agent-relay-server 0.8.1 → 0.10.0

package/src/routes.ts

@@ -53,6 +53,7 @@ import {
   reapStaleAgents,
   reapStaleOrchestrators,
   releaseExpiredClaims,
+  releaseOrphanedTasks,
   validateAgentSession,
   upsertOrchestrator,
   getOrchestrator,
@@ -60,8 +61,13 @@ import {
   orchestratorHeartbeat,
   updateManagedAgents,
   deleteOrchestrator,
+  evaluatePoolBindings,
   ValidationError,
 } from "./db";
+import { createCommand, deleteCommand, expireCommands, getCommand, listCommands, updateCommand } from "./commands-db";
+import { getRecipe, listRecipes } from "./recipe-loader";
+import { applyCommandToRecipe, getRecipeInstance, listRecipeInstances, startRecipe, stopRecipe } from "./recipe-runner";
+import { createToken, getToken, listTokens, revokeToken } from "./token-db";
 import {
   getConnector,
   listConnectors,
@@ -70,9 +76,21 @@ import {
   runConnectorAction,
   writeConnectorConfig,
 } from "./connectors";
-import type { ActivityEventInput, ActivityKind, AgentCard, AgentKind, AgentSessionGuard, ChannelBinding, ChannelBindingMode, ChannelDirection, ChannelRouteTarget, ChannelSummary, CreatePairInput, IntegrationEventInput, IntegrationSummary, ManagedAgent, PairActionInput, PairMessageInput, PairStatus, RegisterAgentInput, RegisterOrchestratorInput, SendMessageInput, SpawnApprovalMode, SpawnProvider, TaskStatus, TaskStatusInput } from "./types";
+import {
+  createAutomation,
+  deleteAutomation,
+  getAutomation,
+  listAutomationRuns,
+  listAutomations,
+  runAutomationNow,
+  updateAutomation,
+  type AutomationDispatchResult,
+} from "./automations";
+import type { ActivityEventInput, ActivityKind, AgentCard, AgentKind, AgentSessionGuard, ChannelBinding, ChannelBindingMode, ChannelDirection, ChannelRouteTarget, ChannelSummary, Command, CommandStatus, CreateCommandInput, CreatePairInput, IntegrationEventInput, IntegrationSummary, ManagedAgent, OrchestratorRuntimeInput, PairActionInput, PairMessageInput, PairStatus, RegisterAgentInput, RegisterOrchestratorInput, SendMessageInput, SpawnApprovalMode, SpawnProvider, TaskStatus, TaskStatusInput } from "./types";
 import { getIntegrationTokens, INTEGRATION_RATE_LIMIT_PER_MINUTE, MAX_BODY_BYTES } from "./config";
-import { listHostDirectories, spawnCodexAgent, type CodexSpawnApprovalMode } from "./agent-spawn";
+import { listHostDirectories } from "./agent-spawn";
+import { defaultProviderConfig, loadProviderConfig, providerConfigPublic, writeProviderConfig } from "../runner/src/config";
+import type { ProviderConfig } from "../runner/src/adapter";
 import {
   getIntegrationAuth,
   hasIntegrationScope,
@@ -90,7 +108,9 @@ import {
   emitChannelActivity,
   emitOrchestratorStatus,
   emitOrchestratorRemoved,
+  emitPoolBindingChanged,
 } from "./sse";
+import { emitRelayEvent } from "./events";
 
 type Handler = (
   req: Request,
@@ -173,16 +193,17 @@ function parseQueryInt(
   return n;
 }
 
-const VALID_AGENT_STATUSES = ["online", "idle", "busy", "offline"] as const;
+const VALID_AGENT_STATUSES = ["online", "idle", "busy", "stale", "offline"] as const;
 const VALID_AGENT_KINDS = ["provider", "channel", "orchestrator", "system", "user"] as const;
-const VALID_CHANNEL_BINDING_TARGET_TYPES = ["agent", "label", "tag", "capability", "broadcast", "orchestrator"] as const;
-const VALID_CHANNEL_BINDING_MODES = ["exclusive", "claimable", "broadcast"] as const;
+const VALID_CHANNEL_BINDING_TARGET_TYPES = ["agent", "label", "tag", "capability", "broadcast", "orchestrator", "pool"] as const;
+const VALID_CHANNEL_BINDING_MODES = ["exclusive", "broadcast"] as const;
 const VALID_AGENT_ACTIONS = ["restart", "shutdown"] as const;
 const VALID_AGENT_SPAWN_PROVIDERS = ["codex"] as const;
 const VALID_CODEX_SPAWN_APPROVALS = ["open", "guarded", "read-only"] as const;
 const VALID_CONNECTOR_ACTIONS = ["install", "uninstall", "enable", "disable", "start", "stop", "restart", "status", "doctor"] as const;
 const VALID_TASK_SEVERITIES = ["info", "warning", "critical"] as const;
-const VALID_TASK_STATUSES = ["open", "claimed", "in_progress", "blocked", "done", "failed", "canceled"] as const;
+const VALID_TASK_STATUSES = ["open", "claimed", "in_progress", "blocked", "orphaned", "done", "failed", "canceled"] as const;
+const VALID_COMMAND_STATUSES = ["pending", "accepted", "running", "succeeded", "failed", "timed_out", "rejected", "canceled"] as const;
 const VALID_PAIR_STATUSES = ["pending", "active", "ended", "rejected", "expired"] as const;
 const VALID_ACTIVITY_KINDS = ["message", "reply", "question", "operator", "pair", "task", "state"] as const;
 const integrationRateBuckets = new Map<string, { windowStart: number; count: number }>();
@@ -230,6 +251,13 @@ function cleanMeta(value: unknown): Record<string, unknown> | undefined {
   return value;
 }
 
+function cleanParams(value: unknown, field = "params"): Record<string, unknown> | undefined {
+  if (value === undefined || value === null) return undefined;
+  if (!isRecord(value)) throw new ValidationError(`${field} must be an object`);
+  if (JSON.stringify(value).length > 65_536) throw new ValidationError(`${field} is too large`);
+  return value;
+}
+
 function cleanEnum<T extends readonly string[]>(
   value: unknown,
   field: string,
@@ -355,6 +383,11 @@ function normalizeMessageInput(body: unknown): SendMessageInput {
   return input;
 }
 
+const FANOUT_PREFIXES = ["tag:", "cap:", "label:"];
+function isDirectTarget(to: string): boolean {
+  return to !== "broadcast" && !FANOUT_PREFIXES.some((p) => to.startsWith(p));
+}
+
 function applyReplyRouting(input: SendMessageInput): void {
   if (input.to || !input.replyTo) return;
   const parent = getMessage(input.replyTo);
@@ -404,6 +437,7 @@ function normalizeChannelBindingInput(body: unknown): {
 }
 
 function routeTargetFromAddress(target: string): ChannelRouteTarget {
+  if (target.startsWith("pool:")) return { type: "pool", id: target.slice("pool:".length) };
   if (target.startsWith("label:")) return { type: "label", id: target.slice("label:".length) };
   if (target.startsWith("tag:")) return { type: "tag", id: target.slice("tag:".length) };
   if (target.startsWith("cap:")) return { type: "capability", id: target.slice("cap:".length) };
@@ -412,8 +446,12 @@ function routeTargetFromAddress(target: string): ChannelRouteTarget {
   return { type: "agent", id: target };
 }
 
-function messageTargetForChannelTarget(target: ChannelRouteTarget): string {
+function messageTargetForChannelTarget(target: ChannelRouteTarget, binding?: ChannelBinding): string {
   if (target.type === "orchestrator") throw new ValidationError("orchestrator channel targets are not supported yet");
+  if (target.type === "pool") {
+    if (!binding?.poolAgentId) throw new ValidationError("pool slot is unclaimed — no eligible agent available");
+    return binding.poolAgentId;
+  }
   if (target.type === "label") return `label:${target.id}`;
   if (target.type === "tag") return `tag:${target.id}`;
   if (target.type === "capability") return `cap:${target.id}`;
@@ -550,6 +588,53 @@ function normalizeIntegrationEvent(body: unknown): IntegrationEventInput {
   };
 }
 
+function channelIdFromIntegrationTarget(target: string): string | undefined {
+  if (!target.startsWith("channel:")) return undefined;
+  const channelId = target.slice("channel:".length).trim();
+  if (!channelId) throw new ValidationError("channel target id required");
+  return channelId;
+}
+
+function metadataWithResolvedChannelTarget(
+  metadata: Record<string, unknown> | undefined,
+  originalTarget: string,
+  channelId: string,
+  binding: ChannelBinding,
+): Record<string, unknown> {
+  return {
+    ...(metadata ?? {}),
+    relayRequestedTarget: originalTarget,
+    relayResolvedChannelId: channelId,
+    relayResolvedChannelBindingId: binding.id,
+  };
+}
+
+function resolveIntegrationEventTarget(input: IntegrationEventInput): IntegrationEventInput {
+  const channelId = channelIdFromIntegrationTarget(input.target);
+  if (!channelId) return input;
+
+  evaluatePoolBindings();
+  const channel = getChannel(channelId);
+  if (!channel) throw new ValidationError(`channel ${channelId} not found`);
+
+  const bindings = resolveChannelRoutes(channelId);
+  if (bindings.length === 0) throw new ValidationError(`channel ${channelId} has no binding`);
+  if (bindings.length > 1) throw new ValidationError(`channel ${channelId} has multiple bindings; integration channel targets must resolve to one backend agent`);
+
+  const binding = bindings[0]!;
+  const resolvedTarget = messageTargetForChannelTarget(binding.target, binding);
+  if (!getAgent(resolvedTarget)) {
+    throw new ValidationError(`channel ${channelId} binding resolves to ${resolvedTarget}; integration channel targets must resolve to one backend agent`);
+  }
+
+  return {
+    ...input,
+    target: resolvedTarget,
+    channel: input.channel ?? channelId,
+    metadata: metadataWithResolvedChannelTarget(input.metadata, input.target, channelId, binding),
+  };
+}
+
 function normalizeTaskStatusInput(body: unknown): TaskStatusInput {
   if (!isRecord(body)) throw new ValidationError("JSON object body required");
   const status = cleanEnum(body.status, "status", VALID_TASK_STATUSES);
@@ -754,10 +839,11 @@ function agentToChannel(agent: AgentCard): ChannelSummary {
 async function dispatchTaskCallbacks(taskId: number, eventType: string): Promise<void> {
   const task = getTask(taskId);
   if (!task) return;
+  const requestedTarget = typeof task.metadata?.relayRequestedTarget === "string" ? task.metadata.relayRequestedTarget : undefined;
   const integrations = getIntegrationTokens()
     .filter((integration) => integration.name === task.source)
     .filter((integration) => integration.callbackUrl)
-    .filter((integration) => !integration.targets?.length || integration.targets.includes(task.target))
+    .filter((integration) => !integration.targets?.length || integration.targets.includes(task.target) || Boolean(requestedTarget && integration.targets.includes(requestedTarget)))
     .filter((integration) => !integration.channels?.length || !task.channel || integration.channels.includes(task.channel));
 
   for (const integration of integrations) {
@@ -825,15 +911,6 @@ function auditAgentStateTransition(agentId: string, before: AgentCard | null | u
   });
 }
 
-function orchestratorControlMeta(control: Record<string, unknown>): Record<string, unknown> {
-  return {
-    delivery: "interrupt",
-    priority: "urgent",
-    // Legacy orchestrators read control details from message meta.
-    orchestratorControl: control,
-  };
-}
-
 // --- Agent routes ---
 
 const postAgent: Handler = async (req) => {
@@ -889,14 +966,14 @@ const patchAgentStatus: Handler = async (req, params) => {
   if (!parsed.ok) return error(parsed.error, parsed.status);
   const body = parsed.body;
   if (!body?.status) return error("status required");
-  const valid = ["online", "idle", "busy", "offline"];
-  if (!valid.includes(body.status)) return error(`status must be one of: ${valid.join(", ")}`);
+  const valid = VALID_AGENT_STATUSES;
+  if (!valid.includes(body.status as any)) return error(`status must be one of: ${valid.join(", ")}`);
   try {
     const guard = normalizeAgentSessionGuard(req, body);
     const session = validateAgentSession(params.id!, guard);
     if (!session.ok) return error(session.error!, agentSessionStatus(session.error));
     const before = getAgent(params.id!);
-    if (!setStatus(params.id!, body.status as any, guard)) return error("agent not found", 404);
+    if (!setStatus(params.id!, body.status as (typeof VALID_AGENT_STATUSES)[number], guard)) return error("agent not found", 404);
     auditAgentStateTransition(params.id!, before, getAgent(params.id!));
   } catch (e) {
     if (e instanceof ValidationError) return error(e.message, 400);
@@ -925,8 +1002,23 @@ const patchAgentLabel: Handler = async (req, params) => {
   if (!parsed.ok) return error(parsed.error, parsed.status);
   const body = parsed.body;
   if (body === null || !("label" in body)) return error("label field required (string or null)");
+  const before = getAgent(params.id!);
   if (!setLabel(params.id!, body.label)) return error("agent not found", 404);
   emitAgentStatus(params.id!);
+  const after = getAgent(params.id!);
+  if ((before?.label ?? null) !== (after?.label ?? null)) {
+    auditEvent({
+      clientId: "server-agent-" + params.id! + "-label-" + Date.now(),
+      kind: "state",
+      title: after?.label ? "Agent label set" : "Agent label cleared",
+      body: after?.label ?? before?.label ?? "",
+      meta: params.id!,
+      icon: "ti-tag",
+      view: "chat",
+      agentId: params.id!,
+      metadata: { field: "label", previous: before?.label ?? null, next: after?.label ?? null },
+    });
+  }
   return json({ ok: true });
 };
 
@@ -936,9 +1028,23 @@ const patchAgentTags: Handler = async (req, params) => {
   try {
     const tags = isRecord(parsed.body) ? cleanStringArray(parsed.body.tags, "tags") : undefined;
     if (!tags) return error("tags field required");
+    const before = getAgent(params.id!);
     const agent = setTags(params.id!, tags);
     if (!agent) return error("agent not found", 404);
     emitAgentStatus(params.id!);
+    if (JSON.stringify(before?.tags ?? []) !== JSON.stringify(agent.tags ?? [])) {
+      auditEvent({
+        clientId: "server-agent-" + params.id! + "-tags-" + Date.now(),
+        kind: "state",
+        title: "Agent tags updated",
+        body: (agent.tags || []).join(", "),
+        meta: params.id!,
+        icon: "ti-tags",
+        view: "chat",
+        agentId: params.id!,
+        metadata: { field: "tags", previous: before?.tags ?? [], next: agent.tags ?? [] },
+      });
+    }
     return json(agent);
   } catch (e) {
     if (e instanceof ValidationError) return error(e.message, 400);
@@ -980,7 +1086,8 @@ function agentCanReceiveControlAction(agent: AgentCard): boolean {
   return agent.id !== "user" &&
     agent.id !== "system" &&
     agent.meta?.kind !== "channel" &&
-    !agent.tags.includes("channel");
+    !agent.tags.includes("channel") &&
+    agent.meta?.runnerManaged === true;
 }
 
 const postAgentAction: Handler = async (req, params) => {
@@ -995,40 +1102,25 @@ const postAgentAction: Handler = async (req, params) => {
     if (!agentCanReceiveControlAction(agent)) return error("agent does not support dashboard control actions", 400);
 
     const title = action === "restart" ? "Agent restart requested" : "Agent shutdown requested";
-    const msg = sendMessage({
-      from: "system",
-      to: agent.id,
-      kind: "control",
-      subject: title,
-      body: action === "restart"
-        ? "Dashboard requested that this agent restart its relay-managed session now."
-        : "Dashboard requested that this agent shut down its relay-managed session now.",
-      payload: {
-        agentControl: {
-          action,
-          requestedBy: "dashboard",
-          requestedAt: Date.now(),
-        },
-      },
-      meta: {
-        delivery: "interrupt",
-        priority: "urgent",
-      },
+    const command = createCommand({
+      type: action === "restart" ? "agent.restart" : "agent.shutdown",
+      source: "system",
+      target: agent.id,
+      params: { action, agentId: agent.id, requestedBy: "dashboard", requestedAt: Date.now() },
     });
-    emitNewMessage(msg);
+    emitCommand(command);
     auditEvent({
-      clientId: "server-agent-" + agent.id + "-action-" + action + "-" + msg.id,
+      clientId: "server-agent-" + agent.id + "-action-" + action + "-" + command.id,
       kind: "state",
       title,
       body: action,
       meta: agent.id,
       icon: action === "restart" ? "ti-refresh" : "ti-power",
       view: "agents",
-      messageId: msg.id,
       agentId: agent.id,
-      metadata: { action },
+      metadata: { action, commandId: command.id },
     });
-    return json({ ok: true, action, message: msg }, 202);
+    return json({ ok: true, action, command }, 202);
   } catch (e) {
     if (e instanceof ValidationError) return error(e.message, 400);
     throw e;
@@ -1042,70 +1134,33 @@ const postAgentSpawn: Handler = async (req) => {
     if (!isRecord(parsed.body)) return error("provider required");
     const provider = cleanEnum(parsed.body.provider, "provider", [...VALID_AGENT_SPAWN_PROVIDERS, "claude"] as const);
     if (!provider) return error("provider required");
-    const approvalMode = cleanEnum(parsed.body.approvalMode, "approvalMode", VALID_CODEX_SPAWN_APPROVALS, "guarded") as CodexSpawnApprovalMode;
+    const approvalMode = cleanEnum(parsed.body.approvalMode, "approvalMode", VALID_CODEX_SPAWN_APPROVALS, "guarded") as SpawnApprovalMode;
     const cwd = cleanString(parsed.body.cwd, "cwd", { max: 500 });
     const label = cleanString(parsed.body.label, "label", { max: 120 });
 
-    // Check for an online orchestrator that supports this provider
     const orchestrators = listOrchestrators().filter(
       (o) => o.status === "online" && o.providers.includes(provider as SpawnProvider),
     );
-    if (orchestrators.length > 0) {
-      // Route through the first available orchestrator
-      const orch = orchestrators[0]!;
-      const control = { action: "spawn", provider, cwd, label, approvalMode, requestedBy: "dashboard", requestedAt: Date.now() };
-      const msg = sendMessage({
-        from: "system",
-        to: orch.agentId,
-        kind: "control",
-        subject: "Spawn agent",
-        body: `Spawn ${provider} agent${label ? ` (${label})` : ""}`,
-        payload: { orchestratorControl: control },
-        meta: orchestratorControlMeta(control),
-      });
-      emitNewMessage(msg);
-      auditEvent({
-        clientId: "server-agent-spawn-" + provider + "-" + Date.now(),
-        kind: "state",
-        title: `${provider} agent spawn requested (via ${orch.id})`,
-        body: cwd || orch.baseDir,
-        meta: orch.id,
-        icon: "ti-plus",
-        view: "agents",
-        metadata: { provider, orchestratorId: orch.id, approvalMode },
-      });
-      return json({ ok: true, orchestratorId: orch.id, provider, message: msg }, 202);
-    }
-
-    // Fallback: direct spawn for codex only (no orchestrator)
-    if (provider !== "codex") return error("no orchestrator available for provider: " + provider);
-    const relayUrl = process.env.AGENT_RELAY_SPAWN_RELAY_URL || process.env.AGENT_RELAY_URL || `http://127.0.0.1:${process.env.PORT || "4850"}`;
-    const token = req.headers.get("X-Agent-Relay-Token") ?? req.headers.get("Authorization")?.replace(/^Bearer\s+/i, "");
-    const result = spawnCodexAgent({
-      cwd,
-      approvalMode,
-      label,
-      relayUrl,
-      token: token || undefined,
-      dryRun: process.env.AGENT_RELAY_SPAWN_DRY_RUN === "1",
+    const orch = orchestrators[0];
+    if (!orch) return error("no orchestrator available for provider: " + provider);
+    const command = createCommand({
+      type: "agent.spawn",
+      source: "system",
+      target: orch.agentId,
+      params: { action: "spawn", provider, cwd, label, approvalMode, requestedBy: "dashboard", requestedAt: Date.now() },
     });
+    emitCommand(command);
     auditEvent({
-      clientId: "server-agent-spawn-codex-" + Date.now(),
+      clientId: "server-agent-spawn-" + provider + "-" + Date.now(),
       kind: "state",
-      title: "Codex agent spawn requested (direct)",
-      body: result.cwd,
-      meta: result.pid ? `pid ${result.pid}` : "dry run",
+      title: `${provider} agent spawn requested (via ${orch.id})`,
+      body: cwd || orch.baseDir,
+      meta: orch.id,
       icon: "ti-plus",
       view: "agents",
-      metadata: {
-        provider: result.provider,
-        approvalMode: result.approvalMode,
-        pid: result.pid ?? null,
-        logPath: result.logPath,
-        dryRun: result.dryRun === true,
-      },
+      metadata: { provider, orchestratorId: orch.id, approvalMode, commandId: command.id },
     });
-    return json(result, 202);
+    return json({ ok: true, orchestratorId: orch.id, provider, command }, 202);
   } catch (e) {
     if (e instanceof ValidationError) return error(e.message, 400);
     if (e instanceof Error) return error(e.message, 400);
@@ -1125,11 +1180,137 @@ const getHostDirectories: Handler = (req) => {
   }
 };
 
+// --- Recipe routes ---
+
+const getRecipes: Handler = () => {
+  return json(listRecipes().map((loaded) => ({
+    name: loaded.name,
+    source: loaded.source,
+    path: loaded.path,
+    recipe: loaded.recipe,
+  })));
+};
+
+const getRecipeByName: Handler = (_req, params) => {
+  const recipe = getRecipe(params.name!);
+  return recipe ? json(recipe) : error("recipe not found", 404);
+};
+
+const getRecipeInstances: Handler = (req) => {
+  const url = new URL(req.url);
+  const status = url.searchParams.get("status") ?? undefined;
+  return json(listRecipeInstances(status as any));
+};
+
+const getRecipeInstanceById: Handler = (_req, params) => {
+  const instance = getRecipeInstance(params.id!);
+  return instance ? json(instance) : error("recipe instance not found", 404);
+};
+
+const postRecipeStart: Handler = async (req) => {
+  const parsed = await parseBody<unknown>(req);
+  if (!parsed.ok) return error(parsed.error, parsed.status);
+  try {
+    if (!isRecord(parsed.body)) return error("recipe name required");
+    const name = cleanString(parsed.body.name ?? parsed.body.recipe, "name", { required: true, max: 120 })!;
+    const cwd = cleanString(parsed.body.cwd, "cwd", { max: 500 });
+    const orchestratorId = cleanString(parsed.body.orchestratorId, "orchestratorId", { max: 120 });
+    const startedBy = cleanString(parsed.body.startedBy, "startedBy", { max: 120 }) ?? "api";
+    const result = startRecipe({ name, cwd, orchestratorId, startedBy });
+    for (const command of result.commands) emitCommand(command);
+    auditEvent({
+      clientId: "server-recipe-start-" + result.instance.id,
+      kind: "state",
+      title: "Recipe started",
+      body: result.instance.recipeName,
+      meta: result.instance.id,
+      icon: "ti-play",
+      view: "activity",
+      metadata: { recipeInstanceId: result.instance.id, commands: result.commands.map((command) => command.id) },
+    });
+    return json(result, 202);
+  } catch (e) {
+    if (e instanceof ValidationError) return error(e.message, 400);
+    if (e instanceof Error) return error(e.message, 400);
+    throw e;
+  }
+};
+
+const postRecipeStop: Handler = async (req, params) => {
+  const parsed = await parseBody<unknown>(req);
+  if (!parsed.ok) return error(parsed.error, parsed.status);
+  try {
+    const stoppedBy = isRecord(parsed.body)
+      ? cleanString(parsed.body.stoppedBy, "stoppedBy", { max: 120 }) ?? "api"
+      : "api";
+    const result = stopRecipe(params.id!, stoppedBy);
+    for (const command of result.commands) emitCommand(command);
+    auditEvent({
+      clientId: "server-recipe-stop-" + result.instance.id + "-" + Date.now(),
+      kind: "state",
+      title: "Recipe stopped",
+      body: result.instance.recipeName,
+      meta: result.instance.id,
+      icon: "ti-player-stop",
+      view: "activity",
+      metadata: { recipeInstanceId: result.instance.id, commands: result.commands.map((command) => command.id) },
+    });
+    return json(result, 202);
+  } catch (e) {
+    if (e instanceof ValidationError) return error(e.message, 400);
+    if (e instanceof Error) return error(e.message, e.message.includes("not found") ? 404 : 400);
+    throw e;
+  }
+};
+
+// --- Token routes ---
+
+const getTokens: Handler = () => json(listTokens());
+
+const getTokenById: Handler = (_req, params) => {
+  const token = getToken(params.jti!);
+  return token ? json(token) : error("token not found", 404);
+};
+
+const postToken: Handler = async (req) => {
+  const parsed = await parseBody<unknown>(req);
+  if (!parsed.ok) return error(parsed.error, parsed.status);
+  try {
+    if (!isRecord(parsed.body)) return error("token body required");
+    const role = cleanString(parsed.body.role, "role", { required: true, max: 80 })!;
+    const sub = cleanString(parsed.body.sub, "sub", { max: 160 }) ?? role;
+    const scope = cleanStringArray(parsed.body.scope ?? parsed.body.scopes, "scope");
+    const createdBy = cleanString(parsed.body.createdBy, "createdBy", { max: 120 });
+    let ttlSeconds: number | undefined;
+    if (parsed.body.ttlSeconds !== undefined) {
+      if (typeof parsed.body.ttlSeconds !== "number" || !Number.isSafeInteger(parsed.body.ttlSeconds) || parsed.body.ttlSeconds <= 0) {
+        throw new ValidationError("ttlSeconds must be a positive integer");
+      }
+      ttlSeconds = parsed.body.ttlSeconds;
+    }
+    return json(createToken({ sub, role, scope, ttlSeconds, createdBy }), 201);
+  } catch (e) {
+    if (e instanceof ValidationError) return error(e.message, 400);
+    throw e;
+  }
+};
+
+const postTokenRevoke: Handler = (_req, params) => {
+  if (!revokeToken(params.jti!)) return error("token not found or already revoked", 404);
+  return json({ ok: true });
+};
+
 // --- Orchestrator routes ---
 
 const VALID_ORCHESTRATOR_PROVIDERS = ["claude", "codex"] as const;
 const VALID_SPAWN_APPROVALS = ["open", "guarded", "read-only"] as const;
 
+function cleanProtocolVersion(value: unknown): number | undefined {
+  if (value === undefined) return undefined;
+  if (typeof value === "number" && Number.isInteger(value) && value > 0) return value;
+  throw new ValidationError("protocolVersion must be a positive integer");
+}
+
 const postOrchestrator: Handler = async (req) => {
   const parsed = await parseBody<unknown>(req);
   if (!parsed.ok) return error(parsed.error, parsed.status);
@@ -1149,12 +1330,7 @@ const postOrchestrator: Handler = async (req) => {
     const envKeys = cleanStringArray(parsed.body.envKeys, "envKeys");
     const version = cleanString(parsed.body.version, "version", { max: 80 });
     const gitSha = cleanString(parsed.body.gitSha, "gitSha", { max: 80 });
-    const protocolVersionRaw = parsed.body.protocolVersion;
-    const protocolVersion = protocolVersionRaw === undefined
-      ? undefined
-      : typeof protocolVersionRaw === "number" && Number.isInteger(protocolVersionRaw) && protocolVersionRaw > 0
-        ? protocolVersionRaw
-        : (() => { throw new ValidationError("protocolVersion must be a positive integer"); })();
+    const protocolVersion = cleanProtocolVersion(parsed.body.protocolVersion);
     const meta = cleanMeta(parsed.body.meta);
     const orch = upsertOrchestrator({ id, hostname, providers: providers ?? ["claude", "codex"], baseDir, envKeys, version, protocolVersion, gitSha, meta });
     auditEvent({
@@ -1184,10 +1360,23 @@ const getOrchestratorById: Handler = (_req, params) => {
   return json(orch);
 };
 
-const postOrchestratorHeartbeat: Handler = (_req, params) => {
-  const orch = orchestratorHeartbeat(params.id!);
-  if (!orch) return error("orchestrator not found", 404);
-  return json({ ok: true });
+const postOrchestratorHeartbeat: Handler = async (req, params) => {
+  const parsed = await parseBody<unknown>(req);
+  if (!parsed.ok) return error(parsed.error, parsed.status);
+  try {
+    const body = isRecord(parsed.body) ? parsed.body : {};
+    const runtime: OrchestratorRuntimeInput = {
+      version: cleanString(body.version, "version", { max: 80 }),
+      protocolVersion: cleanProtocolVersion(body.protocolVersion),
+      gitSha: cleanString(body.gitSha, "gitSha", { max: 80 }),
+    };
+    const orch = orchestratorHeartbeat(params.id!, runtime);
+    if (!orch) return error("orchestrator not found", 404);
+    return json({ ok: true });
+  } catch (e) {
+    if (e instanceof ValidationError) return error(e.message, 400);
+    throw e;
+  }
 };
 
 const patchOrchestratorAgents: Handler = async (req, params) => {
@@ -1242,40 +1431,33 @@ const postOrchestratorSpawn: Handler = async (req, params) => {
     const approvalMode = cleanEnum(parsed.body.approvalMode, "approvalMode", VALID_SPAWN_APPROVALS, "guarded") as SpawnApprovalMode;
     const prompt = cleanString(parsed.body.prompt, "prompt", { max: 4000 });
 
-    // Send control message to orchestrator's agent inbox
-    const control = {
-      action: "spawn",
-      provider,
-      cwd: cwd || orch.baseDir,
-      label,
-      approvalMode,
-      prompt,
-      requestedBy: "dashboard",
-      requestedAt: Date.now(),
-    };
-    const msg = sendMessage({
-      from: "system",
-      to: orch.agentId,
-      kind: "control",
-      subject: "Spawn agent",
-      body: `Spawn ${provider} agent${label ? ` (${label})` : ""}`,
-      payload: {
-        orchestratorControl: control,
+    const command = createCommand({
+      type: "agent.spawn",
+      source: "system",
+      target: orch.agentId,
+      params: {
+        action: "spawn",
+        provider,
+        cwd: cwd || orch.baseDir,
+        label,
+        approvalMode,
+        prompt,
+        requestedBy: "dashboard",
+        requestedAt: Date.now(),
       },
-      meta: orchestratorControlMeta(control),
     });
-    emitNewMessage(msg);
+    emitCommand(command);
     auditEvent({
-      clientId: "server-orchestrator-spawn-" + orch.id + "-" + Date.now(),
+      clientId: "server-orchestrator-spawn-" + orch.id + "-" + command.id,
       kind: "state",
       title: `Spawn ${provider} agent requested`,
       body: cwd || orch.baseDir,
       meta: orch.id,
       icon: "ti-plus",
       view: "orchestrators",
-      metadata: { orchestratorId: orch.id, provider, approvalMode, label },
+      metadata: { orchestratorId: orch.id, provider, approvalMode, label, commandId: command.id },
     });
-    return json({ ok: true, orchestratorId: orch.id, message: msg }, 202);
+    return json({ ok: true, orchestratorId: orch.id, command }, 202);
   } catch (e) {
     if (e instanceof ValidationError) return error(e.message, 400);
     throw e;
@@ -1294,47 +1476,231 @@ const postOrchestratorAction: Handler = async (req, params) => {
     if (!action) return error("action required");
     const agentId = cleanString(parsed.body.agentId, "agentId", { max: 240 });
 
-    const control = {
-      action,
-      agentId,
-      requestedBy: "dashboard",
-      requestedAt: Date.now(),
-    };
-    const msg = sendMessage({
-      from: "system",
-      to: orch.agentId,
-      kind: "control",
-      subject: action === "restart" ? "Restart agent" : "Shutdown agent",
-      body: agentId ? `${action} ${agentId}` : `${action} all managed agents`,
-      payload: {
-        orchestratorControl: control,
-      },
-      meta: orchestratorControlMeta(control),
+    const command = createCommand({
+      type: action === "restart" ? "agent.restart" : "agent.shutdown",
+      source: "system",
+      target: agentId || orch.agentId,
+      params: { action, agentId, requestedBy: "dashboard", requestedAt: Date.now(), orchestratorId: orch.id },
     });
-    emitNewMessage(msg);
+    emitCommand(command);
     auditEvent({
-      clientId: "server-orchestrator-action-" + orch.id + "-" + action + "-" + Date.now(),
+      clientId: "server-orchestrator-action-" + orch.id + "-" + action + "-" + command.id,
       kind: "state",
       title: `Agent ${action} requested`,
       body: agentId || "all",
       meta: orch.id,
       icon: action === "restart" ? "ti-refresh" : "ti-power",
       view: "orchestrators",
-      metadata: { orchestratorId: orch.id, action, agentId },
+      metadata: { orchestratorId: orch.id, action, agentId, commandId: command.id },
     });
-    return json({ ok: true, action, message: msg }, 202);
+    return json({ ok: true, action, command }, 202);
   } catch (e) {
     if (e instanceof ValidationError) return error(e.message, 400);
     throw e;
   }
 };
 
+const getOrchestratorDirectories: Handler = async (req, params) => {
+  const orch = getOrchestrator(params.id!);
+  if (!orch) return error("orchestrator not found", 404);
+  if (!orch.apiUrl) return error("orchestrator does not expose an API", 422);
+  if (orch.status !== "online") return error("orchestrator is offline", 422);
+  const url = new URL(req.url);
+  const path = url.searchParams.get("path") || "";
+  const proxyUrl = `${orch.apiUrl}/api/directories${path ? `?path=${encodeURIComponent(path)}` : ""}`;
+  try {
+    const res = await fetch(proxyUrl, { signal: AbortSignal.timeout(5_000) });
+    const body = await res.json();
+    return json(body, res.status);
+  } catch (e) {
+    return error(`Failed to reach orchestrator API: ${(e as Error).message}`, 502);
+  }
+};
+
 const deleteOrchestratorById: Handler = (_req, params) => {
   const deleted = deleteOrchestrator(params.id!);
   if (!deleted) return error("orchestrator not found", 404);
   return json({ ok: true });
 };
 
+// --- Command routes ---
+
+function normalizeCommandInput(body: unknown): CreateCommandInput {
+  if (!isRecord(body)) throw new ValidationError("command body must be an object");
+  const type = cleanString(body.type, "type", { required: true, max: 120 })!;
+  const source = cleanString(body.source, "source", { required: true, max: 240 })!;
+  const target = cleanString(body.target, "target", { required: true, max: 240 })!;
+  const params = cleanParams(body.params) ?? {};
+  const correlationId = cleanString(body.correlationId, "correlationId", { max: 240 });
+  let ttlMs: number | undefined;
+  if (body.ttlMs !== undefined) {
+    if (typeof body.ttlMs !== "number" || !Number.isSafeInteger(body.ttlMs) || body.ttlMs <= 0) {
+      throw new ValidationError("ttlMs must be a positive integer");
+    }
+    ttlMs = body.ttlMs;
+  }
+  return { type, source, target, params, correlationId, ttlMs };
+}
+
+function commandEventType(command: Command): string {
+  if (command.status === "pending") return "command.requested";
+  return `command.${command.status}`;
+}
+
+function emitCommand(command: Command): void {
+  emitRelayEvent({
+    type: commandEventType(command),
+    source: command.source,
+    subject: command.id,
+    data: { command },
+  });
+}
+
+const postCommand: Handler = async (req) => {
+  const parsed = await parseBody<unknown>(req);
+  if (!parsed.ok) return error(parsed.error, parsed.status);
+  try {
+    const command = createCommand(normalizeCommandInput(parsed.body));
+    emitCommand(command);
+    return json(command, 201);
+  } catch (e) {
+    if (e instanceof ValidationError) return error(e.message, 400);
+    throw e;
+  }
+};
+
+const getCommands: Handler = (req) => {
+  const url = new URL(req.url);
+  const limitRaw = parseQueryInt(url.searchParams.get("limit"), { min: 1, max: 500 });
+  if (Number.isNaN(limitRaw)) return error("limit must be an integer between 1 and 500");
+  const sinceRaw = parseQueryInt(url.searchParams.get("since"), { min: 0, max: Number.MAX_SAFE_INTEGER });
+  if (Number.isNaN(sinceRaw)) return error("since must be a non-negative integer");
+  const status = url.searchParams.get("status") ?? undefined;
+  if (status && !VALID_COMMAND_STATUSES.includes(status as any)) {
+    return error(`status must be one of: ${VALID_COMMAND_STATUSES.join(", ")}`);
+  }
+  return json(listCommands({
+    target: url.searchParams.get("target") ?? undefined,
+    status: status as CommandStatus | undefined,
+    type: url.searchParams.get("type") ?? undefined,
+    since: sinceRaw ?? undefined,
+    limit: limitRaw ?? undefined,
+  }));
+};
+
+const getCommandById: Handler = (_req, params) => {
+  const command = getCommand(params.id!);
+  return command ? json(command) : error("command not found", 404);
+};
+
+const patchCommand: Handler = async (req, params) => {
+  const parsed = await parseBody<unknown>(req);
+  if (!parsed.ok) return error(parsed.error, parsed.status);
+  if (!isRecord(parsed.body)) return error("command body must be an object");
+  try {
+    const status = cleanEnum(parsed.body.status, "status", VALID_COMMAND_STATUSES);
+    const result = cleanParams(parsed.body.result, "result");
+    const err = cleanString(parsed.body.error, "error", { max: 4000 });
+    const command = updateCommand(params.id!, { status: status as CommandStatus | undefined, result, error: err });
+    if (!command) return error("command not found", 404);
+    applyCommandToRecipe(command);
+    emitCommand(command);
+    return json(command);
+  } catch (e) {
+    if (e instanceof ValidationError) return error(e.message, 400);
+    throw e;
+  }
+};
+
+// --- Provider config routes ---
+
+const VALID_PROVIDER_CONFIGS = ["claude", "codex"] as const;
+
+const getProviderConfigsRoute: Handler = () => {
+  return json(Object.fromEntries(VALID_PROVIDER_CONFIGS.map((provider) => {
+    const config = loadProviderConfig(provider);
+    return [provider, providerConfigPublic(config)];
+  })));
+};
+
+const getProviderConfigRoute: Handler = (_req, params) => {
+  const provider = cleanEnum(params.provider, "provider", VALID_PROVIDER_CONFIGS);
+  if (!provider) return error("provider required");
+  return json(providerConfigPublic(loadProviderConfig(provider)));
+};
+
+const putProviderConfigRoute: Handler = async (req, params) => {
+  const provider = cleanEnum(params.provider, "provider", VALID_PROVIDER_CONFIGS);
+  if (!provider) return error("provider required");
+  const parsed = await parseBody<unknown>(req);
+  if (!parsed.ok) return error(parsed.error, parsed.status);
+  try {
+    if (!isRecord(parsed.body)) return error("provider config body must be an object");
+    const defaults = defaultProviderConfig(provider);
+    const headless = isRecord(parsed.body.headless) ? parsed.body.headless : {};
+    const config: ProviderConfig = {
+      command: cleanString(parsed.body.command, "command", { required: true, max: 500 })!,
+      defaultArgs: cleanStringArray(parsed.body.defaultArgs, "defaultArgs") ?? defaults.defaultArgs,
+      env: cleanEnvRecord(parsed.body.env),
+      pluginDirs: cleanStringArray(parsed.body.pluginDirs, "pluginDirs") ?? defaults.pluginDirs,
+      defaultCapabilities: cleanStringArray(parsed.body.defaultCapabilities, "defaultCapabilities") ?? defaults.defaultCapabilities,
+      defaultApprovalMode: cleanString(parsed.body.defaultApprovalMode, "defaultApprovalMode", { max: 80 }) ?? defaults.defaultApprovalMode,
+      defaultTags: cleanStringArray(parsed.body.defaultTags, "defaultTags") ?? defaults.defaultTags,
+      headless: {
+        tmuxPrefix: cleanString(headless.tmuxPrefix, "headless.tmuxPrefix", { max: 120 }) ?? defaults.headless.tmuxPrefix,
+        shutdownTimeoutMs: cleanPositiveInt(headless.shutdownTimeoutMs, "headless.shutdownTimeoutMs") ?? defaults.headless.shutdownTimeoutMs,
+      },
+    };
+    return json(providerConfigPublic(writeProviderConfig(provider, config)));
+  } catch (e) {
+    if (e instanceof ValidationError) return error(e.message, 400);
+    throw e;
+  }
+};
+
+const postProviderConfigTestRoute: Handler = async (_req, params) => {
+  const provider = cleanEnum(params.provider, "provider", VALID_PROVIDER_CONFIGS);
+  if (!provider) return error("provider required");
+  const config = loadProviderConfig(provider);
+  const proc = Bun.spawn(["bash", "-lc", `command -v "$1"`, "bash", config.command], {
+    stdout: "pipe",
+    stderr: "pipe",
+  });
+  const [exitCode, stdout, stderr] = await Promise.all([
+    proc.exited,
+    new Response(proc.stdout).text(),
+    new Response(proc.stderr).text(),
+  ]);
+  return json({ ok: exitCode === 0, command: config.command, path: stdout.trim(), error: stderr.trim() }, exitCode === 0 ? 200 : 422);
+};
+
+function cleanEnvRecord(value: unknown): Record<string, string> {
+  if (value === undefined) return {};
+  if (!isRecord(value)) throw new ValidationError("env must be an object");
+  const env: Record<string, string> = {};
+  for (const [key, item] of Object.entries(value)) {
+    if (typeof item !== "string") throw new ValidationError(`env.${key} must be a string`);
+    env[key] = item;
+  }
+  return env;
+}
+
+function cleanPositiveInt(value: unknown, field: string): number | undefined {
+  if (value === undefined) return undefined;
+  if (typeof value !== "number" || !Number.isSafeInteger(value) || value <= 0) throw new ValidationError(`${field} must be a positive integer`);
+  return value;
+}
+
+const deleteCommandById: Handler = (_req, params) => {
+  if (!deleteCommand(params.id!)) return error("command not found or cannot be canceled", 404);
+  const command = getCommand(params.id!);
+  if (command) {
+    applyCommandToRecipe(command);
+    emitCommand(command);
+  }
+  return json({ ok: true });
+};
+
 // --- Message routes ---
 
 const VALID_MSG_KINDS = ["chat", "channel.event", "task", "pair", "control", "system"];
@@ -1349,6 +1715,13 @@ const postMessage: Handler = async (req) => {
     }
     applyReplyRouting(input);
     if (!input.to) return error("to is required (or provide replyTo to auto-route)");
+    const bypassKinds = ["system", "control"];
+    if (isDirectTarget(input.to) && !bypassKinds.includes(input.kind ?? "")) {
+      const target = getAgent(input.to);
+      if (target && target.status === "offline") {
+        return error(`agent "${input.to}" is offline`, 422);
+      }
+    }
     const result = sendMessageWithResult(input);
     if (result.created) {
       emitNewMessage(result.message);
@@ -1640,7 +2013,7 @@ const postConnectorAction: Handler = async (req, params) => {
   try {
     if (!isRecord(parsed.body)) throw new ValidationError("JSON object body required");
     const action = cleanEnum(parsed.body.action, "action", VALID_CONNECTOR_ACTIONS)!;
-    const result = runConnectorAction(params.id!, action);
+    const result = await runConnectorAction(params.id!, action);
     return json(result, result.ok ? 200 : 502);
   } catch (e) {
     if (e instanceof ValidationError) return error(e.message, e.message.includes("not found") ? 404 : 400);
@@ -1712,6 +2085,83 @@ const getIntegrations: Handler = () => {
   return json(integrations);
 };
 
+function emitAutomationDispatch(result: AutomationDispatchResult): void {
+  if (result.command) emitCommand(result.command);
+  if (result.message) emitNewMessage(result.message);
+  if (result.task) emitTaskChanged(result.task, "task.created");
+  emitRelayEvent({
+    type: "automation.run",
+    source: "server",
+    subject: result.run.id,
+    data: { automation: result.automation, run: result.run, task: result.task },
+  });
+}
+
+const getAutomations: Handler = () => {
+  return json(listAutomations());
+};
+
+const postAutomation: Handler = async (req) => {
+  const parsed = await parseBody<unknown>(req);
+  if (!parsed.ok) return error(parsed.error, parsed.status);
+  try {
+    const automation = createAutomation(parsed.body as any);
+    emitRelayEvent({ type: "automation.created", source: "server", subject: automation.id, data: { automation } });
+    return json(automation, 201);
+  } catch (e) {
+    if (e instanceof ValidationError) return error(e.message, 400);
+    throw e;
+  }
+};
+
+const getAutomationById: Handler = (_req, params) => {
+  const automation = getAutomation(params.id!);
+  return automation ? json(automation) : error("automation not found", 404);
+};
+
+const patchAutomation: Handler = async (req, params) => {
+  const parsed = await parseBody<unknown>(req);
+  if (!parsed.ok) return error(parsed.error, parsed.status);
+  try {
+    const automation = updateAutomation(params.id!, parsed.body as any);
+    if (!automation) return error("automation not found", 404);
+    emitRelayEvent({ type: "automation.updated", source: "server", subject: automation.id, data: { automation } });
+    return json(automation);
+  } catch (e) {
+    if (e instanceof ValidationError) return error(e.message, 400);
+    throw e;
+  }
+};
+
+const deleteAutomationById: Handler = (_req, params) => {
+  if (!deleteAutomation(params.id!)) return error("automation not found", 404);
+  emitRelayEvent({ type: "automation.deleted", source: "server", subject: params.id!, data: { automationId: params.id! } });
+  return json({ ok: true });
+};
+
+const postAutomationRun: Handler = (_req, params) => {
+  try {
+    const result = runAutomationNow(params.id!);
+    if (!result) return error("automation not found", 404);
+    emitAutomationDispatch(result);
+    return json(result, 202);
+  } catch (e) {
+    if (e instanceof ValidationError) return error(e.message, 400);
+    throw e;
+  }
+};
+
+const getAutomationRuns: Handler = (req) => {
+  const url = new URL(req.url);
+  const limitRaw = parseQueryInt(url.searchParams.get("limit"), { min: 1, max: 500 });
+  if (Number.isNaN(limitRaw)) return error("limit must be an integer between 1 and 500");
+  return json(listAutomationRuns({
+    automationId: url.searchParams.get("automationId") ?? undefined,
+    status: url.searchParams.get("status") ?? undefined,
+    limit: limitRaw ?? 100,
+  }));
+};
+
 const getChannels: Handler = () => {
   return json(listChannels());
 };
@@ -1762,13 +2212,13 @@ const postChannelEvent: Handler = async (req, params) => {
     if (!bindings.length) return error("channel has no binding", 409);
     const results = bindings.map((binding) => sendMessageWithResult({
       from: channel.agentId,
-      to: messageTargetForChannelTarget(binding.target),
+      to: messageTargetForChannelTarget(binding.target, binding),
       kind: "channel.event",
       channel: channel.id,
       body: input.body,
       payload: input.payload,
       idempotencyKey: scopedChannelIdempotencyKey(input.idempotencyKey, binding),
-      claimable: binding.mode === "claimable",
+      claimable: false,
     }));
     for (const result of results) {
       if (result.created) emitNewMessage(result.message);
@@ -1824,10 +2274,12 @@ const postIntegrationEvent: Handler = async (req) => {
   const parsed = await parseBody<unknown>(req);
   if (!parsed.ok) return error(parsed.error, parsed.status);
   try {
-    const input = { ...normalizeIntegrationEvent(parsed.body), source: auth.name };
-    if (!isIntegrationAllowed(auth, { target: input.target, channel: input.channel })) {
+    const normalized = { ...normalizeIntegrationEvent(parsed.body), source: auth.name };
+    const requestedChannelId = channelIdFromIntegrationTarget(normalized.target);
+    if (!isIntegrationAllowed(auth, { target: normalized.target, channel: normalized.channel ?? requestedChannelId })) {
       return error("integration token cannot target this task", 403);
     }
+    const input = resolveIntegrationEventTarget(normalized);
     const result = ingestIntegrationEvent(input, auth.name);
     if (result.message) emitNewMessage(result.message);
     emitTaskChanged(result.task, result.created ? "task.created" : "task.updated");
@@ -2117,17 +2569,38 @@ const getHealthRoute: Handler = () => json(getHealth());
 
 const postSystemReap: Handler = () => {
   const released = releaseExpiredClaims();
+  const releasedOrphans = releaseOrphanedTasks();
+  const expiredCommands = expireCommands();
   const reapedAgentIds = reapStaleAgents();
   const reapedOrchestratorIds = reapStaleOrchestrators();
   for (const id of released.messageIds) emitMessageClaimReleased(id);
   for (const task of released.tasks) emitTaskChanged(task, "task.updated");
-  for (const id of reapedAgentIds) emitAgentStatus(id);
+  for (const task of releasedOrphans) emitTaskChanged(task, "task.updated");
+  for (const command of expiredCommands) {
+    applyCommandToRecipe(command);
+    emitCommand(command);
+  }
+  for (const id of reapedAgentIds) {
+    emitAgentStatus(id);
+    auditEvent({
+      clientId: "server-agent-" + id + "-heartbeat-lost-" + Date.now(),
+      kind: "state",
+      title: "Heartbeat lost",
+      body: "Agent marked offline",
+      meta: id,
+      icon: "ti-heart-off",
+      view: "chat",
+      agentId: id,
+    });
+  }
   for (const id of reapedOrchestratorIds) emitOrchestratorStatus(id);
+  const poolChanges = evaluatePoolBindings();
+  for (const change of poolChanges) emitPoolBindingChanged(change.bindingId, change.channelId, change.previousAgentId, change.newAgentId);
   auditEvent({
     clientId: "server-system-reap-" + Date.now(),
     kind: "state",
     title: "Maintenance reaper run",
-    body: `${reapedAgentIds.length} stale agent(s), ${reapedOrchestratorIds.length} stale orchestrator(s), ${released.messageIds.length} message claim(s), ${released.tasks.length} task claim(s)`,
+    body: `${reapedAgentIds.length} stale agent(s), ${reapedOrchestratorIds.length} stale orchestrator(s), ${released.messageIds.length} message claim(s), ${released.tasks.length} task claim(s), ${expiredCommands.length} command(s)`,
     icon: "ti-broom",
     view: "activity",
   });
@@ -2137,6 +2610,8 @@ const postSystemReap: Handler = () => {
     reapedOrchestratorIds,
     releasedMessageIds: released.messageIds,
     releasedTaskIds: released.tasks.map((task) => task.id),
+    releasedOrphanedTaskIds: releasedOrphans.map((task) => task.id),
+    expiredCommandIds: expiredCommands.map((command) => command.id),
   });
 };
 
@@ -2184,9 +2659,30 @@ const routes: Route[] = [
   route("PATCH", "/api/orchestrators/:id/agents", patchOrchestratorAgents),
   route("POST", "/api/orchestrators/:id/spawn", postOrchestratorSpawn),
   route("POST", "/api/orchestrators/:id/actions", postOrchestratorAction),
+  route("GET", "/api/orchestrators/:id/directories", getOrchestratorDirectories),
   route("DELETE", "/api/orchestrators/:id", deleteOrchestratorById),
 
   route("POST", "/api/system/broadcast", postSystemBroadcast),
+  route("GET", "/api/recipes", getRecipes),
+  route("POST", "/api/recipes/start", postRecipeStart),
+  route("GET", "/api/recipes/instances", getRecipeInstances),
+  route("GET", "/api/recipes/instances/:id", getRecipeInstanceById),
+  route("POST", "/api/recipes/instances/:id/stop", postRecipeStop),
+  route("GET", "/api/recipes/:name", getRecipeByName),
+  route("GET", "/api/tokens", getTokens),
+  route("POST", "/api/tokens", postToken),
+  route("GET", "/api/tokens/:jti", getTokenById),
+  route("POST", "/api/tokens/:jti/revoke", postTokenRevoke),
+  route("POST", "/api/commands", postCommand),
+  route("GET", "/api/commands", getCommands),
+  route("GET", "/api/commands/:id", getCommandById),
+  route("PATCH", "/api/commands/:id", patchCommand),
+  route("DELETE", "/api/commands/:id", deleteCommandById),
+  route("GET", "/api/providers/config", getProviderConfigsRoute),
+  route("GET", "/api/providers/:provider/config", getProviderConfigRoute),
+  route("PUT", "/api/providers/:provider/config", putProviderConfigRoute),
+  route("POST", "/api/providers/:provider/config/test", postProviderConfigTestRoute),
+
   route("POST", "/api/messages", postMessage),
   route("GET", "/api/messages", getMessages),
   route("GET", "/api/messages/cursor", getCursorRoute),
@@ -2219,6 +2715,13 @@ const routes: Route[] = [
   route("POST", "/api/channel-bindings", postChannelBinding),
   route("GET", "/api/integrations", getIntegrations),
   route("POST", "/api/integrations/events", postIntegrationEvent),
+  route("GET", "/api/automations", getAutomations),
+  route("POST", "/api/automations", postAutomation),
+  route("GET", "/api/automation-runs", getAutomationRuns),
+  route("GET", "/api/automations/:id", getAutomationById),
+  route("PATCH", "/api/automations/:id", patchAutomation),
+  route("DELETE", "/api/automations/:id", deleteAutomationById),
+  route("POST", "/api/automations/:id/run", postAutomationRun),
   route("GET", "/api/tasks", getTasks),
   route("GET", "/api/tasks/:id", getTaskById),
   route("GET", "/api/tasks/:id/events", getTaskEvents),