {
   try {
     const db = getDb();
-    const subject = `skill:${skillId}`;
     const statement = buildCapabilityStatement(input);
-    const kind = "capability";
+    const content = `skill:${skillId}\n${statement}`;
     const scopeId = "default";
-    const confidence = 1.0;
-    const importance = 0.7;
-    const fingerprint = computeMemoryFingerprint(
-      scopeId,
-      kind,
-      subject,
-      statement,
-    );
     const now = Date.now();
     const existing = db
       .select()
-      .from(memoryItems)
+      .from(memoryGraphNodes)
       .where(
         and(
-          eq(memoryItems.kind, kind),
-          eq(memoryItems.subject, subject),
-          eq(memoryItems.scopeId, scopeId),
+          eq(memoryGraphNodes.type, "procedural"),
+          sql`${memoryGraphNodes.content} LIKE ${'skill:' + escapeLike(skillId) + '\n%'} ESCAPE '\\'`,
+          eq(memoryGraphNodes.scopeId, scopeId),
         ),
       )
       .get();
     if (existing) {
       if (
-        existing.status === "active" &&
-        existing.fingerprint === fingerprint
+        existing.content === content &&
+        existing.fidelity !== "gone"
       ) {
-        // Same content — just touch lastSeenAt
-        db.update(memoryItems)
-          .set({ lastSeenAt: now })
-          .where(eq(memoryItems.id, existing.id))
+        // Same content — just touch lastAccessed
+        db.update(memoryGraphNodes)
+          .set({ lastAccessed: now })
+          .where(eq(memoryGraphNodes.id, existing.id))
           .run();
         return;
       }
-      if (existing.status === "active") {
-        // Content changed — update statement and fingerprint
-        db.update(memoryItems)
+      if (existing.fidelity !== "gone") {
+        // Content changed — update content
+        db.update(memoryGraphNodes)
           .set({
-            statement,
-            fingerprint,
-            lastSeenAt: now,
+            content,
+            lastAccessed: now,
           })
-          .where(eq(memoryItems.id, existing.id))
+          .where(eq(memoryGraphNodes.id, existing.id))
           .run();
-        enqueueMemoryJob("embed_item", { itemId: existing.id });
+        enqueueMemoryJob("embed_graph_node", { nodeId: existing.id });
         return;
       }
-      // status === "deleted" or other — reactivate
-      db.update(memoryItems)
+      // fidelity === "gone" — reactivate
+      db.update(memoryGraphNodes)
         .set({
-          status: "active",
-          statement,
-          fingerprint,
-          lastSeenAt: now,
-          firstSeenAt: now,
+          fidelity: "vivid",
+          content,
+          created: now,
+          lastAccessed: now,
         })
-        .where(eq(memoryItems.id, existing.id))
+        .where(eq(memoryGraphNodes.id, existing.id))
         .run();
-      enqueueMemoryJob("embed_item", { itemId: existing.id });
+      enqueueMemoryJob("embed_graph_node", { nodeId: existing.id });
+      log.info({ skillId, nodeId: existing.id }, "Reactivated skill capability memory");
       return;
     }
-    // No existing — insert new row
+    // No existing — insert new graph node
     const id = uuid();
-    db.insert(memoryItems)
+    db.insert(memoryGraphNodes)
       .values({
         id,
-        kind,
-        subject,
-        statement,
-        status: "active",
-        confidence,
-        importance,
-        fingerprint,
-        sourceType: "extraction",
+        content,
+        type: "procedural",
+        created: now,
+        lastAccessed: now,
+        lastConsolidated: now,
+        emotionalCharge: DEFAULT_EMOTIONAL_CHARGE,
+        fidelity: "vivid",
+        confidence: 1.0,
+        significance: 0.7,
+        stability: 14,
+        reinforcementCount: 0,
+        lastReinforced: now,
+        sourceConversations: JSON.stringify([]),
+        sourceType: "inferred",
+        narrativeRole: null,
+        partOfStory: null,
         scopeId,
-        firstSeenAt: now,
-        lastSeenAt: now,
       })
       .run();
-    enqueueMemoryJob("embed_item", { itemId: id });
+    enqueueMemoryJob("embed_graph_node", { nodeId: id });
+    log.info({ skillId, nodeId: id }, "Created skill capability memory");
   } catch (err) {
     log.warn({ err, skillId }, "Failed to upsert skill capability memory");
   }
 }
 /**
- * Soft-delete the capability memory item for a skill.
+ * Soft-delete the capability memory graph node for a skill.
  * Best-effort: errors are logged but never thrown.
  */
 export function deleteSkillCapabilityMemory(skillId: string): void {
   try {
     const db = getDb();
-    const subject = `skill:${skillId}`;
     const now = Date.now();
     const existing = db
       .select()
-      .from(memoryItems)
+      .from(memoryGraphNodes)
       .where(
         and(
-          eq(memoryItems.kind, "capability"),
-          eq(memoryItems.subject, subject),
-          eq(memoryItems.scopeId, "default"),
+          eq(memoryGraphNodes.type, "procedural"),
+          sql`${memoryGraphNodes.content} LIKE ${'skill:' + escapeLike(skillId) + '\n%'} ESCAPE '\\'`,
+          eq(memoryGraphNodes.scopeId, "default"),
+          sql`${memoryGraphNodes.fidelity} != 'gone'`,
         ),
       )
       .get();
-    if (existing && existing.status !== "deleted") {
-      db.update(memoryItems)
-        .set({ status: "deleted", lastSeenAt: now })
-        .where(eq(memoryItems.id, existing.id))
+    if (existing) {
+      db.update(memoryGraphNodes)
+        .set({ fidelity: "gone", lastAccessed: now })
+        .where(eq(memoryGraphNodes.id, existing.id))
         .run();
     }
   } catch (err) {
@@ -198,7 +226,7 @@ export function deleteSkillCapabilityMemory(skillId: string): void {
 }
 /**
- * Seed capability memory items for all enabled skills (bundled, managed, workspace, extra).
+ * Seed capability memory graph nodes for all enabled skills (bundled, managed, workspace, extra).
  * Prunes stale entries whose skills are no longer in the enabled set.
  * Best-effort: errors are logged but never thrown.
  */
@@ -231,31 +259,78 @@ export function seedCatalogSkillMemories(): void {
     }
     // Prune stale capability memories for skills no longer in the enabled set
+    // and not available in the remote/local catalog.
     const db = getDb();
     const allCapabilities = db
       .select()
-      .from(memoryItems)
+      .from(memoryGraphNodes)
       .where(
         and(
-          eq(memoryItems.kind, "capability"),
-          eq(memoryItems.scopeId, "default"),
-          eq(memoryItems.status, "active"),
+          eq(memoryGraphNodes.type, "procedural"),
+          eq(memoryGraphNodes.scopeId, "default"),
+          sql`${memoryGraphNodes.fidelity} != 'gone'`,
         ),
       )
       .all();
+    const allLocalSkillIds = new Set(catalog.map((s) => s.id));
+    const cachedCatalog = getCachedCatalogSync();
+    const cachedCatalogIds = new Set(cachedCatalog.map((s) => s.id));
     const now = Date.now();
     for (const item of allCapabilities) {
-      if (!item.subject.startsWith("skill:")) continue;
-      const itemSkillId = item.subject.replace("skill:", "");
-      if (!catalogIds.has(itemSkillId)) {
-        db.update(memoryItems)
-          .set({ status: "deleted", lastSeenAt: now })
-          .where(eq(memoryItems.id, item.id))
-          .run();
-      }
+      if (!item.content.startsWith("skill:")) continue;
+      const itemSkillId = item.content.split("\n")[0].replace("skill:", "");
+      // Keep enabled skills
+      if (catalogIds.has(itemSkillId)) continue;
+      // Keep uninstalled catalog skills that are still in the remote catalog
+      if (cachedCatalogIds.has(itemSkillId)) continue;
+      // If the catalog cache is empty (cold start, before async fetch),
+      // we can't tell whether an unknown skill is a stale entry or
+      // a valid uninstalled catalog skill. Only prune skills we can
+      // positively identify as local-but-disabled.
+      if (cachedCatalogIds.size === 0 && !allLocalSkillIds.has(itemSkillId)) continue;
+      log.info({ skillId: itemSkillId, nodeId: item.id, catalogSize: catalogIds.size, cacheSize: cachedCatalogIds.size }, "Pruning stale skill capability memory");
+      db.update(memoryGraphNodes)
+        .set({ fidelity: "gone", lastAccessed: now })
+        .where(eq(memoryGraphNodes.id, item.id))
+        .run();
     }
   } catch (err) {
     log.warn({ err }, "Failed to seed catalog skill memories");
   }
 }
+/**
+ * Seed capability memories for catalog skills that are not yet installed.
+ * This makes uninstalled skills discoverable via memory injection so the LLM
+ * can auto-install them via skill_load when relevant.
+ * Best-effort: errors are logged but never thrown.
+ */
+export async function seedUninstalledCatalogSkillMemories(): Promise<void> {
+  try {
+    const { getCatalog } = await import("./catalog-cache.js");
+    const fullCatalog = await getCatalog();
+    if (fullCatalog.length === 0) return;
+    const installedCatalog = loadSkillCatalog();
+    const installedIds = new Set(installedCatalog.map((s) => s.id));
+    const config = getConfig();
+    for (const entry of fullCatalog) {
+      if (installedIds.has(entry.id)) continue;
+      const flagKey = entry.metadata?.vellum?.["feature-flag"];
+      if (flagKey && !isAssistantFeatureFlagEnabled(flagKey, config)) continue;
+      const input = fromCatalogSkill(entry);
+      upsertSkillCapabilityMemory(entry.id, input);
+    }
+  } catch (err) {
+    log.warn({ err }, "Failed to seed uninstalled catalog skill memories");
+  }
+}

package/src/skills/skillssh-registry.ts CHANGED Viewed

@@ -5,6 +5,7 @@ import { dirname, join, resolve, sep } from "node:path";
 import { getWorkspaceSkillsDir } from "../util/platform.js";
 import { upsertSkillsIndex } from "./catalog-install.js";
+import { computeSkillHash, writeInstallMeta } from "./install-meta.js";
 // ─── Types ───────────────────────────────────────────────────────────────────
@@ -434,9 +435,12 @@ export function validateSkillSlug(slug: string): void {
  * 1. Validates the skill slug for path safety
  * 2. Fetches all files from `skills/<skillSlug>/` in the source repo
  * 3. Writes them to `<workspace>/skills/<skillSlug>/` with path traversal protection
- * 4. Writes `version.json` with origin metadata
- * 5. Runs `bun install` if a `package.json` is present
- * 6. Registers the skill in SKILLS.md only after all steps succeed
+ * 4. Writes `install-meta.json` with origin metadata
+ * 5. Installs npm dependencies (if package.json exists)
+ * 6. Updates SKILLS.md index
+ *
+ * Auto-enable and memory seeding are handled by the caller (e.g.
+ * `postInstallSkill()` in the daemon, or left to the user for CLI installs).
  */
 export async function installExternalSkill(
   owner: string,
@@ -444,6 +448,7 @@ export async function installExternalSkill(
   skillSlug: string,
   overwrite: boolean,
   ref?: string,
+  contactId?: string,
 ): Promise<void> {
   // Validate slug before using in filesystem paths
   validateSkillSlug(skillSlug);
@@ -480,20 +485,19 @@ export async function installExternalSkill(
     writeFileSync(destPath, content, "utf-8");
   }
-  // Write origin metadata
-  const meta = {
-    origin: "skills.sh",
-    source: `${owner}/${repo}`,
-    skillSlug,
+  // Write install metadata
+  writeInstallMeta(skillDir, {
+    origin: "skillssh",
+    slug: skillSlug,
+    sourceRepo: `${owner}/${repo}`,
     installedAt: new Date().toISOString(),
-  };
-  writeFileSync(
-    join(skillDir, "version.json"),
-    JSON.stringify(meta, null, 2) + "\n",
-    "utf-8",
-  );
+    ...(contactId ? { installedBy: contactId } : {}),
+    contentHash: computeSkillHash(skillDir) ?? undefined,
+  });
-  // Install npm dependencies if the skill ships a package.json
+  // Post-install: install dependencies first, then index the skill.
+  // Running bun install before upsertSkillsIndex ensures we don't index a
+  // skill whose dependencies failed to install.
   if (existsSync(join(skillDir, "package.json"))) {
     const bunPath = `${homedir()}/.bun/bin`;
     execSync("bun install", {
@@ -502,7 +506,5 @@ export async function installExternalSkill(
       env: { ...process.env, PATH: `${bunPath}:${process.env.PATH}` },
     });
   }
-  // Register in SKILLS.md only after files are written and deps installed
   upsertSkillsIndex(skillSlug);
 }

package/src/tasks/task-runner.ts CHANGED Viewed

@@ -64,8 +64,10 @@ export async function runTask(
     // Scheduled section; non-schedule tasks use "background" to stay out of
     // the main conversation list.
     conversationType: opts.source === "schedule" ? undefined : "background",
-    source: opts.source,
+    source: opts.source === "schedule" ? "schedule" : "task",
     scheduleJobId: opts.scheduleJobId,
+    groupId:
+      opts.source === "schedule" ? "system:scheduled" : "system:background",
     origin: "task",
     systemHint: `Task: ${task.title}`,
   });

package/src/telemetry/usage-telemetry-reporter.test.ts CHANGED Viewed

@@ -504,17 +504,15 @@ describe("UsageTelemetryReporter", () => {
     // No HTTP call should have been made
     expect(mockFetch).not.toHaveBeenCalled();
-    // All 6 watermarks should have been advanced (3 timestamps + 3 IDs)
-    expect(mockSetMemoryCheckpoint).toHaveBeenCalledTimes(6);
+    // All 3 timestamp watermarks should have been advanced (IDs left untouched
+    // so the compound-cursor branch stays active)
+    expect(mockSetMemoryCheckpoint).toHaveBeenCalledTimes(3);
     const calls = mockSetMemoryCheckpoint.mock.calls;
     const keys = calls.map((c) => c[0]);
     expect(keys).toContain("telemetry:usage:last_reported_at");
-    expect(keys).toContain("telemetry:usage:last_reported_id");
     expect(keys).toContain("telemetry:turns:last_reported_at");
-    expect(keys).toContain("telemetry:turns:last_reported_id");
     expect(keys).toContain("telemetry:lifecycle:last_reported_at");
-    expect(keys).toContain("telemetry:lifecycle:last_reported_id");
   });
   test("events sent normally after re-enabling collectUsageData", async () => {

package/src/tools/browser/runtime-check.ts CHANGED Viewed

@@ -1,6 +1,7 @@
 import { existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
 import { join } from "node:path";
+import { ensureBun } from "../../util/bun-runtime.js";
 import { getExternalDir } from "../../util/platform.js";
 export interface BrowserRuntimeStatus {
@@ -83,7 +84,8 @@ export async function importPlaywright(): Promise<typeof import("playwright")> {
     if (!existsSync(join(externalDir, "package.json"))) {
       writeFileSync(join(externalDir, "package.json"), '{"private":true}\n');
     }
-    const proc = Bun.spawn(["bun", "add", "playwright"], {
+    const bunPath = await ensureBun();
+    const proc = Bun.spawn([bunPath, "add", "playwright"], {
       cwd: externalDir,
       stdout: "pipe",
       stderr: "pipe",

package/src/tools/memory/register.ts CHANGED Viewed

@@ -1,67 +1,56 @@
 import { getConfig } from "../../config/loader.js";
+import {
+  handleRecall,
+  handleRemember,
+  type RecallInput,
+  type RememberInput,
+} from "../../memory/graph/tool-handlers.js";
+import {
+  graphRecallDefinition,
+  graphRememberDefinition,
+} from "../../memory/graph/tools.js";
 import { RiskLevel } from "../../permissions/types.js";
 import type { ToolDefinition } from "../../providers/types.js";
 import type { Tool, ToolContext, ToolExecutionResult } from "../types.js";
-import {
-  memoryManageDefinition,
-  memoryRecallDefinition,
-} from "./definitions.js";
-import {
-  handleMemoryDelete,
-  handleMemoryRecall,
-  handleMemorySave,
-  handleMemoryUpdate,
-} from "./handlers.js";
-// ── memory_manage ────────────────────────────────────────────────────
+// ── remember ────────────────────────────────────────────────────────
-class MemoryManageTool implements Tool {
-  name = "memory_manage";
-  description = memoryManageDefinition.description;
+class RememberTool implements Tool {
+  name = "remember";
+  description = graphRememberDefinition.description;
   category = "memory";
   defaultRiskLevel = RiskLevel.Low;
   getDefinition(): ToolDefinition {
-    return memoryManageDefinition;
+    return graphRememberDefinition;
   }
   async execute(
     input: Record<string, unknown>,
     context: ToolContext,
   ): Promise<ToolExecutionResult> {
-    const config = getConfig();
-    switch (input.op) {
-      case "save":
-        return handleMemorySave(
-          input,
-          config,
-          context.conversationId,
-          context.requestId,
-          context.memoryScopeId,
-        );
-      case "update":
-        return handleMemoryUpdate(input, config, context.memoryScopeId);
-      case "delete":
-        return handleMemoryDelete(input, config, context.memoryScopeId);
-      default:
-        return {
-          content: `Error: unknown op "${input.op}". Must be one of: save, update, delete`,
-          isError: true,
-        };
-    }
+    const result = handleRemember(
+      input as unknown as RememberInput,
+      context.conversationId,
+      context.memoryScopeId ?? "default",
+    );
+    return {
+      content: result.message,
+      isError: !result.success,
+    };
   }
 }
-// ── memory_recall ────────────────────────────────────────────────────
+// ── recall ──────────────────────────────────────────────────────────
-class MemoryRecallTool implements Tool {
-  name = "memory_recall";
-  description = memoryRecallDefinition.description;
+class RecallTool implements Tool {
+  name = "recall";
+  description = graphRecallDefinition.description;
   category = "memory";
   defaultRiskLevel = RiskLevel.Low;
   getDefinition(): ToolDefinition {
-    return memoryRecallDefinition;
+    return graphRecallDefinition;
   }
   async execute(
@@ -69,16 +58,44 @@ class MemoryRecallTool implements Tool {
     context: ToolContext,
   ): Promise<ToolExecutionResult> {
     const config = getConfig();
-    return handleMemoryRecall(
-      input,
+    const result = await handleRecall(
+      input as unknown as RecallInput,
       config,
-      context.memoryScopeId,
-      context.conversationId,
+      context.memoryScopeId ?? "default",
     );
+    if (result.results.length === 0) {
+      return { content: "No results found.", isError: false };
+    }
+    const formatted = result.results
+      .map((r) => {
+        const ts = formatTimestamp(r.created);
+        const meta =
+          result.mode === "memory"
+            ? `[${r.type}] ${ts} (confidence: ${r.confidence.toFixed(2)}, score: ${r.score.toFixed(3)})`
+            : `[archive] ${ts}`;
+        return `${meta}\n${r.content}`;
+      })
+      .join("\n\n---\n\n");
+    return { content: formatted, isError: false };
   }
 }
+// ── Helpers ─────────────────────────────────────────────────────────
+function formatTimestamp(epochMs: number): string {
+  const d = new Date(epochMs);
+  const mm = String(d.getMonth() + 1).padStart(2, "0");
+  const dd = String(d.getDate()).padStart(2, "0");
+  const yy = String(d.getFullYear()).slice(-2);
+  const hh = String(d.getHours()).padStart(2, "0");
+  const min = String(d.getMinutes()).padStart(2, "0");
+  return `${mm}/${dd}/${yy} ${hh}:${min}`;
+}
 // ── Exported tool instances ──────────────────────────────────────────
-export const memoryManageTool = new MemoryManageTool();
-export const memoryRecallTool = new MemoryRecallTool();
+export const rememberTool = new RememberTool();
+export const recallTool = new RecallTool();

package/src/tools/permission-checker.ts CHANGED Viewed

@@ -8,6 +8,7 @@ import {
 } from "../permissions/checker.js";
 import type { PermissionPrompter } from "../permissions/prompter.js";
 import { addRule } from "../permissions/trust-store.js";
+import { RiskLevel } from "../permissions/types.js";
 import {
   getEffectiveMode,
   setConversationMode,
@@ -145,6 +146,10 @@ export class PermissionChecker {
         // Exception: inline-command skill loads (skill_load_dynamic:*) must
         // never be silently auto-approved — they execute embedded commands
         // and require explicit human review or a pinned trust rule.
+        // Exception: high-risk tools (e.g. destructive shell commands, writes
+        // to sensitive paths) are denied — unattended sessions must not
+        // auto-approve operations that could cause significant damage if
+        // triggered by prompt injection from untrusted content.
         const isDynamicSkillLoad =
           result.matchedRule?.pattern.startsWith("skill_load_dynamic:") ===
           true;
@@ -152,7 +157,8 @@ export class PermissionChecker {
           context.isInteractive === false &&
           context.trustClass === "guardian" &&
           !context.requireFreshApproval &&
-          !isDynamicSkillLoad
+          !isDynamicSkillLoad &&
+          riskLevel !== RiskLevel.High
         ) {
           log.info(
             { toolName: name, riskLevel },