@vellumai/assistant 0.5.2 → 0.5.3

package/src/oauth/oauth-store.ts

@@ -274,10 +274,12 @@ export async function upsertApp(
       // can detect that a concurrent caller has claimed this row. Without
       // this, a concurrent inserter's rollback DELETE would still match on
       // the original updatedAt and delete the row we just validated.
+      const newUpdatedAt = Date.now();
       db.update(oauthApps)
-        .set({ updatedAt: Date.now() })
+        .set({ updatedAt: newUpdatedAt })
         .where(eq(oauthApps.id, existingRow.id))
         .run();
+      return { ...existingRow, updatedAt: newUpdatedAt };
     }
     if (clientSecretCredentialPath) {
       db.update(oauthApps)

package/src/permissions/checker.ts

@@ -2,12 +2,15 @@ import { createHash } from "node:crypto";
 import { homedir } from "node:os";
 import { dirname, resolve } from "node:path";
 
+import { isAssistantFeatureFlagEnabled } from "../config/assistant-feature-flags.js";
 import { getConfig } from "../config/loader.js";
-import { resolveSkillSelector } from "../config/skills.js";
+import { loadSkillCatalog, resolveSkillSelector } from "../config/skills.js";
+import { indexCatalogById } from "../skills/include-graph.js";
 import {
   isSkillSourcePath,
   normalizeFilePath,
 } from "../skills/path-classifier.js";
+import { computeTransitiveSkillVersionHash } from "../skills/transitive-version-hash.js";
 import { computeSkillVersionHash } from "../skills/version-hash.js";
 import type { ManifestOverride } from "../tools/execution-target.js";
 import {
@@ -352,6 +355,34 @@ function resolveSkillIdAndHash(
   }
 }
 
+/**
+ * Check whether a skill (by id) has parsed inline command expansions.
+ * Returns false when the skill is not found in the catalog.
+ */
+function hasInlineExpansions(skillId: string): boolean {
+  const catalog = loadSkillCatalog();
+  const skill = catalog.find((s) => s.id === skillId);
+  return (
+    skill?.inlineCommandExpansions != null &&
+    skill.inlineCommandExpansions.length > 0
+  );
+}
+
+/**
+ * Compute the transitive version hash for a skill, returning `undefined`
+ * when computation fails (missing includes, cycle, etc.). The permission
+ * layer falls back to the any-version candidate in that case.
+ */
+function computeTransitiveHashSafe(skillId: string): string | undefined {
+  try {
+    const catalog = loadSkillCatalog();
+    const index = indexCatalogById(catalog);
+    return computeTransitiveSkillVersionHash(skillId, index);
+  } catch {
+    return undefined;
+  }
+}
+
 function canonicalizeWebFetchUrl(parsed: URL): URL {
   parsed.hash = "";
   parsed.username = "";
@@ -433,13 +464,39 @@ async function buildCommandCandidates(
       targets.push("");
     } else {
       const resolved = resolveSkillIdAndHash(rawSelector);
-      if (resolved && resolved.versionHash) {
-        // Version-specific candidate lets rules pin to an exact skill version
-        targets.push(`${resolved.id}@${resolved.versionHash}`);
+
+      // When the resolved skill contains inline command expansions and the
+      // feature flag is on, emit skill_load_dynamic: candidates so the
+      // higher-priority default ask rule catches them instead of falling
+      // through to the permissive skill_load:* allow rule.
+      const config = getConfig();
+      const inlineEnabled = isAssistantFeatureFlagEnabled(
+        "feature_flags.inline-skill-commands.enabled",
+        config,
+      );
+
+      if (resolved && inlineEnabled && hasInlineExpansions(resolved.id)) {
+        const transitiveHash = computeTransitiveHashSafe(resolved.id);
+        if (transitiveHash) {
+          targets.push(`skill_load_dynamic:${resolved.id}@${transitiveHash}`);
+        }
+        targets.push(`skill_load_dynamic:${resolved.id}`);
+        // Don't fall through to skill_load:* — dynamic skills use their own
+        // candidate namespace so the default ask rule applies.
+      } else {
+        if (resolved && resolved.versionHash) {
+          // Version-specific candidate lets rules pin to an exact skill version
+          targets.push(`${resolved.id}@${resolved.versionHash}`);
+        }
+        targets.push(rawSelector);
       }
-      targets.push(rawSelector);
     }
-    return [...new Set(targets)].map((target) => `${toolName}:${target}`);
+
+    // Dynamic candidates use skill_load_dynamic: prefix; normal ones use skill_load:
+    return [...new Set(targets)].map((target) => {
+      if (target.startsWith("skill_load_dynamic:")) return target;
+      return `${toolName}:${target}`;
+    });
   }
 
   if (
@@ -1084,6 +1141,32 @@ function skillLoadAllowlistStrategy(
 
   if (rawSelector) {
     const resolved = resolveSkillIdAndHash(rawSelector);
+
+    // Check whether this is a dynamic (inline-command) skill load
+    const config = getConfig();
+    const inlineEnabled = isAssistantFeatureFlagEnabled(
+      "feature_flags.inline-skill-commands.enabled",
+      config,
+    );
+
+    if (resolved && inlineEnabled && hasInlineExpansions(resolved.id)) {
+      const transitiveHash = computeTransitiveHashSafe(resolved.id);
+      const options: AllowlistOption[] = [];
+      if (transitiveHash) {
+        options.push({
+          label: `${resolved.id}@${transitiveHash}`,
+          description: "This exact version (pinned)",
+          pattern: `skill_load_dynamic:${resolved.id}@${transitiveHash}`,
+        });
+      }
+      options.push({
+        label: resolved.id,
+        description: "This skill (any version)",
+        pattern: `skill_load_dynamic:${resolved.id}`,
+      });
+      return options;
+    }
+
     if (resolved && resolved.versionHash) {
       return [
         {

package/src/permissions/defaults.ts

@@ -198,6 +198,19 @@ export function getDefaultRuleTemplates(): DefaultRuleTemplate[] {
     })),
   );
 
+  // Inline-command skill loads use a distinct candidate namespace
+  // (skill_load_dynamic:*) so they prompt by default instead of falling
+  // through to the permissive skill_load:* allow rule below. The higher
+  // priority ensures this rule wins when both could match.
+  const skillLoadDynamicRule: DefaultRuleTemplate = {
+    id: "default:ask-skill_load_dynamic-global",
+    tool: "skill_load",
+    pattern: "skill_load_dynamic:*",
+    scope: "everywhere",
+    decision: "ask",
+    priority: 200,
+  };
+
   const skillLoadRule: DefaultRuleTemplate = {
     id: "default:allow-skill_load-global",
     tool: "skill_load",
@@ -294,6 +307,7 @@ export function getDefaultRuleTemplates(): DefaultRuleTemplate[] {
     bootstrapDeleteRule,
     updatesDeleteRule,
     ...skillSourceMutationRules,
+    skillLoadDynamicRule,
     skillLoadRule,
     skillExecuteRule,
     browserNavigateRule,

package/src/runtime/routes/conversation-management-routes.ts

@@ -275,6 +275,12 @@ export function conversationManagementRouteDefinitions(
             targetId: itemId,
           });
         }
+        for (const summaryId of deleted.deletedSummaryIds) {
+          enqueueMemoryJob("delete_qdrant_vectors", {
+            targetType: "summary",
+            targetId: summaryId,
+          });
+        }
         log.info({ conversationId: resolvedId }, "Deleted conversation");
         return new Response(null, { status: 204 });
       },

package/src/runtime/routes/conversation-query-routes.ts

@@ -225,6 +225,13 @@ export function conversationQueryRouteDefinitions(
             400,
           );
         }
+        if (body.model !== undefined && typeof body.model !== "string") {
+          return httpError(
+            "BAD_REQUEST",
+            "Field 'model' must be a string",
+            400,
+          );
+        }
         try {
           const info = await setEmbeddingConfig(
             body.provider,

package/src/runtime/routes/conversation-routes.ts

@@ -81,6 +81,9 @@ import {
 
 const log = getLogger("conversation-routes");
 
+/** Matches the `<no_response/>` sentinel used by channel delivery suppression. */
+const NO_RESPONSE_INLINE_RE = /<no_response\s*\/?>/g;
+
 const SUGGESTION_CACHE_MAX = 100;
 
 function collectCanonicalGuardianRequestHintIds(
@@ -363,6 +366,48 @@ export function handleListMessages(
       content = msg.content;
     }
     const rendered = renderHistoryContent(content);
+
+    // Strip <no_response/> markers from assistant messages so web/API
+    // clients never see the raw sentinel. Only assistant messages produce
+    // this marker; user messages are left untouched.
+    if (msg.role === "assistant") {
+      const originalSegments = rendered.textSegments;
+      const keepIndices: number[] = [];
+      const filteredSegments: string[] = [];
+      for (let i = 0; i < originalSegments.length; i++) {
+        const cleaned = originalSegments[i]
+          .replace(NO_RESPONSE_INLINE_RE, "")
+          .trim();
+        if (cleaned.length > 0) {
+          keepIndices.push(i);
+          filteredSegments.push(cleaned);
+        }
+      }
+      // Remap contentOrder text:N indices to account for removed segments
+      const indexMap = new Map<number, number>();
+      keepIndices.forEach((oldIdx, newIdx) => indexMap.set(oldIdx, newIdx));
+      const filteredContentOrder = rendered.contentOrder
+        .map((entry) => {
+          const m = entry.match(/^text:(\d+)$/);
+          if (!m) return entry;
+          const newIdx = indexMap.get(Number(m[1]));
+          return newIdx !== undefined ? `text:${newIdx}` : undefined;
+        })
+        .filter((e): e is string => e !== undefined);
+
+      return {
+        role: msg.role,
+        text: rendered.text.replace(NO_RESPONSE_INLINE_RE, "").trim(),
+        timestamp: msg.createdAt,
+        toolCalls: rendered.toolCalls,
+        toolCallsBeforeText: rendered.toolCallsBeforeText,
+        textSegments: filteredSegments,
+        contentOrder: filteredContentOrder,
+        surfaces: rendered.surfaces,
+        id: msg.id,
+      };
+    }
+
     return {
       role: msg.role,
       text: rendered.text,
@@ -1240,11 +1285,13 @@ async function generateLlmSuggestion(
     return null;
   }
   if (firstLine.length <= 50) return firstLine;
-  // Truncate at last word boundary within 50 chars
-  const wordTruncated = firstLine
-    .slice(0, 50)
-    .replace(/\s+\S*$/, "")
-    .trim();
+  // Truncate at last word boundary within 50 chars.
+  // Only strip the trailing partial word if the slice actually cut mid-word;
+  // if the character right after the cut is whitespace, the slice is already clean.
+  const sliced = firstLine.slice(0, 50);
+  const wordTruncated = (
+    /\s/.test(firstLine[50]) ? sliced : sliced.replace(/\s+\S*$/, "")
+  ).trim();
   if (wordTruncated.length < 15) {
     log.debug(
       { rawLength: firstLine.length, truncatedLength: wordTruncated.length },

package/src/runtime/routes/identity-routes.ts

@@ -8,6 +8,7 @@ import { dirname, join } from "node:path";
 import { fileURLToPath } from "node:url";
 
 import { getBaseDataDir } from "../../config/env-registry.js";
+import { parseIdentityFields } from "../../daemon/handlers/identity.js";
 import { getWorkspacePromptPath, readLockfile } from "../../util/platform.js";
 import { httpError } from "../http-errors.js";
 import type { RouteDefinition } from "../http-router.js";
@@ -149,41 +150,7 @@ export function handleGetIdentity(): Response {
   }
 
   const content = readFileSync(identityPath, "utf-8");
-  const fields: Record<string, string> = {};
-  for (const line of content.split("\n")) {
-    const trimmed = line.trim();
-    const lower = trimmed.toLowerCase();
-    const extract = (prefix: string): string | null => {
-      if (!lower.startsWith(prefix)) return null;
-      return trimmed.split(":**").pop()?.trim() ?? null;
-    };
-
-    const name = extract("- **name:**");
-    if (name) {
-      fields.name = name;
-      continue;
-    }
-    const role = extract("- **role:**");
-    if (role) {
-      fields.role = role;
-      continue;
-    }
-    const personality = extract("- **personality:**") ?? extract("- **vibe:**");
-    if (personality) {
-      fields.personality = personality;
-      continue;
-    }
-    const emoji = extract("- **emoji:**");
-    if (emoji) {
-      fields.emoji = emoji;
-      continue;
-    }
-    const home = extract("- **home:**");
-    if (home) {
-      fields.home = home;
-      continue;
-    }
-  }
+  const fields = parseIdentityFields(content);
 
   const version = getPackageVersion();
 

package/src/runtime/routes/llm-context-normalization.ts

@@ -86,7 +86,8 @@ export function normalizeLlmContextPayloads(
   }
 
   if (requestCandidate) {
-    return requestCandidate as LlmContextNormalizationResult;
+    const { summary, requestSections, responseSections } = requestCandidate;
+    return { summary, requestSections, responseSections };
   }
 
   if (responseCandidate) {
@@ -123,6 +124,7 @@ function normalizeOpenAiRequestPayload(
 
   const requestToolNames = extractOpenAiRequestToolNames(request.tools);
   const hasOpenAiSignal =
+    hasOpenAiModelPrefix(asString(request.model)) ||
     requestToolNames.length > 0 ||
     asString(request.tool_choice) !== undefined ||
     (request.parallel_tool_calls !== undefined &&
@@ -291,6 +293,7 @@ function normalizeAnthropicRequestPayload(
     }),
   );
   const hasAnthropicSignal =
+    hasAnthropicModelPrefix(asString(request.model)) ||
     request.system !== undefined ||
     requestToolNames.length > 0 ||
     isAnthropicToolChoice(request.tool_choice) ||
@@ -1171,6 +1174,16 @@ function normalizeCompatibleRequestPayload(
   }
 }
 
+function hasOpenAiModelPrefix(model: string | undefined): boolean {
+  if (!model) return false;
+  return /^(gpt-|chatgpt-|ft:|o[1-9]\d*(-|$))/.test(model);
+}
+
+function hasAnthropicModelPrefix(model: string | undefined): boolean {
+  if (!model) return false;
+  return model.startsWith("claude-");
+}
+
 function asRecord(value: unknown): Record<string, unknown> | null {
   if (typeof value !== "object" || value == null || Array.isArray(value)) {
     return null;

package/src/runtime/routes/memory-item-routes.ts

@@ -8,13 +8,17 @@
  * DELETE /v1/memory-items/:id    — delete a memory item and its embeddings
  */
 
-import { and, asc, count, desc, eq, like, ne, or } from "drizzle-orm";
+import { and, asc, count, desc, eq, inArray, like, ne, or } from "drizzle-orm";
 import { v4 as uuid } from "uuid";
 
 import { getDb } from "../../memory/db.js";
 import { computeMemoryFingerprint } from "../../memory/fingerprint.js";
 import { enqueueMemoryJob } from "../../memory/jobs-store.js";
-import { memoryEmbeddings, memoryItems } from "../../memory/schema.js";
+import {
+  conversations,
+  memoryEmbeddings,
+  memoryItems,
+} from "../../memory/schema.js";
 import { truncate } from "../../util/truncate.js";
 import { httpError } from "../http-errors.js";
 import type { RouteContext, RouteDefinition } from "../http-router.js";
@@ -64,6 +68,54 @@ function isValidSortField(value: string): value is SortField {
   return (VALID_SORT_FIELDS as readonly string[]).includes(value);
 }
 
+/**
+ * Resolve a `scopeLabel` for a memory item based on its `scopeId`.
+ *
+ * - `"default"` → `null`
+ * - `"private:<conversationId>"` → `"Private · <title>"` when the conversation
+ *   has a title, or `"Private"` when it doesn't (or the conversation was deleted).
+ */
+function resolveScopeLabel(
+  scopeId: string,
+  titleMap: Map<string, string | null>,
+): string | null {
+  if (scopeId === "default") return null;
+  if (scopeId.startsWith("private:")) {
+    const conversationId = scopeId.slice("private:".length);
+    const title = titleMap.get(conversationId);
+    return title ? `Private · ${title}` : "Private";
+  }
+  return null;
+}
+
+/**
+ * Batch-fetch conversation titles for a set of private-scoped memory items.
+ * Returns a Map from conversation ID → title (or null).
+ */
+function buildConversationTitleMap(
+  db: ReturnType<typeof getDb>,
+  scopeIds: string[],
+): Map<string, string | null> {
+  const conversationIds = scopeIds
+    .filter((s) => s.startsWith("private:"))
+    .map((s) => s.slice("private:".length));
+
+  const uniqueIds = [...new Set(conversationIds)];
+  if (uniqueIds.length === 0) return new Map();
+
+  const rows = db
+    .select({ id: conversations.id, title: conversations.title })
+    .from(conversations)
+    .where(inArray(conversations.id, uniqueIds))
+    .all();
+
+  const map = new Map<string, string | null>();
+  for (const row of rows) {
+    map.set(row.id, row.title);
+  }
+  return map;
+}
+
 // ---------------------------------------------------------------------------
 // GET /v1/memory-items
 // ---------------------------------------------------------------------------
@@ -145,7 +197,17 @@ export function handleListMemoryItems(url: URL): Response {
     .offset(offsetParam)
     .all();
 
-  return Response.json({ items, total });
+  // Resolve scope labels for private-scoped items
+  const titleMap = buildConversationTitleMap(
+    db,
+    items.map((i) => i.scopeId),
+  );
+  const enrichedItems = items.map((item) => ({
+    ...item,
+    scopeLabel: resolveScopeLabel(item.scopeId, titleMap),
+  }));
+
+  return Response.json({ items: enrichedItems, total });
 }
 
 // ---------------------------------------------------------------------------
@@ -187,9 +249,14 @@ export function handleGetMemoryItem(ctx: RouteContext): Response {
     supersededBySubject = superseding?.subject;
   }
 
+  // Resolve scope label
+  const titleMap = buildConversationTitleMap(db, [item.scopeId]);
+  const scopeLabel = resolveScopeLabel(item.scopeId, titleMap);
+
   return Response.json({
     item: {
       ...item,
+      scopeLabel,
       ...(supersedesSubject !== undefined ? { supersedesSubject } : {}),
       ...(supersededBySubject !== undefined ? { supersededBySubject } : {}),
     },
@@ -303,7 +370,14 @@ export async function handleCreateMemoryItem(
     .where(eq(memoryItems.id, id))
     .get();
 
-  return Response.json({ item: insertedRow }, { status: 201 });
+  // Enrich with scopeLabel for API consistency
+  const titleMap = buildConversationTitleMap(db, [scopeId]);
+  const scopeLabel = resolveScopeLabel(scopeId, titleMap);
+
+  return Response.json(
+    { item: { ...insertedRow, scopeLabel } },
+    { status: 201 },
+  );
 }
 
 // ---------------------------------------------------------------------------
@@ -430,7 +504,18 @@ export async function handleUpdateMemoryItem(
     .where(eq(memoryItems.id, id))
     .get();
 
-  return Response.json({ item: updatedRow });
+  // Enrich with scopeLabel for API consistency
+  const patchTitleMap = buildConversationTitleMap(db, [
+    updatedRow?.scopeId ?? existing.scopeId,
+  ]);
+  const patchScopeLabel = resolveScopeLabel(
+    updatedRow?.scopeId ?? existing.scopeId,
+    patchTitleMap,
+  );
+
+  return Response.json({
+    item: { ...updatedRow, scopeLabel: patchScopeLabel },
+  });
 }
 
 // ---------------------------------------------------------------------------

package/src/runtime/routes/secret-routes.ts

@@ -11,6 +11,7 @@ import {
 } from "../../config/loader.js";
 import type { CesClient } from "../../credential-execution/client.js";
 import { setSentryOrganizationId } from "../../instrument.js";
+import { clearEmbeddingBackendCache } from "../../memory/embedding-backend.js";
 import { syncManualTokenConnection } from "../../oauth/manual-token-connection.js";
 import { validateAnthropicApiKey } from "../../providers/anthropic/client.js";
 import { validateGeminiApiKey } from "../../providers/gemini/client.js";
@@ -346,6 +347,7 @@ export async function handleDeleteSecret(req: Request): Promise<Response> {
           500,
         );
       }
+      clearEmbeddingBackendCache();
       invalidateConfigCache();
       await initializeProviders(getConfig());
       log.info({ provider: name }, "API key deleted via HTTP");

package/src/runtime/routes/surface-action-routes.ts

@@ -5,8 +5,15 @@
  * Requires the conversation to already exist (does not create new conversations).
  */
 import { getLogger } from "../../util/logger.js";
+import { DAEMON_INTERNAL_ASSISTANT_ID } from "../assistant-scope.js";
+import type { AuthContext } from "../auth/types.js";
+import { healGuardianBindingDrift } from "../guardian-vellum-migration.js";
 import { httpError } from "../http-errors.js";
 import type { RouteDefinition } from "../http-router.js";
+import {
+  resolveTrustContext,
+  withSourceChannel,
+} from "../trust-context-resolver.js";
 
 const log = getLogger("surface-action-routes");
 
@@ -18,6 +25,11 @@ interface SurfaceActionTarget {
     data?: Record<string, unknown>,
   ): void;
   handleSurfaceUndo?(surfaceId: string): void;
+  setTrustContext?(ctx: {
+    trustClass: "guardian" | "trusted_contact" | "unknown";
+    sourceChannel: string;
+  }): void;
+  trustContext?: { trustClass: string } | null;
 }
 
 export type ConversationLookup = (
@@ -28,6 +40,53 @@ export type ConversationLookupBySurfaceId = (
   surfaceId: string,
 ) => SurfaceActionTarget | undefined;
 
+/**
+ * Resolve trust context from the request's auth context and set it on the
+ * conversation, following the same pattern as POST /v1/messages. This ensures
+ * surface actions inherit the correct trust class (guardian vs trusted_contact)
+ * rather than defaulting to unknown.
+ */
+function applyTrustContext(
+  conversation: SurfaceActionTarget,
+  authContext: AuthContext,
+): void {
+  if (!conversation.setTrustContext) return;
+
+  const sourceChannel = "vellum";
+
+  if (authContext.actorPrincipalId) {
+    const assistantId = DAEMON_INTERNAL_ASSISTANT_ID;
+    let trustCtx = resolveTrustContext({
+      assistantId,
+      sourceChannel,
+      conversationExternalId: "local",
+      actorExternalId: authContext.actorPrincipalId,
+    });
+    if (trustCtx.trustClass === "unknown") {
+      const healed = healGuardianBindingDrift(authContext.actorPrincipalId);
+      if (healed) {
+        trustCtx = resolveTrustContext({
+          assistantId,
+          sourceChannel,
+          conversationExternalId: "local",
+          actorExternalId: authContext.actorPrincipalId,
+        });
+        log.info(
+          {
+            actorPrincipalId: authContext.actorPrincipalId,
+            trustClass: trustCtx.trustClass,
+          },
+          "Trust re-resolved after guardian binding drift heal (surface action)",
+        );
+      }
+    }
+    conversation.setTrustContext(withSourceChannel(sourceChannel, trustCtx));
+  } else {
+    // Service principals or tokens without an actor ID get guardian context.
+    conversation.setTrustContext({ trustClass: "guardian", sourceChannel });
+  }
+}
+
 /**
  * POST /v1/surface-actions — handle a UI surface action.
  *
@@ -37,6 +96,7 @@ export async function handleSurfaceAction(
   req: Request,
   findConversation: ConversationLookup,
   findConversationBySurfaceId?: ConversationLookupBySurfaceId,
+  authContext?: AuthContext,
 ): Promise<Response> {
   const body = (await req.json()) as {
     conversationId?: string | null;
@@ -65,6 +125,12 @@ export async function handleSurfaceAction(
     return httpError("NOT_FOUND", "No active conversation found", 404);
   }
 
+  // Resolve trust context from the request's auth headers so the conversation
+  // has the correct trust class for tool approval decisions.
+  if (authContext) {
+    applyTrustContext(conversation, authContext);
+  }
+
   try {
     conversation.handleSurfaceAction(surfaceId, actionId, data);
     log.info(
@@ -143,7 +209,7 @@ export function surfaceActionRouteDefinitions(deps: {
     {
       endpoint: "surface-actions",
       method: "POST",
-      handler: async ({ req }) => {
+      handler: async ({ req, authContext }) => {
         if (!deps.findConversation) {
           return httpError(
             "NOT_IMPLEMENTED",
@@ -155,6 +221,7 @@ export function surfaceActionRouteDefinitions(deps: {
           req,
           deps.findConversation,
           deps.findConversationBySurfaceId,
+          authContext,
         );
       },
     },

package/src/schedule/schedule-store.ts

@@ -202,6 +202,27 @@ export function listSchedules(options?: {
   return rows.map(parseJobRow);
 }
 
+/**
+ * Return enabled schedules whose next run falls within a time window.
+ * Used by the memory brief compiler to surface due-soon schedule entries.
+ */
+export function getDueSoonSchedules(
+  now: number,
+  horizonMs: number,
+): ScheduleJob[] {
+  const db = getDb();
+  const cutoff = now + horizonMs;
+  const rows = db
+    .select()
+    .from(scheduleJobs)
+    .where(
+      and(eq(scheduleJobs.enabled, true), lte(scheduleJobs.nextRunAt, cutoff)),
+    )
+    .orderBy(asc(scheduleJobs.nextRunAt))
+    .all();
+  return rows.map(parseJobRow);
+}
+
 export function updateSchedule(
   id: string,
   updates: {