@vellumai/assistant 0.5.2 → 0.5.4

package/src/memory/schema/memory-archive.ts

@@ -0,0 +1,121 @@
+import {
+  index,
+  integer,
+  sqliteTable,
+  text,
+  uniqueIndex,
+} from "drizzle-orm/sqlite-core";
+
+import { conversations, messages } from "./conversations.js";
+
+/**
+ * Raw observation records captured from conversation turns. Each observation
+ * is a single factual statement extracted from user or assistant messages,
+ * annotated with modality and source metadata for downstream recall.
+ */
+export const memoryObservations = sqliteTable(
+  "memory_observations",
+  {
+    id: text("id").primaryKey(),
+    scopeId: text("scope_id").notNull().default("default"),
+    conversationId: text("conversation_id")
+      .notNull()
+      .references(() => conversations.id, { onDelete: "cascade" }),
+    messageId: text("message_id").references(() => messages.id, {
+      onDelete: "set null",
+    }),
+    /** The role that produced the observation (e.g. "user", "assistant"). */
+    role: text("role").notNull(),
+    /** Free-text statement capturing the observed fact. */
+    content: text("content").notNull(),
+    /**
+     * Modality of the source material: "text", "voice", "image", etc.
+     * Enables downstream filters for recall relevance.
+     */
+    modality: text("modality").notNull().default("text"),
+    /**
+     * Source channel or interface that produced the observation
+     * (e.g. "vellum", "telegram", "phone").
+     */
+    source: text("source"),
+    createdAt: integer("created_at").notNull(),
+  },
+  (table) => [
+    index("idx_memory_observations_scope_id").on(table.scopeId),
+    index("idx_memory_observations_conversation_id").on(table.conversationId),
+    index("idx_memory_observations_created_at").on(table.createdAt),
+  ],
+);
+
+/**
+ * Deduplicated content chunks derived from observations. Chunks are the unit
+ * of embedding and recall — each chunk carries a contentHash for idempotent
+ * dual-write safety so the same content is never stored twice.
+ */
+export const memoryChunks = sqliteTable(
+  "memory_chunks",
+  {
+    id: text("id").primaryKey(),
+    scopeId: text("scope_id").notNull().default("default"),
+    observationId: text("observation_id")
+      .notNull()
+      .references(() => memoryObservations.id, { onDelete: "cascade" }),
+    /** The chunk text used for embedding and recall. */
+    content: text("content").notNull(),
+    /** Token count estimate for context-window budgeting. */
+    tokenEstimate: integer("token_estimate").notNull(),
+    /**
+     * SHA-256 hash of the normalized content, used to skip duplicate inserts
+     * during dual-write windows.
+     */
+    contentHash: text("content_hash").notNull(),
+    createdAt: integer("created_at").notNull(),
+  },
+  (table) => [
+    index("idx_memory_chunks_scope_id").on(table.scopeId),
+    index("idx_memory_chunks_observation_id").on(table.observationId),
+    uniqueIndex("idx_memory_chunks_content_hash").on(
+      table.scopeId,
+      table.contentHash,
+    ),
+    index("idx_memory_chunks_created_at").on(table.createdAt),
+  ],
+);
+
+/**
+ * Episode records that group related observations into coherent narrative
+ * units. An episode represents a meaningful interaction or topic span,
+ * with source-link metadata for provenance tracking.
+ */
+export const memoryEpisodes = sqliteTable(
+  "memory_episodes",
+  {
+    id: text("id").primaryKey(),
+    scopeId: text("scope_id").notNull().default("default"),
+    conversationId: text("conversation_id")
+      .notNull()
+      .references(() => conversations.id, { onDelete: "cascade" }),
+    /** Human-readable title summarizing the episode. */
+    title: text("title").notNull(),
+    /** Longer narrative summary of the episode content. */
+    summary: text("summary").notNull(),
+    /** Token count estimate for the summary. */
+    tokenEstimate: integer("token_estimate").notNull(),
+    /**
+     * Source channel or interface that produced the episode
+     * (mirrors observation.source for episode-level filtering).
+     */
+    source: text("source"),
+    /** Epoch-ms timestamp of the earliest observation in the episode. */
+    startAt: integer("start_at").notNull(),
+    /** Epoch-ms timestamp of the latest observation in the episode. */
+    endAt: integer("end_at").notNull(),
+    createdAt: integer("created_at").notNull(),
+    updatedAt: integer("updated_at").notNull(),
+  },
+  (table) => [
+    index("idx_memory_episodes_scope_id").on(table.scopeId),
+    index("idx_memory_episodes_conversation_id").on(table.conversationId),
+    index("idx_memory_episodes_created_at").on(table.createdAt),
+  ],
+);

package/src/memory/schema/memory-brief.ts

@@ -0,0 +1,55 @@
+import { index, integer, sqliteTable, text } from "drizzle-orm/sqlite-core";
+
+/**
+ * Time contexts represent bounded temporal windows that are relevant to the
+ * assistant's current awareness — e.g. "user is traveling next week",
+ * "quarterly planning period ends Friday".  Each row captures one window
+ * with an activation range and a human-readable summary the brief can surface.
+ */
+export const timeContexts = sqliteTable(
+  "time_contexts",
+  {
+    id: text("id").primaryKey(),
+    scopeId: text("scope_id").notNull(),
+    summary: text("summary").notNull(),
+    source: text("source").notNull(), // e.g. 'conversation', 'schedule', 'manual'
+    activeFrom: integer("active_from").notNull(), // epoch ms — window start
+    activeUntil: integer("active_until").notNull(), // epoch ms — window end
+    createdAt: integer("created_at").notNull(),
+    updatedAt: integer("updated_at").notNull(),
+  },
+  (table) => [
+    index("idx_time_contexts_scope_active_until").on(
+      table.scopeId,
+      table.activeUntil,
+    ),
+  ],
+);
+
+/**
+ * Open loops track unresolved items the assistant should follow up on —
+ * e.g. "waiting for Bob's reply", "need to file taxes before April 15".
+ * Each row carries a status and an optional due date so the brief can
+ * prioritise which loops to surface.
+ */
+export const openLoops = sqliteTable(
+  "open_loops",
+  {
+    id: text("id").primaryKey(),
+    scopeId: text("scope_id").notNull(),
+    summary: text("summary").notNull(),
+    status: text("status").notNull().default("open"), // 'open' | 'resolved' | 'expired'
+    source: text("source").notNull(), // e.g. 'conversation', 'followup', 'manual'
+    dueAt: integer("due_at"), // epoch ms — optional deadline
+    surfacedAt: integer("surfaced_at"), // epoch ms — last time shown in brief
+    createdAt: integer("created_at").notNull(),
+    updatedAt: integer("updated_at").notNull(),
+  },
+  (table) => [
+    index("idx_open_loops_scope_status_due").on(
+      table.scopeId,
+      table.status,
+      table.dueAt,
+    ),
+  ],
+);

package/src/memory/search/semantic.ts

@@ -61,6 +61,7 @@ export async function semanticSearch(
         fetchLimit,
         ["item", "summary", "segment", "media"],
         excludedMessageIds,
+        scopeIds,
       ),
     );
   }
@@ -277,13 +278,13 @@ export async function semanticSearch(
  * Build a Qdrant filter for hybrid search. Mirrors the logic in
  * `searchWithFilter` but as a standalone object for the query API.
  *
- * Scope filtering: items and media store `memory_scope_id` on the Qdrant
- * point payload, so we can filter at the Qdrant level. Segments and
- * summaries rely on post-query DB filtering (same as dense-only search).
+ * Scope filtering: points with a `memory_scope_id` payload field are
+ * filtered at the Qdrant level. Legacy points without the field pass
+ * through and are caught by post-query DB filtering.
  */
 function buildHybridFilter(
   excludeMessageIds: string[],
-  _scopeIds?: string[],
+  scopeIds?: string[],
 ): Record<string, unknown> {
   const mustConditions: Array<Record<string, unknown>> = [
     {
@@ -310,6 +311,18 @@ function buildHybridFilter(
     });
   }
 
+  // Scope filtering: accept points whose memory_scope_id matches one of the
+  // allowed scopes, OR points that lack the field entirely (legacy data).
+  // Post-query DB filtering remains as defense-in-depth for legacy points.
+  if (scopeIds && scopeIds.length > 0) {
+    mustConditions.push({
+      should: [
+        { key: "memory_scope_id", match: { any: scopeIds } },
+        { is_empty: { key: "memory_scope_id" } },
+      ],
+    });
+  }
+
   const mustNotConditions: Array<Record<string, unknown>> = [
     { key: "_meta", match: { value: true } },
   ];

package/src/oauth/oauth-store.ts

@@ -274,10 +274,12 @@ export async function upsertApp(
       // can detect that a concurrent caller has claimed this row. Without
       // this, a concurrent inserter's rollback DELETE would still match on
       // the original updatedAt and delete the row we just validated.
+      const newUpdatedAt = Date.now();
       db.update(oauthApps)
-        .set({ updatedAt: Date.now() })
+        .set({ updatedAt: newUpdatedAt })
         .where(eq(oauthApps.id, existingRow.id))
         .run();
+      return { ...existingRow, updatedAt: newUpdatedAt };
     }
     if (clientSecretCredentialPath) {
       db.update(oauthApps)

package/src/permissions/checker.ts

@@ -2,12 +2,15 @@ import { createHash } from "node:crypto";
 import { homedir } from "node:os";
 import { dirname, resolve } from "node:path";
 
+import { isAssistantFeatureFlagEnabled } from "../config/assistant-feature-flags.js";
 import { getConfig } from "../config/loader.js";
-import { resolveSkillSelector } from "../config/skills.js";
+import { loadSkillCatalog, resolveSkillSelector } from "../config/skills.js";
+import { indexCatalogById } from "../skills/include-graph.js";
 import {
   isSkillSourcePath,
   normalizeFilePath,
 } from "../skills/path-classifier.js";
+import { computeTransitiveSkillVersionHash } from "../skills/transitive-version-hash.js";
 import { computeSkillVersionHash } from "../skills/version-hash.js";
 import type { ManifestOverride } from "../tools/execution-target.js";
 import {
@@ -352,6 +355,34 @@ function resolveSkillIdAndHash(
   }
 }
 
+/**
+ * Check whether a skill (by id) has parsed inline command expansions.
+ * Returns false when the skill is not found in the catalog.
+ */
+function hasInlineExpansions(skillId: string): boolean {
+  const catalog = loadSkillCatalog();
+  const skill = catalog.find((s) => s.id === skillId);
+  return (
+    skill?.inlineCommandExpansions != null &&
+    skill.inlineCommandExpansions.length > 0
+  );
+}
+
+/**
+ * Compute the transitive version hash for a skill, returning `undefined`
+ * when computation fails (missing includes, cycle, etc.). The permission
+ * layer falls back to the any-version candidate in that case.
+ */
+function computeTransitiveHashSafe(skillId: string): string | undefined {
+  try {
+    const catalog = loadSkillCatalog();
+    const index = indexCatalogById(catalog);
+    return computeTransitiveSkillVersionHash(skillId, index);
+  } catch {
+    return undefined;
+  }
+}
+
 function canonicalizeWebFetchUrl(parsed: URL): URL {
   parsed.hash = "";
   parsed.username = "";
@@ -433,13 +464,39 @@ async function buildCommandCandidates(
       targets.push("");
     } else {
       const resolved = resolveSkillIdAndHash(rawSelector);
-      if (resolved && resolved.versionHash) {
-        // Version-specific candidate lets rules pin to an exact skill version
-        targets.push(`${resolved.id}@${resolved.versionHash}`);
+
+      // When the resolved skill contains inline command expansions and the
+      // feature flag is on, emit skill_load_dynamic: candidates so the
+      // higher-priority default ask rule catches them instead of falling
+      // through to the permissive skill_load:* allow rule.
+      const config = getConfig();
+      const inlineEnabled = isAssistantFeatureFlagEnabled(
+        "feature_flags.inline-skill-commands.enabled",
+        config,
+      );
+
+      if (resolved && inlineEnabled && hasInlineExpansions(resolved.id)) {
+        const transitiveHash = computeTransitiveHashSafe(resolved.id);
+        if (transitiveHash) {
+          targets.push(`skill_load_dynamic:${resolved.id}@${transitiveHash}`);
+        }
+        targets.push(`skill_load_dynamic:${resolved.id}`);
+        // Don't fall through to skill_load:* — dynamic skills use their own
+        // candidate namespace so the default ask rule applies.
+      } else {
+        if (resolved && resolved.versionHash) {
+          // Version-specific candidate lets rules pin to an exact skill version
+          targets.push(`${resolved.id}@${resolved.versionHash}`);
+        }
+        targets.push(rawSelector);
       }
-      targets.push(rawSelector);
     }
-    return [...new Set(targets)].map((target) => `${toolName}:${target}`);
+
+    // Dynamic candidates use skill_load_dynamic: prefix; normal ones use skill_load:
+    return [...new Set(targets)].map((target) => {
+      if (target.startsWith("skill_load_dynamic:")) return target;
+      return `${toolName}:${target}`;
+    });
   }
 
   if (
@@ -1084,6 +1141,32 @@ function skillLoadAllowlistStrategy(
 
   if (rawSelector) {
     const resolved = resolveSkillIdAndHash(rawSelector);
+
+    // Check whether this is a dynamic (inline-command) skill load
+    const config = getConfig();
+    const inlineEnabled = isAssistantFeatureFlagEnabled(
+      "feature_flags.inline-skill-commands.enabled",
+      config,
+    );
+
+    if (resolved && inlineEnabled && hasInlineExpansions(resolved.id)) {
+      const transitiveHash = computeTransitiveHashSafe(resolved.id);
+      const options: AllowlistOption[] = [];
+      if (transitiveHash) {
+        options.push({
+          label: `${resolved.id}@${transitiveHash}`,
+          description: "This exact version (pinned)",
+          pattern: `skill_load_dynamic:${resolved.id}@${transitiveHash}`,
+        });
+      }
+      options.push({
+        label: resolved.id,
+        description: "This skill (any version)",
+        pattern: `skill_load_dynamic:${resolved.id}`,
+      });
+      return options;
+    }
+
     if (resolved && resolved.versionHash) {
       return [
         {

package/src/permissions/defaults.ts

@@ -198,6 +198,19 @@ export function getDefaultRuleTemplates(): DefaultRuleTemplate[] {
     })),
   );
 
+  // Inline-command skill loads use a distinct candidate namespace
+  // (skill_load_dynamic:*) so they prompt by default instead of falling
+  // through to the permissive skill_load:* allow rule below. The higher
+  // priority ensures this rule wins when both could match.
+  const skillLoadDynamicRule: DefaultRuleTemplate = {
+    id: "default:ask-skill_load_dynamic-global",
+    tool: "skill_load",
+    pattern: "skill_load_dynamic:*",
+    scope: "everywhere",
+    decision: "ask",
+    priority: 200,
+  };
+
   const skillLoadRule: DefaultRuleTemplate = {
     id: "default:allow-skill_load-global",
     tool: "skill_load",
@@ -294,6 +307,7 @@ export function getDefaultRuleTemplates(): DefaultRuleTemplate[] {
     bootstrapDeleteRule,
     updatesDeleteRule,
     ...skillSourceMutationRules,
+    skillLoadDynamicRule,
     skillLoadRule,
     skillExecuteRule,
     browserNavigateRule,

package/src/runtime/auth/route-policy.ts

@@ -128,7 +128,7 @@ const ACTOR_ENDPOINTS: Array<{ endpoint: string; scopes: Scope[] }> = [
   { endpoint: "messages:POST", scopes: ["chat.write"] },
   { endpoint: "btw", scopes: ["chat.write"] },
   { endpoint: "conversations", scopes: ["chat.read"] },
-  { endpoint: "conversations:DELETE", scopes: ["chat.write"] },
+  { endpoint: "conversations:POST", scopes: ["chat.write"] },
   { endpoint: "conversations/fork", scopes: ["chat.write"] },
   { endpoint: "conversations/switch", scopes: ["chat.write"] },
   { endpoint: "conversations/name", scopes: ["chat.write"] },
@@ -348,6 +348,7 @@ const ACTOR_ENDPOINTS: Array<{ endpoint: string; scopes: Scope[] }> = [
   { endpoint: "config/embeddings:PUT", scopes: ["settings.write"] },
 
   // Conversation management
+  { endpoint: "conversations:DELETE", scopes: ["chat.write"] },
   { endpoint: "conversations/wipe", scopes: ["chat.write"] },
   { endpoint: "conversations/reorder", scopes: ["chat.write"] },
 
@@ -470,6 +471,14 @@ for (const { endpoint, scopes } of ACTOR_ENDPOINTS) {
   });
 }
 
+// Clear-all conversations: elevated to settings.write (destructive bulk operation).
+// Uses a distinct key so the single-conversation DELETE (conversations:DELETE)
+// retains the lower chat.write scope.
+registerPolicy("conversations/clear-all", {
+  requiredScopes: ["settings.write"],
+  allowedPrincipalTypes: ["actor", "svc_gateway", "svc_daemon", "local"],
+});
+
 // Channel inbound: gateway-only
 registerPolicy("channels/inbound", {
   requiredScopes: ["ingress.write"],

package/src/runtime/routes/conversation-management-routes.ts

@@ -1,6 +1,7 @@
 /**
  * Route handlers for conversation management operations.
  *
+ * POST   /v1/conversations                 — create a new conversation
  * POST   /v1/conversations/switch         — switch to an existing conversation
  * POST   /v1/conversations/fork           — fork an existing conversation
  * PATCH  /v1/conversations/:id/name       — rename a conversation
@@ -19,7 +20,9 @@ import {
   PRIVATE_CONVERSATION_FORK_ERROR,
   wipeConversation,
 } from "../../memory/conversation-crud.js";
+import { updateConversationTitle } from "../../memory/conversation-crud.js";
 import {
+  getOrCreateConversation,
   resolveConversationId,
   setConversationKeyIfAbsent,
 } from "../../memory/conversation-key-store.js";
@@ -66,6 +69,44 @@ export function conversationManagementRouteDefinitions(
   deps: ConversationManagementDeps,
 ): RouteDefinition[] {
   return [
+    {
+      endpoint: "conversations",
+      method: "POST",
+      policyKey: "conversations",
+      handler: async ({ req }) => {
+        let body: { conversationKey?: string; conversationType?: string } = {};
+        try {
+          body = (await req.json()) as typeof body;
+        } catch {
+          // Empty or malformed body — fall through with defaults.
+        }
+        const conversationKey = body.conversationKey ?? crypto.randomUUID();
+        const requestedType =
+          body.conversationType === "private" ? "private" : "standard";
+        const result = getOrCreateConversation(conversationKey, {
+          conversationType: requestedType,
+        });
+        if (result.created) {
+          updateConversationTitle(result.conversationId, "New Conversation");
+        }
+        log.info(
+          {
+            conversationId: result.conversationId,
+            conversationKey,
+            created: result.created,
+          },
+          "Created conversation via POST",
+        );
+        return Response.json(
+          {
+            id: result.conversationId,
+            conversationKey,
+            conversationType: result.conversationType,
+          },
+          { status: result.created ? 201 : 200 },
+        );
+      },
+    },
     {
       endpoint: "conversations/fork",
       method: "POST",
@@ -185,8 +226,17 @@ export function conversationManagementRouteDefinitions(
     {
       endpoint: "conversations",
       method: "DELETE",
-      policyKey: "conversations",
-      handler: () => {
+      policyKey: "conversations/clear-all",
+      handler: ({ req }) => {
+        const confirm = req.headers.get("x-confirm-destructive");
+        if (confirm !== "clear-all-conversations") {
+          return httpError(
+            "BAD_REQUEST",
+            "DELETE /v1/conversations permanently deletes ALL conversations, messages, and memory. " +
+              "To confirm, set header X-Confirm-Destructive: clear-all-conversations",
+            400,
+          );
+        }
         deps.clearAllConversations();
         return new Response(null, { status: 204 });
       },
@@ -225,6 +275,24 @@ export function conversationManagementRouteDefinitions(
             targetId: summaryId,
           });
         }
+        for (const obsId of result.deletedObservationIds) {
+          enqueueMemoryJob("delete_qdrant_vectors", {
+            targetType: "observation",
+            targetId: obsId,
+          });
+        }
+        for (const chunkId of result.deletedChunkIds) {
+          enqueueMemoryJob("delete_qdrant_vectors", {
+            targetType: "chunk",
+            targetId: chunkId,
+          });
+        }
+        for (const episodeId of result.deletedEpisodeIds) {
+          enqueueMemoryJob("delete_qdrant_vectors", {
+            targetType: "episode",
+            targetId: episodeId,
+          });
+        }
         log.info(
           {
             conversationId: resolvedId,
@@ -275,6 +343,30 @@ export function conversationManagementRouteDefinitions(
             targetId: itemId,
           });
         }
+        for (const summaryId of deleted.deletedSummaryIds) {
+          enqueueMemoryJob("delete_qdrant_vectors", {
+            targetType: "summary",
+            targetId: summaryId,
+          });
+        }
+        for (const obsId of deleted.deletedObservationIds) {
+          enqueueMemoryJob("delete_qdrant_vectors", {
+            targetType: "observation",
+            targetId: obsId,
+          });
+        }
+        for (const chunkId of deleted.deletedChunkIds) {
+          enqueueMemoryJob("delete_qdrant_vectors", {
+            targetType: "chunk",
+            targetId: chunkId,
+          });
+        }
+        for (const episodeId of deleted.deletedEpisodeIds) {
+          enqueueMemoryJob("delete_qdrant_vectors", {
+            targetType: "episode",
+            targetId: episodeId,
+          });
+        }
         log.info({ conversationId: resolvedId }, "Deleted conversation");
         return new Response(null, { status: 204 });
       },

package/src/runtime/routes/conversation-query-routes.ts

@@ -225,6 +225,13 @@ export function conversationQueryRouteDefinitions(
             400,
           );
         }
+        if (body.model !== undefined && typeof body.model !== "string") {
+          return httpError(
+            "BAD_REQUEST",
+            "Field 'model' must be a string",
+            400,
+          );
+        }
         try {
           const info = await setEmbeddingConfig(
             body.provider,

package/src/runtime/routes/conversation-routes.ts

@@ -81,6 +81,9 @@ import {
 
 const log = getLogger("conversation-routes");
 
+/** Matches the `<no_response/>` sentinel used by channel delivery suppression. */
+const NO_RESPONSE_INLINE_RE = /<no_response\s*\/?>/g;
+
 const SUGGESTION_CACHE_MAX = 100;
 
 function collectCanonicalGuardianRequestHintIds(
@@ -363,6 +366,48 @@ export function handleListMessages(
       content = msg.content;
     }
     const rendered = renderHistoryContent(content);
+
+    // Strip <no_response/> markers from assistant messages so web/API
+    // clients never see the raw sentinel. Only assistant messages produce
+    // this marker; user messages are left untouched.
+    if (msg.role === "assistant") {
+      const originalSegments = rendered.textSegments;
+      const keepIndices: number[] = [];
+      const filteredSegments: string[] = [];
+      for (let i = 0; i < originalSegments.length; i++) {
+        const cleaned = originalSegments[i]
+          .replace(NO_RESPONSE_INLINE_RE, "")
+          .trim();
+        if (cleaned.length > 0) {
+          keepIndices.push(i);
+          filteredSegments.push(cleaned);
+        }
+      }
+      // Remap contentOrder text:N indices to account for removed segments
+      const indexMap = new Map<number, number>();
+      keepIndices.forEach((oldIdx, newIdx) => indexMap.set(oldIdx, newIdx));
+      const filteredContentOrder = rendered.contentOrder
+        .map((entry) => {
+          const m = entry.match(/^text:(\d+)$/);
+          if (!m) return entry;
+          const newIdx = indexMap.get(Number(m[1]));
+          return newIdx !== undefined ? `text:${newIdx}` : undefined;
+        })
+        .filter((e): e is string => e !== undefined);
+
+      return {
+        role: msg.role,
+        text: rendered.text.replace(NO_RESPONSE_INLINE_RE, "").trim(),
+        timestamp: msg.createdAt,
+        toolCalls: rendered.toolCalls,
+        toolCallsBeforeText: rendered.toolCallsBeforeText,
+        textSegments: filteredSegments,
+        contentOrder: filteredContentOrder,
+        surfaces: rendered.surfaces,
+        id: msg.id,
+      };
+    }
+
     return {
       role: msg.role,
       text: rendered.text,
@@ -1240,11 +1285,13 @@ async function generateLlmSuggestion(
     return null;
   }
   if (firstLine.length <= 50) return firstLine;
-  // Truncate at last word boundary within 50 chars
-  const wordTruncated = firstLine
-    .slice(0, 50)
-    .replace(/\s+\S*$/, "")
-    .trim();
+  // Truncate at last word boundary within 50 chars.
+  // Only strip the trailing partial word if the slice actually cut mid-word;
+  // if the character right after the cut is whitespace, the slice is already clean.
+  const sliced = firstLine.slice(0, 50);
+  const wordTruncated = (
+    /\s/.test(firstLine[50]) ? sliced : sliced.replace(/\s+\S*$/, "")
+  ).trim();
   if (wordTruncated.length < 15) {
     log.debug(
       { rawLength: firstLine.length, truncatedLength: wordTruncated.length },