@vellumai/assistant 0.7.0 → 0.7.1

package/src/runtime/routes/secret-routes.ts

@@ -197,7 +197,7 @@ async function handleAddSecret({ body }: RouteHandlerArgs) {
         }
       }
 
-      const stored = await setSecureKeyAsync(name, value);
+      const stored = await setSecureKeyAsync(credentialKey(name, "api_key"), value);
       if (!stored) {
         throw new InternalError(
           `Failed to store API key in secure storage (backend: ${getActiveBackendName()})`,
@@ -339,6 +339,7 @@ async function handleReadSecret({ body }: RouteHandlerArgs) {
 
   try {
     let accountKey: string;
+    let prefetchedResult: Awaited<ReturnType<typeof getSecureKeyResultAsync>> | undefined;
 
     if (type === "api_key") {
       if (
@@ -348,7 +349,14 @@ async function handleReadSecret({ body }: RouteHandlerArgs) {
           `Unknown API key provider: ${name}. Valid providers: ${API_KEY_PROVIDERS.join(", ")}`,
         );
       }
-      accountKey = name;
+      // Check credential namespace first; fall back to bare key only if not found and store is reachable.
+      const credResult = await getSecureKeyResultAsync(credentialKey(name, "api_key"));
+      if (credResult.value === undefined && !credResult.unreachable) {
+        accountKey = name;
+      } else {
+        accountKey = credentialKey(name, "api_key");
+        prefetchedResult = credResult;
+      }
     } else if (type === "credential") {
       const colonIdx = name.lastIndexOf(":");
       if (colonIdx < 1 || colonIdx === name.length - 1) {
@@ -365,7 +373,7 @@ async function handleReadSecret({ body }: RouteHandlerArgs) {
       );
     }
 
-    const { value, unreachable } = await getSecureKeyResultAsync(accountKey);
+    const { value, unreachable } = prefetchedResult ?? await getSecureKeyResultAsync(accountKey);
     if (value === undefined) {
       return { found: false, unreachable };
     }
@@ -418,12 +426,31 @@ async function handleDeleteSecret({ body }: RouteHandlerArgs) {
           `Unknown API key provider: ${name}. Valid providers: ${API_KEY_PROVIDERS.join(", ")}`,
         );
       }
-      const existing = await getSecureKeyAsync(name);
-      if (existing === undefined) {
-        throw new NotFoundError(`API key not found: ${name}`);
+      const credKey = credentialKey(name, "api_key");
+      const credResult = await getSecureKeyResultAsync(credKey);
+      if (credResult.unreachable) {
+        throw new InternalError("Credential store is unreachable");
       }
-      const deleteResult = await deleteSecureKeyAsync(name);
-      if (deleteResult === "error") {
+      // Confirm at least one location holds the key before reporting success.
+      if (credResult.value === undefined) {
+        const bareResult = await getSecureKeyResultAsync(name);
+        if (bareResult.unreachable) {
+          throw new InternalError("Credential store is unreachable");
+        }
+        if (bareResult.value === undefined) {
+          throw new NotFoundError(`API key not found: ${name}`);
+        }
+      }
+      // Delete from both locations. During a migration overlap both may exist;
+      // ignore "not-found" since one location may already be empty.
+      const credDeleteResult = await deleteSecureKeyAsync(credKey);
+      if (credDeleteResult === "error") {
+        throw new InternalError(
+          `Failed to delete API key from secure storage: ${name}`,
+        );
+      }
+      const bareDeleteResult = await deleteSecureKeyAsync(name);
+      if (bareDeleteResult === "error") {
         throw new InternalError(
           `Failed to delete API key from secure storage: ${name}`,
         );
@@ -502,19 +529,61 @@ async function handleListSecrets() {
       throw new InternalError("Credential store is unreachable");
     }
 
-    const secrets = accounts.map((account) => {
-      if (account.startsWith(CREDENTIAL_KEY_PREFIX)) {
+    // First pass: collect provider names already stored under the credential/
+    // namespace. Used to deduplicate bare-key entries that co-exist when a
+    // crash interrupted migration 002 between the set(credentialKey) and
+    // delete(provider) steps.
+    const credentialNamespaceProviders = new Set<string>(
+      accounts.flatMap((account) => {
+        if (!account.startsWith(CREDENTIAL_KEY_PREFIX)) return [];
         const rest = account.slice(CREDENTIAL_KEY_PREFIX.length);
         const slashIdx = rest.indexOf("/");
-        if (slashIdx > 0 && slashIdx < rest.length - 1) {
-          return {
-            type: "credential" as const,
-            name: `${rest.slice(0, slashIdx)}:${rest.slice(slashIdx + 1)}`,
-          };
+        if (slashIdx < 1 || slashIdx >= rest.length - 1) return [];
+        const service = rest.slice(0, slashIdx);
+        const field = rest.slice(slashIdx + 1);
+        if (
+          field === "api_key" &&
+          API_KEY_PROVIDERS.includes(service as (typeof API_KEY_PROVIDERS)[number])
+        ) {
+          return [service];
         }
-      }
-      return { type: "api_key" as const, name: account };
-    });
+        return [];
+      }),
+    );
+
+    const secrets = accounts
+      .filter((account) => {
+        // Drop bare-key entries for providers already represented via the
+        // credential/ namespace to prevent duplicates after a partial migration.
+        if (account.startsWith(CREDENTIAL_KEY_PREFIX)) return true;
+        if (credentialNamespaceProviders.has(account)) return false;
+        return true;
+      })
+      .map((account) => {
+        if (account.startsWith(CREDENTIAL_KEY_PREFIX)) {
+          const rest = account.slice(CREDENTIAL_KEY_PREFIX.length);
+          const slashIdx = rest.indexOf("/");
+          if (slashIdx > 0 && slashIdx < rest.length - 1) {
+            const service = rest.slice(0, slashIdx);
+            const field = rest.slice(slashIdx + 1);
+            // api_key entries are stored as credential/{provider}/api_key
+            if (
+              field === "api_key" &&
+              API_KEY_PROVIDERS.includes(
+                service as (typeof API_KEY_PROVIDERS)[number],
+              )
+            ) {
+              return { type: "api_key" as const, name: service };
+            }
+            return {
+              type: "credential" as const,
+              name: `${service}:${field}`,
+            };
+          }
+        }
+        // Bare keys (pre-migration or unknown): treat as api_key
+        return { type: "api_key" as const, name: account };
+      });
 
     return { secrets, accounts: secrets };
   } catch (err) {

package/src/runtime/routes/settings-routes.ts

@@ -51,12 +51,7 @@ import { getLogger } from "../../util/logger.js";
 import { getAvatarImagePath, getWorkspaceDir } from "../../util/platform.js";
 import { buildAssistantEvent } from "../assistant-event.js";
 import { assistantEventHub } from "../assistant-event-hub.js";
-import { DAEMON_INTERNAL_ASSISTANT_ID } from "../assistant-scope.js";
-import {
-  BadRequestError,
-  InternalError,
-  NotFoundError,
-} from "./errors.js";
+import { BadRequestError, InternalError, NotFoundError } from "./errors.js";
 import type { RouteDefinition, RouteHandlerArgs } from "./types.js";
 import { resolveWorkspacePath } from "./workspace-utils.js";
 
@@ -101,7 +96,7 @@ async function handleGenerateAvatar({ body = {} }: RouteHandlerArgs) {
 
     assistantEventHub
       .publish(
-        buildAssistantEvent(DAEMON_INTERNAL_ASSISTANT_ID, {
+        buildAssistantEvent({
           type: "avatar_updated",
           avatarPath,
         }),
@@ -112,7 +107,8 @@ async function handleGenerateAvatar({ body = {} }: RouteHandlerArgs) {
 
     return { ok: true, avatarPath };
   } catch (err) {
-    if (err instanceof InternalError || err instanceof BadRequestError) throw err;
+    if (err instanceof InternalError || err instanceof BadRequestError)
+      throw err;
     const message = err instanceof Error ? err.message : String(err);
     log.error({ error: message }, "Avatar generation failed unexpectedly");
     throw new InternalError(message);
@@ -236,7 +232,7 @@ async function handleOAuthConnectStart({ body = {} }: RouteHandlerArgs) {
 
         assistantEventHub
           .publish(
-            buildAssistantEvent(DAEMON_INTERNAL_ASSISTANT_ID, {
+            buildAssistantEvent({
               type: "oauth_connect_result",
               success: deferredResult.success,
               service: deferredResult.service,
@@ -296,7 +292,8 @@ async function handleOAuthConnectStart({ body = {} }: RouteHandlerArgs) {
       ...(authorizeUrl ? { authUrl: authorizeUrl } : {}),
     };
   } catch (err) {
-    if (err instanceof InternalError || err instanceof BadRequestError) throw err;
+    if (err instanceof InternalError || err instanceof BadRequestError)
+      throw err;
     const message = err instanceof Error ? err.message : String(err);
     log.error({ err, service }, "OAuth connect flow failed");
     throw new InternalError(sanitizeOAuthError(message));
@@ -344,7 +341,8 @@ function handleWorkspaceFileRead({ queryParams = {} }: RouteHandlerArgs) {
     const content = readFileSync(resolved, "utf-8");
     return { path: filePath, content };
   } catch (err) {
-    if (err instanceof NotFoundError || err instanceof BadRequestError) throw err;
+    if (err instanceof NotFoundError || err instanceof BadRequestError)
+      throw err;
     const message = err instanceof Error ? err.message : String(err);
     log.error({ err, path: filePath }, "Failed to read workspace file");
     throw new InternalError(message);
@@ -431,13 +429,17 @@ function handleToolNamesList() {
 }
 
 async function handleToolPermissionSimulate({ body = {} }: RouteHandlerArgs) {
-  const { toolName, input, workingDir: rawWorkingDir, isInteractive } =
-    body as {
-      toolName?: string;
-      input?: Record<string, unknown>;
-      workingDir?: string;
-      isInteractive?: boolean;
-    };
+  const {
+    toolName,
+    input,
+    workingDir: rawWorkingDir,
+    isInteractive,
+  } = body as {
+    toolName?: string;
+    input?: Record<string, unknown>;
+    workingDir?: string;
+    isInteractive?: boolean;
+  };
 
   if (!toolName || typeof toolName !== "string") {
     throw new BadRequestError("toolName is required");
@@ -450,10 +452,7 @@ async function handleToolPermissionSimulate({ body = {} }: RouteHandlerArgs) {
 
   try {
     const manifestOverride = resolveManifestOverride(toolName);
-    const executionTarget = resolveExecutionTarget(
-      toolName,
-      manifestOverride,
-    );
+    const executionTarget = resolveExecutionTarget(toolName, manifestOverride);
     const executionContext =
       isInteractive === false ? "headless" : "conversation";
     const policyContext = { executionTarget, executionContext } as const;
@@ -491,10 +490,7 @@ async function handleToolPermissionSimulate({ body = {} }: RouteHandlerArgs) {
       | undefined;
 
     if (result.decision === "prompt") {
-      const allowlistOptions = await generateAllowlistOptions(
-        toolName,
-        input,
-      );
+      const allowlistOptions = await generateAllowlistOptions(toolName, input);
       const scopeOptions = generateScopeOptions(workingDir, toolName);
       promptPayload = {
         allowlistOptions,
@@ -509,7 +505,7 @@ async function handleToolPermissionSimulate({ body = {} }: RouteHandlerArgs) {
       riskLevel,
       reason: result.reason,
       executionTarget,
-      matchedRuleId: result.matchedRule?.id,
+      matchedTrustRuleId: result.matchedRule?.id,
       promptPayload,
     };
   } catch (err) {
@@ -733,7 +729,12 @@ export const ROUTES: RouteDefinition[] = [
     tags: ["workspace"],
     requirePolicyEnforcement: true,
     queryParams: [
-      { name: "path", type: "string", required: true, description: "File path to read" },
+      {
+        name: "path",
+        type: "string",
+        required: true,
+        description: "File path to read",
+      },
     ],
     handler: handleWorkspaceFileRead,
   },

package/src/runtime/routes/skills-routes.ts

@@ -7,9 +7,6 @@
 
 import { z } from "zod";
 
-import { broadcastToAllClients } from "../../acp/index.js";
-import { getConfigWatcher } from "../../daemon/config-watcher.js";
-import type { SkillOperationContext } from "../../daemon/handlers/skills.js";
 import {
   checkSkillUpdates,
   configureSkill,
@@ -31,18 +28,6 @@ import {
 import { BadRequestError, InternalError, NotFoundError } from "./errors.js";
 import type { RouteDefinition, RouteHandlerArgs } from "./types.js";
 
-/** Build SkillOperationContext from module-level globals. */
-function ctx(): SkillOperationContext {
-  const cw = getConfigWatcher();
-  return {
-    debounceTimers: cw.timers,
-    setSuppressConfigReload: (v) => {
-      cw.suppressConfigReload = v;
-    },
-    updateConfigFingerprint: () => cw.updateFingerprint(),
-    broadcast: broadcastToAllClients ?? (() => {}),
-  };
-}
 
 const partnerAuditSchema = z.object({
   risk: z.enum(["safe", "low", "medium", "high", "critical", "unknown"]),
@@ -212,7 +197,6 @@ export const ROUTES: RouteDefinition[] = [
             ...(category ? { category } : {}),
             includeCatalog: include === "catalog",
           },
-          ctx(),
         );
         return {
           skills: result.skills,
@@ -221,7 +205,7 @@ export const ROUTES: RouteDefinition[] = [
         };
       }
 
-      const skills = listSkills(ctx());
+      const skills = listSkills();
       return { skills };
     },
   },
@@ -256,7 +240,7 @@ export const ROUTES: RouteDefinition[] = [
       if (!path) {
         throw new BadRequestError("path query parameter is required");
       }
-      const result = await getSkillFileContent(pathParams!.id, path, ctx());
+      const result = await getSkillFileContent(pathParams!.id, path);
       if ("error" in result) {
         if (result.status === 400) throw new BadRequestError(result.error);
         if (result.status === 404) throw new NotFoundError(result.error);
@@ -275,7 +259,7 @@ export const ROUTES: RouteDefinition[] = [
     description: "Return skill metadata and directory contents.",
     tags: ["skills"],
     handler: async ({ pathParams }: RouteHandlerArgs) => {
-      const result = await getSkillFiles(pathParams!.id, ctx());
+      const result = await getSkillFiles(pathParams!.id);
       if ("error" in result) {
         if (result.status === 404) throw new NotFoundError(result.error);
         throw new InternalError(result.error);
@@ -294,7 +278,7 @@ export const ROUTES: RouteDefinition[] = [
     tags: ["skills"],
     responseBody: z.object({ ok: z.boolean() }),
     handler: ({ pathParams }: RouteHandlerArgs) => {
-      const result = enableSkill(pathParams!.id, ctx());
+      const result = enableSkill(pathParams!.id);
       if (!result.success) throw new InternalError(result.error);
       return { ok: true };
     },
@@ -310,7 +294,7 @@ export const ROUTES: RouteDefinition[] = [
     tags: ["skills"],
     responseBody: z.object({ ok: z.boolean() }),
     handler: ({ pathParams }: RouteHandlerArgs) => {
-      const result = disableSkill(pathParams!.id, ctx());
+      const result = disableSkill(pathParams!.id);
       if (!result.success) throw new InternalError(result.error);
       return { ok: true };
     },
@@ -338,7 +322,6 @@ export const ROUTES: RouteDefinition[] = [
           apiKey: body.apiKey as string | undefined,
           config: body.config as Record<string, unknown> | undefined,
         },
-        ctx(),
       );
       if (!result.success) throw new InternalError(result.error);
       return { ok: true };
@@ -357,7 +340,7 @@ export const ROUTES: RouteDefinition[] = [
       data: z.object({}).passthrough().describe("Update availability info"),
     }),
     handler: async () => {
-      const result = await checkSkillUpdates(ctx());
+      const result = await checkSkillUpdates();
       if (!result.success) throw new InternalError(result.error);
       return { data: result.data };
     },
@@ -386,7 +369,7 @@ export const ROUTES: RouteDefinition[] = [
     handler: async ({ queryParams = {} }: RouteHandlerArgs) => {
       const query = queryParams.q ?? "";
       if (!query) throw new BadRequestError("q query parameter is required");
-      const result = await searchSkills(query, ctx());
+      const result = await searchSkills(query);
       if (!result.success) throw new InternalError(result.error);
       return { skills: result.skills };
     },
@@ -408,7 +391,7 @@ export const ROUTES: RouteDefinition[] = [
       if (!sourceText || typeof sourceText !== "string") {
         throw new BadRequestError("sourceText is required");
       }
-      const result = await draftSkill({ sourceText }, ctx());
+      const result = await draftSkill({ sourceText });
       if (!result.success) {
         throw new InternalError(result.error ?? "Draft failed");
       }
@@ -426,7 +409,7 @@ export const ROUTES: RouteDefinition[] = [
     tags: ["skills"],
     responseBody: z.object({ ok: z.boolean() }),
     handler: async ({ pathParams }: RouteHandlerArgs) => {
-      const result = await updateSkill(pathParams!.id, ctx());
+      const result = await updateSkill(pathParams!.id);
       if (!result.success) throw new InternalError(result.error);
       return { ok: true };
     },
@@ -441,7 +424,7 @@ export const ROUTES: RouteDefinition[] = [
     description: "Return detailed skill information.",
     tags: ["skills"],
     handler: async ({ pathParams }: RouteHandlerArgs) => {
-      const result = await inspectSkill(pathParams!.id, ctx());
+      const result = await inspectSkill(pathParams!.id);
       if (result.error && !result.data) {
         if (result.error.startsWith("Invalid skill slug:")) {
           throw new BadRequestError(result.error);
@@ -471,7 +454,7 @@ export const ROUTES: RouteDefinition[] = [
       skill: skillDetailSchema.describe("Skill detail object"),
     }),
     handler: async ({ pathParams }: RouteHandlerArgs) => {
-      const result = await getSkill(pathParams!.id, ctx());
+      const result = await getSkill(pathParams!.id);
       if ("error" in result) {
         if (result.status === 404) throw new NotFoundError(result.error);
         throw new InternalError(result.error);
@@ -490,7 +473,7 @@ export const ROUTES: RouteDefinition[] = [
     tags: ["skills"],
     responseStatus: "204",
     handler: async ({ pathParams }: RouteHandlerArgs) => {
-      const result = await uninstallSkill(pathParams!.id, ctx());
+      const result = await uninstallSkill(pathParams!.id);
       if (!result.success) throw new InternalError(result.error);
       return null;
     },
@@ -534,7 +517,6 @@ export const ROUTES: RouteDefinition[] = [
           version: body.version as string | undefined,
           origin: body.origin as "clawhub" | "skillssh" | undefined,
         },
-        ctx(),
       );
       if (!result.success) throw new InternalError(result.error);
       return { ok: true, skillId: result.skillId };
@@ -569,7 +551,6 @@ export const ROUTES: RouteDefinition[] = [
       }
       const result = await createSkill(
         { skillId, name, description, bodyMarkdown },
-        ctx(),
       );
       if (!result.success) throw new InternalError(result.error);
       return { ok: true };

package/src/runtime/routes/suggest-trust-rule-routes.ts

@@ -40,6 +40,11 @@ interface SuggestTrustRuleRequest {
   directoryScopeOptions?: DirectoryScopeOption[];
   currentThreshold: string;
   intent: "auto_approve" | "escalate";
+  existingRule?: {
+    id: string;
+    pattern: string;
+    risk: string;
+  };
 }
 
 interface SuggestTrustRuleResponse {
@@ -107,7 +112,16 @@ broadest). You may select one of these or generate your own pattern that better
 captures the intent. The goal is a pattern specific enough to be meaningful but
 broad enough to cover similar future invocations.
 
-Respond using the suggest_trust_rule tool only.`;
+Respond using the suggest_trust_rule tool only.
+
+When \`existingRule\` is provided, you are in refinement mode:
+- The user has an existing rule (pattern, risk) that already governs this tool.
+- The pattern of an existing rule cannot be changed — only risk and description.
+- Your job: suggest a NARROWER pattern the user could add as a new override rule
+  (e.g. existing: "bash *" → suggest "bash rm -rf *" for this specific invocation).
+- Pick the narrowest scopeOption that still covers the command invocation shown.
+- Risk suggestion: suggest the risk level for this narrower pattern specifically.
+  If the existing rule's risk level is appropriate for the narrow pattern too, keep it.`;
 
 // ── User message builder ─────────────────────────────────────────────
 
@@ -134,6 +148,16 @@ function buildUserMessage(req: SuggestTrustRuleRequest): string {
     }
   }
 
+  if (req.existingRule) {
+    lines.push("");
+    lines.push(
+      `Existing rule: "${req.existingRule.pattern}" → ${req.existingRule.risk}`,
+    );
+    lines.push(
+      `(This rule auto-approved the command above. Suggest a narrower override if applicable.)`,
+    );
+  }
+
   lines.push("");
   lines.push(
     `Current threshold: ${req.currentThreshold} (commands ≤ ${req.currentThreshold} auto-approve)`,
@@ -215,6 +239,13 @@ const RequestSchema = z.object({
   directoryScopeOptions: z.array(DirectoryScopeOptionSchema).optional(),
   currentThreshold: z.string(),
   intent: z.enum(["auto_approve", "escalate"]),
+  existingRule: z
+    .object({
+      id: z.string(),
+      pattern: z.string(),
+      risk: z.string(),
+    })
+    .optional(),
 });
 
 const ResponseSchema = z.object({

package/src/runtime/routes/task-routes.ts

@@ -5,7 +5,7 @@
 
 import { z } from "zod";
 
-import { broadcastToAllClients } from "../../acp/index.js";
+import { broadcastMessage } from "../../runtime/assistant-event-hub.js";
 import type { ToolContext } from "../../tools/types.js";
 import { getWorkspaceDir } from "../../util/platform.js";
 import { BadRequestError } from "./errors.js";
@@ -169,7 +169,7 @@ async function handleTaskDelete({ body = {} }: RouteHandlerArgs) {
   if (result.isError) {
     throw new BadRequestError(result.content);
   }
-  broadcastToAllClients?.({ type: "tasks_changed" });
+  broadcastMessage({ type: "tasks_changed" });
   return { ok: true, content: result.content };
 }
 
@@ -197,7 +197,7 @@ async function handleTaskQueueAdd({ body = {} }: RouteHandlerArgs) {
     buildToolContext(),
   );
   if (!result.isError) {
-    broadcastToAllClients?.({ type: "tasks_changed" });
+    broadcastMessage({ type: "tasks_changed" });
   }
   return { content: result.content, isError: result.isError };
 }
@@ -212,7 +212,7 @@ async function handleTaskQueueUpdate({ body = {} }: RouteHandlerArgs) {
     buildToolContext(),
   );
   if (!result.isError) {
-    broadcastToAllClients?.({ type: "tasks_changed" });
+    broadcastMessage({ type: "tasks_changed" });
   }
   return { content: result.content, isError: result.isError };
 }
@@ -227,7 +227,7 @@ async function handleTaskQueueRemove({ body = {} }: RouteHandlerArgs) {
     buildToolContext(),
   );
   if (!result.isError) {
-    broadcastToAllClients?.({ type: "tasks_changed" });
+    broadcastMessage({ type: "tasks_changed" });
   }
   return { content: result.content, isError: result.isError };
 }
@@ -242,7 +242,7 @@ async function handleTaskQueueRun({ body = {} }: RouteHandlerArgs) {
     buildToolContext(),
   );
   if (!result.isError) {
-    broadcastToAllClients?.({ type: "tasks_changed" });
+    broadcastMessage({ type: "tasks_changed" });
   }
   return { content: result.content, isError: result.isError };
 }

package/src/runtime/routes/trust-rules-routes.ts

@@ -1,10 +1,8 @@
 /**
- * Trust rule CRUD routes — gateway HTTP proxy.
+ * Trust rule listing route — gateway HTTP proxy.
  *
- * Each handler makes a single HTTP call to the gateway's trust-rules REST API
+ * The handler makes a single HTTP call to the gateway's trust-rules REST API
  * and surfaces the body's `.error` message on non-OK responses.
- *
- * Migrated from `ipc/routes/trust-rules.ts` into the shared ROUTES array.
  */
 import { z } from "zod";
 
@@ -44,28 +42,9 @@ const TrustRulesListParams = z
   })
   .strict();
 
-const TrustRulesCreateParams = z
-  .object({
-    tool: z.string(),
-    pattern: z.string(),
-    risk: z.string(),
-    description: z.string().optional(),
-  })
-  .strict();
-
-const TrustRulesUpdateBody = z
-  .object({
-    risk: z.string().optional(),
-    description: z.string().optional(),
-  })
-  .strict();
-
 // ── Handlers ────────────────────────────────────────────────────────────
 
-async function handleList({
-  queryParams = {},
-  body = {},
-}: RouteHandlerArgs) {
+async function handleList({ queryParams = {}, body = {} }: RouteHandlerArgs) {
   // HTTP GET delivers filters via queryParams; CLI IPC puts them in body.
   const source = Object.keys(queryParams).length > 0 ? queryParams : body;
   const p = TrustRulesListParams.parse(source);
@@ -77,47 +56,6 @@ async function handleList({
   return gatewayFetch(`/v1/trust-rules${query ? `?${query}` : ""}`);
 }
 
-async function handleCreate({ body = {} }: RouteHandlerArgs) {
-  const { tool, pattern, risk, description } = TrustRulesCreateParams.parse(body);
-  return gatewayFetch("/v1/trust-rules", {
-    method: "POST",
-    headers: { "Content-Type": "application/json" },
-    body: JSON.stringify({ tool, pattern, risk, description }),
-  });
-}
-
-async function handleUpdate({
-  pathParams = {},
-  body = {},
-}: RouteHandlerArgs) {
-  // HTTP path delivers id via pathParams; CLI IPC puts it in body.
-  const rawBody = body as Record<string, unknown>;
-  const id = pathParams.id ?? rawBody.id;
-  if (!id || typeof id !== "string") throw new Error("id is required");
-  const { id: _discarded, ...rest } = rawBody;
-  const fields = TrustRulesUpdateBody.parse(rest);
-  const patchBody: Record<string, unknown> = {};
-  if (fields.risk !== undefined) patchBody.risk = fields.risk;
-  if (fields.description !== undefined) patchBody.description = fields.description;
-  return gatewayFetch(`/v1/trust-rules/${encodeURIComponent(id)}`, {
-    method: "PATCH",
-    headers: { "Content-Type": "application/json" },
-    body: JSON.stringify(patchBody),
-  });
-}
-
-async function handleRemove({
-  pathParams = {},
-  body = {},
-}: RouteHandlerArgs) {
-  // HTTP path delivers id via pathParams; CLI IPC puts it in body.
-  const id = pathParams.id ?? (body as Record<string, unknown>).id;
-  if (!id || typeof id !== "string") throw new Error("id is required");
-  return gatewayFetch(`/v1/trust-rules/${encodeURIComponent(id)}`, {
-    method: "DELETE",
-  });
-}
-
 // ── Route definitions ───────────────────────────────────────────────────
 
 export const ROUTES: RouteDefinition[] = [
@@ -136,33 +74,4 @@ export const ROUTES: RouteDefinition[] = [
       { name: "include_all", description: "Include unmodified defaults" },
     ],
   },
-  {
-    operationId: "trust_rules_create",
-    method: "POST",
-    endpoint: "trust-rules",
-    handler: handleCreate,
-    summary: "Create a trust rule",
-    description: "Create a new trust rule with tool, pattern, risk level, and optional description.",
-    tags: ["trust-rules"],
-    requestBody: TrustRulesCreateParams,
-  },
-  {
-    operationId: "trust_rules_update",
-    method: "PATCH",
-    endpoint: "trust-rules/:id",
-    handler: handleUpdate,
-    summary: "Update a trust rule",
-    description: "Update the risk level or description of an existing trust rule.",
-    tags: ["trust-rules"],
-    requestBody: TrustRulesUpdateBody,
-  },
-  {
-    operationId: "trust_rules_remove",
-    method: "DELETE",
-    endpoint: "trust-rules/:id",
-    handler: handleRemove,
-    summary: "Remove a trust rule",
-    description: "Delete a trust rule by ID.",
-    tags: ["trust-rules"],
-  },
 ];