agent-office 0.5.0 → 0.6.1

package/dist/server/routes.js

@@ -1,1396 +0,0 @@
-import { Router } from "express";
-import { Cron as CronerInstance } from "croner";
-const MAIL_INJECTION_BLURB = [
-    ``,
-    `---`,
-    `You have a new message. Please review the injected message above and respond accordingly.`,
-    ``,
-    `When responding to the sender:`,
-    `- Use the \`agent-office worker send-message\` tool so they can see your reply`,
-    `- Avoid excessive length - keep responses concise`,
-    `- Feel free to use markdown formatting`,
-    `- IMPORTANT: Remember when using bash commands certain characters (like dollar signs) may need to be escaped or wrapped in quotes`,
-].join("\n");
-/**
- * Build the persistent system-prompt briefing for a worker session.
- * This is injected as the `system` field on every `promptAsync` call so the
- * agent always has its identity, token, and command reference in context —
- * without consuming a user-message turn.
- */
-export function generateSystemPrompt(name, status, humanName, humanDescription, token) {
-    return [
-        `╔══════════════════════════════════════════════════════╗`,
-        `║              WELCOME TO THE AGENT OFFICE             ║`,
-        `╚══════════════════════════════════════════════════════╝`,
-        ``,
-        `You are an AI worker agent enrolled in the agent office.`,
-        `  Name:           ${name}`,
-        ...(status ? [`  Status:         ${status}`] : []),
-        `  Human manager:  ${humanName} — the human who created your`,
-        `                  session, assigns your work, and is your`,
-        `                  primary point of contact for questions,`,
-        `                  updates, and decisions.`,
-        ...(humanDescription ? [
-            `                  "${humanDescription}"`,
-        ] : []),
-        ``,
-        `The agent-office CLI is your PRIMARY means of communicating`,
-        `with your human manager (${humanName}) and your coworkers.`,
-        `Use it to send and receive messages, and to discover who`,
-        `else is working. You have a special token that you use to use the CLI, and it's important you DO NOT SHARE THIS with other coworkers because it represents you`,
-        ``,
-        `════════════════════════════════════════════════════════`,
-        ` AVAILABLE COMMANDS`,
-        `════════════════════════════════════════════════════════`,
-        ``,
-        ` List your coworkers`,
-        `   agent-office worker list-coworkers \\`,
-        `     ${token}`,
-        ``,
-        ` Set your public status (visible to coworkers and manager)`,
-        `   agent-office worker set-status \\`,
-        `     --status "your status here" \\`,
-        `     ${token}`,
-        ``,
-        ` Clear your public status`,
-        `   agent-office worker set-status \\`,
-        `     --clear \\`,
-        `     ${token}`,
-        ``,
-        ` Send a message to your manager or a coworker`,
-        `   agent-office worker send-message \\`,
-        `     --name <recipient-name> \\`,
-        `     --body "Your message here" \\`,
-        `     ${token}`,
-        ``,
-        ` Send a message to multiple recipients at once`,
-        `   agent-office worker send-message \\`,
-        `     --name alice --name bob \\`,
-        `     --body "Your message here" \\`,
-        `     ${token}`,
-        ``,
-        ` If your message contains $ characters, escape them to avoid shell`,
-        ` variable expansion (bash expands unescaped $ before the CLI sees it):`,
-        `   agent-office worker send-message \\`,
-        `     --name alice \\`,
-        `     --body "The total cost is \\$42" \\`,
-        `     ${token}`,
-        ``,
-        ` ⚠ Always escape $ in --body when using double quotes in bash,`,
-        `   or switch to single quotes. Unescaped $ will be silently`,
-        `   expanded by the shell and your message will be garbled.`,
-        ``,
-        ` Manage scheduled tasks (optional)`,
-        `   agent-office worker cron list \\`,
-        `     ${token}`,
-        ``,
-        ` Request a cron job (requires human approval)`,
-        `   agent-office worker cron request \\`,
-        `     --name <job-name> \\`,
-        `     --schedule "<cron-expression>" \\`,
-        `     --message "<action-to-perform>" \\`,
-        `     --respond-to "<who-to-respond-to-when-done>" \\`,
-        `     ${token}`,
-        ``,
-        `   Example: Daily standup reminder at 9am`,
-        `     --schedule "0 9 * * *" \\`,
-        `     --message "Prepare your standup update" \\`,
-        `     --respond-to "${humanName} in the standup channel"`,
-        ``,
-        `   NOTE: Cron requests must be approved by ${humanName}`,
-        `   before they become active. You will be notified when`,
-        `   your request is approved or rejected.`,
-        ``,
-        ` Check the status of your cron requests`,
-        `   agent-office worker cron requests \\`,
-        `     ${token}`,
-        ``,
-        `════════════════════════════════════════════════════════`,
-        ` IMPORTANT: BASH ESCAPING IN COMMAND ARGUMENTS`,
-        `════════════════════════════════════════════════════════`,
-        ``,
-        ` The shell processes --body, --message, and --respond-to`,
-        ` before the CLI receives them. Be mindful of bash special`,
-        ` characters in these values:`,
-        `   $var, \${x}  variable expansion   → escape as \\$ or use single quotes`,
-        `   \`cmd\`, $(x) command substitution → escape backticks or use single quotes`,
-        `   !, \\, "     history/escape chars → escape or use single quotes`,
-        ` The safest option is always single quotes:`,
-        `   --body 'your message here'`,
-        ` Single quotes prevent all shell interpretation.`,
-        ``,
-        `════════════════════════════════════════════════════════`,
-        ` IMPORTANT: YOUR SESSIONS ARE PRIVATE`,
-        `════════════════════════════════════════════════════════`,
-        ``,
-        ` Nobody — not ${humanName}, not your coworkers — can see`,
-        ` anything you think, reason, or write inside this session.`,
-        ` Your work is completely private until you explicitly send`,
-        ` a message using the send-message command.`,
-        ``,
-        ` This means:`,
-        `   • You must send a message to report progress or ask`,
-        `     for help. Silence looks like inaction.`,
-        `   • Finishing a task without messaging ${humanName}`,
-        `     means they will never know it is done.`,
-        `   • If you are blocked or uncertain, send a message —`,
-        `     nobody will know otherwise.`,
-        ``,
-        `════════════════════════════════════════════════════════`,
-        ` TIPS`,
-        `════════════════════════════════════════════════════════`,
-        ``,
-        ` - Run list-coworkers to discover who is available and`,
-        `   what their names are before sending messages.`,
-        ` - Messages you send are delivered directly into the`,
-        `   recipient's active session — they will see them`,
-        `   immediately.`,
-        ` - Your human manager is ${humanName}. They can send you`,
-        `   messages at any time and those will appear here in`,
-        `   your session just like this one. You can reach them`,
-        `   by sending a message to --name ${humanName}.`,
-        ` - Optional: Request recurring scheduled tasks with cron`,
-        `   jobs. Run 'agent-office worker cron request' to submit`,
-        `   a request. Your human manager must approve it before`,
-        `   it becomes active.`,
-        ``,
-        `════════════════════════════════════════════════════════`,
-        ` IMPORTANT: WAIT FOR A MESSAGE BEFORE DOING ANYTHING`,
-        `════════════════════════════════════════════════════════`,
-        ``,
-        ` When you first start up, do nothing. Do not send messages,`,
-        ` do not begin tasks, do not check in. Simply wait until`,
-        ` you receive a message assigning you work.`,
-        ``,
-        `════════════════════════════════════════════════════════`,
-        ` IMPORTANT: AVOID MESSAGE SPIRALS WITH COWORKERS`,
-        `════════════════════════════════════════════════════════`,
-        ``,
-        ` Be careful not to get into back-and-forth messaging loops`,
-        ` with coworkers. Each message you send triggers their session`,
-        ` which may trigger another message back to you, and so on.`,
-        ` To avoid spiraling out of control:`,
-        `   • Consolidate your thoughts — send one clear, complete`,
-        `     message rather than multiple short ones.`,
-        `   • Do not send a message just to acknowledge receipt.`,
-        `   • If a coworker's reply doesn't require action from you,`,
-        `     do not respond.`,
-        `   • When delegating, give full context upfront so the`,
-        `     coworker doesn't need to ask follow-up questions.`,
-        ``,
-    ].join("\n");
-}
-/** Load human_name and human_description from the config table. */
-async function loadHumanConfig(storage) {
-    const humanName = await storage.getConfig('human_name');
-    const humanDescription = await storage.getConfig('human_description');
-    return {
-        humanName: humanName ?? "your human manager",
-        humanDescription: humanDescription ?? "",
-    };
-}
-export function createRouter(storage, agenticCodingServer, serverUrl, scheduler) {
-    const router = Router();
-    router.get("/health", (_req, res) => {
-        res.json({ ok: true });
-    });
-    // ── Watch Endpoint (Server-Sent Events for real-time coworker mail state) ──
-    router.get("/watch", async (_req, res) => {
-        // Set up SSE headers
-        res.setHeader("Content-Type", "text/event-stream");
-        res.setHeader("Cache-Control", "no-cache");
-        res.setHeader("Connection", "keep-alive");
-        let isConnected = true;
-        // Subscribe to storage changes
-        const unsubscribe = storage.watch((state) => {
-            if (!isConnected || res.writableEnded)
-                return;
-            // Send the state as an SSE event
-            res.write(`event: state\n`);
-            res.write(`data: ${JSON.stringify(state)}\n\n`);
-        });
-        // Handle client disconnect
-        res.on("close", () => {
-            isConnected = false;
-            unsubscribe();
-        });
-        // Handle connection errors
-        res.on("error", () => {
-            isConnected = false;
-            unsubscribe();
-        });
-    });
-    router.get("/modes", async (_req, res) => {
-        try {
-            const modes = await agenticCodingServer.getAgentModes();
-            res.json(modes);
-        }
-        catch (err) {
-            console.error("GET /modes error:", err);
-            res.json([]);
-        }
-    });
-    router.get("/sessions", async (_req, res) => {
-        try {
-            const rows = await storage.listSessions();
-            res.json(rows);
-        }
-        catch (err) {
-            console.error("GET /sessions error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.get("/coworkers", async (_req, res) => {
-        try {
-            const sessions = await storage.listSessions();
-            const humanName = await storage.getConfig('human_name') ?? "Human";
-            const [unreadCounts, lastMessageAt] = await Promise.all([
-                storage.countUnreadBySender(humanName),
-                storage.lastMessageAtByCoworker(humanName),
-            ]);
-            const coworkers = [
-                { name: humanName, status: null, isHuman: true, unreadMessages: 0, lastMessageAt: null },
-                ...sessions.map(s => ({
-                    name: s.name,
-                    status: s.status,
-                    isHuman: false,
-                    unreadMessages: unreadCounts.get(s.name) ?? 0,
-                    lastMessageAt: lastMessageAt.get(s.name)?.toISOString() ?? null,
-                }))
-            ];
-            // Sort non-human coworkers by most recent message (most recent first),
-            // coworkers with no messages appear last (sorted by name as tiebreaker)
-            const [human, ...agents] = coworkers;
-            agents.sort((a, b) => {
-                if (a.lastMessageAt && b.lastMessageAt) {
-                    return new Date(b.lastMessageAt).getTime() - new Date(a.lastMessageAt).getTime();
-                }
-                if (a.lastMessageAt)
-                    return -1;
-                if (b.lastMessageAt)
-                    return 1;
-                return a.name.localeCompare(b.name);
-            });
-            res.json([human, ...agents]);
-        }
-        catch (err) {
-            console.error("GET /coworkers error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.post("/sessions", async (req, res) => {
-        const { name, agent: agentArg } = req.body;
-        if (!name || typeof name !== "string" || !name.trim()) {
-            res.status(400).json({ error: "name is required" });
-            return;
-        }
-        if (!agentArg || typeof agentArg !== "string" || !agentArg.trim()) {
-            res.status(400).json({ error: "agent is required" });
-            return;
-        }
-        const trimmedName = name.trim();
-        const trimmedAgent = agentArg.trim();
-        const existing = await storage.sessionExists(trimmedName);
-        if (existing) {
-            res.status(409).json({ error: `Session name "${trimmedName}" already exists` });
-            return;
-        }
-        let opencodeSessionId;
-        try {
-            opencodeSessionId = await agenticCodingServer.createSession(`agent-office: ${trimmedName} ${new Date().toISOString()}`);
-        }
-        catch (err) {
-            console.error("OpenCode session.create error:", err);
-            res.status(502).json({ error: "Failed to create OpenCode session", detail: String(err) });
-            return;
-        }
-        let row;
-        try {
-            row = await storage.createSession(trimmedName, opencodeSessionId, trimmedAgent);
-        }
-        catch (err) {
-            console.error("DB insert error:", err);
-            try {
-                await agenticCodingServer.deleteSession(opencodeSessionId);
-            }
-            catch { }
-            res.status(500).json({ error: "Internal server error" });
-            return;
-        }
-        res.status(201).json(row);
-    });
-    router.post("/sessions/:name/regenerate-code", async (req, res) => {
-        const { name } = req.params;
-        const session = await storage.getSessionByName(name);
-        if (!session) {
-            res.status(404).json({ error: `Session "${name}" not found` });
-            return;
-        }
-        try {
-            const updated = await storage.regenerateAgentCode(name);
-            res.json(updated);
-        }
-        catch (err) {
-            console.error("regenerate-code error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.patch("/sessions/:name/agent", async (req, res) => {
-        const { name } = req.params;
-        const { agent } = req.body;
-        if (!agent || typeof agent !== "string" || !agent.trim()) {
-            res.status(400).json({ error: "agent is required" });
-            return;
-        }
-        const trimmedAgent = agent.trim();
-        const session = await storage.getSessionByName(name);
-        if (!session) {
-            res.status(404).json({ error: `Session "${name}" not found` });
-            return;
-        }
-        try {
-            const updated = await storage.updateSessionAgent(name, trimmedAgent);
-            res.json(updated);
-        }
-        catch (err) {
-            console.error("PATCH /sessions/:name/agent error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.get("/sessions/:name/messages", async (req, res) => {
-        const { name } = req.params;
-        const limit = Math.min(parseInt(req.query.limit ?? "20", 10), 100);
-        const row = await storage.getSessionByName(name);
-        if (!row) {
-            res.status(404).json({ error: `Session "${name}" not found` });
-            return;
-        }
-        try {
-            const messages = await agenticCodingServer.getMessages(row.session_id, limit);
-            const result = messages
-                .slice(-limit)
-                .map((m) => ({
-                role: m.role,
-                parts: m.parts.map((p) => {
-                    if (p.type === "text") {
-                        return { type: "text", text: p.text ?? "" };
-                    }
-                    else if (p.type === "tool") {
-                        // Extract tool name, input, and output from the tool state
-                        const state = p.state;
-                        return {
-                            type: "tool",
-                            tool: p.tool,
-                            input: state?.input,
-                            output: state?.output,
-                            data: p,
-                        };
-                    }
-                    else {
-                        return { type: p.type, data: p };
-                    }
-                }),
-            }))
-                .filter((m) => m.parts.length > 0);
-            res.json(result);
-        }
-        catch (err) {
-            console.error("OpenCode session.messages error:", err);
-            res.status(502).json({ error: "Failed to fetch messages from OpenCode", detail: String(err) });
-        }
-    });
-    router.post("/sessions/:name/inject", async (req, res) => {
-        const { name } = req.params;
-        const { text, modelID, providerID } = req.body;
-        if (!text || typeof text !== "string" || !text.trim()) {
-            res.status(400).json({ error: "text is required" });
-            return;
-        }
-        const row = await storage.getSessionByName(name);
-        if (!row) {
-            res.status(404).json({ error: `Session "${name}" not found` });
-            return;
-        }
-        try {
-            const { humanName, humanDescription } = await loadHumanConfig(storage);
-            const token = `${row.agent_code}@${serverUrl}`;
-            const system = generateSystemPrompt(row.name, row.status ?? null, humanName, humanDescription, token);
-            await agenticCodingServer.sendMessage(row.session_id, text.trim(), row.agent, system);
-            res.json({ ok: true });
-        }
-        catch (err) {
-            console.error("OpenCode session.prompt error:", err);
-            res.status(502).json({ error: "Failed to inject message into OpenCode session", detail: String(err) });
-        }
-    });
-    router.post("/sessions/:name/revert-to-start", async (req, res) => {
-        const { name } = req.params;
-        const session = await storage.getSessionByName(name);
-        if (!session) {
-            res.status(404).json({ error: `Session "${name}" not found` });
-            return;
-        }
-        try {
-            // Delete the old OpenCode session and create a fresh one
-            await agenticCodingServer.deleteSession(session.session_id);
-            const newSessionId = await agenticCodingServer.createSession(`agent-office: ${name} ${new Date().toISOString()}`);
-            await storage.updateSessionId(name, newSessionId);
-            res.json({ ok: true });
-        }
-        catch (err) {
-            console.error("POST /sessions/:name/revert-to-start error:", err);
-            res.status(502).json({ error: "Failed to revert session", detail: String(err) });
-        }
-    });
-    router.post("/sessions/revert-all", async (_req, res) => {
-        const allSessions = await storage.listSessions();
-        const results = [];
-        for (const session of allSessions) {
-            try {
-                // Delete the old OpenCode session and create a fresh one
-                await agenticCodingServer.deleteSession(session.session_id);
-                const newSessionId = await agenticCodingServer.createSession(`agent-office: ${session.name} ${new Date().toISOString()}`);
-                await storage.updateSessionId(session.name, newSessionId);
-                results.push({ name: session.name, ok: true });
-            }
-            catch (err) {
-                console.error(`POST /sessions/revert-all error for "${session.name}":`, err);
-                results.push({ name: session.name, ok: false, error: String(err) });
-            }
-        }
-        const failed = results.filter((r) => !r.ok);
-        res.json({ ok: failed.length === 0, total: allSessions.length, results });
-    });
-    router.delete("/sessions/:name", async (req, res) => {
-        const { name } = req.params;
-        const row = await storage.getSessionByName(name);
-        if (!row) {
-            res.status(404).json({ error: `Session "${name}" not found` });
-            return;
-        }
-        try {
-            await agenticCodingServer.deleteSession(row.session_id);
-        }
-        catch (err) {
-            console.error("OpenCode session.delete error:", err);
-            res.status(502).json({ error: "Failed to delete OpenCode session", detail: String(err) });
-            return;
-        }
-        try {
-            await storage.deleteSession(row.id);
-            res.json({ deleted: true, name: row.name, session_id: row.session_id });
-        }
-        catch (err) {
-            console.error("DB delete error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.get("/config", async (_req, res) => {
-        try {
-            const rows = await storage.getAllConfig();
-            const config = {};
-            for (const row of rows) {
-                config[row.key] = row.value;
-            }
-            res.json(config);
-        }
-        catch (err) {
-            console.error("GET /config error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.put("/config", async (req, res) => {
-        const { key, value } = req.body;
-        if (!key || typeof key !== "string" || !key.trim()) {
-            res.status(400).json({ error: "key is required" });
-            return;
-        }
-        if (typeof value !== "string") {
-            res.status(400).json({ error: "value must be a string" });
-            return;
-        }
-        try {
-            await storage.setConfig(key, value);
-            res.json({ ok: true, key, value });
-        }
-        catch (err) {
-            console.error("PUT /config error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.get("/messages/:name", async (req, res) => {
-        const { name } = req.params;
-        const { sent, unread_only } = req.query;
-        try {
-            let rows;
-            if (sent === "true") {
-                rows = await storage.listMessagesFromSender(name);
-            }
-            else {
-                rows = await storage.listMessagesForRecipient(name, unread_only === "true" ? { unread: true } : undefined);
-            }
-            res.json(rows);
-        }
-        catch (err) {
-            console.error("GET /messages/:name error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.post("/messages", async (req, res) => {
-        const { from, to, body } = req.body;
-        if (!from || typeof from !== "string" || !from.trim()) {
-            res.status(400).json({ error: "from is required" });
-            return;
-        }
-        if (!to || !Array.isArray(to) || to.length === 0) {
-            res.status(400).json({ error: "to must be a non-empty array of recipient names" });
-            return;
-        }
-        if (!body || typeof body !== "string" || !body.trim()) {
-            res.status(400).json({ error: "body is required" });
-            return;
-        }
-        const trimmedFrom = from.trim();
-        const trimmedBody = body.trim();
-        const sessions = await storage.listSessions();
-        const sessionMap = new Map(sessions.map((s) => [s.name, { sessionId: s.session_id, agent: s.agent, agentCode: s.agent_code, status: s.status }]));
-        const { humanName, humanDescription } = await loadHumanConfig(storage);
-        const validRecipients = [];
-        for (const recipient of to) {
-            if (typeof recipient !== "string" || !recipient.trim())
-                continue;
-            const r = recipient.trim();
-            if (sessionMap.has(r) || r === humanName) {
-                validRecipients.push(r);
-            }
-        }
-        if (validRecipients.length === 0) {
-            res.status(400).json({ error: "No valid recipients found" });
-            return;
-        }
-        const results = [];
-        for (const recipient of validRecipients) {
-            const msgRow = await storage.createMessage(trimmedFrom, recipient, trimmedBody);
-            const msgId = msgRow.id;
-            let injected = false;
-            if (sessionMap.has(recipient)) {
-                const { sessionId, agent, agentCode, status } = sessionMap.get(recipient);
-                const injectText = `[Message from "${trimmedFrom}"]: ${trimmedBody}${MAIL_INJECTION_BLURB}`;
-                const token = `${agentCode}@${serverUrl}`;
-                const system = generateSystemPrompt(recipient, status ?? null, humanName, humanDescription, token);
-                try {
-                    await agenticCodingServer.sendMessage(sessionId, injectText, agent ?? undefined, system);
-                    await storage.markMessageAsInjected(msgId);
-                    injected = true;
-                }
-                catch (err) {
-                    console.warn(`Warning: could not inject message into session "${recipient}":`, err);
-                }
-            }
-            results.push({ to: recipient, messageId: msgId, injected });
-        }
-        res.status(201).json({ ok: true, results });
-    });
-    router.post("/messages/:id/read", async (req, res) => {
-        const id = parseInt(String(req.params.id), 10);
-        if (isNaN(id)) {
-            res.status(400).json({ error: "Invalid message id" });
-            return;
-        }
-        try {
-            const updated = await storage.markMessageAsRead(id);
-            if (!updated) {
-                res.status(404).json({ error: "Message not found" });
-                return;
-            }
-            res.json(updated);
-        }
-        catch (err) {
-            console.error("POST /messages/:id/read error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    // ── Human Notification API ─────────────────────────────────────────────────
-    router.get("/human/unread-old", async (req, res) => {
-        try {
-            const hoursStr = req.query.hours ?? "";
-            const hours = hoursStr !== "" ? parseFloat(hoursStr) : 1;
-            const humanName = (await storage.getConfig("human_name")) ?? "Human";
-            const msgs = await storage.listMessagesForRecipient(humanName, {
-                unread: true,
-                olderThanHours: hours,
-                notified: false,
-            });
-            res.json(msgs);
-        }
-        catch (err) {
-            console.error("GET /human/unread-old error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.post("/human/mark-notified", async (req, res) => {
-        try {
-            const ids = req.body.ids;
-            if (!Array.isArray(ids) || !ids.every((id) => typeof id === "number")) {
-                res.status(400).json({ error: "ids must be an array of numbers" });
-                return;
-            }
-            await storage.markMessagesAsNotified(ids);
-            res.json({ success: true, count: ids.length });
-        }
-        catch (err) {
-            console.error("POST /human/mark-notified error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    // ── Cron Jobs Endpoints ────────────────────────────────────────────────────
-    router.get("/crons", async (req, res) => {
-        try {
-            const { session_name } = req.query;
-            let rows;
-            if (session_name) {
-                rows = await storage.listCronJobsForSession(session_name);
-            }
-            else {
-                rows = await storage.listCronJobs();
-            }
-            const jobs = rows.map((job) => {
-                let nextRun = null;
-                if (job.enabled) {
-                    try {
-                        const options = {};
-                        if (job.timezone)
-                            options.timezone = job.timezone;
-                        const cronJob = new CronerInstance(job.schedule, options);
-                        const next = cronJob.nextRun();
-                        nextRun = next ? next.toISOString() : null;
-                    }
-                    catch { }
-                }
-                return { ...job, next_run: nextRun, last_run: job.last_run ? job.last_run.toISOString() : null, created_at: job.created_at.toISOString() };
-            });
-            res.json(jobs);
-        }
-        catch (err) {
-            console.error("GET /crons error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.post("/crons", async (req, res) => {
-        const { name, session_name, schedule, message, timezone } = req.body;
-        if (!name || typeof name !== "string" || !name.trim()) {
-            res.status(400).json({ error: "name is required" });
-            return;
-        }
-        if (!session_name || typeof session_name !== "string") {
-            res.status(400).json({ error: "session_name is required" });
-            return;
-        }
-        if (!schedule || typeof schedule !== "string" || !schedule.trim()) {
-            res.status(400).json({ error: "schedule is required" });
-            return;
-        }
-        if (!message || typeof message !== "string" || !message.trim()) {
-            res.status(400).json({ error: "message is required" });
-            return;
-        }
-        const trimmedName = name.trim();
-        const trimmedSchedule = schedule.trim();
-        const trimmedMessage = message.trim();
-        try {
-            new CronerInstance(trimmedSchedule);
-        }
-        catch {
-            res.status(400).json({ error: "Invalid cron schedule expression" });
-            return;
-        }
-        if (timezone) {
-            try {
-                new CronerInstance("0 0 * * *", { timezone });
-            }
-            catch {
-                res.status(400).json({ error: "Invalid timezone" });
-                return;
-            }
-        }
-        const existing = await storage.cronJobExistsForSession(trimmedName, session_name);
-        if (existing) {
-            res.status(409).json({ error: `Cron job "${trimmedName}" already exists for this session` });
-            return;
-        }
-        try {
-            const cronJobrow = await storage.createCronJob(trimmedName, session_name, trimmedSchedule, timezone ?? null, trimmedMessage);
-            scheduler.addCronJob(cronJobrow);
-            const nextRun = cronJobrow.enabled ? (() => {
-                try {
-                    const options = {};
-                    if (cronJobrow.timezone)
-                        options.timezone = cronJobrow.timezone;
-                    const cronJob = new CronerInstance(cronJobrow.schedule, options);
-                    const next = cronJob.nextRun();
-                    return next ? next.toISOString() : null;
-                }
-                catch {
-                    return null;
-                }
-            })() : null;
-            res.status(201).json({
-                ...cronJobrow,
-                next_run: nextRun,
-                last_run: cronJobrow?.last_run?.toISOString() ?? null,
-                created_at: cronJobrow.created_at.toISOString(),
-            });
-        }
-        catch (err) {
-            console.error("POST /crons error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.delete("/crons/:id", async (req, res) => {
-        const id = parseInt(String(req.params.id), 10);
-        if (isNaN(id)) {
-            res.status(400).json({ error: "Invalid cron job id" });
-            return;
-        }
-        try {
-            const job = await storage.getCronJobById(id);
-            if (!job) {
-                res.status(404).json({ error: "Cron job not found" });
-                return;
-            }
-            scheduler.removeCronJob(id);
-            await storage.deleteCronJob(id);
-            res.json({ deleted: true, id, name: job.name });
-        }
-        catch (err) {
-            console.error("DELETE /crons/:id error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.post("/crons/:id/enable", async (req, res) => {
-        const id = parseInt(String(req.params.id), 10);
-        if (isNaN(id)) {
-            res.status(400).json({ error: "Invalid cron job id" });
-            return;
-        }
-        try {
-            const existing = await storage.getCronJobById(id);
-            if (!existing) {
-                res.status(404).json({ error: "Cron job not found" });
-                return;
-            }
-            await storage.enableCronJob(id);
-            const updated = await storage.getCronJobById(id);
-            if (updated) {
-                scheduler.enableCronJob(updated);
-                const nextRun = (() => {
-                    try {
-                        const options = {};
-                        if (updated.timezone)
-                            options.timezone = updated.timezone;
-                        const cronJob = new CronerInstance(updated.schedule, options);
-                        const next = cronJob.nextRun();
-                        return next ? next.toISOString() : null;
-                    }
-                    catch {
-                        return null;
-                    }
-                })();
-                res.json({
-                    ...updated,
-                    next_run: nextRun,
-                    last_run: updated.last_run?.toISOString() ?? null,
-                    created_at: updated.created_at.toISOString(),
-                });
-            }
-            else {
-                res.status(404).json({ error: "Cron job not found" });
-            }
-        }
-        catch (err) {
-            console.error("POST /crons/:id/enable error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.post("/crons/:id/disable", async (req, res) => {
-        const id = parseInt(String(req.params.id), 10);
-        if (isNaN(id)) {
-            res.status(400).json({ error: "Invalid cron job id" });
-            return;
-        }
-        try {
-            const job = await storage.getCronJobById(id);
-            if (!job) {
-                res.status(404).json({ error: "Cron job not found" });
-                return;
-            }
-            await storage.disableCronJob(id);
-            scheduler.disableCronJob(id);
-            const updated = await storage.getCronJobById(id);
-            res.json({
-                ...updated,
-                next_run: null,
-                last_run: updated?.last_run?.toISOString() ?? null,
-                created_at: updated?.created_at.toISOString() ?? null,
-            });
-        }
-        catch (err) {
-            console.error("POST /crons/:id/disable error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.get("/crons/:id/history", async (req, res) => {
-        const id = parseInt(String(req.params.id), 10);
-        const limit = Math.min(parseInt(req.query.limit ?? "10", 10), 100);
-        if (isNaN(id)) {
-            res.status(400).json({ error: "Invalid cron job id" });
-            return;
-        }
-        try {
-            const rows = await storage.listCronHistory(id, limit);
-            res.json(rows.map((r) => ({
-                ...r,
-                executed_at: r.executed_at.toISOString(),
-            })));
-        }
-        catch (err) {
-            console.error("GET /crons/:id/history error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    // ── Cron Requests (manage-side: view, approve, reject) ──
-    router.get("/cron-requests", async (req, res) => {
-        try {
-            const { status, session_name } = req.query;
-            const filters = {};
-            if (status)
-                filters.status = status;
-            if (session_name)
-                filters.sessionName = session_name;
-            const rows = await storage.listCronRequests(filters);
-            res.json(rows.map((r) => ({
-                ...r,
-                requested_at: r.requested_at.toISOString(),
-                reviewed_at: r.reviewed_at?.toISOString() ?? null,
-            })));
-        }
-        catch (err) {
-            console.error("GET /cron-requests error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.post("/cron-requests/:id/approve", async (req, res) => {
-        const id = parseInt(String(req.params.id), 10);
-        if (isNaN(id)) {
-            res.status(400).json({ error: "Invalid cron request id" });
-            return;
-        }
-        const { notes } = req.body;
-        try {
-            const request = await storage.getCronRequestById(id);
-            if (!request) {
-                res.status(404).json({ error: "Cron request not found" });
-                return;
-            }
-            if (request.status !== "pending") {
-                res.status(409).json({ error: `Cron request already ${request.status}` });
-                return;
-            }
-            const { humanName } = await loadHumanConfig(storage);
-            // Update request status
-            const updated = await storage.updateCronRequestStatus(id, "approved", humanName, notes);
-            // Create the actual cron job
-            const cronJob = await storage.createCronJob(request.name, request.session_name, request.schedule, request.timezone, request.message);
-            scheduler.addCronJob(cronJob);
-            // Notify the worker that their request was approved
-            const notificationBody = `Your cron job request "${request.name}" (schedule: ${request.schedule}) has been approved and is now active.${notes ? `\n\nNote from manager: ${notes}` : ""}`;
-            await storage.createMessage(humanName, request.session_name, notificationBody);
-            // Inject notification into the worker's session
-            const session = await storage.getSessionByName(request.session_name);
-            if (session) {
-                const token = `${session.agent_code}@${serverUrl}`;
-                const system = generateSystemPrompt(session.name, session.status, humanName, (await storage.getConfig('human_description')) ?? '', token);
-                const injectText = `[Cron Request Approved] Your cron job request "${request.name}" has been approved and scheduled.${notes ? ` Manager note: ${notes}` : ""}`;
-                try {
-                    await agenticCodingServer.sendMessage(session.session_id, injectText, session.agent, system);
-                }
-                catch {
-                    // If injection fails, the message is still in their mailbox
-                }
-            }
-            const nextRun = cronJob.enabled ? (() => {
-                try {
-                    const options = {};
-                    if (cronJob.timezone)
-                        options.timezone = cronJob.timezone;
-                    const cron = new CronerInstance(cronJob.schedule, options);
-                    const next = cron.nextRun();
-                    return next ? next.toISOString() : null;
-                }
-                catch {
-                    return null;
-                }
-            })() : null;
-            res.json({
-                request: {
-                    ...updated,
-                    requested_at: updated?.requested_at.toISOString(),
-                    reviewed_at: updated?.reviewed_at?.toISOString() ?? null,
-                },
-                cron_job: {
-                    ...cronJob,
-                    next_run: nextRun,
-                    last_run: cronJob.last_run?.toISOString() ?? null,
-                    created_at: cronJob.created_at.toISOString(),
-                },
-            });
-        }
-        catch (err) {
-            console.error("POST /cron-requests/:id/approve error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.post("/cron-requests/:id/reject", async (req, res) => {
-        const id = parseInt(String(req.params.id), 10);
-        if (isNaN(id)) {
-            res.status(400).json({ error: "Invalid cron request id" });
-            return;
-        }
-        const { notes } = req.body;
-        try {
-            const request = await storage.getCronRequestById(id);
-            if (!request) {
-                res.status(404).json({ error: "Cron request not found" });
-                return;
-            }
-            if (request.status !== "pending") {
-                res.status(409).json({ error: `Cron request already ${request.status}` });
-                return;
-            }
-            const { humanName } = await loadHumanConfig(storage);
-            // Update request status
-            const updated = await storage.updateCronRequestStatus(id, "rejected", humanName, notes);
-            // Notify the worker that their request was rejected
-            const notificationBody = `Your cron job request "${request.name}" (schedule: ${request.schedule}) has been rejected.${notes ? `\n\nReason: ${notes}` : ""}`;
-            await storage.createMessage(humanName, request.session_name, notificationBody);
-            // Inject notification into the worker's session
-            const session = await storage.getSessionByName(request.session_name);
-            if (session) {
-                const token = `${session.agent_code}@${serverUrl}`;
-                const system = generateSystemPrompt(session.name, session.status, humanName, (await storage.getConfig('human_description')) ?? '', token);
-                const injectText = `[Cron Request Rejected] Your cron job request "${request.name}" has been rejected.${notes ? ` Reason: ${notes}` : ""}`;
-                try {
-                    await agenticCodingServer.sendMessage(session.session_id, injectText, session.agent, system);
-                }
-                catch {
-                    // If injection fails, the message is still in their mailbox
-                }
-            }
-            res.json({
-                ...updated,
-                requested_at: updated?.requested_at.toISOString(),
-                reviewed_at: updated?.reviewed_at?.toISOString() ?? null,
-            });
-        }
-        catch (err) {
-            console.error("POST /cron-requests/:id/reject error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    return router;
-}
-export function createWorkerRouter(storage, agenticCodingServer, serverUrl) {
-    const router = Router();
-    router.get("/worker/list-coworkers", async (req, res) => {
-        const { code } = req.query;
-        if (!code || typeof code !== "string") {
-            res.status(400).json({ error: "code query parameter is required" });
-            return;
-        }
-        const session = await storage.getSessionByAgentCode(code);
-        if (!session) {
-            res.status(401).json({ error: "Invalid agent code" });
-            return;
-        }
-        try {
-            const sessions = await storage.listSessions();
-            const humanName = await storage.getConfig('human_name') ?? "Human";
-            const workers = sessions.filter((s) => s.name !== session.name).map((s) => s.name);
-            workers.push(humanName);
-            res.json(workers);
-        }
-        catch (err) {
-            console.error("GET /worker/list-coworkers error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.post("/worker/set-status", async (req, res) => {
-        const { code } = req.query;
-        const { status } = req.body;
-        if (!code || typeof code !== "string") {
-            res.status(400).json({ error: "code query parameter is required" });
-            return;
-        }
-        const trimmedStatus = status === null ? null : (status === undefined ? null : status.trim());
-        if (trimmedStatus !== null && trimmedStatus.length > 140) {
-            res.status(400).json({ error: "status must be at most 140 characters" });
-            return;
-        }
-        const session = await storage.getSessionByAgentCode(code);
-        if (!session) {
-            res.status(401).json({ error: "Invalid agent code" });
-            return;
-        }
-        try {
-            await storage.updateSessionStatus(code, trimmedStatus);
-        }
-        catch (err) {
-            console.error("POST /worker/set-status error:", err);
-            res.status(500).json({ error: "Internal server error" });
-            return;
-        }
-        res.json({ ok: true, name: session.name, status: trimmedStatus });
-    });
-    router.post("/worker/send-message", async (req, res) => {
-        const { code } = req.query;
-        const { to, body } = req.body;
-        if (!code || typeof code !== "string") {
-            res.status(400).json({ error: "code query parameter is required" });
-            return;
-        }
-        const session = await storage.getSessionByAgentCode(code);
-        if (!session) {
-            res.status(401).json({ error: "Invalid agent code" });
-            return;
-        }
-        if (!to || !Array.isArray(to) || to.length === 0) {
-            res.status(400).json({ error: "to must be a non-empty array of recipient names" });
-            return;
-        }
-        if (!body || typeof body !== "string" || !body.trim()) {
-            res.status(400).json({ error: "body is required" });
-            return;
-        }
-        const trimmedBody = body.trim();
-        const sessions = await storage.listSessions();
-        const sessionMap = new Map(sessions.map((s) => [s.name, { sessionId: s.session_id, agent: s.agent, agentCode: s.agent_code, status: s.status }]));
-        const { humanName, humanDescription } = await loadHumanConfig(storage);
-        const validRecipients = [];
-        for (const recipient of to) {
-            if (typeof recipient !== "string" || !recipient.trim())
-                continue;
-            const r = recipient.trim();
-            if (sessionMap.has(r) || r === humanName) {
-                validRecipients.push(r);
-            }
-        }
-        if (validRecipients.length === 0) {
-            res.status(400).json({ error: "No valid recipients found" });
-            return;
-        }
-        const results = [];
-        for (const recipient of validRecipients) {
-            const msgRow = await storage.createMessage(session.name, recipient, trimmedBody);
-            const msgId = msgRow.id;
-            let injected = false;
-            if (sessionMap.has(recipient)) {
-                const { sessionId: recipientSessionId, agent: recipientAgent, agentCode, status } = sessionMap.get(recipient);
-                const injectText = `[Message from "${session.name}"]: ${trimmedBody}${MAIL_INJECTION_BLURB}`;
-                const token = `${agentCode}@${serverUrl}`;
-                const system = generateSystemPrompt(recipient, status ?? null, humanName, humanDescription, token);
-                try {
-                    await agenticCodingServer.sendMessage(recipientSessionId, injectText, recipientAgent ?? undefined, system);
-                    await storage.markMessageAsInjected(msgId);
-                    injected = true;
-                }
-                catch (err) {
-                    console.warn(`Warning: could not inject message into session "${recipient}":`, err);
-                }
-            }
-            results.push({ to: recipient, messageId: msgId, injected });
-        }
-        res.status(201).json({ ok: true, results });
-    });
-    // ── Worker Cron Endpoints (authenticated via agent_code in query) ───────────
-    router.get("/worker/crons", async (req, res) => {
-        const { code } = req.query;
-        if (!code || typeof code !== "string") {
-            res.status(400).json({ error: "code query parameter is required" });
-            return;
-        }
-        const session = await storage.getSessionByAgentCode(code);
-        if (!session) {
-            res.status(401).json({ error: "Invalid agent code" });
-            return;
-        }
-        const sessionName = session.name;
-        try {
-            const rows = await storage.listCronJobsForSession(sessionName);
-            const jobs = rows.map((job) => {
-                let nextRun = null;
-                if (job.enabled) {
-                    try {
-                        const options = {};
-                        if (job.timezone)
-                            options.timezone = job.timezone;
-                        const cronJob = new CronerInstance(job.schedule, options);
-                        const next = cronJob.nextRun();
-                        nextRun = next ? next.toISOString() : null;
-                    }
-                    catch { }
-                }
-                return {
-                    ...job,
-                    next_run: nextRun,
-                    last_run: job.last_run ? job.last_run.toISOString() : null,
-                    created_at: job.created_at.toISOString(),
-                };
-            });
-            res.json(jobs);
-        }
-        catch (err) {
-            console.error("GET /worker/crons error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    // ── Cron Requests (worker can request, human must approve) ──
-    router.get("/worker/cron-requests", async (req, res) => {
-        const { code } = req.query;
-        if (!code || typeof code !== "string") {
-            res.status(400).json({ error: "code query parameter is required" });
-            return;
-        }
-        const session = await storage.getSessionByAgentCode(code);
-        if (!session) {
-            res.status(401).json({ error: "Invalid agent code" });
-            return;
-        }
-        try {
-            const rows = await storage.listCronRequests({ sessionName: session.name });
-            res.json(rows.map((r) => ({
-                ...r,
-                requested_at: r.requested_at.toISOString(),
-                reviewed_at: r.reviewed_at?.toISOString() ?? null,
-            })));
-        }
-        catch (err) {
-            console.error("GET /worker/cron-requests error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.post("/worker/cron-requests", async (req, res) => {
-        const { code } = req.query;
-        const { name, schedule, message, timezone } = req.body;
-        if (!code || typeof code !== "string") {
-            res.status(400).json({ error: "code query parameter is required" });
-            return;
-        }
-        const session = await storage.getSessionByAgentCode(code);
-        if (!session) {
-            res.status(401).json({ error: "Invalid agent code" });
-            return;
-        }
-        if (!name || typeof name !== "string" || !name.trim()) {
-            res.status(400).json({ error: "name is required" });
-            return;
-        }
-        if (!schedule || typeof schedule !== "string" || !schedule.trim()) {
-            res.status(400).json({ error: "schedule is required" });
-            return;
-        }
-        if (!message || typeof message !== "string" || !message.trim()) {
-            res.status(400).json({ error: "message is required" });
-            return;
-        }
-        const trimmedName = name.trim();
-        const trimmedSchedule = schedule.trim();
-        const trimmedMessage = message.trim();
-        try {
-            new CronerInstance(trimmedSchedule);
-        }
-        catch {
-            res.status(400).json({ error: "Invalid cron schedule expression" });
-            return;
-        }
-        if (timezone) {
-            try {
-                new CronerInstance("0 0 * * *", { timezone });
-            }
-            catch {
-                res.status(400).json({ error: "Invalid timezone" });
-                return;
-            }
-        }
-        try {
-            const request = await storage.createCronRequest(trimmedName, session.name, trimmedSchedule, timezone ?? null, trimmedMessage);
-            res.status(201).json({
-                ...request,
-                requested_at: request.requested_at.toISOString(),
-                reviewed_at: request.reviewed_at?.toISOString() ?? null,
-            });
-        }
-        catch (err) {
-            console.error("POST /worker/cron-requests error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.delete("/worker/crons/:id", async (req, res) => {
-        const { code } = req.query;
-        const id = parseInt(String(req.params.id), 10);
-        if (!code || typeof code !== "string") {
-            res.status(400).json({ error: "code query parameter is required" });
-            return;
-        }
-        if (isNaN(id)) {
-            res.status(400).json({ error: "Invalid cron job id" });
-            return;
-        }
-        const session = await storage.getSessionByAgentCode(code);
-        if (!session) {
-            res.status(401).json({ error: "Invalid agent code" });
-            return;
-        }
-        const sessionName = session.name;
-        try {
-            const job = await storage.getCronJobById(id);
-            if (!job || job.session_name !== sessionName) {
-                res.status(404).json({ error: "Cron job not found or not owned by you" });
-                return;
-            }
-            await storage.deleteCronJob(id);
-            res.json({ deleted: true, id, name: job.name });
-        }
-        catch (err) {
-            console.error("DELETE /worker/crons/:id error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.post("/worker/crons/:id/enable", async (req, res) => {
-        const { code } = req.query;
-        const id = parseInt(String(req.params.id), 10);
-        if (!code || typeof code !== "string") {
-            res.status(400).json({ error: "code query parameter is required" });
-            return;
-        }
-        if (isNaN(id)) {
-            res.status(400).json({ error: "Invalid cron job id" });
-            return;
-        }
-        const session = await storage.getSessionByAgentCode(code);
-        if (!session) {
-            res.status(401).json({ error: "Invalid agent code" });
-            return;
-        }
-        const sessionName = session.name;
-        try {
-            const existing = await storage.getCronJobById(id);
-            if (!existing || existing.session_name !== sessionName) {
-                res.status(404).json({ error: "Cron job not found or not owned by you" });
-                return;
-            }
-            await storage.enableCronJob(id);
-            const updated = await storage.getCronJobById(id);
-            if (updated) {
-                const nextRun = (() => {
-                    try {
-                        const options = {};
-                        if (updated.timezone)
-                            options.timezone = updated.timezone;
-                        const cronJob = new CronerInstance(updated.schedule, options);
-                        const next = cronJob.nextRun();
-                        return next ? next.toISOString() : null;
-                    }
-                    catch {
-                        return null;
-                    }
-                })();
-                res.json({
-                    ...updated,
-                    next_run: nextRun,
-                    last_run: updated.last_run?.toISOString() ?? null,
-                    created_at: updated.created_at.toISOString(),
-                });
-            }
-            else {
-                res.status(404).json({ error: "Cron job not found" });
-            }
-        }
-        catch (err) {
-            console.error("POST /worker/crons/:id/enable error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.post("/worker/crons/:id/disable", async (req, res) => {
-        const { code } = req.query;
-        const id = parseInt(String(req.params.id), 10);
-        if (!code || typeof code !== "string") {
-            res.status(400).json({ error: "code query parameter is required" });
-            return;
-        }
-        if (isNaN(id)) {
-            res.status(400).json({ error: "Invalid cron job id" });
-            return;
-        }
-        const session = await storage.getSessionByAgentCode(code);
-        if (!session) {
-            res.status(401).json({ error: "Invalid agent code" });
-            return;
-        }
-        const sessionName = session.name;
-        try {
-            const job = await storage.getCronJobById(id);
-            if (!job || job.session_name !== sessionName) {
-                res.status(404).json({ error: "Cron job not found or not owned by you" });
-                return;
-            }
-            await storage.disableCronJob(id);
-            const updated = await storage.getCronJobById(id);
-            res.json({
-                ...updated,
-                next_run: null,
-                last_run: updated?.last_run?.toISOString() ?? null,
-                created_at: updated?.created_at.toISOString() ?? null,
-            });
-        }
-        catch (err) {
-            console.error("POST /worker/crons/:id/disable error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    router.get("/worker/crons/:id/history", async (req, res) => {
-        const { code } = req.query;
-        const id = parseInt(String(req.params.id), 10);
-        const limit = Math.min(parseInt(req.query.limit ?? "10", 10), 100);
-        if (!code || typeof code !== "string") {
-            res.status(400).json({ error: "code query parameter is required" });
-            return;
-        }
-        if (isNaN(id)) {
-            res.status(400).json({ error: "Invalid cron job id" });
-            return;
-        }
-        const session = await storage.getSessionByAgentCode(code);
-        if (!session) {
-            res.status(401).json({ error: "Invalid agent code" });
-            return;
-        }
-        const sessionName = session.name;
-        try {
-            const job = await storage.getCronJobById(id);
-            if (!job || job.session_name !== sessionName) {
-                res.status(404).json({ error: "Cron job not found or not owned by you" });
-                return;
-            }
-            const rows = await storage.listCronHistory(id, limit);
-            res.json(rows.map((r) => ({
-                ...r,
-                executed_at: r.executed_at.toISOString(),
-            })));
-        }
-        catch (err) {
-            console.error("GET /worker/crons/:id/history error:", err);
-            res.status(500).json({ error: "Internal server error" });
-        }
-    });
-    return router;
-}