a2acalling 0.6.52 → 0.6.54

package/scripts/postinstall.js

@@ -1,56 +1,62 @@
 #!/usr/bin/env node
 
 // ============================================================================
-// npm postinstall hook — silent server setup
+// npm postinstall hook — skill installation + silent server setup
 //
-// OBJECTIVE: When `npm install -g a2acalling` runs, this script silently
-// starts the A2A server and saves the initial config. No output is produced
-// because npm v7+ captures all lifecycle script stdio.
+// TWO MODES:
 //
-// The VERBOSE onboarding (disclosure prompt, workspace scan instructions)
-// happens when the agent runs any `a2a` command — enforceOnboarding detects
-// incomplete setup and runs the full quickstart flow inline with direct stdio.
+// 1. Global install (npm install -g a2acalling):
+//    - Silently runs quickstart to start the server and save config
+//    - Installs Claude Code skills into INIT_CWD (if available)
+//    - Prints getting-started summary
 //
-// This split exists because:
-//   - npm postinstall: stdio is piped/captured, output is invisible to agents
-//   - `a2a <command>`: agent runs directly, stdio is clean, output is visible
+// 2. Local install (npm install a2acalling):
+//    - Installs Claude Code skills (.claude/commands/) into the project
+//    - Prints getting-started summary so the assisting agent has context
+//    - Does NOT start the server (local installs are usually for development)
 //
-// So postinstall handles the parts that don't need output (server start),
-// and the a2a binary handles the parts that DO need output (disclosure prompt).
+// The verbose onboarding (disclosure prompt, workspace scan) happens when the
+// agent runs `a2a quickstart` — enforceOnboarding detects incomplete setup
+// and runs the full flow inline with direct stdio.
 // ============================================================================
 
 if (process.env.CI || process.env.CONTINUOUS_INTEGRATION) process.exit(0);
 if (process.env.DOCKER) process.exit(0);
-if (process.env.npm_config_global !== 'true') process.exit(0);
 
 const path = require('path');
+const os = require('os');
 const { spawnSync } = require('child_process');
 
+const isGlobal = process.env.npm_config_global === 'true';
 const initCwd = process.env.INIT_CWD || process.env.HOME || process.cwd();
 const cliPath = path.join(__dirname, '..', 'bin', 'cli.js');
 
-// Run quickstart silently — starts server, saves config, detects hostname.
-// All prompts auto-accept defaults (stdin is piped with no input).
-// Output is captured (not shown) because npm would swallow it anyway.
-const result = spawnSync(process.execPath, [cliPath, 'quickstart'], {
-  stdio: ['pipe', 'pipe', 'pipe'],
-  cwd: initCwd,
-  env: {
-    ...process.env,
-    A2A_WORKSPACE: process.env.A2A_WORKSPACE || initCwd
-  }
-});
+// ── Global install: silently run quickstart ──────────────────────────────
+if (isGlobal) {
+  const result = spawnSync(process.execPath, [cliPath, 'quickstart'], {
+    stdio: ['pipe', 'pipe', 'pipe'],
+    cwd: initCwd,
+    env: {
+      ...process.env,
+      A2A_WORKSPACE: process.env.A2A_WORKSPACE || initCwd
+    }
+  });
 
-if (result.error) {
-  // Don't fail the install — the agent will get onboarding when it runs `a2a`.
-  installSkillFiles();
-  process.exit(0);
+  if (result.error) {
+    // Don't fail the install — the agent will get onboarding when it runs `a2a`.
+  }
 }
 
+// ── Install skill files (both global and local) ─────────────────────────
 installSkillFiles();
-process.exit(result.status || 0);
 
-// Best-effort: install Claude Code + Codex skills into the workspace
+// ── Print getting-started summary ───────────────────────────────────────
+printGettingStarted();
+
+process.exit(0);
+
+// ── Helpers ─────────────────────────────────────────────────────────────
+
 function installSkillFiles() {
   try {
     const { installSkills } = require('./install-skills');
@@ -59,3 +65,120 @@ function installSkillFiles() {
     // Silent — skills can be installed later with `a2a skills`
   }
 }
+
+function printGettingStarted() {
+  const isMac = os.platform() === 'darwin';
+  const pkg = require('../package.json');
+
+  const lines = [
+    '',
+    '╔══════════════════════════════════════════════════════════════╗',
+    '║                  A2A Calling — Installed                    ║',
+    '╚══════════════════════════════════════════════════════════════╝',
+    '',
+    `  Version: ${pkg.version}`,
+    '',
+    '  ── Getting Started ──────────────────────────────────────────',
+    '',
+    '  1. Run onboarding (REQUIRED first step):',
+    '',
+    '     a2a quickstart',
+    '',
+    '     This starts the A2A server, detects your hostname,',
+    '     and prompts you to configure what your agent shares.',
+    '',
+    '  2. Create an invite to share with other agents:',
+    '',
+    '     a2a create --name "YourAgent" --tier public --expires 7d',
+    '',
+    '  3. Add a contact and call them:',
+    '',
+    '     a2a add "a2a://host/fed_xxx" "AgentName"',
+    '     a2a call "AgentName" "Hello!"',
+    '',
+  ];
+
+  if (isMac) {
+    lines.push(
+      '  ── Native macOS App ─────────────────────────────────────────',
+      '',
+      '  A native Callbook app is available for macOS:',
+      '',
+      '     a2a app install',
+      '',
+      '  Installs to ~/Applications/A2A Callbook.app',
+      '  (Downloads pre-built binary from GitHub releases)',
+      '',
+    );
+  }
+
+  lines.push(
+    '  ── Full CLI Reference ───────────────────────────────────────',
+    '',
+    '  Onboarding & Setup:',
+    '    a2a quickstart              First-time setup (port, hostname, disclosure)',
+    '    a2a quickstart --force      Re-run onboarding from scratch',
+    '    a2a setup                   Auto setup (gateway-aware dashboard install)',
+    '    a2a status <url>            Check A2A agent status',
+    '    a2a version                 Show installed version',
+    '',
+    '  Tokens & Invites:',
+    '    a2a create [options]        Create an invite token',
+    '      --name, -n  NAME         Token label',
+    '      --tier, -p  TIER         public | friends | family',
+    '      --expires   DURATION     1h | 1d | 7d | 30d | never',
+    '    a2a list                    List active tokens',
+    '    a2a revoke <id>             Revoke a token',
+    '',
+    '  Contacts & Calling:',
+    '    a2a add <url> [name]        Add a contact from invite URL',
+    '    a2a contacts                List all contacts',
+    '    a2a call <contact> <msg>    Call a contact (multi-turn)',
+    '      --single                  One-shot call (no back-and-forth)',
+    '    a2a ping <url>              Check if agent is reachable',
+    '',
+    '  Dashboard & GUI:',
+    '    a2a gui                     Open dashboard in browser',
+    '    a2a gui --tab logs          Open specific tab',
+    '',
+    '  Server:',
+    '    a2a server --port 3001      Start server manually',
+    '    a2a update                  Update to latest version',
+    '    a2a uninstall               Stop server and remove config',
+    '',
+  );
+
+  if (isMac) {
+    lines.push(
+      '  Native App (macOS):',
+      '    a2a app status              Check native app installation',
+      '    a2a app install             Install/update from GitHub releases',
+      '    a2a app uninstall           Remove from ~/Applications',
+      '',
+    );
+  }
+
+  lines.push(
+    '  Skills:',
+    '    a2a skills                  Install Claude Code + Codex skills',
+    '    a2a skills --force          Overwrite existing skill files',
+    '',
+    '  ── Claude Code Skills Installed ────────────────────────────',
+    '',
+    '  The following slash commands are now available:',
+    '    /a2a-setup     — Run onboarding or reset configuration',
+    '    /a2a-call      — Call another A2A agent',
+    '    /a2a-invite    — Create and share an invite token',
+    '    /a2a-contacts  — List and manage contacts',
+    '    /a2a-status    — Check server and agent health',
+    '',
+    '══════════════════════════════════════════════════════════════',
+    '',
+  );
+
+  // Print to stderr — npm v7+ captures stdout from lifecycle scripts,
+  // but stderr is still visible in many agent contexts
+  console.error(lines.join('\n'));
+  // Also print to stdout for contexts where stderr is filtered
+  console.log(lines.join('\n'));
+}

package/src/dashboard/public/app.js

@@ -1056,6 +1056,7 @@ function renderTierEditor(tierId) {
   document.getElementById('tier-name').value = tier.name || tier.id;
   document.getElementById('tier-description').value = tier.description || '';
   document.getElementById('tier-disclosure').value = tier.disclosure || 'minimal';
+  document.getElementById('tier-tools').value = toLines(tier.allowed_tools || []);
   document.getElementById('tier-topics').value = toLines(tier.topics || []);
   document.getElementById('tier-goals').value = toLines(tier.goals || []);
 }
@@ -1072,6 +1073,7 @@ function bindSettingsActions() {
       name: document.getElementById('tier-name').value,
       description: document.getElementById('tier-description').value,
       disclosure: document.getElementById('tier-disclosure').value,
+      allowed_tools: fromLines(document.getElementById('tier-tools').value),
       topics: fromLines(document.getElementById('tier-topics').value),
       goals: fromLines(document.getElementById('tier-goals').value)
     };

package/src/dashboard/public/index.html

@@ -132,6 +132,7 @@
         <label>Name <input id="tier-name" type="text"></label>
         <label>Description <input id="tier-description" type="text"></label>
         <label>Disclosure <input id="tier-disclosure" type="text" placeholder="minimal"></label>
+        <label>Allowed Tools (one per line)<textarea id="tier-tools" rows="5" placeholder="Read&#10;Grep&#10;Glob"></textarea></label>
         <label>Topics (one per line)<textarea id="tier-topics" rows="6"></textarea></label>
         <label>Goals (one per line)<textarea id="tier-goals" rows="6"></textarea></label>
         <div class="row">

package/src/lib/claude-subagent.js

@@ -10,8 +10,8 @@
  * Stateless calls cost more tokens but are operationally safer under load.
  *
  * Permissioning is still enforced:
- * `--allowedTools` is derived per request from token capabilities + allowed topics.
- * We do not hardcode one universal allowlist anymore.
+ * `--allowedTools` is derived per request from token capabilities + allowed topics
+ * and can be further constrained by per-tier `allowed_tools` policy from onboarding.
  */
 
 const { execSync, spawn } = require('child_process');
@@ -22,8 +22,43 @@ const logger = createLogger({ component: 'a2a.claude-subagent' });
 
 const A2A_RESPONSE_REGEX = /<a2a_response>\s*([\s\S]*?)\s*<\/a2a_response>/i;
 const DEFAULT_CLAUDE_MODEL = 'claude-sonnet-4-5-20250929';
+const CLAUDE_TOOL_UNIVERSE = ['Bash', 'Bash(readonly)', 'Read', 'Grep', 'Glob', 'WebSearch', 'WebFetch'];
 const LEGACY_DEFAULT_TOOLS = ['Bash(readonly)', 'Read', 'Grep', 'Glob', 'WebSearch', 'WebFetch'];
 
+const TOOL_NAME_MAP = {
+  bash: 'Bash',
+  'bash(readonly)': 'Bash(readonly)',
+  'bash-readonly': 'Bash(readonly)',
+  read: 'Read',
+  grep: 'Grep',
+  glob: 'Glob',
+  websearch: 'WebSearch',
+  webfetch: 'WebFetch'
+};
+
+function normalizeToolName(value) {
+  const key = String(value || '').trim().toLowerCase();
+  return TOOL_NAME_MAP[key] || null;
+}
+
+function sanitizeAllowedToolList(values) {
+  if (!Array.isArray(values)) return [];
+  const out = [];
+  const seen = new Set();
+  for (const value of values) {
+    const canonical = normalizeToolName(value);
+    if (!canonical || seen.has(canonical)) continue;
+    seen.add(canonical);
+    out.push(canonical);
+  }
+  return out;
+}
+
+function formatToolListForPrompt(tools) {
+  if (!Array.isArray(tools) || tools.length === 0) return '  (none)';
+  return tools.map(tool => `  - ${tool}`).join('\n');
+}
+
 /**
  * Check if `claude` CLI is available in PATH.
  */
@@ -49,6 +84,7 @@ function isClaudeAvailable() {
  * @param {string} config.tierObjectives - formatted objectives string
  * @param {string} config.doNotDiscuss - formatted do_not_discuss string
  * @param {string} config.neverDisclose - formatted never_disclose string
+ * @param {string[]} [config.allowedTools] - Effective tool allowlist for this call
  * @param {string} config.personalityNotes
  * @param {string} config.roleContext
  * @returns {string}
@@ -64,10 +100,17 @@ function buildSubagentSystemPrompt(config) {
     tierObjectives = '  (none specified)',
     doNotDiscuss = '  (none specified)',
     neverDisclose = '  (none specified)',
+    allowedTools = [],
     personalityNotes = '',
     roleContext = ''
   } = config;
 
+  const effectiveAllowedTools = sanitizeAllowedToolList(allowedTools);
+  const allowedForPrompt = effectiveAllowedTools.length > 0
+    ? effectiveAllowedTools
+    : [...LEGACY_DEFAULT_TOOLS];
+  const blockedTools = CLAUDE_TOOL_UNIVERSE.filter(tool => !allowedForPrompt.includes(tool));
+
   return `You are ${agentName}, the personal AI agent for ${ownerName}.
 You are on a live A2A (agent-to-agent) call with ${otherAgentName}, who represents ${otherOwnerName}. ${roleContext}
 
@@ -108,6 +151,19 @@ ${doNotDiscuss}
 NEVER disclose:
 ${neverDisclose}
 
+== TOOL PERMISSIONS ==
+
+Allowed tools this call:
+${formatToolListForPrompt(allowedForPrompt)}
+
+Blocked tools this call:
+${formatToolListForPrompt(blockedTools)}
+
+Tool policy:
+- Never invoke blocked tools.
+- If you need a blocked tool, continue the conversation without it and add a "question_for_owner" flag requesting permission.
+- Include exact tool name and reason in the flag content.
+
 == BEHAVIORAL MANDATE ==
 
 You operate in three concurrent modes:
@@ -228,13 +284,11 @@ function parseSubagentResponse(resultText) {
  */
 function spawnClaude(args, timeoutMs = HARD_FALLBACK_TURN_TIMEOUT_MS) {
   return new Promise((resolve, reject) => {
+    const spawnEnv = { ...process.env, FORCE_COLOR: '0' };
+    delete spawnEnv.CLAUDECODE;
     const proc = spawn('claude', args, {
-      stdio: ['pipe', 'pipe', 'pipe'],
-      env: {
-        ...process.env,
-        FORCE_COLOR: '0',
-        CLAUDECODE: ''  // Unset to allow nested invocation
-      }
+      stdio: ['ignore', 'pipe', 'pipe'],
+      env: spawnEnv
     });
 
     let stdout = '';
@@ -310,16 +364,7 @@ function hasPermissionMatch(values, key) {
   return values.some(value => value === key || value.startsWith(`${key}.`));
 }
 
-/**
- * Resolve Claude tool allowlist from token-derived permissions.
- *
- * Notes:
- * - We preserve legacy behavior when no permission context is provided, because
- *   outbound CLI flows may run without token metadata.
- * - When permissions are present, we derive tools deterministically so runtime
- *   allowlists remain variable and auditable per token.
- */
-function resolveClaudeAllowedTools({ capabilities = [], allowedTopics = [] } = {}) {
+function deriveClaudeToolsFromPermissionSignals({ capabilities = [], allowedTopics = [] } = {}) {
   const normalizedCaps = normalizePermissionList(capabilities);
   const normalizedTopics = normalizePermissionList(allowedTopics);
   const hasPermissionContext = normalizedCaps.length > 0 || normalizedTopics.length > 0;
@@ -367,6 +412,29 @@ function resolveClaudeAllowedTools({ capabilities = [], allowedTopics = [] } = {
   return tools;
 }
 
+/**
+ * Resolve Claude tool allowlist from token-derived permissions and explicit per-tier tool policy.
+ */
+function resolveClaudeAllowedTools({ capabilities = [], allowedTopics = [], allowedTools = [] } = {}) {
+  const derivedTools = deriveClaudeToolsFromPermissionSignals({ capabilities, allowedTopics });
+  const explicitTools = sanitizeAllowedToolList(allowedTools);
+
+  if (explicitTools.length > 0) {
+    const hasPermissionSignals = normalizePermissionList(capabilities).length > 0
+      || normalizePermissionList(allowedTopics).length > 0;
+
+    if (hasPermissionSignals) {
+      // Permission signals define the ceiling; explicit tier tools can narrow it.
+      const narrowed = explicitTools.filter(tool => derivedTools.includes(tool));
+      return narrowed.length > 0 ? narrowed : derivedTools;
+    }
+
+    return explicitTools;
+  }
+
+  return derivedTools;
+}
+
 function buildClaudeToolArg(allowedTools) {
   return Array.isArray(allowedTools) ? allowedTools.join(' ').trim() : '';
 }
@@ -447,6 +515,7 @@ function summarizeFromPayload(payload, fallbackText) {
  * @param {boolean} options.closeSignal - Whether close has been signaled
  * @param {Array<string>} [options.capabilities] - Token capabilities (permission source of truth)
  * @param {Array<string>} [options.allowedTopics] - Token allowed topics (permission source of truth)
+ * @param {Array<string>} [options.allowedTools] - Token allowed tools (onboarding tier policy)
  * @param {function} [options.spawnFn] - Injectable process runner for tests
  * @param {number} [options.timeoutMs=300000] - Timeout in milliseconds
  * @returns {Promise<{ message: string, statePatch: object|null, flags: array }>}
@@ -464,6 +533,7 @@ async function runClaudeTurn(options) {
     closeSignal = false,
     capabilities = [],
     allowedTopics = [],
+    allowedTools = [],
     spawnFn = spawnClaude,
     timeoutMs = HARD_FALLBACK_TURN_TIMEOUT_MS
   } = options;
@@ -480,8 +550,8 @@ async function runClaudeTurn(options) {
   });
 
   const startAt = Date.now();
-  const allowedTools = resolveClaudeAllowedTools({ capabilities, allowedTopics });
-  const allowedToolsArg = buildClaudeToolArg(allowedTools);
+  const effectiveAllowedTools = resolveClaudeAllowedTools({ capabilities, allowedTopics, allowedTools });
+  const allowedToolsArg = buildClaudeToolArg(effectiveAllowedTools);
   const args = [
     '-p',
     '--output-format', 'json',
@@ -494,7 +564,7 @@ async function runClaudeTurn(options) {
   if (allowedToolsArg) {
     args.push('--allowedTools', allowedToolsArg);
   }
-  args.push(turnPrompt);
+  args.push('--', turnPrompt);
 
   logger.debug('Spawning Claude subagent turn', {
     event: 'subagent_turn_start',
@@ -503,7 +573,7 @@ async function runClaudeTurn(options) {
       max_turns: maxTurns,
       phase,
       is_stateless: true,
-      allowed_tools: allowedTools,
+      allowed_tools: effectiveAllowedTools,
       timeout_ms: timeoutMs
     }
   });
@@ -538,8 +608,9 @@ async function runClaudeTurn(options) {
  * @param {string} [options.reason] - Why the conversation is ending
  * @param {Array<string>} [options.capabilities] - Token capabilities for summary turn tooling
  * @param {Array<string>} [options.allowedTopics] - Token allowed topics for summary turn tooling
+ * @param {Array<string>} [options.allowedTools] - Token allowed tools for summary turn tooling
  * @param {function} [options.spawnFn] - Injectable process runner for tests
- * @param {number} [timeoutMs=300000] - Timeout in milliseconds
+ * @param {number} [options.timeoutMs=300000] - Timeout in milliseconds
  * @returns {Promise<{ summary: string, ownerSummary: string, actionItems: array, flags: array }>}
  */
 async function runClaudeSummary(options = {}) {
@@ -548,6 +619,7 @@ async function runClaudeSummary(options = {}) {
     reason,
     capabilities = [],
     allowedTopics = [],
+    allowedTools = [],
     spawnFn = spawnClaude,
     timeoutMs = HARD_FALLBACK_TURN_TIMEOUT_MS
   } = options;
@@ -557,13 +629,13 @@ async function runClaudeSummary(options = {}) {
     throw new Error('Cannot summarize without a prompt');
   }
 
-  const allowedTools = resolveClaudeAllowedTools({ capabilities, allowedTopics });
-  const allowedToolsArg = buildClaudeToolArg(allowedTools);
+  const effectiveAllowedTools = resolveClaudeAllowedTools({ capabilities, allowedTopics, allowedTools });
+  const allowedToolsArg = buildClaudeToolArg(effectiveAllowedTools);
 
   const args = [
     '-p',
     '--output-format', 'json',
-    '--model', DEFAULT_CLAUDE_MODEL,
+    '--model', DEFAULT_CLAUDE_MODEL
   ];
 
   if (allowedToolsArg) {
@@ -572,6 +644,7 @@ async function runClaudeSummary(options = {}) {
   args.push(
     '--append-system-prompt',
     `Conversation summary mode. Reason: ${reason || 'conversation ended'}. Return only structured summary JSON.`,
+    '--',
     summaryPrompt
   );
 
@@ -581,7 +654,7 @@ async function runClaudeSummary(options = {}) {
     event: 'subagent_summary_start',
     data: {
       reason: reason || 'conversation ended',
-      allowed_tools: allowedTools
+      allowed_tools: effectiveAllowedTools
     }
   });
 

package/src/lib/config.js

@@ -125,6 +125,13 @@ function validateTierPatch(tierName, tierConfig) {
     });
   }
 
+  if (tierConfig.allowed_tools !== undefined) {
+    out.allowed_tools = validateStringArray(tierConfig.allowed_tools, `${tierName}.allowed_tools`, {
+      maxItems: 30,
+      itemMaxLength: 80
+    });
+  }
+
   if (tierConfig.topics !== undefined) {
     out.topics = validateStringArray(tierConfig.topics, `${tierName}.topics`, {
       maxItems: 200,
@@ -181,6 +188,7 @@ const DEFAULT_CONFIG = {
       name: 'Public',
       description: 'Basic networking - safe for anyone',
       capabilities: ['context-read'],
+      allowed_tools: ['Read', 'Grep', 'Glob'],
       topics: ['chat'],
       goals: [],
       disclosure: 'minimal',
@@ -190,6 +198,7 @@ const DEFAULT_CONFIG = {
       name: 'Friends',
       description: 'Most capabilities, no sensitive financial data',
       capabilities: ['context-read', 'calendar.read', 'email.read', 'search'],
+      allowed_tools: ['Bash(readonly)', 'Read', 'Grep', 'Glob', 'WebSearch', 'WebFetch'],
       topics: ['chat', 'search', 'openclaw', 'a2a'],
       goals: [],
       disclosure: 'public',
@@ -199,6 +208,7 @@ const DEFAULT_CONFIG = {
       name: 'Family',
       description: 'Full access - only for your inner circle',
       capabilities: ['context-read', 'calendar', 'email', 'search', 'tools', 'memory'],
+      allowed_tools: ['Bash', 'Read', 'Grep', 'Glob', 'WebSearch', 'WebFetch'],
       topics: ['chat', 'search', 'openclaw', 'a2a', 'tools', 'memory'],
       goals: [],
       disclosure: 'public',
@@ -208,6 +218,7 @@ const DEFAULT_CONFIG = {
       name: 'Custom',
       description: 'User-defined permissions',
       capabilities: ['context-read'],
+      allowed_tools: ['Read', 'Grep', 'Glob'],
       topics: [],
       goals: [],
       disclosure: 'minimal',

package/src/lib/conversation-driver.js

@@ -132,6 +132,8 @@ class ConversationDriver {
     // If provided by caller, this keeps tool allowlists variable per token/profile.
     this.capabilities = Array.isArray(options.capabilities) ? options.capabilities : [];
     this.allowedTopics = Array.isArray(options.allowedTopics) ? options.allowedTopics : [];
+    this.allowedGoals = Array.isArray(options.allowedGoals) ? options.allowedGoals : [];
+    this.allowedTools = Array.isArray(options.allowedTools) ? options.allowedTools : [];
     this.summarizer = options.summarizer || null;
     this.ownerContext = options.ownerContext || {};
     this.claudeMode = options.runtime?.mode === 'claude';
@@ -229,8 +231,11 @@ class ConversationDriver {
       // Try runtime.summarize if available (OpenClaw path)
       if (typeof runtime.summarize === 'function') {
         try {
+          const summarySessionId = this.lastConversationId
+            ? `a2a-${this.lastConversationId}`
+            : `summary-${Date.now()}`;
           return await runtime.summarize({
-            sessionId: `summary-${Date.now()}`,
+            sessionId: summarySessionId,
             prompt,
             messages,
             callerInfo: { name: agentContext.name, owner: agentContext.owner },
@@ -414,7 +419,11 @@ class ConversationDriver {
         roleContext: 'You initiated this call.',
         capabilities: this.capabilities,
         allowedTopics: this.allowedTopics,
-        allowed_topics: this.allowedTopics
+        allowed_topics: this.allowedTopics,
+        allowedGoals: this.allowedGoals,
+        allowed_goals: this.allowedGoals,
+        allowedTools: this.allowedTools,
+        allowed_tools: this.allowedTools
       };
       if (this.claudeMode) {
         contextPayload.turnCount = turn + 1;