npm - spine-framework-portal - Versions diffs - 0.2.18 → 0.2.20 - Mend

spine-framework-portal 0.2.18 → 0.2.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/functions/custom_portal-signals.ts +27 -37
package/functions/custom_support-triage.ts +86 -436
package/manifest.json +4 -3
package/package.json +1 -1
package/LICENSE.md +0 -193
package/README.md +0 -44

package/functions/custom_portal-signals.ts CHANGED Viewed

@@ -1,12 +1,12 @@
 import { createHandler } from './_shared/middleware'
-import { adminDb } from './_shared/db'
 import { resolveTypeId } from './_shared/resolve-ids'
+import { create } from './admin-data'
 export const handler = createHandler(async (ctx, body) => {
-  const {
-    action_type,
-    action_value,
-    action_description,
+  const {
+    action_type,
+    action_value,
+    action_description,
     session_id,
     url,
     path,
@@ -27,14 +27,7 @@ export const handler = createHandler(async (ctx, body) => {
     throw err
   }
-  // Get the funnel_signal type_id
-  const { data: typeId } = await adminDb
-    .from('types')
-    .select('id')
-    .eq('kind', 'item')
-    .eq('slug', 'funnel_signal')
-    .single()
+  const typeId = await resolveTypeId('item', 'funnel_signal')
   if (!typeId) {
     const err: any = new Error('funnel_signal type not found')
     err.statusCode = 500
@@ -42,36 +35,33 @@ export const handler = createHandler(async (ctx, body) => {
   }
   const signalData = {
-    account_id: ctx.accountId,
-    person_id: ctx.principal.id,
-    session_id: session_id || `portal_${ctx.principal.id}_${Date.now()}`,
-    anonymous_id: anonymous_id || null,
-    stage: 'identified',
-    source: 'port', // Portal-specific source for user engagement tracking
+    identity_person_id: ctx.principal.id,
+    identity_account_id: ctx.accountId,
+    identity_session_id: session_id || `portal_${ctx.principal.id}_${Date.now()}`,
+    identity_anonymous_id: anonymous_id || null,
+    classification_stage: 'identified',
+    classification_source: 'port',
     action_type,
     action_value,
     ...(action_description && { action_description }),
-    ...(url && { url }),
-    ...(path && { path }),
-    ...(referrer && { referrer }),
-    ...(user_agent && { user_agent }),
-    occurred_at: new Date().toISOString()
+    ...(url && { portal_url: url }),
+    ...(path && { portal_path: path }),
+    ...(referrer && { portal_referrer: referrer }),
+    ...(user_agent && { portal_user_agent: user_agent }),
+    processing_received_at: new Date().toISOString()
   }
-  // Create the signal item directly using admin-data pattern
-  const { data: signal, error } = await adminDb
-    .from('items')
-    .insert({
-      type_id: typeId.id,
-      title: `${action_type} - ${action_value}`,
-      account_id: ctx.accountId,
-      data: signalData
-    })
-    .select('id')
-    .single()
+  // Delegate to admin-data.create so design_schema, validation_schema,
+  // scope resolution, and audit fields are all stamped correctly.
+  const signal = await create(ctx, {
+    entity: 'items',
+    type_id: typeId,
+    title: `${action_type} - ${action_value}`,
+    data: signalData
+  })
-  if (error || !signal) {
-    const err: any = new Error(`Failed to create signal: ${error?.message || 'Unknown error'}`)
+  if (!signal?.id) {
+    const err: any = new Error('Failed to create signal')
     err.statusCode = 500
     throw err
   }

package/functions/custom_support-triage.ts CHANGED Viewed

@@ -1,485 +1,137 @@
 import { createHandler, CoreContext } from './_shared/middleware'
 import { adminDb } from './_shared/db'
-import { resolveTypeId } from './_shared/resolve-ids'
+import { resolveTypeId, resolveAgentId, resolvePromptConfigId } from './_shared/resolve-ids'
+import { runAgent } from './_shared/index'
 import { create, update } from './admin-data'
 /**
- * Custom Support Triage Handler
+ * @module custom_support-triage
+ * @layer custom/portal
+ * @stability custom
  *
- * Two actions:
- *   POST ?action=new_ticket  — first message: creates ticket + thread + messages, runs AI
- *   POST ?action=reply       — follow-up message on existing ticket: posts message, runs AI
+ * Support ticket entry point. Two actions:
+ *   POST ?action=new_ticket  — creates ticket + external thread, calls runAgent()
+ *   POST ?action=reply       — posts the human message, calls runAgent() on the existing thread
  *
- * All runtime record creation goes through admin-data.create so design_schema,
- * validation_schema, scope, audit fields, and triggers are handled consistently.
+ * All AI inference (RAG, tool calls, confidence scoring, escalation pipeline) is
+ * delegated to core's runAgent() — agent behaviour is controlled entirely via
+ * ai_agents + prompt_configs records (no AI logic in this file).
  *
- * AI response schema (enforced via response_format: json_object):
- * {
- *   public_response: string,
- *   confidence: number (0-1),
- *   confidence_reasoning: string,
- *   escalate: boolean,
- *   escalation_reason: 'low_confidence' | 'none',
- *   sources_used: Array<{ type, id, title, relevance }>,
- *   suggested_title: string   (turn 1 only)
- * }
+ * Response shape:
+ *   { ticketId, threadId, agentMessageId, content, confidence, escalated }
+ *
+ * Escalation is handled inside agent-runner.ts via the escalation_pipeline
+ * configured in the prompt_config row — no escalation code here.
  */
-// ─── CONSTANTS ────────────────────────────────────────────────────────────────
-const TRIAGE_AGENT_ID = '01e448df-890b-4589-857b-815eadb44d81'
-const PROMPT_CONFIG_ID = 'b778253e-cd2f-49f3-be81-836c55ed7542'
-const CONFIDENCE_THRESHOLD = 0.75
+// ─── HELPERS ──────────────────────────────────────────────────────────────────
-// Helper: call admin-data.update as a nested import (entity+id go in ctx.query)
 function adminDataUpdate(ctx: CoreContext, entity: string, id: string, fields: Record<string, any>) {
   return update({ ...ctx, query: { ...((ctx as any).query || {}), entity, id } } as any, fields)
 }
-// ─── TYPES ────────────────────────────────────────────────────────────────────
-interface TriageEnvelope {
-  public_response: string
-  confidence: number
-  confidence_reasoning: string
-  escalate: boolean
-  escalation_reason: 'low_confidence' | 'none'
-  sources_used: Array<{ type: string; id: string; title: string; relevance: number }>
-  suggested_title?: string
-}
-interface TriageResult {
-  ticketId: string
-  threadId: string
-  publicMessageId: string
-  internalMessageId: string
-  public_response: string
-  confidence: number
-  escalated: boolean
-  escalation_reason: string
-  suggested_title?: string
-}
-interface TypeIds {
-  supportTicket: string
-  thread: string
-  message: string
-}
-// ─── HELPERS ──────────────────────────────────────────────────────────────────
-async function getConversationHistory(threadId: string): Promise<any[]> {
-  const { data: msgs, error } = await adminDb
-    .from('messages')
-    .select('content, direction, data, created_at')
-    .eq('thread_id', threadId)
-    .eq('visibility', 'public')
-    .order('created_at', { ascending: true })
-    .limit(20)
-  if (error) return []
-  return msgs || []
-}
-async function getPriorTickets(accountId: string, personId: string, supportTicketTypeId: string): Promise<any[]> {
-  const { data: tickets, error } = await adminDb
-    .from('items')
-    .select('id, title, description, created_at')
-    .eq('type_id', supportTicketTypeId)
-    .eq('account_id', accountId)
-    .eq('created_by', personId)
-    .order('created_at', { ascending: false })
-    .limit(5)
-  if (error) return []
-  return tickets || []
-}
-const KB_PLATFORM_ACCOUNT_ID = '12acec9b-8451-40e7-80d5-e80c4e2fc0de' // spine-system
-async function searchKB(query: string, accountId: string): Promise<any[]> {
-  const accountIds = [accountId]
-  if (accountId !== KB_PLATFORM_ACCOUNT_ID) accountIds.push(KB_PLATFORM_ACCOUNT_ID)
-  const { data: results, error } = await adminDb
-    .from('embeddings')
-    .select('document_id, content, metadata, account_id')
-    .in('account_id', accountIds)
-    .eq('metadata->>item_type', 'kb_article')
-    .eq('metadata->>vector_type', 'semantic')
-    .textSearch('content', query, { type: 'websearch', config: 'english' })
-    .limit(8)
-  if (error) return []
-  return (results || [])
-    .filter((r: any) => r.account_id === accountId || r.metadata?.security_level !== 'restricted')
-    .slice(0, 5)
-}
-async function callOpenAI(
-  systemPrompt: string,
-  messages: Array<{ role: 'user' | 'assistant' | 'system'; content: string }>,
-  model: string,
-  temperature: number
-): Promise<{ envelope: TriageEnvelope; latency_ms: number; token_usage: any }> {
-  const apiKey = process.env.OPENAI_API_KEY || process.env.LLM_API_KEY
-  const baseUrl = process.env.OPENAI_BASE_URL || 'https://api.openai.com/v1'
-  const startTime = Date.now()
-  if (!apiKey) {
-    return {
-      envelope: {
-        public_response: '[Mock] No OPENAI_API_KEY set. This is a mock AI response for local development.',
-        confidence: 0.85,
-        confidence_reasoning: 'Mock response — no API key configured.',
-        escalate: false,
-        escalation_reason: 'none',
-        sources_used: [],
-        suggested_title: 'Mock Support Ticket'
-      },
-      latency_ms: 0,
-      token_usage: { prompt_tokens: 0, completion_tokens: 0, total_tokens: 0 }
-    }
-  }
-  const res = await fetch(`${baseUrl}/chat/completions`, {
-    method: 'POST',
-    headers: { 'Content-Type': 'application/json', Authorization: `Bearer ${apiKey}` },
-    body: JSON.stringify({
-      model,
-      temperature,
-      response_format: { type: 'json_object' },
-      messages: [{ role: 'system', content: systemPrompt }, ...messages]
-    })
-  })
-  if (!res.ok) {
-    const err = await res.text()
-    throw new Error(`OpenAI error ${res.status}: ${err.slice(0, 200)}`)
-  }
-  const result: any = await res.json()
-  const raw = result.choices?.[0]?.message?.content || '{}'
-  let envelope: TriageEnvelope
-  try {
-    envelope = JSON.parse(raw)
-    if (typeof envelope.public_response !== 'string') throw new Error('missing public_response')
-    if (typeof envelope.confidence !== 'number') throw new Error('missing confidence')
-  } catch (parseErr: any) {
-    envelope = {
-      public_response: "We're looking into this and will have a human response shortly.",
-      confidence: 0,
-      confidence_reasoning: `Parse failure: ${parseErr.message}. Raw: ${raw.slice(0, 200)}`,
-      escalate: true,
-      escalation_reason: 'low_confidence',
-      sources_used: []
-    }
-  }
-  return { envelope, latency_ms: Date.now() - startTime, token_usage: result.usage || {} }
-}
-function buildSystemPrompt(
-  agentSystemPrompt: string,
-  contextTemplate: string,
-  kbSources: any[],
-  priorTickets: any[],
-  history: any[]
-): string {
-  let prompt = agentSystemPrompt + '\n\n'
-  prompt += contextTemplate + '\n\n'
-  if (kbSources.length > 0) {
-    prompt += '## Knowledge Base Articles\n'
-    kbSources.forEach((doc, i) => { prompt += `[KB${i + 1}] ${doc.content?.slice(0, 500)}\n` })
-    prompt += '\n'
-  }
-  if (priorTickets.length > 0) {
-    prompt += "## Customer's Prior Tickets\n"
-    priorTickets.forEach((t) => { prompt += `- ${t.title}: ${t.description?.slice(0, 200) || 'No description'}\n` })
-    prompt += '\n'
-  }
-  if (history.length > 0) {
-    prompt += '## Conversation So Far\n'
-    history.forEach((m) => {
-      prompt += `${m.direction === 'inbound' ? 'Customer' : 'Assistant'}: ${m.content}\n`
-    })
-    prompt += '\n'
-  }
-  prompt += `\nYou MUST respond with a single valid JSON object matching EXACTLY this schema. No markdown, no code fences, no extra text:\n`
-  prompt += `{
-  "public_response": "<your response to the customer>",
-  "confidence": <0.0-1.0>,
-  "confidence_reasoning": "<one sentence explaining your confidence score>",
-  "escalate": <true|false>,
-  "escalation_reason": "<low_confidence|none>",
-  "sources_used": [{"type": "kb_article|prior_ticket", "id": "<id>", "title": "<title>", "relevance": <0.0-1.0>}],
-  "suggested_title": "<3-8 word case title — ONLY include on the first turn>"
-}`
-  return prompt
-}
 // ─── ACTION: NEW TICKET ───────────────────────────────────────────────────────
-async function handleNewTicket(ctx: any, body: any, typeIds: TypeIds): Promise<TriageResult> {
+async function handleNewTicket(
+  ctx: any,
+  body: any,
+  ids: { supportTicket: string; thread: string; triageAgentId: string; promptConfigId: string }
+) {
   const { message } = body
   const account_id = ctx.accountId as string
   const person_id = ctx.principal?.id as string
   if (!message) throw new Error('message is required')
   if (!account_id || !person_id) throw new Error('User context (account + person) required')
-  // Load agent + prompt config (config tables — direct reads are fine)
-  const [{ data: agent }, { data: promptConfig }] = await Promise.all([
-    adminDb.from('ai_agents').select('*').eq('id', TRIAGE_AGENT_ID).single(),
-    adminDb.from('prompt_configs').select('*').eq('id', PROMPT_CONFIG_ID).single()
-  ])
-  if (!agent || !promptConfig) throw new Error('Triage agent configuration not found')
-  const model = agent.model_config?.model || process.env.LLM_DEFAULT_MODEL || 'gpt-4o'
-  const temperature = agent.model_config?.temperature ?? 0.7
+  const { supportTicket, thread, triageAgentId, promptConfigId } = ids
-  // Run AI before ticket exists (no history yet)
-  const [kbSources, priorTickets] = await Promise.all([
-    searchKB(message, account_id),
-    getPriorTickets(account_id, person_id, typeIds.supportTicket)
-  ])
-  const systemPrompt = buildSystemPrompt(
-    agent.system_prompt,
-    promptConfig.context_template.replace('{{user_message}}', message),
-    kbSources,
-    priorTickets,
-    []
-  )
-  const { envelope, latency_ms, token_usage } = await callOpenAI(
-    systemPrompt,
-    [{ role: 'user', content: message }],
-    model,
-    temperature
-  )
-  const escalate = envelope.escalate || envelope.confidence < (promptConfig.confidence_threshold || CONFIDENCE_THRESHOLD)
-  const suggestedTitle = envelope.suggested_title || message.slice(0, 80)
-  // Create ticket via admin-data (stamps schema, fires triggers)
+  // 1. Create a placeholder ticket — title will be updated after agent responds
   const ticket = await create(ctx, {
     entity: 'items',
-    type_id: typeIds.supportTicket,
-    title: suggestedTitle,
+    type_id: supportTicket,
+    title: message.slice(0, 100),
     description: message,
-    status: escalate ? 'human_assigned' : 'ai_responding',
+    status: 'ai_responding',
     data: {
-      status: escalate ? 'human_assigned' : 'ai_responding',
-      aim_triage_agent_id: TRIAGE_AGENT_ID,
-      aim_confidence_threshold: promptConfig.confidence_threshold || CONFIDENCE_THRESHOLD,
-      aim_confidence_at_response: envelope.confidence,
-      aim_escalation_reason: escalate ? envelope.escalation_reason : 'none'
+      aim_triage_agent_id: triageAgentId,
     }
   })
   if (!ticket?.id) throw new Error('Failed to create ticket')
-  const ticketId = ticket.id
-  // Create thread via admin-data
-  const thread = await create(ctx, {
+  // 2. Create the external thread wired to the triage agent + prompt config.
+  //    agent-runner resolves agent & config from thread.data.agent_id / prompt_config_id.
+  const threadRecord = await create(ctx, {
     entity: 'threads',
-    type_id: typeIds.thread,
+    type_id: thread,
     target_type: 'items',
-    target_id: ticketId,
+    target_id: ticket.id,
     visibility: 'external',
     status: 'active',
-    data: { agent_id: TRIAGE_AGENT_ID, prompt_config_id: PROMPT_CONFIG_ID }
+    data: {
+      agent_id: triageAgentId,
+      prompt_config_id: promptConfigId,
+    }
   })
-  if (!thread?.id) throw new Error('Failed to create thread')
-  const threadId = thread.id
+  if (!threadRecord?.id) throw new Error('Failed to create thread')
-  const publicContent = escalate
-    ? "We're looking into this and will have a human response shortly."
-    : envelope.public_response
+  // 3. Run the agent — saves user message, runs RAG+inference, handles escalation,
+  //    saves agent message, emits audit. Returns the persisted agent message row.
+  const agentMsg = await runAgent(threadRecord.id, message, ctx)
-  // Post all three messages via admin-data
-  const customerMsg = await create(ctx, {
-    entity: 'messages',
-    type_id: typeIds.message,
-    thread_id: threadId,
-    person_id,
-    content: message,
-    direction: 'inbound',
-    visibility: 'public',
-    sequence: 1,
-    data: { message_type: 'human' }
-  })
-  if (!customerMsg?.id) throw new Error('Failed to save customer message')
+  const confidence = agentMsg?.data?.confidence ?? 0
+  const escalated = agentMsg?.data?.escalated ?? false
-  const publicMsg = await create(ctx, {
-    entity: 'messages',
-    type_id: typeIds.message,
-    thread_id: threadId,
-    content: publicContent,
-    direction: 'outbound',
-    visibility: 'public',
-    sequence: 2,
-    data: { message_type: 'agent', agent_id: TRIAGE_AGENT_ID, confidence: envelope.confidence, escalated: escalate }
-  })
-  if (!publicMsg?.id) throw new Error('Failed to save public AI message')
-  const internalMsg = await create(ctx, {
-    entity: 'messages',
-    type_id: typeIds.message,
-    thread_id: threadId,
-    content: `[AI Internal] Turn 1 — Confidence: ${envelope.confidence.toFixed(2)} — ${envelope.confidence_reasoning}`,
-    direction: 'outbound',
-    visibility: 'internal',
-    sequence: 3,
+  // 4. Backfill suggested title if agent produced one, and stamp confidence/status
+  const suggestedTitle = agentMsg?.data?.suggested_title || message.slice(0, 80)
+  await adminDataUpdate(ctx, 'items', ticket.id, {
+    title: suggestedTitle,
+    status: escalated ? 'human_assigned' : 'ai_responding',
     data: {
-      message_type: 'agent_internal',
-      ai_internal: {
-        turn: 1,
-        prompt_sent: [{ role: 'system', content: systemPrompt }, { role: 'user', content: message }],
-        kb_sources_retrieved: kbSources.map((s) => ({ id: s.document_id, content: s.content?.slice(0, 100), relevance: null })),
-        prior_tickets_retrieved: priorTickets.map((t) => ({ id: t.id, title: t.title })),
-        ai_raw_response: envelope,
-        confidence: envelope.confidence,
-        confidence_reasoning: envelope.confidence_reasoning,
-        escalation_decision: escalate ? envelope.escalation_reason : 'none',
-        model, temperature, latency_ms, token_usage, suggested_title: suggestedTitle
-      }
+      aim_triage_agent_id: triageAgentId,
+      aim_confidence_at_response: confidence,
+      aim_escalation_reason: escalated ? 'low_confidence' : 'none',
     }
   })
-  if (!internalMsg?.id) throw new Error('Failed to save internal AI message')
   return {
-    ticketId,
-    threadId,
-    publicMessageId: publicMsg.id,
-    internalMessageId: internalMsg.id,
-    public_response: publicContent,
-    confidence: envelope.confidence,
-    escalated: escalate,
-    escalation_reason: escalate ? envelope.escalation_reason : 'none',
-    suggested_title: suggestedTitle
+    ticketId: ticket.id,
+    threadId: threadRecord.id,
+    agentMessageId: agentMsg?.id,
+    content: agentMsg?.content || '',
+    confidence,
+    escalated,
   }
 }
-// ─── ACTION: REPLY (multi-turn) ───────────────────────────────────────────────
+// ─── ACTION: REPLY ────────────────────────────────────────────────────────────
-async function handleReply(ctx: any, body: any, typeIds: TypeIds): Promise<TriageResult> {
-  const { message, thread_id, ticket_id } = body
-  const account_id = ctx.accountId as string
+async function handleReply(
+  ctx: any,
+  body: any,
+  _ids: { supportTicket: string; thread: string; triageAgentId: string; promptConfigId: string }
+) {
+  const { message, ticket_id, thread_id } = body
   const person_id = ctx.principal?.id as string
-  if (!message || !thread_id || !ticket_id) throw new Error('message, thread_id, and ticket_id are required')
-  if (!account_id || !person_id) throw new Error('User context (account + person) required')
-  // Load agent + prompt config (config tables — direct reads are fine)
-  const [{ data: agent }, { data: promptConfig }] = await Promise.all([
-    adminDb.from('ai_agents').select('*').eq('id', TRIAGE_AGENT_ID).single(),
-    adminDb.from('prompt_configs').select('*').eq('id', PROMPT_CONFIG_ID).single()
-  ])
-  if (!agent || !promptConfig) throw new Error('Triage agent configuration not found')
-  const model = agent.model_config?.model || process.env.LLM_DEFAULT_MODEL || 'gpt-4o'
-  const temperature = agent.model_config?.temperature ?? 0.7
-  const history = await getConversationHistory(thread_id)
-  const turnNumber = history.filter((m) => m.direction === 'inbound').length + 1
-  const { count: msgCount } = await adminDb
-    .from('messages')
-    .select('id', { count: 'exact', head: true })
-    .eq('thread_id', thread_id)
-  const nextSeq = (msgCount || 0) + 1
-  // Post customer message first (shows immediately)
-  const customerMsg = await create(ctx, {
-    entity: 'messages',
-    type_id: typeIds.message,
-    thread_id,
-    person_id,
-    content: message,
-    direction: 'inbound',
-    visibility: 'public',
-    sequence: nextSeq,
-    data: { message_type: 'human' }
-  })
-  if (!customerMsg?.id) throw new Error('Failed to save customer message')
-  // Run AI with full history
-  const [kbSources, priorTickets] = await Promise.all([
-    searchKB(message, account_id),
-    getPriorTickets(account_id, person_id, typeIds.supportTicket)
-  ])
-  const systemPrompt = buildSystemPrompt(
-    agent.system_prompt,
-    promptConfig.context_template.replace('{{user_message}}', message),
-    kbSources,
-    priorTickets,
-    history
-  )
-  const promptMessages: Array<{ role: 'user' | 'assistant'; content: string }> = [
-    ...history.map((m) => ({ role: (m.direction === 'inbound' ? 'user' : 'assistant') as 'user' | 'assistant', content: m.content })),
-    { role: 'user', content: message }
-  ]
-  const { envelope, latency_ms, token_usage } = await callOpenAI(systemPrompt, promptMessages, model, temperature)
-  const escalate = envelope.escalate || envelope.confidence < (promptConfig.confidence_threshold || CONFIDENCE_THRESHOLD)
-  const publicContent = escalate
-    ? "We're looking into this and will have a human response shortly."
-    : envelope.public_response
+  if (!message) throw new Error('message is required')
+  if (!ticket_id) throw new Error('ticket_id is required')
+  if (!thread_id) throw new Error('thread_id is required')
-  const publicMsg = await create(ctx, {
-    entity: 'messages',
-    type_id: typeIds.message,
-    thread_id,
-    content: publicContent,
-    direction: 'outbound',
-    visibility: 'public',
-    sequence: nextSeq + 1,
-    data: { message_type: 'agent', agent_id: TRIAGE_AGENT_ID, confidence: envelope.confidence, escalated: escalate }
-  })
-  if (!publicMsg?.id) throw new Error('Failed to save public AI message')
+  // agent-runner saves the user message then runs inference on the existing thread.
+  // Thread.data.agent_id / prompt_config_id are already set from ticket creation.
+  const agentMsg = await runAgent(thread_id, message, ctx)
-  const internalMsg = await create(ctx, {
-    entity: 'messages',
-    type_id: typeIds.message,
-    thread_id,
-    content: `[AI Internal] Turn ${turnNumber} — Confidence: ${envelope.confidence.toFixed(2)} — ${envelope.confidence_reasoning}`,
-    direction: 'outbound',
-    visibility: 'internal',
-    sequence: nextSeq + 2,
-    data: {
-      message_type: 'agent_internal',
-      ai_internal: {
-        turn: turnNumber,
-        prompt_sent: [{ role: 'system', content: systemPrompt }, ...promptMessages],
-        kb_sources_retrieved: kbSources.map((s) => ({ id: s.document_id, content: s.content?.slice(0, 100), relevance: null })),
-        prior_tickets_retrieved: priorTickets.map((t) => ({ id: t.id, title: t.title })),
-        ai_raw_response: envelope,
-        confidence: envelope.confidence,
-        confidence_reasoning: envelope.confidence_reasoning,
-        escalation_decision: escalate ? envelope.escalation_reason : 'none',
-        model, temperature, latency_ms, token_usage
-      }
-    }
-  })
-  if (!internalMsg?.id) throw new Error('Failed to save internal AI message')
+  const confidence = agentMsg?.data?.confidence ?? 0
+  const escalated = agentMsg?.data?.escalated ?? false
-  // Update ticket status if escalated
-  if (escalate) {
+  if (escalated) {
     const { data: currentTicket } = await adminDb
-      .from('items')
-      .select('data')
-      .eq('id', ticket_id)
-      .single()
+      .from('items').select('data').eq('id', ticket_id).single()
     await adminDataUpdate(ctx, 'items', ticket_id, {
       status: 'human_assigned',
       data: {
         ...(currentTicket?.data || {}),
-        status: 'human_assigned',
-        aim_confidence_at_response: envelope.confidence,
-        aim_escalation_reason: envelope.escalation_reason
+        aim_confidence_at_response: confidence,
+        aim_escalation_reason: 'low_confidence',
       }
     })
   }
@@ -487,12 +139,10 @@ async function handleReply(ctx: any, body: any, typeIds: TypeIds): Promise<Triag
   return {
     ticketId: ticket_id,
     threadId: thread_id,
-    publicMessageId: publicMsg.id,
-    internalMessageId: internalMsg.id,
-    public_response: publicContent,
-    confidence: envelope.confidence,
-    escalated: escalate,
-    escalation_reason: escalate ? envelope.escalation_reason : 'none'
+    agentMessageId: agentMsg?.id,
+    content: agentMsg?.content || '',
+    confidence,
+    escalated,
   }
 }
@@ -501,17 +151,17 @@ async function handleReply(ctx: any, body: any, typeIds: TypeIds): Promise<Triag
 export const handler = createHandler(async (ctx, body) => {
   const action = (ctx as any).query?.action
-  // Resolve all type IDs once, shared across both actions
-  const [supportTicket, thread, message] = await Promise.all([
+  const [supportTicket, thread, triageAgentId, promptConfigId] = await Promise.all([
     resolveTypeId('item', 'support_ticket'),
     resolveTypeId('thread', 'thread'),
-    resolveTypeId('message', 'message')
+    resolveAgentId('Support Triage Agent'),
+    resolvePromptConfigId('support_triage'),
   ])
-  const typeIds: TypeIds = { supportTicket, thread, message }
+  const ids = { supportTicket, thread, triageAgentId, promptConfigId }
   switch (action) {
-    case 'new_ticket': return handleNewTicket(ctx, body, typeIds)
-    case 'reply':      return handleReply(ctx, body, typeIds)
+    case 'new_ticket': return handleNewTicket(ctx, body, ids)
+    case 'reply':      return handleReply(ctx, body, ids)
     default: throw new Error(`Unknown action: ${action}. Use 'new_ticket' or 'reply'.`)
   }
 })

package/manifest.json CHANGED Viewed

@@ -2,9 +2,10 @@
   "name": "Portal",
   "slug": "portal",
   "description": "Self-service portal for customers to access tickets, knowledge base, courses, and community",
-  "version": "0.2.10",
+  "version": "0.2.20",
   "app_type": "full",
-  "route_prefix": "/portal",
+  "route_prefix": "/",
+  "prod_domain": "portal.spine-framework.com",
   "required_roles": ["member", "member_admin"],
   "routes": [
     "/",
@@ -41,7 +42,7 @@
   "registration": {
     "enabled": true,
     "default_role": "member",
-    "redirect_path": "/portal",
+    "redirect_path": "/",
     "account_strategy": "new"
   }
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "spine-framework-portal",
-  "version": "0.2.18",
+  "version": "0.2.20",
   "private": false,
   "description": "Customer Portal — self-service portal app for Spine Framework",
   "type": "module",

package/LICENSE.md DELETED Viewed

@@ -1,193 +0,0 @@
-Spine Framework Internal Use License 1.0.0
-Source-available. Free for internal use. Commercial rights reserved.
-This license is based on the structure and intent of the PolyForm Internal Use License 1.0.0, but it has been modified for Spine Framework. This is not the unmodified PolyForm Internal Use License.
-Required Notice
-Required Notice: Copyright © 2026 Dahl Ventures Inc. All rights reserved.
-1. Acceptance
-In order to receive any license under these terms, you must agree to these terms as both strict obligations and conditions to all licenses granted to you.
-If you do not agree to these terms, you do not have permission to use, copy, modify, run, install, access, or create works based on Spine Framework.
-2. Definitions
-Software means Spine Framework, including its source code, object code, packages, modules, templates, schemas, migrations, configuration files, documentation, examples, command-line tools, SDKs, application packs, and related materials provided by the licensor.
-Licensor means the legal owner of Spine Framework.
-You means the individual or legal entity receiving the Software.
-Your Company means the legal entity on whose behalf you use the Software, including that entity's employees and authorized contractors.
-Internal Business Use means use of the Software solely inside Your Company for Your Company's own internal business operations, internal workflows, internal applications, internal data, internal users, and internal customers or accounts.
-Third Party means any person or legal entity other than You or Your Company.
-Commercial License means a separate written agreement signed by the Licensor that grants rights beyond this license.
-3. Copyright License
-The Licensor grants You a copyright license to do everything with the Software that would otherwise infringe the Licensor's copyright, but only for Internal Business Use and only as permitted by these terms.
-You may install, run, access, evaluate, test, configure, and use the Software for Internal Business Use.
-You may copy the Software only as reasonably necessary for Internal Business Use, including backup, deployment, development, testing, staging, disaster recovery, and internal security review.
-You may not distribute the Software except as expressly allowed in these terms.
-4. Changes and New Works
-The Licensor grants You a copyright license to modify the Software and create new works based on the Software, but only for Internal Business Use.
-You may create internal applications, extensions, workflows, integrations, automations, schemas, roles, agents, triggers, pipelines, dashboards, reports, and other internal business systems using the Software.
-You may not distribute, sell, sublicense, transfer, lease, rent, host for others, white-label, resell, or commercially exploit any modified version, derivative work, extension, application pack, template, or implementation of the Software except under a Commercial License.
-5. Internal Contractors
-Your Company may allow employees and contractors to access and use the Software solely on behalf of Your Company and solely for Your Company's Internal Business Use.
-Contractors do not receive any independent right to use the Software for themselves, their other clients, their own products, or any Third Party.
-Your Company is responsible for all use of the Software by its employees, contractors, agents, and representatives.
-6. Your Data and Application-Specific Work
-As between You and the Licensor, You own Your Company's data, records, content, prompts, business logic, customer records, internal workflows, and application-specific code that You independently create using the Software.
-These terms do not give the Licensor ownership of Your Company's data or independently created application-specific business content.
-However, ownership of Your Company's data or application-specific work does not give You the right to distribute, resell, white-label, host, or commercially exploit the Software or any portion of the Software except as allowed by these terms or a Commercial License.
-7. Prohibited Uses
-You may not do any of the following without a Commercial License:
-Sell, resell, sublicense, rent, lease, lend, transfer, assign, publish, or distribute the Software.
-Offer the Software, or any modified version of the Software, to Third Parties as software, infrastructure, a framework, a platform, a service, or a hosted product.
-Offer the Software as SaaS, PaaS, IaaS, framework-as-a-service, backend-as-a-service, workflow-as-a-service, automation-as-a-service, AI-agent platform, managed service, support service, or similar commercial service.
-White-label, private-label, rebrand, or remove Spine Framework identity from the Software in order to provide it to Third Parties.
-Embed, bundle, package, or include the Software in any product, service, appliance, marketplace offering, application pack, starter kit, template library, SDK, CLI, distribution, or managed implementation made available to Third Parties.
-Use the Software to operate, power, support, or provide a product or service for Third Parties where those Third Parties receive access to the Software or to functionality substantially provided by the Software.
-Use the Software to build, operate, or improve a competing framework, platform, marketplace, application generator, agentic software infrastructure product, or commercial development infrastructure product.
-Provide implementation, consulting, hosting, support, customization, training, migration, or managed services for the Software to Third Parties as a paid or commercial offering, except as expressly authorized by the Licensor.
-Remove, alter, obscure, or bypass copyright notices, license notices, attribution, trademarks, branding, license keys, license checks, usage limits, or technical protection measures included in the Software.
-Use the Software in violation of law, regulation, third-party rights, or these terms.
-8. Examples of Permitted Use
-The following are permitted under this license, provided they are solely for Internal Business Use:
-A company installs Spine Framework to build its own internal CRM.
-A company uses Spine Framework to operate an internal customer support portal for its own support team and its own customers.
-A company modifies Spine Framework for its internal workflows, roles, permissions, automations, pipelines, and integrations.
-A company lets its employees and authorized contractors configure, maintain, and support its internal Spine Framework installation.
-A company creates internal dashboards, agents, knowledge bases, audit trails, and operational tools on top of Spine Framework.
-9. Examples Requiring a Commercial License
-The following are not permitted under this license and require a Commercial License:
-Selling Spine Framework or a modified version of Spine Framework.
-Offering Spine Framework as a hosted SaaS product.
-Offering a white-labeled application built on Spine Framework to customers.
-Packaging Spine Framework into a commercial starter kit, template, marketplace app, agency offering, or developer platform.
-Running Spine Framework for multiple clients as a managed service provider, agency, consultant, systems integrator, or outsourcing firm.
-Embedding Spine Framework into a product sold to customers.
-Forking Spine Framework to launch a competing framework, backend, app platform, AI-agent platform, or development infrastructure product.
-Publishing modified Spine Framework source code to a public repository.
-Giving a customer, client, partner, reseller, or affiliate a copy of Spine Framework.
-10. Distribution
-You may not distribute the Software, modified versions of the Software, or works based on the Software to any Third Party except as expressly permitted by these terms or a Commercial License.
-You may share copies of the Software with employees and contractors of Your Company only as necessary for Internal Business Use and only if they are bound by obligations consistent with these terms.
-Any copy of the Software must include this license and all Required Notices.
-11. Trademarks
-This license does not grant You any right to use the Licensor's names, trademarks, service marks, logos, product names, domain names, or branding except as necessary to identify the Software for Internal Business Use.
-You may not use Spine Framework branding in a way that suggests sponsorship, endorsement, partnership, certification, resale authorization, or commercial authorization without written permission from the Licensor.
-12. Patent License
-The Licensor grants You a patent license for the Software that covers patent claims the Licensor can license, or later becomes able to license, that You would infringe by using the Software as permitted by these terms.
-13. Patent Defense
-If You make any written claim that the Software infringes or contributes to infringement of any patent, Your patent license for the Software ends immediately.
-If Your Company makes such a claim, Your Company's patent license ends immediately.
-14. Fair Use and Other Legal Rights
-You may have fair use, fair dealing, or other rights under applicable law. These terms do not limit rights that the law does not allow these terms to limit.
-15. No Other Rights
-These terms do not allow You to sublicense, transfer, assign, or delegate any license granted under these terms except as expressly allowed here.
-These terms do not prevent the Licensor from granting licenses to anyone else.
-These terms do not imply any license other than the licenses expressly granted here.
-All rights not expressly granted are reserved by the Licensor.
-16. Violations and Cure
-The first time You are notified in writing that You have violated these terms, or done anything with the Software not covered by these terms, Your licenses can continue if You:
-come into full compliance with these terms;
-take practical steps to correct past violations; and
-complete both within 32 days of receiving written notice.
-If You do not satisfy those requirements, all licenses granted to You under these terms end immediately.
-For any later violation, all licenses granted to You under these terms end immediately without any cure period.
-17. Termination
-When Your licenses end, You must stop all use of the Software and destroy all copies of the Software in Your possession or control, except copies you are legally required to retain for archival, compliance, or legal purposes.
-Sections concerning ownership, prohibited uses, trademarks, patent defense, no other rights, violations, termination, no warranty, limitation of liability, and general terms survive termination.
-18. No Warranty
-As far as the law allows, the Software is provided as is and as available, without any warranty or condition, express or implied.
-The Licensor disclaims all warranties and conditions, including warranties of merchantability, fitness for a particular purpose, title, non-infringement, availability, accuracy, security, and quiet enjoyment.
-19. Limitation of Liability
-As far as the law allows, the Licensor will not be liable to You for any indirect, incidental, special, consequential, exemplary, punitive, or other damages arising out of these terms or the Software.
-As far as the law allows, the Licensor will not be liable for lost profits, lost revenue, lost savings, lost data, business interruption, security incidents, procurement of substitute services, or loss of goodwill.
-The Licensor's total liability arising out of these terms or the Software will not exceed the amount You paid the Licensor for the Software during the 12 months before the event giving rise to liability, or USD $100 if You paid nothing.
-20. Commercial Licensing
-Rights not granted under this license may be available under a separate Commercial License from the Licensor.
-A Commercial License is required for resale, redistribution, SaaS, managed services, white-label use, OEM use, marketplace distribution, partner use, commercial hosting, commercial support offerings, or any use outside Internal Business Use.
-To request commercial rights, contact:
-spine-framework.com
-webmaster@spine-framework.com
-21. License Updates
-The Licensor may publish updated versions of this license from time to time.
-Each release, package, download, or copy of the Software is governed by the license terms included with that release, package, download, or copy, unless You and the Licensor have signed a separate written agreement.
-Updated license terms apply only to future releases, downloads, packages, updates, upgrades, patches, hosted access, or other versions of the Software made available after the updated terms are published.
-The Licensor may require acceptance of updated license terms as a condition of receiving or using future releases, updates, hosted services, commercial features, support, documentation, marketplace access, license keys, portals, application packs, or other Spine Framework services.
-Nothing in this section gives You rights to continue using future versions of the Software under earlier license terms.
-22. General Terms
-If any part of these terms is held unenforceable, the rest remains in effect as far as the law allows.
-Failure by the Licensor to enforce any term is not a waiver.
-Any waiver must be in writing and signed by the Licensor.
-These terms are the entire license terms for the Software unless You and the Licensor have signed a separate written agreement.
-23. Plain-English Summary
-This summary is not part of the legal license.
-You may use Spine Framework inside your own company for your own internal business operations.
-You may modify Spine Framework for your own internal use.
-You may let your employees and contractors work on your internal Spine Framework installation.
-You may not sell it, redistribute it, white-label it, host it for others, offer it as SaaS, package it into another product, use it as a managed service offering, or use it to build a competing framework without a separate commercial license.
-Future versions, updates, services, support, portals, packs, license keys, and commercial features may require acceptance of updated terms.
-Spine Framework is source-available. It is not open source.

package/README.md DELETED Viewed

@@ -1,44 +0,0 @@
-# Spine Framework Portal
-Portal is a customer-facing self-service app for [Spine Framework](https://spine-framework.com). It gives customers access to tickets, knowledge base, courses, community, and marketplace — all under your brand.
-## Features
-- **Tickets** — Submit and track support tickets
-- **Knowledge Base** — Browse and search help articles
-- **Courses** — Access course catalog and track progress
-- **Community** — Community discussions and Q&A
-- **Marketplace** — App and integration marketplace
-## Requirements
-- [Spine Framework](https://www.npmjs.com/package/spine-framework) `>=0.1.0`
-## Installation
-```bash
-npx spine-framework install-app spine-framework-portal
-```
-This will:
-1. Copy app files to `custom/apps/portal/`
-2. Run any pending migrations
-3. Seed roles, types, link-types, and triggers into the database
-4. Register the app in `spine.config.json`
-## Configuration
-After installation, edit `custom/apps/portal/manifest.json` to configure:
-- `route_prefix` — where the app is served (default: `/portal`)
-- `registration` — self-registration behaviour and account strategy (`new` creates a new account per customer, `existing` assigns to a shared account)
-To apply manifest changes to the database without reinstalling:
-```bash
-npx spine-framework update-db-app portal
-```
-## License
-See [LICENSE.md](./LICENSE.md)