@vellumai/assistant 0.9.0 → 0.10.0-staging.2

package/src/daemon/trust-context.ts

@@ -13,7 +13,7 @@ export interface TrustContext {
   /** Channel through which the inbound message arrived. */
   sourceChannel: ChannelId;
   /** Trust classification -- see {@link TrustClass} for semantics. */
-  trustClass: "guardian" | "trusted_contact" | "unknown";
+  trustClass: TrustClass;
   /** Chat/conversation ID for delivering guardian notifications. */
   guardianChatId?: string;
   /** Canonical external user ID of the guardian for this (assistant, channel) binding. */

package/src/events/tool-audit-listener.ts

@@ -1,8 +1,8 @@
-import { getConfig } from "../config/loader.js";
 import {
   recordToolInvocation,
   type ToolInvocationRecord,
 } from "../memory/tool-usage-store.js";
+import { getCachedShareAnalytics } from "../platform/consent-cache.js";
 import { redactJsonStringLeaves } from "../security/redact-json.js";
 import { redactSecrets } from "../security/secret-scanner.js";
 import {
@@ -168,7 +168,7 @@ function telemetryColumns(
   rawInput: string,
   resultBytes: number,
 ): TelemetryColumns {
-  if (!getConfig().collectUsageData) return NULL_TELEMETRY_COLUMNS;
+  if (!getCachedShareAnalytics()) return NULL_TELEMETRY_COLUMNS;
   return {
     argBytes: event.inputBytes ?? Buffer.byteLength(rawInput, "utf8"),
     resultBytes,

package/src/home/feed-source-enrichment.test.ts

@@ -0,0 +1,151 @@
+import { describe, expect, it } from "bun:test";
+
+import { type FeedItem } from "../api/responses/home.js";
+import {
+  classifyConversationSource,
+  enrichFeedItemsWithSource,
+  type FeedSourceEnrichmentDeps,
+} from "./feed-source-enrichment.js";
+
+function makeItem(partial: Partial<FeedItem> & Pick<FeedItem, "id">): FeedItem {
+  return {
+    type: "notification",
+    priority: 50,
+    summary: "summary",
+    timestamp: "2026-06-18T00:00:00.000Z",
+    createdAt: "2026-06-18T00:00:00.000Z",
+    status: "new",
+    ...partial,
+  };
+}
+
+describe("classifyConversationSource", () => {
+  it("maps each known producer source to its coarse type", () => {
+    expect(classifyConversationSource("heartbeat")).toBe("heartbeat");
+    expect(classifyConversationSource("memory-retrospective")).toBe(
+      "memory_consolidation",
+    );
+    expect(classifyConversationSource("memory-retrospective-fork")).toBe(
+      "memory_consolidation",
+    );
+    expect(classifyConversationSource("schedule")).toBe("schedule");
+    expect(classifyConversationSource("auto-analysis")).toBe("auto_analysis");
+    expect(classifyConversationSource("user")).toBe("user");
+    expect(classifyConversationSource("home-feed")).toBe("user");
+  });
+
+  it("falls through to 'other' for unknown / paired-delivery / empty sources", () => {
+    expect(classifyConversationSource("notification")).toBe("other");
+    expect(classifyConversationSource("something-else")).toBe("other");
+    expect(classifyConversationSource(null)).toBe("other");
+    expect(classifyConversationSource(undefined)).toBe("other");
+  });
+});
+
+describe("enrichFeedItemsWithSource", () => {
+  const deps = (
+    conv: Record<string, { source: string; scheduleJobId: string | null }>,
+    schedules: Record<string, string> = {},
+  ): FeedSourceEnrichmentDeps => ({
+    getConversationRow: (id) => conv[id] ?? null,
+    getScheduleName: (id) => schedules[id] ?? null,
+  });
+
+  it("classifies a heartbeat item with a static label", () => {
+    const [item] = enrichFeedItemsWithSource(
+      [makeItem({ id: "n1", conversationId: "c1" })],
+      deps({ c1: { source: "heartbeat", scheduleJobId: null } }),
+    );
+    expect(item.sourceType).toBe("heartbeat");
+    expect(item.sourceKey).toBe("heartbeat");
+    expect(item.sourceLabel).toBe("Heartbeat");
+  });
+
+  it("classifies a memory-consolidation item", () => {
+    const [item] = enrichFeedItemsWithSource(
+      [makeItem({ id: "n2", conversationId: "c2" })],
+      deps({ c2: { source: "memory-retrospective", scheduleJobId: null } }),
+    );
+    expect(item.sourceType).toBe("memory_consolidation");
+    expect(item.sourceKey).toBe("memory_consolidation");
+    expect(item.sourceLabel).toBe("Memory consolidation");
+  });
+
+  it("gives distinct keys and names to two different schedules", () => {
+    const [a, b] = enrichFeedItemsWithSource(
+      [
+        makeItem({ id: "n3", conversationId: "cA" }),
+        makeItem({ id: "n4", conversationId: "cB" }),
+      ],
+      deps(
+        {
+          cA: { source: "schedule", scheduleJobId: "sched-A" },
+          cB: { source: "schedule", scheduleJobId: "sched-B" },
+        },
+        { "sched-A": "Morning digest", "sched-B": "Evening recap" },
+      ),
+    );
+    expect(a.sourceType).toBe("schedule");
+    expect(a.sourceKey).toBe("schedule:sched-A");
+    expect(a.sourceLabel).toBe("Morning digest");
+    // scheduleId recovered from the conversation row is surfaced in metadata.
+    expect(a.metadata?.scheduleId).toBe("sched-A");
+
+    expect(b.sourceKey).toBe("schedule:sched-B");
+    expect(b.sourceLabel).toBe("Evening recap");
+  });
+
+  it("prefers an explicit metadata.scheduleId over the conversation row", () => {
+    const [item] = enrichFeedItemsWithSource(
+      [
+        makeItem({
+          id: "n5",
+          conversationId: "cX",
+          metadata: { scheduleId: "from-payload" },
+        }),
+      ],
+      deps(
+        { cX: { source: "schedule", scheduleJobId: "from-row" } },
+        { "from-payload": "Payload schedule" },
+      ),
+    );
+    expect(item.sourceKey).toBe("schedule:from-payload");
+    expect(item.sourceLabel).toBe("Payload schedule");
+  });
+
+  it("labels a schedule with no resolvable name as 'Scheduled'", () => {
+    const [item] = enrichFeedItemsWithSource(
+      [makeItem({ id: "n6", conversationId: "cY" })],
+      deps({ cY: { source: "schedule", scheduleJobId: "gone" } }),
+    );
+    expect(item.sourceKey).toBe("schedule:gone");
+    expect(item.sourceLabel).toBe("Scheduled");
+  });
+
+  it("classifies items with no source conversation as 'other'", () => {
+    const [item] = enrichFeedItemsWithSource(
+      [makeItem({ id: "n7" })],
+      deps({}),
+    );
+    expect(item.sourceType).toBe("other");
+    expect(item.sourceKey).toBe("other");
+    expect(item.sourceLabel).toBe("Other");
+  });
+
+  it("resolves each distinct conversation at most once", () => {
+    const calls: string[] = [];
+    enrichFeedItemsWithSource(
+      [
+        makeItem({ id: "n8", conversationId: "dup" }),
+        makeItem({ id: "n9", conversationId: "dup" }),
+      ],
+      {
+        getConversationRow: (id) => {
+          calls.push(id);
+          return { source: "heartbeat", scheduleJobId: null };
+        },
+      },
+    );
+    expect(calls).toEqual(["dup"]);
+  });
+});

package/src/home/feed-source-enrichment.ts

@@ -0,0 +1,176 @@
+/**
+ * Read-time enrichment of home-feed items with their source-conversation
+ * classification.
+ *
+ * The activity feed surfaces notifications produced by many background
+ * flows — the periodic heartbeat, memory-consolidation passes, each
+ * recurring schedule, auto-analysis runs, etc. Clients let the user filter
+ * the feed by that producer, so every item is tagged with:
+ *
+ *   - `sourceType`  — coarse producer category.
+ *   - `sourceKey`   — stable filter id (`schedule:<id>` per schedule,
+ *                     otherwise the `sourceType`).
+ *   - `sourceLabel` — human-readable display (a schedule's name, or a
+ *                     static label such as "Heartbeat").
+ *
+ * The classification is derived from the source conversation's `source`
+ * column (and, for schedules, its name) rather than persisted onto the
+ * feed item. Resolving at read time keeps labels fresh across schedule
+ * renames and retroactively classifies items written before this feature
+ * existed, with no migration.
+ *
+ * The lookups are injectable so the enrichment can be unit-tested without
+ * a live database; production callers use the defaults.
+ */
+
+import {
+  type FeedItem,
+  type FeedItemSourceType,
+} from "../api/responses/home.js";
+import { AUTO_ANALYSIS_SOURCE } from "../memory/auto-analysis-constants.js";
+import { getConversation } from "../memory/conversation-crud.js";
+import {
+  MEMORY_RETROSPECTIVE_FORK_SOURCE,
+  MEMORY_RETROSPECTIVE_SOURCE,
+} from "../memory/memory-retrospective-constants.js";
+import { getSchedule } from "../schedule/schedule-store.js";
+
+/** Minimal source-conversation shape the enrichment needs. */
+interface ConversationSourceRow {
+  source: string;
+  scheduleJobId: string | null;
+}
+
+export interface FeedSourceEnrichmentDeps {
+  /** Resolve the source columns for a conversation, or null when missing. */
+  getConversationRow?: (id: string) => ConversationSourceRow | null;
+  /** Resolve a schedule's display name, or null when missing. */
+  getScheduleName?: (id: string) => string | null;
+}
+
+/**
+ * Map a conversation's `source` column to a coarse feed source type.
+ * Mechanical mapping over the known producer sources; anything else
+ * (including the broadcaster's paired `"notification"` delivery
+ * conversations) falls through to `"other"`.
+ */
+export function classifyConversationSource(
+  source: string | null | undefined,
+): FeedItemSourceType {
+  switch (source) {
+    case "heartbeat":
+      return "heartbeat";
+    case MEMORY_RETROSPECTIVE_SOURCE:
+    case MEMORY_RETROSPECTIVE_FORK_SOURCE:
+      return "memory_consolidation";
+    case "schedule":
+      return "schedule";
+    case AUTO_ANALYSIS_SOURCE:
+      return "auto_analysis";
+    case "user":
+    case "home-feed":
+      return "user";
+    default:
+      return "other";
+  }
+}
+
+/** Static display labels for non-schedule source types. */
+const STATIC_SOURCE_LABELS: Record<
+  Exclude<FeedItemSourceType, "schedule">,
+  string
+> = {
+  heartbeat: "Heartbeat",
+  memory_consolidation: "Memory consolidation",
+  auto_analysis: "Auto-analysis",
+  user: "Conversation",
+  other: "Other",
+};
+
+function defaultGetConversationRow(id: string): ConversationSourceRow | null {
+  try {
+    const row = getConversation(id);
+    return row
+      ? { source: row.source, scheduleJobId: row.scheduleJobId }
+      : null;
+  } catch {
+    return null;
+  }
+}
+
+function defaultGetScheduleName(id: string): string | null {
+  try {
+    return getSchedule(id)?.name ?? null;
+  } catch {
+    return null;
+  }
+}
+
+/**
+ * Return a copy of each feed item enriched with `sourceType`, `sourceKey`,
+ * and `sourceLabel`. Conversation and schedule lookups are memoized across
+ * the batch so each distinct source is resolved at most once.
+ */
+export function enrichFeedItemsWithSource(
+  items: FeedItem[],
+  deps: FeedSourceEnrichmentDeps = {},
+): FeedItem[] {
+  if (items.length === 0) return items;
+
+  const getConversationRow =
+    deps.getConversationRow ?? defaultGetConversationRow;
+  const getScheduleName = deps.getScheduleName ?? defaultGetScheduleName;
+
+  const convCache = new Map<string, ConversationSourceRow | null>();
+  const resolveConv = (id: string): ConversationSourceRow | null => {
+    if (!convCache.has(id)) convCache.set(id, getConversationRow(id));
+    return convCache.get(id) ?? null;
+  };
+
+  const scheduleNameCache = new Map<string, string | null>();
+  const resolveScheduleName = (id: string): string | null => {
+    if (!scheduleNameCache.has(id)) {
+      scheduleNameCache.set(id, getScheduleName(id));
+    }
+    return scheduleNameCache.get(id) ?? null;
+  };
+
+  return items.map((item) => {
+    const row = item.conversationId ? resolveConv(item.conversationId) : null;
+    const sourceType = classifyConversationSource(row?.source);
+
+    const metadataScheduleId =
+      typeof item.metadata?.scheduleId === "string"
+        ? item.metadata.scheduleId
+        : undefined;
+    const scheduleId = metadataScheduleId ?? row?.scheduleJobId ?? undefined;
+
+    let sourceKey: string;
+    let sourceLabel: string;
+    if (sourceType === "schedule" && scheduleId) {
+      sourceKey = `schedule:${scheduleId}`;
+      sourceLabel = resolveScheduleName(scheduleId) ?? "Scheduled";
+    } else if (sourceType === "schedule") {
+      sourceKey = "schedule";
+      sourceLabel = "Scheduled";
+    } else {
+      sourceKey = sourceType;
+      sourceLabel = STATIC_SOURCE_LABELS[sourceType];
+    }
+
+    // Surface the scheduleId in metadata when it was recovered from the
+    // source conversation so clients have a single place to read it.
+    const metadata =
+      scheduleId !== undefined && metadataScheduleId === undefined
+        ? { ...(item.metadata ?? {}), scheduleId }
+        : item.metadata;
+
+    return {
+      ...item,
+      sourceType,
+      sourceKey,
+      sourceLabel,
+      ...(metadata ? { metadata } : {}),
+    };
+  });
+}

package/src/home/relationship-state.ts

@@ -5,10 +5,8 @@
  * relationship with the user: which tier they're at, what facts the
  * assistant has learned about them, and which capabilities are unlocked.
  *
- * The TypeScript types here are the source of truth. A structurally
- * identical Swift definition lives at
- * `clients/shared/Models/RelationshipState.swift` — any change here must
- * be mirrored there (and the contract test guards the default list).
+ * The TypeScript types here are the source of truth; the contract test
+ * guards the default list.
  */
 
 export const RELATIONSHIP_STATE_VERSION = 1 as const;

package/src/instrument.ts

@@ -7,6 +7,7 @@ import {
   getPlatformUserId,
   getSentryDsn,
 } from "./config/env.js";
+import { getCachedShareDiagnostics } from "./platform/consent-cache.js";
 import { APP_VERSION, COMMIT_SHA } from "./version.js";
 
 /** Patterns that match sensitive data in Sentry event values. */
@@ -41,9 +42,11 @@ function redactObject(obj: unknown): unknown {
 /**
  * Call after dotenv has loaded so SENTRY_DSN_ASSISTANT is available.
  * Initializes Sentry when the DSN is set; no-ops when empty/unset so
- * local dev builds don't send crash reports. If the user later opts out
- * via the sendDiagnostics config key (or VELLUM_DEV=1), call closeSentry()
- * after config is loaded to stop future event capturing.
+ * local dev builds don't send crash reports. Events are dropped by
+ * beforeSend until the platform share_diagnostics consent confirms opt-in
+ * (re-read from the consent cache per event, so a revocation takes effect
+ * within one refresh cycle); VELLUM_DEV=1 and legacyDiagnosticsOptOut
+ * hard-disable via closeSentry() after config loads.
  */
 export function initSentry(): void {
   const dsn = getSentryDsn();
@@ -54,6 +57,14 @@ export function initSentry(): void {
     dist: COMMIT_SHA,
     environment: process.env.VELLUM_ENVIRONMENT ?? "production",
     sendDefaultPii: false,
+    // Fail-closed: suppress client-report pings (discarded-event counts) so an
+    // assistant with unconfirmed share_diagnostics consent stays network-silent.
+    sendClientReports: false,
+    // Drop the default ProcessSession integration: it starts a release-health
+    // session on init and flushes a session envelope on process exit (a network
+    // request not covered by the beforeSend event gate), violating fail-closed.
+    integrations: (defaults) =>
+      defaults.filter((i) => i.name !== "ProcessSession"),
     serverName: hostname(),
     initialScope: {
       tags: {
@@ -77,6 +88,7 @@ export function initSentry(): void {
       },
     },
     beforeSend(event) {
+      if (!getCachedShareDiagnostics()) return null;
       if (event.exception?.values) {
         event.exception.values = event.exception.values.map((ex) => ({
           ...ex,
@@ -101,9 +113,9 @@ export function initSentry(): void {
 }
 
 /**
- * Stop capturing future Sentry events. Called after config loads when the
- * user has disabled sendDiagnostics so that early-startup crashes are
- * still captured but subsequent events are suppressed.
+ * Stop capturing future Sentry events. Called after config loads for the
+ * legacyDiagnosticsOptOut local opt-out (or VELLUM_DEV=1) to hard-disable
+ * crash reporting independent of the share_diagnostics consent gate.
  */
 export async function closeSentry(): Promise<void> {
   await Sentry.close();

package/src/ipc/__tests__/binary-result-ipc.test.ts

@@ -0,0 +1,81 @@
+/**
+ * Unit tests for how `AssistantIpcServer.sendResult` handles a binary or
+ * streaming handler result over the IPC transport.
+ *
+ * A `RouteResponse` (or a bare `Uint8Array` / `ReadableStream` / `Blob`)
+ * wraps raw bytes that can't be carried as a JSON `result` field. Rather than
+ * silently serialize the body into garbage, the server reports a structured
+ * `BINARY_UNSUPPORTED_OVER_IPC` error; the gateway IPC proxy uses that signal
+ * to fall back to the HTTP proxy, which streams binary responses correctly.
+ */
+
+import { describe, expect, test } from "bun:test";
+
+import { RouteResponse } from "../../runtime/routes/types.js";
+import { AssistantIpcServer } from "../assistant-server.js";
+
+/**
+ * `sendResult` is private; access it through an interface cast so the test
+ * exercises the real production path without a test-only API on the class.
+ */
+type PrivateApi = {
+  sendResult(
+    socket: unknown,
+    reader: unknown,
+    requestId: string,
+    value: unknown,
+  ): void;
+};
+
+/**
+ * Drive `sendResult` with a capturing socket in legacy (newline-delimited
+ * JSON) mode — the same wire shape the gateway's IPC client speaks — and
+ * return the parsed response envelope.
+ */
+function captureSendResult(value: unknown): Record<string, unknown> {
+  const server = new AssistantIpcServer() as unknown as PrivateApi;
+  const writes: string[] = [];
+  const socket = {
+    destroyed: false,
+    write: (chunk: string) => {
+      writes.push(chunk);
+      return true;
+    },
+  };
+  const reader = { isLegacy: true };
+
+  server.sendResult(socket, reader, "req-1", value);
+
+  expect(writes).toHaveLength(1);
+  return JSON.parse(writes[0]) as Record<string, unknown>;
+}
+
+describe("AssistantIpcServer.sendResult binary handling", () => {
+  test("a binary RouteResponse is reported as BINARY_UNSUPPORTED_OVER_IPC", () => {
+    const env = captureSendResult(
+      new RouteResponse(new Uint8Array([137, 80, 78, 71]), {
+        "content-type": "image/png",
+      }),
+    );
+
+    expect(env.id).toBe("req-1");
+    expect(env.statusCode).toBe(421);
+    expect(env.errorCode).toBe("BINARY_UNSUPPORTED_OVER_IPC");
+    // The binary body must never be JSON-serialized into a `result` field.
+    expect("result" in env).toBe(false);
+  });
+
+  test("a bare Uint8Array result is also reported as unsupported", () => {
+    const env = captureSendResult(new Uint8Array([1, 2, 3]));
+
+    expect(env.errorCode).toBe("BINARY_UNSUPPORTED_OVER_IPC");
+    expect("result" in env).toBe(false);
+  });
+
+  test("a plain JSON result still serializes into `result`", () => {
+    const env = captureSendResult({ ok: true, count: 2 });
+
+    expect(env.result).toEqual({ ok: true, count: 2 });
+    expect(env.errorCode).toBeUndefined();
+  });
+});

package/src/ipc/__tests__/clients-list-ipc.test.ts

@@ -166,4 +166,24 @@ describe("assistant clients list over IPC — same-user filter", () => {
     const ids = parsed.clients.map((c) => c.clientId).sort();
     expect(ids).toEqual(["client-other", "client-self"]);
   });
+
+  test("--json output carries the degraded flag (false for fresh clients)", async () => {
+    registerClient({
+      clientId: "client-self-1",
+      actorPrincipalId: "guardian-local",
+    });
+
+    await startServer();
+
+    const { stdout } = await runAssistantCommandFull(
+      "clients",
+      "list",
+      "--json",
+    );
+    const parsed = JSON.parse(stdout.trim()) as {
+      clients: Array<{ clientId: string; degraded?: boolean }>;
+    };
+    expect(parsed.clients).toHaveLength(1);
+    expect(parsed.clients[0].degraded).toBe(false);
+  });
 });

package/src/ipc/assistant-server.ts

@@ -31,10 +31,7 @@
 import { existsSync, unlinkSync } from "node:fs";
 import { createServer, type Server, type Socket } from "node:net";
 
-import {
-  ensureSocketDir,
-  SocketWatchdog,
-} from "@vellumai/ipc-server-utils";
+import { ensureSocketDir, SocketWatchdog } from "@vellumai/ipc-server-utils";
 
 import { findLocalGuardianPrincipalId } from "../runtime/local-actor-identity.js";
 import { RouteError } from "../runtime/routes/errors.js";
@@ -43,6 +40,7 @@ import type {
   RouteDefinition,
   RouteHandlerArgs,
 } from "../runtime/routes/types.js";
+import { RouteResponse } from "../runtime/routes/types.js";
 import { getLogger } from "../util/logger.js";
 import {
   type IpcEnvelope,
@@ -134,6 +132,26 @@ function isIpcBinaryResponse(value: unknown): value is IpcBinaryResponse {
   );
 }
 
+/**
+ * A handler result whose body is raw bytes or a stream rather than a JSON
+ * value — `RouteResponse` (e.g. `workspace/file/content` returns a
+ * `Bun.file`), or a bare `Uint8Array` / `ReadableStream` / `Blob`.
+ *
+ * These cannot be carried as a JSON `result` field, so over the IPC
+ * transport they are reported as a structured error rather than silently
+ * JSON-serialized into garbage. Distinct from the `IpcBinaryResponse` /
+ * `IpcStreamingResponse` wrappers, which are explicit binary envelopes the
+ * framing protocol does transmit.
+ */
+function isNonJsonIpcResult(value: unknown): boolean {
+  return (
+    value instanceof RouteResponse ||
+    value instanceof Uint8Array ||
+    value instanceof ReadableStream ||
+    value instanceof Blob
+  );
+}
+
 // ---------------------------------------------------------------------------
 // Server
 // ---------------------------------------------------------------------------
@@ -401,6 +419,8 @@ export class AssistantIpcServer {
    * Route a handler result to the appropriate send path:
    * - IpcStreamingResponse → chunked binary frames
    * - IpcBinaryResponse → single binary frame with content-length
+   * - A raw binary/stream result (RouteResponse, Uint8Array, ...) → structured
+   *   BINARY_UNSUPPORTED_OVER_IPC error (the transport can't carry it as JSON)
    * - Everything else → JSON response
    */
   private sendResult(
@@ -420,6 +440,19 @@ export class AssistantIpcServer {
         },
       };
       this.sendResponse(socket, reader, envelope, value.binary);
+    } else if (isNonJsonIpcResult(value)) {
+      // A binary/streaming handler result (e.g. a file-content RouteResponse
+      // wrapping a Bun.file) cannot be carried as a JSON `result`. Report a
+      // structured error instead of silently serializing it into garbage; the
+      // gateway IPC proxy treats this code as a signal to retry over HTTP,
+      // which streams binary correctly.
+      this.sendResponse(socket, reader, {
+        id: requestId,
+        error:
+          "Binary/streaming responses are not supported over the IPC transport; use HTTP",
+        statusCode: 421,
+        errorCode: "BINARY_UNSUPPORTED_OVER_IPC",
+      });
     } else {
       this.sendResponse(socket, reader, { id: requestId, result: value });
     }

package/src/ipc/gateway-flag-listener.ts

@@ -1,7 +1,9 @@
 import { connect, type Socket } from "node:net";
 
 import { refreshOverridesFromGateway } from "../config/assistant-feature-flags.js";
+import { reconcileFlagGatedProfiles } from "../config/sync-gated-profiles.js";
 import { SYNC_TAGS } from "../daemon/message-types/sync.js";
+import { publishConfigChanged } from "../runtime/sync/resource-sync-events.js";
 import { publishSyncInvalidation } from "../runtime/sync/sync-publisher.js";
 import { syncFlagGatedTools } from "../tools/registry.js";
 import { getLogger } from "../util/logger.js";
@@ -19,11 +21,25 @@ const log = getLogger("gateway-flag-listener");
  * they live in a flag-gated bundled skill surfaced via `skill_load` against the
  * live flag cache, so they need no registry sync here. `syncFlagGatedTools` is
  * idempotent and enable-only, so re-running it on every refresh is safe; it also
- * never throws (it logs internally).
+ * never throws (it logs internally). After tools sync, `reconcileFlagGatedProfiles`
+ * adds or removes the flag-gated managed profile (OS Beta); when it reports a
+ * change a `config_changed` broadcast refreshes the profile picker on clients.
+ * The profile reconcile runs only when the refresh confirmed flags loaded from
+ * the gateway — a transient IPC failure leaves the cache unset and resolves
+ * `os-beta` to its registry default `false`, which would remove the user's
+ * profile and reset their selection. Tool sync tolerates the default and stays
+ * unconditional.
  */
 function refreshFlagsAndSyncTools(context: string): void {
   refreshOverridesFromGateway()
-    .then(() => syncFlagGatedTools())
+    .then(async (loaded) => {
+      await syncFlagGatedTools();
+      if (loaded && reconcileFlagGatedProfiles()) {
+        // Reuse the config-changed broadcast clients already consume so the
+        // profile picker reflects the added/removed managed profile.
+        publishConfigChanged();
+      }
+    })
     .catch((err) => {
       log.warn(
         { err },