agent-relay-server 0.10.21 → 0.10.23

package/docs/openapi.json

@@ -2,7 +2,7 @@
   "openapi": "3.1.0",
   "info": {
     "title": "Agent Relay API",
-    "version": "0.10.20",
+    "version": "0.10.21",
     "description": "Real-time message bus for inter-agent communication. Agent-first: this spec is designed for machine consumption — agents can self-discover the full API surface via GET /api/spec.",
     "license": {
       "name": "MIT",
@@ -1737,6 +1737,96 @@
         ]
       }
     },
+    "/api/agents/{id}/prompt": {
+      "post": {
+        "operationId": "postAgentPrompt",
+        "summary": "Inject a prompt into a live agent",
+        "tags": [
+          "Agents"
+        ],
+        "description": "Injects a prompt directly into a runner-managed agent's provider session via the live-session lane. Creates a session message for the timeline and emits a prompt.inject bus command. The agent does not consume a relay message — the text goes straight into the provider stdin. Use for agents with liveSession.inject capability.",
+        "parameters": [
+          {
+            "name": "id",
+            "in": "path",
+            "required": true,
+            "schema": {
+              "type": "string"
+            }
+          }
+        ],
+        "requestBody": {
+          "required": true,
+          "content": {
+            "application/json": {
+              "schema": {
+                "type": "object",
+                "properties": {
+                  "body": {
+                    "type": "string"
+                  }
+                }
+              }
+            }
+          }
+        },
+        "responses": {
+          "200": {
+            "description": "Success",
+            "content": {
+              "application/json": {}
+            }
+          },
+          "201": {
+            "description": "Created",
+            "content": {
+              "application/json": {}
+            }
+          },
+          "400": {
+            "description": "Bad request",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/Error"
+                }
+              }
+            }
+          },
+          "404": {
+            "description": "Not found",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/Error"
+                }
+              }
+            }
+          },
+          "422": {
+            "description": "Unprocessable entity",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/Error"
+                }
+              }
+            }
+          }
+        },
+        "security": [
+          {
+            "bearerAuth": []
+          },
+          {
+            "tokenHeader": []
+          },
+          {
+            "tokenQuery": []
+          }
+        ]
+      }
+    },
     "/api/agents/{id}/permission-decision": {
       "post": {
         "operationId": "postAgentPermissionDecision",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agent-relay-server",
-  "version": "0.10.21",
+  "version": "0.10.23",
   "description": "Lightweight HTTP message relay for inter-agent communication across machines",
   "module": "src/index.ts",
   "type": "module",

package/public/index.html

@@ -12861,15 +12861,18 @@ var useRelayStore = create$1()(persist((set, get) => ({
 		if (!body.trim() && attachments.length === 0 || get().chatSending) return;
 		set({ chatSending: true });
 		try {
-			const payload = {
-				from: HUMAN_AGENT_ID,
-				to: thread.peer,
-				body: body.trim() || "Attachment"
-			};
-			if (thread.lastMessage?.channel) payload.channel = thread.lastMessage.channel;
-			if (thread.lastMessage?.id) payload.replyTo = thread.lastMessage.id;
-			if (attachments.length) payload.payload = { attachments };
-			await api("POST", "/messages", payload);
+			if (get().agentsById[thread.peer]?.providerCapabilities?.liveSession?.inject && attachments.length === 0) await api("POST", "/agents/" + encodeURIComponent(thread.peer) + "/prompt", { body: body.trim() });
+			else {
+				const payload = {
+					from: HUMAN_AGENT_ID,
+					to: thread.peer,
+					body: body.trim() || "Attachment"
+				};
+				if (thread.lastMessage?.channel) payload.channel = thread.lastMessage.channel;
+				if (thread.lastMessage?.id) payload.replyTo = thread.lastMessage.id;
+				if (attachments.length) payload.payload = { attachments };
+				await api("POST", "/messages", payload);
+			}
 			const next = { ...get().inboxDrafts };
 			delete next[thread.peer];
 			set({ inboxDrafts: next });

package/scripts/orchestrator-spawn-smoke.ts

@@ -1,4 +1,6 @@
 #!/usr/bin/env bun
+import { hostname } from "node:os";
+
 type Orchestrator = {
   id: string;
   status: string;
@@ -20,7 +22,11 @@ type Agent = {
 const args = process.argv.slice(2);
 let relayUrl = process.env.AGENT_RELAY_URL || "http://127.0.0.1:4850";
 let orchestratorId = process.env.AGENT_RELAY_SMOKE_ORCHESTRATOR || "";
-let cwd = process.env.AGENT_RELAY_SMOKE_CWD || process.cwd();
+// Default cwd is resolved from the selected orchestrator's baseDir below, not
+// the local process.cwd() — the chosen orchestrator may be on a different host
+// (e.g. macOS macmini with /Users/admin/projects) where a local Linux path
+// fails cwd containment.
+let cwd = process.env.AGENT_RELAY_SMOKE_CWD || "";
 let timeoutMs = Number(process.env.AGENT_RELAY_SMOKE_TIMEOUT_MS || 90_000);
 let providers = (process.env.AGENT_RELAY_SMOKE_PROVIDERS || "codex,claude").split(",").filter(Boolean);
 
@@ -86,12 +92,30 @@ function findSpawnedAgent(agents: Agent[], provider: string, label: string, star
 }
 
 const orchestrators = await api<Orchestrator[]>("GET", "/orchestrators");
+// Default selection prefers the orchestrator on the same host as the relay (the
+// gate runs there): a local spawn is faster and avoids cross-host teardown
+// flakiness. Fall back to any online orchestrator. An explicit --orchestrator
+// always wins — pair it with --cwd (or rely on the baseDir default below) to
+// target a remote host such as a macOS macmini.
+const onlineOrchestrators = orchestrators.filter((orch) => orch.status === "online");
+const localOrchestrator = onlineOrchestrators.find((orch) => orch.id === hostname());
 const orchestrator = orchestratorId
   ? orchestrators.find((orch) => orch.id === orchestratorId)
-  : orchestrators.find((orch) => orch.status === "online");
+  : localOrchestrator ?? onlineOrchestrators[0];
 if (!orchestrator) throw new Error(orchestratorId ? `orchestrator not found: ${orchestratorId}` : "no online orchestrator found");
 if (orchestrator.status !== "online") throw new Error(`orchestrator ${orchestrator.id} is ${orchestrator.status}`);
 
+// Resolve the spawn cwd against the chosen orchestrator's own base directory so
+// the smoke works regardless of which host runs it. An explicit --cwd / env
+// override still wins (and is subject to the orchestrator's containment check).
+if (!cwd) {
+  if (!orchestrator.baseDir) {
+    throw new Error(`orchestrator ${orchestrator.id} did not report a baseDir; pass --cwd or set AGENT_RELAY_SMOKE_CWD`);
+  }
+  cwd = orchestrator.baseDir;
+}
+console.log(`using cwd ${cwd} on ${orchestrator.id} (base ${orchestrator.baseDir})`);
+
 for (const provider of providers) {
   if (!orchestrator.providers.includes(provider)) {
     console.log(`skip ${provider}: orchestrator ${orchestrator.id} does not support it`);

package/src/db.ts

@@ -4085,7 +4085,7 @@ export function pollMessages(query: PollQuery): Message[] {
 }
 
 function messageRequiresReply(message: Message): boolean {
-  if (message.kind === "system" || message.kind === "control") return false;
+  if (message.kind === "system" || message.kind === "control" || message.kind === "session") return false;
   if (message.from === "user") return true;
   if (message.kind === "task" || message.kind === "channel.event") return true;
   return Boolean(message.payload?.source);
@@ -4133,7 +4133,7 @@ function replyObligationFromMessage(message: Message, agentId: string): ReplyObl
     ...(message.channel ? { channel: message.channel } : {}),
     bodyPreview: message.body.length > 240 ? `${message.body.slice(0, 240)}\n[truncated]` : message.body,
     createdAt: message.createdAt,
-    replyCommand: `agent-relay /reply ${message.id} --stdin < response.md`,
+    replyCommand: `agent-relay /reply ${message.id} --stdin < .agent-relay/sessions/${agentId}/tmp/reply.md`,
   };
 }
 

package/src/routes.ts

@@ -2333,6 +2333,52 @@ const postAgentAction: Handler = async (req, params) => {
   }
 };
 
+const postAgentPrompt: Handler = async (req, params) => {
+  const parsed = await parseBody<unknown>(req);
+  if (!parsed.ok) return error(parsed.error, parsed.status);
+  try {
+    if (!isRecord(parsed.body)) return error("body required");
+    const body = cleanString(parsed.body.body, "body", { required: true, max: 100_000 })!;
+    const agent = getAgent(params.id!);
+    if (!agent) return error("agent not found", 404);
+    if (agent.status === "offline") return error("agent is offline", 422);
+    const denied = authorizeRoute(req, {
+      scope: "message:send",
+      resource: { target: agent.id, agentId: "user" },
+    });
+    if (denied) return denied;
+    const message = sendMessage({
+      from: "user",
+      to: agent.id,
+      kind: "session",
+      body,
+    });
+    const command = createCommand({
+      type: "prompt.inject",
+      source: "dashboard",
+      target: agent.id,
+      params: { body, messageId: message.id },
+    });
+    emitCommand(command);
+    emitNewMessage(message);
+    auditEvent({
+      clientId: "server-prompt-inject-" + message.id,
+      kind: "message",
+      title: "Prompt injected",
+      body,
+      meta: `user -> ${agent.id}`,
+      icon: "ti-message-bolt",
+      view: "messages",
+      messageId: message.id,
+      agentId: agent.id,
+    });
+    return json({ ok: true, messageId: message.id, commandId: command.id }, 201);
+  } catch (e) {
+    if (e instanceof ValidationError) return error(e.message, 400);
+    throw e;
+  }
+};
+
 const postAgentPermissionDecision: Handler = async (req, params) => {
   const parsed = await parseBody<unknown>(req);
   if (!parsed.ok) return error(parsed.error, parsed.status);
@@ -4716,7 +4762,7 @@ const deleteCommandById: Handler = (_req, params) => {
 
 // --- Message routes ---
 
-const VALID_MSG_KINDS = ["chat", "channel.event", "task", "pair", "control", "system"];
+const VALID_MSG_KINDS = ["chat", "channel.event", "task", "pair", "control", "system", "session"];
 
 const getQueuedMessagesRoute: Handler = (req) => {
   const url = new URL(req.url);
@@ -4804,7 +4850,10 @@ const postMessage: Handler = async (req) => {
       resource: { target: input.to, channel: input.channel, agentId: input.from },
     });
     if (denied) return denied;
-    const bypassKinds = ["system", "control"];
+    // "session" = observed assistant turn (Phase 1 live-session lane). It is captured
+    // from the provider transcript and stored for the dashboard chat; it must persist
+    // regardless of target liveness and never be re-delivered into a session.
+    const bypassKinds = ["system", "control", "session"];
     if (isDirectTarget(input.to) && !bypassKinds.includes(input.kind ?? "")) {
       const target = getAgent(input.to);
       if (target && target.status === "offline") {
@@ -4850,7 +4899,7 @@ const postMessage: Handler = async (req) => {
 };
 
 function automaticMemoryTarget(message: { to: string; resolvedToAgent?: string; kind: string }): string | null {
-  if (message.kind === "system" || message.kind === "control") return null;
+  if (message.kind === "system" || message.kind === "control" || message.kind === "session") return null;
   const target = message.resolvedToAgent ?? message.to;
   if (!isDirectTarget(target)) return null;
   const agent = getAgent(target);
@@ -6136,6 +6185,7 @@ const routes: Route[] = [
   route("PATCH", "/api/agents/:id/tags", patchAgentTags),
   route("POST", "/api/agents/:id/heartbeat", postHeartbeat),
   route("POST", "/api/agents/:id/actions", postAgentAction),
+  route("POST", "/api/agents/:id/prompt", postAgentPrompt),
   route("POST", "/api/agents/:id/permission-decision", postAgentPermissionDecision),
   route("POST", "/api/agents/:id/terminal-session", postAgentTerminalSession),
   route("DELETE", "/api/agents/:id/terminal-session/:session", deleteAgentTerminalSession),