@vellumai/assistant 0.9.0 → 0.10.0-staging.2

package/src/runtime/routes/browser-tabs-routes.ts

@@ -8,6 +8,7 @@
 import { z } from "zod";
 
 import { findConversation } from "../../daemon/conversation-registry.js";
+import { HostBrowserProxy } from "../../daemon/host-browser-proxy.js";
 import { getCdpClient } from "../../tools/browser/cdp-client/factory.js";
 import {
   clearPinnedTab,
@@ -51,6 +52,14 @@ async function handleBrowserTabs({ body = {} }: RouteHandlerArgs) {
 
   const cdpOptions = { mode: "extension" as const, targetClientId };
 
+  // Every tabs command pins extension mode. Absorb a brief extension SSE
+  // reconnect blip so a flapping connection doesn't surface as a hard
+  // "no Chrome Extension connected" error.
+  await HostBrowserProxy.instance.waitForExtensionClient(
+    context.sourceActorPrincipalId,
+    targetClientId,
+  );
+
   if (command === "list") {
     const cdp = getCdpClient(context, cdpOptions);
     try {

package/src/runtime/routes/btw-routes.ts

@@ -27,18 +27,11 @@ import {
   setCachedEmptyStateGreeting,
 } from "./empty-state-greeting-cache.js";
 import { BadRequestError, ServiceUnavailableError } from "./errors.js";
-import {
-  getCachedIntro,
-  readWorkspaceGreetings,
-  setCachedIntro,
-} from "./identity-intro-cache.js";
 import type { RouteDefinition, RouteHandlerArgs } from "./types.js";
+import { readWorkspaceGreetings } from "./workspace-greetings.js";
 
 const log = getLogger("btw-routes");
 
-/** Conversation key used by the client for identity intro generation. */
-const IDENTITY_INTRO_KEY = "identity-intro";
-
 /** Conversation key used by the client for empty-state greeting generation. */
 const GREETING_KEY = "greeting";
 
@@ -72,15 +65,6 @@ async function handleBtw({
 
   const trimmedContent = content.trim();
 
-  // ----- Cached identity intro fast-path -----
-  if (conversationKey === IDENTITY_INTRO_KEY) {
-    const fastText = getCachedIntro()?.greetings[0];
-    if (fastText) {
-      log.debug("Returning identity intro fast-path");
-      return streamText(fastText);
-    }
-  }
-
   // ----- Empty-state greeting fast-path -----
   // User-authored `## Greetings` win; otherwise replay a cached greeting when
   // one is fresh within the configurable TTL (`ui.emptyStateGreetingCacheTtlMs`,
@@ -126,7 +110,6 @@ async function handleBtw({
     start(controller) {
       (async () => {
         try {
-          const isIntroRequest = conversationKey === IDENTITY_INTRO_KEY;
           const isGreeting = conversationKey === GREETING_KEY;
           const result = await runBtwSidechain({
             content: effectiveContent,
@@ -153,15 +136,6 @@ async function handleBtw({
             );
           }
 
-          if (isIntroRequest && result.text) {
-            try {
-              setCachedIntro([result.text]);
-              log.debug("Cached identity intro text");
-            } catch {
-              // Non-fatal — next request will regenerate.
-            }
-          }
-
           if (isGreeting && result.text) {
             // setCachedEmptyStateGreeting is a no-op when the TTL is 0.
             setCachedEmptyStateGreeting(result.text);

package/src/runtime/routes/canonical-guardian-expiry-sweep.ts

@@ -18,6 +18,7 @@
  * clients polling prompts) observe the expired status directly.
  */
 
+import { withdrawGuardianRequestCards } from "../../approvals/guardian-card-withdrawal.js";
 import {
   listCanonicalGuardianRequests,
   resolveCanonicalGuardianRequest,
@@ -42,7 +43,7 @@ let sweepInProgress = false;
  * concurrent decision that wins the race is never overwritten by the
  * sweep.  Returns the count of requests transitioned to expired.
  */
-function sweepExpiredCanonicalGuardianRequests(): number {
+async function sweepExpiredCanonicalGuardianRequests(): Promise<number> {
   const pending = listCanonicalGuardianRequests({ status: "pending" });
   const now = Date.now();
   let expiredCount = 0;
@@ -71,6 +72,14 @@ function sweepExpiredCanonicalGuardianRequests(): number {
         },
         "Expired canonical guardian request via sweep",
       );
+
+      // Withdraw the now-stale approval cards on every surface. No origin
+      // channel — the expiry is system-driven, so all surfaces (including
+      // in-app) are withdrawn. Best-effort and non-throwing.
+      await withdrawGuardianRequestCards({
+        request: resolved,
+        status: "expired",
+      });
     }
   }
 
@@ -93,13 +102,13 @@ export function startCanonicalGuardianExpirySweep(): void {
   sweepTimer = setInterval(() => {
     if (sweepInProgress) return;
     sweepInProgress = true;
-    try {
-      sweepExpiredCanonicalGuardianRequests();
-    } catch (err) {
-      log.error({ err }, "Canonical guardian expiry sweep failed");
-    } finally {
-      sweepInProgress = false;
-    }
+    void sweepExpiredCanonicalGuardianRequests()
+      .catch((err) => {
+        log.error({ err }, "Canonical guardian expiry sweep failed");
+      })
+      .finally(() => {
+        sweepInProgress = false;
+      });
   }, SWEEP_INTERVAL_MS);
 }
 

package/src/runtime/routes/client-routes.ts

@@ -12,6 +12,10 @@ import { isHttpAuthDisabled } from "../../config/env.js";
 import { datesToISO } from "../../util/json.js";
 import { assistantEventHub } from "../assistant-event-hub.js";
 import { ACTOR_PRINCIPALS } from "../auth/route-policy.js";
+import {
+  DEFAULT_HEARTBEAT_INTERVAL_MS,
+  isClientDegraded,
+} from "../client-health.js";
 import { NotFoundError } from "./errors.js";
 import type { RouteDefinition } from "./types.js";
 
@@ -65,6 +69,7 @@ export const ROUTES: RouteDefinition[] = [
               c.actorPrincipalId === callerPrincipalId,
           );
 
+      const now = new Date();
       return {
         clients: filtered.map((c) =>
           datesToISO({
@@ -74,6 +79,11 @@ export const ROUTES: RouteDefinition[] = [
             machineName: c.machineName,
             connectedAt: c.connectedAt,
             lastActiveAt: c.lastActiveAt,
+            degraded: isClientDegraded(
+              c.lastActiveAt,
+              now,
+              DEFAULT_HEARTBEAT_INTERVAL_MS,
+            ),
           }),
         ),
       };

package/src/runtime/routes/contact-routes.ts

@@ -50,6 +50,30 @@ function withGuardianNameOverride<
   return contact;
 }
 
+/** Adds `externalUserId` (= `address`) to each channel for older macOS clients. */
+function withChannelCompat<T extends { channels: { address: string }[] }>(
+  contact: T,
+): T {
+  return {
+    ...contact,
+    channels: contact.channels.map((ch) => ({
+      ...ch,
+      externalUserId: ch.address,
+    })),
+  };
+}
+
+/** Compose both response transforms (guardian display name + channel compat). */
+function prepareContactResponse<
+  T extends {
+    role: string;
+    displayName: string;
+    channels: { address: string }[];
+  },
+>(contact: T): T {
+  return withChannelCompat(withGuardianNameOverride(contact));
+}
+
 const VALID_CONTACT_TYPES: readonly ContactType[] = ["human", "assistant"];
 
 const VALID_CHANNEL_STATUSES: readonly ChannelStatus[] = [
@@ -87,6 +111,7 @@ const contactChannelSchema = z.object({
   type: z.string(),
   address: z.string(),
   isPrimary: z.boolean(),
+  /** @deprecated Echoes `address` for backwards compatibility with older macOS clients. */
   externalUserId: z.string().nullable(),
   status: z.string(),
   policy: z.string(),
@@ -143,14 +168,14 @@ function handleListContacts(queryParams: Record<string, string>) {
     });
     return {
       ok: true,
-      contacts: contacts.map(withGuardianNameOverride),
+      contacts: contacts.map(prepareContactResponse),
     };
   }
 
   const contacts = listContacts(limit, role, contactType);
   return {
     ok: true,
-    contacts: contacts.map(withGuardianNameOverride),
+    contacts: contacts.map(prepareContactResponse),
   };
 }
 
@@ -165,7 +190,7 @@ function handleGetContact(contactId: string) {
       : undefined;
   return {
     ok: true,
-    contact: withGuardianNameOverride(contact),
+    contact: prepareContactResponse(contact),
     assistantMetadata: assistantMeta ?? undefined,
   };
 }
@@ -508,7 +533,7 @@ export const ROUTES: RouteDefinition[] = [
           limit: z.number().optional(),
         })
         .parse(body);
-      return searchContacts(parsed);
+      return searchContacts(parsed).map(prepareContactResponse);
     },
   },
 
@@ -604,7 +629,7 @@ function handleMergeContactsRoute(args: RouteHandlerArgs) {
 
   try {
     const contact = mergeContacts(keepId, mergeId);
-    return { ok: true, contact: withGuardianNameOverride(contact) };
+    return { ok: true, contact: prepareContactResponse(contact) };
   } catch (err) {
     const message = err instanceof Error ? err.message : String(err);
     throw new BadRequestError(message);
@@ -667,8 +692,6 @@ function handleUpdateContactChannelRoute(args: RouteHandlerArgs) {
   const parentContact = getContact(updated.contactId);
   return {
     ok: true,
-    contact: parentContact
-      ? withGuardianNameOverride(parentContact)
-      : undefined,
+    contact: parentContact ? prepareContactResponse(parentContact) : undefined,
   };
 }

package/src/runtime/routes/conversation-compaction-routes.ts

@@ -72,7 +72,7 @@ const log = getLogger("conversation-compaction-routes");
  * `responseBody` (below) is the source-of-truth for the generated
  * OpenAPI client type the frontend imports
  * (`ConversationsByIdCompactionGetResponse` in
- * `apps/web/src/generated/daemon/types.gen`); regenerate the client with
+ * `clients/web/src/generated/daemon/types.gen`); regenerate the client with
  * `bun run openapi-ts` after changing the schema.
  *
  * `null` means the value isn't known for the underlying row — either the

package/src/runtime/routes/conversation-management-routes.ts

@@ -26,6 +26,7 @@ import {
   cancelGeneration,
   clearAllConversations,
   regenerateResponse,
+  resolveMetaSlashCommand,
   switchConversation,
   undoLastMessage,
 } from "../../daemon/handlers/conversations.js";
@@ -93,11 +94,26 @@ function cancelScheduleIfLast(conversationId: string): void {
 function handleCreateConversation({ body = {}, headers }: RouteHandlerArgs) {
   const conversationKey =
     (body.conversationKey as string | undefined) ?? crypto.randomUUID();
+  // The shared route adapter does not runtime-validate the body against the
+  // Zod requestBody (it's codegen-only), so guard the type before trimming —
+  // a malformed `{ title: 123 }` would otherwise throw on `.trim()` and 500.
+  if (body.title !== undefined && typeof body.title !== "string") {
+    throw new BadRequestError("title must be a string");
+  }
+  const customTitle = body.title?.trim() || undefined;
   const result = getOrCreateConversation(conversationKey, {
     conversationType: "standard",
   });
   if (result.created) {
-    updateConversationTitle(result.conversationId, "New Conversation");
+    // A caller-supplied title is user-set: persist it with isAutoTitle = 0 so
+    // the async LLM titler's safe-overwrite check leaves it untouched. Without
+    // one, fall back to the neutral "New Conversation" placeholder, which stays
+    // replaceable by the auto-titler once messages arrive.
+    if (customTitle) {
+      updateConversationTitle(result.conversationId, customTitle, 0);
+    } else {
+      updateConversationTitle(result.conversationId, "New Conversation");
+    }
     publishConversationListAndMetadataChanged(
       "created",
       result.conversationId,
@@ -452,6 +468,29 @@ async function handleUndoLastMessage({ pathParams = {} }: RouteHandlerArgs) {
   };
 }
 
+async function handleResolveMetaSlashCommand({
+  pathParams = {},
+  body = {},
+}: RouteHandlerArgs) {
+  const command = body.command as string | undefined;
+  if (!command || typeof command !== "string") {
+    throw new BadRequestError("Missing command");
+  }
+  let result: Awaited<ReturnType<typeof resolveMetaSlashCommand>>;
+  try {
+    result = await resolveMetaSlashCommand(pathParams.id!, command);
+  } catch (err) {
+    if (err instanceof UserError) {
+      throw new BadRequestError(err.message);
+    }
+    throw err;
+  }
+  if (!result) {
+    throw new NotFoundError(`No conversation for ${pathParams.id}`);
+  }
+  return result;
+}
+
 async function handleRegenerateResponse({ pathParams = {} }: RouteHandlerArgs) {
   const conversationId = pathParams.id!;
   try {
@@ -526,6 +565,12 @@ export const ROUTES: RouteDefinition[] = [
         .literal("standard")
         .optional()
         .describe("Only standard conversations are created by this endpoint"),
+      title: z
+        .string()
+        .optional()
+        .describe(
+          "Explicit title for the conversation. When provided on creation, it is persisted as a user-set title (never overwritten by the auto-titler). Used by flows that mint a conversation up-front and don't want an auto-generated title.",
+        ),
     }),
     responseBody: z.object({
       id: z
@@ -820,6 +865,40 @@ export const ROUTES: RouteDefinition[] = [
     }),
     handler: handleUndoLastMessage,
   },
+  {
+    operationId: "resolveConversationSlashCommand",
+    endpoint: "conversations/:id/slash",
+    method: "POST",
+    policy: {
+      requiredScopes: ["chat.write"],
+      allowedPrincipalTypes: ACTOR_PRINCIPALS,
+    },
+    summary: "Resolve a local meta slash command",
+    description:
+      "Run a local meta slash command (/clean, /status, /commands, /models) " +
+      "without starting a turn: no messages are persisted and no turn events " +
+      "are emitted. /clean also strips runtime injections from the history. " +
+      "Returns the text to render and, for /clean, the post-strip context usage.",
+    tags: ["conversations"],
+    pathParams: [{ name: "id", type: "uuid" }],
+    requestBody: z.object({
+      command: z
+        .string()
+        .describe("The slash command text, e.g. `/clean` or `/status`."),
+    }),
+    responseBody: z.object({
+      kind: z.enum(["clean", "info"]),
+      text: z.string(),
+      contextUsage: z
+        .object({
+          tokens: z.number(),
+          maxTokens: z.number().nullable(),
+          fillRatio: z.number().nullable(),
+        })
+        .optional(),
+    }),
+    handler: handleResolveMetaSlashCommand,
+  },
   {
     operationId: "regenerateResponse",
     endpoint: "conversations/:id/regenerate",

package/src/runtime/routes/conversation-query-routes.ts

@@ -129,9 +129,16 @@ const INFERENCE_PROFILE_UI_KEYS = new Set([
   "speed",
   "verbosity",
   "temperature",
+  "topP",
   "thinking",
 ]);
 
+// Fields a MANAGED profile may edit. Beyond `label` (display name) and
+// `status` (enabled/disabled), users can tune `topP` — the seed contract
+// owns provider/model/connection, but top_p is a per-profile sampling knob
+// the UI exposes on the managed Balanced profile.
+const MANAGED_PROFILE_EDITABLE_KEYS = new Set(["label", "status", "topP"]);
+
 function asMutablePlainObject(value: unknown): Record<string, unknown> | null {
   if (value == null || typeof value !== "object" || Array.isArray(value)) {
     return null;
@@ -508,6 +515,8 @@ const ConfigGetResponseSchema = z
         profiles: z.record(z.string(), WireProfileEntry).optional(),
         profileOrder: z.array(z.string()).optional(),
         activeProfile: z.string().optional(),
+        // The profile the advisor consults; excluded from chat-profile pickers.
+        advisorProfile: z.string().optional(),
         callSites: z
           .record(
             z.string(),
@@ -536,6 +545,13 @@ const ConfigGetResponseSchema = z
           })
           .passthrough()
           .optional(),
+        "web-fetch": z
+          .object({
+            mode: ServiceModeSchema.optional(),
+            provider: z.string().optional(),
+          })
+          .passthrough()
+          .optional(),
         "image-generation": z
           .object({ mode: ServiceModeSchema.optional() })
           .passthrough()
@@ -609,6 +625,7 @@ const ConfigPatchRequestSchema = z
           .optional(),
         profileOrder: z.array(z.string()).optional(),
         activeProfile: z.string().nullable().optional(),
+        advisorProfile: z.string().nullable().optional(),
         callSites: z
           .record(z.string(), CallSiteOverrideDraftSchema.nullable())
           .optional(),
@@ -633,6 +650,14 @@ const ConfigPatchRequestSchema = z
           .passthrough()
           .nullable()
           .optional(),
+        "web-fetch": z
+          .object({
+            mode: ServiceModeSchema.optional(),
+            provider: z.string().optional(),
+          })
+          .passthrough()
+          .nullable()
+          .optional(),
         "image-generation": z
           .object({ mode: ServiceModeSchema.optional() })
           .passthrough()
@@ -730,8 +755,14 @@ function rejectManagedProfileDeletion(body: Record<string, unknown>): void {
   }
   const profiles = asMutablePlainObject(llm.profiles);
   if (!profiles) return;
+  const existingProfiles = asMutablePlainObject(getConfig().llm.profiles) ?? {};
   for (const name of Object.keys(profiles)) {
-    if (profiles[name] === null && MANAGED_PROFILE_NAMES.has(name)) {
+    if (profiles[name] !== null || !MANAGED_PROFILE_NAMES.has(name)) continue;
+    // Only block deletion when the on-disk entry is Vellum-managed. A
+    // user-owned profile sharing a managed name carries a non-managed `source`
+    // and is freely deletable.
+    const existing = asMutablePlainObject(existingProfiles[name]);
+    if (existing?.source === "managed") {
       throw new BadRequestError(`Cannot delete managed profile "${name}".`);
     }
   }
@@ -904,21 +935,39 @@ async function handleReplaceInferenceProfile({
     const detail = parsed.error.issues.map((issue) => issue.message).join("; ");
     throw new BadRequestError(`Invalid profile fragment: ${detail}`);
   }
-  const isManaged = MANAGED_PROFILE_NAMES.has(name);
+  // A managed name with no existing entry stays protected so users can't
+  // shadow a seeded managed profile. An existing entry carrying a non-managed
+  // `source` is user-owned and remains fully editable.
+  const existingProfile = asMutablePlainObject(
+    getConfig().llm.profiles?.[name],
+  );
+  const isManaged =
+    MANAGED_PROFILE_NAMES.has(name) &&
+    (existingProfile == null || existingProfile.source === "managed");
+  // A managed profile name with no materialized entry (e.g. a flag-gated profile
+  // whose flag is off) cannot be patched: writing label/status here would persist
+  // a source-less stub that later blocks the real managed profile from being
+  // seeded. Reject rather than create a placeholder.
+  if (MANAGED_PROFILE_NAMES.has(name) && existingProfile == null) {
+    throw new BadRequestError(
+      `Profile "${name}" is not currently available and cannot be edited.`,
+    );
+  }
   if (isManaged) {
-    // Managed profiles are daemon-seeded — provider, model, advanced params,
-    // and the connection binding all belong to the seed contract and can't
-    // be reshaped by the user. The two fields that ARE user policy (display
-    // label and enabled status) are allowed through so users can rename a
-    // managed profile or temporarily disable it without duplicating it.
+    // Managed profiles are daemon-seeded — provider, model, and the
+    // connection binding all belong to the seed contract and can't be
+    // reshaped by the user. The fields that ARE user policy (display label,
+    // enabled status, and the topP sampling knob) are allowed through so
+    // users can rename a managed profile, temporarily disable it, or tune
+    // top_p without duplicating it.
     const requestedKeys = Object.keys(parsed.data);
     const disallowed = requestedKeys.filter(
-      (k) => k !== "label" && k !== "status",
+      (k) => !MANAGED_PROFILE_EDITABLE_KEYS.has(k),
     );
     if (disallowed.length > 0) {
       throw new BadRequestError(
         `Cannot edit managed profile "${name}" fields [${disallowed.join(", ")}]. ` +
-          `Only label and status may be edited; duplicate to a custom profile to change other fields.`,
+          `Only label, status, and topP may be edited; duplicate to a custom profile to change other fields.`,
       );
     }
   }
@@ -1019,7 +1068,7 @@ async function handleReplaceInferenceProfile({
 }
 
 /**
- * Apply a `{label?, status?}` patch to a managed profile entry, preserving
+ * Apply a `{label?, status?, topP?}` patch to a managed profile entry, preserving
  * every other field already on disk (provider, model, advanced params, etc).
  * Caller is responsible for having already restricted the fragment to the
  * managed-allowed keys.
@@ -1039,19 +1088,16 @@ function patchManagedProfileFields(
 
   const existingProfile = asMutablePlainObject(profiles[name]) ?? {};
   const nextProfile: Record<string, unknown> = { ...existingProfile };
-  // Send `null` to clear; omit to leave untouched.
-  if ("label" in fragment) {
-    if (fragment.label === null) {
-      delete nextProfile.label;
-    } else {
-      nextProfile.label = fragment.label;
-    }
-  }
-  if ("status" in fragment) {
-    if (fragment.status === null) {
-      delete nextProfile.status;
+  // For each managed-editable key: send `null` to clear, a value to set,
+  // omit to leave untouched. Iterating the allowlist keeps persistence in
+  // lock-step with the guard above — a key can't slip through the gate
+  // without also being written.
+  for (const key of MANAGED_PROFILE_EDITABLE_KEYS) {
+    if (!(key in fragment)) continue;
+    if (fragment[key] === null) {
+      delete nextProfile[key];
     } else {
-      nextProfile.status = fragment.status;
+      nextProfile[key] = fragment[key];
     }
   }
   profiles[name] = nextProfile;

package/src/runtime/routes/conversation-routes.ts

@@ -120,7 +120,10 @@ import { assistantEventHub, broadcastMessage } from "../assistant-event-hub.js";
 import { DAEMON_INTERNAL_ASSISTANT_ID } from "../assistant-scope.js";
 import { getPersistedSeq } from "../assistant-stream-state.js";
 import { ACTOR_PRINCIPALS } from "../auth/route-policy.js";
-import { routeGuardianReply } from "../guardian-reply-router.js";
+import {
+  type GuardianPendingScope,
+  routeGuardianReply,
+} from "../guardian-reply-router.js";
 import { healGuardianBindingDrift } from "../guardian-vellum-migration.js";
 import type {
   ApprovalConversationGenerator,
@@ -148,6 +151,10 @@ import {
   collectPendingConfirmations,
   enrichToolCallsWithConfirmation,
 } from "./tool-call-confirmation-enrichment.js";
+import {
+  collectPendingQuestions,
+  enrichToolCallsWithQuestion,
+} from "./tool-call-question-enrichment.js";
 import type { RouteDefinition, RouteHandlerArgs } from "./types.js";
 import { RouteResponse } from "./types.js";
 
@@ -486,12 +493,14 @@ async function tryConsumeCanonicalGuardianReply(params: {
     sourceChannel,
     conversation,
   );
-  // Always pass the hints array (even when empty) so
-  // findPendingCanonicalRequests respects the in-memory staleness filter
-  // applied by collectCanonicalGuardianRequestHintIds. Converting empty
-  // hints to `undefined` caused the router to fall through to raw DB
-  // queries that rediscovered stale canonical requests.
-  const pendingRequestIds = pendingRequestHintIds;
+  // An empty hint set is `blocked`, not absence: the in-memory staleness
+  // filter in collectCanonicalGuardianRequestHintIds found no live requests,
+  // so the router must not fall back to identity/DB lookup (which rediscovered
+  // stale canonical requests). A non-empty set scopes resolution to it.
+  const pendingScope: GuardianPendingScope =
+    pendingRequestHintIds.length > 0
+      ? { mode: "scoped", requestIds: pendingRequestHintIds }
+      : { mode: "blocked" };
 
   const routerResult = await routeGuardianReply({
     messageText: trimmedContent,
@@ -503,7 +512,7 @@ async function tryConsumeCanonicalGuardianReply(params: {
       guardianPrincipalId: verifiedActorPrincipalId,
     },
     conversationId,
-    pendingRequestIds,
+    pendingScope,
     approvalConversationGenerator,
     emissionContext: {
       source: "inline_nl",
@@ -817,6 +826,7 @@ export function handleListMessages({
   const pendingConfirmations = collectPendingConfirmations(
     resolvedConversationId,
   );
+  const pendingQuestions = collectPendingQuestions(resolvedConversationId);
 
   const messages: RuntimeMessagePayload[] = parsed.map((m) => {
     const mergedMessageIds = m.id ? (mergedIdMap.get(m.id) ?? []) : [];
@@ -880,10 +890,13 @@ export function handleListMessages({
       m.id ?? undefined,
     );
 
-    const toolCalls = enrichToolCallsWithConfirmation(rendered.toolCalls, {
-      workspaceDir,
-      pendingConfirmations,
-    });
+    const toolCalls = enrichToolCallsWithQuestion(
+      enrichToolCallsWithConfirmation(rendered.toolCalls, {
+        workspaceDir,
+        pendingConfirmations,
+      }),
+      { pendingQuestions },
+    );
 
     // Strip <no_response/> markers from assistant messages so web/API clients
     // never see the raw sentinel. Only assistant messages produce it; user
@@ -944,8 +957,8 @@ export function handleListMessages({
       ...(mergedMessageIds.length > 0 ? { mergedMessageIds } : {}),
       ...(m.clientMessageId ? { clientMessageId: m.clientMessageId } : {}),
       role: m.role,
-      // Flat plain-text body the legacy Swift client reads directly; see the
-      // `content` field on ConversationMessageSchema for why this must stay.
+      // Flat plain-text body; see the `content` field on
+      // ConversationMessageSchema for why this must stay.
       content: text,
       timestamp: new Date(displayTimestamp).toISOString(),
       attachments: msgAttachments,
@@ -1133,6 +1146,7 @@ export async function handleSendMessage(
       bootstrapTemplate?: string;
       initialMessage?: string;
       skills?: string[];
+      title?: string;
     };
   };
 
@@ -1310,8 +1324,13 @@ export async function handleSendMessage(
         : sourceChannel === "vellum"
           ? crypto.randomUUID()
           : `default:${sourceChannel}:${sourceInterface}`;
+    // An onboarding flow may supply an explicit title for the conversation it
+    // mints behind the scenes (e.g. the research pass) so it isn't left with an
+    // auto-generated title. Applied only when this call creates the row.
+    const onboardingTitle = body.onboarding?.title?.trim() || undefined;
     mapping = getOrCreateConversation(resolvedConversationKey, {
       conversationType: "standard",
+      title: onboardingTitle,
     });
   }
 
@@ -2717,6 +2736,12 @@ export const ROUTES: RouteDefinition[] = [
           bootstrapTemplate: z.string().optional(),
           initialMessage: z.string().optional(),
           skills: z.array(z.string()).optional(),
+          title: z
+            .string()
+            .optional()
+            .describe(
+              "Explicit title for the conversation minted on this first message. Persisted as a user-set title (never overwritten by the auto-titler). Used by onboarding flows that mint a conversation behind the scenes.",
+            ),
         })
         .describe("PreChat onboarding context, sent on the first message only")
         .optional(),