@vellumai/assistant 0.6.3 → 0.6.4

package/src/__tests__/email-html-renderer.test.ts

@@ -0,0 +1,71 @@
+import { describe, expect, test } from "bun:test";
+
+import { markdownToEmailHtml } from "../email/html-renderer.js";
+
+describe("markdownToEmailHtml", () => {
+  test("wraps plain text in email template", () => {
+    const result = markdownToEmailHtml("Hello world");
+    expect(result).toContain("<!DOCTYPE html>");
+    expect(result).toContain("<p>Hello world</p>");
+    expect(result).toContain("max-width:600px");
+  });
+
+  test("converts markdown bold to <strong>", () => {
+    const result = markdownToEmailHtml("This is **bold** text");
+    expect(result).toContain("<strong>bold</strong>");
+  });
+
+  test("converts markdown links", () => {
+    const result = markdownToEmailHtml("Visit [Vellum](https://vellum.ai)");
+    expect(result).toContain('<a href="https://vellum.ai">Vellum</a>');
+  });
+
+  test("converts markdown lists", () => {
+    const result = markdownToEmailHtml("- item one\n- item two\n- item three");
+    expect(result).toContain("<li>item one</li>");
+    expect(result).toContain("<li>item two</li>");
+    expect(result).toContain("<ul>");
+  });
+
+  test("converts markdown code blocks", () => {
+    const result = markdownToEmailHtml("```\nconsole.log('hi')\n```");
+    expect(result).toContain("<code>");
+    expect(result).toContain("console.log(");
+  });
+
+  test("converts line breaks (GFM breaks mode)", () => {
+    const result = markdownToEmailHtml("line one\nline two");
+    expect(result).toContain("<br>");
+  });
+
+  test("returns raw HTML input as-is", () => {
+    const rawHtml = "<div>Already HTML</div>";
+    const result = markdownToEmailHtml(rawHtml);
+    expect(result).toBe(rawHtml);
+  });
+
+  test("handles empty string", () => {
+    const result = markdownToEmailHtml("");
+    expect(result).toBe("");
+  });
+
+  test("handles multiline markdown email", () => {
+    const md = `Hi there,
+
+Thanks for reaching out! Here's what I found:
+
+1. **First point** — some details
+2. **Second point** — more details
+
+Let me know if you need anything else.
+
+Best,
+Assistant`;
+
+    const result = markdownToEmailHtml(md);
+    expect(result).toContain("<!DOCTYPE html>");
+    expect(result).toContain("<strong>First point</strong>");
+    expect(result).toContain("<ol>");
+    expect(result).toContain("<li>");
+  });
+});

package/src/__tests__/email-invite-adapter.test.ts

@@ -1,51 +1,66 @@
 /**
  * Tests for the email invite adapter.
  *
- * Verifies that the email adapter resolves the assistant's real inbox
- * address when one is configured and falls back to `undefined` (triggering
- * generic invite instructions) when no inbox exists.
+ * Verifies that the email adapter resolves the assistant's email address
+ * from workspace config and falls back to `undefined` when no address
+ * is configured.
  */
 import { afterEach, beforeEach, describe, expect, mock, test } from "bun:test";
 
-import { resolveAdapterHandle } from "../runtime/channel-invite-transport.js";
-import { emailInviteAdapter } from "../runtime/channel-invite-transports/email.js";
-
 // ---------------------------------------------------------------------------
-// Mock the EmailService singleton
+// Mock the config loader
 // ---------------------------------------------------------------------------
 
-let mockPrimaryAddress: string | undefined;
-
-mock.module("../email/service.js", () => ({
-  getEmailService: () => ({
-    getPrimaryInboxAddress: async () => mockPrimaryAddress,
-  }),
-  // Re-export other symbols that callers might need
-  EmailService: class {},
+let mockConfig: Record<string, unknown> = {};
+
+mock.module("../config/loader.js", () => ({
+  loadRawConfig: () => mockConfig,
+  getNestedValue: (obj: Record<string, unknown>, path: string) => {
+    const keys = path.split(".");
+    let current: unknown = obj;
+    for (const key of keys) {
+      if (current == null || typeof current !== "object") return undefined;
+      current = (current as Record<string, unknown>)[key];
+    }
+    return current;
+  },
+  getConfig: () => ({}),
+  saveRawConfig: () => {},
+  setNestedValue: () => {},
 }));
 
+import { resolveAdapterHandle } from "../runtime/channel-invite-transport.js";
+import { emailInviteAdapter } from "../runtime/channel-invite-transports/email.js";
+
 // ---------------------------------------------------------------------------
 // Tests
 // ---------------------------------------------------------------------------
 
 describe("emailInviteAdapter", () => {
   beforeEach(() => {
-    mockPrimaryAddress = undefined;
+    mockConfig = {};
   });
 
   afterEach(() => {
-    mockPrimaryAddress = undefined;
+    mockConfig = {};
   });
 
   test("returns configured email address via resolveChannelHandleAsync", async () => {
-    mockPrimaryAddress = "hello@mycompany.agentmail.to";
+    mockConfig = { email: { address: "hello@vellum.me" } };
+
+    const handle = await resolveAdapterHandle(emailInviteAdapter);
+    expect(handle).toBe("hello@vellum.me");
+  });
+
+  test("returns undefined when no address is configured", async () => {
+    mockConfig = {};
 
     const handle = await resolveAdapterHandle(emailInviteAdapter);
-    expect(handle).toBe("hello@mycompany.agentmail.to");
+    expect(handle).toBeUndefined();
   });
 
-  test("returns undefined when no inbox is configured", async () => {
-    mockPrimaryAddress = undefined;
+  test("returns undefined when email.address is empty string", async () => {
+    mockConfig = { email: { address: "" } };
 
     const handle = await resolveAdapterHandle(emailInviteAdapter);
     expect(handle).toBeUndefined();
@@ -56,7 +71,6 @@ describe("emailInviteAdapter", () => {
   });
 
   test("does not define sync resolveChannelHandle", () => {
-    // The email adapter uses the async path exclusively
     expect(emailInviteAdapter.resolveChannelHandle).toBeUndefined();
   });
 
@@ -64,14 +78,4 @@ describe("emailInviteAdapter", () => {
     expect(emailInviteAdapter.buildShareLink).toBeUndefined();
     expect(emailInviteAdapter.extractInboundToken).toBeUndefined();
   });
-
-  test("returns config fallback address when provider has no inboxes", async () => {
-    // Simulates the config fallback: provider returns no inboxes, but
-    // email.address is set in workspace config. The service's
-    // getPrimaryInboxAddress() should return the configured address.
-    mockPrimaryAddress = "configured@example.com";
-
-    const handle = await resolveAdapterHandle(emailInviteAdapter);
-    expect(handle).toBe("configured@example.com");
-  });
 });

package/src/__tests__/emit-event-signal.test.ts

@@ -0,0 +1,71 @@
+/**
+ * Behavioral test for the generic CLI→daemon event bridge.
+ *
+ * Callers write a JSON-encoded {@link ServerMessage} to
+ * `<signalsDir>/emit-event`. {@link handleEmitEventSignal} reads that
+ * payload and republishes it through the {@link assistantEventHub} so
+ * SSE subscribers receive it.
+ */
+import { existsSync, mkdirSync, rmSync, writeFileSync } from "node:fs";
+import { join } from "node:path";
+import { afterEach, describe, expect, test } from "bun:test";
+
+import type { ServerMessage } from "../daemon/message-protocol.js";
+import type { AssistantEvent } from "../runtime/assistant-event.js";
+import { assistantEventHub } from "../runtime/assistant-event-hub.js";
+import { DAEMON_INTERNAL_ASSISTANT_ID } from "../runtime/assistant-scope.js";
+import { handleEmitEventSignal } from "../signals/emit-event.js";
+import { getSignalsDir } from "../util/platform.js";
+
+function signalPath(): string {
+  return join(getSignalsDir(), "emit-event");
+}
+
+const subscriptions: Array<{ dispose(): void }> = [];
+
+afterEach(() => {
+  for (const sub of subscriptions.splice(0)) {
+    sub.dispose();
+  }
+  const path = signalPath();
+  if (existsSync(path)) {
+    rmSync(path, { force: true });
+  }
+});
+
+describe("handleEmitEventSignal", () => {
+  test("reads a ServerMessage from the signal file and publishes it to the event hub", async () => {
+    mkdirSync(getSignalsDir(), { recursive: true });
+
+    const payload: ServerMessage = { type: "tasks_changed" };
+
+    writeFileSync(signalPath(), JSON.stringify(payload), "utf-8");
+
+    const received: AssistantEvent[] = [];
+    let resolveDelivered: (() => void) | null = null;
+    const delivered = new Promise<void>((resolve) => {
+      resolveDelivered = resolve;
+    });
+
+    subscriptions.push(
+      assistantEventHub.subscribe(
+        { assistantId: DAEMON_INTERNAL_ASSISTANT_ID },
+        (event) => {
+          received.push(event);
+          resolveDelivered?.();
+        },
+      ),
+    );
+
+    handleEmitEventSignal();
+
+    await delivered;
+
+    expect(received).toHaveLength(1);
+    const event = received[0];
+    expect(event.assistantId).toBe(DAEMON_INTERNAL_ASSISTANT_ID);
+    expect(event.message).toEqual(payload);
+    expect(typeof event.id).toBe("string");
+    expect(typeof event.emittedAt).toBe("string");
+  });
+});

package/src/__tests__/extension-id-sync-guard.test.ts

@@ -11,7 +11,8 @@
  *      (not duplicated across runtime/tests/docs).
  */
 
-import { readdirSync, readFileSync, statSync } from "node:fs";
+import { existsSync, readdirSync, readFileSync, statSync } from "node:fs";
+import { homedir } from "node:os";
 import { join, resolve } from "node:path";
 import { describe, expect, test } from "bun:test";
 
@@ -21,8 +22,14 @@ const repoRoot = resolve(__dirname, "..", "..", "..");
 const CANONICAL_CONFIG_REL_PATH =
   "meta/browser-extension/chrome-extension-allowlist.json";
 const CANONICAL_CONFIG_ABS_PATH = join(repoRoot, CANONICAL_CONFIG_REL_PATH);
+const LOCAL_OVERRIDE_PATH = join(
+  homedir(),
+  ".vellum",
+  "chrome-extension-allowlist.local.json",
+);
 
 const EXTENSION_ID_REGEX = /^[a-p]{32}$/;
+const PLACEHOLDER_ID_REGEX = /^TODO_[A-Z0-9_]+$/;
 
 type AllowlistConfig = {
   version: number;
@@ -48,19 +55,32 @@ function parseCanonicalConfig(): AllowlistConfig {
   }
 
   const seen = new Set<string>();
+  const validIds: string[] = [];
   for (const id of parsed.allowedExtensionIds) {
-    if (typeof id !== "string" || !EXTENSION_ID_REGEX.test(id)) {
+    if (typeof id !== "string") {
       throw new Error(`Invalid canonical extension id: ${String(id)}`);
     }
     if (seen.has(id)) {
       throw new Error(`Duplicate canonical extension id: ${id}`);
     }
     seen.add(id);
+
+    if (EXTENSION_ID_REGEX.test(id)) {
+      validIds.push(id);
+    } else if (!PLACEHOLDER_ID_REGEX.test(id)) {
+      throw new Error(`Invalid canonical extension id: ${id}`);
+    }
+  }
+
+  if (validIds.length === 0) {
+    throw new Error(
+      "Invalid canonical config: allowedExtensionIds must contain at least one real extension id",
+    );
   }
 
   return {
     version: parsed.version as number,
-    allowedExtensionIds: parsed.allowedExtensionIds as string[],
+    allowedExtensionIds: validIds,
   };
 }
 
@@ -97,8 +117,18 @@ function listTextFilesRecursively(root: string): string[] {
   const out: string[] = [];
 
   function walk(dir: string): void {
-    for (const entry of readdirSync(dir, { withFileTypes: true })) {
+    let entries;
+    try {
+      entries = readdirSync(dir, { withFileTypes: true });
+    } catch (err) {
+      // Directory may have been removed by a concurrent test; skip it.
+      if ((err as NodeJS.ErrnoException).code === "ENOENT") return;
+      throw err;
+    }
+    for (const entry of entries) {
       if (entry.name.startsWith(".DS_Store")) continue;
+      // Skip temp fixtures created by parallel tests (e.g. .test-starter-bundle-<pid>).
+      if (entry.name.startsWith(".test-")) continue;
       const absPath = join(dir, entry.name);
       if (entry.isDirectory()) {
         if (ignoredDirs.has(entry.name)) continue;
@@ -111,7 +141,13 @@ function listTextFilesRecursively(root: string): string[] {
       if (!allowedExtensions.has(ext)) continue;
 
       // Skip large files to keep this guard lightweight.
-      const size = statSync(absPath).size;
+      let size: number;
+      try {
+        size = statSync(absPath).size;
+      } catch (err) {
+        if ((err as NodeJS.ErrnoException).code === "ENOENT") continue;
+        throw err;
+      }
       if (size > 1_000_000) continue;
       out.push(absPath);
     }
@@ -128,12 +164,36 @@ describe("Chrome extension allowlist guard", () => {
     expect(config.allowedExtensionIds.length).toBeGreaterThan(0);
   });
 
-  test("assistant runtime allowlist mirrors canonical config", () => {
+  test("assistant runtime allowlist contains every canonical origin", () => {
+    // The runtime set is the union of canonical + local override
+    // (~/.vellum/chrome-extension-allowlist.local.json) + env var. A dev
+    // machine may have extras; we only assert the canonical IDs are present.
+    const config = parseCanonicalConfig();
+    for (const id of config.allowedExtensionIds) {
+      const origin = `chrome-extension://${id}/`;
+      expect(ALLOWED_EXTENSION_ORIGINS.has(origin)).toBe(true);
+    }
+  });
+
+  test("assistant runtime allowlist exactly mirrors canonical when no override sources are active", () => {
+    // Exact-equality invariant: when neither the local override file nor
+    // the env-var override is active, the runtime set must equal the
+    // canonical set — nothing extra, nothing missing. A dev machine with
+    // an unpacked-extension override will skip this deterministic check
+    // and rely on the subset assertion above.
+    if (existsSync(LOCAL_OVERRIDE_PATH)) return;
+    if (
+      process.env.VELLUM_CHROME_EXTENSION_IDS ||
+      process.env.VELLUM_CHROME_EXTENSION_ID
+    ) {
+      return;
+    }
+
     const config = parseCanonicalConfig();
     const expectedOrigins = new Set(
       config.allowedExtensionIds.map((id) => `chrome-extension://${id}/`),
     );
-    expect(ALLOWED_EXTENSION_ORIGINS).toEqual(expectedOrigins);
+    expect(new Set(ALLOWED_EXTENSION_ORIGINS)).toEqual(expectedOrigins);
   });
 
   test("concrete extension IDs appear only in canonical config", () => {
@@ -144,7 +204,14 @@ describe("Chrome extension allowlist guard", () => {
       const matches: string[] = [];
       for (const absPath of allFiles) {
         const relPath = absPath.replace(`${repoRoot}/`, "");
-        const content = readFileSync(absPath, "utf8");
+        let content: string;
+        try {
+          content = readFileSync(absPath, "utf8");
+        } catch (err) {
+          // File may have been removed by a concurrent test between listing and reading.
+          if ((err as NodeJS.ErrnoException).code === "ENOENT") continue;
+          throw err;
+        }
         if (content.includes(extensionId)) {
           matches.push(relPath);
         }

package/src/__tests__/fixtures/mock-chrome-extension.ts

@@ -124,6 +124,12 @@ export interface MockChromeExtension {
    * command.
    */
   sendSessionInvalidated(event: { targetId?: string; reason?: string }): void;
+  /**
+   * Send an arbitrary pre-serialized JSON string over the active
+   * WebSocket. Used by tests that need to send frame types not covered
+   * by the fixture's typed helpers (e.g. keepalive frames).
+   */
+  sendRaw(json: string): void;
 }
 
 // ── Defaults ────────────────────────────────────────────────────────
@@ -371,5 +377,10 @@ export function createMockChromeExtension(
         }),
       );
     },
+    sendRaw(json: string) {
+      const sock = ws;
+      if (!sock || sock.readyState !== WebSocket.OPEN) return;
+      sock.send(json);
+    },
   };
 }

package/src/__tests__/gateway-only-enforcement.test.ts

@@ -68,6 +68,9 @@ mock.module("../config/loader.js", () => ({
     twilio: {
       phoneNumber: "+15550001111",
     },
+    services: {
+      stt: { provider: "deepgram" },
+    },
   }),
   invalidateConfigCache: () => {},
 }));
@@ -90,7 +93,9 @@ mock.module("../calls/twilio-provider.js", () => ({
   },
 }));
 
-mock.module("../security/secure-keys.js", () => ({}));
+mock.module("../security/secure-keys.js", () => ({
+  getProviderKeyAsync: () => Promise.resolve(null),
+}));
 
 // NOTE: Do NOT mock '../inbound/public-ingress-urls.js' here.
 // Those are pure functions that derive URLs from the config object returned by
@@ -455,6 +460,86 @@ describe("gateway-only ingress enforcement", () => {
     });
   });
 
+  // ── Media-stream WebSocket upgrade ─────────────────────────────────
+
+  describe("media-stream WebSocket upgrade", () => {
+    test("blocks non-private-network origin", async () => {
+      // The peer address (127.0.0.1) passes the private network check,
+      // but the external Origin header triggers the secondary defense-in-depth block.
+      const res = await fetch(
+        `http://127.0.0.1:${port}/v1/calls/media-stream?callSessionId=sess-123`,
+        {
+          headers: {
+            Upgrade: "websocket",
+            Connection: "Upgrade",
+            Origin: "https://external.example.com",
+            "Sec-WebSocket-Key": "dGhlIHNhbXBsZSBub25jZQ==",
+            "Sec-WebSocket-Version": "13",
+          },
+        },
+      );
+      expect(res.status).toBe(403);
+      const body = (await res.json()) as {
+        error: { code: string; message: string };
+      };
+      expect(body.error.code).toBe("FORBIDDEN");
+      expect(body.error.message).toContain(
+        "Direct media-stream access disabled",
+      );
+    });
+
+    test("allows request with no origin header (private network peer)", async () => {
+      // Without an origin header, isPrivateNetworkOrigin returns true.
+      // The peer address (127.0.0.1) passes the private network peer check.
+      const res = await fetch(
+        `http://127.0.0.1:${port}/v1/calls/media-stream?callSessionId=sess-123`,
+        {
+          headers: {
+            Upgrade: "websocket",
+            Connection: "Upgrade",
+            "Sec-WebSocket-Key": "dGhlIHNhbXBsZSBub25jZQ==",
+            "Sec-WebSocket-Version": "13",
+          },
+        },
+      );
+      // Should NOT be 403 — WebSocket upgrade may or may not succeed
+      // depending on test environment, but the gateway guard should pass.
+      expect(res.status).not.toBe(403);
+    });
+
+    test("allows localhost origin from loopback peer", async () => {
+      const res = await fetch(
+        `http://127.0.0.1:${port}/v1/calls/media-stream?callSessionId=sess-123`,
+        {
+          headers: {
+            Upgrade: "websocket",
+            Connection: "Upgrade",
+            Origin: "http://127.0.0.1:3000",
+            "Sec-WebSocket-Key": "dGhlIHNhbXBsZSBub25jZQ==",
+            "Sec-WebSocket-Version": "13",
+          },
+        },
+      );
+      // Should NOT be 403
+      expect(res.status).not.toBe(403);
+    });
+
+    test("returns 400 when callSessionId is missing", async () => {
+      const res = await fetch(
+        `http://127.0.0.1:${port}/v1/calls/media-stream`,
+        {
+          headers: {
+            Upgrade: "websocket",
+            Connection: "Upgrade",
+            "Sec-WebSocket-Key": "dGhlIHNhbXBsZSBub25jZQ==",
+            "Sec-WebSocket-Version": "13",
+          },
+        },
+      );
+      expect(res.status).toBe(400);
+    });
+  });
+
   // ── isPrivateAddress unit tests ─────────────────────────────────────
 
   describe("isPrivateAddress", () => {
@@ -686,6 +771,126 @@ describe("gateway-only ingress enforcement", () => {
     });
   });
 
+  // ── STT stream WebSocket upgrade ────────────────────────────────────
+
+  describe("STT stream WebSocket upgrade", () => {
+    test("blocks non-private-network origin", async () => {
+      const res = await fetch(
+        `http://127.0.0.1:${port}/v1/stt/stream?provider=deepgram&mimeType=audio/webm`,
+        {
+          headers: {
+            Upgrade: "websocket",
+            Connection: "Upgrade",
+            Origin: "https://external.example.com",
+            "Sec-WebSocket-Key": "dGhlIHNhbXBsZSBub25jZQ==",
+            "Sec-WebSocket-Version": "13",
+          },
+        },
+      );
+      expect(res.status).toBe(403);
+      const body = (await res.json()) as {
+        error: { code: string; message: string };
+      };
+      expect(body.error.code).toBe("FORBIDDEN");
+      expect(body.error.message).toContain("Direct STT stream access disabled");
+    });
+
+    test("rejects upgrade without a token", async () => {
+      const res = await fetch(
+        `http://127.0.0.1:${port}/v1/stt/stream?provider=deepgram&mimeType=audio/webm`,
+        {
+          headers: {
+            Upgrade: "websocket",
+            Connection: "Upgrade",
+            "Sec-WebSocket-Key": "dGhlIHNhbXBsZSBub25jZQ==",
+            "Sec-WebSocket-Version": "13",
+          },
+        },
+      );
+      expect(res.status).toBe(401);
+    });
+
+    test("rejects upgrade with actor JWT (requires gateway service token)", async () => {
+      const res = await fetch(
+        `http://127.0.0.1:${port}/v1/stt/stream?token=${TEST_JWT}&provider=deepgram&mimeType=audio/webm`,
+        {
+          headers: {
+            Upgrade: "websocket",
+            Connection: "Upgrade",
+            "Sec-WebSocket-Key": "dGhlIHNhbXBsZSBub25jZQ==",
+            "Sec-WebSocket-Version": "13",
+          },
+        },
+      );
+      // Actor JWTs should be rejected — only gateway service tokens are allowed.
+      expect(res.status).toBe(401);
+    });
+
+    test("accepts upgrade with gateway service token from private network", async () => {
+      const res = await fetch(
+        `http://127.0.0.1:${port}/v1/stt/stream?token=${GATEWAY_JWT}&provider=deepgram&mimeType=audio/webm`,
+        {
+          headers: {
+            Upgrade: "websocket",
+            Connection: "Upgrade",
+            "Sec-WebSocket-Key": "dGhlIHNhbXBsZSBub25jZQ==",
+            "Sec-WebSocket-Version": "13",
+          },
+        },
+      );
+      // Should NOT be 403 or 401 — WebSocket upgrade may or may not succeed
+      // depending on test environment, but the auth and network guards should pass.
+      expect(res.status).not.toBe(403);
+      expect(res.status).not.toBe(401);
+    });
+
+    test("succeeds when provider is omitted (config-authoritative)", async () => {
+      const res = await fetch(
+        `http://127.0.0.1:${port}/v1/stt/stream?token=${GATEWAY_JWT}&mimeType=audio/webm`,
+        {
+          headers: {
+            Upgrade: "websocket",
+            Connection: "Upgrade",
+            "Sec-WebSocket-Key": "dGhlIHNhbXBsZSBub25jZQ==",
+            "Sec-WebSocket-Version": "13",
+          },
+        },
+      );
+      // Should NOT be 400 — provider is optional.
+      expect(res.status).not.toBe(400);
+    });
+
+    test("returns 400 when mimeType is missing", async () => {
+      const res = await fetch(
+        `http://127.0.0.1:${port}/v1/stt/stream?token=${GATEWAY_JWT}&provider=deepgram`,
+        {
+          headers: {
+            Upgrade: "websocket",
+            Connection: "Upgrade",
+            "Sec-WebSocket-Key": "dGhlIHNhbXBsZSBub25jZQ==",
+            "Sec-WebSocket-Version": "13",
+          },
+        },
+      );
+      expect(res.status).toBe(400);
+    });
+
+    test("returns 400 when both provider and mimeType are missing", async () => {
+      const res = await fetch(
+        `http://127.0.0.1:${port}/v1/stt/stream?token=${GATEWAY_JWT}`,
+        {
+          headers: {
+            Upgrade: "websocket",
+            Connection: "Upgrade",
+            "Sec-WebSocket-Key": "dGhlIHNhbXBsZSBub25jZQ==",
+            "Sec-WebSocket-Version": "13",
+          },
+        },
+      );
+      expect(res.status).toBe(400);
+    });
+  });
+
   // ── Startup warning for non-loopback host ──────────────────────────
 
   describe("startup guard — non-loopback host", () => {

package/src/__tests__/gateway-only-guard.test.ts

@@ -23,7 +23,6 @@ const ALLOWLIST = new Set([
 
   // --- Intentional local daemon-control paths ---
   "assistant/src/cli/commands/conversations.ts", // CLI wipe talks to runtime directly
-  "assistant/src/cli/commands/browser-relay.ts", // CLI shim talks to /v1/browser-cdp on the local daemon
   "clients/shared/Network/DaemonClient.swift",
   "clients/shared/App/Auth/PlatformOAuthService.swift", // comment explaining runtimeUrl vs platformUrl
   "clients/macos/vellum-assistant/App/AppDelegate.swift",