@vellumai/vellum-gateway 0.7.2 → 0.7.3

package/src/http/routes/twilio-voice-webhook.ts

@@ -20,6 +20,7 @@ import {
   findPendingPhoneSession,
   gatherVerificationTwiml,
 } from "../../voice/verification.js";
+import { ContactStore } from "../../db/contact-store.js";
 
 const log = getLogger("twilio-voice-webhook");
 
@@ -29,6 +30,16 @@ const REJECT_TWIML =
 
 const TWIML_HEADERS = { "Content-Type": "text/xml" };
 
+/** Escapes XML special characters so contact display names are safe to embed in TwiML. */
+function escapeXml(str: string): string {
+  return str
+    .replace(/&/g, "&")
+    .replace(/</g, "&lt;")
+    .replace(/>/g, "&gt;")
+    .replace(/"/g, "&quot;")
+    .replace(/'/g, "&apos;");
+}
+
 export function createTwilioVoiceWebhookHandler(
   config: GatewayConfig,
   caches?: TwilioValidationCaches & { configFile?: ConfigFileCache },
@@ -123,6 +134,48 @@ export function createTwilioVoiceWebhookHandler(
           "Failed to check pending verification session — falling through to assistant",
         );
       }
+
+      // ── Known-but-unverified caller guidance ─────────────────────────────
+      // If the caller's number is registered under a contact's phone channel
+      // but has not yet passed DTMF verification, intercept with a helpful
+      // message rather than letting the runtime treat them as an unknown caller.
+      if (params.From) {
+        try {
+          const callerRecord = new ContactStore().getContactByPhoneNumber(
+            params.From,
+          );
+          // Only intercept genuinely unverified channels — not blocked ones.
+          // A blocked caller should fall through to the runtime's deny path
+          // rather than hearing a helpful verification script (which would
+          // both leak the contact name and weaken block semantics).
+          // The display name is intentionally included: the caller registered
+          // this number themselves, so disclosing their own name is expected.
+          const unverifiedStatuses = new Set(["unverified", "pending"]);
+          if (callerRecord && unverifiedStatuses.has(callerRecord.channel.status)) {
+            log.info(
+              {
+                callSid: params.CallSid,
+                contactId: callerRecord.contact.id,
+                channelStatus: callerRecord.channel.status,
+              },
+              "Known-but-unverified caller — returning verification guidance TwiML",
+            );
+            const name = escapeXml(callerRecord.contact.displayName);
+            const twiml =
+              `<?xml version="1.0" encoding="UTF-8"?><Response>` +
+              `<Say>This number is registered as ${name}'s phone but has not been verified yet. ` +
+              `To verify, open your assistant's contacts page, click Verify next to the phone channel, ` +
+              `and follow the prompts. Then call back once the verification session is active.</Say>` +
+              `</Response>`;
+            return new Response(twiml, { status: 200, headers: TWIML_HEADERS });
+          }
+        } catch (err) {
+          log.warn(
+            { err, callSid: params.CallSid },
+            "Failed to check unverified caller — falling through to assistant",
+          );
+        }
+      }
     }
 
     try {

package/src/index.ts

@@ -166,6 +166,7 @@ import { featureFlagRoutes } from "./ipc/feature-flag-handlers.js";
 import { thresholdRoutes } from "./ipc/threshold-handlers.js";
 
 import { riskClassificationRoutes } from "./ipc/risk-classification-handlers.js";
+import { createVelayRoutes } from "./ipc/velay-handlers.js";
 import { refreshRouteSchema } from "./ipc/route-schema-cache.js";
 import { AvatarChannelSyncer } from "./avatar-sync/avatar-channel-syncer.js";
 import { AvatarSyncWatcher } from "./avatar-sync/avatar-sync-watcher.js";
@@ -673,8 +674,8 @@ async function main() {
       path: /^\/v1\/contacts\/(?!invites$)([^/]+)$/,
       method: "DELETE",
       auth: "edge",
-      handler: (req, params) =>
-        contactsControlPlaneProxy.handleDeleteContact(req, params[0]),
+      handler: (_req, params) =>
+        contactsControlPlaneProxy.handleDeleteContact(params[0]),
     },
     {
       path: /^\/v1\/contacts\/([^/]+)$/,
@@ -2037,6 +2038,7 @@ async function main() {
     ...contactRoutes,
     ...thresholdRoutes,
     ...riskClassificationRoutes,
+    ...createVelayRoutes(velayTunnelClient),
   ]);
   ipcServer.start();
 

package/src/ipc/velay-handlers.ts

@@ -0,0 +1,31 @@
+/**
+ * IPC route definitions for Velay tunnel status.
+ *
+ * Exports a factory that takes the optional VelayTunnelClient and returns
+ * a single `get_velay_status` IPC route. Returns disconnected/null when no
+ * client is configured (e.g. VELAY_BASE_URL not set).
+ */
+
+import type { VelayTunnelClient } from "../velay/client.js";
+import type { IpcRoute } from "./server.js";
+
+export interface VelayStatus {
+  connected: boolean;
+  publicUrl: string | null;
+}
+
+export function createVelayRoutes(
+  velayTunnelClient: VelayTunnelClient | undefined,
+): IpcRoute[] {
+  return [
+    {
+      method: "get_velay_status",
+      handler: (): VelayStatus => {
+        if (!velayTunnelClient) {
+          return { connected: false, publicUrl: null };
+        }
+        return velayTunnelClient.getStatus();
+      },
+    },
+  ];
+}

package/src/remote-feature-flag-sync.ts

@@ -311,23 +311,25 @@ export class RemoteFeatureFlagSync {
       return { status: "error" };
     }
 
-    // Fall back to env vars when credential cache values are missing.
+    // Fall back to env vars when managed pod credentials are not yet cached.
     const platformUrl = (
       platformUrlRaw?.trim() ||
       process.env.VELLUM_PLATFORM_URL?.trim() ||
       ""
     ).replace(/\/+$/, "");
 
-    // Feature flag sync hits the public platform API (/v1/feature-flags/assistant-flag-values/),
-    // which requires Api-Key auth. PLATFORM_INTERNAL_API_KEY is only valid
-    // for internal gateway endpoints and would produce 401s here.
-    const assistantApiKey = assistantApiKeyRaw?.trim() || undefined;
+    // Feature flag sync hits the public platform API and requires assistant
+    // API key auth.
+    const assistantCredential =
+      assistantApiKeyRaw?.trim() ||
+      process.env.ASSISTANT_API_KEY?.trim() ||
+      undefined;
 
-    if (!platformUrl || !assistantApiKey) {
+    if (!platformUrl || !assistantCredential) {
       log.debug(
         {
           hasPlatformUrl: !!platformUrl,
-          hasApiKey: !!assistantApiKey,
+          hasApiKey: !!assistantCredential,
         },
         "Remote feature flag sync skipped: missing credentials",
       );
@@ -340,7 +342,7 @@ export class RemoteFeatureFlagSync {
     const response = await fetchImpl(url, {
       method: "GET",
       headers: {
-        Authorization: `Api-Key ${assistantApiKey}`,
+        Authorization: `Api-Key ${assistantCredential}`,
         Accept: "application/json",
       },
       signal: AbortSignal.timeout(10_000),

package/src/risk/command-registry/commands/assistant.ts

@@ -204,6 +204,7 @@ const ASSISTANT_SUPPORTED_COMMAND_PATHS = [
   "skills install",
   "skills uninstall",
   "skills add",
+  "status",
   "stt",
   "stt transcribe",
   "task",

package/src/risk/skill-risk-classifier.ts

@@ -176,10 +176,18 @@ export class SkillLoadRiskClassifier implements RiskClassifier<SkillClassifierIn
     let assessment: RiskAssessment;
 
     switch (toolName) {
-      case "skill_load":
+      case "skill_load": {
+        // Skills with inline command expansions execute shell commands at load
+        // time via child_process.spawn, bypassing the normal bash-tool
+        // permission pipeline. Elevate to medium so the default auto-approve
+        // threshold (low) requires an explicit prompt instead of silently
+        // running embedded commands.
+        const hasExpansions = resolvedMetadata?.hasInlineExpansions === true;
         assessment = {
-          riskLevel: "low",
-          reason: "Skill load (default)",
+          riskLevel: hasExpansions ? "medium" : "low",
+          reason: hasExpansions
+            ? "Skill load with inline command expansions (executes shell commands at load time)"
+            : "Skill load (default)",
           scopeOptions: [],
           matchType: "registry",
           allowlistOptions: buildSkillLoadAllowlistOptions(
@@ -188,6 +196,7 @@ export class SkillLoadRiskClassifier implements RiskClassifier<SkillClassifierIn
           ),
         };
         break;
+      }
       case "scaffold_managed_skill":
         assessment = {
           riskLevel: "high",

package/src/runtime/client.ts

@@ -219,6 +219,17 @@ export type RuntimeInboundResponse = {
   };
   /** When true, the runtime denied the inbound message (e.g. ACL rejection). */
   denied?: boolean;
+  /**
+   * When a guardian approved an inbound voice access request, the contact that
+   * should be activated. The gateway writes the dual-write on behalf of the
+   * runtime so the assistant never triggers contact writes via IPC.
+   */
+  activatedContact?: {
+    sourceChannel: string;
+    externalUserId: string;
+    externalChatId?: string;
+    displayName?: string;
+  };
   /**
    * A user-facing rejection message that the runtime could not deliver via
    * the callback URL (e.g. due to auth failure). When present, the gateway
@@ -503,11 +514,10 @@ const TWILIO_RELAY_TOKEN_PLACEHOLDER = "__VELLUM_RELAY_TOKEN__";
  * Resolve the public base URL as a WebSocket URL (`wss://…`).
  *
  * Sources (in priority order):
- * 1. `VELAY_BASE_URL` — present on platform-hosted gateway sidecars.
- *    When Velay is the tunnel provider, Twilio WebSocket connections
- *    are routed through the Velay service URL.
- * 2. `ingress.publicBaseUrl` from the config file — written by Velay
- *    on tunnel registration, or set manually for self-hosted.
+ * 1. `ingress.publicBaseUrl` from the config file — written by Velay
+ *    after tunnel registration, or set manually for self-hosted.
+ * 2. `VELAY_BASE_URL` + platform assistant ID — fallback for platform
+ *    sidecars before the config cache has observed the registered URL.
  *
  * Returns `undefined` when no source provides a value — the placeholder
  * will remain in TwiML and Twilio will fail to connect, which is the
@@ -518,16 +528,19 @@ export function resolvePublicBaseWssUrl(
   configFile?: ConfigFileCache,
   platformAssistantId?: string,
 ): string | undefined {
+  const raw = configFile?.getString("ingress", "publicBaseUrl");
+  const normalized = normalizePublicBaseUrl(raw);
+  if (normalized) return normalized.replace(/^http(s?)/, "ws$1");
+
   if (config.velayBaseUrl && platformAssistantId) {
     const withPath =
       config.velayBaseUrl.replace(/\/+$/, "") + "/" + platformAssistantId;
-    const normalized = normalizePublicBaseUrl(withPath);
-    if (normalized) return normalized.replace(/^http(s?)/, "ws$1");
+    const normalizedVelayUrl = normalizePublicBaseUrl(withPath);
+    if (normalizedVelayUrl) {
+      return normalizedVelayUrl.replace(/^http(s?)/, "ws$1");
+    }
   }
-  const raw = configFile?.getString("ingress", "publicBaseUrl");
-  const normalized = normalizePublicBaseUrl(raw);
-  if (!normalized) return undefined;
-  return normalized.replace(/^http(s?)/, "ws$1");
+  return undefined;
 }
 
 /**
@@ -597,7 +610,7 @@ export async function forwardTwilioVoiceWebhook(
     } else {
       log.error(
         "TwiML contains public URL placeholder but no public base URL is configured. " +
-          "Twilio will fail to connect. Set VELAY_BASE_URL or ingress.publicBaseUrl.",
+          "Twilio will fail to connect. Wait for Velay tunnel registration or set ingress.publicBaseUrl.",
       );
     }
   }

package/src/slack/normalize.test.ts

@@ -802,7 +802,7 @@ describe("attachment extraction in normalize functions", () => {
         expect(result!.slackFiles).toBeDefined();
       });
 
-      it("normalizes channel file_share mentions after stripping only the bot mention", () => {
+      it("normalizes channel file_share mentions and renders the bot mention", () => {
         const config = makeConfig();
         const event = makeChannelEvent({
           subtype: "file_share",
@@ -821,11 +821,11 @@ describe("attachment extraction in normalize functions", () => {
           config,
           "UBOT",
           undefined,
-          { userLabels: { ULEO: "leo" } },
+          { userLabels: { UBOT: "vex", ULEO: "leo" } },
         );
 
         expect(result).not.toBeNull();
-        expect(result!.event.message.content).toBe("@leo shared this");
+        expect(result!.event.message.content).toBe("@vex @leo shared this");
         expect(result!.event.message.content).not.toContain("ULEO");
         expect(result!.event.message.attachments).toHaveLength(1);
         expect(result!.event.message.attachments![0]).toEqual({

package/src/slack/normalize.ts

@@ -1,8 +1,4 @@
-import {
-  renderSlackTextForModel,
-  stripLeadingSlackMentionFallback,
-  stripLeadingSlackUserMention,
-} from "@vellumai/slack-text";
+import { renderSlackTextForModel } from "@vellumai/slack-text";
 import type { GatewayConfig } from "../config.js";
 import { fetchImpl } from "../fetch.js";
 import { resolveAssistant, isRejection } from "../routing/resolve-assistant.js";
@@ -281,56 +277,18 @@ export interface SlackMessageDeletedEvent {
 }
 
 export type SlackTextRenderContext = {
-  botUserId?: string;
   userLabels?: Record<string, string>;
 };
 
-/**
- * Strip leading bot-mention tokens from Slack message text.
- *
- * When the bot user ID is known, only that exact mention is stripped. Without a
- * bot user ID, strip just one leading mention as an app_mention compatibility
- * fallback.
- */
-export function stripBotMention(text: string, botUserId?: string): string {
-  const stripped = botUserId
-    ? stripLeadingSlackUserMention(text, botUserId)
-    : stripLeadingSlackMentionFallback(text);
-  return stripped.trim() || text.trim();
-}
-
 function renderSlackInboundText(
   text: string,
   context: SlackTextRenderContext = {},
-  options: {
-    stripLeadingBotMention?: boolean;
-    fallbackStripFirstMention?: boolean;
-  } = {},
 ): string {
-  let stripped = text;
-  if (options.stripLeadingBotMention) {
-    stripped = context.botUserId
-      ? stripBotMention(text, context.botUserId)
-      : options.fallbackStripFirstMention
-        ? stripBotMention(text)
-        : text.trim();
-  }
-
-  return renderSlackTextForModel(stripped, {
+  return renderSlackTextForModel(text, {
     userLabels: context.userLabels,
   });
 }
 
-function withBotUserId(
-  botUserId: string | undefined,
-  context: SlackTextRenderContext | undefined,
-): SlackTextRenderContext {
-  return {
-    ...context,
-    botUserId: context?.botUserId ?? botUserId,
-  };
-}
-
 function extractSlackAttachments(files: SlackFile[] | undefined): Array<{
   type: "image" | "document";
   fileId: string;
@@ -426,10 +384,7 @@ export function normalizeSlackDirectMessage(
     botToken && event.user
       ? resolveSlackUserSync(event.user, botToken)
       : undefined;
-  const content = renderSlackInboundText(
-    event.text,
-    withBotUserId(botUserId, renderContext),
-  );
+  const content = renderSlackInboundText(event.text, renderContext);
 
   return {
     event: {
@@ -487,11 +442,7 @@ export function normalizeSlackChannelMessage(
   const routing = resolveAssistant(config, event.channel, event.user);
   if (isRejection(routing)) return null;
 
-  const content = renderSlackInboundText(
-    event.text,
-    withBotUserId(botUserId, renderContext),
-    { stripLeadingBotMention: true, fallbackStripFirstMention: true },
-  );
+  const content = renderSlackInboundText(event.text, renderContext);
   const externalMessageId =
     event.client_msg_id ?? event.ts ?? `${event.channel}:${event.ts}`;
 
@@ -556,14 +507,7 @@ export function normalizeSlackAppMention(
     return null;
   }
 
-  const content = renderSlackInboundText(
-    event.text,
-    withBotUserId(botUserId, renderContext),
-    {
-      stripLeadingBotMention: true,
-      fallbackStripFirstMention: true,
-    },
-  );
+  const content = renderSlackInboundText(event.text, renderContext);
   const externalMessageId =
     event.client_msg_id ?? event.ts ?? `${event.channel}:${event.ts}`;
 
@@ -876,14 +820,7 @@ export function normalizeSlackMessageEdit(
   }
   if (isRejection(routing)) return null;
 
-  const content = renderSlackInboundText(
-    edited.text,
-    withBotUserId(botUserId, renderContext),
-    {
-      stripLeadingBotMention: true,
-      fallbackStripFirstMention: !botUserId,
-    },
-  );
+  const content = renderSlackInboundText(edited.text, renderContext);
 
   // Each edit event gets a unique externalMessageId so the dedup pipeline
   // does not discard subsequent edits of the same Slack message.

package/src/slack/socket-mode.ts

@@ -762,7 +762,6 @@ export class SlackSocketModeClient {
         if (!userInfo) return undefined;
         return userInfo.displayName || userInfo.username;
       },
-      { ignoredUserIds: [this.config.botUserId] },
     );
   }
 
@@ -876,10 +875,7 @@ export class SlackSocketModeClient {
   ): Promise<void> {
     const text = this.extractTextBearingContent(event);
     const userLabels = text ? await this.resolveMentionLabelsForText(text) : {};
-    const renderContext = {
-      botUserId: this.config.botUserId,
-      userLabels,
-    };
+    const renderContext = { userLabels };
 
     let normalized: NormalizedSlackEvent | null;
     if (isReactionAdded) {

package/src/telegram/webhook-manager.ts

@@ -31,7 +31,6 @@ interface PlatformCallbackRouteResponse {
 async function registerManagedTelegramCallbackRoute(
   caches?: WebhookManagerCaches,
 ): Promise<string | undefined> {
-  // Read from credential cache when available
   const [platformBaseUrlRaw, assistantApiKeyRaw, assistantIdRaw] =
     caches?.credentials
       ? await Promise.all([
@@ -43,29 +42,26 @@ async function registerManagedTelegramCallbackRoute(
         ])
       : [undefined, undefined, undefined];
 
-  // Fall back to env vars when credential cache values are missing, matching
-  // the daemon's resolvePlatformCallbackRegistrationContext() behaviour.
+  // Fall back to env vars when managed pod credentials are not yet cached,
+  // matching the daemon's resolvePlatformCallbackRegistrationContext().
   const platformBaseUrl = (
     platformBaseUrlRaw?.trim() ||
     process.env.VELLUM_PLATFORM_URL?.trim() ||
     ""
   ).replace(/\/+$/, "");
 
-  const platformInternalApiKey =
-    process.env.PLATFORM_INTERNAL_API_KEY?.trim() || undefined;
-  const assistantApiKey = !platformInternalApiKey
-    ? assistantApiKeyRaw?.trim() || undefined
-    : undefined;
-  const authToken = platformInternalApiKey || assistantApiKey;
-  const authScheme = platformInternalApiKey ? "Bearer" : "Api-Key";
+  const assistantCredential =
+    assistantApiKeyRaw?.trim() ||
+    process.env.ASSISTANT_API_KEY?.trim() ||
+    undefined;
 
   const assistantId = assistantIdRaw?.trim() || undefined;
 
-  if (!platformBaseUrl || !authToken || !assistantId) {
+  if (!platformBaseUrl || !assistantCredential || !assistantId) {
     log.debug(
       {
         hasPlatformBaseUrl: !!platformBaseUrl,
-        hasApiKey: !!authToken,
+        hasApiKey: !!assistantCredential,
         hasAssistantId: !!assistantId,
       },
       "Managed Telegram callback route registration unavailable",
@@ -95,7 +91,7 @@ async function registerManagedTelegramCallbackRoute(
     {
       method: "POST",
       headers: {
-        Authorization: `${authScheme} ${authToken}`,
+        Authorization: `Api-Key ${assistantCredential}`,
         "Content-Type": "application/json",
       },
       body: JSON.stringify({

package/src/velay/client.ts

@@ -76,7 +76,7 @@ export class VelayTunnelClient {
   private connecting = false;
   private reconnectAttempt = 0;
   private reconnectTimer: unknown = null;
-  private publishedTwilioPublicBaseUrl: string | undefined;
+  private publishedPublicBaseUrl: string | undefined;
   private unsubscribeConfigInvalidation: (() => void) | undefined;
 
   constructor(private readonly options: VelayTunnelClientOptions) {
@@ -97,6 +97,17 @@ export class VelayTunnelClient {
     this.timerApi = options.timerApi ?? defaultTimerApi;
   }
 
+  getStatus(): { connected: boolean; publicUrl: string | null } {
+    const connected =
+      this.ws !== null &&
+      this.ws.readyState === WebSocket.OPEN &&
+      this.publishedPublicBaseUrl !== undefined;
+    return {
+      connected,
+      publicUrl: this.publishedPublicBaseUrl ?? null,
+    };
+  }
+
   start(): void {
     if (this.running) return;
     this.running = true;
@@ -124,7 +135,7 @@ export class VelayTunnelClient {
     const ws = this.ws;
     this.ws = null;
     this.webSocketBridge.closeAll();
-    await this.clearPublishedTwilioPublicBaseUrl();
+    await this.clearPublishedPublicBaseUrl();
     if (ws) {
       closeWebSocket(ws, 1000, "gateway shutdown");
     }
@@ -141,7 +152,7 @@ export class VelayTunnelClient {
 
     if (this.isPublicIngressDisabled()) {
       this.connecting = false;
-      await this.clearPublishedTwilioPublicBaseUrl();
+      await this.clearPublishedPublicBaseUrl();
       log.info("Velay tunnel waiting because public ingress is disabled");
       this.scheduleReconnect();
       return;
@@ -286,7 +297,7 @@ export class VelayTunnelClient {
     if (!publicUrl) {
       log.error(
         { publicUrl: frame.public_url },
-        "Velay registered invalid Twilio public URL",
+        "Velay registered invalid public URL",
       );
       this.disconnectActiveWebSocket(
         originWs,
@@ -299,14 +310,14 @@ export class VelayTunnelClient {
     if (this.isPublicIngressDisabled()) {
       log.info(
         { publicUrl },
-        "Skipping Velay Twilio public URL publish because public ingress is disabled",
+        "Skipping Velay public URL publish because public ingress is disabled",
       );
       this.disconnectActiveWebSocket(originWs, 1000, "public ingress disabled");
       return;
     }
 
     await writeManagedPublicBaseUrl(publicUrl, this.options.configFile);
-    this.publishedTwilioPublicBaseUrl = publicUrl;
+    this.publishedPublicBaseUrl = publicUrl;
     this.reconnectAttempt = 0;
     log.info({ publicUrl }, "Velay tunnel registered");
   }
@@ -332,7 +343,7 @@ export class VelayTunnelClient {
       { code: event.code, reason: event.reason },
       "Velay tunnel disconnected",
     );
-    this.clearPublishedTwilioPublicBaseUrlThenReconnect();
+    this.clearPublishedPublicBaseUrlThenReconnect();
   }
 
   private disconnectActiveWebSocket(
@@ -345,24 +356,24 @@ export class VelayTunnelClient {
     this.connecting = false;
     this.webSocketBridge.closeAll();
     closeWebSocket(ws, code, reason);
-    this.clearPublishedTwilioPublicBaseUrlThenReconnect();
+    this.clearPublishedPublicBaseUrlThenReconnect();
   }
 
-  private async clearPublishedTwilioPublicBaseUrl(): Promise<void> {
-    const publicUrl = this.publishedTwilioPublicBaseUrl;
+  private async clearPublishedPublicBaseUrl(): Promise<void> {
+    const publicUrl = this.publishedPublicBaseUrl;
     if (!publicUrl) return;
-    this.publishedTwilioPublicBaseUrl = undefined;
+    this.publishedPublicBaseUrl = undefined;
     try {
       await clearManagedPublicBaseUrl(this.options.configFile, publicUrl);
     } catch (err) {
-      log.error({ err }, "Failed to clear Velay Twilio public URL");
+      log.error({ err }, "Failed to clear Velay public URL");
     }
   }
 
-  private clearPublishedTwilioPublicBaseUrlThenReconnect(): void {
-    void this.clearPublishedTwilioPublicBaseUrl()
+  private clearPublishedPublicBaseUrlThenReconnect(): void {
+    void this.clearPublishedPublicBaseUrl()
       .catch((err) => {
-        log.error({ err }, "Failed to clear Velay Twilio public URL");
+        log.error({ err }, "Failed to clear Velay public URL");
       })
       .finally(() => {
         this.scheduleReconnect();
@@ -430,7 +441,7 @@ export function createVelayTunnelClient(
       );
     }
     void clearManagedPublicBaseUrl(deps.configFile).catch((err) => {
-      log.error({ err }, "Failed to clear disabled Velay Twilio public URL");
+      log.error({ err }, "Failed to clear disabled Velay public URL");
     });
     return undefined;
   }

package/src/verification/contact-helpers.ts

@@ -111,9 +111,12 @@ export async function upsertVerifiedContactChannel(params: {
   if (existing.length > 0) {
     const row = existing[0];
 
-    // Don't overwrite blocked channels
-    if (row.channelStatus === "blocked") {
-      log.warn({ sourceChannel, address }, "Skipping upsert: channel is blocked");
+    // Don't overwrite blocked or revoked channels.
+    if (row.channelStatus === "blocked" || row.channelStatus === "revoked") {
+      log.warn(
+        { sourceChannel, address, status: row.channelStatus },
+        "Skipping upsert: channel is blocked or revoked",
+      );
       return;
     }