@wagemule/daemon 0.1.3 → 0.1.4

package/README.md

@@ -7,7 +7,7 @@ Wage Mule local daemon connects local agent runtimes to a Workspace Server.
 Use the command shown in the Wage Mule Web machine page. It pins the daemon version and includes the pairing token for the current space:
 
 ```bash
-npx -y @wagemule/daemon@0.1.3 start --server-url "https://your-server" --api-key "daemon_xxx"
+npx -y @wagemule/daemon@0.1.4 start --server-url "https://your-server" --api-key "daemon_xxx"
 ```
 
 The v0.1 daemon runs in the foreground. Keep the terminal open while the machine should stay online.
@@ -26,7 +26,7 @@ wm-daemon start --server-url "https://your-server" --api-key "daemon_xxx"
 
 ## Feishu delegation
 
-The npm package depends on the official `@larksuite/cli`, so `npx -y @wagemule/daemon@0.1.3 ...` also installs the `lark-cli` binary. When a platform human enables Feishu delegation for an agent, the daemon injects the official Lark/Feishu CLI skills into that agent workspace and writes a local `.wm/lark-cli` wrapper.
+The npm package depends on the official `@larksuite/cli`, so `npx -y @wagemule/daemon@0.1.4 ...` also installs the `lark-cli` binary. When a platform human enables Feishu delegation for an agent, the daemon injects the official Lark/Feishu CLI skills into that agent workspace and writes a local `.wm/lark-cli` wrapper.
 
 The wrapper reads the delegated user token from `.wm/feishu/token` at runtime and sets `LARKSUITE_CLI_APP_ID`, `LARKSUITE_CLI_USER_ACCESS_TOKEN`, `LARKSUITE_CLI_DEFAULT_AS=user`, `LARKSUITE_CLI_STRICT_MODE=user`, and `LARKSUITE_CLI_BRAND=feishu`. The token is not embedded in the wrapper. If the token is missing or cleared, `lark-cli` exits with `Feishu token unavailable`.
 

package/dist/main.cjs

@@ -612,7 +612,18 @@ ${userPrompt}`;
   }
   async handleServerRequest(request) {
     if (request.method === "session/request_permission") {
-      return permissionOutcome(selectPermissionOption(request.params, this.activePermissionMode === "full_access"));
+      const runInput = this.activePrompt?.runInput ?? this.startInput;
+      if (this.activePermissionMode === "full_access") {
+        return permissionOutcome(selectPermissionOption(request.params, true));
+      }
+      if (!runInput?.requestPermission) return permissionOutcome(selectPermissionOption(request.params, false));
+      const decision = await runInput.requestPermission({
+        kind: "session",
+        title: "Runtime permission requested",
+        description: summarizeAcpPermissionParams(request.params),
+        metadata: { method: request.method, params: request.params }
+      });
+      return permissionOutcome(selectPermissionOption(request.params, decision.action === "approve"));
     }
     return {};
   }
@@ -720,6 +731,14 @@ function emit(events, input, event) {
   events.push(event);
   input.onEvent?.(event);
 }
+function summarizeAcpPermissionParams(params) {
+  if (!params || typeof params !== "object") return "Runtime requested permission.";
+  const record = params;
+  const reason = typeof record.reason === "string" ? record.reason : void 0;
+  const title = typeof record.title === "string" ? record.title : void 0;
+  const command = typeof record.command === "string" ? record.command : void 0;
+  return [title, command, reason].filter(Boolean).join("\n") || JSON.stringify(record).slice(0, 500);
+}
 function modelArgs(args, model, enabled = true) {
   if (!enabled || !model || model === "default") return args;
   return [...args, "--model", model];
@@ -1509,15 +1528,41 @@ var CodexAdapter = class {
     }
   }
   async handleServerRequest(request) {
-    if (request.method === "item/fileChange/requestApproval") {
+    const runInput = this.activeTurn?.runInput ?? (this.startInput ? this.startInputAsRunInput("") : void 0);
+    if (runInput?.permissionMode === "full_access" || !runInput?.requestPermission) {
+      if (request.method === "item/fileChange/requestApproval") return { decision: "accept" };
+      if (request.method === "item/permissions/requestApproval") return { permissions: {}, scope: "turn" };
       return { decision: "accept" };
     }
+    if (request.method === "item/fileChange/requestApproval") {
+      const decision = await runInput.requestPermission({
+        kind: "file_change",
+        title: "File change approval requested",
+        description: summarizePermissionParams(request.params),
+        metadata: { method: request.method, params: request.params }
+      });
+      return { decision: decision.action === "approve" ? "accept" : "reject" };
+    }
     if (request.method === "item/permissions/requestApproval") {
-      return { permissions: {}, scope: "turn" };
+      const decision = await runInput.requestPermission({
+        kind: "permission",
+        title: "Command permission requested",
+        description: summarizePermissionParams(request.params),
+        metadata: { method: request.method, params: request.params }
+      });
+      return decision.action === "approve" ? { permissions: {}, scope: "turn" } : { permissions: null, scope: "turn" };
     }
     return { decision: "accept" };
   }
 };
+function summarizePermissionParams(params) {
+  if (!params || typeof params !== "object") return "Runtime requested permission.";
+  const record = params;
+  const command = typeof record.command === "string" ? record.command : void 0;
+  const path14 = typeof record.path === "string" ? record.path : void 0;
+  const reason = typeof record.reason === "string" ? record.reason : void 0;
+  return [command, path14, reason].filter(Boolean).join("\n") || JSON.stringify(record).slice(0, 500);
+}
 function codexPermissionOptions(permissionMode) {
   if (permissionMode === "full_access") {
     return { approvalPolicy: "never", sandbox: "danger-full-access" };
@@ -2608,7 +2653,7 @@ if (fs.existsSync(envPath)) {
 
 const args = process.argv.slice(2);
 const [group, command] = args;
-const help = "Available commands: wm auth whoami; wm message send/check/read/search; wm dm send; wm server info; wm channel members; wm member find; wm task list/claim/unclaim/update/create; wm attachment upload/view; wm profile show/update; wm reminder schedule/list/snooze/update/cancel";
+const help = "Available commands: wm auth whoami; wm message send/check/read/search; wm dm send; wm server info; wm channel members; wm member find; wm task list/claim/unclaim/update/create; wm attachment upload/view; wm profile show/update; wm reminder schedule/list/snooze/update/cancel; wm inbox feishu-draft create/sent/failed";
 
 function valueAfter(name) {
   const index = args.indexOf(name);
@@ -2620,7 +2665,7 @@ function hasFlag(name) {
 }
 
 function positionalText() {
-  const knownOptions = new Set(["--target", "--channel", "--text", "--content", "--attachment-ids", "--query", "--q", "--around", "--status", "--id", "--task-id", "--title", "--description", "--file", "--at", "--every", "--role", "--instructions", "--body", "--to-agent-id", "--timeout", "--feishu-open-id", "--open-id"]);
+  const knownOptions = new Set(["--target", "--channel", "--text", "--content", "--attachment-ids", "--query", "--q", "--around", "--status", "--id", "--task-id", "--title", "--description", "--file", "--at", "--every", "--role", "--instructions", "--body", "--to-agent-id", "--timeout", "--feishu-open-id", "--open-id", "--delegation-id", "--human-id", "--feishu-message-id", "--chat-id", "--sender-name", "--sender-open-id", "--original-text", "--draft-text", "--risk", "--message-id", "--error"]);
   const values = [];
   for (let index = 2; index < args.length; index++) {
     const arg = args[index];
@@ -2755,6 +2800,11 @@ function formatMemberFind(payload) {
   return lines.join("\\n");
 }
 
+function formatInboxDraft(payload, fallback) {
+  const item = payload.item || {};
+  return \`\${fallback}: \${item.id || "unknown"} status=\${item.status || "unknown"}\`;
+}
+
 async function main() {
   const agentId = process.env.WM_AGENT_ID || process.env.WM_DAEMON_AGENT_ID;
   if (group === "auth" && command === "whoami") {
@@ -2845,6 +2895,43 @@ async function main() {
     printResult(payload, formatMemberFind(payload));
     return;
   }
+  if (group === "inbox" && command === "feishu-draft") {
+    const action = args[2];
+    if (action === "create") {
+      const draftText = (valueAfter("--draft-text") || await stdin()).trim();
+      const payload = await request("POST", \`/internal/agent/\${agentId}/inbox/feishu-draft\`, {
+        delegation_id: valueAfter("--delegation-id"),
+        human_id: valueAfter("--human-id"),
+        feishu_message_id: valueAfter("--feishu-message-id"),
+        chat_id: valueAfter("--chat-id"),
+        sender_name: valueAfter("--sender-name"),
+        sender_open_id: valueAfter("--sender-open-id"),
+        original_text: valueAfter("--original-text"),
+        draft_text: draftText,
+        risk: valueAfter("--risk"),
+      });
+      printResult(payload, formatInboxDraft(payload, "Feishu draft created"));
+      return;
+    }
+    if (action === "sent") {
+      const inboxId = valueAfter("--id");
+      if (!inboxId) throw new Error("--id is required");
+      const payload = await request("POST", \`/internal/agent/\${agentId}/inbox/feishu-draft/\${encodeURIComponent(inboxId)}/sent\`, {
+        message_id: valueAfter("--message-id"),
+      });
+      printResult(payload, formatInboxDraft(payload, "Feishu draft sent"));
+      return;
+    }
+    if (action === "failed") {
+      const inboxId = valueAfter("--id");
+      if (!inboxId) throw new Error("--id is required");
+      const error = (valueAfter("--error") || await stdin()).trim();
+      if (!error) throw new Error("--error is required");
+      const payload = await request("POST", \`/internal/agent/\${agentId}/inbox/feishu-draft/\${encodeURIComponent(inboxId)}/failed\`, { error });
+      printResult(payload, formatInboxDraft(payload, "Feishu draft failed"));
+      return;
+    }
+  }
   if (group === "task" && command === "list") {
     const status = valueAfter("--status");
     const suffix = status ? \`?status=\${encodeURIComponent(status)}\` : "";
@@ -3801,7 +3888,7 @@ var import_ws = __toESM(require("ws"));
 // package.json
 var package_default = {
   name: "@wagemule/daemon",
-  version: "0.1.3",
+  version: "0.1.4",
   private: false,
   description: "Wage Mule local daemon for connecting local agent runtimes to Workspace Server.",
   main: "./dist/main.cjs",
@@ -4891,6 +4978,7 @@ var AgentProcessManager = class {
   stoppedLaunches = /* @__PURE__ */ new Set();
   lastActivities = /* @__PURE__ */ new Map();
   pendingMigrations = /* @__PURE__ */ new Map();
+  pendingPermissions = /* @__PURE__ */ new Map();
   fakeRuntimeChildren = /* @__PURE__ */ new Map();
   feishuDelegationTimers = /* @__PURE__ */ new Map();
   modelDetector;
@@ -4984,6 +5072,8 @@ var AgentProcessManager = class {
       this.reminderCache.snapshot(message.agentId, message.reminders);
     } else if (message.type === "agent:runtime_profile:migration") {
       this.pendingMigrations.set(message.agentId, message.migrationKey);
+    } else if (message.type === "agent:permission_decision") {
+      this.resolvePermissionDecision(message.agentId, message.requestId, message.action, message.metadata);
     }
   }
   startFeishuDelegationSchedule(delegation, config) {
@@ -4994,6 +5084,7 @@ var AgentProcessManager = class {
     });
     if (!delegation.enabled) return;
     const intervalMs = Math.max(6e4, delegation.interval_seconds * 1e3);
+    const lookbackMinutes = Math.min(60, Math.max(10, Math.ceil(delegation.interval_seconds * 2 / 60)));
     const timer = setInterval(() => {
       const wakeMessage = {
         target: "feishu:delegation",
@@ -5006,14 +5097,18 @@ var AgentProcessManager = class {
           "Feishu delegation tick.",
           `Human ID: ${delegation.human_id}`,
           `Delegation ID: ${delegation.id}`,
-          "Refresh the Feishu token file if needed, then use the lark skill to check pending Feishu messages.",
-          "Classify messages, handle safe requests, and escalate uncertain or high-risk requests through wm dm send --wait-for-reply."
+          `Read Feishu messages from the last ${lookbackMinutes} minutes only. Never send, reply, react, or mutate Feishu during this tick.`,
+          "For each new inbound Feishu message that needs a reply, draft a concise reply and create exactly one inbox item with:",
+          "wm inbox feishu-draft create --delegation-id <delegation_id> --human-id <human_id> --feishu-message-id <message_id> --chat-id <chat_id> --sender-name <name> --sender-open-id <open_id> --original-text <summary> --draft-text <draft>",
+          "Deduplicate by Feishu message_id. If there are no new relevant messages, do nothing.",
+          "Do not call lark-cli im +messages-send or any other Feishu send command unless a later approved inbox task explicitly asks you to send."
         ].join("\n")
       };
       void this.enqueueStart({
         agentId: delegation.delegate_agent_id,
         config: { ...config, feishuDelegationEnabled: true },
-        wakeMessage
+        wakeMessage,
+        deliveredMessages: [wakeMessage]
       }).catch((error) => {
         this.options.sendToServer({
           type: "feishu:wake_failed",
@@ -5178,6 +5273,44 @@ var AgentProcessManager = class {
     this.lastActivities.set(msg.agentId, { activity: msg.activity, detail: msg.detail, launchId: msg.launchId, clientSeq: msg.clientSeq });
     this.options.sendToServer({ type: "agent:activity", ...msg });
   }
+  requestRuntimePermission(agentId, launchId, request) {
+    const requestId = `perm_${Date.now().toString(36)}_${Math.random().toString(36).slice(2, 10)}`;
+    this.log(`permission request agent=${agentId} request=${requestId} kind=${request.kind}`);
+    this.sendActivity({
+      agentId,
+      activity: "working",
+      detail: "Waiting for permission",
+      launchId,
+      entries: [{ kind: "status", text: request.title, timestamp: Date.now() }],
+      pendingInboxCount: this.queuedInboxCount(agentId) + 1
+    });
+    this.options.sendToServer({
+      type: "agent:permission_request",
+      agentId,
+      requestId,
+      launchId,
+      kind: request.kind,
+      title: request.title,
+      description: request.description,
+      metadata: request.metadata
+    });
+    return new Promise((resolve) => {
+      const timeout = setTimeout(() => {
+        this.pendingPermissions.delete(requestId);
+        this.log(`permission timeout agent=${agentId} request=${requestId}`);
+        resolve({ action: "reject", metadata: { reason: "permission timeout" } });
+      }, 10 * 6e4);
+      this.pendingPermissions.set(requestId, { agentId, timeout, resolve });
+    });
+  }
+  resolvePermissionDecision(agentId, requestId, action, metadata) {
+    const pending = this.pendingPermissions.get(requestId);
+    if (!pending || pending.agentId !== agentId) return;
+    clearTimeout(pending.timeout);
+    this.pendingPermissions.delete(requestId);
+    this.log(`permission decision agent=${agentId} request=${requestId} action=${action}`);
+    pending.resolve({ action, metadata });
+  }
   async ensureAgentWorkspace(agentId, config) {
     const running = this.running.get(agentId);
     if (running && !config?.feishuDelegationEnabled) return { workspace: running.workspace };
@@ -5313,6 +5446,7 @@ var AgentProcessManager = class {
 
 [Runtime Profile Migration] Your runtime configuration has been updated. Before handling the above, re-ground yourself in the new context, then run: \`${workspace.wrapperPath} profile migration-ack --key ${migrationKey}\`` : basePrompt;
     const tracker = new ActivityTracker();
+    const requestPermission = (request) => this.requestRuntimePermission(agentId, launchId, request);
     const onEvent = (event) => {
       this.log(`runtime event agent=${agentId} type=${event.type}${event.content ? ` text=${compact(event.content)}` : ""}`);
       const running = this.running.get(agentId);
@@ -5391,7 +5525,8 @@ var AgentProcessManager = class {
           env: runtimeEnv,
           runtimeSessionId: config.sessionId,
           timeoutMs: 18e4,
-          onEvent
+          onEvent,
+          requestPermission
         });
         this.log(`runtime spawned agent=${agentId} runtime=${config.runtime} pid=${adapter.pid ?? "-"} persistent=true`);
       } else {
@@ -5418,7 +5553,8 @@ var AgentProcessManager = class {
         runtimeSessionId: config.sessionId,
         timeoutMs: 18e4,
         abortSignal: controller.signal,
-        onEvent
+        onEvent,
+        requestPermission
       });
     }
     if (result.runtimeSessionId) {
@@ -5652,6 +5788,7 @@ var AgentProcessManager = class {
     this.idleConfigs.delete(agentId);
     this.startingInboxes.delete(agentId);
     this.runningInboxes.delete(agentId);
+    this.rejectPendingPermissionsForAgent(agentId, "agent stopped");
     const running = this.running.get(agentId);
     if (!running) {
       this.options.sendToServer({ type: "agent:status", agentId, status: "inactive" });
@@ -5679,6 +5816,14 @@ var AgentProcessManager = class {
       new Promise((resolve) => setTimeout(resolve, 5e3))
     ]);
   }
+  rejectPendingPermissionsForAgent(agentId, reason) {
+    for (const [requestId, pending] of this.pendingPermissions) {
+      if (pending.agentId !== agentId) continue;
+      clearTimeout(pending.timeout);
+      this.pendingPermissions.delete(requestId);
+      pending.resolve({ action: "reject", metadata: { reason } });
+    }
+  }
   async runFakeRuntime(input) {
     const { agentId, config, workspace, wakeMessage, abortSignal, launchId } = input;
     let child;