agent-state-machine 2.0.0 → 2.0.2

package/bin/cli.js

@@ -5,6 +5,7 @@ import fs from 'fs';
 import { pathToFileURL, fileURLToPath } from 'url';
 import { WorkflowRuntime } from '../lib/index.js';
 import { setup } from '../lib/setup.js';
+import { generateSessionToken } from '../lib/remote/client.js';
 
 import { startLocalServer } from '../vercel-server/local-server.js';
 
@@ -35,6 +36,9 @@ Usage:
   state-machine --setup <workflow-name>    Create a new workflow project
   state-machine run <workflow-name>        Run a workflow (remote follow enabled by default)
   state-machine run <workflow-name> -l  Run with local server (localhost:3000)
+  state-machine run <workflow-name> -n  Generate a new remote follow path
+  state-machine run <workflow-name> -reset  Reset workflow state before running
+  state-machine run <workflow-name> -reset-hard  Hard reset workflow before running
 
   state-machine status [workflow-name]     Show current state (or list all)
   state-machine history <workflow-name> [limit]  Show execution history logs
@@ -46,6 +50,9 @@ Usage:
 Options:
   --setup, -s     Initialize a new workflow with directory structure
   --local, -l     Use local server instead of remote (starts on localhost:3000)
+  --new, -n       Generate a new remote follow path
+  -reset          Reset workflow state before running
+  -reset-hard     Hard reset workflow before running
   --help, -h      Show help
   --version, -v   Show version
 
@@ -80,6 +87,155 @@ function resolveWorkflowEntry(workflowDir) {
   return null;
 }
 
+function findConfigObjectRange(source) {
+  const match = source.match(/export\s+const\s+config\s*=/);
+  if (!match) return null;
+  const startSearch = match.index + match[0].length;
+  const braceStart = source.indexOf('{', startSearch);
+  if (braceStart === -1) return null;
+
+  let depth = 0;
+  let inString = null;
+  let inLineComment = false;
+  let inBlockComment = false;
+  let escape = false;
+
+  for (let i = braceStart; i < source.length; i += 1) {
+    const ch = source[i];
+    const next = source[i + 1];
+
+    if (inLineComment) {
+      if (ch === '\n') inLineComment = false;
+      continue;
+    }
+
+    if (inBlockComment) {
+      if (ch === '*' && next === '/') {
+        inBlockComment = false;
+        i += 1;
+      }
+      continue;
+    }
+
+    if (inString) {
+      if (escape) {
+        escape = false;
+        continue;
+      }
+      if (ch === '\\') {
+        escape = true;
+        continue;
+      }
+      if (ch === inString) {
+        inString = null;
+      }
+      continue;
+    }
+
+    if (ch === '"' || ch === '\'' || ch === '`') {
+      inString = ch;
+      continue;
+    }
+
+    if (ch === '/' && next === '/') {
+      inLineComment = true;
+      i += 1;
+      continue;
+    }
+
+    if (ch === '/' && next === '*') {
+      inBlockComment = true;
+      i += 1;
+      continue;
+    }
+
+    if (ch === '{') {
+      depth += 1;
+    } else if (ch === '}') {
+      depth -= 1;
+      if (depth === 0) {
+        return { start: braceStart, end: i };
+      }
+    }
+  }
+
+  return null;
+}
+
+function readRemotePathFromWorkflow(workflowFile) {
+  const source = fs.readFileSync(workflowFile, 'utf-8');
+  const range = findConfigObjectRange(source);
+  if (!range) return null;
+  const configSource = source.slice(range.start, range.end + 1);
+  const match = configSource.match(/\bremotePath\s*:\s*(['"`])([^'"`]+)\1/);
+  return match ? match[2] : null;
+}
+
+function writeRemotePathToWorkflow(workflowFile, remotePath) {
+  const source = fs.readFileSync(workflowFile, 'utf-8');
+  const range = findConfigObjectRange(source);
+  const remoteLine = `remotePath: "${remotePath}"`;
+
+  if (!range) {
+    const hasConfigExport = /export\s+const\s+config\s*=/.test(source);
+    if (hasConfigExport) {
+      throw new Error('Workflow config export is not an object literal; add remotePath manually.');
+    }
+    const trimmed = source.replace(/\s*$/, '');
+    const appended = `${trimmed}\n\nexport const config = {\n  ${remoteLine}\n};\n`;
+    fs.writeFileSync(workflowFile, appended);
+    return;
+  }
+
+  const configSource = source.slice(range.start, range.end + 1);
+  const remoteRegex = /\bremotePath\s*:\s*(['"`])([^'"`]*?)\1/;
+  let updatedConfigSource;
+
+  if (remoteRegex.test(configSource)) {
+    updatedConfigSource = configSource.replace(remoteRegex, remoteLine);
+  } else {
+    const inner = configSource.slice(1, -1);
+    const indentMatch = inner.match(/\n([ \t]+)\S/);
+    const indent = indentMatch ? indentMatch[1] : '  ';
+    const trimmedInner = inner.replace(/\s*$/, '');
+    const hasContent = trimmedInner.trim().length > 0;
+    let updatedInner = trimmedInner;
+
+    if (hasContent) {
+      for (let i = updatedInner.length - 1; i >= 0; i -= 1) {
+        const ch = updatedInner[i];
+        if (ch === ' ' || ch === '\t' || ch === '\n' || ch === '\r') continue;
+        if (ch !== ',') {
+          updatedInner += ',';
+        }
+        break;
+      }
+    }
+
+    const needsNewline = updatedInner && !updatedInner.endsWith('\n');
+    const insert = `${indent}${remoteLine},\n`;
+    const newInner = hasContent
+      ? `${updatedInner}${needsNewline ? '\n' : ''}${insert}`
+      : `\n${insert}`;
+    updatedConfigSource = `{${newInner}}`;
+  }
+
+  const updatedSource =
+    source.slice(0, range.start) +
+    updatedConfigSource +
+    source.slice(range.end + 1);
+  fs.writeFileSync(workflowFile, updatedSource);
+}
+
+function ensureRemotePath(workflowFile, { forceNew = false } = {}) {
+  const existing = readRemotePathFromWorkflow(workflowFile);
+  if (existing && !forceNew) return existing;
+
+  const remotePath = generateSessionToken();
+  writeRemotePathToWorkflow(workflowFile, remotePath);
+  return remotePath;
+}
+
 function readState(workflowDir) {
   const stateFile = path.join(workflowDir, 'state', 'current.json');
   if (!fs.existsSync(stateFile)) return null;
@@ -145,7 +301,16 @@ function listWorkflows() {
   console.log('');
 }
 
-async function runOrResume(workflowName, { remoteEnabled = false, useLocalServer = false } = {}) {
+async function runOrResume(
+  workflowName,
+  {
+    remoteEnabled = false,
+    useLocalServer = false,
+    forceNewRemotePath = false,
+    preReset = false,
+    preResetHard = false
+  } = {}
+) {
   const workflowDir = resolveWorkflowDir(workflowName);
 
   if (!fs.existsSync(workflowDir)) {
@@ -161,6 +326,12 @@ async function runOrResume(workflowName, { remoteEnabled = false, useLocalServer
   }
 
   const runtime = new WorkflowRuntime(workflowDir);
+  if (preResetHard) {
+    runtime.resetHard();
+  } else if (preReset) {
+    runtime.reset();
+  }
+
   const workflowUrl = pathToFileURL(entry).href;
 
   let localServer = null;
@@ -183,7 +354,8 @@ async function runOrResume(workflowName, { remoteEnabled = false, useLocalServer
 
   // Enable remote follow mode if we have a URL
   if (remoteUrl) {
-    await runtime.enableRemote(remoteUrl);
+    const sessionToken = ensureRemotePath(entry, { forceNew: forceNewRemotePath });
+    await runtime.enableRemote(remoteUrl, { sessionToken });
   }
 
   try {
@@ -227,15 +399,24 @@ async function main() {
     case 'run':
       if (!workflowName) {
         console.error('Error: Workflow name required');
-        console.error(`Usage: state-machine ${command} <workflow-name> [--local]`);
+        console.error(`Usage: state-machine ${command} <workflow-name> [--local] [--new] [-reset] [-reset-hard]`);
         process.exit(1);
       }
       {
         // Remote is enabled by default, --local uses local server instead
         const useLocalServer = args.includes('--local') || args.includes('-l');
+        const forceNewRemotePath = args.includes('--new') || args.includes('-n');
+        const preReset = args.includes('-reset');
+        const preResetHard = args.includes('-reset-hard');
         const remoteEnabled = !useLocalServer; // Use Vercel if not local
         try {
-          await runOrResume(workflowName, { remoteEnabled, useLocalServer });
+          await runOrResume(workflowName, {
+            remoteEnabled,
+            useLocalServer,
+            forceNewRemotePath,
+            preReset,
+            preResetHard
+          });
         } catch (err) {
           console.error('Error:', err.message || String(err));
           process.exit(1);

package/lib/remote/client.js

@@ -80,6 +80,7 @@ export class RemoteClient {
    * @param {string} options.workflowName - Name of the workflow
    * @param {function} options.onInteractionResponse - Callback when interaction response received
    * @param {function} [options.onStatusChange] - Callback when connection status changes
+   * @param {string} [options.sessionToken] - Optional session token to reuse
    */
   constructor(options) {
     this.serverUrl = options.serverUrl.replace(/\/$/, ''); // Remove trailing slash
@@ -87,7 +88,7 @@ export class RemoteClient {
     this.onInteractionResponse = options.onInteractionResponse;
     this.onStatusChange = options.onStatusChange || (() => {});
 
-    this.sessionToken = generateSessionToken();
+    this.sessionToken = options.sessionToken || generateSessionToken();
     this.connected = false;
     this.polling = false;
     this.pollAbortController = null;

package/lib/runtime/runtime.js

@@ -507,12 +507,15 @@ export class WorkflowRuntime {
   /**
    * Enable remote follow mode
    * @param {string} serverUrl - Base URL of the remote server
+   * @param {object} [options]
+   * @param {string} [options.sessionToken] - Optional session token to reuse
    * @returns {Promise<string>} The remote URL for browser access
    */
-  async enableRemote(serverUrl) {
+  async enableRemote(serverUrl, options = {}) {
     this.remoteClient = new RemoteClient({
       serverUrl,
       workflowName: this.workflowName,
+      sessionToken: options.sessionToken,
       onInteractionResponse: (slug, targetKey, response) => {
         this.handleRemoteInteraction(slug, targetKey, response);
       },

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agent-state-machine",
-  "version": "2.0.0",
+  "version": "2.0.2",
   "type": "module",
   "description": "A workflow orchestrator for running agents and scripts in sequence with state management",
   "main": "lib/index.js",
@@ -29,6 +29,8 @@
     "bin",
     "lib",
     "vercel-server/local-server.js",
-    "vercel-server/public"
+    "vercel-server/public",
+    "vercel-server/ui",
+    "vercel-server/api"
   ]
 }

package/vercel-server/api/events/[token].js

@@ -0,0 +1,119 @@
+/**
+ * File: /vercel-server/api/events/[token].js
+ *
+ * SSE endpoint for browser connections
+ * Streams history and real-time events to connected browsers
+ */
+
+import {
+  getSession,
+  getHistory,
+  redis,
+  KEYS,
+  refreshSession,
+} from '../../lib/redis.js';
+
+export const config = {
+  maxDuration: 60, // Maximum 60 seconds for SSE
+};
+
+export default async function handler(req, res) {
+  const { token } = req.query;
+
+  if (!token) {
+    return res.status(400).json({ error: 'Missing token parameter' });
+  }
+
+  // Validate session
+  const session = await getSession(token);
+  if (!session) {
+    return res.status(404).json({ error: 'Session not found or expired' });
+  }
+
+  // Set up SSE headers
+  res.setHeader('Content-Type', 'text/event-stream');
+  res.setHeader('Cache-Control', 'no-cache, no-transform');
+  res.setHeader('Connection', 'keep-alive');
+  res.setHeader('Access-Control-Allow-Origin', '*');
+
+  // Send retry interval
+  res.write('retry: 3000\n\n');
+
+  // Send initial data
+  try {
+    // Send connection status
+    res.write(`data: ${JSON.stringify({
+      type: 'status',
+      cliConnected: session.cliConnected,
+      workflowName: session.workflowName,
+    })}\n\n`);
+
+    // Send existing history
+    const history = await getHistory(token);
+    res.write(`data: ${JSON.stringify({
+      type: 'history',
+      entries: history,
+    })}\n\n`);
+
+    // Poll for new events
+    const eventsListKey = `${KEYS.events(token)}:list`;
+    let lastEventIndex = 0;
+
+    // Get current list length to start from
+    const currentLength = await redis.llen(eventsListKey);
+    lastEventIndex = currentLength;
+
+    const pollInterval = setInterval(async () => {
+      try {
+        // Refresh session TTL
+        await refreshSession(token);
+
+        // Check for new events
+        const newLength = await redis.llen(eventsListKey);
+
+        if (newLength > lastEventIndex) {
+          // Get new events (newest first)
+          const newEvents = await redis.lrange(eventsListKey, 0, newLength - lastEventIndex - 1);
+
+          for (const event of newEvents.reverse()) {
+            const eventData = typeof event === 'object' ? event : JSON.parse(event);
+            res.write(`data: ${JSON.stringify(eventData)}\n\n`);
+          }
+
+          lastEventIndex = newLength;
+        }
+
+        // Check CLI status
+        const updatedSession = await getSession(token);
+        if (updatedSession && updatedSession.cliConnected !== session.cliConnected) {
+          session.cliConnected = updatedSession.cliConnected;
+          res.write(`data: ${JSON.stringify({
+            type: updatedSession.cliConnected ? 'cli_reconnected' : 'cli_disconnected',
+          })}\n\n`);
+        }
+      } catch (err) {
+        console.error('Error polling events:', err);
+      }
+    }, 2000);
+
+    // Clean up on client disconnect
+    req.on('close', () => {
+      clearInterval(pollInterval);
+    });
+
+    // For Vercel, we need to keep the connection alive but also respect function timeout
+    // Send keepalive pings
+    const keepaliveInterval = setInterval(() => {
+      res.write(': keepalive\n\n');
+    }, 15000);
+
+    req.on('close', () => {
+      clearInterval(keepaliveInterval);
+    });
+
+  } catch (err) {
+    console.error('SSE error:', err);
+    res.write(`data: ${JSON.stringify({ type: 'error', message: err.message })}\n\n`);
+    res.end();
+  }
+}

package/vercel-server/api/history/[token].js

@@ -0,0 +1,51 @@
+/**
+ * File: /vercel-server/api/history/[token].js
+ *
+ * REST endpoint to get session history
+ */
+
+import { getSession, getHistory, refreshSession } from '../../lib/redis.js';
+
+export default async function handler(req, res) {
+  // Enable CORS
+  res.setHeader('Access-Control-Allow-Origin', '*');
+  res.setHeader('Access-Control-Allow-Methods', 'GET, OPTIONS');
+  res.setHeader('Access-Control-Allow-Headers', 'Content-Type');
+
+  if (req.method === 'OPTIONS') {
+    return res.status(200).end();
+  }
+
+  if (req.method !== 'GET') {
+    return res.status(405).json({ error: 'Method not allowed' });
+  }
+
+  const { token } = req.query;
+
+  if (!token) {
+    return res.status(400).json({ error: 'Missing token parameter' });
+  }
+
+  try {
+    // Validate session
+    const session = await getSession(token);
+    if (!session) {
+      return res.status(404).json({ error: 'Session not found or expired' });
+    }
+
+    // Refresh session TTL
+    await refreshSession(token);
+
+    // Get history
+    const entries = await getHistory(token);
+
+    return res.status(200).json({
+      workflowName: session.workflowName,
+      cliConnected: session.cliConnected,
+      entries,
+    });
+  } catch (err) {
+    console.error('Error getting history:', err);
+    return res.status(500).json({ error: err.message });
+  }
+}

package/vercel-server/api/session/[token].js

@@ -0,0 +1,49 @@
+// /vercel-server/api/session/[token].js
+import path from 'path';
+import { readFile } from 'fs/promises';
+import { fileURLToPath } from 'url';
+
+import { getSession } from '../../lib/redis.js';
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+
+let cachedTemplate = null;
+async function getTemplate() {
+  if (cachedTemplate) return cachedTemplate;
+  // Point to the unified template in vercel-server/ui/index.html
+  const templatePath = path.join(__dirname, '..', '..', 'ui', 'index.html');
+  cachedTemplate = await readFile(templatePath, 'utf8');
+  return cachedTemplate;
+}
+
+export default async function handler(req, res) {
+  const { token } = req.query;
+
+  if (!token) return res.status(400).send('Missing session token');
+
+  const session = await getSession(token);
+  if (!session) {
+    return res.status(404).send(`<!DOCTYPE html>
+<html>
+  <head>
+    <title>Session Not Found</title>
+    <style>body { font-family: system-ui; max-width: 600px; margin: 100px auto; text-align: center; }</style>
+  </head>
+  <body>
+    <h1>Session Not Found</h1>
+    <p>This session has expired or does not exist.</p>
+    <p>Sessions expire 30 minutes after the last activity.</p>
+  </body>
+</html>`);
+  }
+
+  const template = await getTemplate();
+
+  const html = template
+    .replace(/\{\{SESSION_TOKEN\}\}/g, token)
+    .replace(/\{\{WORKFLOW_NAME\}\}/g, session.workflowName || 'Workflow');
+
+  res.setHeader('Content-Type', 'text/html; charset=utf-8');
+  res.send(html);
+}

package/vercel-server/api/submit/[token].js

@@ -0,0 +1,94 @@
+/**
+ * File: /vercel-server/api/submit/[token].js
+ *
+ * POST endpoint for browser interaction submissions
+ */
+
+import {
+  getSession,
+  addHistoryEvent,
+  publishEvent,
+  redis,
+  KEYS,
+} from '../../lib/redis.js';
+
+export default async function handler(req, res) {
+  // Enable CORS
+  res.setHeader('Access-Control-Allow-Origin', '*');
+  res.setHeader('Access-Control-Allow-Methods', 'POST, OPTIONS');
+  res.setHeader('Access-Control-Allow-Headers', 'Content-Type');
+
+  if (req.method === 'OPTIONS') {
+    return res.status(200).end();
+  }
+
+  if (req.method !== 'POST') {
+    return res.status(405).json({ error: 'Method not allowed' });
+  }
+
+  const { token } = req.query;
+
+  if (!token) {
+    return res.status(400).json({ error: 'Missing token parameter' });
+  }
+
+  try {
+    // Validate session
+    const session = await getSession(token);
+    if (!session) {
+      return res.status(404).json({ error: 'Session not found or expired' });
+    }
+
+    // Check if CLI is connected
+    if (!session.cliConnected) {
+      return res.status(503).json({ error: 'CLI is disconnected. Cannot submit interaction.' });
+    }
+
+    // Parse body
+    const body = typeof req.body === 'string' ? JSON.parse(req.body) : req.body;
+    const { slug, targetKey, response } = body;
+
+    if (!slug || !response) {
+      return res.status(400).json({ error: 'Missing required fields: slug, response' });
+    }
+
+    // Validate response size (max 1MB)
+    if (response.length > 1024 * 1024) {
+      return res.status(413).json({ error: 'Response too large (max 1MB)' });
+    }
+
+    // Push to pending interactions list (for CLI to poll)
+    const pendingKey = `${KEYS.interactions(token)}:pending`;
+    await redis.rpush(pendingKey, JSON.stringify({
+      slug,
+      targetKey: targetKey || `_interaction_${slug}`,
+      response,
+    }));
+
+    // Set TTL on pending list
+    await redis.expire(pendingKey, 300); // 5 minutes
+
+    // Log event to history (include answer preview)
+    const event = {
+      timestamp: new Date().toISOString(),
+      event: 'INTERACTION_SUBMITTED',
+      slug,
+      targetKey: targetKey || `_interaction_${slug}`,
+      answer: response.substring(0, 200) + (response.length > 200 ? '...' : ''),
+      source: 'remote',
+    };
+
+    await addHistoryEvent(token, event);
+
+    // Notify other browsers
+    await publishEvent(token, {
+      type: 'event',
+      ...event,
+    });
+
+    return res.status(200).json({ success: true });
+  } catch (err) {
+    console.error('Error submitting interaction:', err);
+    return res.status(500).json({ error: err.message });
+  }
+}

package/vercel-server/api/ws/cli.js

@@ -0,0 +1,186 @@
+/**
+ * File: /vercel-server/api/ws/cli.js
+ *
+ * HTTP-based endpoint for CLI communication (replaces WebSocket for serverless)
+ *
+ * POST: Receive messages from CLI (session_init, event, session_end)
+ * GET: Long-poll for interaction responses
+ */
+
+import {
+  createSession,
+  getSession,
+  updateSession,
+  setCLIConnected,
+  addHistoryEvent,
+  addHistoryEvents,
+  publishEvent,
+  redis,
+  KEYS,
+} from '../../lib/redis.js';
+
+export default async function handler(req, res) {
+  // Enable CORS
+  res.setHeader('Access-Control-Allow-Origin', '*');
+  res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS');
+  res.setHeader('Access-Control-Allow-Headers', 'Content-Type');
+
+  if (req.method === 'OPTIONS') {
+    return res.status(200).end();
+  }
+
+  if (req.method === 'POST') {
+    return handlePost(req, res);
+  }
+
+  if (req.method === 'GET') {
+    return handleGet(req, res);
+  }
+
+  return res.status(405).json({ error: 'Method not allowed' });
+}
+
+/**
+ * Handle POST requests from CLI
+ */
+async function handlePost(req, res) {
+  const body = typeof req.body === 'string' ? JSON.parse(req.body) : req.body;
+  const { type, sessionToken } = body;
+
+  if (!sessionToken) {
+    return res.status(400).json({ error: 'Missing sessionToken' });
+  }
+
+  try {
+    switch (type) {
+      case 'session_init': {
+        const { workflowName, history } = body;
+
+        // Create session
+        await createSession(sessionToken, { workflowName, cliConnected: true });
+
+        // Store initial history
+        if (history && history.length > 0) {
+          await addHistoryEvents(sessionToken, history);
+        }
+
+        // Notify browsers
+        await publishEvent(sessionToken, {
+          type: 'cli_connected',
+          workflowName,
+        });
+
+        return res.status(200).json({ success: true });
+      }
+
+      case 'session_reconnect': {
+        const { workflowName } = body;
+
+        // Update session as connected
+        await setCLIConnected(sessionToken, true);
+
+        // Notify browsers
+        await publishEvent(sessionToken, {
+          type: 'cli_reconnected',
+          workflowName,
+        });
+
+        return res.status(200).json({ success: true });
+      }
+
+      case 'event': {
+        const { timestamp, event, ...eventData } = body;
+
+        const historyEvent = {
+          timestamp: timestamp || new Date().toISOString(),
+          event,
+          ...eventData,
+        };
+
+        // Remove sessionToken and type from event data
+        delete historyEvent.sessionToken;
+        delete historyEvent.type;
+
+        // Add to history
+        await addHistoryEvent(sessionToken, historyEvent);
+
+        // Notify browsers
+        await publishEvent(sessionToken, {
+          type: 'event',
+          ...historyEvent,
+        });
+
+        return res.status(200).json({ success: true });
+      }
+
+      case 'session_end': {
+        const { reason } = body;
+
+        // Mark CLI as disconnected
+        await setCLIConnected(sessionToken, false);
+
+        // Notify browsers
+        await publishEvent(sessionToken, {
+          type: 'cli_disconnected',
+          reason,
+        });
+
+        return res.status(200).json({ success: true });
+      }
+
+      default:
+        return res.status(400).json({ error: `Unknown message type: ${type}` });
+    }
+  } catch (err) {
+    console.error('Error handling CLI message:', err);
+    return res.status(500).json({ error: err.message });
+  }
+}
+
+/**
+ * Handle GET requests - long-poll for interaction responses
+ */
+async function handleGet(req, res) {
+  const { token, timeout = '30000' } = req.query;
+
+  if (!token) {
+    return res.status(400).json({ error: 'Missing token parameter' });
+  }
+
+  const session = await getSession(token);
+  if (!session) {
+    return res.status(404).json({ error: 'Session not found' });
+  }
+
+  const timeoutMs = Math.min(parseInt(timeout, 10), 55000); // Max 55s for Vercel
+  const channel = KEYS.interactions(token);
+
+  // Check for pending interactions using a list
+  const pendingKey = `${channel}:pending`;
+
+  try {
+    // Try to get a pending interaction
+    const startTime = Date.now();
+
+    while (Date.now() - startTime < timeoutMs) {
+      const pending = await redis.lpop(pendingKey);
+
+      if (pending) {
+        const data = typeof pending === 'object' ? pending : JSON.parse(pending);
+        return res.status(200).json({
+          type: 'interaction_response',
+          ...data,
+        });
+      }
+
+      // Wait before checking again
+      await new Promise((resolve) => setTimeout(resolve, 1000));
+    }
+
+    // Timeout - no interaction received
+    return res.status(204).end();
+  } catch (err) {
+    console.error('Error polling for interactions:', err);
+    return res.status(500).json({ error: err.message });
+  }
+}

package/vercel-server/local-server.js

@@ -342,7 +342,7 @@ async function handleSubmitPost(req, res, token) {
 /**
  * Serve session UI
  */
-const MASTER_TEMPLATE_PATH = path.join(__dirname, '..', 'lib', 'ui', 'index.html');
+const MASTER_TEMPLATE_PATH = path.join(__dirname, 'ui', 'index.html');
 
 /**
  * Get session HTML by reading the master template from lib/ui/index.html