@vellumai/assistant 0.6.1 → 0.6.2

package/src/daemon/transport-hints.ts

@@ -0,0 +1,33 @@
+import { parseInterfaceId } from "../channels/types.js";
+import type { ConversationTransportMetadata } from "./message-types/conversations.js";
+
+/**
+ * Build enriched transport hints from conversation transport metadata.
+ *
+ * Interface ID first, then host environment (macOS only), then any
+ * client-provided hints. Shared between the conversation creation path
+ * (server.ts) and the queue drain path (conversation-process.ts).
+ */
+export function buildTransportHints(
+  transport: ConversationTransportMetadata,
+): string[] {
+  const hints: string[] = [];
+
+  const interfaceLabel = parseInterfaceId(transport.interfaceId) ?? "vellum";
+  hints.push(`User is messaging from interface: ${interfaceLabel}`);
+
+  if (transport.interfaceId === "macos") {
+    if (transport.hostHomeDir) {
+      hints.push(`Host home directory: ${transport.hostHomeDir}`);
+    }
+    if (transport.hostUsername) {
+      hints.push(`Host username: ${transport.hostUsername}`);
+    }
+  }
+
+  if (transport.hints) {
+    hints.push(...transport.hints);
+  }
+
+  return hints;
+}

package/src/index.ts

@@ -2,4 +2,4 @@
 
 import { buildCliProgram } from "./cli/program.js";
 
-buildCliProgram().parse();
+(await buildCliProgram()).parse();

package/src/memory/conversation-crud.ts

@@ -314,12 +314,15 @@ export function createConversation(
 
   // group_id is NOT in the Drizzle schema (raw-query-only pattern).
   // Set via raw SQL after the INSERT succeeds.
-  if (groupId) {
+  // Always set group_id — default to "system:all" when none provided.
+  {
+    const effectiveGroupId = groupId ?? "system:all";
     for (let attempt = 0; ; attempt++) {
       try {
         rawRun(
-          "UPDATE conversations SET group_id = ? WHERE id = ?",
-          groupId,
+          "UPDATE conversations SET group_id = ?, is_pinned = ? WHERE id = ?",
+          effectiveGroupId,
+          effectiveGroupId === "system:pinned" ? 1 : 0,
           id,
         );
         break;
@@ -469,7 +472,7 @@ export function forkConversation(params: {
     const fc = createConversation({
       title: forkTitle,
       conversationType: "standard",
-      groupId: parentGroupId ?? undefined,
+      groupId: parentGroupId ?? "system:all",
     });
 
     db.update(conversations)
@@ -1547,17 +1550,19 @@ export function batchSetDisplayOrders(
       if (update.groupId !== undefined) {
         // New client: groupId is authoritative.
         // Derive is_pinned from groupId.
-        // Sanitize: if groupId references a deleted/unknown group, fall back
-        // to NULL to avoid FK violation that would roll back the entire batch.
+        // Sanitize: if groupId is null or references a deleted/unknown group,
+        // fall back to "system:all" to avoid FK violation that would roll back
+        // the entire batch.
         let safeGroupId = update.groupId;
-        if (
-          safeGroupId !== null &&
+        if (safeGroupId === null) {
+          safeGroupId = "system:all";
+        } else if (
           !rawGet<{ id: string }>(
             "SELECT id FROM conversation_groups WHERE id = ?",
             safeGroupId,
           )
         ) {
-          safeGroupId = null;
+          safeGroupId = "system:all";
         }
         rawRun(
           "UPDATE conversations SET display_order = ?, is_pinned = ?, group_id = ? WHERE id = ?",
@@ -1587,7 +1592,7 @@ export function batchSetDisplayOrders(
                  WHEN source IN ('schedule', 'reminder') THEN 'system:scheduled'
                  WHEN source IN ('heartbeat', 'task') THEN 'system:background'
                  WHEN conversation_type = 'background' AND COALESCE(source, '') != 'notification' THEN 'system:background'
-                 ELSE NULL
+                 ELSE 'system:all'
                END
              ELSE group_id END
              WHERE id = ?`,

package/src/memory/conversation-directories.ts

@@ -26,6 +26,45 @@ export function getConversationDirName(
   return `${getConversationDirTimestamp(createdAtMs)}_${id}`;
 }
 
+/**
+ * Parse a canonical conversation directory name (`<ISO-with-dashes>_<id>`)
+ * back into its components. Returns null for names that don't match the
+ * canonical format — callers should treat null as "skip this entry"
+ * rather than as an error.
+ *
+ * Inverse of {@link getConversationDirName}. Does NOT parse the legacy
+ * `<id>_<ISO-with-dashes>` format.
+ */
+export function parseConversationDirName(
+  name: string,
+): { conversationId: string; createdAtMs: number } | null {
+  // Canonical format: YYYY-MM-DDTHH-MM-SS.sssZ_<uuid>
+  // The timestamp portion has 4 hyphens (date + time-component separators)
+  // and ends in `Z`. Anchor the regex to enforce that.
+  const match = name.match(
+    /^(\d{4}-\d{2}-\d{2})T(\d{2})-(\d{2})-(\d{2}\.\d{1,9}Z)_(.+)$/,
+  );
+  if (!match) return null;
+  const [, datePart, hh, mm, ssAndMs, conversationId] = match;
+  const iso = `${datePart}T${hh}:${mm}:${ssAndMs}`;
+  const ms = Date.parse(iso);
+  if (Number.isNaN(ms)) return null;
+  if (!conversationId) return null;
+  // Reject conversation IDs that are path-traversal-shaped or contain
+  // path separators. These are never valid conversation IDs and would
+  // be a defense-in-depth concern if parsed.conversationId is later used
+  // to construct filesystem paths.
+  if (
+    conversationId === "." ||
+    conversationId === ".." ||
+    conversationId.includes("/") ||
+    conversationId.includes("\\")
+  ) {
+    return null;
+  }
+  return { conversationId, createdAtMs: ms };
+}
+
 /**
  * Return the absolute path to a conversation's timestamp-first disk-view
  * directory.

package/src/memory/conversation-group-migration.ts

@@ -57,15 +57,45 @@ export function ensureGroupMigration(): void {
     }
   }
 
-  // 3. Seed system groups (three: pinned, scheduled, background)
+  // 3. Seed system groups (four: pinned, scheduled, background, all)
+  const now = Math.floor(Date.now() / 1000);
   rawExec(`
-    INSERT OR IGNORE INTO conversation_groups (id, name, sort_position, is_system_group)
+    INSERT OR IGNORE INTO conversation_groups (id, name, sort_position, is_system_group, created_at, updated_at)
     VALUES
-      ('system:pinned', 'Pinned', 0, TRUE),
-      ('system:scheduled', 'Scheduled', 1, TRUE),
-      ('system:background', 'Background', 2, TRUE)
+      ('system:pinned', 'Pinned', 0, TRUE, ${now}, ${now}),
+      ('system:scheduled', 'Scheduled', 1, TRUE, ${now}, ${now}),
+      ('system:background', 'Background', 2, TRUE, ${now}, ${now}),
+      ('system:all', 'Recents', 3, TRUE, ${now}, ${now})
   `);
 
+  // One-time migration: move system:all to sortPosition 3 (from 999999).
+  // Bump custom groups at position 3+ up by 1 to make room. Wrapped in a
+  // transaction so a crash between the shift and the sentinel can't cause
+  // repeated drift on restart.
+  const sortShiftDone = rawGet<{ id: string }>(
+    "SELECT id FROM conversation_groups WHERE id = '_sort_shift_complete'",
+  );
+  if (!sortShiftDone) {
+    try {
+      rawExec("BEGIN");
+      rawRun(
+        "UPDATE conversation_groups SET sort_position = sort_position + 1 WHERE is_system_group = 0 AND sort_position >= 3",
+      );
+      rawRun(
+        "UPDATE conversation_groups SET sort_position = 3 WHERE id = 'system:all' AND sort_position != 3",
+      );
+      rawRun(
+        `INSERT OR IGNORE INTO conversation_groups (id, name, sort_position, is_system_group, created_at, updated_at)
+         VALUES ('_sort_shift_complete', '_sort_shift_complete', -1, TRUE, ${now}, ${now})`,
+      );
+      rawExec("COMMIT");
+    } catch (err) {
+      rawExec("ROLLBACK");
+      log.error({ err }, "Sort-position shift transaction failed, rolled back");
+      throw err;
+    }
+  }
+
   // 4. One-time backfill (guard: persistent marker prevents re-running on restart)
   //
   // The backfill sets group_id on existing conversations based on their attributes.
@@ -153,5 +183,35 @@ export function ensureGroupMigration(): void {
     }
   }
 
+  // 5. One-time backfill: assign all ungrouped conversations to system:all
+  //
+  // Separate from the initial backfill above because system:all is added later.
+  // Uses its own sentinel so it runs exactly once, even on existing installations
+  // where the original backfill already completed.
+  const allBackfillDone = rawGet<{ id: string }>(
+    "SELECT id FROM conversation_groups WHERE id = '_backfill_all_complete'",
+  );
+
+  if (!allBackfillDone) {
+    try {
+      rawExec("BEGIN");
+
+      rawExec(`
+        UPDATE conversations SET group_id = 'system:all' WHERE group_id IS NULL
+      `);
+
+      rawExec(`
+        INSERT OR IGNORE INTO conversation_groups (id, name, sort_position, is_system_group)
+        VALUES ('_backfill_all_complete', '_backfill_all_complete', -1, TRUE)
+      `);
+
+      rawExec("COMMIT");
+    } catch (err) {
+      rawExec("ROLLBACK");
+      log.error({ err }, "system:all backfill transaction failed, rolled back");
+      throw err;
+    }
+  }
+
   migrated = true;
 }

package/src/memory/embedding-local.ts

@@ -205,7 +205,7 @@ export class LocalEmbeddingBackend implements EmbeddingBackend {
     );
 
     const proc = Bun.spawn({
-      cmd: [bunPath, workerPath, this.model, modelCacheDir],
+      cmd: [bunPath, "--smol", workerPath, this.model, modelCacheDir],
       stdin: "pipe",
       stdout: "pipe",
       stderr: "pipe",

package/src/memory/graph/capability-seed.ts

@@ -127,9 +127,7 @@ export function seedSkillGraphNodes(): void {
       // skip catalog-based pruning to avoid incorrectly marking valid
       // uninstalled catalog nodes as gone. But still prune locally disabled
       // skills so stale capability nodes don't linger after cold start.
-      log.info(
-        "Catalog cache is cold — pruning only locally disabled skills",
-      );
+      log.info("Catalog cache is cold — pruning only locally disabled skills");
       const disabled = resolved.filter((r) => r.state !== "enabled");
       for (const { summary } of disabled) {
         deleteSkillCapabilityNode(summary.id);
@@ -158,9 +156,9 @@ export function seedSkillGraphNodes(): void {
  * Seed graph nodes for all CLI commands.
  * Prunes stale nodes whose commands are no longer registered.
  */
-export function seedCliGraphNodes(): void {
+export async function seedCliGraphNodes(): Promise<void> {
   try {
-    const program = buildCliProgram();
+    const program = await buildCliProgram();
 
     const seenKeys = new Set<string>();
     for (const cmd of program.commands) {

package/src/memory/group-crud.ts

@@ -33,7 +33,7 @@ export function listGroups(): ConversationGroupRow[] {
     created_at: number;
     updated_at: number;
   }>(
-    "SELECT id, name, sort_position, is_system_group, created_at, updated_at FROM conversation_groups WHERE id != '_backfill_complete' ORDER BY sort_position ASC",
+    "SELECT id, name, sort_position, is_system_group, created_at, updated_at FROM conversation_groups WHERE id NOT IN ('_backfill_complete', '_backfill_all_complete', '_sort_shift_complete') ORDER BY sort_position ASC",
   );
   return rows.map((r) => ({
     id: r.id,
@@ -79,8 +79,8 @@ export function getGroup(groupId: string): ConversationGroupRow | null {
 
 /**
  * Create a custom group. Server assigns sort_position as max(custom) + 1.
- * System groups occupy positions 0 (pinned), 1 (scheduled), 2 (background).
- * First custom group gets position 3. Fallback ?? 2 ensures 2 + 1 = 3 when
+ * System groups occupy positions 0–3 (pinned, scheduled, background, all).
+ * First custom group gets position 4. Fallback ?? 3 ensures 3 + 1 = 4 when
  * no custom groups exist.
  */
 export function createGroup(name: string): ConversationGroupRow {
@@ -88,7 +88,7 @@ export function createGroup(name: string): ConversationGroupRow {
   const maxPos =
     rawGet<{ max: number | null }>(
       "SELECT MAX(sort_position) as max FROM conversation_groups WHERE is_system_group = 0",
-    )?.max ?? 2;
+    )?.max ?? 3;
   const sortPosition = maxPos + 1;
   const id = uuid();
   const now = Math.floor(Date.now() / 1000);
@@ -153,13 +153,16 @@ export function updateGroup(
 // Delete
 // ---------------------------------------------------------------------------
 
-// Relies on PRAGMA foreign_keys = ON (set at connection time) so that
-// ON DELETE SET NULL fires and clears group_id on conversations when
-// a group is deleted. If FK enforcement is ever disabled, orphaned
-// group_id values would persist and conversations would appear in a
-// non-existent group.
+// Reassign conversations to system:all before deleting the group so they
+// don't end up with NULL group_id (which would violate the system:all
+// invariant). The FK ON DELETE SET NULL would otherwise leave NULLs that
+// the one-time backfill won't re-fix.
 export function deleteGroup(groupId: string): boolean {
   ensureGroupMigration();
+  rawRun(
+    "UPDATE conversations SET group_id = 'system:all' WHERE group_id = ?",
+    groupId,
+  );
   rawRun("DELETE FROM conversation_groups WHERE id = ?", groupId);
   return true;
 }
@@ -176,6 +179,19 @@ export function reorderGroups(
   rawExec("BEGIN");
   try {
     for (const update of updates) {
+      // Look up the group first — skip unknown/stale IDs and system groups
+      const group = rawGet<{ id: string; is_system_group: number }>(
+        "SELECT id, is_system_group FROM conversation_groups WHERE id = ?",
+        update.groupId,
+      );
+      if (!group) continue;
+      if (group.is_system_group === 1) continue;
+
+      if (update.sortPosition < 4) {
+        throw new Error(
+          `Custom group sort_position must be >= 4 (got ${update.sortPosition} for ${update.groupId})`,
+        );
+      }
       rawRun(
         "UPDATE conversation_groups SET sort_position = ?, updated_at = ? WHERE id = ?",
         update.sortPosition,

package/src/messaging/provider.ts

@@ -25,7 +25,7 @@ export interface MessagingProvider {
   id: string;
   /** Human-readable name (e.g. 'Slack', 'Gmail'). */
   displayName: string;
-  /** Credential service name for token-manager (e.g. 'integration:slack'). */
+  /** Credential service name for token-manager (e.g. 'slack'). */
   credentialService: string;
 
   // ── Universal operations (every platform must implement) ──────────

package/src/notifications/broadcaster.ts

@@ -41,6 +41,10 @@ export interface ConversationCreatedInfo {
   sourceEventName: string;
   /** Present when the conversation is for a guardian-sensitive notification. */
   targetGuardianPrincipalId?: string;
+  /** Conversation group identifier from the signal producer (e.g. "system:scheduled"). */
+  groupId?: string;
+  /** Semantic source from the signal producer (e.g. "schedule", "reminder"). */
+  source?: string;
 }
 export type OnConversationCreatedFn = (info: ConversationCreatedInfo) => void;
 export interface BroadcastDecisionOptions {
@@ -238,6 +242,8 @@ export class NotificationBroadcaster {
           title: conversationTitle,
           sourceEventName: signal.sourceEventName,
           targetGuardianPrincipalId,
+          groupId: signal.conversationMetadata?.groupId,
+          source: signal.conversationMetadata?.source,
         };
 
         // The per-dispatch onConversationCreated callback fires whenever a vellum

package/src/notifications/conversation-pairing.ts

@@ -130,7 +130,9 @@ export async function pairDeliveryWithConversation(
       const targetId = conversationAction.conversationId;
       const existing = getConversation(targetId);
 
-      if (existing && existing.source === "notification") {
+      const effectiveSource =
+        signal.conversationMetadata?.source ?? "notification";
+      if (existing && existing.source === effectiveSource) {
         // Append the seed message to the existing conversation
         const message = await addMessage(
           existing.id,
@@ -186,7 +188,9 @@ export async function pairDeliveryWithConversation(
       const conversation = createConversation({
         title,
         conversationType,
-        source: "notification",
+        source: signal.conversationMetadata?.source ?? "notification",
+        groupId: signal.conversationMetadata?.groupId,
+        scheduleJobId: signal.conversationMetadata?.scheduleJobId,
       });
 
       const message = await addMessage(
@@ -241,7 +245,9 @@ export async function pairDeliveryWithConversation(
           existingBinding.conversationId,
         );
 
-        if (boundConversation && boundConversation.source === "notification") {
+        const effectiveSource =
+          signal.conversationMetadata?.source ?? "notification";
+        if (boundConversation && boundConversation.source === effectiveSource) {
           const message = await addMessage(
             boundConversation.id,
             "assistant",
@@ -299,7 +305,9 @@ export async function pairDeliveryWithConversation(
     const conversation = createConversation({
       title,
       conversationType,
-      source: "notification",
+      source: signal.conversationMetadata?.source ?? "notification",
+      groupId: signal.conversationMetadata?.groupId,
+      scheduleJobId: signal.conversationMetadata?.scheduleJobId,
     });
 
     // Skip memory indexing — notification audit messages are not conversational

package/src/notifications/emit-signal.ts

@@ -79,6 +79,8 @@ function getBroadcaster(): NotificationBroadcaster {
           title: info.title,
           sourceEventName: info.sourceEventName,
           targetGuardianPrincipalId: info.targetGuardianPrincipalId,
+          groupId: info.groupId,
+          source: info.source,
         });
         log.info(
           {
@@ -176,6 +178,17 @@ export interface EmitSignalParams<TEventName extends string = string> {
    * Useful for direct user-invoked actions that must fail closed.
    */
   throwOnError?: boolean;
+  /**
+   * Optional metadata propagated to the conversation created by the notification
+   * pipeline. Allows signal producers (e.g. the scheduler) to set groupId,
+   * scheduleJobId, or override the default "notification" source on the
+   * resulting conversation so it appears in the correct folder on clients.
+   */
+  conversationMetadata?: {
+    groupId?: string;
+    scheduleJobId?: string;
+    source?: string;
+  };
 }
 
 export interface EmitSignalResult {
@@ -210,6 +223,7 @@ export async function emitNotificationSignal<TEventName extends string>(
     routingIntent: params.routingIntent,
     routingHints: params.routingHints,
     conversationAffinityHint: params.conversationAffinityHint,
+    conversationMetadata: params.conversationMetadata,
   };
 
   try {

package/src/notifications/signal.ts

@@ -200,4 +200,15 @@ export interface NotificationSignal<TEventName extends string = string> {
    * affinity within a call session.
    */
   conversationAffinityHint?: Partial<Record<string, string>>;
+  /**
+   * Optional metadata propagated to the conversation created by the notification
+   * pipeline. Allows signal producers (e.g. the scheduler) to set groupId,
+   * scheduleJobId, or override the default "notification" source on the
+   * resulting conversation so it appears in the correct folder on clients.
+   */
+  conversationMetadata?: {
+    groupId?: string;
+    scheduleJobId?: string;
+    source?: string;
+  };
 }

package/src/oauth/platform-connection.test.ts

@@ -27,7 +27,7 @@ function makeMockClient(
     fetch: mock(async (path: string, init?: RequestInit) => {
       const url = `https://platform.example.com${path}`;
       const headers = new Headers(init?.headers);
-      headers.set("Authorization", "Api-Key test-api-key");
+      headers.set("Authorization", "Bearer test-api-key");
       return mockFetchFn(url, { ...init, headers });
     }),
   } as unknown as VellumPlatformClient;
@@ -53,7 +53,7 @@ describe("PlatformOAuthConnection", () => {
         );
         expect(init?.method).toBe("POST");
         const headers = new Headers(init?.headers);
-        expect(headers.get("Authorization")).toBe("Api-Key test-api-key");
+        expect(headers.get("Authorization")).toBe("Bearer test-api-key");
         expect(headers.get("Content-Type")).toBe("application/json");
 
         const parsed = JSON.parse(init?.body as string);

package/src/oauth/seed-providers.ts

@@ -295,6 +295,7 @@ const PROVIDER_SEED_DATA: Record<
     },
     extraParams: { prompt: "consent" },
     loopbackPort: 17324,
+    managedServiceConfigKey: "linear-oauth",
     injectionTemplates: [
       {
         hostPattern: "api.linear.app",

package/src/permissions/checker.ts

@@ -3,6 +3,7 @@ import { homedir } from "node:os";
 import { dirname, join, resolve } from "node:path";
 
 import { isAssistantFeatureFlagEnabled } from "../config/assistant-feature-flags.js";
+import { getIsContainerized } from "../config/env-registry.js";
 import { getConfig } from "../config/loader.js";
 import { loadSkillCatalog, resolveSkillSelector } from "../config/skills.js";
 import { indexCatalogById } from "../skills/include-graph.js";
@@ -1097,9 +1098,8 @@ export async function check(
     !matchedRule &&
     risk === RiskLevel.Low
   ) {
-    // When sandbox is disabled, bash runs on the host — don't auto-allow
-    const sandboxEnabled = getConfig().sandbox.enabled;
-    if (toolName === "bash" && !sandboxEnabled) {
+    // Outside a container, bash runs on the host — don't auto-allow
+    if (toolName === "bash" && !getIsContainerized()) {
       // Fall through to risk-based policy below
     } else if (isWorkspaceScopedInvocation(toolName, input, workingDir)) {
       return {

package/src/permissions/defaults.ts

@@ -1,5 +1,6 @@
 import { join } from "node:path";
 
+import { getIsContainerized } from "../config/env-registry.js";
 import { getConfig } from "../config/loader.js";
 import { getBundledSkillsDir } from "../config/skills.js";
 import { getWorkspaceDir } from "../util/platform.js";
@@ -42,7 +43,6 @@ export function getDefaultRuleTemplates(): DefaultRuleTemplate[] {
   // Some test suites mock getConfig() with partial objects; treat missing
   // branches as defaults so rule generation remains deterministic.
   const config = getConfig() as {
-    sandbox?: { enabled?: boolean };
     skills?: { load?: { extraDirs?: unknown } };
   };
 
@@ -67,12 +67,11 @@ export function getDefaultRuleTemplates(): DefaultRuleTemplate[] {
     priority: 50,
   };
 
-  // Sandboxed bash commands run in an isolated container — auto-allow all of
-  // them (including high-risk) so the user is never prompted for sandbox work.
-  // Only emit this rule when the sandbox is actually enabled; otherwise bash
-  // commands execute on the host and must go through normal permission checks.
-  const sandboxEnabled = config.sandbox?.enabled !== false;
-  const sandboxShellRule: DefaultRuleTemplate | null = sandboxEnabled
+  // When running inside a container (IS_CONTAINERIZED=true), bash commands
+  // execute in an isolated environment — auto-allow all of them (including
+  // high-risk) so the user is never prompted.  Outside a container, bash
+  // commands run on the host and go through normal permission checks.
+  const bashShellRule: DefaultRuleTemplate | null = getIsContainerized()
     ? {
         id: "default:allow-bash-global",
         tool: "bash",
@@ -300,7 +299,7 @@ export function getDefaultRuleTemplates(): DefaultRuleTemplate[] {
   return [
     ...hostFileRules,
     hostShellRule,
-    ...(sandboxShellRule ? [sandboxShellRule] : []),
+    ...(bashShellRule ? [bashShellRule] : []),
     ...computerUseRules,
     ...managedSkillRules,
     ...workspacePromptRules,

package/src/permissions/prompter.ts

@@ -58,7 +58,6 @@ export class PermissionPrompter {
       newContent: string;
       isNewFile: boolean;
     },
-    sandboxed?: boolean,
     conversationId?: string,
     executionTarget?: ExecutionTarget,
     persistentDecisionsAllowed?: boolean,
@@ -119,7 +118,6 @@ export class PermissionPrompter {
           scope: o.scope,
         })),
         diff,
-        sandboxed,
         conversationId,
         executionTarget,
         persistentDecisionsAllowed: persistentDecisionsAllowed ?? true,

package/src/platform/client.ts

@@ -2,7 +2,7 @@
  * Centralized platform API client.
  *
  * Owns managed proxy context resolution, prerequisite validation, and
- * authenticated fetch for all platform API calls that use Api-Key auth.
+ * authenticated fetch for all platform API calls.
  */
 
 import { getPlatformAssistantId } from "../config/env.js";

package/src/prompts/templates/BOOTSTRAP.md

@@ -86,14 +86,21 @@ Read BOOTSTRAP-REFERENCE.md for the exact `ui_show` card payload.
 
 **Pacing rule:** Don't ask more than 2 questions in a row without doing something. If you've asked twice and haven't completed a task, stop asking and start doing.
 
-### Step 5: Getting Set Up
+### Step 5: Keep the Momentum
 
-After the task is done, suggest two things to get the most out of the assistant. These are natural next steps, not a formal menu.
+After the task is done, don't pivot to setup. Build on what just happened.
 
-1. **Daily briefing:** "I can send you a morning briefing with weather, calendar, and news. Want me to set that up?"
-2. **Meet you where you are:** "I'm here on your desktop, but I can also meet you on Slack or Telegram if you want to reach me from your phone. Want to set one up?"
+**First choice: chain off the task.** Suggest one natural follow-up that extends the work they just did. Examples:
+- Built a deck → "Want to send this to someone or refine a specific slide?"
+- Connected email → "Want me to summarize what needs your attention today?"
+- Researched a topic → "Want me to go deeper on one of those points, or turn this into something shareable?"
+- Built an app → Proactively suggest a specific improvement to what they built (a missing feature, a UI polish, better error handling). Show you have taste.
 
-If the user declines or ignores these, that's fine. Move on.
+The follow-up should feel like a coworker saying "while we're at it..." — not a product tour.
+
+**Fallback: plant a hook for next time.** If the task was a dead-end (photo edit, one-off question), reach back to Step 3. Pick up something from their "what's on your mind" answer and offer to work on it: "You mentioned [X] earlier — I can dig into that and have something ready next time you open this."
+
+If they engage, do it. If they decline or wrap up, move on. One offer, no pressure.
 
 ### Step 6: Before You Go
 
@@ -119,6 +126,8 @@ Mark declined fields so you don't re-ask later (e.g., `Work role: declined_by_us
 
 **Call `file_edit` immediately whenever you learn something, in the same turn.** Don't batch saves. The moment the user gives you a name, save it. The moment you infer their style, save it.
 
+**After tool calls, do not repeat yourself.** Your text before tool calls is already visible to the user. When tool results return and you continue, pick up where you left off — don't re-confirm, re-greet, or re-ask the same question. If you already asked something and are waiting for the user's answer, just stop.
+
 **The contents of IDENTITY.md, SOUL.md, and USER.md are already in your system prompt.** Use the exact text you see there for `old_string` in `file_edit`. Do not guess or invent content.
 
 Update `IDENTITY.md` (name, nature, personality, style) and `USER.md` (their name, pronouns, goals, locale, work role, hobbies, daily tools). Save behavioral guidelines to `SOUL.md`.