agent-relay-plugin 0.6.1 → 0.10.0

package/.claude-plugin/plugin.json

@@ -1,5 +1,5 @@
 {
   "name": "agent-relay",
   "description": "Client connector for Agent Relay — auto-registers Claude Code sessions as agents and enables inter-agent messaging via a lightweight HTTP message bus",
-  "version": "0.6.1"
+  "version": "0.10.0"
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agent-relay-plugin",
-  "version": "0.6.1",
+  "version": "0.10.0",
   "description": "Claude Code plugin for Agent Relay — auto-registers sessions as agents and enables inter-agent messaging",
   "type": "module",
   "license": "AGPL-3.0-or-later",
@@ -14,10 +14,11 @@
     "url": "https://github.com/edimuj/agent-relay/issues"
   },
   "homepage": "https://github.com/edimuj/agent-relay/tree/main/claude#readme",
+  "dependencies": {
+    "agent-relay-sdk": "0.2.0"
+  },
   "files": [
     ".claude-plugin/",
-    "hooks/",
-    "monitors/",
     "skills/"
   ],
   "keywords": [

package/skills/reply/SKILL.md

@@ -0,0 +1,25 @@
+---
+name: reply
+description: Reply to an Agent Relay message by ID. Auto-routes to the sender and inherits channel context — no target needed. Use when the user invokes /reply or asks to reply to a specific relay message.
+argument-hint: "<messageId> <message>"
+allowed-tools: [Bash]
+---
+
+# Agent Relay Reply
+
+Run:
+
+```bash
+agent-relay /reply $ARGUMENTS
+```
+
+The server auto-routes the reply to the original sender and inherits the channel (Telegram, Slack, etc.) if applicable. No target or channel ID needed.
+
+Examples:
+
+```bash
+agent-relay /reply 206 "Sounds good, I'll take a look"
+agent-relay /reply 42 "Done — the fix is in commit abc123"
+```
+
+Report the sent message id and resolved target briefly.

package/hooks/approval-gate.sh

@@ -1,143 +0,0 @@
-#!/usr/bin/env bash
-# Agent Relay plugin — approval gate for PreToolUse and PermissionDenied hooks.
-# Enforces AGENT_RELAY_APPROVAL/profile approval policy: open (default), guarded, read-only.
-
-if [ "${AGENT_RELAY_DISABLED:-}" = "1" ]; then
-  exit 0
-fi
-
-script_dir=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
-source "${script_dir}/profile-lib.sh"
-project=$(basename "${PWD:-unknown}")
-if [ -n "$CLAUDE_RIG_NAME" ]; then rig="$CLAUDE_RIG_NAME"
-elif [ -n "$CLAUDE_CONFIG_DIR" ]; then rig=$(basename "$CLAUDE_CONFIG_DIR")
-else rig="default"; fi
-ar_init_profile "claude" "$rig" "$project"
-MODE="${AGENT_RELAY_APPROVAL:-$AR_APPROVAL}"
-MODE="${MODE:-open}"
-[ "$MODE" = "open" ] && exit 0
-
-input=$(cat)
-event=$(printf '%s' "$input" | jq -r '.hook_event_name')
-
-# --- PermissionDenied: allow retry so the model adapts ---
-if [ "$event" = "PermissionDenied" ]; then
-  jq -n '{hookSpecificOutput:{hookEventName:"PermissionDenied",retry:true}}'
-  exit 0
-fi
-
-tool=$(printf '%s' "$input" | jq -r '.tool_name')
-
-# --- Always allowed: read-only and orchestration tools ---
-case "$tool" in
-  Read|Grep|Glob|WebFetch|WebSearch|Agent|Monitor|ToolSearch|AskUserQuestion|Skill|ScheduleWakeup|CronList|EnterPlanMode|ExitPlanMode)
-    exit 0 ;;
-  Task*|*McpResource*)
-    exit 0 ;;
-  mcp__*)
-    exit 0 ;;
-esac
-
-deny() {
-  jq -n --arg r "$1" '{hookSpecificOutput:{hookEventName:"PreToolUse",permissionDecision:"deny",permissionDecisionReason:$r}}'
-  exit 0
-}
-
-# --- read-only: deny mutation tools ---
-if [ "$MODE" = "read-only" ]; then
-  case "$tool" in
-    Write|Edit|NotebookEdit|CronCreate|CronDelete|PushNotification|RemoteTrigger|EnterWorktree|ExitWorktree)
-      deny "${tool} blocked by read-only policy" ;;
-  esac
-fi
-
-# --- Bash command analysis ---
-if [ "$tool" = "Bash" ]; then
-  cmd=$(printf '%s' "$input" | jq -r '.tool_input.command // ""')
-
-  if [ "$MODE" = "guarded" ]; then
-    # Denylist: block destructive patterns anywhere in the command
-    if printf '%s' "$cmd" | grep -qE '(^|[;&|]\s*)\s*(rm|rmdir)\b'; then
-      deny "rm/rmdir blocked by guarded policy"
-    fi
-    if printf '%s' "$cmd" | grep -qE '(^|[;&|]\s*)\s*mv\b'; then
-      deny "mv blocked by guarded policy (use cp instead)"
-    fi
-    if printf '%s' "$cmd" | grep -qE '(^|[;&|]\s*)\s*(chmod|chown|chattr)\b'; then
-      deny "Permission change blocked by guarded policy"
-    fi
-    if printf '%s' "$cmd" | grep -qE '(^|[;&|]\s*)\s*(kill|pkill|killall)\b'; then
-      deny "Process signal blocked by guarded policy"
-    fi
-    if printf '%s' "$cmd" | grep -qE '(^|[;&|]\s*)\s*(dd|mkfs|truncate|shred)\b'; then
-      deny "Destructive command blocked by guarded policy"
-    fi
-    if printf '%s' "$cmd" | grep -qE '(^|[;&|]\s*)\s*sudo\b'; then
-      deny "sudo blocked by guarded policy"
-    fi
-    if printf '%s' "$cmd" | grep -qE 'git\s+(reset\s+--hard|push\s+.*(-f\b|--force)|clean\s+-[a-z]*f)'; then
-      deny "Destructive git operation blocked by guarded policy"
-    fi
-    exit 0
-  fi
-
-  if [ "$MODE" = "read-only" ]; then
-    # Check for file-writing redirects (allow >/dev/null and fd redirects like 2>&1)
-    redirect_cleaned=$(printf '%s' "$cmd" | sed 's|[0-9]*>[[:space:]]*/dev/null||g; s|[0-9]*>&[0-9]*||g')
-    if printf '%s' "$redirect_cleaned" | grep -qE '>>|[^a-zA-Z0-9_]>|^>'; then
-      deny "Output redirection blocked by read-only policy"
-    fi
-
-    # Allowlist: check first command word
-    first_word=$(printf '%s' "$cmd" | sed 's/^[[:space:]]*//' | awk '{print $1}')
-
-    case "$first_word" in
-      # Filesystem reads
-      ls|cat|head|tail|less|more|file|stat|tree|du|df|readlink|realpath|basename|dirname)
-        exit 0 ;;
-      # Text processing
-      wc|sort|uniq|diff|comm|tr|cut|paste|column|fmt|fold|tac|rev|nl|seq|xargs)
-        exit 0 ;;
-      # Search
-      find|fd|grep|egrep|fgrep|rg|ag|ast-grep)
-        exit 0 ;;
-      # Shell builtins / info
-      echo|printf|pwd|which|whoami|date|env|printenv|uname|id|hostname|type|true|false|test|\[)
-        exit 0 ;;
-      # System info
-      ps|top|htop|uptime|free|lsof|netstat|ss|ip|ifconfig)
-        exit 0 ;;
-      # Data processing
-      jq|yq|bc|expr|base64|xxd|hexdump|od|strings|md5sum|sha256sum|sha1sum|shasum)
-        exit 0 ;;
-      # Network reads
-      curl|wget|dig|nslookup|ping|traceroute|ssh)
-        exit 0 ;;
-      # Git — subcommand check
-      git)
-        git_sub=$(printf '%s' "$cmd" | sed 's/^[[:space:]]*git[[:space:]]*//' | awk '{print $1}')
-        case "$git_sub" in
-          status|log|diff|show|branch|remote|tag|rev-parse|config|shortlog|reflog|blame|describe|ls-files|ls-tree|cat-file|rev-list|for-each-ref|name-rev|merge-base|version)
-            exit 0 ;;
-          stash)
-            stash_action=$(printf '%s' "$cmd" | sed 's/.*stash[[:space:]]*//' | awk '{print $1}')
-            case "$stash_action" in
-              list|show|"") exit 0 ;;
-              *) deny "git stash ${stash_action} blocked by read-only policy" ;;
-            esac ;;
-          *)
-            deny "git ${git_sub} blocked by read-only policy" ;;
-        esac ;;
-      # Everything else denied
-      *)
-        deny "Command '${first_word}' not in read-only allowlist" ;;
-    esac
-  fi
-fi
-
-# Unknown tools: guarded → allow, read-only → deny
-if [ "$MODE" = "read-only" ]; then
-  deny "${tool} not in read-only allowlist"
-fi
-
-exit 0

package/hooks/hooks.json

@@ -1,61 +0,0 @@
-{
-  "hooks": {
-    "PreToolUse": [
-      {
-        "hooks": [
-          {
-            "type": "command",
-            "command": "bash \"${CLAUDE_PLUGIN_ROOT}/hooks/approval-gate.sh\"",
-            "timeout": 5
-          }
-        ]
-      }
-    ],
-    "PermissionDenied": [
-      {
-        "hooks": [
-          {
-            "type": "command",
-            "command": "bash \"${CLAUDE_PLUGIN_ROOT}/hooks/approval-gate.sh\"",
-            "timeout": 5
-          }
-        ]
-      }
-    ],
-    "UserPromptSubmit": [
-      {
-        "hooks": [
-          {
-            "type": "command",
-            "command": "bash \"${CLAUDE_PLUGIN_ROOT}/hooks/set-status.sh\" busy",
-            "async": true,
-            "timeout": 5
-          }
-        ]
-      }
-    ],
-    "Stop": [
-      {
-        "hooks": [
-          {
-            "type": "command",
-            "command": "bash \"${CLAUDE_PLUGIN_ROOT}/hooks/set-status.sh\" idle",
-            "async": true,
-            "timeout": 5
-          }
-        ]
-      }
-    ],
-    "SessionEnd": [
-      {
-        "hooks": [
-          {
-            "type": "command",
-            "command": "bash \"${CLAUDE_PLUGIN_ROOT}/hooks/session-end.sh\"",
-            "timeout": 5
-          }
-        ]
-      }
-    ]
-  }
-}

package/hooks/poll-inbox.sh

@@ -1,227 +0,0 @@
-#!/usr/bin/env bash
-# Agent Relay plugin — inbox poller
-# Each new message prints one stdout line (consumed by Monitor as a notification).
-# Usage: poll-inbox.sh <relay-url> <agent-id> [interval-seconds]
-
-if [ "${AGENT_RELAY_DISABLED:-}" = "1" ]; then
-  exit 0
-fi
-
-RELAY_URL="$1"
-AGENT_ID="$2"
-INTERVAL="${3:-10}"
-script_dir=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
-source "${script_dir}/profile-lib.sh"
-auth_header_args=()
-if [ -n "${AGENT_RELAY_TOKEN:-}" ]; then
-  auth_header_args=(-H "X-Agent-Relay-Token: ${AGENT_RELAY_TOKEN}")
-fi
-
-if [ -z "$RELAY_URL" ] || [ -z "$AGENT_ID" ]; then
-  echo "Usage: poll-inbox.sh <relay-url> <agent-id> [interval]" >&2
-  exit 1
-fi
-
-# PID file so session-start.sh can find and kill us on /clear or /compact.
-pid_file="/tmp/agent-relay-poll-${AGENT_ID}.pid"
-status_file="/tmp/agent-relay-status-${AGENT_ID}.state"
-delivered_file="/tmp/agent-relay-delivered-${AGENT_ID}.queue"
-cursor_file="/tmp/agent-relay-cursor-${AGENT_ID}.state"
-project=$(basename "${PWD:-unknown}")
-if [ -n "$CLAUDE_RIG_NAME" ]; then rig="$CLAUDE_RIG_NAME"
-elif [ -n "$CLAUDE_CONFIG_DIR" ]; then rig=$(basename "$CLAUDE_CONFIG_DIR")
-else rig="default"; fi
-ar_init_profile "claude" "$rig" "$project"
-cleanup() { rm -f "$pid_file"; }
-trap cleanup EXIT
-echo $$ > "$pid_file"
-
-fetch_cursor() {
-  local cursor
-  cursor=$(curl -s --fail "${auth_header_args[@]}" "${RELAY_URL}/api/messages/cursor" 2>/dev/null | jq -r '.latestId // empty' 2>/dev/null) || return 1
-  case "$cursor" in
-    ''|*[!0-9]*) return 1 ;;
-    *) printf '%s\n' "$cursor" ;;
-  esac
-}
-
-read_saved_cursor() {
-  local cursor
-  cursor=$(head -1 "$cursor_file" 2>/dev/null || true)
-  case "$cursor" in
-    ''|*[!0-9]*) return 1 ;;
-    *) printf '%s\n' "$cursor" ;;
-  esac
-}
-
-save_cursor() {
-  printf '%s\n' "$1" > "$cursor_file"
-}
-
-current_status() {
-  local status
-  status=$(head -1 "$status_file" 2>/dev/null || true)
-  case "$status" in
-    online|idle|busy|offline) printf '%s\n' "$status" ;;
-    *) printf 'idle\n' ;;
-  esac
-}
-
-deliver_message() {
-  local line="$1"
-  if [ "${AGENT_RELAY_CLAUDE_DELIVERY:-monitor}" = "tmux" ] && [ -n "${AGENT_RELAY_CLAUDE_TMUX_SESSION:-}" ] && command -v tmux >/dev/null 2>&1; then
-    if tmux send-keys -t "$AGENT_RELAY_CLAUDE_TMUX_SESSION" -l "$line" 2>/dev/null &&
-      tmux send-keys -t "$AGENT_RELAY_CLAUDE_TMUX_SESSION" C-m 2>/dev/null; then
-      return 0
-    fi
-    echo "warn: tmux delivery failed for ${AGENT_RELAY_CLAUDE_TMUX_SESSION}" >&2
-    return 1
-  fi
-
-  printf '%s\n' "$line"
-}
-
-mark_read_or_queue() {
-  local mid="$1"
-  curl -s -X PATCH "${RELAY_URL}/api/messages/${mid}" "${auth_header_args[@]}" \
-    -H 'Content-Type: application/json' \
-    -d "{\"readBy\":\"${AGENT_ID}\"}" > /dev/null 2>&1 ||
-    printf '%s\n' "$mid" >> "$delivered_file"
-}
-
-re_register() {
-  local machine rig project reg_code
-  machine=$(hostname)
-  project=$(basename "${PWD:-unknown}")
-  if [ -n "$CLAUDE_RIG_NAME" ]; then rig="$CLAUDE_RIG_NAME"
-  elif [ -n "$CLAUDE_CONFIG_DIR" ]; then rig=$(basename "$CLAUDE_CONFIG_DIR")
-  else rig="default"; fi
-  ar_init_profile "claude" "$rig" "$project"
-
-  reg_code=$(curl -s -o /dev/null -w '%{http_code}' -X POST "${RELAY_URL}/api/agents" "${auth_header_args[@]}" \
-    -H 'Content-Type: application/json' \
-    -d "$(jq -n \
-      --arg id "$AGENT_ID" \
-      --arg name "$project ($rig @ $machine)" \
-      --arg machine "$machine" \
-      --arg rig "$rig" \
-      --arg label "$AR_LABEL" \
-      --argjson tags "$AR_TAGS_JSON" \
-      --argjson caps "$AR_CAPS_JSON" \
-      --argjson meta "$AR_META_JSON" \
-      '{id: $id, name: $name, machine: $machine, rig: $rig, tags: $tags, capabilities: $caps, status: "online", meta: $meta} + (if $label != "" then {label: $label} else {} end)'
-    )" 2>/dev/null)
-
-  [ "$reg_code" = "200" ] || [ "$reg_code" = "201" ]
-}
-
-set_status() {
-  printf '%s\n' "$1" > "$status_file"
-  curl -s -o /dev/null -X PATCH "${RELAY_URL}/api/agents/${AGENT_ID}/status" "${auth_header_args[@]}" \
-    -H 'Content-Type: application/json' -d "{\"status\":\"$1\"}" 2>/dev/null
-}
-
-# First start bootstraps at current max; restarted monitors resume their saved
-# cursor so messages that arrived during downtime are still delivered.
-since_id=$(read_saved_cursor || fetch_cursor || echo 0)
-save_cursor "$since_id"
-
-fail_streak=0
-marked_ready=false
-# Save parent PID (Claude Code wrapper) — if it dies, we're orphaned.
-_parent_pid="$PPID"
-while true; do
-  if [ "${AGENT_RELAY_DISABLED:-}" = "1" ]; then
-    set_status "offline"
-    exit 0
-  fi
-
-  # Exit if parent process is gone — prevents orphaned monitors from heartbeating forever.
-  if ! kill -0 "$_parent_pid" 2>/dev/null; then
-    set_status "offline"
-    exit 0
-  fi
-
-  hb_code=$(curl -s -o /dev/null -w '%{http_code}' -X POST "${auth_header_args[@]}" \
-    "${RELAY_URL}/api/agents/${AGENT_ID}/heartbeat" 2>/dev/null)
-
-  # Agent was pruned — re-register instead of exiting.
-  if [ "$hb_code" = "404" ]; then
-    if re_register; then
-      marked_ready=false
-      hb_code="200"
-    else
-      hb_code="000"
-    fi
-  fi
-
-  msgs=$(curl -s --fail "${auth_header_args[@]}" "${RELAY_URL}/api/messages?for=${AGENT_ID}&sinceId=${since_id}&unread=true" 2>/dev/null)
-  poll_rc=$?
-
-  if [ "$hb_code" != "200" ] && [ "$hb_code" != "404" ] || [ $poll_rc -ne 0 ]; then
-    fail_streak=$((fail_streak + 1))
-    case "$fail_streak" in
-      1) delay=2 ;;
-      2) delay=10 ;;
-      3) delay=30 ;;
-      *) delay=60 ;;
-    esac
-    if [ "$fail_streak" = "1" ]; then
-      echo "warn: agent-relay unreachable (${RELAY_URL}) — backing off" >&2
-    fi
-    sleep "$delay"
-    continue
-  fi
-
-  # Recovery from failure streak — re-assert status so dashboard shows correct state.
-  if [ "$fail_streak" -gt 0 ]; then
-    set_status "$(current_status)"
-  fi
-  fail_streak=0
-
-  if [ "$marked_ready" = "false" ]; then
-    curl -s -o /dev/null -X PATCH "${RELAY_URL}/api/agents/${AGENT_ID}/ready" "${auth_header_args[@]}" \
-      -H 'Content-Type: application/json' -d '{"ready":true}' 2>/dev/null
-    set_status "idle"
-    marked_ready=true
-  fi
-
-  count=$(echo "$msgs" | jq 'length' 2>/dev/null || echo 0)
-  if [ "$count" -gt 0 ] 2>/dev/null && [ "$count" != "0" ]; then
-    delivery_failed=false
-    while IFS= read -r msg; do
-      mid=$(printf '%s' "$msg" | jq -r '.id')
-      claimable=$(printf '%s' "$msg" | jq -r '.claimable // false')
-      if [ "$(ar_message_matches_channels "$msg")" != "true" ]; then
-        continue
-      fi
-
-      if [ "$claimable" = "true" ]; then
-        claim_code=$(curl -s -o /dev/null -w '%{http_code}' -X POST \
-          "${RELAY_URL}/api/messages/${mid}/claim" "${auth_header_args[@]}" \
-          -H 'Content-Type: application/json' \
-          -d "{\"agentId\":\"${AGENT_ID}\"}" 2>/dev/null)
-        if [ "$claim_code" != "200" ]; then
-          continue
-        fi
-      fi
-
-      if ! line=$(printf '%s' "$msg" | jq -r '(.payload.pairId // "") as $pair | (if $pair != "" then " [pair:\($pair)]" else "" end) as $pairText | (.body | gsub("\r"; "\\r") | gsub("\n"; "\\n")) as $body | if .kind == "system" or .kind == "control" then "⚠ SYSTEM [msg:\(.id)]\($pairText): \($body)" else "[msg:\(.id)]\($pairText) \(.from) → \(.to) | \(.subject // "(no subject)"): \($body)" end') || [ -z "$line" ]; then
-        echo "warn: failed to format relay message ${mid}" >&2
-        delivery_failed=true
-        continue
-      fi
-      if deliver_message "$line"; then
-        mark_read_or_queue "$mid"
-      else
-        delivery_failed=true
-      fi
-    done < <(echo "$msgs" | jq -c '.[]')
-    if [ "$delivery_failed" = "false" ]; then
-      since_id=$(echo "$msgs" | jq '[.[].id] | max')
-      save_cursor "$since_id"
-    fi
-  fi
-
-  sleep "$INTERVAL"
-done

package/hooks/profile-lib.sh

@@ -1,73 +0,0 @@
-#!/usr/bin/env bash
-
-ar_csv_json() {
-  printf '%s' "$1" | jq -R 'split(",") | map(gsub("^\\s+|\\s+$"; "")) | map(select(length > 0)) | reduce .[] as $x ([]; if index($x) then . else . + [$x] end)'
-}
-
-ar_profile_value() {
-  local key="$1"
-  printf '%s' "${AR_PROFILE_JSON}" | jq -r --arg key "$key" '.[$key] // empty | if type == "string" then gsub("^\\s+|\\s+$"; "") else empty end'
-}
-
-ar_profile_array() {
-  local key="$1"
-  printf '%s' "${AR_PROFILE_JSON}" | jq -c --arg key "$key" 'if (.[$key] | type) == "array" then .[$key] | map(select(type == "string") | gsub("^\\s+|\\s+$"; "") | select(length > 0)) | reduce .[] as $x ([]; if index($x) then . else . + [$x] end) else [] end'
-}
-
-ar_init_profile() {
-  local provider="$1"
-  local rig="$2"
-  local project="$3"
-  local profiles_file profile_meta extra_tags
-
-  AR_PROFILE_NAME="${AGENT_RELAY_PROFILE:-}"
-  profiles_file="${AGENT_RELAY_PROFILES_FILE:-${HOME:-}/.config/agent-relay/profiles.json}"
-  AR_PROFILE_JSON="{}"
-  if [ -n "$AR_PROFILE_NAME" ] && [ -f "$profiles_file" ]; then
-    AR_PROFILE_JSON=$(jq -c --arg name "$AR_PROFILE_NAME" '.[$name] // {}' "$profiles_file" 2>/dev/null || printf '{}')
-  fi
-
-  if [ -n "${AGENT_RELAY_CAPS:-}" ]; then
-    AR_CAPS_JSON=$(ar_csv_json "$AGENT_RELAY_CAPS")
-  else
-    AR_CAPS_JSON=$(ar_profile_array capabilities)
-    if [ "$AR_CAPS_JSON" = "[]" ]; then AR_CAPS_JSON='["chat"]'; fi
-  fi
-
-  if [ -n "${AGENT_RELAY_TAGS:-}" ]; then
-    extra_tags=$(ar_csv_json "$AGENT_RELAY_TAGS")
-  else
-    extra_tags=$(ar_profile_array tags)
-  fi
-  AR_TAGS_JSON=$(jq -n --arg provider "$provider" --arg rig "$rig" --arg project "$project" --argjson extra "$extra_tags" \
-    '[$provider, $rig, $project] + $extra | map(select(length > 0)) | reduce .[] as $x ([]; if index($x) then . else . + [$x] end)')
-
-  if [ -n "${AGENT_RELAY_CHANNELS:-}" ]; then
-    AR_CHANNELS_JSON=$(ar_csv_json "$AGENT_RELAY_CHANNELS")
-  else
-    AR_CHANNELS_JSON=$(ar_profile_array channels)
-  fi
-
-  AR_LABEL="${AGENT_RELAY_LABEL:-$(ar_profile_value label)}"
-  AR_APPROVAL="${AGENT_RELAY_APPROVAL:-$(ar_profile_value approval)}"
-  AR_APPROVAL="${AR_APPROVAL:-open}"
-  case "$AR_APPROVAL" in
-    open|guarded|read-only) ;;
-    *) AR_APPROVAL="open" ;;
-  esac
-  profile_meta=$(printf '%s' "$AR_PROFILE_JSON" | jq -c 'if (.meta | type) == "object" then .meta else {} end' 2>/dev/null || printf '{}')
-  AR_META_JSON=$(jq -n \
-    --arg provider "$provider" \
-    --arg cwd "${PWD:-}" \
-    --arg approval "$AR_APPROVAL" \
-    --arg profile "$AR_PROFILE_NAME" \
-    --argjson channels "$AR_CHANNELS_JSON" \
-    --argjson profileMeta "$profile_meta" \
-    '$profileMeta + {provider: $provider, cwd: $cwd, approvalMode: $approval, channels: $channels} + (if $profile != "" then {profile: $profile} else {} end)')
-}
-
-ar_message_matches_channels() {
-  local msg="$1"
-  printf '%s' "$msg" | jq -r --argjson channels "${AR_CHANNELS_JSON:-[]}" \
-    '(.channel // "") as $ch | if (($channels | length) == 0) or ($ch == "") or (($channels | index($ch)) != null) then "true" else "false" end'
-}

package/hooks/relay-monitor.sh

@@ -1,209 +0,0 @@
-#!/usr/bin/env bash
-# Agent Relay — self-contained native monitor
-# Registers this session as an agent, outputs messaging context, then polls inbox.
-# Runs automatically via monitors.json — no user interaction required.
-# CLAUDE_CODE_SESSION_ID = stable session key for state file coordination between monitor and hooks.
-
-if [ "${AGENT_RELAY_DISABLED:-}" = "1" ]; then
-  exit 0
-fi
-
-RELAY_URL="${AGENT_RELAY_URL:-http://localhost:4850}"
-script_dir=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
-source "${script_dir}/profile-lib.sh"
-plugin_root="${CLAUDE_PLUGIN_ROOT:-$(cd "${script_dir}/.." && pwd)}"
-PLUGIN_VERSION=$(
-  jq -r '.version // empty' "${plugin_root}/.claude-plugin/plugin.json" 2>/dev/null ||
-    jq -r '.version // empty' "${plugin_root}/package.json" 2>/dev/null ||
-    true
-)
-PLUGIN_VERSION="${PLUGIN_VERSION:-unknown}"
-auth_header_args=()
-auth_header_example=' ${AGENT_RELAY_TOKEN:+-H "X-Agent-Relay-Token: ${AGENT_RELAY_TOKEN}"}'
-if [ -n "${AGENT_RELAY_TOKEN:-}" ]; then
-  auth_header_args=(-H "X-Agent-Relay-Token: ${AGENT_RELAY_TOKEN}")
-fi
-
-# --- Compute agent identity ---
-machine=$(hostname)
-project=$(basename "${PWD:-unknown}")
-
-if [ -n "$CLAUDE_RIG_NAME" ]; then
-  rig="$CLAUDE_RIG_NAME"
-elif [ -n "$CLAUDE_CONFIG_DIR" ]; then
-  rig=$(basename "$CLAUDE_CONFIG_DIR")
-else
-  rig="default"
-fi
-ar_init_profile "claude" "$rig" "$project"
-
-session_key="${CLAUDE_CODE_SESSION_ID:-$PPID}"
-safe_session_key=$(printf '%s' "$session_key" | sed 's/[^A-Za-z0-9_.:-]/_/g')
-if command -v shasum >/dev/null 2>&1; then
-  short_pid=$(printf '%s' "$session_key" | shasum -a 1 | head -c 6)
-elif command -v sha1sum >/dev/null 2>&1; then
-  short_pid=$(printf '%s' "$session_key" | sha1sum | head -c 6)
-else
-  short_pid=$(printf '%s' "$session_key" | md5sum | head -c 6)
-fi
-agent_id="${machine}-${rig}-${project}-${short_pid}"
-
-# --- Clean up previous agent from this instance ---
-instance_state="/tmp/agent-relay-instance-${session_key}.state"
-if [ -f "$instance_state" ]; then
-  old_agent_id=$(head -1 "$instance_state" 2>/dev/null)
-  if [ -n "$old_agent_id" ] && [ "$old_agent_id" != "$agent_id" ]; then
-    old_pid_file="/tmp/agent-relay-poll-${old_agent_id}.pid"
-    if [ -f "$old_pid_file" ]; then
-      old_pid=$(cat "$old_pid_file" 2>/dev/null)
-      if [ -n "$old_pid" ] && kill -0 "$old_pid" 2>/dev/null; then
-        kill "$old_pid" 2>/dev/null
-      fi
-      rm -f "$old_pid_file"
-    fi
-    curl -s -o /dev/null -X PATCH "${RELAY_URL}/api/agents/${old_agent_id}/status" "${auth_header_args[@]}" \
-      -H 'Content-Type: application/json' -d '{"status":"offline"}' 2>/dev/null
-  fi
-fi
-printf '%s\n' "$agent_id" > "$instance_state"
-
-context_dir="${HOME:-/tmp}/.agent-relay/contexts"
-context_path="${context_dir}/${safe_session_key}.json"
-mkdir -p "$context_dir" 2>/dev/null || true
-jq -n \
-  --arg agentId "$agent_id" \
-  --arg relayUrl "$RELAY_URL" \
-  --arg cwd "${PWD:-}" \
-  --arg session "$session_key" \
-  --arg updatedAt "$(date -u +%Y-%m-%dT%H:%M:%SZ)" \
-  '{
-    version: 1,
-    agentId: $agentId,
-    provider: "claude",
-    relayUrl: $relayUrl,
-    cwd: $cwd,
-    matchEnv: [{name: "CLAUDE_CODE_SESSION_ID", value: $session}],
-    updatedAt: $updatedAt
-  }' > "$context_path" 2>/dev/null || true
-
-reg_code=$(curl -s -o /dev/null -w '%{http_code}' -X POST "${RELAY_URL}/api/agents" "${auth_header_args[@]}" \
-  -H 'Content-Type: application/json' \
-  -d "$(jq -n \
-    --arg id "$agent_id" \
-    --arg name "$project ($rig @ $machine)" \
-    --arg machine "$machine" \
-    --arg rig "$rig" \
-    --arg label "$AR_LABEL" \
-    --argjson tags "$AR_TAGS_JSON" \
-    --argjson caps "$AR_CAPS_JSON" \
-    --argjson meta "$AR_META_JSON" \
-    '{id: $id, name: $name, machine: $machine, rig: $rig, tags: $tags, capabilities: $caps, status: "online", meta: $meta} + (if $label != "" then {label: $label} else {} end)'
-  )" 2>/dev/null)
-
-if [ "$reg_code" != "201" ] && [ "$reg_code" != "200" ]; then
-  echo "warn: agent-relay register failed (HTTP ${reg_code:-none}) — ${RELAY_URL}" >&2
-fi
-
-# --- Check server version ---
-server_version=$(curl -s "${auth_header_args[@]}" "${RELAY_URL}/api/stats" 2>/dev/null | jq -r '.version // empty' 2>/dev/null)
-version_warning=""
-if [ -z "$server_version" ]; then
-  version_warning="⚠ Server does not report its version — consider updating: agent-relay upgrade"
-elif [ "$PLUGIN_VERSION" = "unknown" ]; then
-  version_warning="⚠ Version mismatch — server ${server_version}, plugin unknown. Restart Claude Code or update the Agent Relay plugin."
-elif [ "$server_version" != "$PLUGIN_VERSION" ]; then
-  version_warning="⚠ Version mismatch — server ${server_version}, plugin ${PLUGIN_VERSION}. Update/restart Agent Relay server and plugin so the versions match."
-fi
-
-# --- Output context (first stdout = notification injected into conversation) ---
-approval_note=""
-case "$AR_APPROVAL" in
-  guarded) approval_note=" — destructive ops (rm, mv, chmod, kill, force-push) are blocked" ;;
-  read-only) approval_note=" — observe/analyze/report only, no file writes or mutation commands" ;;
-esac
-
-cat <<CONTEXT
-Agent Relay active. Your agent ID: ${agent_id}
-Relay URL: ${RELAY_URL} | Server: ${server_version:-unknown} | Plugin: ${PLUGIN_VERSION}
-Profile: ${AR_PROFILE_NAME:-none} | Label: ${AR_LABEL:-none}
-Tags: $(printf '%s' "$AR_TAGS_JSON" | jq -r 'join(", ")') | Capabilities: $(printf '%s' "$AR_CAPS_JSON" | jq -r 'join(", ")')
-Channels: $(printf '%s' "$AR_CHANNELS_JSON" | jq -r 'if length == 0 then "all" else join(", ") end')
-Approval mode: ${AR_APPROVAL}${approval_note}
-
-To send a message:
-  curl -s -X POST ${RELAY_URL}/api/messages${auth_header_example} -H 'Content-Type: application/json' -d '{"from":"${agent_id}","to":"TARGET","body":"MESSAGE"}'
-  TARGET: agent-id (direct), tag:NAME (by tag), cap:NAME (by capability), label:NAME (by human-set label, fan-out), broadcast (all)
-
-To rename yourself (set a short, human-friendly label so the user can refer to you easily):
-  curl -s -X PATCH ${RELAY_URL}/api/agents/${agent_id}/label${auth_header_example} -H 'Content-Type: application/json' -d '{"label":"backend fixing"}'
-  When the user tells you to rename yourself ("call yourself X", "rename to X"), call this endpoint.
-  Labels are NOT unique — if multiple sessions share a label, \`to: "label:X"\` fans out to all of them.
-  Use \`to: "label:backend fixing"\` when the user says "tell 'backend fixing' to do Y".
-
-To reply to a message (threading):
-  curl -s -X POST ${RELAY_URL}/api/messages${auth_header_example} -H 'Content-Type: application/json' -d '{"from":"${agent_id}","to":"TARGET","body":"MESSAGE","replyTo":MSG_ID}'
-  Always use replyTo when responding to a specific message — it creates a thread.
-  The inbox monitor prefixes each message with [msg:ID] — parse the ID from there.
-  Message etiquette: when another agent messages you, send a short acknowledgement or status reply unless the message is obvious spam/noise.
-  Anti-loop rule: do not auto-reply to pure acknowledgements, "thanks", or "received" messages; acknowledge once, then only send follow-ups when there is new work, a decision, or a deliverable.
-
-To send a claimable task (only one agent can claim it):
-  curl -s -X POST ${RELAY_URL}/api/messages${auth_header_example} -H 'Content-Type: application/json' -d '{"from":"${agent_id}","to":"cap:review","kind":"task","body":"TASK","claimable":true,"payload":{"title":"TASK"}}'
-
-To claim a task:
-  curl -s -X POST ${RELAY_URL}/api/messages/MSG_ID/claim${auth_header_example} -H 'Content-Type: application/json' -d '{"agentId":"${agent_id}"}'
-  When you see a claimable message, claim it BEFORE starting work. If claim fails, someone else got it — move on.
-
-To view a thread:
-  curl -s${auth_header_example} '${RELAY_URL}/api/messages/MSG_ID/thread'
-
-To check messages:
-  curl -s${auth_header_example} '${RELAY_URL}/api/messages?for=${agent_id}&unread=true'
-
-To mark read:
-  curl -s -X PATCH ${RELAY_URL}/api/messages/ID${auth_header_example} -H 'Content-Type: application/json' -d '{"readBy":"${agent_id}"}'
-  The inbox monitor marks read after it successfully delivers a message to Claude. The Stop hook retries any failed read acknowledgements.
-
-To find agents by capability:
-  curl -s${auth_header_example} '${RELAY_URL}/api/agents/find?capability=review'
-
-To list online agents:
-  curl -s${auth_header_example} '${RELAY_URL}/api/agents?status=online'
-
-To pair with one available agent for focused two-party live collaboration:
-  If the user types "/pair codex", "/pair status", "/pair send PAIR_ID MESSAGE", "/disconnect", "/status", "/label LABEL", or "/tags TAGS", run the matching agent-relay CLI command.
-  agent-relay /pair codex "WORK TO SOLVE TOGETHER"
-  agent-relay /pair status
-  agent-relay /pair send PAIR_ID "MESSAGE"
-  agent-relay /disconnect
-  agent-relay /status
-  agent-relay /label backend-fixer
-  agent-relay /tags backend tests urgent
-  If the CLI is unavailable, use the API directly:
-  curl -s -X POST ${RELAY_URL}/api/pairs${auth_header_example} -H 'Content-Type: application/json' -d '{"from":"${agent_id}","target":"codex","objective":"WORK TO SOLVE TOGETHER"}'
-  Accept an incoming pair invite: curl -s -X POST ${RELAY_URL}/api/pairs/PAIR_ID/accept${auth_header_example} -H 'Content-Type: application/json' -d '{"agentId":"${agent_id}"}'
-  Send pair chat: curl -s -X POST ${RELAY_URL}/api/pairs/PAIR_ID/messages${auth_header_example} -H 'Content-Type: application/json' -d '{"from":"${agent_id}","body":"MESSAGE"}'
-  Hang up: curl -s -X POST ${RELAY_URL}/api/pairs/PAIR_ID/hangup${auth_header_example} -H 'Content-Type: application/json' -d '{"agentId":"${agent_id}"}'
-  Pairing is exclusive: one agent can have only one pending or active pair.
-
-System messages:
-  Messages prefixed with "⚠ SYSTEM" are relay-level instructions (e.g. plugin updates, restart requests).
-  When you see one, follow the instruction immediately — for example, restart the inbox monitor if asked.
-CONTEXT
-
-if [ -n "$version_warning" ]; then
-  echo ""
-  echo "$version_warning"
-fi
-
-# --- Check for unread messages ---
-unread=$(curl -s --fail "${auth_header_args[@]}" "${RELAY_URL}/api/messages?for=${agent_id}&unread=true" 2>/dev/null)
-unread_count=$(echo "$unread" | jq 'length' 2>/dev/null || echo "0")
-if [ "$unread_count" -gt 0 ] 2>/dev/null && [ "$unread_count" != "0" ]; then
-  echo ""
-  echo "${unread_count} unread message(s):"
-  echo "$unread" | jq -r '.[] | "  [\(.from)] \(.subject // "(no subject)"): \(.body | if length > 120 then .[:120] + "..." else . end)"'
-fi
-
-# --- Start poll loop ---
-exec "$(dirname "$0")/poll-inbox.sh" "$RELAY_URL" "$agent_id" 10

package/hooks/session-end.sh

@@ -1,48 +0,0 @@
-#!/usr/bin/env bash
-# Agent Relay plugin — SessionEnd hook
-# Marks this session's agent as offline using state file written by relay-monitor.
-
-if [ "${AGENT_RELAY_DISABLED:-}" = "1" ]; then
-  exit 0
-fi
-
-RELAY_URL="${AGENT_RELAY_URL:-http://localhost:4850}"
-auth_header_args=()
-if [ -n "${AGENT_RELAY_TOKEN:-}" ]; then
-  auth_header_args=(-H "X-Agent-Relay-Token: ${AGENT_RELAY_TOKEN}")
-fi
-input=$(cat)
-session_key="${CLAUDE_CODE_SESSION_ID:-}"
-if [ -z "$session_key" ] && [ -n "$input" ]; then
-  session_key=$(printf '%s' "$input" | jq -r '.session_id // empty' 2>/dev/null)
-fi
-if [ -z "$session_key" ]; then
-  exit 0
-fi
-instance_state="/tmp/agent-relay-instance-${session_key}.state"
-safe_session_key=$(printf '%s' "$session_key" | sed 's/[^A-Za-z0-9_.:-]/_/g')
-context_path="${HOME:-/tmp}/.agent-relay/contexts/${safe_session_key}.json"
-
-if [ -f "$instance_state" ]; then
-  agent_id=$(head -1 "$instance_state" 2>/dev/null)
-fi
-
-if [ -n "${agent_id:-}" ]; then
-  poll_pid_file="/tmp/agent-relay-poll-${agent_id}.pid"
-  if [ -f "$poll_pid_file" ]; then
-    poll_pid=$(cat "$poll_pid_file" 2>/dev/null)
-    if [ -n "$poll_pid" ] && kill -0 "$poll_pid" 2>/dev/null; then
-      kill "$poll_pid" 2>/dev/null
-    fi
-    rm -f "$poll_pid_file"
-  fi
-  printf 'offline\n' > "/tmp/agent-relay-status-${agent_id}.state"
-  curl -s -X PATCH "${RELAY_URL}/api/agents/${agent_id}/status" "${auth_header_args[@]}" \
-    -H 'Content-Type: application/json' \
-    -d '{"status":"offline"}' \
-    > /dev/null 2>&1 &
-  [ -n "$instance_state" ] && [ -f "$instance_state" ] && rm -f "$instance_state"
-  [ -f "$context_path" ] && rm -f "$context_path"
-fi
-
-exit 0

package/hooks/set-status.sh

@@ -1,65 +0,0 @@
-#!/usr/bin/env bash
-# Agent Relay plugin — status update helper for Claude turn hooks.
-# Usage: set-status.sh <online|idle|busy|offline>
-
-if [ "${AGENT_RELAY_DISABLED:-}" = "1" ]; then
-  exit 0
-fi
-
-status="${1:-}"
-case "$status" in
-  online|idle|busy|offline) ;;
-  *) exit 0 ;;
-esac
-
-RELAY_URL="${AGENT_RELAY_URL:-http://localhost:4850}"
-auth_header_args=()
-if [ -n "${AGENT_RELAY_TOKEN:-}" ]; then
-  auth_header_args=(-H "X-Agent-Relay-Token: ${AGENT_RELAY_TOKEN}")
-fi
-input=$(cat)
-session_key="${CLAUDE_CODE_SESSION_ID:-}"
-if [ -z "$session_key" ] && [ -n "$input" ]; then
-  session_key=$(printf '%s' "$input" | jq -r '.session_id // empty' 2>/dev/null)
-fi
-if [ -z "$session_key" ]; then
-  exit 0
-fi
-instance_state="/tmp/agent-relay-instance-${session_key}.state"
-
-if [ ! -f "$instance_state" ]; then
-  exit 0
-fi
-
-agent_id=$(head -1 "$instance_state" 2>/dev/null || true)
-if [ -z "$agent_id" ]; then
-  exit 0
-fi
-
-printf '%s\n' "$status" > "/tmp/agent-relay-status-${agent_id}.state"
-
-curl -s -o /dev/null -X PATCH "${RELAY_URL}/api/agents/${agent_id}/status" "${auth_header_args[@]}" \
-  -H 'Content-Type: application/json' \
-  -d "{\"status\":\"${status}\"}" \
-  2>/dev/null || true
-
-if [ "$status" = "idle" ]; then
-  delivered_file="/tmp/agent-relay-delivered-${agent_id}.queue"
-  if [ -s "$delivered_file" ]; then
-    processing_file="${delivered_file}.$$"
-    if mv "$delivered_file" "$processing_file" 2>/dev/null; then
-      sort -n -u "$processing_file" | while IFS= read -r mid; do
-        case "$mid" in
-          ''|*[!0-9]*) continue ;;
-        esac
-        curl -s -o /dev/null -X PATCH "${RELAY_URL}/api/messages/${mid}" "${auth_header_args[@]}" \
-          -H 'Content-Type: application/json' \
-          -d "{\"readBy\":\"${agent_id}\"}" \
-          2>/dev/null || printf '%s\n' "$mid" >> "$delivered_file"
-      done
-      rm -f "$processing_file"
-    fi
-  fi
-fi
-
-exit 0

package/monitors/monitors.json

@@ -1,7 +0,0 @@
-[
-  {
-    "name": "agent-relay-inbox",
-    "command": "bash \"${CLAUDE_PLUGIN_ROOT}/hooks/relay-monitor.sh\"",
-    "description": "Agent Relay inbox"
-  }
-]