npm - mercury-agent - Versions diffs - 0.4.5 - Mend

mercury-agent 0.4.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (218) hide show

package/LICENSE +22 -0
package/README.md +438 -0
package/container/Dockerfile +127 -0
package/container/Dockerfile.base +109 -0
package/container/Dockerfile.power +17 -0
package/container/agent-package.json +8 -0
package/container/build.sh +54 -0
package/docs/TODOS.md +147 -0
package/docs/auth/dashboard.md +28 -0
package/docs/auth/overview.md +109 -0
package/docs/auth/whatsapp.md +173 -0
package/docs/configuration.md +54 -0
package/docs/container-lifecycle.md +349 -0
package/docs/context-architecture.md +87 -0
package/docs/deployment.md +199 -0
package/docs/extensions.md +375 -0
package/docs/graceful-shutdown.md +62 -0
package/docs/kb-distillation.md +77 -0
package/docs/media/overview.md +140 -0
package/docs/media/whatsapp.md +171 -0
package/docs/memory.md +137 -0
package/docs/permissions.md +217 -0
package/docs/pipeline.md +228 -0
package/docs/prd-chat-memory.md +76 -0
package/docs/prd-config-load.md +82 -0
package/docs/rate-limiting.md +166 -0
package/docs/scheduler.md +288 -0
package/docs/setup-discord.md +100 -0
package/docs/setup-slack.md +119 -0
package/docs/setup-whatsapp.md +94 -0
package/docs/subagents.md +166 -0
package/docs/web-search.md +62 -0
package/examples/extensions/README.md +12 -0
package/examples/extensions/charts/index.ts +13 -0
package/examples/extensions/charts/skill/SKILL.md +98 -0
package/examples/extensions/gws/README.md +52 -0
package/examples/extensions/gws/index.ts +106 -0
package/examples/extensions/gws/skill/SKILL.md +57 -0
package/examples/extensions/gws/skill/references/calendar.md +101 -0
package/examples/extensions/gws/skill/references/docs.md +65 -0
package/examples/extensions/gws/skill/references/drive.md +79 -0
package/examples/extensions/gws/skill/references/gmail.md +85 -0
package/examples/extensions/gws/skill/references/sheets.md +60 -0
package/examples/extensions/napkin/index.ts +821 -0
package/examples/extensions/napkin/prompts/consolidation-monthly.md +73 -0
package/examples/extensions/napkin/prompts/consolidation-weekly.md +67 -0
package/examples/extensions/napkin/prompts/kb-distillation.md +176 -0
package/examples/extensions/napkin/skill/SKILL.md +728 -0
package/examples/extensions/pdf/index.ts +23 -0
package/examples/extensions/pdf/skill/LICENSE.txt +30 -0
package/examples/extensions/pdf/skill/SKILL.md +314 -0
package/examples/extensions/pdf/skill/forms.md +294 -0
package/examples/extensions/pdf/skill/reference.md +612 -0
package/examples/extensions/pdf/skill/scripts/check_bounding_boxes.py +65 -0
package/examples/extensions/pdf/skill/scripts/check_fillable_fields.py +11 -0
package/examples/extensions/pdf/skill/scripts/convert_pdf_to_images.py +33 -0
package/examples/extensions/pdf/skill/scripts/create_validation_image.py +37 -0
package/examples/extensions/pdf/skill/scripts/extract_form_field_info.py +122 -0
package/examples/extensions/pdf/skill/scripts/extract_form_structure.py +115 -0
package/examples/extensions/pdf/skill/scripts/fill_fillable_fields.py +98 -0
package/examples/extensions/pdf/skill/scripts/fill_pdf_form_with_annotations.py +107 -0
package/examples/extensions/permission-guard/index.ts +65 -0
package/examples/extensions/pinchtab/index.ts +199 -0
package/examples/extensions/pinchtab/lib/session-injector.ts +144 -0
package/examples/extensions/pinchtab/skill/SKILL.md +224 -0
package/examples/extensions/pinchtab/skill/TRUST.md +69 -0
package/examples/extensions/pinchtab/skill/references/api.md +297 -0
package/examples/extensions/pinchtab/skill/references/env.md +45 -0
package/examples/extensions/pinchtab/skill/references/profiles.md +107 -0
package/examples/extensions/tradestation/host/refresh.ts +102 -0
package/examples/extensions/tradestation/index.ts +153 -0
package/examples/extensions/tradestation/skill/SKILL.md +67 -0
package/examples/extensions/tradestation/skill/scripts/ts-cli.ts +111 -0
package/examples/extensions/voice-synth/index.ts +94 -0
package/examples/extensions/voice-synth/skill/SKILL.md +38 -0
package/examples/extensions/voice-transcribe/index.ts +381 -0
package/examples/extensions/voice-transcribe/requirements.txt +8 -0
package/examples/extensions/voice-transcribe/scripts/transcribe.py +179 -0
package/examples/extensions/voice-transcribe/skill/SKILL.md +53 -0
package/examples/extensions/web-search/index.ts +22 -0
package/examples/extensions/web-search/skill/SKILL.md +114 -0
package/examples/extensions/web-search/skill/references/apartments.md +178 -0
package/examples/extensions/web-search/skill/references/car-purchase.md +132 -0
package/examples/extensions/web-search/skill/references/car-rental.md +113 -0
package/examples/extensions/web-search/skill/references/flights.md +133 -0
package/examples/extensions/web-search/skill/references/hotels.md +148 -0
package/examples/extensions/yahoo-mail/cli/bun.lock +66 -0
package/examples/extensions/yahoo-mail/cli/package.json +13 -0
package/examples/extensions/yahoo-mail/cli/ymail.mjs +353 -0
package/examples/extensions/yahoo-mail/index.ts +57 -0
package/examples/extensions/yahoo-mail/skill/SKILL.md +78 -0
package/package.json +106 -0
package/resources/agents/explore.md +50 -0
package/resources/agents/worker.md +24 -0
package/resources/builtin-extensions.txt +3 -0
package/resources/connection-env-vars.json +25 -0
package/resources/extensions/.gitkeep +0 -0
package/resources/pi-extensions/subagent/agents.ts +126 -0
package/resources/pi-extensions/subagent/index.ts +964 -0
package/resources/profiles/coding/AGENTS.md +43 -0
package/resources/profiles/coding/mercury-profile.yaml +15 -0
package/resources/profiles/general/AGENTS.md +31 -0
package/resources/profiles/general/mercury-profile.yaml +15 -0
package/resources/profiles/research/AGENTS.md +40 -0
package/resources/profiles/research/mercury-profile.yaml +15 -0
package/resources/skills/config/SKILL.md +25 -0
package/resources/skills/context/SKILL.md +33 -0
package/resources/skills/conversation-recap/SKILL.md +19 -0
package/resources/skills/media/SKILL.md +27 -0
package/resources/skills/mutes/SKILL.md +31 -0
package/resources/skills/permissions/SKILL.md +19 -0
package/resources/skills/preferences/SKILL.md +31 -0
package/resources/skills/recall/SKILL.md +24 -0
package/resources/skills/roles/SKILL.md +18 -0
package/resources/skills/spaces/SKILL.md +18 -0
package/resources/skills/tasks/SKILL.md +45 -0
package/resources/templates/AGENTS.md +157 -0
package/resources/templates/env.template +34 -0
package/resources/templates/mercury.example.yaml +75 -0
package/src/adapters/discord-native.ts +534 -0
package/src/adapters/discord.ts +38 -0
package/src/adapters/setup.ts +89 -0
package/src/adapters/slack.ts +9 -0
package/src/adapters/whatsapp-media.ts +337 -0
package/src/adapters/whatsapp.ts +629 -0
package/src/agent/api-socket.ts +127 -0
package/src/agent/container-entry.ts +967 -0
package/src/agent/container-error.ts +49 -0
package/src/agent/container-runner.ts +1272 -0
package/src/agent/model-capabilities-core.ts +23 -0
package/src/agent/model-capabilities.ts +231 -0
package/src/agent/pi-failure-class.ts +83 -0
package/src/agent/pi-jsonl-parser.ts +306 -0
package/src/agent/preferences-prompt.ts +20 -0
package/src/agent/user-error-messages.ts +78 -0
package/src/bridges/discord.ts +171 -0
package/src/bridges/slack.ts +177 -0
package/src/bridges/teams.ts +160 -0
package/src/bridges/telegram.ts +571 -0
package/src/bridges/whatsapp.ts +290 -0
package/src/chat-shim.ts +259 -0
package/src/cli/mercury.ts +2508 -0
package/src/cli/mrctl-http.ts +27 -0
package/src/cli/mrctl.ts +611 -0
package/src/cli/whatsapp-auth.ts +260 -0
package/src/config-file.ts +397 -0
package/src/config-model-chain.ts +30 -0
package/src/config.ts +316 -0
package/src/core/api-types.ts +58 -0
package/src/core/api.ts +105 -0
package/src/core/commands.ts +76 -0
package/src/core/conversation.ts +47 -0
package/src/core/handler.ts +206 -0
package/src/core/media.ts +200 -0
package/src/core/mute-duration.ts +22 -0
package/src/core/outbox.ts +76 -0
package/src/core/permissions.ts +192 -0
package/src/core/profiles.ts +245 -0
package/src/core/rate-limiter.ts +127 -0
package/src/core/router.ts +191 -0
package/src/core/routes/chat.ts +172 -0
package/src/core/routes/config-builtin.ts +107 -0
package/src/core/routes/config.ts +81 -0
package/src/core/routes/connections.ts +190 -0
package/src/core/routes/console.ts +668 -0
package/src/core/routes/control.ts +46 -0
package/src/core/routes/conversations.ts +66 -0
package/src/core/routes/dashboard.ts +2491 -0
package/src/core/routes/extensions.ts +37 -0
package/src/core/routes/index.ts +14 -0
package/src/core/routes/media.ts +72 -0
package/src/core/routes/messages.ts +37 -0
package/src/core/routes/mutes.ts +89 -0
package/src/core/routes/prefs.ts +95 -0
package/src/core/routes/roles.ts +125 -0
package/src/core/routes/spaces.ts +60 -0
package/src/core/routes/storage.ts +126 -0
package/src/core/routes/tasks.ts +189 -0
package/src/core/routes/tradestation.ts +268 -0
package/src/core/routes/tts.ts +51 -0
package/src/core/runtime.ts +1140 -0
package/src/core/space-queue.ts +103 -0
package/src/core/storage-cleanup.ts +140 -0
package/src/core/storage-guard.ts +24 -0
package/src/core/task-scheduler.ts +132 -0
package/src/core/telegram-format.ts +178 -0
package/src/core/trigger.ts +142 -0
package/src/dashboard/index.html +729 -0
package/src/dashboard/tokens.css +53 -0
package/src/extensions/api.ts +252 -0
package/src/extensions/catalog.ts +117 -0
package/src/extensions/config-registry.ts +83 -0
package/src/extensions/context.ts +36 -0
package/src/extensions/hooks.ts +156 -0
package/src/extensions/image-builder.ts +617 -0
package/src/extensions/installer.ts +306 -0
package/src/extensions/jobs.ts +122 -0
package/src/extensions/loader.ts +271 -0
package/src/extensions/permission-guard.ts +52 -0
package/src/extensions/reserved.ts +28 -0
package/src/extensions/skills.ts +123 -0
package/src/extensions/types.ts +462 -0
package/src/logger.ts +174 -0
package/src/main.ts +586 -0
package/src/server.ts +391 -0
package/src/storage/db.ts +1624 -0
package/src/storage/memory.ts +45 -0
package/src/storage/pi-auth.ts +95 -0
package/src/text/markdown.ts +117 -0
package/src/text/rtl.ts +38 -0
package/src/tradestation/host-api.ts +77 -0
package/src/tradestation/pending-orders.ts +69 -0
package/src/tts/azure.ts +52 -0
package/src/tts/google.ts +128 -0
package/src/tts/index.ts +8 -0
package/src/tts/language.ts +20 -0
package/src/tts/synthesize.ts +133 -0
package/src/types.ts +295 -0

package/docs/media/whatsapp.md ADDED Viewed

@@ -0,0 +1,171 @@
+# WhatsApp Media Handling
+Downloads media from WhatsApp messages using the Baileys library.
+## Supported Media Types
+| WhatsApp Type | Detected As | Default MIME | Extensions |
+|---------------|-------------|--------------|------------|
+| `imageMessage` | `image` | `image/jpeg` | jpg, png, gif, webp |
+| `videoMessage` | `video` | `video/mp4` | mp4, 3gp |
+| `audioMessage` (ptt=true) | `voice` | `audio/ogg` | ogg |
+| `audioMessage` (ptt=false) | `audio` | `audio/mpeg` | mp3, m4a, aac, ogg |
+| `documentMessage` | `document` | `application/octet-stream` | pdf, doc, docx, xls, xlsx, txt, etc. |
+| `stickerMessage` | `image` | `image/webp` | webp |
+## Data Flow
+```
+WAMessage (Baileys)
+       │
+       ▼
+detectWhatsAppMedia(msg.message)
+       │
+       ├─▶ null (no media)
+       │
+       ▼
+WhatsAppMediaInfo { type, mimeType, fileLength?, filename? }
+       │
+       ▼
+downloadWhatsAppMedia(msg, sock, options)
+       │
+       ├─▶ null (too large / download failed)
+       │
+       ▼
+MessageAttachment { path, type, mimeType, sizeBytes?, filename? }
+       │
+       ▼
+Saved to: {workspace}/inbox/{timestamp}-{type}.{ext}
+```
+## Implementation
+### Detection
+```typescript
+// src/adapters/whatsapp-media.ts
+function detectWhatsAppMedia(message: proto.IMessage): WhatsAppMediaInfo | null
+```
+Checks message for media fields in order:
+1. `audioMessage?.ptt` → voice note
+2. `audioMessage` → audio
+3. `imageMessage` → image
+4. `videoMessage` → video
+5. `documentMessage` → document
+6. `stickerMessage` → image
+### Download
+```typescript
+// src/adapters/whatsapp-media.ts
+async function downloadWhatsAppMedia(
+  msg: WAMessage,
+  sock: WASocket,
+  options: MediaDownloadOptions,
+): Promise<MessageAttachment | null>
+```
+Uses Baileys' `downloadMediaMessage()`:
+```typescript
+const buffer = await downloadMediaMessage(
+  msg,
+  "buffer",
+  {},
+  {
+    logger: silentLogger,
+    reuploadRequest: sock.updateMediaMessage,
+  },
+);
+```
+### Adapter Integration
+```typescript
+// src/adapters/whatsapp.ts
+createWhatsAppBaileysAdapter({
+  mediaEnabled: true,
+  mediaMaxSizeBytes: 10 * 1024 * 1024,
+  getWorkspace: (spaceId) => ensureSpaceWorkspace(spacesDir, spaceId),
+});
+```
+## Size Limits
+Files are checked against `mediaMaxSizeBytes` twice:
+1. **Before download** — using `fileLength` from message metadata (may be missing)
+2. **After download** — using actual buffer size
+Files exceeding the limit are logged and skipped:
+```
+[WARN] Skipping large media file messageId=ABC type=video sizeBytes=52428800 maxBytes=10485760
+```
+## Reply Context
+When replying to a message with media, the reply context includes media info:
+```typescript
+// Attributes added to <reply_to>
+media_type="image"
+media_mime="image/jpeg"
+```
+Example:
+```xml
+<reply_to name="John" jid="123@wa" message_id="ABC" media_type="image" media_mime="image/jpeg">
+[image]
+</reply_to>
+```
+## File Naming
+Pattern: `{timestamp}-{type}.{ext}` or `{timestamp}-{filename}` for documents
+| Input | Output |
+|-------|--------|
+| image/jpeg | `1709012345-image.jpg` |
+| audio/ogg (voice) | `1709012345-voice.ogg` |
+| application/pdf, "report.pdf" | `1709012345-report.pdf` |
+## MIME to Extension Mapping
+```typescript
+const MIME_TO_EXT: Record<string, string> = {
+  "image/jpeg": "jpg",
+  "image/png": "png",
+  "image/gif": "gif",
+  "image/webp": "webp",
+  "audio/ogg": "ogg",
+  "audio/mpeg": "mp3",
+  "audio/mp4": "m4a",
+  "video/mp4": "mp4",
+  "video/3gpp": "3gp",
+  "application/pdf": "pdf",
+  // ... etc
+};
+```
+Unknown MIME types default to `.bin`.
+## Limitations
+1. **No re-download** — Media is downloaded once when the message arrives. If the file is deleted, it's gone.
+2. **No transcription** — Voice notes are saved as audio files. pi cannot play them. Future: add Whisper transcription.
+3. **Reply context doesn't include file** — When replying to a media message, we include metadata but not the actual file path. The original attachment would need to be looked up.
+4. **Ephemeral media** — WhatsApp media URLs expire. Download must happen immediately when the message arrives.
+## Error Handling
+| Error | Behavior |
+|-------|----------|
+| Download fails | Log error, continue without attachment |
+| Buffer empty | Log error, return null |
+| Size exceeded | Log warning, discard buffer |
+| Write fails | Throw error (propagates up) |

package/docs/memory.md ADDED Viewed

@@ -0,0 +1,137 @@
+# Memory
+Mercury stores memory per **space** in the space workspace directory. Memory behavior is extension-driven (for example, via a napkin extension).
+## How It Works
+Each space gets a workspace at:
+```text
+.mercury/spaces/<space-id>/
+```
+Core directories Mercury manages:
+```text
+.mercury/spaces/<space-id>/
+├── inbox/              # Media received from users
+├── outbox/             # Files produced by the agent
+├── AGENTS.md           # Space instructions
+└── .mercury.session.jsonl
+```
+Additional vault structure (for example `.obsidian/`, `knowledge/`, `daily/`, `entities/`) is created by installed extensions.
+## Vault Structure
+There is no single required memory schema in core Mercury. The exact structure depends on your extension setup.
+A common pattern (napkin example) is:
+```text
+knowledge/
+├── people/
+├── projects/
+├── references/
+└── daily/
+```
+Conversations do not get their own vaults — multiple platform conversations can link into the same space.
+## Agent Capabilities
+The agent discovers extension commands via installed skills (for example `napkin` skill in `.mercury/extensions/napkin/skill/`).
+### Reading
+```bash
+napkin search "query"              # Find relevant files
+napkin read "filename"             # Read a specific file
+napkin link back --file "name"     # See what links to a file
+napkin daily read                  # Read today's daily note
+```
+### Writing
+```bash
+napkin create --name "Liat" --path entities --content "..."
+napkin append --file "Liat" --content "..."
+napkin property set --file "Liat" --name birthday --value "April 15"
+napkin daily append --content "- Discussed vacation plans"
+```
+### Wikilinks
+The agent uses `[[wikilinks]]` when mentioning entities. This creates a navigable graph:
+```markdown
+---
+type: person
+relationship: wife
+---
+# Liat
+[[Michael]]'s wife. Planning a surprise party at [[Dizengoff Italian Place]].
+```
+## User Interaction
+Users manage memory through natural chat:
+| User says | What happens |
+|-----------|--------------|
+| "Remember that Liat's birthday is April 15" | Agent writes to `entities/Liat.md` |
+| "What do you know about Liat?" | Agent reads and summarizes the entity file |
+| "Forget everything about the project" | Agent deletes the entity file |
+## Entity Format
+Entities are markdown files with optional YAML frontmatter:
+```markdown
+---
+type: person
+birthday: April 15
+---
+# Liat
+Context and notes about Liat.
+_2026-02-20:_ Booked the Italian place for April 12.
+_2026-02-25:_ Changed venue to [[Cafe Nimrod]].
+```
+- **Frontmatter** — Structured attributes (replace semantics)
+- **Body** — Accumulated context (append semantics, timestamped)
+- **Wikilinks** — Connections to other entities
+## Conditional Context
+Mercury can skip loading the full session for standalone prompts (e.g. "what's 2+2?"), reducing token usage. After the run, the prompt and reply are merged back into the session so history stays complete.
+See [conditional-context.md](conditional-context.md) for details and configuration.
+## Persistence
+Memory persists because the agent writes to disk during conversation. When a session compacts or restarts, the vault files remain — the agent reads them fresh on next interaction.
+The vault is plain markdown. You can:
+- Open it in Obsidian and browse the graph
+- Edit files directly from the host
+- Back it up like any other directory
+## Space preferences (built-in)
+Short, structured **per-space** hints (sources, habits, rules) can be stored in SQLite and managed from chat via `mrctl prefs` (see the built-in **preferences** skill). The host injects them into each run as a `<preferences>` block in the user prompt. See [prd-chat-memory.md](prd-chat-memory.md).
+## Configuration
+Memory behavior is controlled by installed extensions and their config.
+To use a shared Obsidian vault across tools, symlink or mount it:
+```bash
+ln -s /path/to/your/vault .mercury/spaces/main
+```

package/docs/permissions.md ADDED Viewed

@@ -0,0 +1,217 @@
+# Permissions
+Mercury uses role-based access control (RBAC) per space. Each user has a role, and each role has a set of permissions.
+## How It Works
+```
+Message arrives
+  │
+  ├─► Resolve caller's role
+  │     • System caller? → role = "system"
+  │     • Seeded admin? → grant admin, store in DB
+  │     • Existing role in DB? → use it
+  │     • Otherwise → "member"
+  │
+  ├─► Load role's permissions
+  │     • Check space_config for override
+  │     • Fall back to built-in defaults
+  │
+  └─► Check permission for action
+        • Has permission → proceed
+        • Denied → return error
+```
+## Roles
+| Role | Default Permissions | Description |
+|------|---------------------|-------------|
+| `system` | All | Internal system caller (scheduler, etc.) — not assignable |
+| `admin` | All | Full control over the space |
+| `member` | `prompt`, `prefs.get` | Can chat and read space preferences (default for new users) |
+Custom roles can be created by assigning permissions to any role name.
+## Permissions
+| Permission | Description |
+|------------|-------------|
+| `prompt` | Send messages to the assistant |
+| `stop` | Abort running agent and clear queue |
+| `compact` | Reset session boundary (fresh context) |
+| `tasks.list` | View scheduled tasks |
+| `tasks.create` | Create new scheduled tasks |
+| `tasks.pause` | Pause scheduled tasks |
+| `tasks.resume` | Resume paused tasks |
+| `tasks.delete` | Delete scheduled tasks |
+| `config.get` | Read space configuration |
+| `config.set` | Modify space configuration |
+| `prefs.get` | Read space preferences (`mrctl prefs list/get`) |
+| `prefs.set` | Create, update, or delete space preferences (`mrctl prefs set/delete`) |
+| `roles.list` | View roles in the space |
+| `roles.grant` | Assign roles to users |
+| `roles.revoke` | Remove roles from users |
+| `permissions.get` | View role permissions |
+| `permissions.set` | Modify role permissions |
+| `spaces.list` | View all spaces |
+| `spaces.rename` | Rename a space and link/unlink conversations |
+| `spaces.delete` | Delete current space and all related DB data |
+## Mutes
+Muted users’ messages are dropped for the space until the mute expires or is cleared. The agent can mute via `mrctl mute` (with API confirmation). **Operators** with dashboard access (`MERCURY_API_SECRET`) can list active mutes, unmute, or add a timed mute from **Spaces → (space) → Muted users**.
+## Managing Roles
+The agent uses `mrctl` to manage roles:
+```bash
+# List all roles in the current space
+mrctl roles list
+# Grant admin role to a user
+mrctl roles grant 1234567890@s.whatsapp.net --role admin
+# Grant a custom role
+mrctl roles grant 1234567890@s.whatsapp.net --role moderator
+# Revoke role (user becomes member)
+mrctl roles revoke 1234567890@s.whatsapp.net
+```
+## Managing Permissions
+Permissions are per-role, per-space:
+```bash
+# Show permissions for all roles
+mrctl permissions show
+# Show permissions for a specific role
+mrctl permissions show --role member
+# Give members ability to stop the agent
+mrctl permissions set member prompt,stop
+# Create a moderator role with task management
+mrctl permissions set moderator prompt,stop,tasks.list,tasks.pause,tasks.resume
+# Give a role full task control
+mrctl permissions set taskmaster prompt,tasks.list,tasks.create,tasks.pause,tasks.resume,tasks.delete
+```
+## Managing Spaces
+Spaces can be listed and managed via `mrctl`:
+```bash
+# List all spaces with their names
+mrctl spaces list
+# Get current space's display name
+mrctl spaces name
+# Set current space's display name
+mrctl spaces name "Startup Buddies"
+# Delete current space (tasks, messages, roles, config)
+mrctl spaces delete
+# List discovered conversations
+mrctl conversations list
+# Show only conversations that are not yet linked
+mrctl conversations list --unlinked
+```
+Space names are stored in the database and shown in logs/dashboard for easier identification. Conversations remain platform-native and are linked into spaces. Conversation listing uses `spaces.list`; linking and unlinking use `spaces.rename`.
+## Seeding Admins
+Pre-configure admin users via environment variable. They're granted admin on first interaction with each space:
+```bash
+MERCURY_ADMINS=1234567890@s.whatsapp.net,0987654321@s.whatsapp.net
+```
+This is useful for bootstrapping — the first admin can then grant roles to others.
+## Storage
+Roles and permissions are stored in SQLite:
+| Table | Purpose |
+|-------|---------|
+| `space_roles` | Maps `(space_id, platform_user_id)` → `role` |
+| `space_config` | Stores `role.<name>.permissions` overrides |
+Built-in defaults (`admin` = all, `member` = `prompt` + `prefs.get`) are not stored — they're applied when no override exists.
+## System Caller
+The `system` role is special:
+- Always has all permissions
+- Cannot be modified or assigned
+- Used for internal callers: scheduled tasks, system triggers
+```typescript
+if (isSystemCaller(callerId)) return "system";
+```
+## Extension Permissions
+Extensions register additional permissions at runtime via the extension API:
+```typescript
+mercury.permission({ defaultRoles: ["admin", "member"] });
+```
+This registers a permission named after the extension (e.g., `napkin`). The behavior:
+- **Admin** always gets all permissions (built-in + extension)
+- **Extension `defaultRoles`** are respected — if `["member"]` is specified, members get that permission by default
+- **Per-space overrides** still take precedence over defaults
+- **Built-in permission names** cannot be overridden by extensions
+Extension CLIs are called directly by the agent in bash. Permission enforcement is handled by a pi extension that blocks denied CLIs at the bash tool level, based on the caller's role and the `MERCURY_DENIED_CLIS` environment variable set by Mercury's runtime.
+Extensions that declare env vars via `mercury.env()` also have those vars gated by permission — they are only injected into containers when the caller has the extension's permission. This prevents credential leakage (e.g., a blocked `gh` CLI's `GH_TOKEN` being used via `curl`).
+### API
+```typescript
+registerPermission(name, { defaultRoles })   // Register (called by extension loader)
+getAllPermissions()                            // Built-in + extension permissions
+isValidPermission(name)                       // Check if name is valid
+resetPermissions()                            // Clear registered (test isolation)
+```
+## Scope
+Permissions are **per-space**:
+- A user can be `admin` in one space and `member` in another
+- Custom role permissions are space-specific
+- No global roles (except seeded admins, which apply on first interaction per space)
+## API
+### `resolveRole(db, spaceId, platformUserId, seededAdmins)`
+Determines a caller's role:
+1. System caller → `"system"`
+2. Seed admins if needed
+3. Upsert member record
+4. Return stored role or `"member"`
+### `getRolePermissions(db, spaceId, role)`
+Returns the permission set for a role:
+1. System role → all permissions
+2. Check `space_config` for `role.<name>.permissions`
+3. Fall back to built-in defaults
+### `hasPermission(db, spaceId, role, permission)`
+Returns `true` if the role has the specified permission.