@vellumai/assistant 0.5.7 → 0.5.9

package/src/__tests__/twilio-routes-twiml.test.ts

@@ -2,7 +2,8 @@
  * Unit tests for TwiML generation with voice quality profiles.
  *
  * Tests that generateTwiML correctly uses profile values for
- * ttsProvider, voice, language, and transcriptionProvider.
+ * ttsProvider, voice, language, transcriptionProvider,
+ * and interruptSensitivity.
  */
 import { describe, expect, mock, test } from "bun:test";
 
@@ -26,6 +27,7 @@ describe("generateTwiML with voice quality profile", () => {
       transcriptionProvider: "Deepgram",
       ttsProvider: "Google",
       voice: "Google.en-US-Journey-O",
+      interruptSensitivity: "low",
     });
 
     expect(twiml).toContain('ttsProvider="Google"');
@@ -40,6 +42,7 @@ describe("generateTwiML with voice quality profile", () => {
       transcriptionProvider: "Deepgram",
       ttsProvider: "ElevenLabs",
       voice: "voice123-turbo_v2_5-1_0.5_0.75",
+      interruptSensitivity: "low",
     });
 
     expect(twiml).toContain('ttsProvider="ElevenLabs"');
@@ -52,6 +55,7 @@ describe("generateTwiML with voice quality profile", () => {
       transcriptionProvider: "Deepgram",
       ttsProvider: "Google",
       voice: "Google.en-US-Journey-O",
+      interruptSensitivity: "low",
     });
 
     expect(twiml).toContain('voice="Google.en-US-Journey-O"');
@@ -63,6 +67,7 @@ describe("generateTwiML with voice quality profile", () => {
       transcriptionProvider: "Deepgram",
       ttsProvider: "ElevenLabs",
       voice: "abc123-turbo_v2_5-1_0.5_0.75",
+      interruptSensitivity: "low",
     });
 
     expect(twiml).toContain('voice="abc123-turbo_v2_5-1_0.5_0.75"');
@@ -74,6 +79,7 @@ describe("generateTwiML with voice quality profile", () => {
       transcriptionProvider: "Google",
       ttsProvider: "Google",
       voice: "Google.es-MX-Standard-A",
+      interruptSensitivity: "low",
     });
 
     expect(twiml).toContain('language="es-MX"');
@@ -85,6 +91,7 @@ describe("generateTwiML with voice quality profile", () => {
       transcriptionProvider: "Google",
       ttsProvider: "Google",
       voice: "Google.en-US-Journey-O",
+      interruptSensitivity: "low",
     });
 
     expect(twiml).toContain('transcriptionProvider="Google"');
@@ -96,6 +103,7 @@ describe("generateTwiML with voice quality profile", () => {
       transcriptionProvider: "Deepgram",
       ttsProvider: "Google",
       voice: 'voice<>&"test',
+      interruptSensitivity: "low",
     });
 
     expect(twiml).toContain('voice="voice&lt;&gt;&amp;&quot;test"');
@@ -108,6 +116,7 @@ describe("generateTwiML with voice quality profile", () => {
       transcriptionProvider: "Deepgram",
       ttsProvider: "Google",
       voice: "Google.en-US-Journey-O",
+      interruptSensitivity: "low",
     });
 
     expect(twiml).toContain(`callSessionId=${callSessionId}`);
@@ -119,6 +128,7 @@ describe("generateTwiML with voice quality profile", () => {
       transcriptionProvider: "Deepgram",
       ttsProvider: "Google",
       voice: "Google.en-US-Journey-O",
+      interruptSensitivity: "low",
     });
 
     expect(twiml).toContain('interruptible="true"');
@@ -131,8 +141,136 @@ describe("generateTwiML with voice quality profile", () => {
       transcriptionProvider: "Deepgram",
       ttsProvider: "Google",
       voice: "Google.en-US-Journey-O",
+      interruptSensitivity: "low",
     });
 
     expect(twiml).not.toContain("welcomeGreeting=");
   });
+
+  test('TwiML includes interruptSensitivity="low" when profile has low', () => {
+    const twiml = generateTwiML(callSessionId, relayUrl, welcomeGreeting, {
+      language: "en-US",
+      transcriptionProvider: "Deepgram",
+      ttsProvider: "Google",
+      voice: "Google.en-US-Journey-O",
+      interruptSensitivity: "low",
+    });
+
+    expect(twiml).toContain('interruptSensitivity="low"');
+  });
+
+  test("custom interruptSensitivity values are reflected correctly", () => {
+    const twimlMedium = generateTwiML(
+      callSessionId,
+      relayUrl,
+      welcomeGreeting,
+      {
+        language: "en-US",
+        transcriptionProvider: "Deepgram",
+        ttsProvider: "Google",
+        voice: "Google.en-US-Journey-O",
+        interruptSensitivity: "medium",
+      },
+    );
+
+    expect(twimlMedium).toContain('interruptSensitivity="medium"');
+
+    const twimlHigh = generateTwiML(
+      callSessionId,
+      relayUrl,
+      welcomeGreeting,
+      {
+        language: "en-US",
+        transcriptionProvider: "Deepgram",
+        ttsProvider: "Google",
+        voice: "Google.en-US-Journey-O",
+        interruptSensitivity: "high",
+      },
+    );
+
+    expect(twimlHigh).toContain('interruptSensitivity="high"');
+  });
+
+  test("hints attribute present when hints string is non-empty", () => {
+    const twiml = generateTwiML(
+      callSessionId,
+      relayUrl,
+      welcomeGreeting,
+      {
+        language: "en-US",
+        transcriptionProvider: "Deepgram",
+        ttsProvider: "ElevenLabs",
+        voice: "voice123",
+        interruptSensitivity: "low",
+      },
+      undefined,
+      undefined,
+      "Alice,Bob,Vellum",
+    );
+
+    expect(twiml).toContain('hints="Alice,Bob,Vellum"');
+  });
+
+  test("hints attribute omitted when hints string is empty", () => {
+    const twiml = generateTwiML(
+      callSessionId,
+      relayUrl,
+      welcomeGreeting,
+      {
+        language: "en-US",
+        transcriptionProvider: "Deepgram",
+        ttsProvider: "ElevenLabs",
+        voice: "voice123",
+        interruptSensitivity: "low",
+      },
+      undefined,
+      undefined,
+      "",
+    );
+
+    expect(twiml).not.toContain("hints=");
+  });
+
+  test("hints attribute omitted when hints parameter is undefined", () => {
+    const twiml = generateTwiML(
+      callSessionId,
+      relayUrl,
+      welcomeGreeting,
+      {
+        language: "en-US",
+        transcriptionProvider: "Deepgram",
+        ttsProvider: "ElevenLabs",
+        voice: "voice123",
+        interruptSensitivity: "low",
+      },
+      undefined,
+      undefined,
+      undefined,
+    );
+
+    expect(twiml).not.toContain("hints=");
+  });
+
+  test("XML special characters in hints are escaped properly", () => {
+    const twiml = generateTwiML(
+      callSessionId,
+      relayUrl,
+      welcomeGreeting,
+      {
+        language: "en-US",
+        transcriptionProvider: "Deepgram",
+        ttsProvider: "ElevenLabs",
+        voice: "voice123",
+        interruptSensitivity: "low",
+      },
+      undefined,
+      undefined,
+      'O\'Brien,Smith & Jones,"Dr. Lee"',
+    );
+
+    expect(twiml).toContain(
+      'hints="O&apos;Brien,Smith &amp; Jones,&quot;Dr. Lee&quot;"',
+    );
+    expect(twiml).not.toContain("hints=\"O'Brien");
+  });
 });

package/src/__tests__/voice-quality.test.ts

@@ -124,4 +124,62 @@ describe("resolveVoiceQualityProfile", () => {
     const profile = resolveVoiceQualityProfile();
     expect(profile.voice).toBe("voice1-turbo_v2_5-0.9_0.8_0.9");
   });
+
+  test("interruptSensitivity defaults to 'low' when not configured", () => {
+    mockConfig = {
+      elevenlabs: { voiceId: "abc" },
+      calls: {
+        voice: {
+          language: "en-US",
+          transcriptionProvider: "Deepgram",
+        },
+      },
+    };
+    const profile = resolveVoiceQualityProfile();
+    expect(profile.interruptSensitivity).toBe("low");
+  });
+
+  test("interruptSensitivity reflects configured value", () => {
+    mockConfig = {
+      elevenlabs: { voiceId: "abc" },
+      calls: {
+        voice: {
+          language: "en-US",
+          transcriptionProvider: "Deepgram",
+          interruptSensitivity: "high",
+        },
+      },
+    };
+    const profile = resolveVoiceQualityProfile();
+    expect(profile.interruptSensitivity).toBe("high");
+  });
+
+  test("hints defaults to empty array when not configured", () => {
+    mockConfig = {
+      elevenlabs: { voiceId: "abc" },
+      calls: {
+        voice: {
+          language: "en-US",
+          transcriptionProvider: "Deepgram",
+        },
+      },
+    };
+    const profile = resolveVoiceQualityProfile();
+    expect(profile.hints).toEqual([]);
+  });
+
+  test("hints reflects configured values", () => {
+    mockConfig = {
+      elevenlabs: { voiceId: "abc" },
+      calls: {
+        voice: {
+          language: "en-US",
+          transcriptionProvider: "Deepgram",
+          hints: ["Vellum", "Nova", "AI assistant"],
+        },
+      },
+    };
+    const profile = resolveVoiceQualityProfile();
+    expect(profile.hints).toEqual(["Vellum", "Nova", "AI assistant"]);
+  });
 });

package/src/__tests__/voice-scoped-grant-consumer.test.ts

@@ -54,7 +54,6 @@ mock.module("../config/loader.js", () => ({
     ui: {},
 
     provider: "anthropic",
-    providerOrder: ["anthropic"],
     calls: {
       enabled: true,
       provider: "twilio",

package/src/__tests__/workspace-migration-016-migrate-credentials-from-keychain.test.ts

@@ -115,12 +115,14 @@ describe("016-migrate-credentials-from-keychain migration", () => {
   });
 
   test(
-    "returns silently when broker is not available (does not throw)",
+    "throws when broker is not available (skips checkpoint for retry)",
     async () => {
       isAvailableFn.mockReturnValue(false);
 
-      // Migration 016 returns silently (unlike 015 which throws)
-      await migrateCredentialsFromKeychainMigration.run(WORKSPACE_DIR);
+      // Throwing skips the checkpoint so the migration retries on next startup
+      await expect(
+        migrateCredentialsFromKeychainMigration.run(WORKSPACE_DIR),
+      ).rejects.toThrow("Keychain broker not available after waiting");
 
       // Should not proceed to list or migrate keys
       expect(brokerListFn).not.toHaveBeenCalled();

package/src/acp/agent-process.ts

@@ -52,7 +52,7 @@ export class AcpAgentProcess {
 
     this.proc = spawn(this.config.command, this.config.args, {
       cwd,
-      stdio: ["pipe", "pipe", "inherit"],
+      stdio: ["pipe", "pipe", "pipe"],
       env: { ...process.env, ...this.config.env },
     });
 
@@ -68,6 +68,14 @@ export class AcpAgentProcess {
       stream,
     );
 
+    // Capture stderr so agent crash details appear in logs
+    this.proc.stderr?.on("data", (chunk: Buffer) => {
+      const text = chunk.toString().trim();
+      if (text) {
+        log.error({ agentId: this.agentId, stderr: text }, "ACP agent stderr");
+      }
+    });
+
     // Handle process exit
     this.proc.on("exit", (code) => {
       this.handleProcessExit(code);

package/src/agent/loop.ts

@@ -23,7 +23,7 @@ export interface AgentLoopConfig {
   maxTokens: number;
   maxInputTokens?: number; // context window size for tool result truncation
   thinking?: { enabled: boolean };
-  effort: "low" | "medium" | "high";
+  effort: "low" | "medium" | "high" | "max";
   toolChoice?:
     | { type: "auto" }
     | { type: "any" }

package/src/approvals/guardian-request-resolvers.ts

@@ -40,6 +40,22 @@ const log = getLogger("guardian-request-resolvers");
 // Helpers
 // ---------------------------------------------------------------------------
 
+/**
+ * Determines whether a Slack delivery should use ephemeral mode.
+ *
+ * Ephemeral messages (`chat.postEphemeral`) require a real channel ID
+ * (starts with `C` for public/private channels, or `D` for DM conversations).
+ * When the chat ID is a user ID (starts with `U`), `chat.postEphemeral` fails
+ * with `channel_not_found`. In that case the message is already going to a DM
+ * opened by `chat.postMessage`, so ephemeral isn't needed.
+ *
+ * Returns `true` only when the source channel is Slack AND the chatId is a
+ * shared channel (starts with `C`), meaning other users could see the message.
+ */
+function shouldUseEphemeral(sourceChannel: string, chatId: string): boolean {
+  return sourceChannel === "slack" && chatId.startsWith("C");
+}
+
 // ---------------------------------------------------------------------------
 // Types
 // ---------------------------------------------------------------------------
@@ -372,13 +388,22 @@ const accessRequestResolver: GuardianRequestResolver = {
       // Deliver denial notification and lifecycle signals when channel context is available
       if (channelDeliveryContext) {
         try {
+          const denialPayload: Parameters<typeof deliverChannelReply>[1] = {
+            chatId: requesterChatId,
+            text: "Your access request has been denied.",
+            assistantId,
+          };
+          // On Slack shared channels, deliver as ephemeral so only the requester sees the denial
+          if (
+            shouldUseEphemeral(channel, requesterChatId) &&
+            requesterExternalUserId
+          ) {
+            denialPayload.ephemeral = true;
+            denialPayload.user = requesterExternalUserId;
+          }
           await deliverChannelReply(
             channelDeliveryContext.replyCallbackUrl,
-            {
-              chatId: requesterChatId,
-              text: "Your access request has been denied by the guardian.",
-              assistantId,
-            },
+            denialPayload,
             channelDeliveryContext.bearerToken,
           );
         } catch (err) {
@@ -435,7 +460,7 @@ const accessRequestResolver: GuardianRequestResolver = {
             desktopDeliverUrl,
             {
               chatId: targetChatId,
-              text: "Your access request has been denied by the guardian.",
+              text: "Your access request has been denied.",
               assistantId,
             },
             desktopBearerToken,
@@ -520,18 +545,28 @@ const accessRequestResolver: GuardianRequestResolver = {
       let codeDelivered = true;
 
       // Deliver verification code to guardian
+      const codeText =
+        `You approved access for ${requesterExternalUserId}. ` +
+        `Give them this verification code: \`${session.secret}\`. ` +
+        `The code expires in 10 minutes.`;
       try {
-        const codeText =
-          `You approved access for ${requesterExternalUserId}. ` +
-          `Give them this verification code: ${session.secret}. ` +
-          `The code expires in 10 minutes.`;
+        const codePayload: Parameters<typeof deliverChannelReply>[1] = {
+          chatId: channelDeliveryContext.guardianChatId,
+          text: codeText,
+          assistantId,
+        };
+        // On Slack shared channels, deliver the verification code as ephemeral
+        // so only the guardian sees the secret — not all channel members.
+        if (
+          shouldUseEphemeral(channel, channelDeliveryContext.guardianChatId) &&
+          ctx.actor.actorExternalUserId
+        ) {
+          codePayload.ephemeral = true;
+          codePayload.user = ctx.actor.actorExternalUserId;
+        }
         await deliverChannelReply(
           channelDeliveryContext.replyCallbackUrl,
-          {
-            chatId: channelDeliveryContext.guardianChatId,
-            text: codeText,
-            assistantId,
-          },
+          codePayload,
           channelDeliveryContext.bearerToken,
         );
       } catch (err) {
@@ -542,20 +577,85 @@ const accessRequestResolver: GuardianRequestResolver = {
         codeDelivered = false;
       }
 
-      // Notify the requester
-      if (codeDelivered) {
+      // If the guardian approved in a shared channel (not a DM), also send
+      // them a DM with the verification code for better privacy and
+      // discoverability. On Slack, posting to a user ID opens a DM.
+      const guardianUserId = ctx.actor.actorExternalUserId;
+      if (
+        codeDelivered &&
+        channel === "slack" &&
+        guardianUserId &&
+        !channelDeliveryContext.guardianChatId.startsWith("D")
+      ) {
+        // Strip threadTs from the callback URL — it belongs to the shared
+        // channel thread and would cause thread_not_found errors in the DM.
+        let dmCallbackUrl = channelDeliveryContext.replyCallbackUrl;
+        try {
+          const url = new URL(channelDeliveryContext.replyCallbackUrl);
+          url.searchParams.delete("threadTs");
+          dmCallbackUrl = url.toString();
+        } catch {
+          // Malformed URL — use as-is
+        }
+
         try {
           await deliverChannelReply(
-            channelDeliveryContext.replyCallbackUrl,
+            dmCallbackUrl,
             {
-              chatId: requesterChatId,
-              text:
-                "Your access request has been approved! " +
-                "Please enter the 6-digit verification code you receive from the guardian.",
+              chatId: guardianUserId,
+              text: codeText,
               assistantId,
             },
             channelDeliveryContext.bearerToken,
           );
+        } catch (err) {
+          // Best-effort: the code was already delivered in the shared channel
+          log.warn(
+            { err, guardianUserId },
+            "Failed to send guardian DM confirmation with verification code",
+          );
+        }
+      }
+
+      // Notify the requester. For Slack, route to DM via the user ID and
+      // strip threadTs (which belongs to the guardian's channel thread).
+      const requesterTargetChatId =
+        channel === "slack" && requesterExternalUserId
+          ? requesterExternalUserId
+          : requesterChatId;
+      let requesterCallbackUrl = channelDeliveryContext.replyCallbackUrl;
+      if (channel === "slack" && requesterExternalUserId) {
+        try {
+          const url = new URL(channelDeliveryContext.replyCallbackUrl);
+          url.searchParams.delete("threadTs");
+          requesterCallbackUrl = url.toString();
+        } catch {
+          // Malformed URL — use as-is
+        }
+      }
+
+      if (codeDelivered) {
+        try {
+          const approvalPayload: Parameters<typeof deliverChannelReply>[1] = {
+            chatId: requesterTargetChatId,
+            text:
+              "Your access request has been approved! " +
+              "Please enter the 6-digit verification code you receive from the guardian.",
+            assistantId,
+          };
+          // On Slack shared channels, deliver as ephemeral so only the requester sees
+          if (
+            shouldUseEphemeral(channel, requesterChatId) &&
+            requesterExternalUserId
+          ) {
+            approvalPayload.ephemeral = true;
+            approvalPayload.user = requesterExternalUserId;
+          }
+          await deliverChannelReply(
+            requesterCallbackUrl,
+            approvalPayload,
+            channelDeliveryContext.bearerToken,
+          );
           requesterNotified = true;
         } catch (err) {
           log.error(
@@ -565,15 +665,23 @@ const accessRequestResolver: GuardianRequestResolver = {
         }
       } else {
         try {
+          const failurePayload: Parameters<typeof deliverChannelReply>[1] = {
+            chatId: requesterTargetChatId,
+            text:
+              "Your access request was approved, but we were unable to " +
+              "deliver the verification code. Please try again later.",
+            assistantId,
+          };
+          if (
+            shouldUseEphemeral(channel, requesterChatId) &&
+            requesterExternalUserId
+          ) {
+            failurePayload.ephemeral = true;
+            failurePayload.user = requesterExternalUserId;
+          }
           await deliverChannelReply(
-            channelDeliveryContext.replyCallbackUrl,
-            {
-              chatId: requesterChatId,
-              text:
-                "Your access request was approved, but we were unable to " +
-                "deliver the verification code. Please try again later.",
-              assistantId,
-            },
+            requesterCallbackUrl,
+            failurePayload,
             channelDeliveryContext.bearerToken,
           );
         } catch (err) {
@@ -635,8 +743,8 @@ const accessRequestResolver: GuardianRequestResolver = {
     }
 
     const verificationReplyText = requesterNotified
-      ? `Access approved for ${requesterLabel}. Give them this verification code: ${session.secret}. The code expires in 10 minutes.`
-      : `Access approved for ${requesterLabel}. Give them this verification code: ${session.secret}. The code expires in 10 minutes. I could not notify them automatically, so please tell them to send the code manually.`;
+      ? `Access approved for ${requesterLabel}. Give them this verification code: \`${session.secret}\`. The code expires in 10 minutes.`
+      : `Access approved for ${requesterLabel}. Give them this verification code: \`${session.secret}\`. The code expires in 10 minutes. I could not notify them automatically, so please tell them to send the code manually.`;
 
     return {
       ok: true,
@@ -686,13 +794,22 @@ const toolGrantRequestResolver: GuardianRequestResolver = {
 
       if (channelDeliveryContext && requesterChatId) {
         try {
-          await deliverChannelReply(
-            channelDeliveryContext.replyCallbackUrl,
+          const grantDenialPayload: Parameters<typeof deliverChannelReply>[1] =
             {
               chatId: requesterChatId,
               text: `Your request to use "${request.toolName}" has been denied by the guardian.`,
               assistantId,
-            },
+            };
+          if (
+            shouldUseEphemeral(request.sourceChannel ?? "", requesterChatId) &&
+            request.requesterExternalUserId
+          ) {
+            grantDenialPayload.ephemeral = true;
+            grantDenialPayload.user = request.requesterExternalUserId;
+          }
+          await deliverChannelReply(
+            channelDeliveryContext.replyCallbackUrl,
+            grantDenialPayload,
             channelDeliveryContext.bearerToken,
           );
         } catch (err) {
@@ -775,13 +892,22 @@ const toolGrantRequestResolver: GuardianRequestResolver = {
       );
     } else if (channelDeliveryContext && requesterChatId) {
       try {
-        await deliverChannelReply(
-          channelDeliveryContext.replyCallbackUrl,
+        const grantApprovalPayload: Parameters<typeof deliverChannelReply>[1] =
           {
             chatId: requesterChatId,
             text: `Your request to use "${request.toolName}" has been approved. Please retry your request.`,
             assistantId,
-          },
+          };
+        if (
+          shouldUseEphemeral(request.sourceChannel ?? "", requesterChatId) &&
+          request.requesterExternalUserId
+        ) {
+          grantApprovalPayload.ephemeral = true;
+          grantApprovalPayload.user = request.requesterExternalUserId;
+        }
+        await deliverChannelReply(
+          channelDeliveryContext.replyCallbackUrl,
+          grantApprovalPayload,
           channelDeliveryContext.bearerToken,
         );
       } catch (err) {