clawmini 0.0.8 → 0.0.9

package/src/daemon/routers/slash-policies.ts

@@ -1,10 +1,24 @@
 import { randomUUID } from 'node:crypto';
 import type { RouterState } from './types.js';
 import { RequestStore } from '../request-store.js';
-import { readPolicies, getWorkspaceRoot } from '../../shared/workspace.js';
-import { executeRequest } from '../policy-utils.js';
+import { readChatSettings, readPoliciesForPath, getWorkspaceRoot } from '../../shared/workspace.js';
+import { resolveAgentDir } from '../api/router-utils.js';
+import { executeRequest, resolveRequestCwd, truncateLargeOutput } from '../policy-utils.js';
 import { appendMessage } from '../chats.js';
 import type { SystemMessage } from '../../shared/chats.js';
+import type { PolicyRequest } from '../../shared/policies.js';
+import { executeDirectMessage } from '../message.js';
+
+// Resolve which session the approval/rejection should be replayed on. The
+// request may have been created in an earlier session (session-timeout, /new),
+// so we always consult the chat's *current* session for that agent/subagent.
+async function resolveTargetSessionId(chatId: string, req: PolicyRequest): Promise<string> {
+  const chatSettings = await readChatSettings(chatId);
+  if (req.subagentId) {
+    return chatSettings?.subagents?.[req.subagentId]?.sessionId ?? 'default';
+  }
+  return chatSettings?.sessions?.[req.agentId] ?? 'default';
+}
 
 async function loadAndValidateRequest(id: string, state: RouterState) {
   const store = new RequestStore(getWorkspaceRoot());
@@ -47,39 +61,68 @@ export async function slashPolicies(state: RouterState): Promise<RouterState> {
     if (error) return error;
     if (!req || !store) return state; // Should not happen if error is undefined
 
-    const config = await readPolicies();
+    const workspaceRoot = getWorkspaceRoot();
+    const agentDir = await resolveAgentDir(req.agentId, workspaceRoot);
+    const config = await readPoliciesForPath(agentDir, workspaceRoot);
     const policy = config?.policies?.[req.commandName];
     if (!policy) {
       return { ...state, message: '', reply: `Policy not found: ${req.commandName}` };
     }
 
-    req.state = 'Approved';
+    const hostCwd = await resolveRequestCwd(req.cwd, state.agentId, workspaceRoot);
 
-    const { stdout, stderr, exitCode } = await executeRequest(req, policy, getWorkspaceRoot());
+    const result = await executeRequest(req, policy, hostCwd);
+    const { exitCode } = result;
+    const { stdout, stderr } = await truncateLargeOutput(
+      result.stdout,
+      result.stderr,
+      req.id,
+      state.agentId
+    );
 
-    req.executionResult = { stdout, stderr, exitCode };
-    await store.save(req);
+    await store.delete(req.id);
 
     const agentMessage = `Request ${id} approved.\n\n${wrapInHtml('stdout', stdout)}\n\n${wrapInHtml('stderr', stderr)}\n\nExit Code: ${exitCode}`;
 
-    const logMsg: SystemMessage = {
+    const targetSessionId = await resolveTargetSessionId(state.chatId, req);
+
+    const userNotificationMsg: SystemMessage = {
       id: randomUUID(),
       messageId: state.messageId,
       role: 'system',
       event: 'policy_approved',
-      displayRole: 'user',
-      content: agentMessage,
+      displayRole: 'agent',
+      content: `Request ${id} (\`${req.commandName}\`) approved.`,
       timestamp: new Date().toISOString(),
-      ...(req.subagentId ? { subagentId: req.subagentId } : {}),
+      // Explicitly omitted subagentId to show in main chat
+      sessionId: state.sessionId,
     };
 
-    await appendMessage(state.chatId, logMsg);
+    await appendMessage(state.chatId, userNotificationMsg);
+
+    await executeDirectMessage(
+      state.chatId,
+      {
+        messageId: randomUUID(),
+        message: agentMessage,
+        chatId: state.chatId,
+        agentId: req.agentId,
+        sessionId: targetSessionId,
+        ...(req.subagentId ? { subagentId: req.subagentId } : {}),
+        env: state.env || {},
+      },
+      undefined,
+      getWorkspaceRoot(),
+      true, // noWait
+      agentMessage,
+      req.subagentId,
+      'policy_approved',
+      'user'
+    );
 
     return {
       ...state,
-      message: agentMessage,
-      reply: `Approved request, running ${req.commandName}`,
-      ...(req.subagentId ? { subagentId: req.subagentId } : {}),
+      message: '', // Prevents further router processing or duplicate user message logs
     };
   }
 
@@ -92,22 +135,11 @@ export async function slashPolicies(state: RouterState): Promise<RouterState> {
     if (error) return error;
     if (!req || !store) return state; // Should not happen if error is undefined
 
-    req.state = 'Rejected';
-    req.rejectionReason = reason;
-    await store.save(req);
+    await store.delete(req.id);
 
     const agentMessage = `Request ${id} rejected. Reason: ${reason}`;
 
-    const logMsg: SystemMessage = {
-      id: randomUUID(),
-      messageId: state.messageId,
-      role: 'system',
-      event: 'policy_rejected',
-      displayRole: 'user',
-      content: agentMessage,
-      timestamp: new Date().toISOString(),
-      ...(req.subagentId ? { subagentId: req.subagentId } : {}),
-    };
+    const targetSessionId = await resolveTargetSessionId(state.chatId, req);
 
     const userNotificationMsg: SystemMessage = {
       id: randomUUID(),
@@ -115,18 +147,37 @@ export async function slashPolicies(state: RouterState): Promise<RouterState> {
       role: 'system',
       event: 'policy_rejected',
       displayRole: 'agent',
-      content: agentMessage,
+      content: `Request ${id} (\`${req.commandName}\`) rejected. Reason: ${reason}`,
       timestamp: new Date().toISOString(),
-      ...(req.subagentId ? { subagentId: req.subagentId } : {}),
+      // Explicitly omitted subagentId to show in main chat
+      sessionId: state.sessionId,
     };
 
-    await appendMessage(state.chatId, logMsg);
     await appendMessage(state.chatId, userNotificationMsg);
 
+    await executeDirectMessage(
+      state.chatId,
+      {
+        messageId: randomUUID(),
+        message: agentMessage,
+        chatId: state.chatId,
+        agentId: req.agentId,
+        sessionId: targetSessionId,
+        ...(req.subagentId ? { subagentId: req.subagentId } : {}),
+        env: state.env || {},
+      },
+      undefined,
+      getWorkspaceRoot(),
+      true, // noWait
+      agentMessage,
+      req.subagentId,
+      'policy_rejected',
+      'user'
+    );
+
     return {
       ...state,
-      message: agentMessage,
-      ...(req.subagentId ? { subagentId: req.subagentId } : {}),
+      message: '', // Prevents further router processing or duplicate user message logs
     };
   }
 

package/src/daemon/routers/slash-restart.test.ts

@@ -0,0 +1,69 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+import { slashRestart } from './slash-restart.js';
+import { sendControlRequest } from '../../cli/supervisor-control.js';
+import type { RouterState } from './types.js';
+
+vi.mock('../../cli/supervisor-control.js');
+
+const baseState: RouterState = {
+  message: '',
+  messageId: 'mock-msg-id',
+  chatId: 'chat-1',
+};
+
+describe('slashRestart', () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+    vi.mocked(sendControlRequest).mockResolvedValue({ ok: true });
+  });
+
+  it('passes through unrelated messages', async () => {
+    const state = { ...baseState, message: 'hello' };
+    const result = await slashRestart(state);
+    expect(result).toEqual(state);
+    expect(sendControlRequest).not.toHaveBeenCalled();
+  });
+
+  it('forwards chatId/messageId to the supervisor for /restart', async () => {
+    const state = { ...baseState, message: '/restart' };
+    const result = await slashRestart(state);
+    expect(result.action).toBe('stop');
+    expect(result.reply).toBe('Restarting clawmini...');
+    expect(result.message).toBe('');
+    expect(sendControlRequest).toHaveBeenCalledWith({
+      action: 'restart',
+      chatId: 'chat-1',
+      messageId: 'mock-msg-id',
+    });
+  });
+
+  it('matches /restart with trailing whitespace', async () => {
+    const state = { ...baseState, message: '/restart   ' };
+    const result = await slashRestart(state);
+    expect(result.action).toBe('stop');
+    expect(sendControlRequest).toHaveBeenCalled();
+  });
+
+  it('does not match /restartfoo', async () => {
+    const state = { ...baseState, message: '/restartfoo' };
+    const result = await slashRestart(state);
+    expect(result).toEqual(state);
+    expect(sendControlRequest).not.toHaveBeenCalled();
+  });
+
+  it('returns an error reply when the supervisor request rejects', async () => {
+    vi.mocked(sendControlRequest).mockRejectedValueOnce(new Error('socket missing'));
+    const state = { ...baseState, message: '/restart' };
+    const result = await slashRestart(state);
+    expect(result.action).toBe('stop');
+    expect(result.reply).toBe('Could not reach supervisor: socket missing.');
+  });
+
+  it('returns an error reply when the supervisor reports !ok', async () => {
+    vi.mocked(sendControlRequest).mockResolvedValueOnce({ ok: false, error: 'busy' });
+    const state = { ...baseState, message: '/restart' };
+    const result = await slashRestart(state);
+    expect(result.action).toBe('stop');
+    expect(result.reply).toBe('Restart aborted: busy.');
+  });
+});

package/src/daemon/routers/slash-restart.ts

@@ -0,0 +1,36 @@
+import type { RouterState } from './types.js';
+import { sendControlRequest } from '../../cli/supervisor-control.js';
+
+export async function slashRestart(state: RouterState): Promise<RouterState> {
+  if (!/^\/restart(\s|$)/.test(state.message)) return state;
+
+  // Gated to user messages by USER_ROUTERS in resolveRouters — an agent
+  // tool output that happens to start with "/restart" never reaches us.
+  // The supervisor enqueues the post-restart "Clawmini restarted vX.Y.Z"
+  // SystemMessage on its side so the on-disk record reflects whether the
+  // restart was actually scheduled. We just plumb chatId + messageId
+  // through and surface any control-channel error to the user.
+  let res;
+  try {
+    res = await sendControlRequest({
+      action: 'restart',
+      chatId: state.chatId,
+      messageId: state.messageId,
+    });
+  } catch (err) {
+    return stop(
+      state,
+      `Could not reach supervisor: ${err instanceof Error ? err.message : String(err)}.`
+    );
+  }
+
+  if (!res.ok) {
+    return stop(state, `Restart aborted: ${res.error ?? 'unknown error'}.`);
+  }
+
+  return stop(state, 'Restarting clawmini...');
+}
+
+function stop(state: RouterState, reply: string): RouterState {
+  return { ...state, message: '', action: 'stop', reply };
+}

package/src/daemon/routers/slash-shutdown.test.ts

@@ -0,0 +1,50 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+import { slashShutdown } from './slash-shutdown.js';
+import { sendControlRequest } from '../../cli/supervisor-control.js';
+import type { RouterState } from './types.js';
+
+vi.mock('../../cli/supervisor-control.js');
+
+const baseState: RouterState = {
+  message: '',
+  messageId: 'mock-msg-id',
+  chatId: 'chat-1',
+};
+
+describe('slashShutdown', () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+    vi.mocked(sendControlRequest).mockResolvedValue({ ok: true });
+  });
+
+  it('passes through unrelated messages', async () => {
+    const state = { ...baseState, message: 'hello' };
+    const result = await slashShutdown(state);
+    expect(result).toEqual(state);
+    expect(sendControlRequest).not.toHaveBeenCalled();
+  });
+
+  it('triggers shutdown for /shutdown', async () => {
+    const state = { ...baseState, message: '/shutdown' };
+    const result = await slashShutdown(state);
+    expect(result.action).toBe('stop');
+    expect(result.reply).toBe('Shutting down clawmini supervisor...');
+    expect(result.message).toBe('');
+    expect(sendControlRequest).toHaveBeenCalledWith({ action: 'shutdown' });
+  });
+
+  it('does not match /shutdownz', async () => {
+    const state = { ...baseState, message: '/shutdownz' };
+    const result = await slashShutdown(state);
+    expect(result).toEqual(state);
+    expect(sendControlRequest).not.toHaveBeenCalled();
+  });
+
+  it('returns an error reply when the supervisor request rejects', async () => {
+    vi.mocked(sendControlRequest).mockRejectedValueOnce(new Error('socket missing'));
+    const state = { ...baseState, message: '/shutdown' };
+    const result = await slashShutdown(state);
+    expect(result.action).toBe('stop');
+    expect(result.reply).toBe('Could not reach supervisor: socket missing.');
+  });
+});

package/src/daemon/routers/slash-shutdown.ts

@@ -0,0 +1,28 @@
+import type { RouterState } from './types.js';
+import { sendControlRequest } from '../../cli/supervisor-control.js';
+
+export async function slashShutdown(state: RouterState): Promise<RouterState> {
+  if (!/^\/shutdown(\s|$)/.test(state.message)) return state;
+
+  // Gated to user messages by USER_ROUTERS in resolveRouters — agents cannot
+  // trigger this even via tool output that happens to start with /shutdown.
+  let res;
+  try {
+    res = await sendControlRequest({ action: 'shutdown' });
+  } catch (err) {
+    return stop(
+      state,
+      `Could not reach supervisor: ${err instanceof Error ? err.message : String(err)}.`
+    );
+  }
+
+  if (!res.ok) {
+    return stop(state, `Shutdown aborted: ${res.error ?? 'unknown error'}.`);
+  }
+
+  return stop(state, 'Shutting down clawmini supervisor...');
+}
+
+function stop(state: RouterState, reply: string): RouterState {
+  return { ...state, message: '', action: 'stop', reply };
+}

package/src/daemon/routers/slash-upgrade.test.ts

@@ -0,0 +1,116 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+import { slashUpgrade } from './slash-upgrade.js';
+import { detectInstall } from '../../cli/install-detection.js';
+import { sendControlRequest } from '../../cli/supervisor-control.js';
+import type { RouterState } from './types.js';
+
+vi.mock('../../cli/install-detection.js');
+vi.mock('../../cli/supervisor-control.js');
+
+const baseState: RouterState = {
+  message: '',
+  messageId: 'mock-msg-id',
+  chatId: 'chat-1',
+};
+
+const npmInstall = {
+  isNpmGlobal: true,
+  entryRealPath: '/usr/local/lib/node_modules/clawmini/dist/cli.js',
+  npmRootRealPath: '/usr/local/lib/node_modules',
+};
+
+describe('slashUpgrade', () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+    vi.mocked(sendControlRequest).mockResolvedValue({ ok: true });
+    vi.mocked(detectInstall).mockReturnValue(npmInstall);
+  });
+
+  it('passes through unrelated messages', async () => {
+    const state = { ...baseState, message: 'hello' };
+    const result = await slashUpgrade(state);
+    expect(result).toEqual(state);
+    expect(sendControlRequest).not.toHaveBeenCalled();
+  });
+
+  it('refuses upgrade when not installed via npm (e.g. npm link)', async () => {
+    vi.mocked(detectInstall).mockReturnValueOnce({
+      isNpmGlobal: false,
+      entryRealPath: '/Users/me/projects/clawmini/dist/cli/index.mjs',
+      npmRootRealPath: '/usr/local/lib/node_modules',
+    });
+    const state = { ...baseState, message: '/upgrade latest' };
+    const result = await slashUpgrade(state);
+    expect(result.action).toBe('stop');
+    expect(result.reply).toContain('not installed via');
+    expect(result.reply).toContain('/Users/me/projects/clawmini/dist/cli/index.mjs');
+    expect(sendControlRequest).not.toHaveBeenCalled();
+  });
+
+  it('shows usage hint for bare /upgrade (does NOT trigger an install)', async () => {
+    const state = { ...baseState, message: '/upgrade' };
+    const result = await slashUpgrade(state);
+    expect(result.action).toBe('stop');
+    expect(result.reply).toContain('/upgrade requires an explicit target');
+    expect(result.reply).toContain('/upgrade latest');
+    expect(sendControlRequest).not.toHaveBeenCalled();
+  });
+
+  it('forwards version, chatId, and messageId to the supervisor', async () => {
+    const state = { ...baseState, message: '/upgrade 1.2.3' };
+    const result = await slashUpgrade(state);
+    expect(result.action).toBe('stop');
+    expect(result.reply).toBe('Upgrading clawmini to 1.2.3... services will restart shortly.');
+    expect(sendControlRequest).toHaveBeenCalledWith({
+      action: 'upgrade',
+      version: '1.2.3',
+      chatId: 'chat-1',
+      messageId: 'mock-msg-id',
+    });
+  });
+
+  it('accepts the literal "latest"', async () => {
+    const state = { ...baseState, message: '/upgrade latest' };
+    const result = await slashUpgrade(state);
+    expect(result.action).toBe('stop');
+    expect(result.reply).toContain('Upgrading clawmini to latest');
+    expect(sendControlRequest).toHaveBeenCalledWith({
+      action: 'upgrade',
+      version: 'latest',
+      chatId: 'chat-1',
+      messageId: 'mock-msg-id',
+    });
+  });
+
+  it('rejects multi-token arguments to avoid smuggling extra npm flags', async () => {
+    const state = { ...baseState, message: '/upgrade 1.2.3 --registry=evil' };
+    const result = await slashUpgrade(state);
+    expect(result.action).toBe('stop');
+    expect(result.reply).toBe('Usage: /upgrade <version>');
+    expect(sendControlRequest).not.toHaveBeenCalled();
+  });
+
+  it('rejects shell-meta versions even as a single token', async () => {
+    const state = { ...baseState, message: '/upgrade $(rm)' };
+    const result = await slashUpgrade(state);
+    expect(result.action).toBe('stop');
+    expect(result.reply).toContain('Invalid version');
+    expect(sendControlRequest).not.toHaveBeenCalled();
+  });
+
+  it('returns an error reply when the supervisor reports !ok', async () => {
+    vi.mocked(sendControlRequest).mockResolvedValueOnce({ ok: false, error: 'busy' });
+    const state = { ...baseState, message: '/upgrade latest' };
+    const result = await slashUpgrade(state);
+    expect(result.action).toBe('stop');
+    expect(result.reply).toBe('Upgrade aborted: busy.');
+  });
+
+  it('returns an error reply when the supervisor request rejects', async () => {
+    vi.mocked(sendControlRequest).mockRejectedValueOnce(new Error('socket missing'));
+    const state = { ...baseState, message: '/upgrade latest' };
+    const result = await slashUpgrade(state);
+    expect(result.action).toBe('stop');
+    expect(result.reply).toBe('Could not reach supervisor: socket missing.');
+  });
+});

package/src/daemon/routers/slash-upgrade.ts

@@ -0,0 +1,76 @@
+import type { RouterState } from './types.js';
+import { detectInstall } from '../../cli/install-detection.js';
+import { sendControlRequest } from '../../cli/supervisor-control.js';
+import { isAcceptableVersion } from '../../cli/supervisor-actions.js';
+import { getClawminiVersion } from '../../shared/version.js';
+
+export async function slashUpgrade(state: RouterState): Promise<RouterState> {
+  const trimmed = state.message.trim();
+  if (!/^\/upgrade(\s|$)/.test(trimmed)) return state;
+
+  // Gated to user messages by USER_ROUTERS in resolveRouters.
+  const info = detectInstall();
+  if (!info.isNpmGlobal) {
+    return stop(
+      state,
+      `Cannot upgrade: clawmini is not installed via \`npm install -g\` ` +
+        `(running from ${info.entryRealPath}). Skipping.`
+    );
+  }
+
+  const rest = trimmed.slice('/upgrade'.length).trim();
+
+  // Bare `/upgrade` is informational. Requiring an explicit version means a
+  // misclick (or a malicious tool output that somehow reached this router)
+  // can't silently install whatever the npm registry currently calls
+  // `latest`. The user has to opt in to the version they want.
+  if (rest === '') {
+    return stop(
+      state,
+      [
+        `Currently running clawmini v${getClawminiVersion()}.`,
+        '/upgrade requires an explicit target:',
+        '  /upgrade latest      — install whatever npm reports as the latest tag',
+        '  /upgrade <version>   — install a specific version (e.g. /upgrade 0.0.7)',
+      ].join('\n')
+    );
+  }
+
+  // Single token only — extra args could be smuggled into the npm command
+  // line otherwise (npm install -g clawmini@<rest> via shell).
+  if (!/^\S+$/.test(rest)) {
+    return stop(state, 'Usage: /upgrade <version>');
+  }
+
+  const version = rest;
+  if (!isAcceptableVersion(version)) {
+    return stop(state, `Invalid version: ${version}`);
+  }
+
+  // The supervisor enqueues the post-upgrade reply on its side based on the
+  // outcome of `npm install -g`, so we don't pre-queue anything here.
+  let res;
+  try {
+    res = await sendControlRequest({
+      action: 'upgrade',
+      version,
+      chatId: state.chatId,
+      messageId: state.messageId,
+    });
+  } catch (err) {
+    return stop(
+      state,
+      `Could not reach supervisor: ${err instanceof Error ? err.message : String(err)}.`
+    );
+  }
+
+  if (!res.ok) {
+    return stop(state, `Upgrade aborted: ${res.error ?? 'unknown error'}.`);
+  }
+
+  return stop(state, `Upgrading clawmini to ${version}... services will restart shortly.`);
+}
+
+function stop(state: RouterState, reply: string): RouterState {
+  return { ...state, message: '', action: 'stop', reply };
+}

package/src/daemon/routers/types.ts

@@ -11,8 +11,15 @@ export interface RouterState {
   env?: Record<string, string>;
   reply?: string;
   action?: 'stop' | 'interrupt' | 'continue';
+  externalRef?: string;
   jobs?: {
     add?: CronJob[];
     remove?: string[];
   };
+  /**
+   * CronJob id that fired this turn, when the router state was seeded by
+   * `cron.executeJob`. Threaded through to the `SystemMessage` so adapters
+   * can render a terse header instead of the prompt text.
+   */
+  jobId?: string;
 }

package/src/daemon/routers.ts

@@ -5,6 +5,10 @@ import { slashCommand } from './routers/slash-command.js';
 import { slashStop } from './routers/slash-stop.js';
 import { slashInterrupt } from './routers/slash-interrupt.js';
 import { slashPolicies } from './routers/slash-policies.js';
+import { slashModel } from './routers/slash-model.js';
+import { slashRestart } from './routers/slash-restart.js';
+import { slashShutdown } from './routers/slash-shutdown.js';
+import { slashUpgrade } from './routers/slash-upgrade.js';
 import { createSessionTimeoutRouter } from './routers/session-timeout.js';
 import type { RouterConfig } from '../shared/config.js';
 
@@ -16,6 +20,10 @@ export const USER_ROUTERS: RouterConfig[] = [
   '@clawmini/slash-stop',
   '@clawmini/slash-interrupt',
   '@clawmini/slash-policies',
+  '@clawmini/slash-model',
+  '@clawmini/slash-restart',
+  '@clawmini/slash-shutdown',
+  '@clawmini/slash-upgrade',
 ];
 
 export function resolveRouters(
@@ -87,6 +95,14 @@ export async function executeRouterPipeline(
       state = slashInterrupt(state);
     } else if (router === '@clawmini/slash-policies') {
       state = await slashPolicies(state);
+    } else if (router === '@clawmini/slash-model') {
+      state = await slashModel(state);
+    } else if (router === '@clawmini/slash-restart') {
+      state = await slashRestart(state);
+    } else if (router === '@clawmini/slash-shutdown') {
+      state = await slashShutdown(state);
+    } else if (router === '@clawmini/slash-upgrade') {
+      state = await slashUpgrade(state);
     } else if (router === '@clawmini/session-timeout') {
       state = createSessionTimeoutRouter(config)(state);
     } else {

package/src/shared/adapters/blockquote.test.ts

@@ -0,0 +1,28 @@
+import { describe, it, expect } from 'vitest';
+import { prependBlockquote } from './blockquote.js';
+
+describe('prependBlockquote', () => {
+  it('prefixes each line of the quote with "> " and separates body with a blank line', () => {
+    expect(prependBlockquote('hello\nworld', 'reply')).toBe('> hello\n> world\n\nreply');
+  });
+
+  it('handles single-line quotes', () => {
+    expect(prependBlockquote('hello', 'reply')).toBe('> hello\n\nreply');
+  });
+
+  it('handles multi-line replies', () => {
+    expect(prependBlockquote('q', 'a\nb')).toBe('> q\n\na\nb');
+  });
+
+  it('trims surrounding whitespace from quoted text and body', () => {
+    expect(prependBlockquote('  hello\nworld  \n', '\n\nreply\n')).toBe(
+      '> hello\n> world\n\nreply'
+    );
+  });
+
+  it('renders an attribution line when sender is provided', () => {
+    expect(prependBlockquote('hello\nworld', 'reply', 'Tom')).toBe(
+      '> **Tom said:**\n> hello\n> world\n\nreply'
+    );
+  });
+});

package/src/shared/adapters/blockquote.ts

@@ -0,0 +1,20 @@
+/**
+ * Format `quoted` as a markdown blockquote prefixed before `body`.
+ *
+ * Each line of `quoted` is prefixed with `> `, and a blank line separates the
+ * quote from the body — CommonMark requires the blank line to terminate the
+ * blockquote, otherwise the body is lazily folded into it. If `sender` is
+ * provided, an attribution line (`> **{sender} said:**`) is rendered as the
+ * first line of the quote. Both inputs are trimmed.
+ */
+export function prependBlockquote(quoted: string, body: string, sender?: string): string {
+  const trimmedBody = body.trim();
+  const lines = quoted
+    .trim()
+    .split('\n')
+    .map((line) => `> ${line}`);
+  if (sender) {
+    lines.unshift(`> **${sender} said:**`);
+  }
+  return `${lines.join('\n')}\n\n${trimmedBody}`;
+}