@vellumai/vellum-gateway 0.3.14 → 0.3.16

package/ARCHITECTURE.md

@@ -4,7 +4,7 @@ This document owns public-ingress and channel webhook architecture. The repo-lev
 
 ## Ingress Boundary Architecture — Gateway-Only Public Ingress
 
-All external webhook endpoints (Telegram, Twilio, OAuth, future channels) are handled exclusively by the gateway. The runtime never exposes webhook ingress. The runtime-proxy explicitly blocks forwarding of `/webhooks/*` paths.
+All external webhook endpoints (Telegram, Twilio, WhatsApp, OAuth) and persistent channel connections (Slack Socket Mode) are handled exclusively by the gateway. The runtime never exposes webhook ingress. The runtime-proxy explicitly blocks forwarding of `/webhooks/*` paths.
 
 This boundary is enforced at three layers:
 
@@ -18,6 +18,7 @@ Internet
   +-- Twilio ----------> Gateway POST /webhooks/twilio/*    --> Runtime /v1/internal/twilio/*
   +-- OAuth Provider ---> Gateway GET  /webhooks/oauth/callback --> Runtime /v1/internal/oauth/callback
   +-- Telegram --------> Gateway POST /webhooks/telegram    --> Runtime /v1/channels/inbound
+  +-- Slack ------------> Gateway (Socket Mode WebSocket)   --> Runtime /v1/channels/inbound
   |
   +-- Tunnel (ngrok, Cloudflare, etc.)
        |
@@ -174,10 +175,9 @@ All channel ingress paths canonicalize the `assistantId` via `normalizeAssistant
 
 #### Guardian Verify Code Parsing
 
-The inbound message handler (`inbound-message-handler.ts`) accepts verification codes in two formats:
+The inbound message handler (`inbound-message-handler.ts`) accepts verification codes as bare-code replies:
 
 - **Bare code**: A 6-digit numeric code sent as the entire message body. This is the primary flow — the user is shown a verification code in setup UI and sends that code in-channel as a plain message.
-- **Legacy command**: `/guardian_verify <code>` (or `/guardian_verify@BotName <code>` for Telegram group chats). This format is still accepted for backward compatibility but is no longer the recommended flow.
 
 #### Explicit Rebind Policy
 
@@ -246,13 +246,13 @@ flowchart TD
     HAS_BINDING -- No --> DENY_ESCALATE["Deny: escalate_no_guardian"]
     HAS_BINDING -- Yes --> CREATE_APPROVAL["Create approval request<br/>+ notify guardian (dual-surface)"]
 
-    ESCALATE_CHECK -- No --> VERIFY_CHECK{"Guardian verify<br/>code or command?"}
+    ESCALATE_CHECK -- No --> VERIFY_CHECK{"Guardian verify<br/>code?"}
     VERIFY_CHECK -- Yes --> VERIFY["Validate challenge<br/>→ create guardian binding"]
     VERIFY_CHECK -- No --> ROLE_RESOLVE["Resolve actor role<br/>(guardian-context-resolver)"]
     ROLE_RESOLVE --> APPROVAL_INTERCEPT["Approval interception<br/>+ message processing"]
 ```
 
-This ordering ensures that ingress ACL decisions are finalized before any agent processing occurs. Guardian verification codes (bare codes or the legacy `/guardian_verify` command) are intercepted after ACL enforcement but before the agent loop, so they never trigger inference.
+This ordering ensures that ingress ACL decisions are finalized before any agent processing occurs. Guardian verification code replies are intercepted after ACL enforcement but before the agent loop, so they never trigger inference.
 
 #### Actor Role Resolution
 
@@ -303,7 +303,7 @@ The `channelGuardianApprovalRequests` table tracks per-run approval state. Each
 | `assistant/src/memory/channel-guardian-store.ts` | CRUD for guardian bindings, verification challenges, and approval requests (all scoped by `assistantId`) |
 | `assistant/src/runtime/channel-guardian-service.ts` | Challenge creation/validation, guardian identity checks (`isGuardian()`, `getGuardianBinding()`) -- all accept `assistantId` |
 | `assistant/src/runtime/guardian-context-resolver.ts` | Actor role classification: guardian / non-guardian / unverified_channel based on binding state + sender identity |
-| `assistant/src/runtime/routes/inbound-message-handler.ts` | Ingress ACL enforcement, `/guardian_verify` command intercept, escalation creation, actor role resolution |
+| `assistant/src/runtime/routes/inbound-message-handler.ts` | Ingress ACL enforcement, verification-code intercept, escalation creation, actor role resolution |
 | `assistant/src/runtime/routes/channel-routes.ts` | Approval routing to guardian, proactive expiry sweep (`sweepExpiredGuardianApprovals`, `startGuardianExpirySweep`) |
 | `assistant/src/calls/guardian-dispatch.ts` | Cross-channel ASK_GUARDIAN dispatch: creates guardian_action_requests, fans out to mac/telegram/sms, manages deliveries |
 | `assistant/src/calls/guardian-action-sweep.ts` | Periodic 60s sweep for expired guardian action requests; sends expiry notices to delivery channels |
@@ -315,7 +315,7 @@ The ingress membership system extends the guardian security model to support con
 
 #### Ingress Membership ACL
 
-The channel inbound handler (`inbound-message-handler.ts`) enforces an access control layer between message receipt and agent processing. The ACL runs at the top of the handler, before guardian role resolution or `/guardian_verify` command interception (see [Inbound Message Decision Chain](#inbound-message-decision-chain) for the full ordering):
+The channel inbound handler (`inbound-message-handler.ts`) enforces an access control layer between message receipt and agent processing. The ACL runs at the top of the handler, before guardian role resolution or verification-code interception (see [Inbound Message Decision Chain](#inbound-message-decision-chain) for the full ordering):
 
 1. When `senderExternalUserId` is present, the handler looks up the sender in `assistant_ingress_members` by `(sourceChannel, externalUserId)` or `(sourceChannel, externalChatId)`.
 2. If no member record exists, the message is denied (`not_a_member`).
@@ -435,6 +435,58 @@ In single-assistant mode (the default local deployment), routing is automaticall
 
 In multi-assistant mode, the operator must configure `GATEWAY_ASSISTANT_ROUTING_JSON` to map specific chat/user IDs to assistant IDs.
 
+### Slack Channel (Socket Mode)
+
+The Slack channel enables inbound and outbound messaging via Slack's Socket Mode API. Unlike Telegram, SMS, and WhatsApp which use HTTP webhook ingress, Slack uses a persistent WebSocket connection — no public ingress URL is required.
+
+**Connection lifecycle** (`apps.connections.open`):
+
+1. The gateway calls `POST https://slack.com/api/apps.connections.open` with the Slack app-level token (`xapp-...`) to obtain a WebSocket URL.
+2. A `SlackSocketModeClient` opens the WebSocket and maintains a single active connection.
+3. On connection, the client resets its reconnect counter. On close or error, it schedules a reconnect with capped exponential backoff (1s base, 30s max) plus 0-50% jitter.
+4. Slack may send a `disconnect` envelope to request a reconnect (e.g., server rotation). The client handles this by closing the current socket and reconnecting immediately (attempt counter reset to 0).
+
+**Event processing** (inbound):
+
+1. Every Socket Mode envelope is ACKed immediately by echoing `{ envelope_id }` back on the WebSocket — this is required by Slack regardless of whether the event is processed.
+2. Only `events_api` envelopes with `app_mention` events are processed in MVP. Other envelope types (slash commands, interactive payloads) are ACKed but ignored.
+3. Events are deduplicated by `event_id` using an in-memory `Map<string, number>` with a 24-hour TTL. A periodic cleanup sweep runs every hour to evict expired entries.
+4. The `normalizeSlackAppMention()` function strips leading bot-mention tokens (`<@U...>`) from the message text and produces a `GatewayInboundEventV1` with `sourceChannel: "slack"`, using the Slack channel ID as `externalChatId` and the sender's user ID as `externalUserId`.
+5. Routing uses the standard `resolveAssistant()` chain (chat_id -> user_id -> default/reject). Events that cannot be routed are dropped.
+6. The normalized event is forwarded to the runtime via `POST /v1/channels/inbound` with Slack-specific transport hints and a `replyCallbackUrl` pointing to `/deliver/slack`.
+
+**Egress** (`POST /deliver/slack`):
+
+1. The runtime calls the gateway's `/deliver/slack` endpoint with `{ chatId, text }` or `{ to, text }` (alias). The `chatId` field maps to the Slack channel ID where the reply should be posted.
+2. The gateway authenticates the request via bearer token (same fail-closed model as other deliver endpoints).
+3. The gateway posts the message via `POST https://slack.com/api/chat.postMessage` using the bot token.
+4. Threading is supported via a `threadTs` query parameter on the deliver URL. When present, replies are posted as thread replies to the specified message timestamp.
+
+**Credential management:**
+
+The Slack channel requires two tokens:
+
+| Token | Format | Purpose |
+|-------|--------|---------|
+| App token | `xapp-...` | Used for `apps.connections.open` to establish the Socket Mode WebSocket connection |
+| Bot token | `xoxb-...` | Used for `chat.postMessage` to send outbound messages and for `auth.test` validation |
+
+Both tokens are stored in secure storage (`credential:slack_channel:app_token`, `credential:slack_channel:bot_token`) via the assistant's Slack channel config endpoints (see `assistant/ARCHITECTURE.md`). The gateway reads them via its `credential-reader` module using the same keychain-first fallback strategy as Telegram credentials.
+
+**Auto-reconnect behavior:**
+
+The Socket Mode client auto-reconnects on any WebSocket close or error. The backoff schedule is: `min(1000 * 2^attempt, 30000)` + random jitter. After a successful connection, the attempt counter resets. Slack-initiated disconnects (envelope `type: "disconnect"`) trigger an immediate reconnect with no backoff.
+
+**Key modules:**
+
+| Module | Purpose |
+|--------|---------|
+| `gateway/src/slack/socket-mode.ts` | `SlackSocketModeClient` — WebSocket lifecycle, ACK, dedup, auto-reconnect |
+| `gateway/src/slack/normalize.ts` | `normalizeSlackAppMention()` — event normalization and bot-mention stripping |
+| `gateway/src/http/routes/slack-deliver.ts` | `/deliver/slack` — outbound message delivery via `chat.postMessage` |
+
+**Limitations (MVP):** Text-only — attachments are rejected. Only `app_mention` events are processed (direct messages to the bot are not handled). Rich approval UI (inline buttons) is not supported.
+
 ---
 
 ## AI Phone Calls — Twilio ConversationRelay

package/README.md

@@ -403,7 +403,7 @@ See [`benchmarking/gateway/README.md`](../benchmarking/gateway/README.md) for lo
 
 | Symptom | Cause | Resolution |
 |---------|-------|------------|
-| `/guardian_verify` command gets no reply | The verification message did not reach the runtime, or the challenge expired | Ensure the gateway is running, the bot token is valid, and the Telegram webhook is registered. Challenges expire after 10 minutes -- generate a new one via the desktop UI. |
+| Guardian verification code reply gets no response | The verification message did not reach the runtime, or the challenge expired | Ensure the gateway is running, the bot token is valid, and the Telegram webhook is registered. Challenges expire after 10 minutes -- generate a new one via the desktop UI. |
 | Non-guardian actions auto-denied with "no guardian configured" | No guardian binding exists for the channel. The runtime is fail-closed for unverified channels. | Set up a guardian by running the verification flow from the desktop UI. |
 | Approval prompt not delivered to guardian | The `replyCallbackUrl` may be unreachable, or the guardian's chat ID is stale | Verify `GATEWAY_INTERNAL_BASE_URL` is set correctly (especially in containerized deployments). Re-verify the guardian if the chat ID has changed. |
 | Guardian approval expired | The 30-minute TTL elapsed without a decision. A proactive sweep (every 60s) auto-denied the approval and notified both the requester and guardian. | The non-guardian user must re-trigger the action. |

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@vellumai/vellum-gateway",
-  "version": "0.3.14",
+  "version": "0.3.16",
   "type": "module",
   "scripts": {
     "dev": "bun run --watch src/index.ts",

package/src/__tests__/load-guards.test.ts

@@ -54,7 +54,7 @@ function makeConfig(overrides: Partial<GatewayConfig> = {}): GatewayConfig {
 
 describe("payload size guard", () => {
   test("returns 413 when content-length exceeds limit", async () => {
-    const handler = createTelegramWebhookHandler(makeConfig());
+    const { handler } = createTelegramWebhookHandler(makeConfig());
     const body = JSON.stringify({ data: "x".repeat(300) });
     const req = new Request("http://localhost:7830/webhooks/telegram", {
       method: "POST",
@@ -72,7 +72,7 @@ describe("payload size guard", () => {
   });
 
   test("returns 413 when body exceeds limit even without content-length", async () => {
-    const handler = createTelegramWebhookHandler(makeConfig());
+    const { handler } = createTelegramWebhookHandler(makeConfig());
     const body = JSON.stringify({ data: "x".repeat(300) });
     const req = new Request("http://localhost:7830/webhooks/telegram", {
       method: "POST",
@@ -87,7 +87,7 @@ describe("payload size guard", () => {
   });
 
   test("accepts payload within limit", async () => {
-    const handler = createTelegramWebhookHandler(
+    const { handler } = createTelegramWebhookHandler(
       makeConfig({ maxWebhookPayloadBytes: 10000 }),
     );
     const body = JSON.stringify({ update_id: 1, message: { text: "hi", chat: { id: 1, type: "private" }, from: { id: 1 }, message_id: 1 } });

package/src/__tests__/probes.test.ts

@@ -22,7 +22,7 @@ const { createTelegramWebhookHandler } = await import(
 
 const config = loadConfig();
 
-const handleTelegramWebhook = createTelegramWebhookHandler(config);
+const { handler: handleTelegramWebhook } = createTelegramWebhookHandler(config);
 
 let draining = false;
 

package/src/__tests__/slack-config.test.ts

@@ -0,0 +1,85 @@
+import { describe, test, expect } from "bun:test";
+import { isSlackChannelConfigured, type GatewayConfig } from "../config.js";
+
+function makeConfig(overrides: Partial<GatewayConfig> = {}): GatewayConfig {
+  return {
+    assistantRuntimeBaseUrl: "http://localhost:7821",
+    defaultAssistantId: undefined,
+    gatewayInternalBaseUrl: "http://127.0.0.1:7830",
+    logFile: { dir: undefined, retentionDays: 30 },
+    maxAttachmentBytes: 20971520,
+    maxAttachmentConcurrency: 3,
+    maxWebhookPayloadBytes: 1048576,
+    port: 7830,
+    routingEntries: [],
+    runtimeBearerToken: undefined,
+    runtimeGatewayOriginSecret: undefined,
+    runtimeInitialBackoffMs: 500,
+    runtimeMaxRetries: 2,
+    runtimeProxyBearerToken: undefined,
+    runtimeProxyEnabled: false,
+    runtimeProxyRequireAuth: false,
+    runtimeTimeoutMs: 30000,
+    shutdownDrainMs: 5000,
+    telegramApiBaseUrl: "https://api.telegram.org",
+    telegramBotToken: undefined,
+    telegramDeliverAuthBypass: false,
+    telegramInitialBackoffMs: 1000,
+    telegramMaxRetries: 3,
+    telegramTimeoutMs: 15000,
+    telegramWebhookSecret: undefined,
+    twilioAuthToken: undefined,
+    twilioAccountSid: undefined,
+    twilioPhoneNumber: undefined,
+    smsDeliverAuthBypass: false,
+    ingressPublicBaseUrl: undefined,
+    unmappedPolicy: "reject",
+    whatsappPhoneNumberId: undefined,
+    whatsappAccessToken: undefined,
+    whatsappAppSecret: undefined,
+    whatsappWebhookVerifyToken: undefined,
+    whatsappDeliverAuthBypass: false,
+    whatsappTimeoutMs: 15000,
+    whatsappMaxRetries: 3,
+    whatsappInitialBackoffMs: 1000,
+    slackChannelBotToken: undefined,
+    slackChannelAppToken: undefined,
+    slackDeliverAuthBypass: false,
+    trustProxy: false,
+    ...overrides,
+  } as GatewayConfig;
+}
+
+describe("isSlackChannelConfigured", () => {
+  test("returns true when both tokens are set", () => {
+    const config = makeConfig({
+      slackChannelBotToken: "xoxb-test-token",
+      slackChannelAppToken: "xapp-test-token",
+    });
+    expect(isSlackChannelConfigured(config)).toBe(true);
+  });
+
+  test("returns false when bot token is missing", () => {
+    const config = makeConfig({
+      slackChannelBotToken: undefined,
+      slackChannelAppToken: "xapp-test-token",
+    });
+    expect(isSlackChannelConfigured(config)).toBe(false);
+  });
+
+  test("returns false when app token is missing", () => {
+    const config = makeConfig({
+      slackChannelBotToken: "xoxb-test-token",
+      slackChannelAppToken: undefined,
+    });
+    expect(isSlackChannelConfigured(config)).toBe(false);
+  });
+
+  test("returns false when both tokens are missing", () => {
+    const config = makeConfig({
+      slackChannelBotToken: undefined,
+      slackChannelAppToken: undefined,
+    });
+    expect(isSlackChannelConfigured(config)).toBe(false);
+  });
+});

package/src/__tests__/slack-deliver.test.ts

@@ -0,0 +1,260 @@
+import { describe, test, expect, mock, beforeEach } from "bun:test";
+import type { GatewayConfig } from "../config.js";
+
+type FetchFn = (input: string | URL | Request, init?: RequestInit) => Promise<Response>;
+let fetchMock: ReturnType<typeof mock<FetchFn>> = mock(async () => new Response());
+
+mock.module("../fetch.js", () => ({
+  fetchImpl: (...args: Parameters<FetchFn>) => fetchMock(...args),
+}));
+
+const { createSlackDeliverHandler } = await import("../http/routes/slack-deliver.js");
+
+function makeConfig(overrides: Partial<GatewayConfig> = {}): GatewayConfig {
+  const merged: GatewayConfig = {
+    assistantRuntimeBaseUrl: "http://localhost:7821",
+    defaultAssistantId: undefined,
+    gatewayInternalBaseUrl: "http://127.0.0.1:7830",
+    logFile: { dir: undefined, retentionDays: 30 },
+    maxAttachmentBytes: 20971520,
+    maxAttachmentConcurrency: 3,
+    maxWebhookPayloadBytes: 1048576,
+    port: 7830,
+    routingEntries: [],
+    runtimeBearerToken: undefined,
+    runtimeGatewayOriginSecret: undefined,
+    runtimeInitialBackoffMs: 500,
+    runtimeMaxRetries: 2,
+    runtimeProxyBearerToken: undefined,
+    runtimeProxyEnabled: false,
+    runtimeProxyRequireAuth: false,
+    runtimeTimeoutMs: 30000,
+    shutdownDrainMs: 5000,
+    telegramApiBaseUrl: "https://api.telegram.org",
+    telegramBotToken: undefined,
+    telegramDeliverAuthBypass: false,
+    telegramInitialBackoffMs: 1000,
+    telegramMaxRetries: 3,
+    telegramTimeoutMs: 15000,
+    telegramWebhookSecret: undefined,
+    twilioAuthToken: undefined,
+    twilioAccountSid: undefined,
+    twilioPhoneNumber: undefined,
+    smsDeliverAuthBypass: false,
+    ingressPublicBaseUrl: undefined,
+    unmappedPolicy: "reject",
+    whatsappPhoneNumberId: undefined,
+    whatsappAccessToken: undefined,
+    whatsappAppSecret: undefined,
+    whatsappWebhookVerifyToken: undefined,
+    whatsappDeliverAuthBypass: false,
+    whatsappTimeoutMs: 15000,
+    whatsappMaxRetries: 3,
+    whatsappInitialBackoffMs: 1000,
+    slackChannelBotToken: "xoxb-test-bot-token",
+    slackChannelAppToken: undefined,
+    slackDeliverAuthBypass: true,
+    trustProxy: false,
+    ...overrides,
+  } as GatewayConfig;
+  if (merged.runtimeGatewayOriginSecret === undefined) {
+    merged.runtimeGatewayOriginSecret = merged.runtimeBearerToken;
+  }
+  return merged;
+}
+
+const TOKEN = "test-deliver-token";
+
+function makeRequest(
+  body: unknown,
+  headers?: Record<string, string>,
+  queryString = "",
+): Request {
+  return new Request(`http://localhost:7830/deliver/slack${queryString}`, {
+    method: "POST",
+    headers: { "content-type": "application/json", ...headers },
+    body: JSON.stringify(body),
+  });
+}
+
+let fetchCalls: { url: string; body?: unknown; headers?: Record<string, string> }[];
+
+beforeEach(() => {
+  fetchCalls = [];
+  fetchMock = mock(async (input: string | URL | Request, init?: RequestInit) => {
+    const url = typeof input === "string" ? input : input instanceof URL ? input.toString() : input.url;
+    let body: unknown;
+    try {
+      if (init?.body) body = JSON.parse(String(init.body));
+    } catch { /* not JSON */ }
+    const headers: Record<string, string> = {};
+    if (init?.headers) {
+      const h = init.headers;
+      if (h && typeof h === "object" && !Array.isArray(h)) {
+        for (const [k, v] of Object.entries(h)) {
+          headers[k.toLowerCase()] = v;
+        }
+      }
+    }
+    fetchCalls.push({ url, body, headers });
+
+    // Slack API response
+    if (url.includes("slack.com/api/chat.postMessage")) {
+      return new Response(JSON.stringify({ ok: true }), {
+        status: 200,
+        headers: { "content-type": "application/json" },
+      });
+    }
+    return new Response("Not found", { status: 404 });
+  });
+});
+
+describe("slack-deliver endpoint", () => {
+  test("returns 401 when auth is required and missing", async () => {
+    const handler = createSlackDeliverHandler(
+      makeConfig({ runtimeProxyBearerToken: TOKEN, slackDeliverAuthBypass: false }),
+    );
+    const req = makeRequest({ chatId: "C123", text: "hello" });
+    const res = await handler(req);
+    expect(res.status).toBe(401);
+    const body = await res.json();
+    expect(body.error).toBe("Unauthorized");
+  });
+
+  test("returns 200 with valid payload containing chatId and text", async () => {
+    const handler = createSlackDeliverHandler(makeConfig());
+    const req = makeRequest({ chatId: "C123", text: "hello" });
+    const res = await handler(req);
+    expect(res.status).toBe(200);
+    const body = await res.json();
+    expect(body.ok).toBe(true);
+
+    // Verify the Slack API was called with the correct payload
+    const slackCall = fetchCalls.find((c) => c.url.includes("chat.postMessage"));
+    expect(slackCall).toBeDefined();
+    expect((slackCall!.body as any).channel).toBe("C123");
+    expect((slackCall!.body as any).text).toBe("hello");
+  });
+
+  test("threadTs query param gets passed as thread_ts to Slack API", async () => {
+    const handler = createSlackDeliverHandler(makeConfig());
+    const req = makeRequest(
+      { chatId: "C123", text: "reply in thread" },
+      undefined,
+      "?threadTs=1700000000.000050",
+    );
+    const res = await handler(req);
+    expect(res.status).toBe(200);
+
+    const slackCall = fetchCalls.find((c) => c.url.includes("chat.postMessage"));
+    expect(slackCall).toBeDefined();
+    expect((slackCall!.body as any).thread_ts).toBe("1700000000.000050");
+  });
+
+  test("returns 400 when chatId/to is missing", async () => {
+    const handler = createSlackDeliverHandler(makeConfig());
+    const req = makeRequest({ text: "hello" });
+    const res = await handler(req);
+    expect(res.status).toBe(400);
+    const body = await res.json();
+    expect(body.error).toBe("chatId is required");
+  });
+
+  test("returns 400 with 'not supported' message when attachments are provided", async () => {
+    const handler = createSlackDeliverHandler(makeConfig());
+    const req = makeRequest({ chatId: "C123", text: "hello", attachments: [{ id: "att-1" }] });
+    const res = await handler(req);
+    expect(res.status).toBe(400);
+    const body = await res.json();
+    expect(body.error).toContain("not supported");
+  });
+
+  test("returns 503 when bot token is not configured", async () => {
+    const handler = createSlackDeliverHandler(
+      makeConfig({ slackChannelBotToken: undefined }),
+    );
+    const req = makeRequest({ chatId: "C123", text: "hello" });
+    const res = await handler(req);
+    expect(res.status).toBe(503);
+    const body = await res.json();
+    expect(body.error).toContain("not configured");
+  });
+
+  test("accepts 'to' as alias for chatId", async () => {
+    const handler = createSlackDeliverHandler(makeConfig());
+    const req = makeRequest({ to: "C_TO_CHAN", text: "hello" });
+    const res = await handler(req);
+    expect(res.status).toBe(200);
+
+    const slackCall = fetchCalls.find((c) => c.url.includes("chat.postMessage"));
+    expect(slackCall).toBeDefined();
+    expect((slackCall!.body as any).channel).toBe("C_TO_CHAN");
+  });
+
+  test("returns 400 when text is missing", async () => {
+    const handler = createSlackDeliverHandler(makeConfig());
+    const req = makeRequest({ chatId: "C123" });
+    const res = await handler(req);
+    expect(res.status).toBe(400);
+    const body = await res.json();
+    expect(body.error).toBe("text is required");
+  });
+
+  test("returns 400 for invalid JSON", async () => {
+    const handler = createSlackDeliverHandler(makeConfig());
+    const req = new Request("http://localhost:7830/deliver/slack", {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: "not-json",
+    });
+    const res = await handler(req);
+    expect(res.status).toBe(400);
+    const body = await res.json();
+    expect(body.error).toBe("Invalid JSON");
+  });
+
+  test("returns 405 for GET requests", async () => {
+    const handler = createSlackDeliverHandler(makeConfig());
+    const req = new Request("http://localhost:7830/deliver/slack", {
+      method: "GET",
+    });
+    const res = await handler(req);
+    expect(res.status).toBe(405);
+  });
+
+  test("sends Authorization header with bot token to Slack API", async () => {
+    const handler = createSlackDeliverHandler(
+      makeConfig({ slackChannelBotToken: "xoxb-my-secret-token" }),
+    );
+    const req = makeRequest({ chatId: "C123", text: "hello" });
+    await handler(req);
+
+    const slackCall = fetchCalls.find((c) => c.url.includes("chat.postMessage"));
+    expect(slackCall).toBeDefined();
+    expect(slackCall!.headers!["authorization"]).toBe("Bearer xoxb-my-secret-token");
+  });
+
+  test("returns 502 when Slack API returns ok: false", async () => {
+    fetchMock = mock(async () => {
+      return new Response(JSON.stringify({ ok: false, error: "channel_not_found" }), {
+        status: 200,
+        headers: { "content-type": "application/json" },
+      });
+    });
+
+    const handler = createSlackDeliverHandler(makeConfig());
+    const req = makeRequest({ chatId: "C123", text: "hello" });
+    const res = await handler(req);
+    expect(res.status).toBe(502);
+  });
+
+  test("does not include thread_ts when threadTs query param is absent", async () => {
+    const handler = createSlackDeliverHandler(makeConfig());
+    const req = makeRequest({ chatId: "C123", text: "hello" });
+    await handler(req);
+
+    const slackCall = fetchCalls.find((c) => c.url.includes("chat.postMessage"));
+    expect(slackCall).toBeDefined();
+    expect((slackCall!.body as any).thread_ts).toBeUndefined();
+  });
+});