@vellumai/assistant 0.5.7 → 0.5.8

package/src/cli/lib/daemon-credential-client.ts

@@ -0,0 +1,284 @@
+/**
+ * CLI helper for credential operations that routes through the daemon HTTP API
+ * when the daemon is running, falling back to direct secure-keys.ts reads
+ * when it is not.
+ *
+ * Follows the daemon HTTP fetch pattern established in conversations.ts
+ * (health check, JWT minting, HTTP call).
+ */
+
+import providerEnvVarsRegistry from "../../../../meta/provider-env-vars.json" with { type: "json" };
+import { getRuntimeHttpHost, getRuntimeHttpPort } from "../../config/env.js";
+import { API_KEY_PROVIDERS } from "../../config/loader.js";
+import { healthCheckHost, isHttpHealthy } from "../../daemon/daemon-control.js";
+import {
+  initAuthSigningKey,
+  loadOrCreateSigningKey,
+  mintDaemonDeliveryToken,
+} from "../../runtime/auth/token-service.js";
+import type { DeleteResult } from "../../security/credential-backend.js";
+import { credentialKey } from "../../security/credential-key.js";
+import type { SecureKeyResult } from "../../security/secure-keys.js";
+import {
+  deleteSecureKeyAsync,
+  getSecureKeyAsync,
+  getSecureKeyResultAsync,
+  setSecureKeyAsync,
+} from "../../security/secure-keys.js";
+import { getLogger } from "../../util/logger.js";
+
+const log = getLogger("daemon-credential-client");
+const CREDENTIAL_KEY_PREFIX = "credential/";
+
+const PROVIDER_ENV_VARS: Record<string, string> =
+  providerEnvVarsRegistry.providers;
+
+// ---------------------------------------------------------------------------
+// Private daemon fetch helper
+// ---------------------------------------------------------------------------
+
+/**
+ * Attempt an authenticated HTTP request to the running daemon.
+ *
+ * Returns the Response for ANY HTTP response (including non-ok status codes)
+ * so callers can distinguish "daemon rejected the request" from "daemon
+ * unreachable". Returns `null` only when the daemon is genuinely unreachable
+ * (health check fails or network error). Callers fall back to direct
+ * secure-keys.ts only when this returns `null`.
+ */
+async function daemonFetch(
+  path: string,
+  init?: RequestInit,
+): Promise<Response | null> {
+  try {
+    if (!(await isHttpHealthy())) return null;
+
+    const port = getRuntimeHttpPort();
+    const host = healthCheckHost(getRuntimeHttpHost());
+    initAuthSigningKey(loadOrCreateSigningKey());
+    const token = mintDaemonDeliveryToken();
+
+    const res = await fetch(`http://${host}:${port}${path}`, {
+      ...init,
+      headers: {
+        ...init?.headers,
+        Authorization: `Bearer ${token}`,
+        "Content-Type": "application/json",
+      },
+    });
+
+    if (!res.ok) {
+      log.warn(
+        { path, status: res.status },
+        "Daemon credential request returned non-ok status",
+      );
+    }
+
+    return res;
+  } catch (err) {
+    log.warn(
+      { path, error: err instanceof Error ? err.message : String(err) },
+      "Daemon credential request error — falling back to direct access",
+    );
+    return null;
+  }
+}
+
+// ---------------------------------------------------------------------------
+// Internal helpers
+// ---------------------------------------------------------------------------
+
+/**
+ * Derive the canonical credential storage key from a "service:field" name.
+ * Mirrors the parsing in secret-routes.ts handleAddSecret / handleDeleteSecret.
+ *
+ * Uses lastIndexOf to split on the *last* colon so compound service names
+ * (e.g. "integration:google") are preserved intact while the single-segment
+ * field name is extracted correctly.
+ */
+function deriveCredentialStorageKey(name: string): string {
+  // Already a canonical storage key (credential/service/field) — return as-is
+  // to avoid double-encoding (e.g. "credential/integration:google/access_token"
+  // would otherwise become "credential/credential/integration/google/access_token").
+  if (name.startsWith("credential/")) {
+    return name;
+  }
+
+  const colonIdx = name.lastIndexOf(":");
+  if (colonIdx < 1 || colonIdx === name.length - 1) {
+    // Malformed — return raw name so the caller stores *something*.
+    // The daemon would reject this with a 400, so this only fires in
+    // the offline fallback path with bad input.
+    return name;
+  }
+  const service = name.slice(0, colonIdx);
+  const field = name.slice(colonIdx + 1);
+  return credentialKey(service, field);
+}
+
+function deriveReadSecretRequest(account: string): {
+  type: "api_key" | "credential";
+  name: string;
+} {
+  if (account.startsWith(CREDENTIAL_KEY_PREFIX)) {
+    const rest = account.slice(CREDENTIAL_KEY_PREFIX.length);
+    const slashIdx = rest.indexOf("/");
+    if (slashIdx > 0 && slashIdx < rest.length - 1) {
+      return {
+        type: "credential",
+        name: `${rest.slice(0, slashIdx)}:${rest.slice(slashIdx + 1)}`,
+      };
+    }
+  }
+
+  if (
+    account.includes(":") &&
+    !API_KEY_PROVIDERS.includes(account as (typeof API_KEY_PROVIDERS)[number])
+  ) {
+    return { type: "credential", name: account };
+  }
+
+  return { type: "api_key", name: account };
+}
+
+// ---------------------------------------------------------------------------
+// Exported wrapper functions
+// ---------------------------------------------------------------------------
+
+/**
+ * Retrieve a secret value from the daemon (via POST /v1/secrets/read with
+ * reveal: true). Falls back to direct `getSecureKeyAsync()` when the daemon
+ * is not running.
+ */
+export async function getSecureKeyViaDaemon(
+  account: string,
+): Promise<string | undefined> {
+  const request = deriveReadSecretRequest(account);
+  const res = await daemonFetch("/v1/secrets/read", {
+    method: "POST",
+    body: JSON.stringify({ ...request, reveal: true }),
+  });
+
+  if (res?.ok) {
+    const json = (await res.json()) as { found: boolean; value?: string };
+    return json.found ? json.value : undefined;
+  }
+
+  // Fall back to direct read when daemon is unreachable (null) OR returned
+  // a non-ok response — reads are safe to retry via direct access.
+  return getSecureKeyAsync(account);
+}
+
+/**
+ * Retrieve a secret value with richer result metadata. Uses the daemon
+ * POST /v1/secrets/read endpoint (reveal: true), falling back to
+ * `getSecureKeyResultAsync()`.
+ */
+export async function getSecureKeyResultViaDaemon(
+  account: string,
+): Promise<SecureKeyResult> {
+  const request = deriveReadSecretRequest(account);
+  const res = await daemonFetch("/v1/secrets/read", {
+    method: "POST",
+    body: JSON.stringify({ ...request, reveal: true }),
+  });
+
+  if (res?.ok) {
+    const json = (await res.json()) as {
+      found: boolean;
+      value?: string;
+      unreachable?: boolean;
+    };
+    if (json.found && json.value != null) {
+      return { value: json.value, unreachable: false };
+    }
+    return { value: undefined, unreachable: json.unreachable ?? false };
+  }
+
+  // Fall back to direct read when daemon is unreachable (null) OR returned
+  // a non-ok response — reads are safe to retry via direct access.
+  return getSecureKeyResultAsync(account);
+}
+
+/**
+ * Store a secret via the daemon POST /v1/secrets endpoint. Falls back to
+ * direct `setSecureKeyAsync()` when the daemon is not running.
+ */
+export async function setSecureKeyViaDaemon(
+  type: string,
+  name: string,
+  value: string,
+): Promise<boolean> {
+  const res = await daemonFetch("/v1/secrets", {
+    method: "POST",
+    body: JSON.stringify({ type, name, value }),
+  });
+
+  if (res?.ok) {
+    const json = (await res.json()) as { success: boolean };
+    return json.success;
+  }
+
+  if (res) {
+    // Daemon is running but deliberately rejected the write (e.g. 422
+    // validation failure, 400 bad input). Do NOT fall back — the daemon's
+    // rejection is authoritative and bypassing it would skip validation.
+    return false;
+  }
+
+  // Daemon unreachable — fall back to direct write.
+  // For credentials, derive the canonical storage key (credential/service/field)
+  // to match the daemon path which uses credentialKey().
+  const storageKey =
+    type === "credential" ? deriveCredentialStorageKey(name) : name;
+  return setSecureKeyAsync(storageKey, value);
+}
+
+/**
+ * Delete a secret via the daemon DELETE /v1/secrets endpoint. Falls back to
+ * direct `deleteSecureKeyAsync()` when the daemon is not running.
+ */
+export async function deleteSecureKeyViaDaemon(
+  type: string,
+  name: string,
+): Promise<DeleteResult> {
+  const res = await daemonFetch("/v1/secrets", {
+    method: "DELETE",
+    body: JSON.stringify({ type, name }),
+  });
+
+  if (res?.ok) {
+    const json = (await res.json()) as { success: boolean };
+    return json.success ? "deleted" : "error";
+  }
+
+  if (res) {
+    // Daemon is running but rejected the delete. Map common status codes
+    // to appropriate results without falling back to direct access.
+    if (res.status === 404) return "not-found";
+    return "error";
+  }
+
+  // Daemon unreachable — fall back to direct delete.
+  // For credentials, derive the canonical storage key (credential/service/field)
+  // to match the daemon path which uses credentialKey().
+  const storageKey =
+    type === "credential" ? deriveCredentialStorageKey(name) : name;
+  return deleteSecureKeyAsync(storageKey);
+}
+
+/**
+ * Retrieve a provider API key via the daemon, with env var fallback.
+ *
+ * Mirrors the behavior of `getProviderKeyAsync()` from secure-keys.ts:
+ * first checks the secure store (via daemon), then falls back to the
+ * corresponding `<PROVIDER>_API_KEY` environment variable.
+ */
+export async function getProviderKeyViaDaemon(
+  provider: string,
+): Promise<string | undefined> {
+  const stored = await getSecureKeyViaDaemon(provider);
+  if (stored) return stored;
+  const envVar = PROVIDER_ENV_VARS[provider];
+  return envVar ? process.env[envVar] : undefined;
+}

package/src/cli.ts

@@ -728,7 +728,7 @@ export async function startCli(): Promise<void> {
       case "memory_recalled":
         spinner.stop();
         process.stdout.write(
-          `\n\x1B[2m[Memory recalled: ${msg.injectedTokens} tokens | t1 ${msg.tier1Count} t2 ${msg.tier2Count} | semantic ${msg.semanticHits} | recency ${msg.recencyHits} | merged ${msg.mergedCount} → selected ${msg.selectedCount}${msg.sparseVectorUsed ? " (sparse)" : ""} | hybrid ${msg.hybridSearchLatencyMs}ms | ${msg.provider}/${msg.model} | ${msg.latencyMs}ms]\x1B[0m\n`,
+          `\n\x1B[2m[Memory recalled: ${msg.injectedTokens} tokens | t1 ${msg.tier1Count} t2 ${msg.tier2Count} | semantic ${msg.semanticHits} | merged ${msg.mergedCount} → selected ${msg.selectedCount}${msg.sparseVectorUsed ? " (sparse)" : ""} | hybrid ${msg.hybridSearchLatencyMs}ms | ${msg.provider}/${msg.model} | ${msg.latencyMs}ms]\x1B[0m\n`,
         );
         spinner.start("Thinking...");
         break;

package/src/config/bundled-skills/AGENTS.md

@@ -0,0 +1,34 @@
+# Bundled Skills — Agent Instructions
+
+## Registering Tool Executors
+
+When you add a new tool executor to a bundled skill's `TOOLS.json`, you **must** also register it in `assistant/src/config/bundled-tool-registry.ts`. Each new executor needs two things:
+
+1. **A static import** at the top of the file, grouped under the skill's section comment.
+2. **A registry entry** in the `bundledToolRegistry` map.
+
+### Example (settings skill)
+
+```ts
+// ── settings ───────────────────────────────────────────────────────────────────
+import * as avatarUpdate from "./bundled-skills/settings/tools/avatar-update.js";
+// ... other imports ...
+
+export const bundledToolRegistry = new Map<string, SkillToolScript>([
+  // settings
+  ["settings:tools/avatar-update.ts", avatarUpdate],
+  // ... other entries ...
+]);
+```
+
+The map key format is `skillDirBasename:executorPath` (e.g. `settings:tools/avatar-update.ts`).
+
+### Why this is required
+
+`knip` (`lint:unused`) flags dynamically-loaded executor files as unused exports unless they have a static import somewhere in the dependency graph. The registry provides that static import while also enabling the compiled Bun binary to bundle the scripts (since dynamic imports from the filesystem don't work inside `/$bunfs/`).
+
+You can regenerate the full registry with:
+
+```sh
+bun run scripts/generate-bundled-tool-registry.ts
+```

package/src/config/bundled-skills/acp/SKILL.md

@@ -50,6 +50,16 @@ When the user first tries to use ACP and it's not configured, set it up automati
 - NEVER use `claude`, `claude -p`, `claude --acp`, or any other command. Only `claude-agent-acp` speaks the ACP JSON-RPC protocol.
 - NEVER change an existing ACP config to use a different command. If the config already has `claude-agent-acp`, leave it alone.
 
+## Updating the adapter
+
+If `acp_spawn` reports that `claude-agent-acp` is outdated, ask the user before updating. To update:
+
+```bash
+npm install -g @zed-industries/claude-agent-acp@latest
+```
+
+Then retry the `acp_spawn` call.
+
 ## Tips
 
 - The spawned agent runs autonomously with its own tools, file editing, and terminal access.

package/src/config/bundled-skills/app-builder/SKILL.md

@@ -632,7 +632,3 @@ When the user wants to triage or bulk-act on items, generate an interactive UI w
 ## External Links
 
 Use `vellum.openLink(url, metadata)` to make items clickable. Construct deep-link URLs when possible. Include `metadata.provider` and `metadata.type` for context.
-
-## Branding
-
-A "Built on Vellum" badge is auto-injected into every page. Do NOT add your own.

package/src/config/bundled-skills/messaging/tools/messaging-analyze-style.ts

@@ -50,7 +50,7 @@ function upsertMemoryItem(opts: {
           Math.max(existing.importance ?? 0, opts.importance),
         ),
         lastSeenAt: now,
-        verificationState: "assistant_inferred",
+        sourceType: "extraction",
       })
       .where(eq(memoryItems.id, existing.id))
       .run();
@@ -67,7 +67,7 @@ function upsertMemoryItem(opts: {
         confidence: 0.8,
         importance: clampUnitInterval(opts.importance),
         fingerprint,
-        verificationState: "assistant_inferred",
+        sourceType: "extraction",
         scopeId: opts.scopeId,
         firstSeenAt: now,
         lastSeenAt: now,

package/src/config/bundled-skills/playbooks/tools/playbook-create.ts

@@ -100,6 +100,7 @@ export async function executePlaybookCreate(
         confidence: 0.95,
         importance: 0.8,
         fingerprint,
+        sourceType: "tool",
         verificationState: "user_confirmed",
         scopeId,
         firstSeenAt: now,

package/src/config/bundled-skills/playbooks/tools/playbook-update.ts

@@ -125,6 +125,7 @@ export async function executePlaybookUpdate(
         statement,
         fingerprint,
         lastSeenAt: now,
+        sourceType: "tool",
         verificationState: "user_confirmed",
       })
       .where(eq(memoryItems.id, existing.id))

package/src/config/bundled-skills/settings/SKILL.md

@@ -1,6 +1,6 @@
 ---
 name: settings
-description: Manage assistant voice and system settings
+description: Manage assistant voice, avatar, and system settings
 compatibility: "Designed for Vellum personal assistants"
 metadata:
   emoji: "\u2699\uFE0F"
@@ -8,4 +8,17 @@ metadata:
     display-name: "Settings"
 ---
 
-Tools for managing assistant settings: voice configuration (TTS voice, PTT activation key, conversation timeout), system settings navigation, and in-app settings tab navigation.
+Tools for managing assistant settings: voice configuration (TTS voice, PTT activation key, conversation timeout), avatar management, system settings navigation, and in-app settings tab navigation.
+
+## Avatar
+
+When the user asks to set, change, or update your avatar to an image they provide:
+
+1. Find the uploaded image in the conversation attachments directory
+2. Use the `set_avatar` tool with the `image_path` parameter set to the workspace-relative path (e.g. `conversations/<id>/attachments/Dropped Image.png`)
+
+The tool copies the image to the canonical location (`data/avatar/avatar-image.png`) and notifies the app to refresh automatically.
+
+When the user asks to remove, clear, or reset their avatar, use the `remove_avatar` tool. It deletes only the custom image and preserves the native character traits so the character avatar is restored automatically.
+
+**Do NOT use `bash`, `cp`, or `rm` for avatar operations** — always use `set_avatar` / `remove_avatar` so the app is properly notified and character traits are preserved.

package/src/config/bundled-skills/settings/TOOLS.json

@@ -11,7 +11,13 @@
         "properties": {
           "setting": {
             "type": "string",
-            "enum": ["activation_key", "conversation_timeout", "fish_audio_reference_id", "tts_provider", "tts_voice_id"],
+            "enum": [
+              "activation_key",
+              "conversation_timeout",
+              "fish_audio_reference_id",
+              "tts_provider",
+              "tts_voice_id"
+            ],
             "description": "The voice setting to change"
           },
           "value": {
@@ -79,6 +85,45 @@
       },
       "executor": "tools/navigate-settings-tab.ts",
       "execution_target": "host"
+    },
+    {
+      "name": "set_avatar",
+      "description": "Set the assistant's avatar to an image file. Copies the source image to the canonical avatar location (data/avatar/avatar-image.png), removes any native character avatar files, and notifies the app to refresh. Use this when the user asks to set, change, or update the avatar to a specific image (e.g. from a conversation attachment).",
+      "category": "system",
+      "risk": "low",
+      "input_schema": {
+        "type": "object",
+        "properties": {
+          "image_path": {
+            "type": "string",
+            "description": "Path to the image file. Can be absolute or relative to the workspace directory (e.g. 'conversations/<id>/attachments/Dropped Image.png')."
+          },
+          "activity": {
+            "type": "string",
+            "description": "Brief non-technical explanation of what you are doing, shown to the user as a status update."
+          }
+        },
+        "required": ["image_path"]
+      },
+      "executor": "tools/avatar-update.ts",
+      "execution_target": "sandbox"
+    },
+    {
+      "name": "remove_avatar",
+      "description": "Remove the custom avatar image and restore the native character avatar. Only deletes the custom image — preserves character traits so the character avatar is automatically restored. Use this when the user asks to remove, clear, or reset their avatar.",
+      "category": "system",
+      "risk": "low",
+      "input_schema": {
+        "type": "object",
+        "properties": {
+          "activity": {
+            "type": "string",
+            "description": "Brief non-technical explanation of what you are doing, shown to the user as a status update."
+          }
+        }
+      },
+      "executor": "tools/avatar-remove.ts",
+      "execution_target": "sandbox"
     }
   ]
 }

package/src/config/bundled-skills/settings/tools/avatar-remove.ts

@@ -0,0 +1,59 @@
+import { existsSync, unlinkSync } from "node:fs";
+import { join } from "node:path";
+
+import { buildAssistantEvent } from "../../../../runtime/assistant-event.js";
+import { assistantEventHub } from "../../../../runtime/assistant-event-hub.js";
+import { DAEMON_INTERNAL_ASSISTANT_ID } from "../../../../runtime/assistant-scope.js";
+import type {
+  ToolContext,
+  ToolExecutionResult,
+} from "../../../../tools/types.js";
+import { getLogger } from "../../../../util/logger.js";
+import { getWorkspaceDir } from "../../../../util/platform.js";
+
+const log = getLogger("avatar-remove");
+
+export async function run(
+  _input: Record<string, unknown>,
+  _context: ToolContext,
+): Promise<ToolExecutionResult> {
+  const avatarDir = join(getWorkspaceDir(), "data", "avatar");
+  const avatarPath = join(avatarDir, "avatar-image.png");
+
+  if (!existsSync(avatarPath)) {
+    return {
+      content: "No custom avatar to remove — already using the default.",
+      isError: false,
+    };
+  }
+
+  try {
+    unlinkSync(avatarPath);
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    log.error({ error: message }, "Failed to remove avatar image");
+    return { content: `Error removing avatar: ${message}`, isError: true };
+  }
+
+  // character-traits.json is intentionally preserved so the native
+  // character avatar is restored automatically.
+
+  // Notify connected clients so the avatar refreshes immediately.
+  assistantEventHub
+    .publish(
+      buildAssistantEvent(DAEMON_INTERNAL_ASSISTANT_ID, {
+        type: "avatar_updated",
+        avatarPath,
+      }),
+    )
+    .catch((err) => {
+      log.warn({ err }, "Failed to publish avatar_updated event");
+    });
+
+  log.info("Custom avatar removed, reverting to character avatar");
+
+  return {
+    content: "Custom avatar removed. The character avatar has been restored.",
+    isError: false,
+  };
+}

package/src/config/bundled-skills/settings/tools/avatar-update.ts

@@ -0,0 +1,80 @@
+import { copyFileSync, existsSync, mkdirSync } from "node:fs";
+import { dirname, join } from "node:path";
+
+import { buildAssistantEvent } from "../../../../runtime/assistant-event.js";
+import { assistantEventHub } from "../../../../runtime/assistant-event-hub.js";
+import { DAEMON_INTERNAL_ASSISTANT_ID } from "../../../../runtime/assistant-scope.js";
+import type {
+  ToolContext,
+  ToolExecutionResult,
+} from "../../../../tools/types.js";
+import { getLogger } from "../../../../util/logger.js";
+import { getWorkspaceDir } from "../../../../util/platform.js";
+
+const log = getLogger("avatar-update");
+
+/** Canonical path where the custom avatar PNG is stored. */
+function getAvatarPath(): string {
+  return join(getWorkspaceDir(), "data", "avatar", "avatar-image.png");
+}
+
+export async function run(
+  input: Record<string, unknown>,
+  _context: ToolContext,
+): Promise<ToolExecutionResult> {
+  const sourcePath = input.image_path as string | undefined;
+
+  if (!sourcePath || typeof sourcePath !== "string") {
+    return {
+      content:
+        'Error: "image_path" is required. Provide the path to the image file (absolute or relative to workspace).',
+      isError: true,
+    };
+  }
+
+  const workspaceDir = getWorkspaceDir();
+  const resolvedSource = sourcePath.startsWith("/")
+    ? sourcePath
+    : join(workspaceDir, sourcePath);
+
+  if (!existsSync(resolvedSource)) {
+    return {
+      content: `Error: source file not found: ${resolvedSource}`,
+      isError: true,
+    };
+  }
+
+  const avatarPath = getAvatarPath();
+  const avatarDir = dirname(avatarPath);
+
+  try {
+    mkdirSync(avatarDir, { recursive: true });
+    copyFileSync(resolvedSource, avatarPath);
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    log.error({ error: message }, "Failed to copy avatar image");
+    return { content: `Error copying avatar: ${message}`, isError: true };
+  }
+
+  // Keep character-traits.json and character-ascii.txt so the character
+  // avatar can be restored if the custom image is later removed.
+
+  // Notify connected clients so the avatar refreshes immediately.
+  assistantEventHub
+    .publish(
+      buildAssistantEvent(DAEMON_INTERNAL_ASSISTANT_ID, {
+        type: "avatar_updated",
+        avatarPath,
+      }),
+    )
+    .catch((err) => {
+      log.warn({ err }, "Failed to publish avatar_updated event");
+    });
+
+  log.info({ avatarPath, source: resolvedSource }, "Avatar updated");
+
+  return {
+    content: `Avatar updated from ${sourcePath}. The app will refresh automatically.`,
+    isError: false,
+  };
+}

package/src/config/bundled-skills/slack/SKILL.md

@@ -76,4 +76,4 @@ For setting up recurring digests, load the `slack-digest-setup` skill which cove
 
 ## Connection
 
-Before using any Slack tool, verify that Slack is connected. If not connected, guide the user through the Slack setup flow described in the messaging skill.
+Before using any Slack tool, verify that Slack is connected. If not connected, load the **slack-app-setup** skill (`skill_load` with `skill: "slack-app-setup"`) and follow its step-by-step guided flow. Do NOT improvise setup instructions — the `slack-app-setup` skill is the single source of truth for Slack connection setup. Slack uses Socket Mode (not OAuth) and does not require redirect URLs or any OAuth flow.

package/src/config/bundled-tool-registry.ts

@@ -132,6 +132,8 @@ import * as sequenceImport from "./bundled-skills/sequences/tools/sequence-impor
 import * as sequenceList from "./bundled-skills/sequences/tools/sequence-list.js";
 import * as sequenceUpdate from "./bundled-skills/sequences/tools/sequence-update.js";
 // ── settings ───────────────────────────────────────────────────────────────────
+import * as avatarRemove from "./bundled-skills/settings/tools/avatar-remove.js";
+import * as avatarUpdate from "./bundled-skills/settings/tools/avatar-update.js";
 import * as navigateSettingsTab from "./bundled-skills/settings/tools/navigate-settings-tab.js";
 import * as openSystemSettings from "./bundled-skills/settings/tools/open-system-settings.js";
 import * as voiceConfigUpdate from "./bundled-skills/settings/tools/voice-config-update.js";
@@ -323,6 +325,8 @@ export const bundledToolRegistry = new Map<string, SkillToolScript>([
   ["sequences:tools/sequence-analytics.ts", sequenceAnalytics],
 
   // settings
+  ["settings:tools/avatar-update.ts", avatarUpdate],
+  ["settings:tools/avatar-remove.ts", avatarRemove],
   ["settings:tools/voice-config-update.ts", voiceConfigUpdate],
   ["settings:tools/open-system-settings.ts", openSystemSettings],
   ["settings:tools/navigate-settings-tab.ts", navigateSettingsTab],

package/src/config/defaults.ts

@@ -2,6 +2,4 @@ import { applyNestedDefaults } from "./loader.js";
 import type { AssistantConfig } from "./types.js";
 
 // Single source of truth: Zod schema field-level .default() values.
-// Uses applyNestedDefaults to cascade through nested .default({}) calls,
-// which Zod 4 doesn't resolve in a single parse pass.
 export const DEFAULT_CONFIG: AssistantConfig = applyNestedDefaults({});

package/src/config/env-registry.ts

@@ -55,12 +55,12 @@ export function getIsContainerized(): boolean {
 }
 
 /**
- * WORKSPACE_DIR — string, default: undefined
- * When set, overrides the default workspace directory. Used in containerized
- * deployments where the workspace is a separate volume.
+ * VELLUM_WORKSPACE_DIR — string, default: undefined
+ * Overrides the default workspace directory.
+ * Used in containerized deployments where the workspace is a separate volume.
  */
 export function getWorkspaceDirOverride(): string | undefined {
-  return str("WORKSPACE_DIR");
+  return str("VELLUM_WORKSPACE_DIR");
 }
 
 // ── Known env var names ──────────────────────────────────────────────────────