squad-openclaw 2026.2.2209 → 2026.2.2702

package/dist/index.js

@@ -1,86 +1,7 @@
-// src/relay-client.ts
-import { WebSocket as NodeWebSocket } from "ws";
-import crypto3 from "crypto";
-import fs3 from "fs";
+// src/agents.ts
+import { execSync } from "child_process";
 import path3 from "path";
 
-// src/e2e-crypto.ts
-import crypto from "crypto";
-var CURVE = "prime256v1";
-var HKDF_SALT = "squad-e2e-v1";
-var HKDF_INFO = "aes-gcm-key";
-var AES_KEY_LENGTH = 32;
-var IV_LENGTH = 12;
-var E2ECrypto = class {
-  ecdh = null;
-  aesKey = null;
-  publicKeyB64 = null;
-  /** Generate an ephemeral ECDH keypair. Returns the public key as base64. */
-  async generateKeyPair() {
-    this.ecdh = crypto.createECDH(CURVE);
-    const publicKey = this.ecdh.generateKeys();
-    this.publicKeyB64 = publicKey.toString("base64");
-    return this.publicKeyB64;
-  }
-  /** Derive the shared secret from the peer's public key. */
-  async deriveSharedSecret(peerPublicKeyB64) {
-    if (!this.ecdh) {
-      throw new Error("Must call generateKeyPair() first");
-    }
-    const peerPublicKey = Buffer.from(peerPublicKeyB64, "base64");
-    const sharedSecret = this.ecdh.computeSecret(peerPublicKey);
-    this.aesKey = crypto.hkdfSync(
-      "sha256",
-      sharedSecret,
-      Buffer.from(HKDF_SALT),
-      Buffer.from(HKDF_INFO),
-      AES_KEY_LENGTH
-    );
-  }
-  /** Encrypt a plaintext string. Returns base64-encoded ciphertext + iv + tag. */
-  encrypt(plaintext) {
-    if (!this.aesKey) {
-      throw new Error("E2E not established \u2014 call deriveSharedSecret() first");
-    }
-    const iv = crypto.randomBytes(IV_LENGTH);
-    const cipher = crypto.createCipheriv("aes-256-gcm", this.aesKey, iv);
-    const encrypted = Buffer.concat([
-      cipher.update(plaintext, "utf-8"),
-      cipher.final()
-    ]);
-    const tag = cipher.getAuthTag();
-    return {
-      ciphertext: encrypted.toString("base64"),
-      iv: iv.toString("base64"),
-      tag: tag.toString("base64")
-    };
-  }
-  /** Decrypt a payload. Returns the plaintext string. */
-  decrypt(payload) {
-    if (!this.aesKey) {
-      throw new Error("E2E not established \u2014 call deriveSharedSecret() first");
-    }
-    const ciphertext = Buffer.from(payload.ciphertext, "base64");
-    const iv = Buffer.from(payload.iv, "base64");
-    const tag = Buffer.from(payload.tag, "base64");
-    const decipher = crypto.createDecipheriv("aes-256-gcm", this.aesKey, iv);
-    decipher.setAuthTag(tag);
-    const decrypted = Buffer.concat([
-      decipher.update(ciphertext),
-      decipher.final()
-    ]);
-    return decrypted.toString("utf-8");
-  }
-  /** Whether E2E encryption has been established */
-  get isEstablished() {
-    return this.aesKey !== null;
-  }
-  /** Get the local public key (base64) */
-  get publicKey() {
-    return this.publicKeyB64;
-  }
-};
-
 // src/paths.ts
 import path from "path";
 import os from "os";
@@ -105,690 +26,42 @@ function getOpenclawStateDir() {
   return path.join(os.homedir(), ".openclaw");
 }
 
-// src/device-keys.ts
-import crypto2 from "crypto";
+// src/auth-profiles.ts
 import fs2 from "fs";
 import path2 from "path";
-var RELAY_DATA_DIR = path2.join(getOpenclawStateDir(), "squad-ceo-data", "relay");
-var RELAY_STATE_PATH = path2.join(RELAY_DATA_DIR, "squad-relay.json");
-var PENDING_APPROVAL_PATH = path2.join(RELAY_DATA_DIR, "pending-approval.json");
-function readRelayState() {
-  try {
-    const raw = fs2.readFileSync(RELAY_STATE_PATH, "utf-8");
-    return JSON.parse(raw);
-  } catch {
-    return {};
-  }
-}
-function writeRelayState(state) {
-  if (!fs2.existsSync(RELAY_DATA_DIR)) {
-    fs2.mkdirSync(RELAY_DATA_DIR, { recursive: true });
-  }
-  fs2.writeFileSync(RELAY_STATE_PATH, JSON.stringify(state, null, 2), { mode: 384 });
-}
-function toBase64Url(buf) {
-  return buf.toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+function getMainAuthProfilesPath(stateDir) {
+  return path2.join(stateDir, "agents", "main", "agent", "auth-profiles.json");
 }
-function loadOrCreateRelayDeviceKeys() {
-  const state = readRelayState();
-  if (state.deviceKeys) {
-    return state.deviceKeys;
-  }
-  const { publicKey, privateKey } = crypto2.generateKeyPairSync("ed25519");
-  const pubDer = publicKey.export({ type: "spki", format: "der" });
-  const rawPub = pubDer.subarray(pubDer.length - 32);
-  const deviceId = crypto2.createHash("sha256").update(rawPub).digest("hex");
-  const publicKeyB64 = toBase64Url(rawPub);
-  const privateKeyPem = privateKey.export({ type: "pkcs8", format: "pem" });
-  const keys = { deviceId, publicKey: publicKeyB64, privateKeyPem };
-  writeRelayState({ ...state, deviceKeys: keys });
-  console.log(`[device-keys] Generated relay device identity: ${deviceId.substring(0, 12)}...`);
-  return keys;
-}
-function writeDeviceInfoFile(keys) {
-  const stateDir = getOpenclawStateDir();
-  const infoPath = path2.join(stateDir, "squad-ceo-data", "relay", "relay-device-info.json");
-  const info = {
-    deviceId: keys.deviceId,
-    publicKey: keys.publicKey,
-    displayName: "squad-relay",
-    platform: process.platform,
-    createdAt: (/* @__PURE__ */ new Date()).toISOString()
-  };
-  try {
-    fs2.writeFileSync(infoPath, JSON.stringify(info, null, 2));
-  } catch (err2) {
-    console.error("[device-keys] Failed to write relay-device-info.json:", err2);
-  }
+function getAgentAuthProfilesPath(stateDir, agentId) {
+  return path2.join(stateDir, "agents", agentId, "agent", "auth-profiles.json");
 }
-
-// src/relay-client.ts
-function readOperatorToken() {
+function ensureAgentAuthProfiles(agentId) {
+  const normalizedAgentId = agentId.trim();
+  if (!normalizedAgentId || normalizedAgentId === "main") return false;
   const stateDir = getOpenclawStateDir();
-  const configPath = path3.join(stateDir, "openclaw.json");
-  try {
-    const raw = fs3.readFileSync(configPath, "utf-8");
-    const config = JSON.parse(raw);
-    return config?.gateway?.auth?.token ?? config?.gateway?.remote?.token ?? config?.gateway?.token ?? null;
-  } catch {
-    return null;
-  }
-}
-function readGatewayLocalWsConfig() {
-  const defaults = {
-    port: 18789,
-    // Try IPv4, hostname, then IPv6 loopback.
-    hosts: ["127.0.0.1", "localhost", "[::1]"]
-  };
+  const sourcePath = getMainAuthProfilesPath(stateDir);
+  const targetPath = getAgentAuthProfilesPath(stateDir, normalizedAgentId);
+  if (!fs2.existsSync(sourcePath) || fs2.existsSync(targetPath)) return false;
+  fs2.mkdirSync(path2.dirname(targetPath), { recursive: true });
+  fs2.copyFileSync(sourcePath, targetPath);
+  return true;
+}
+function backfillAgentAuthProfiles() {
   const stateDir = getOpenclawStateDir();
-  const configPath = path3.join(stateDir, "openclaw.json");
-  try {
-    const raw = fs3.readFileSync(configPath, "utf-8");
-    const config = JSON.parse(raw);
-    const parsedPort = Number(config?.gateway?.port);
-    if (Number.isFinite(parsedPort) && parsedPort > 0) {
-      defaults.port = parsedPort;
-    }
-  } catch {
-  }
-  return defaults;
-}
-function signDeviceIdentity(keys, clientId, clientMode, role, scopes, token, challengeNonce) {
-  const signedAtMs = Date.now();
-  const nonce = challengeNonce || crypto3.randomBytes(16).toString("hex");
-  const scopeStr = scopes.join(",");
-  const payload = `v2|${keys.deviceId}|${clientId}|${clientMode}|${role}|${scopeStr}|${signedAtMs}|${token ?? ""}|${nonce}`;
-  const privateKey = crypto3.createPrivateKey(keys.privateKeyPem);
-  const signature = crypto3.sign(null, Buffer.from(payload), privateKey);
-  return {
-    id: keys.deviceId,
-    publicKey: keys.publicKey,
-    signature: toBase64Url(signature),
-    signedAt: signedAtMs,
-    nonce
-  };
-}
-var RelayClient = class {
-  config;
-  relayWs = null;
-  userConnections = /* @__PURE__ */ new Map();
-  localConnectAttempts = /* @__PURE__ */ new Map();
-  reconnectAttempts = 0;
-  maxReconnectAttempts = 100;
-  autoConnectCounter = 0;
-  reconnectTimer = null;
-  shouldReconnect = true;
-  destroyed = false;
-  /** Pending claim token — sent on first successful connect, then cleared */
-  pendingClaimToken = null;
-  /** Device keys for authenticating local WS connections to the gateway */
-  deviceKeys;
-  constructor(config) {
-    const state = readRelayState();
-    const localWs = readGatewayLocalWsConfig();
-    this.config = {
-      relayUrl: config.relayUrl,
-      localGatewayPort: config.localGatewayPort ?? localWs.port,
-      localGatewayHosts: config.localGatewayHosts ?? localWs.hosts,
-      operatorToken: config.operatorToken ?? readOperatorToken(),
-      claimToken: config.claimToken ?? state.claimToken ?? null,
-      roomId: config.roomId ?? state.roomId ?? null
-    };
-    this.pendingClaimToken = this.config.roomId ? null : this.config.claimToken;
-    this.deviceKeys = loadOrCreateRelayDeviceKeys();
-    writeDeviceInfoFile(this.deviceKeys);
-    console.log(`[relay-client] Device ID: ${this.deviceKeys.deviceId}`);
-  }
-  /** Start connecting to the relay */
-  start() {
-    if (!this.config.roomId && !this.pendingClaimToken) {
-      console.log("[relay-client] No room ID or claim token found.");
-      console.log("[relay-client] Complete the setup from the Squad web app to generate a claim token.");
-      return;
-    }
-    console.log(`[relay-client] Starting relay connection to ${this.config.relayUrl}`);
-    if (this.config.roomId) {
-      console.log(`[relay-client] Room ID: ${this.config.roomId.substring(0, 8)}...`);
-    } else {
-      console.log(`[relay-client] Using claim token for first connect`);
-    }
-    this.connectToRelay();
-  }
-  /** Stop the relay client and close all connections */
-  destroy() {
-    this.destroyed = true;
-    this.shouldReconnect = false;
-    if (this.reconnectTimer) {
-      clearTimeout(this.reconnectTimer);
-      this.reconnectTimer = null;
-    }
-    for (const [userId, conn] of this.userConnections) {
-      try {
-        conn.localWs.close(1e3, "Relay client shutting down");
-      } catch {
-      }
-      this.userConnections.delete(userId);
-    }
-    if (this.relayWs) {
-      try {
-        this.relayWs.close(1e3, "Relay client shutting down");
-      } catch {
-      }
-      this.relayWs = null;
-    }
-  }
-  // ── Relay Connection ──
-  connectToRelay() {
-    if (this.destroyed) return;
-    let wsUrl;
-    if (this.pendingClaimToken) {
-      wsUrl = `${this.config.relayUrl}/gw?claim=${encodeURIComponent(this.pendingClaimToken)}`;
-      console.log(`[relay-client] Connecting with claim token`);
-    } else if (this.config.roomId) {
-      wsUrl = `${this.config.relayUrl}/gw?room=${encodeURIComponent(this.config.roomId)}`;
-      console.log(`[relay-client] Reconnecting with room ID`);
-    } else {
-      console.error("[relay-client] No claim token or room ID \u2014 cannot connect");
-      return;
-    }
-    try {
-      this.relayWs = new NodeWebSocket(wsUrl);
-    } catch (err2) {
-      console.error("[relay-client] Failed to create WebSocket:", err2);
-      this.scheduleReconnect();
-      return;
-    }
-    this.relayWs.on("open", () => {
-      console.log("[relay-client] Connected to relay");
-      this.reconnectAttempts = 0;
-      this.sendToRelay({
-        type: "relay.hello",
-        deviceId: this.deviceKeys.deviceId,
-        publicKey: this.deviceKeys.publicKey
-      });
-    });
-    this.relayWs.on("message", (data) => {
-      try {
-        const msg = JSON.parse(data.toString());
-        this.handleRelayMessage(msg);
-      } catch {
-      }
-    });
-    this.relayWs.on("close", (code, reason) => {
-      const reasonStr = reason.toString();
-      console.log(`[relay-client] Relay connection closed: ${code} ${reasonStr}`);
-      this.relayWs = null;
-      if (code === 1e3 && reasonStr.includes("Replaced")) {
-        console.log("[relay-client] Replaced by newer instance, stopping reconnect");
-        this.shouldReconnect = false;
-        this.destroyed = true;
-      }
-      for (const [userId, conn] of this.userConnections) {
-        try {
-          conn.localWs.close(1001, "Relay disconnected");
-        } catch {
-        }
-        this.userConnections.delete(userId);
-      }
-      if (this.shouldReconnect) {
-        this.scheduleReconnect();
-      }
-    });
-    this.relayWs.on("error", (err2) => {
-      console.error("[relay-client] Relay WebSocket error:", err2.message);
-    });
-    this.relayWs.on("unexpected-response", (_req, res) => {
-      console.warn(`[relay-client] Unexpected response: ${res.statusCode}`);
-      if (res.statusCode === 401 && this.pendingClaimToken) {
-        console.log("[relay-client] Claim token rejected \u2014 checking for stored room ID");
-        this.pendingClaimToken = null;
-        const state = readRelayState();
-        if (state.roomId) {
-          this.config.roomId = state.roomId;
-          console.log(`[relay-client] Found stored room ID, will use on next reconnect`);
-        }
-      }
-      this.relayWs = null;
-      this.scheduleReconnect();
-    });
-  }
-  scheduleReconnect() {
-    if (this.destroyed || !this.shouldReconnect) return;
-    if (this.reconnectAttempts >= this.maxReconnectAttempts) {
-      console.error("[relay-client] Max reconnect attempts reached");
-      return;
-    }
-    const delay = Math.min(1e3 * Math.pow(2, this.reconnectAttempts), 6e4);
-    this.reconnectAttempts++;
-    console.log(`[relay-client] Reconnecting in ${delay}ms (attempt ${this.reconnectAttempts})`);
-    this.reconnectTimer = setTimeout(() => {
-      this.reconnectTimer = null;
-      this.connectToRelay();
-    }, delay);
-  }
-  // ── Message Handling ──
-  handleRelayMessage(msg) {
-    switch (msg.type) {
-      case "relay.welcome":
-        this.handleWelcome(msg);
-        break;
-      case "relay.forward":
-        if (msg.userId && msg.inner) {
-          this.routeToUser(msg.userId, msg.inner);
-        }
-        break;
-      case "relay.pair.request":
-        if (msg.userId && msg.email) {
-          this.handlePairingRequest(msg.userId, msg.email);
-        }
-        break;
-      case "relay.e2e.exchange":
-        if (msg.userId && msg.publicKey) {
-          this.handleE2EExchange(msg.userId, msg.publicKey);
-        }
-        break;
-      case "relay.ping":
-        this.sendToRelay({ type: "relay.pong" });
-        break;
-      default:
-        console.log(`[relay-client] Unknown relay message type: ${msg.type}`);
-    }
-  }
-  /** Handle relay.welcome — store room ID for reconnection */
-  handleWelcome(msg) {
-    if (msg.roomId) {
-      console.log(`[relay-client] Received room ID: ${msg.roomId.substring(0, 8)}...`);
-      this.config.roomId = msg.roomId;
-      this.pendingClaimToken = null;
-      const state = readRelayState();
-      state.roomId = msg.roomId;
-      writeRelayState(state);
-    }
-  }
-  /** Route a message from the relay to the appropriate user's local WS */
-  routeToUser(userId, innerMsg) {
-    let msg = innerMsg;
-    if (msg.type === "event" && typeof msg.event === "string" && msg.event.startsWith("relay.")) {
-      if (msg.event === "relay.user.connected") {
-        console.log(`[relay-client] User ${userId} connected via relay \u2014 creating local WS`);
-        this.createUserConnection(userId);
-      }
-      return;
-    }
-    if (typeof msg.type === "string" && msg.type.startsWith("relay.")) {
-      if (msg.type === "relay.e2e.exchange" && msg.publicKey) {
-        this.handleE2EExchange(userId, msg.publicKey);
-      }
-      return;
-    }
-    let conn = this.userConnections.get(userId);
-    if (!conn || conn.localWs.readyState >= NodeWebSocket.CLOSING) {
-      this.createUserConnection(userId);
-      conn = this.userConnections.get(userId);
-      if (!conn) return;
-    }
-    if (msg._e2e && conn.e2e) {
-      try {
-        const plaintext = conn.e2e.decrypt({
-          ciphertext: msg.ciphertext,
-          iv: msg.iv,
-          tag: msg.tag
-        });
-        msg = JSON.parse(plaintext);
-      } catch (err2) {
-        console.error(`[relay-client] E2E decrypt error for ${userId}:`, err2);
-        return;
-      }
-    }
-    if (msg.type === "req" && msg.method === "connect") {
-      const connectRequestId = typeof msg.id === "string" ? msg.id : null;
-      if (conn.connectHandshakeComplete) {
-        if (connectRequestId && conn.lastSuccessfulConnectRequestId === connectRequestId) {
-          console.log(`[relay-client] Duplicate connect id for ${userId} (${connectRequestId}) \u2014 reusing existing session`);
-          this.sendToRelay({
-            type: "relay.forward",
-            userId,
-            inner: {
-              type: "res",
-              id: connectRequestId,
-              ok: true,
-              payload: { protocol: 3 }
-            }
-          });
-          return;
-        }
-        console.log(`[relay-client] New connect from ${userId} \u2014 creating fresh local WS for handshake`);
-        this.createUserConnection(userId, {
-          pendingConnect: null,
-          pendingMessages: conn.pendingMessages,
-          e2e: conn.e2e
-        });
-        conn = this.userConnections.get(userId);
-        if (!conn) return;
-      }
-      if (!conn.challengeNonce) {
-        console.log(`[relay-client] Connect request for ${userId} deferred \u2014 waiting for challenge nonce`);
-        conn.pendingConnect = msg;
-        return;
-      }
-      this.injectDeviceIdentity(conn, msg);
-      if (conn.localWs.readyState === NodeWebSocket.CONNECTING) {
-        conn.localWs.once("open", () => {
-          conn.localWs.send(JSON.stringify(msg));
-        });
-      } else {
-        conn.localWs.send(JSON.stringify(msg));
-      }
-      return;
-    }
-    if (!conn.connectHandshakeComplete) {
-      conn.pendingMessages.push(msg);
-      if (!conn.pendingConnect) {
-        const autoConnect = this.buildAutoConnectRequest();
-        conn.pendingConnect = autoConnect;
-        console.log(`[relay-client] Auto-starting local connect handshake for ${userId} (${String(autoConnect.id)})`);
-        if (conn.challengeNonce) {
-          const pending = conn.pendingConnect;
-          conn.pendingConnect = null;
-          if (pending) {
-            this.injectDeviceIdentity(conn, pending);
-            if (conn.localWs.readyState === NodeWebSocket.OPEN) {
-              conn.localWs.send(JSON.stringify(pending));
-            }
-          }
-        }
-      }
-      return;
-    }
-    if (conn.localWs.readyState === NodeWebSocket.CONNECTING) {
-      conn.localWs.once("open", () => {
-        conn.localWs.send(JSON.stringify(msg));
-      });
-      return;
-    }
-    conn.localWs.send(JSON.stringify(msg));
-  }
-  buildAutoConnectRequest() {
-    return {
-      type: "req",
-      id: `connect-auto-${++this.autoConnectCounter}`,
-      method: "connect",
-      params: {
-        minProtocol: 3,
-        maxProtocol: 3,
-        client: {
-          id: "cli",
-          version: "relay-client-auto",
-          platform: "gateway",
-          mode: "ui"
-        },
-        role: "operator",
-        scopes: ["operator.admin", "operator.read", "operator.write"],
-        auth: {}
-      }
-    };
-  }
-  /**
-   * Inject auth token and device identity into a connect request.
-   *
-   * SECURITY: The token is added to the message IN MEMORY, then sent to the
-   * LOCAL gateway WebSocket (localhost:18789). It NEVER traverses the relay —
-   * the relay only sees the outer relay.forward envelope. A compromised relay
-   * server cannot intercept this token.
-   */
-  injectDeviceIdentity(conn, msg) {
-    const params = msg.params ?? {};
-    if (this.config.operatorToken) {
-      params.auth = { token: this.config.operatorToken };
-    }
-    const client = params.client ?? {};
-    const role = params.role ?? "operator";
-    const scopes = params.scopes ?? [];
-    params.device = signDeviceIdentity(
-      this.deviceKeys,
-      client.id ?? "cli",
-      client.mode ?? "ui",
-      role,
-      scopes,
-      this.config.operatorToken,
-      conn.challengeNonce
-    );
-    msg.params = params;
-    conn.connectHandshakeComplete = false;
-    console.log(`[relay-client] Injected device identity for ${conn.userId}: nonce=${conn.challengeNonce?.substring(0, 12)}...`);
-  }
-  /** Create a local WS connection to the gateway for a specific user */
-  createUserConnection(userId, carry) {
-    const existing = this.userConnections.get(userId);
-    if (existing) {
-      try {
-        existing.localWs.close(1e3, "Replaced");
-      } catch {
-      }
-    }
-    const attempt = this.localConnectAttempts.get(userId) ?? 0;
-    const host = this.config.localGatewayHosts[attempt % this.config.localGatewayHosts.length];
-    const localUrl = `ws://${host}:${this.config.localGatewayPort}`;
-    console.log(`[relay-client] Creating local WS for user ${userId} \u2192 ${localUrl}`);
-    const localWs = new NodeWebSocket(localUrl);
-    const conn = {
-      localWs,
-      userId,
-      e2e: carry?.e2e ?? null,
-      connectHandshakeComplete: false,
-      challengeNonce: null,
-      pendingConnect: carry?.pendingConnect ?? null,
-      pendingMessages: carry?.pendingMessages ?? [],
-      lastSuccessfulConnectRequestId: null
-    };
-    this.userConnections.set(userId, conn);
-    localWs.on("open", () => {
-      console.log(`[relay-client] Local WS for user ${userId} connected`);
-      this.localConnectAttempts.delete(userId);
-    });
-    localWs.on("message", (data) => {
-      try {
-        const msg = JSON.parse(data.toString());
-        this.routeFromGateway(userId, msg);
-      } catch {
-      }
-    });
-    localWs.on("close", (code, reason) => {
-      const reasonStr = reason.toString();
-      console.log(`[relay-client] Local WS for user ${userId} closed: ${code} ${reasonStr}`);
-      if (code === 1008) {
-        console.error(
-          `[relay-client] Gateway rejected device identity (code 1008). The gateway auto-pairs devices with a valid operator token, so this usually means the operator token is missing, expired, or incorrect.
-Check: ~/.openclaw/openclaw.json \u2192 gateway.auth.token
-Device ID: ${this.deviceKeys.deviceId}`
-        );
-      }
-      const current = this.userConnections.get(userId);
-      if (current && current.localWs === localWs) {
-        this.userConnections.delete(userId);
-        const nextAttempt = (this.localConnectAttempts.get(userId) ?? 0) + 1;
-        const shouldRetryLocalConnect = code === 1006 && !conn.connectHandshakeComplete && nextAttempt <= 8 && this.relayWs?.readyState === NodeWebSocket.OPEN;
-        if (shouldRetryLocalConnect) {
-          this.localConnectAttempts.set(userId, nextAttempt);
-          const delay = Math.min(300 * nextAttempt, 2e3);
-          console.log(
-            `[relay-client] Local WS unavailable for ${userId}, retrying in ${delay}ms (attempt ${nextAttempt}/8)`
-          );
-          const carry2 = {
-            pendingConnect: conn.pendingConnect,
-            pendingMessages: conn.pendingMessages,
-            e2e: conn.e2e
-          };
-          setTimeout(() => {
-            if (this.destroyed) return;
-            if (this.relayWs?.readyState !== NodeWebSocket.OPEN) return;
-            if (!this.userConnections.has(userId)) {
-              this.createUserConnection(userId, carry2);
-            }
-          }, delay);
-          return;
-        }
-        this.localConnectAttempts.delete(userId);
-        this.sendToRelay({
-          type: "relay.forward",
-          userId,
-          inner: {
-            type: "event",
-            event: "relay.gateway.connection.closed",
-            payload: { code }
-          }
-        });
-      }
-    });
-    localWs.on("error", (err2) => {
-      console.error(`[relay-client] Local WS error for user ${userId}:`, err2.message);
-    });
-  }
-  /** Route a message from the gateway back through the relay to the user */
-  routeFromGateway(userId, msg) {
-    const conn = this.userConnections.get(userId);
-    if (!conn) return;
-    const parsed = msg;
-    if (parsed.type === "event" && parsed.event === "connect.challenge") {
-      const payload = parsed.payload;
-      if (payload?.nonce) {
-        conn.challengeNonce = payload.nonce;
-        console.log(`[relay-client] Captured challenge nonce for ${userId}: ${conn.challengeNonce.substring(0, 12)}...`);
-        if (conn.pendingConnect) {
-          const pending = conn.pendingConnect;
-          conn.pendingConnect = null;
-          console.log(`[relay-client] Flushing deferred connect for ${userId}`);
-          this.injectDeviceIdentity(conn, pending);
-          if (conn.localWs.readyState === NodeWebSocket.OPEN) {
-            conn.localWs.send(JSON.stringify(pending));
-          }
-        }
-      }
-    }
-    if (parsed.type === "res" && typeof parsed.id === "string" && parsed.id.startsWith("connect-") && parsed.ok) {
-      conn.connectHandshakeComplete = true;
-      conn.lastSuccessfulConnectRequestId = parsed.id;
-      if (conn.pendingMessages.length > 0) {
-        console.log(`[relay-client] Flushing ${conn.pendingMessages.length} buffered messages for ${userId}`);
-        for (const queued of conn.pendingMessages) {
-          conn.localWs.send(JSON.stringify(queued));
-        }
-        conn.pendingMessages = [];
-      }
-    }
-    let innerMsg = msg;
-    if (conn.e2e) {
-      try {
-        const encrypted = conn.e2e.encrypt(JSON.stringify(msg));
-        innerMsg = { _e2e: true, ...encrypted };
-      } catch (err2) {
-        console.error(`[relay-client] E2E encrypt failed for ${userId} \u2014 dropping message:`, err2);
-        return;
-      }
-    }
-    this.sendToRelay({
-      type: "relay.forward",
-      userId,
-      inner: innerMsg
-    });
-  }
-  // ── Pairing ──
-  handlePairingRequest(userId, email) {
-    console.log(`[relay-client] Pairing request from ${email} (${userId})`);
-    this.sendToRelay({
-      type: "relay.pair.status",
-      userId,
-      status: "pending"
-    });
-    console.log(
-      `[relay-client] Pairing request pending for ${email}. The gateway will auto-pair this device if the operator token is valid.`
-    );
-  }
-  // ── E2E Key Exchange ──
-  async handleE2EExchange(userId, browserPublicKey) {
-    console.log(`[relay-client] E2E key exchange with user ${userId}`);
-    const conn = this.userConnections.get(userId);
-    if (!conn) return;
-    try {
-      const e2e = new E2ECrypto();
-      const gatewayPublicKey = await e2e.generateKeyPair();
-      await e2e.deriveSharedSecret(browserPublicKey);
-      conn.e2e = e2e;
-      this.sendToRelay({
-        type: "relay.forward",
-        userId,
-        inner: {
-          type: "relay.e2e.exchange",
-          publicKey: gatewayPublicKey
-        }
-      });
-      console.log(`[relay-client] E2E established for user ${userId}`);
-    } catch (err2) {
-      console.error(`[relay-client] E2E exchange failed for ${userId}:`, err2);
-    }
-  }
-  // ── Send to Relay ──
-  sendToRelay(msg) {
-    if (!this.relayWs || this.relayWs.readyState !== NodeWebSocket.OPEN) return;
-    try {
-      this.relayWs.send(JSON.stringify(msg));
-    } catch {
-    }
-  }
-  /** Broadcast an event to all connected users, E2E encrypted per-user */
-  broadcastToUsers(event, payload) {
-    const msg = { type: "event", event, payload };
-    for (const [userId, conn] of this.userConnections) {
-      if (!conn.connectHandshakeComplete) continue;
-      let innerMsg = msg;
-      if (conn.e2e) {
-        try {
-          const encrypted = conn.e2e.encrypt(JSON.stringify(msg));
-          innerMsg = { _e2e: true, ...encrypted };
-        } catch (err2) {
-          console.error(`[relay-client] E2E encrypt failed for broadcast to ${userId} \u2014 skipping:`, err2);
-          continue;
-        }
-      }
-      this.sendToRelay({
-        type: "relay.forward",
-        userId,
-        inner: innerMsg
-      });
+  const agentsDir = path2.join(stateDir, "agents");
+  if (!fs2.existsSync(agentsDir)) return [];
+  const copied = [];
+  for (const entry of fs2.readdirSync(agentsDir, { withFileTypes: true })) {
+    if (!entry.isDirectory()) continue;
+    const agentId = entry.name;
+    if (ensureAgentAuthProfiles(agentId)) {
+      copied.push(agentId);
     }
   }
-};
-var relayClient = null;
-function startRelayClient(api, relayUrl) {
-  relayClient = new RelayClient({
-    relayUrl
-  });
-  relayClient.start();
-  api.registerGatewayMethod(
-    "squad.relay.status",
-    async ({ respond }) => {
-      respond(true, {
-        connected: relayClient !== null,
-        relayUrl
-      });
-    }
-  );
-  const cleanup = () => {
-    if (relayClient) {
-      relayClient.destroy();
-      relayClient = null;
-    }
-  };
-  process.on("SIGTERM", cleanup);
-  process.on("SIGINT", cleanup);
-}
-function broadcastToUsers(event, payload) {
-  relayClient?.broadcastToUsers(event, payload);
+  return copied;
 }
 
 // src/agents.ts
-import { execSync } from "child_process";
-import path4 from "path";
 function deriveAgentIdFromName(name) {
   const normalized = name.trim().toLowerCase().replace(/[^a-z0-9]+/g, "-").replace(/^-+|-+$/g, "");
   return normalized || "agent";
@@ -825,7 +98,7 @@ function registerAgentMethods(api) {
         return;
       }
       const effectiveAgentId = providedAgentId || deriveAgentIdFromName(safeName);
-      const defaultWorkspace = path4.join(
+      const defaultWorkspace = path3.join(
         getOpenclawStateDir(),
         effectiveAgentId === "main" ? "workspace" : `workspace-${effectiveAgentId}`
       );
@@ -840,6 +113,11 @@ function registerAgentMethods(api) {
           encoding: "utf-8",
           stdio: ["pipe", "pipe", "pipe"]
         });
+        try {
+          ensureAgentAuthProfiles(effectiveAgentId);
+        } catch (authErr) {
+          console.warn("[squad.agents.add] failed to copy main auth profile to agent:", authErr);
+        }
         respond(true, { ok: true, output: output.slice(0, 1e3) });
       } catch (err2) {
         const msg = err2 instanceof Error ? err2.message : String(err2);
@@ -985,12 +263,12 @@ function registerAgentMethods(api) {
 
 // src/entities.ts
 import { Type as T } from "@sinclair/typebox";
-import path8 from "path";
-import fs7 from "fs";
+import path7 from "path";
+import fs6 from "fs";
 
 // src/watcher.ts
-import path5 from "path";
-import fs4 from "fs";
+import path4 from "path";
+import fs3 from "fs";
 import chokidar from "chokidar";
 var debounceTimers = /* @__PURE__ */ new Map();
 var DEBOUNCE_MS = 500;
@@ -1020,29 +298,29 @@ function debouncedFs(relPath, action, fn) {
   );
 }
 function isWorkspaceIdentity(filePath, configDir) {
-  const rel = path5.relative(configDir, filePath);
+  const rel = path4.relative(configDir, filePath);
   const match = rel.match(/^(workspace(?:-([^/]+))?)\/IDENTITY\.md$/);
   if (!match) return null;
   const dirName = match[1];
   const agentId = match[2] ?? "main";
-  return { agentId, workspacePath: path5.join(configDir, dirName) };
+  return { agentId, workspacePath: path4.join(configDir, dirName) };
 }
 function isWorkspaceAgentJson(filePath, configDir) {
-  const rel = path5.relative(configDir, filePath);
+  const rel = path4.relative(configDir, filePath);
   const match = rel.match(/^(workspace(?:-([^/]+))?)\/agent\.json$/);
   if (!match) return null;
   const dirName = match[1];
   const agentId = match[2] ?? "main";
-  return { agentId, workspacePath: path5.join(configDir, dirName) };
+  return { agentId, workspacePath: path4.join(configDir, dirName) };
 }
 function isGlobalSkillDir(filePath, configDir) {
-  const rel = path5.relative(configDir, filePath);
+  const rel = path4.relative(configDir, filePath);
   const match = rel.match(/^skills\/([^/]+)\/?$/);
   if (!match) return null;
   return { skillKey: match[1] };
 }
 function isWorkspaceSkillDir(filePath, configDir) {
-  const rel = path5.relative(configDir, filePath);
+  const rel = path4.relative(configDir, filePath);
   const match = rel.match(
     /^workspace(?:-([^/]+))?\/skills\/([^/]+)\/?$/
   );
@@ -1050,21 +328,21 @@ function isWorkspaceSkillDir(filePath, configDir) {
   return { agentId: match[1] ?? "main", skillKey: match[2] };
 }
 function isPluginManifest(filePath, configDir) {
-  const rel = path5.relative(configDir, filePath);
+  const rel = path4.relative(configDir, filePath);
   const match = rel.match(/^extensions\/([^/]+)\/openclaw\.plugin\.json$/);
   if (!match) return null;
   return { pluginDirName: match[1] };
 }
 function isOpenClawConfig(filePath, configDir) {
-  return path5.relative(configDir, filePath) === "openclaw.json";
+  return path4.relative(configDir, filePath) === "openclaw.json";
 }
 function updateAgent(agentId, workspacePath) {
   const now = Date.now();
   let name = agentId;
   const metadata = { workspacePath };
   try {
-    const content = fs4.readFileSync(
-      path5.join(workspacePath, "IDENTITY.md"),
+    const content = fs3.readFileSync(
+      path4.join(workspacePath, "IDENTITY.md"),
       "utf-8"
     );
     const parsed = parseIdentityName(content);
@@ -1073,8 +351,8 @@ function updateAgent(agentId, workspacePath) {
   }
   if (name === agentId) {
     try {
-      const raw = fs4.readFileSync(
-        path5.join(workspacePath, "agent.json"),
+      const raw = fs3.readFileSync(
+        path4.join(workspacePath, "agent.json"),
         "utf-8"
       );
       const config = JSON.parse(raw);
@@ -1098,14 +376,14 @@ function updateAgent(agentId, workspacePath) {
 }
 function updatePlugin(pluginDirName, configDir) {
   const now = Date.now();
-  const manifestPath = path5.join(
+  const manifestPath = path4.join(
     configDir,
     "extensions",
     pluginDirName,
     "openclaw.plugin.json"
   );
   try {
-    const raw = fs4.readFileSync(manifestPath, "utf-8");
+    const raw = fs3.readFileSync(manifestPath, "utf-8");
     const manifest = JSON.parse(raw);
     const pluginId = manifest.id || pluginDirName;
     const name = manifest.name || pluginId;
@@ -1115,7 +393,7 @@ function updatePlugin(pluginDirName, configDir) {
       name,
       title: name,
       description: manifest.description || null,
-      metadata: { pluginId, pluginDir: path5.dirname(manifestPath) },
+      metadata: { pluginId, pluginDir: path4.dirname(manifestPath) },
       source: "filesystem",
       source_key: manifestPath,
       created_at: now,
@@ -1142,7 +420,7 @@ function startWatcher(configDir, onFsChange) {
   });
   const emitFsChange = (action, filePath) => {
     if (!onFsChange) return;
-    const rel = path5.relative(configDir, filePath);
+    const rel = path4.relative(configDir, filePath);
     debouncedFs(rel, action, () => {
       onFsChange({ action, path: rel });
     });
@@ -1196,7 +474,7 @@ function startWatcher(configDir, onFsChange) {
       );
       return;
     }
-    const rel = path5.relative(configDir, dirPath);
+    const rel = path4.relative(configDir, dirPath);
     if (/^workspace(-[^/]+)?$/.test(rel)) {
       debounced("agents", () => scanAgents(configDir));
       return;
@@ -1204,7 +482,7 @@ function startWatcher(configDir, onFsChange) {
   };
   const handleUnlinkDir = (dirPath) => {
     emitFsChange("unlinkDir", dirPath);
-    const rel = path5.relative(configDir, dirPath);
+    const rel = path4.relative(configDir, dirPath);
     const wsMatch = rel.match(/^workspace(?:-([^/]+))?$/);
     if (wsMatch) {
       const agentId = wsMatch[1] ?? "main";
@@ -1241,26 +519,26 @@ function startWatcher(configDir, onFsChange) {
 }
 
 // src/filesystem.ts
-import fs6 from "fs";
-import path7 from "path";
-
-// src/layout.ts
 import fs5 from "fs";
 import path6 from "path";
+
+// src/layout.ts
+import fs4 from "fs";
+import path5 from "path";
 function resolveMaybeRelativePath(stateDir, p) {
-  if (path6.isAbsolute(p)) return path6.resolve(p);
-  return path6.resolve(stateDir, p);
+  if (path5.isAbsolute(p)) return path5.resolve(p);
+  return path5.resolve(stateDir, p);
 }
 function listWorkspaceFallbacks(stateDir) {
   let entries;
   try {
-    entries = fs5.readdirSync(stateDir, { withFileTypes: true });
+    entries = fs4.readdirSync(stateDir, { withFileTypes: true });
   } catch {
     return [];
   }
   return entries.filter((entry) => entry.isDirectory() && (entry.name === "workspace" || entry.name.startsWith("workspace-"))).map((entry) => {
     const agentId = entry.name === "workspace" ? "main" : entry.name.replace("workspace-", "");
-    const workspacePath = path6.join(stateDir, entry.name);
+    const workspacePath = path5.join(stateDir, entry.name);
     return {
       agentId,
       path: workspacePath,
@@ -1271,7 +549,7 @@ function listWorkspaceFallbacks(stateDir) {
 }
 function readOpenclawConfig(configPath) {
   try {
-    const raw = fs5.readFileSync(configPath, "utf-8");
+    const raw = fs4.readFileSync(configPath, "utf-8");
     return JSON.parse(raw);
   } catch {
     return null;
@@ -1279,7 +557,7 @@ function readOpenclawConfig(configPath) {
 }
 function resolveGatewayLayout() {
   const stateDir = getOpenclawStateDir();
-  const configPath = path6.join(stateDir, "openclaw.json");
+  const configPath = path5.join(stateDir, "openclaw.json");
   const config = readOpenclawConfig(configPath);
   const workspaces = [];
   if (config?.agents?.main?.workspace || config?.agents?.main?.workspacePath) {
@@ -1290,7 +568,7 @@ function resolveGatewayLayout() {
         agentId: "main",
         path: resolvedPath,
         source: "config",
-        exists: fs5.existsSync(resolvedPath)
+        exists: fs4.existsSync(resolvedPath)
       });
     }
   }
@@ -1303,7 +581,7 @@ function resolveGatewayLayout() {
       agentId,
       path: resolvedPath,
       source: "config",
-      exists: fs5.existsSync(resolvedPath)
+      exists: fs4.existsSync(resolvedPath)
     });
   }
   const deduped = /* @__PURE__ */ new Map();
@@ -1317,9 +595,9 @@ function resolveGatewayLayout() {
   return {
     stateDir,
     configPath,
-    mediaDir: path6.join(stateDir, "media"),
-    skillsDir: path6.join(stateDir, "skills"),
-    extensionsDir: path6.join(stateDir, "extensions"),
+    mediaDir: path5.join(stateDir, "media"),
+    skillsDir: path5.join(stateDir, "skills"),
+    extensionsDir: path5.join(stateDir, "extensions"),
     defaultFileBrowserRoot,
     workspaces: resolvedWorkspaces
   };
@@ -1329,16 +607,16 @@ function resolveGatewayLayout() {
 var HOME_DIR = process.env.HOME ?? "/root";
 var OPENCLAW_DIR = getOpenclawStateDir();
 var SENSITIVE_BLOCKED_DIRS = [
-  path7.join(OPENCLAW_DIR, "credentials"),
-  path7.join(OPENCLAW_DIR, "devices"),
-  path7.join(OPENCLAW_DIR, "identity")
+  path6.join(OPENCLAW_DIR, "credentials"),
+  path6.join(OPENCLAW_DIR, "devices"),
+  path6.join(OPENCLAW_DIR, "identity")
 ];
 var SENSITIVE_BLOCKED_FILES = [
-  path7.join(OPENCLAW_DIR, "squad-ceo-data", "relay", "squad-relay.json")
+  path6.join(OPENCLAW_DIR, "squad-ceo-data", "relay", "squad-relay.json")
 ];
 function isSensitivePath(resolvedPath) {
   for (const blocked of SENSITIVE_BLOCKED_DIRS) {
-    if (resolvedPath === blocked || resolvedPath.startsWith(blocked + path7.sep)) {
+    if (resolvedPath === blocked || resolvedPath.startsWith(blocked + path6.sep)) {
       return true;
     }
   }
@@ -1347,7 +625,7 @@ function isSensitivePath(resolvedPath) {
       return true;
     }
   }
-  if (path7.dirname(resolvedPath) === OPENCLAW_DIR && resolvedPath.endsWith(".bak")) {
+  if (path6.dirname(resolvedPath) === OPENCLAW_DIR && resolvedPath.endsWith(".bak")) {
     return true;
   }
   return false;
@@ -1396,20 +674,20 @@ function redactOpenclawJson(rawContent) {
   return JSON.stringify(config, null, 2);
 }
 function isOpenclawJson(resolvedPath) {
-  return path7.basename(resolvedPath) === OPENCLAW_JSON_FILENAME && resolvedPath.startsWith(OPENCLAW_DIR);
+  return path6.basename(resolvedPath) === OPENCLAW_JSON_FILENAME && resolvedPath.startsWith(OPENCLAW_DIR);
 }
 function expandHome(p) {
   if (p.startsWith("~/") || p === "~") {
-    return path7.join(HOME_DIR, p.slice(1));
+    return path6.join(HOME_DIR, p.slice(1));
   }
   return p;
 }
 function validatePath(p, allowedRoots) {
-  const resolved = path7.resolve(expandHome(p));
+  const resolved = path6.resolve(expandHome(p));
   if (!allowedRoots || allowedRoots.length === 0) return resolved;
   const allowed = allowedRoots.some((root) => {
-    const resolvedRoot = path7.resolve(expandHome(root));
-    return resolved === resolvedRoot || resolved.startsWith(resolvedRoot + path7.sep);
+    const resolvedRoot = path6.resolve(expandHome(root));
+    return resolved === resolvedRoot || resolved.startsWith(resolvedRoot + path6.sep);
   });
   if (!allowed) {
     throw new Error(`Path "${p}" is outside allowed roots`);
@@ -1446,18 +724,18 @@ function err(message) {
   };
 }
 function listDir(dirPath, opts) {
-  const dirents = fs6.readdirSync(dirPath, { withFileTypes: true });
+  const dirents = fs5.readdirSync(dirPath, { withFileTypes: true });
   const results = [];
   for (const dirent of dirents) {
     if (!opts.includeHidden && dirent.name.startsWith(".")) continue;
-    const entryPath = path7.join(dirPath, dirent.name);
+    const entryPath = path6.join(dirPath, dirent.name);
     let type = "other";
     if (dirent.isFile()) type = "file";
     else if (dirent.isDirectory()) type = "directory";
     else if (dirent.isSymbolicLink()) type = "symlink";
     const entry = { name: dirent.name, path: entryPath, type };
     try {
-      const stat = fs6.statSync(entryPath);
+      const stat = fs5.statSync(entryPath);
       entry.size = stat.size;
       entry.modified = stat.mtime.toISOString();
     } catch {
@@ -1510,8 +788,8 @@ function registerFilesystemTools(api) {
       try {
         const filePath = validateAndBlockSensitive(params.path, allowedRoots);
         const encoding = params.encoding ?? "utf-8";
-        let content = fs6.readFileSync(filePath, encoding);
-        const stat = fs6.statSync(filePath);
+        let content = fs5.readFileSync(filePath, encoding);
+        const stat = fs5.statSync(filePath);
         if (isOpenclawJson(filePath) && encoding === "utf-8") {
           content = redactOpenclawJson(content);
         }
@@ -1561,10 +839,10 @@ function registerFilesystemTools(api) {
         const encoding = params.encoding ?? "utf-8";
         const mkdir = params.mkdir !== false;
         if (mkdir) {
-          fs6.mkdirSync(path7.dirname(filePath), { recursive: true });
+          fs5.mkdirSync(path6.dirname(filePath), { recursive: true });
         }
-        fs6.writeFileSync(filePath, content, encoding);
-        const stat = fs6.statSync(filePath);
+        fs5.writeFileSync(filePath, content, encoding);
+        const stat = fs5.statSync(filePath);
         return ok({
           path: filePath,
           size: stat.size,
@@ -1633,7 +911,7 @@ function registerFilesystemTools(api) {
     async execute(_id, params) {
       try {
         const targetPath = validateWritePath(params.path, allowedRoots);
-        fs6.mkdirSync(targetPath, { recursive: true });
+        fs5.mkdirSync(targetPath, { recursive: true });
         return ok({
           path: targetPath,
           created: true
@@ -1666,7 +944,7 @@ function registerFilesystemTools(api) {
       try {
         const resolvedOld = validateWritePath(params.oldPath, allowedRoots);
         const resolvedNew = validateWritePath(params.newPath, allowedRoots);
-        fs6.renameSync(resolvedOld, resolvedNew);
+        fs5.renameSync(resolvedOld, resolvedNew);
         return ok({
           oldPath: resolvedOld,
           newPath: resolvedNew,
@@ -1695,12 +973,12 @@ function registerFilesystemTools(api) {
     async execute(_id, params) {
       try {
         const targetPath = validateWritePath(params.path, allowedRoots);
-        const stat = fs6.statSync(targetPath);
+        const stat = fs5.statSync(targetPath);
         const wasDirectory = stat.isDirectory();
         if (wasDirectory) {
-          fs6.rmSync(targetPath, { recursive: true });
+          fs5.rmSync(targetPath, { recursive: true });
         } else {
-          fs6.unlinkSync(targetPath);
+          fs5.unlinkSync(targetPath);
         }
         return ok({
           path: targetPath,
@@ -1752,7 +1030,7 @@ function scanAgents(configDir) {
   const now = Date.now();
   let entries;
   try {
-    entries = fs7.readdirSync(configDir, { withFileTypes: true });
+    entries = fs6.readdirSync(configDir, { withFileTypes: true });
   } catch {
     return;
   }
@@ -1761,20 +1039,20 @@ function scanAgents(configDir) {
   );
   for (const dir of workspaceDirs) {
     const agentId = dir.name === "workspace" ? "main" : dir.name.replace("workspace-", "");
-    const workspacePath = path8.join(configDir, dir.name);
+    const workspacePath = path7.join(configDir, dir.name);
     let name = agentId;
     const metadata = { workspacePath };
-    const identityPath = path8.join(workspacePath, "IDENTITY.md");
+    const identityPath = path7.join(workspacePath, "IDENTITY.md");
     try {
-      const content = fs7.readFileSync(identityPath, "utf-8");
+      const content = fs6.readFileSync(identityPath, "utf-8");
       const parsed = parseIdentityName(content);
       if (parsed) name = parsed;
     } catch {
     }
     if (name === agentId) {
-      const agentJsonPath = path8.join(workspacePath, "agent.json");
+      const agentJsonPath = path7.join(workspacePath, "agent.json");
       try {
-        const raw = fs7.readFileSync(agentJsonPath, "utf-8");
+        const raw = fs6.readFileSync(agentJsonPath, "utf-8");
         const config = JSON.parse(raw);
         if (config.displayName) name = config.displayName;
         if (config.model) metadata.model = config.model;
@@ -1799,11 +1077,11 @@ function scanAgents(configDir) {
 }
 function scanSkills(configDir) {
   const now = Date.now();
-  const globalSkillsDir = path8.join(configDir, "skills");
+  const globalSkillsDir = path7.join(configDir, "skills");
   scanSkillsDir(globalSkillsDir, "global", now);
   let entries;
   try {
-    entries = fs7.readdirSync(configDir, { withFileTypes: true });
+    entries = fs6.readdirSync(configDir, { withFileTypes: true });
   } catch {
     return;
   }
@@ -1812,26 +1090,26 @@ function scanSkills(configDir) {
       continue;
     }
     const agentId = dir.name === "workspace" ? "main" : dir.name.replace("workspace-", "");
-    const agentSkillsDir = path8.join(configDir, dir.name, "skills");
+    const agentSkillsDir = path7.join(configDir, dir.name, "skills");
     scanSkillsDir(agentSkillsDir, agentId, now);
   }
 }
 function scanSkillsDir(skillsDir, scope, now) {
   let entries;
   try {
-    entries = fs7.readdirSync(skillsDir, { withFileTypes: true });
+    entries = fs6.readdirSync(skillsDir, { withFileTypes: true });
   } catch {
     return;
   }
   for (const entry of entries) {
     if (!entry.isDirectory()) continue;
     const skillKey = entry.name;
-    const skillPath = path8.join(skillsDir, skillKey);
+    const skillPath = path7.join(skillsDir, skillKey);
     let name = skillKey;
     for (const manifestName of ["manifest.json", "package.json"]) {
       try {
-        const raw = fs7.readFileSync(
-          path8.join(skillPath, manifestName),
+        const raw = fs6.readFileSync(
+          path7.join(skillPath, manifestName),
           "utf-8"
         );
         const manifest = JSON.parse(raw);
@@ -1858,19 +1136,19 @@ function scanSkillsDir(skillsDir, scope, now) {
 }
 function scanPlugins2(configDir) {
   const now = Date.now();
-  const extensionsDir = path8.join(configDir, "extensions");
+  const extensionsDir = path7.join(configDir, "extensions");
   let entries;
   try {
-    entries = fs7.readdirSync(extensionsDir, { withFileTypes: true });
+    entries = fs6.readdirSync(extensionsDir, { withFileTypes: true });
   } catch {
     return;
   }
   for (const dir of entries) {
     if (!dir.isDirectory()) continue;
-    const pluginDir = path8.join(extensionsDir, dir.name);
-    const manifestPath = path8.join(pluginDir, "openclaw.plugin.json");
+    const pluginDir = path7.join(extensionsDir, dir.name);
+    const manifestPath = path7.join(pluginDir, "openclaw.plugin.json");
     try {
-      const raw = fs7.readFileSync(manifestPath, "utf-8");
+      const raw = fs6.readFileSync(manifestPath, "utf-8");
       const manifest = JSON.parse(raw);
       const pluginId = manifest.id || dir.name;
       const name = manifest.name || pluginId;
@@ -1893,8 +1171,8 @@ function scanPlugins2(configDir) {
 function scanTools(configDir) {
   const now = Date.now();
   try {
-    const raw = fs7.readFileSync(
-      path8.join(configDir, "openclaw.json"),
+    const raw = fs6.readFileSync(
+      path7.join(configDir, "openclaw.json"),
       "utf-8"
     );
     const config = JSON.parse(raw);
@@ -1945,24 +1223,24 @@ var MIME_MAP = {
   ".gz": "application/gzip"
 };
 function getMimeType(filename) {
-  const ext = path8.extname(filename).toLowerCase();
+  const ext = path7.extname(filename).toLowerCase();
   return MIME_MAP[ext] ?? "application/octet-stream";
 }
 function scanMedia(configDir) {
   const now = Date.now();
-  const mediaDir = path8.join(configDir, "media");
+  const mediaDir = path7.join(configDir, "media");
   scanMediaDir(mediaDir, now);
 }
 function scanMediaDir(dirPath, now) {
   let entries;
   try {
-    entries = fs7.readdirSync(dirPath, { withFileTypes: true });
+    entries = fs6.readdirSync(dirPath, { withFileTypes: true });
   } catch {
     return;
   }
   for (const entry of entries) {
     if (entry.name.startsWith(".")) continue;
-    const entryPath = path8.join(dirPath, entry.name);
+    const entryPath = path7.join(dirPath, entry.name);
     if (isSensitivePath(entryPath)) continue;
     if (entry.isDirectory()) {
       registrySet({
@@ -1983,7 +1261,7 @@ function scanMediaDir(dirPath, now) {
       let size;
       let mtime = now;
       try {
-        const stat = fs7.statSync(entryPath);
+        const stat = fs6.statSync(entryPath);
         size = stat.size;
         mtime = stat.mtimeMs;
       } catch {
@@ -2100,24 +1378,24 @@ function registerEntityTools(api, onFsChange) {
 
 // src/sql.ts
 import { execFile } from "child_process";
-import path9 from "path";
-import fs8 from "fs";
+import path8 from "path";
+import fs7 from "fs";
 import { Type as T2 } from "@sinclair/typebox";
 var HOME_DIR2 = process.env.HOME ?? "/root";
-var ALLOWED_DATA_DIR = path9.join(getOpenclawStateDir(), "squad-ceo-data");
+var ALLOWED_DATA_DIR = path8.join(getOpenclawStateDir(), "squad-ceo-data");
 function validateDbPath(dbPath) {
   let expanded = dbPath;
   if (expanded.startsWith("~/") || expanded === "~") {
-    expanded = path9.join(HOME_DIR2, expanded.slice(1));
+    expanded = path8.join(HOME_DIR2, expanded.slice(1));
   }
-  const resolved = path9.resolve(expanded);
-  if (resolved !== ALLOWED_DATA_DIR && !resolved.startsWith(ALLOWED_DATA_DIR + path9.sep)) {
+  const resolved = path8.resolve(expanded);
+  if (resolved !== ALLOWED_DATA_DIR && !resolved.startsWith(ALLOWED_DATA_DIR + path8.sep)) {
     throw new Error(
       `Access denied: database path must be within ~/.openclaw/squad-ceo-data/`
     );
   }
   try {
-    const stat = fs8.statSync(resolved);
+    const stat = fs7.statSync(resolved);
     if (!stat.isFile()) {
       throw new Error(`Not a file: ${dbPath}`);
     }
@@ -2184,11 +1462,11 @@ function registerSqlTools(api) {
 
 // src/version.ts
 import { spawn } from "child_process";
-import fs9 from "fs";
-import path10 from "path";
+import fs8 from "fs";
+import path9 from "path";
 import { fileURLToPath } from "url";
 var PACKAGE_NAME = "squad-openclaw";
-var CONFIG_PATH = path10.join(getOpenclawStateDir(), "openclaw.json");
+var CONFIG_PATH = path9.join(getOpenclawStateDir(), "openclaw.json");
 var updateInProgress = false;
 var VERIFY_TIMEOUT_MS = 2e4;
 var VERIFY_INTERVAL_MS = 500;
@@ -2198,7 +1476,7 @@ var COMMAND_OUTPUT_LIMIT = 8e3;
 var COMMAND_KILL_GRACE_MS = 2e3;
 function readInstalledVersionFromConfig() {
   try {
-    const raw = fs9.readFileSync(CONFIG_PATH, "utf-8");
+    const raw = fs8.readFileSync(CONFIG_PATH, "utf-8");
     const cfg = JSON.parse(raw);
     const v = cfg?.plugins?.installs?.[PACKAGE_NAME]?.version;
     return typeof v === "string" ? v : null;
@@ -2209,7 +1487,7 @@ function readInstalledVersionFromConfig() {
 function reconcileInstallMetadata(verification) {
   if (!verification.installPath || !verification.packageVersion) return;
   try {
-    const raw = fs9.readFileSync(CONFIG_PATH, "utf-8");
+    const raw = fs8.readFileSync(CONFIG_PATH, "utf-8");
     const config = JSON.parse(raw);
     if (!config.plugins || typeof config.plugins !== "object") config.plugins = {};
     if (!config.plugins.installs || typeof config.plugins.installs !== "object") {
@@ -2232,15 +1510,15 @@ function reconcileInstallMetadata(verification) {
       ...entry,
       enabled: true
     };
-    fs9.writeFileSync(CONFIG_PATH, JSON.stringify(config, null, 2), "utf-8");
+    fs8.writeFileSync(CONFIG_PATH, JSON.stringify(config, null, 2), "utf-8");
   } catch {
   }
 }
 function getCurrentVersion() {
   const thisFile = fileURLToPath(import.meta.url);
-  const pkgPath = path10.resolve(path10.dirname(thisFile), "..", "package.json");
+  const pkgPath = path9.resolve(path9.dirname(thisFile), "..", "package.json");
   try {
-    const pkg = JSON.parse(fs9.readFileSync(pkgPath, "utf-8"));
+    const pkg = JSON.parse(fs8.readFileSync(pkgPath, "utf-8"));
     return pkg.version ?? "0.0.0";
   } catch {
     return "0.0.0";
@@ -2335,7 +1613,7 @@ function compareVersions(a, b) {
 function verifyInstalledPluginState() {
   let configRaw;
   try {
-    configRaw = fs9.readFileSync(CONFIG_PATH, "utf-8");
+    configRaw = fs8.readFileSync(CONFIG_PATH, "utf-8");
   } catch (err2) {
     const msg = err2 instanceof Error ? err2.message : String(err2);
     return {
@@ -2375,11 +1653,11 @@ function verifyInstalledPluginState() {
     };
   }
   const requiredFiles = [
-    path10.join(installPath, "package.json"),
-    path10.join(installPath, "openclaw.plugin.json"),
-    path10.join(installPath, "dist", "index.js")
+    path9.join(installPath, "package.json"),
+    path9.join(installPath, "openclaw.plugin.json"),
+    path9.join(installPath, "dist", "index.js")
   ];
-  const requiredFilesMissing = requiredFiles.filter((p) => !fs9.existsSync(p));
+  const requiredFilesMissing = requiredFiles.filter((p) => !fs8.existsSync(p));
   if (requiredFilesMissing.length > 0) {
     return {
       ok: false,
@@ -2393,7 +1671,7 @@ function verifyInstalledPluginState() {
   let installedPackage;
   try {
     installedPackage = JSON.parse(
-      fs9.readFileSync(path10.join(installPath, "package.json"), "utf-8")
+      fs8.readFileSync(path9.join(installPath, "package.json"), "utf-8")
     );
   } catch (err2) {
     const msg = err2 instanceof Error ? err2.message : String(err2);
@@ -2408,7 +1686,7 @@ function verifyInstalledPluginState() {
   }
   try {
     JSON.parse(
-      fs9.readFileSync(path10.join(installPath, "openclaw.plugin.json"), "utf-8")
+      fs8.readFileSync(path9.join(installPath, "openclaw.plugin.json"), "utf-8")
     );
   } catch (err2) {
     const msg = err2 instanceof Error ? err2.message : String(err2);
@@ -2511,7 +1789,7 @@ function registerVersionMethods(api) {
         let updateOutput = "";
         let configBackup = null;
         try {
-          configBackup = fs9.readFileSync(CONFIG_PATH, "utf-8");
+          configBackup = fs8.readFileSync(CONFIG_PATH, "utf-8");
         } catch {
         }
         await runCommand(["doctor", "--fix"], 3e4);
@@ -2536,7 +1814,7 @@ function registerVersionMethods(api) {
           } catch (installErr) {
             if (configBackup) {
               try {
-                fs9.writeFileSync(CONFIG_PATH, configBackup, "utf-8");
+                fs8.writeFileSync(CONFIG_PATH, configBackup, "utf-8");
               } catch {
               }
             }
@@ -2556,7 +1834,7 @@ function registerVersionMethods(api) {
         if (!verification.ok) {
           if (configBackup) {
             try {
-              fs9.writeFileSync(CONFIG_PATH, configBackup, "utf-8");
+              fs8.writeFileSync(CONFIG_PATH, configBackup, "utf-8");
             } catch {
             }
           }
@@ -2682,34 +1960,22 @@ function registerQuestionMethods(api) {
 }
 
 // src/sessions.ts
-import fs10 from "fs";
-import path11 from "path";
-import crypto4 from "crypto";
+import fs9 from "fs";
+import path10 from "path";
+import crypto from "crypto";
+
+// src/gateway-invoke.ts
 function asRecord(value) {
   return value && typeof value === "object" ? value : null;
 }
-function extractSessionKey(value) {
-  const record = asRecord(value);
-  if (!record) return null;
-  if (typeof record.key === "string" && record.key.trim()) {
-    return record.key.trim();
-  }
-  const nestedKey = asRecord(record.key);
-  if (nestedKey && typeof nestedKey.key === "string" && nestedKey.key.trim()) {
-    return nestedKey.key.trim();
-  }
-  if (typeof record.sessionKey === "string" && record.sessionKey.trim()) {
-    return record.sessionKey.trim();
-  }
-  const nestedSession = asRecord(record.session);
-  if (nestedSession && typeof nestedSession.key === "string" && nestedSession.key.trim()) {
-    return nestedSession.key.trim();
-  }
-  return null;
-}
 function isInvoker(fn) {
   return typeof fn === "function";
 }
+function isUnknownGatewayMethodError(message) {
+  return /unknown method|method .* unavailable|not found|invalid[_ ]request|does not exist/i.test(
+    message
+  );
+}
 async function callGatewayAny(ctx, api, method, params) {
   const ctxGateway = asRecord(ctx.gateway);
   const apiGateway = asRecord(api?.gateway);
@@ -2735,9 +2001,7 @@ async function callGatewayAny(ctx, api, method, params) {
     } catch (err2) {
       lastErr = err2;
       const msg = err2 instanceof Error ? err2.message : String(err2);
-      if (/unknown method|method .* unavailable|not found|invalid[_ ]request|does not exist/i.test(
-        msg
-      )) {
+      if (isUnknownGatewayMethodError(msg)) {
         continue;
       }
       throw err2;
@@ -2746,16 +2010,40 @@ async function callGatewayAny(ctx, api, method, params) {
   if (lastErr) throw lastErr;
   throw new Error("Gateway method invocation API unavailable in plugin context");
 }
+
+// src/sessions.ts
+function asRecord2(value) {
+  return value && typeof value === "object" ? value : null;
+}
+function extractSessionKey(value) {
+  const record = asRecord2(value);
+  if (!record) return null;
+  if (typeof record.key === "string" && record.key.trim()) {
+    return record.key.trim();
+  }
+  const nestedKey = asRecord2(record.key);
+  if (nestedKey && typeof nestedKey.key === "string" && nestedKey.key.trim()) {
+    return nestedKey.key.trim();
+  }
+  if (typeof record.sessionKey === "string" && record.sessionKey.trim()) {
+    return record.sessionKey.trim();
+  }
+  const nestedSession = asRecord2(record.session);
+  if (nestedSession && typeof nestedSession.key === "string" && nestedSession.key.trim()) {
+    return nestedSession.key.trim();
+  }
+  return null;
+}
 function parseAgentIdFromSessionKey(sessionKey) {
   const m = sessionKey.match(/^agent:([^:]+):/);
   return m?.[1] ?? null;
 }
 function ensureDir(dirPath) {
-  fs10.mkdirSync(dirPath, { recursive: true });
+  fs9.mkdirSync(dirPath, { recursive: true });
 }
 function readSessionsMap(sessionsJsonPath) {
   try {
-    const raw = fs10.readFileSync(sessionsJsonPath, "utf-8");
+    const raw = fs9.readFileSync(sessionsJsonPath, "utf-8");
     const parsed = JSON.parse(raw);
     if (parsed && typeof parsed === "object") {
       return parsed;
@@ -2765,22 +2053,22 @@ function readSessionsMap(sessionsJsonPath) {
   return {};
 }
 function writeSessionsMap(sessionsJsonPath, sessionsMap) {
-  fs10.writeFileSync(sessionsJsonPath, JSON.stringify(sessionsMap, null, 2), "utf-8");
+  fs9.writeFileSync(sessionsJsonPath, JSON.stringify(sessionsMap, null, 2), "utf-8");
 }
 function createSessionOnDisk(input) {
   const requestedSessionKey = input.requestedSessionKey?.trim();
   const requestedAgentId = input.requestedAgentId?.trim();
   const derivedAgentId = requestedAgentId || (requestedSessionKey ? parseAgentIdFromSessionKey(requestedSessionKey) : null) || "main";
-  const sessionKey = requestedSessionKey || `agent:${derivedAgentId}:${crypto4.randomUUID()}`;
+  const sessionKey = requestedSessionKey || `agent:${derivedAgentId}:${crypto.randomUUID()}`;
   const stateDir = getOpenclawStateDir();
-  const sessionsDir = path11.join(stateDir, "agents", derivedAgentId, "sessions");
-  const sessionsJsonPath = path11.join(sessionsDir, "sessions.json");
+  const sessionsDir = path10.join(stateDir, "agents", derivedAgentId, "sessions");
+  const sessionsJsonPath = path10.join(sessionsDir, "sessions.json");
   ensureDir(sessionsDir);
   const now = Date.now();
   const sessionsMap = readSessionsMap(sessionsJsonPath);
   const existing = sessionsMap[sessionKey];
-  const sessionId = typeof existing?.sessionId === "string" && existing.sessionId.trim() ? existing.sessionId : crypto4.randomUUID();
-  const jsonlPath = path11.join(sessionsDir, `${sessionId}.jsonl`);
+  const sessionId = typeof existing?.sessionId === "string" && existing.sessionId.trim() ? existing.sessionId : crypto.randomUUID();
+  const jsonlPath = path10.join(sessionsDir, `${sessionId}.jsonl`);
   sessionsMap[sessionKey] = {
     ...existing ?? {},
     sessionId,
@@ -2791,8 +2079,8 @@ function createSessionOnDisk(input) {
     lastAssistantHasText: typeof existing?.lastAssistantHasText === "boolean" ? existing.lastAssistantHasText : true
   };
   writeSessionsMap(sessionsJsonPath, sessionsMap);
-  if (!fs10.existsSync(jsonlPath)) {
-    fs10.writeFileSync(jsonlPath, "", "utf-8");
+  if (!fs9.existsSync(jsonlPath)) {
+    fs9.writeFileSync(jsonlPath, "", "utf-8");
   }
   return {
     key: sessionKey,
@@ -2834,15 +2122,16 @@ function registerSessionMethods(api) {
           "sessions.create",
           createParams
         );
-        const normalizedKey = extractSessionKey(nativeResult) ?? (typeof sessionKey === "string" ? sessionKey.trim() : null);
+        const normalizedKey = extractSessionKey(nativeResult);
         if (!normalizedKey) {
-          respond(false, {
-            error: "Session creation succeeded but no session key was returned",
-            nativeResult
+          const local = createSessionOnDisk({
+            requestedSessionKey: typeof sessionKey === "string" ? sessionKey : void 0,
+            requestedAgentId: typeof agentId === "string" ? agentId : void 0
           });
+          respond(true, local);
           return;
         }
-        const nativeRecord = asRecord(nativeResult);
+        const nativeRecord = asRecord2(nativeResult);
         respond(true, {
           ...nativeRecord ?? {},
           key: normalizedKey
@@ -2873,6 +2162,294 @@ function registerSessionMethods(api) {
   );
 }
 
+// src/agent-send.ts
+import fs10 from "fs";
+import path11 from "path";
+import { execFile as execFile2 } from "child_process";
+import { promisify } from "util";
+var ASSET_REFERENCE_RE = /\{\{asset:([^}]+)\}\}/g;
+var RETRY_INTERVAL_MS = 1e3;
+var RETRY_BUDGET_MS = 2e4;
+var CLI_AGENT_TIMEOUT_MS = 3e4;
+var execFileAsync = promisify(execFile2);
+var IMAGE_MIME_BY_EXT = {
+  ".png": "image/png",
+  ".jpg": "image/jpeg",
+  ".jpeg": "image/jpeg",
+  ".gif": "image/gif",
+  ".webp": "image/webp",
+  ".bmp": "image/bmp",
+  ".svg": "image/svg+xml",
+  ".ico": "image/x-icon",
+  ".tif": "image/tiff",
+  ".tiff": "image/tiff",
+  ".avif": "image/avif"
+};
+function asRecord3(value) {
+  return value && typeof value === "object" ? value : null;
+}
+function sleep2(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+function pathWithin(root, candidate) {
+  return candidate === root || candidate.startsWith(`${root}${path11.sep}`);
+}
+function parseAssetPathsFromMessage(message) {
+  const result = [];
+  const re = new RegExp(ASSET_REFERENCE_RE.source, "g");
+  let match;
+  while ((match = re.exec(message)) !== null) {
+    const rawPath = String(match[1] ?? "").trim();
+    if (rawPath) result.push(rawPath);
+  }
+  return result;
+}
+function parseAssetPathsFromContext(params) {
+  const context = asRecord3(params.context);
+  const assets = context?.assets;
+  if (!Array.isArray(assets)) return [];
+  const result = [];
+  for (const entry of assets) {
+    if (typeof entry === "string") {
+      const trimmed = entry.trim();
+      if (trimmed) result.push(trimmed);
+      continue;
+    }
+    const record = asRecord3(entry);
+    if (!record) continue;
+    const assetPath = typeof record.path === "string" ? record.path.trim() : "";
+    if (assetPath) result.push(assetPath);
+  }
+  return result;
+}
+function resolveOpenClawPath(rawPath, stateDir) {
+  const trimmed = rawPath.trim();
+  if (!trimmed) return "";
+  if (trimmed === "~/.openclaw") return stateDir;
+  if (trimmed.startsWith("~/.openclaw/")) {
+    return path11.join(stateDir, trimmed.slice("~/.openclaw/".length));
+  }
+  return trimmed;
+}
+function resolveMediaAssetCandidate(rawPath, stateDir) {
+  const mapped = resolveOpenClawPath(rawPath, stateDir);
+  if (!mapped) return null;
+  const mediaRoot = path11.resolve(path11.join(stateDir, "media"));
+  const resolved = path11.resolve(mapped);
+  if (!pathWithin(mediaRoot, resolved)) return null;
+  return {
+    sourcePath: rawPath,
+    resolvedPath: resolved
+  };
+}
+function dedupeAssetCandidates(candidates) {
+  const seen = /* @__PURE__ */ new Set();
+  const deduped = [];
+  for (const candidate of candidates) {
+    if (seen.has(candidate.resolvedPath)) continue;
+    seen.add(candidate.resolvedPath);
+    deduped.push(candidate);
+  }
+  return deduped;
+}
+async function waitForAvailableAssets(candidates) {
+  if (candidates.length === 0) return [];
+  const pending = new Map(
+    candidates.map((candidate) => [candidate.resolvedPath, candidate])
+  );
+  const deadline = Date.now() + RETRY_BUDGET_MS;
+  while (pending.size > 0) {
+    for (const [resolvedPath, candidate] of pending.entries()) {
+      try {
+        const stat = await fs10.promises.stat(resolvedPath);
+        if (stat.isFile()) {
+          pending.delete(resolvedPath);
+        }
+      } catch {
+      }
+    }
+    if (pending.size === 0) break;
+    if (Date.now() >= deadline) break;
+    await sleep2(RETRY_INTERVAL_MS);
+  }
+  return Array.from(pending.values());
+}
+function resolveImageMimeType(filePath) {
+  const ext = path11.extname(filePath).toLowerCase();
+  return IMAGE_MIME_BY_EXT[ext] ?? "application/octet-stream";
+}
+function extractGatewayToken(config) {
+  const gateway = asRecord3(config.gateway);
+  const auth = asRecord3(gateway?.auth);
+  const remote = asRecord3(gateway?.remote);
+  const fromAuth = typeof auth?.token === "string" ? auth.token.trim() : "";
+  if (fromAuth) return fromAuth;
+  const fromRemote = typeof remote?.token === "string" ? remote.token.trim() : "";
+  if (fromRemote) return fromRemote;
+  const fromGateway = typeof gateway?.token === "string" ? gateway.token.trim() : "";
+  if (fromGateway) return fromGateway;
+  return void 0;
+}
+function resolveGatewayUrlFromConfig(config) {
+  const gateway = asRecord3(config.gateway);
+  const host = typeof gateway?.host === "string" && gateway.host.trim() ? gateway.host.trim() : "127.0.0.1";
+  const port = typeof gateway?.port === "number" && Number.isFinite(gateway.port) ? gateway.port : 18789;
+  const tlsRaw = gateway?.tls;
+  const tls = typeof tlsRaw === "boolean" ? tlsRaw : Boolean(asRecord3(tlsRaw)?.enabled);
+  return `${tls ? "wss" : "ws"}://${host}:${port}`;
+}
+function extractCliErrorMessage(payload) {
+  const payloadRecord = asRecord3(payload);
+  if (typeof payloadRecord?.error === "string") return payloadRecord.error;
+  const errorRecord = asRecord3(payloadRecord?.error);
+  if (typeof errorRecord?.message === "string") return errorRecord.message;
+  const nestedPayload = asRecord3(payloadRecord?.payload);
+  if (typeof nestedPayload?.error === "string") return nestedPayload.error;
+  return "";
+}
+function parseCliJson(raw) {
+  const trimmed = raw.trim();
+  if (!trimmed) return null;
+  try {
+    const parsed = JSON.parse(trimmed);
+    return asRecord3(parsed);
+  } catch {
+    return null;
+  }
+}
+function isGatewayCallUnavailableError(message) {
+  return /gateway method invocation api unavailable in plugin context/i.test(message);
+}
+async function callAgentViaCli(stateDir, params) {
+  const configPath = path11.join(stateDir, "openclaw.json");
+  const configRaw = fs10.readFileSync(configPath, "utf-8");
+  const parsedConfig = JSON.parse(configRaw);
+  const token = extractGatewayToken(parsedConfig);
+  const url = resolveGatewayUrlFromConfig(parsedConfig);
+  const args = [
+    "gateway",
+    "call",
+    "agent",
+    "--json",
+    "--timeout",
+    String(CLI_AGENT_TIMEOUT_MS),
+    "--params",
+    JSON.stringify(params),
+    "--url",
+    url
+  ];
+  if (token) {
+    args.push("--token", token);
+  }
+  try {
+    const { stdout } = await execFileAsync("openclaw", args, {
+      env: process.env,
+      maxBuffer: 10 * 1024 * 1024
+    });
+    const json2 = parseCliJson(stdout);
+    if (!json2) {
+      throw new Error("openclaw gateway call agent returned non-JSON output");
+    }
+    if (json2.ok === false) {
+      const msg = extractCliErrorMessage(json2) || JSON.stringify(json2.error ?? json2);
+      throw new Error(msg);
+    }
+    if ("payload" in json2) return json2.payload;
+    return json2;
+  } catch (err2) {
+    const error = err2;
+    const stdoutJson = parseCliJson(typeof error.stdout === "string" ? error.stdout : "");
+    if (stdoutJson) {
+      if (stdoutJson.ok === false) {
+        const msg = extractCliErrorMessage(stdoutJson) || JSON.stringify(stdoutJson.error ?? stdoutJson);
+        throw new Error(msg);
+      }
+      if ("payload" in stdoutJson) return stdoutJson.payload;
+      return stdoutJson;
+    }
+    const stderr = typeof error.stderr === "string" ? error.stderr.trim() : "";
+    const message = stderr || (typeof error.message === "string" ? error.message : String(err2));
+    throw new Error(message);
+  }
+}
+async function buildImageAttachments(candidates) {
+  const attachments = [];
+  for (const candidate of candidates) {
+    const buffer = await fs10.promises.readFile(candidate.resolvedPath);
+    attachments.push({
+      type: "image",
+      mimeType: resolveImageMimeType(candidate.resolvedPath),
+      fileName: path11.basename(candidate.resolvedPath),
+      content: buffer.toString("base64")
+    });
+  }
+  return attachments;
+}
+function registerAgentSendMethod(api) {
+  api.registerGatewayMethod(
+    "squad.agent.send",
+    async (ctx) => {
+      const { params, respond } = ctx;
+      const message = typeof params?.message === "string" ? params.message : "";
+      if (!message.trim()) {
+        respond(false, { error: "Invalid 'message' parameter (must be a non-empty string)" });
+        return;
+      }
+      const stateDir = getOpenclawStateDir();
+      const rawAssetPaths = [
+        ...parseAssetPathsFromMessage(message),
+        ...parseAssetPathsFromContext(params)
+      ];
+      const candidates = dedupeAssetCandidates(
+        rawAssetPaths.map((rawPath) => resolveMediaAssetCandidate(rawPath, stateDir)).filter((candidate) => candidate !== null)
+      );
+      if (rawAssetPaths.length > 0 && candidates.length === 0) {
+        respond(false, {
+          error: "Referenced image assets must be under ~/.openclaw/media/"
+        });
+        return;
+      }
+      if (candidates.length > 0) {
+        const missing = await waitForAvailableAssets(candidates);
+        if (missing.length > 0) {
+          const missingPaths = missing.map((entry) => entry.sourcePath).join(", ");
+          respond(false, {
+            error: `Referenced image assets not available after ${RETRY_BUDGET_MS}ms: ${missingPaths}`
+          });
+          return;
+        }
+      }
+      try {
+        const imageAttachments = await buildImageAttachments(candidates);
+        const existingAttachments = Array.isArray(params.attachments) ? params.attachments : [];
+        const forwardedParams = {
+          ...params,
+          attachments: [...existingAttachments, ...imageAttachments]
+        };
+        let nativeResult;
+        try {
+          nativeResult = await callGatewayAny(
+            ctx,
+            api,
+            "agent",
+            forwardedParams
+          );
+        } catch (err2) {
+          const msg = err2 instanceof Error ? err2.message : String(err2);
+          if (!isGatewayCallUnavailableError(msg)) {
+            throw err2;
+          }
+          nativeResult = await callAgentViaCli(stateDir, forwardedParams);
+        }
+        respond(true, nativeResult);
+      } catch (err2) {
+        const msg = err2 instanceof Error ? err2.message : String(err2);
+        respond(false, { error: msg });
+      }
+    }
+  );
+}
+
 // src/shared-api.ts
 var CORE_TOOLS = [
   "exec",
@@ -2926,6 +2503,7 @@ function registerSquadSharedApi(api, onFsChange) {
   registerAgentMethods(api);
   registerQuestionMethods(api);
   registerSessionMethods(api);
+  registerAgentSendMethod(api);
   const invokeTool = async (tool, args) => {
     const executeFn = toolExecutors.get(tool);
     if (!executeFn) {
@@ -2980,14 +2558,79 @@ function registerSquadSharedApi(api, onFsChange) {
 }
 
 // src/migrations/runner.ts
-import fs11 from "fs";
-import path12 from "path";
+import fs12 from "fs";
+import path13 from "path";
 
 // src/migrations/001-enable-main-subagent-access.ts
+import fs11 from "fs";
+import path12 from "path";
+function asRecord4(value) {
+  if (!value || typeof value !== "object" || Array.isArray(value)) return null;
+  return value;
+}
+function mergeStringArrayWithWildcard(value) {
+  const next = /* @__PURE__ */ new Set();
+  if (Array.isArray(value)) {
+    for (const entry of value) {
+      if (typeof entry === "string" && entry.trim()) next.add(entry.trim());
+    }
+  }
+  next.add("*");
+  return Array.from(next);
+}
+function patchConfigOnDisk() {
+  const configPath = path12.join(getOpenclawStateDir(), "openclaw.json");
+  const raw = fs11.readFileSync(configPath, "utf-8");
+  const parsed = JSON.parse(raw);
+  const agents = asRecord4(parsed.agents) ?? {};
+  const defaults = asRecord4(agents.defaults) ?? {};
+  const subagentsDefaults = asRecord4(defaults.subagents) ?? {};
+  defaults.maxConcurrent = 4;
+  defaults.subagents = {
+    ...subagentsDefaults,
+    maxConcurrent: 8
+  };
+  const listRaw = Array.isArray(agents.list) ? agents.list : [];
+  const list = listRaw.map((entry) => asRecord4(entry)).filter((entry) => Boolean(entry));
+  const mainIndex = list.findIndex((entry) => entry.id === "main");
+  const existingMain = mainIndex >= 0 ? list[mainIndex] : {};
+  const existingIdentity = asRecord4(existingMain.identity) ?? {};
+  const existingTools = asRecord4(existingMain.tools) ?? {};
+  const existingSubagents = asRecord4(existingMain.subagents) ?? {};
+  const nextMain = {
+    ...existingMain,
+    id: "main",
+    identity: {
+      ...existingIdentity,
+      name: typeof existingIdentity.name === "string" && existingIdentity.name.trim() ? existingIdentity.name : "Pepper"
+    },
+    tools: {
+      ...existingTools,
+      allow: mergeStringArrayWithWildcard(existingTools.allow)
+    },
+    subagents: {
+      ...existingSubagents,
+      allowAgents: mergeStringArrayWithWildcard(existingSubagents.allowAgents)
+    }
+  };
+  if (mainIndex >= 0) list[mainIndex] = nextMain;
+  else list.push(nextMain);
+  parsed.agents = {
+    ...agents,
+    defaults,
+    list
+  };
+  fs11.writeFileSync(configPath, `${JSON.stringify(parsed, null, 2)}
+`, "utf-8");
+}
 var migration = {
   id: "001-enable-main-subagent-access",
   description: "Enable full main-agent tool and subagent spawning defaults",
   run: async ({ gatewayCall }) => {
+    const isGatewayApiUnavailableError = (error) => {
+      const msg = error instanceof Error ? error.message : String(error);
+      return /gateway method invocation api unavailable in plugin context/i.test(msg);
+    };
     const doPatch = async (baseHash) => {
       await gatewayCall("config.patch", {
         ...baseHash ? { baseHash } : {},
@@ -3017,28 +2660,63 @@ var migration = {
         })
       });
     };
-    let snapshot = await gatewayCall("config.get", {});
+    let snapshot;
+    try {
+      snapshot = await gatewayCall("config.get", {});
+    } catch (error) {
+      if (isGatewayApiUnavailableError(error)) {
+        patchConfigOnDisk();
+        return;
+      }
+      throw error;
+    }
     try {
       await doPatch(snapshot?.hash);
     } catch (firstErr) {
       const msg = firstErr instanceof Error ? firstErr.message : String(firstErr);
+      if (isGatewayApiUnavailableError(firstErr)) {
+        patchConfigOnDisk();
+        return;
+      }
       if (!/config changed since last load/i.test(msg)) throw firstErr;
-      snapshot = await gatewayCall("config.get", {});
+      try {
+        snapshot = await gatewayCall("config.get", {});
+      } catch (secondErr) {
+        if (isGatewayApiUnavailableError(secondErr)) {
+          patchConfigOnDisk();
+          return;
+        }
+        throw secondErr;
+      }
       await doPatch(snapshot?.hash);
     }
   }
 };
 var enable_main_subagent_access_default = migration;
 
+// src/migrations/002-backfill-agent-auth-profiles.ts
+var migration2 = {
+  id: "002-backfill-agent-auth-profiles",
+  description: "Ensure non-main agents have auth-profiles copied from main when missing",
+  run: async () => {
+    const copied = backfillAgentAuthProfiles();
+    if (copied.length > 0) {
+      console.log(`[startup-migrations] auth profile backfill copied: ${copied.join(", ")}`);
+    }
+  }
+};
+var backfill_agent_auth_profiles_default = migration2;
+
 // src/migrations/index.ts
 var STARTUP_MIGRATIONS = [
-  enable_main_subagent_access_default
+  enable_main_subagent_access_default,
+  backfill_agent_auth_profiles_default
   // Append new startup migrations here.
 ];
 
 // src/migrations/runner.ts
-var MIGRATIONS_DIR = path12.join(getOpenclawStateDir(), "squad-ceo-data");
-var MIGRATIONS_PATH = path12.join(MIGRATIONS_DIR, "migrations.json");
+var MIGRATIONS_DIR = path13.join(getOpenclawStateDir(), "squad-ceo-data");
+var MIGRATIONS_PATH = path13.join(MIGRATIONS_DIR, "migrations.json");
 function defaultState() {
   return {
     version: 1,
@@ -3047,7 +2725,7 @@ function defaultState() {
 }
 function readState() {
   try {
-    const raw = fs11.readFileSync(MIGRATIONS_PATH, "utf-8");
+    const raw = fs12.readFileSync(MIGRATIONS_PATH, "utf-8");
     const parsed = JSON.parse(raw);
     if (!Array.isArray(parsed.completed)) return defaultState();
     return {
@@ -3059,8 +2737,8 @@ function readState() {
   }
 }
 function writeState(state) {
-  fs11.mkdirSync(MIGRATIONS_DIR, { recursive: true });
-  fs11.writeFileSync(MIGRATIONS_PATH, JSON.stringify(state, null, 2), "utf-8");
+  fs12.mkdirSync(MIGRATIONS_DIR, { recursive: true });
+  fs12.writeFileSync(MIGRATIONS_PATH, JSON.stringify(state, null, 2), "utf-8");
 }
 function makeGatewayCaller(api) {
   return async (method, params = {}) => {
@@ -3075,11 +2753,11 @@ function makeGatewayCaller(api) {
     throw new Error("Gateway method invocation API unavailable in plugin context");
   };
 }
-async function runMigration(state, migration2, gatewayCall) {
-  if (state.completed.some((row) => row.id === migration2.id)) {
+async function runMigration(state, migration3, gatewayCall) {
+  if (state.completed.some((row) => row.id === migration3.id)) {
     return { state, applied: false };
   }
-  await migration2.run({ gatewayCall });
+  await migration3.run({ gatewayCall });
   return {
     applied: true,
     state: {
@@ -3087,7 +2765,7 @@ async function runMigration(state, migration2, gatewayCall) {
       completed: [
         ...state.completed,
         {
-          id: migration2.id,
+          id: migration3.id,
           completedAt: (/* @__PURE__ */ new Date()).toISOString()
         }
       ]
@@ -3097,34 +2775,707 @@ async function runMigration(state, migration2, gatewayCall) {
 async function runStartupMigrations(api) {
   const gatewayCall = makeGatewayCaller(api);
   let state = readState();
-  for (const migration2 of STARTUP_MIGRATIONS) {
+  for (const migration3 of STARTUP_MIGRATIONS) {
     try {
-      const result = await runMigration(state, migration2, gatewayCall);
+      const result = await runMigration(state, migration3, gatewayCall);
       state = result.state;
       if (result.applied) {
         writeState(state);
-        console.log(`[startup-migrations] applied: ${migration2.id}`);
+        console.log(`[startup-migrations] applied: ${migration3.id}`);
       }
     } catch (err2) {
       const msg = err2 instanceof Error ? err2.message : String(err2);
-      console.warn(`[startup-migrations] failed: ${migration2.id}: ${msg}`);
+      console.warn(`[startup-migrations] failed: ${migration3.id}: ${msg}`);
       break;
     }
   }
 }
 
+// src/http-routes.ts
+import crypto2 from "crypto";
+var DEFAULT_ALLOWED_ORIGINS = [
+  "https://squad.ceo",
+  "https://www.squad.ceo",
+  "https://squad.pages.dev",
+  "http://localhost:5174",
+  "http://localhost:5800"
+];
+var PAIRING_REQUEST_METHODS = [
+  "node.pair.request",
+  "devices.pair.request",
+  "device.pair.request"
+];
+var PAIRING_STATUS_METHODS = [
+  "node.pair.status",
+  "devices.pair.status",
+  "device.pair.status",
+  "node.pair.get"
+];
+var PROOF_MAX_SKEW_MS = 5 * 60 * 1e3;
+var DEFAULT_PAIRING_TTL_MS = 15 * 60 * 1e3;
+var NONCE_TTL_MS = 10 * 60 * 1e3;
+var LOCATOR_REFRESH_INTERVAL_MS = 15 * 60 * 1e3;
+var ED25519_SPKI_PREFIX = Buffer.from("302a300506032b6570032100", "hex");
+function asRecord5(value) {
+  if (!value || typeof value !== "object" || Array.isArray(value)) return null;
+  return value;
+}
+function pickString(value) {
+  if (typeof value !== "string") return null;
+  const trimmed = value.trim();
+  return trimmed.length > 0 ? trimmed : null;
+}
+function pickNumber(value) {
+  if (typeof value !== "number" || !Number.isFinite(value)) return null;
+  return value;
+}
+function json(body, status = 200) {
+  return new Response(JSON.stringify(body), {
+    status,
+    headers: {
+      "Content-Type": "application/json",
+      "Cache-Control": "no-store"
+    }
+  });
+}
+function withCors(request, response, allowMethods = "GET, POST, OPTIONS") {
+  const headers = new Headers(response.headers);
+  const origin = request.headers.get("origin");
+  const allowedOrigin = resolveAllowedOrigin(origin);
+  if (allowedOrigin) {
+    headers.set("Access-Control-Allow-Origin", allowedOrigin);
+    headers.set("Access-Control-Allow-Methods", allowMethods);
+    headers.set("Access-Control-Allow-Headers", "Content-Type");
+    headers.set("Vary", "Origin");
+  }
+  return new Response(response.body, {
+    status: response.status,
+    statusText: response.statusText,
+    headers
+  });
+}
+function jsonError(request, code, message, status = 500, extra = {}) {
+  return withCors(request, json({ ok: false, code, error: message, ...extra }, status));
+}
+function resolveAllowedOrigin(origin) {
+  if (!origin) return null;
+  const configured = process.env.SQUAD_ALLOWED_ORIGINS ? process.env.SQUAD_ALLOWED_ORIGINS.split(",").map((item) => item.trim()).filter(Boolean) : [];
+  const allowed = configured.length > 0 ? configured : DEFAULT_ALLOWED_ORIGINS;
+  return allowed.includes(origin) ? origin : null;
+}
+function isTailnetContext(request) {
+  if (/^(1|true)$/i.test(process.env.SQUAD_ALLOW_NON_TAILNET_INTERNAL ?? "")) {
+    return true;
+  }
+  const hasTailnetHeader = !!request.headers.get("x-tailscale-user-login") || !!request.headers.get("x-tailscale-user-name") || !!request.headers.get("x-tailscale-user-email") || !!request.headers.get("x-tailscale-node-name") || !!request.headers.get("x-tailscale-tailnet");
+  if (hasTailnetHeader) return true;
+  try {
+    const url = new URL(request.url);
+    if (url.hostname.toLowerCase().endsWith(".ts.net")) return true;
+  } catch {
+  }
+  const forwardedHost = request.headers.get("x-forwarded-host")?.toLowerCase() ?? "";
+  return forwardedHost.endsWith(".ts.net");
+}
+function ensureOriginAllowed(request) {
+  const origin = request.headers.get("origin");
+  if (!origin) return null;
+  return resolveAllowedOrigin(origin);
+}
+function decodeBase64Url(value) {
+  const normalized = value.replace(/-/g, "+").replace(/_/g, "/");
+  const padded = normalized + "=".repeat((4 - normalized.length % 4) % 4);
+  return Uint8Array.from(Buffer.from(padded, "base64"));
+}
+function base64UrlEncode(bytes) {
+  return Buffer.from(bytes).toString("base64").replaceAll("+", "-").replaceAll("/", "_").replace(/=+$/g, "");
+}
+function encodeUtf8(value) {
+  return new TextEncoder().encode(value);
+}
+function normalizeDevicePublicKeyBase64Url(publicKey) {
+  try {
+    if (publicKey.includes("BEGIN")) {
+      const spki = crypto2.createPublicKey(publicKey).export({
+        type: "spki",
+        format: "der"
+      });
+      if (spki.length === ED25519_SPKI_PREFIX.length + 32 && spki.subarray(0, ED25519_SPKI_PREFIX.length).equals(ED25519_SPKI_PREFIX)) {
+        return base64UrlEncode(spki.subarray(ED25519_SPKI_PREFIX.length));
+      }
+      return null;
+    }
+    return base64UrlEncode(decodeBase64Url(publicKey));
+  } catch {
+    return null;
+  }
+}
+function deriveDeviceIdFromPublicKey(publicKey) {
+  try {
+    const normalized = normalizeDevicePublicKeyBase64Url(publicKey);
+    if (!normalized) return null;
+    const raw = decodeBase64Url(normalized);
+    if (raw.length !== 32) return null;
+    return crypto2.createHash("sha256").update(raw).digest("hex");
+  } catch {
+    return null;
+  }
+}
+function verifyEd25519Signature(publicKey, payload, signatureBase64Url) {
+  try {
+    const normalized = normalizeDevicePublicKeyBase64Url(publicKey);
+    if (!normalized) return false;
+    const key = crypto2.createPublicKey({
+      key: Buffer.concat([ED25519_SPKI_PREFIX, decodeBase64Url(normalized)]),
+      type: "spki",
+      format: "der"
+    });
+    const signature = (() => {
+      try {
+        return Buffer.from(decodeBase64Url(signatureBase64Url));
+      } catch {
+        return Buffer.from(signatureBase64Url, "base64");
+      }
+    })();
+    return crypto2.verify(null, Buffer.from(payload, "utf8"), key, signature);
+  } catch {
+    return false;
+  }
+}
+function canonicalizeP256Jwk(value) {
+  const record = asRecord5(value);
+  const kty = pickString(record?.kty);
+  const crv = pickString(record?.crv);
+  const x = pickString(record?.x);
+  const y = pickString(record?.y);
+  if (kty !== "EC" || crv !== "P-256" || !x || !y) {
+    throw new Error("INVALID_PROOF_KEY");
+  }
+  return { kty: "EC", crv: "P-256", x, y };
+}
+function computeDeviceIdFromJwk(jwk) {
+  const canonical = JSON.stringify(jwk);
+  return crypto2.createHash("sha256").update(canonical).digest("hex");
+}
+function buildProofPayload(action, deviceId, nonce, signedAt, origin) {
+  return `squad.${action}|${deviceId}|${nonce}|${signedAt}|${origin}`;
+}
+async function verifyBrowserProof(payload, origin, action, usedProofNonces) {
+  const deviceId = pickString(payload.deviceId);
+  const signature = pickString(payload.signature);
+  const nonce = pickString(payload.nonce);
+  const signedAtRaw = pickNumber(payload.signedAt);
+  if (!deviceId || !signature || !nonce || signedAtRaw == null) {
+    return {
+      ok: false,
+      code: "INVALID_PROOF",
+      status: 400,
+      message: "Missing browser proof fields"
+    };
+  }
+  const signedAt = Math.trunc(signedAtRaw);
+  if (Math.abs(Date.now() - signedAt) > PROOF_MAX_SKEW_MS) {
+    return {
+      ok: false,
+      code: "INVALID_PROOF",
+      status: 401,
+      message: "Proof timestamp expired"
+    };
+  }
+  const nonceKey = `${deviceId}:${nonce}`;
+  const existingNonce = usedProofNonces.get(nonceKey);
+  if (existingNonce && existingNonce > Date.now()) {
+    return {
+      ok: false,
+      code: "INVALID_PROOF",
+      status: 401,
+      message: "Proof nonce replay detected"
+    };
+  }
+  const proofPayload = buildProofPayload(action, deviceId, nonce, signedAt, origin);
+  const publicKey = pickString(payload.publicKey);
+  let verified = false;
+  if (publicKey) {
+    const expectedDeviceId = deriveDeviceIdFromPublicKey(publicKey);
+    if (!expectedDeviceId) {
+      return {
+        ok: false,
+        code: "INVALID_PROOF",
+        status: 400,
+        message: "Invalid browser public key"
+      };
+    }
+    if (expectedDeviceId !== deviceId) {
+      return {
+        ok: false,
+        code: "INVALID_PROOF",
+        status: 401,
+        message: "Proof deviceId does not match browser key"
+      };
+    }
+    verified = verifyEd25519Signature(publicKey, proofPayload, signature);
+  } else {
+    let jwk;
+    try {
+      jwk = canonicalizeP256Jwk(payload.publicKeyJwk);
+    } catch {
+      return {
+        ok: false,
+        code: "INVALID_PROOF",
+        status: 400,
+        message: "Invalid browser public key"
+      };
+    }
+    const expectedDeviceId = computeDeviceIdFromJwk(jwk);
+    if (expectedDeviceId !== deviceId) {
+      return {
+        ok: false,
+        code: "INVALID_PROOF",
+        status: 401,
+        message: "Proof deviceId does not match browser key"
+      };
+    }
+    try {
+      const key = await crypto2.webcrypto.subtle.importKey(
+        "jwk",
+        jwk,
+        { name: "ECDSA", namedCurve: "P-256" },
+        false,
+        ["verify"]
+      );
+      verified = await crypto2.webcrypto.subtle.verify(
+        { name: "ECDSA", hash: "SHA-256" },
+        key,
+        decodeBase64Url(signature),
+        encodeUtf8(proofPayload)
+      );
+    } catch {
+      verified = false;
+    }
+  }
+  if (!verified) {
+    return {
+      ok: false,
+      code: "INVALID_PROOF",
+      status: 401,
+      message: "Proof signature verification failed"
+    };
+  }
+  usedProofNonces.set(nonceKey, Date.now() + NONCE_TTL_MS);
+  return { ok: true, deviceId };
+}
+function normalizePairingStatus(value) {
+  if (typeof value !== "string") return "unknown";
+  const normalized = value.trim().toLowerCase();
+  if (["pending", "requested", "waiting", "open"].includes(normalized)) return "pending";
+  if (["approved", "paired", "accepted", "granted", "success"].includes(normalized)) return "approved";
+  if (["rejected", "denied", "failed"].includes(normalized)) return "rejected";
+  if (["expired", "timeout", "timed_out"].includes(normalized)) return "expired";
+  return "unknown";
+}
+function extractRequestId(result) {
+  const obj = asRecord5(result);
+  if (!obj) return null;
+  const nestedRequest = asRecord5(obj.request);
+  return pickString(obj.requestId) ?? pickString(obj.id) ?? pickString(nestedRequest?.requestId) ?? pickString(nestedRequest?.id);
+}
+function extractExpiresAt(result) {
+  const obj = asRecord5(result);
+  const candidates = [
+    obj?.expiresAt,
+    obj?.expiresAtMs,
+    asRecord5(obj?.request)?.expiresAt,
+    asRecord5(obj?.request)?.expiresAtMs
+  ];
+  for (const candidate of candidates) {
+    if (typeof candidate === "number" && Number.isFinite(candidate) && candidate > Date.now()) {
+      return Math.trunc(candidate);
+    }
+    if (typeof candidate === "string") {
+      const asNumber = Number(candidate);
+      if (Number.isFinite(asNumber) && asNumber > Date.now()) {
+        return Math.trunc(asNumber);
+      }
+      const parsedDate = Date.parse(candidate);
+      if (Number.isFinite(parsedDate) && parsedDate > Date.now()) {
+        return Math.trunc(parsedDate);
+      }
+    }
+  }
+  return Date.now() + DEFAULT_PAIRING_TTL_MS;
+}
+function extractPairingStatus(result) {
+  const obj = asRecord5(result);
+  if (!obj) return "unknown";
+  const candidates = [
+    obj.status,
+    asRecord5(obj.request)?.status,
+    asRecord5(obj.pairing)?.status
+  ];
+  for (const candidate of candidates) {
+    const parsed = normalizePairingStatus(candidate);
+    if (parsed !== "unknown") return parsed;
+  }
+  return "unknown";
+}
+function isRateLimited(bucket, key, limit, windowMs) {
+  const now = Date.now();
+  const existing = bucket.get(key);
+  if (!existing || existing.resetAt <= now) {
+    bucket.set(key, { count: 1, resetAt: now + windowMs });
+    return false;
+  }
+  if (existing.count >= limit) {
+    return true;
+  }
+  existing.count += 1;
+  return false;
+}
+function normalizeTailnetHostname(value) {
+  const trimmed = value.trim();
+  if (!trimmed) return null;
+  const withProtocol = /^[a-z][a-z0-9+.-]*:\/\//i.test(trimmed) ? trimmed : `https://${trimmed}`;
+  try {
+    const parsed = new URL(withProtocol);
+    const hostname = parsed.hostname.toLowerCase();
+    if (!hostname.endsWith(".ts.net")) return null;
+    return hostname.endsWith(".") ? hostname.slice(0, -1) : hostname;
+  } catch {
+    return null;
+  }
+}
+function readRegistrationConfig() {
+  const token = pickString(process.env.SQUAD_TAILNET_REGISTRATION_TOKEN) ?? pickString(process.env.OPENCLAW_SQUAD_TAILNET_REGISTRATION_TOKEN);
+  const hostname = pickString(process.env.SQUAD_TAILNET_HOSTNAME) ?? pickString(process.env.TS_HOSTNAME) ?? pickString(process.env.TAILSCALE_HOSTNAME);
+  const normalizedHostname = hostname ? normalizeTailnetHostname(hostname) : null;
+  if (!token || !normalizedHostname) return null;
+  const relayUrlRaw = pickString(process.env.OPENCLAW_SQUAD_RELAY_HTTP_URL) ?? pickString(process.env.SQUAD_RELAY_HTTP_URL) ?? pickString(process.env.OPENCLAW_SQUAD_RELAY_URL) ?? pickString(process.env.SQUAD_RELAY_URL) ?? "https://relay.squad.ceo";
+  const relayApiBaseUrl = relayUrlRaw.replace(/^wss:/i, "https:").replace(/^ws:/i, "http:").replace(/\/+$/, "");
+  const version = pickString(process.env.SQUAD_PLUGIN_VERSION) ?? pickString(process.env.npm_package_version) ?? "unknown";
+  const displayName = pickString(process.env.SQUAD_TAILNET_DISPLAY_NAME) ?? "squad-openclaw";
+  return {
+    relayApiBaseUrl,
+    registrationToken: token,
+    hostname: normalizedHostname,
+    displayName,
+    version
+  };
+}
+async function registerLocatorToRelay(config) {
+  const response = await fetch(`${config.relayApiBaseUrl}/api/gateway/register-tailnet`, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      Authorization: `Bearer ${config.registrationToken}`
+    },
+    body: JSON.stringify({
+      hostname: config.hostname,
+      displayName: config.displayName,
+      version: config.version
+    })
+  });
+  if (!response.ok) {
+    const text = await response.text();
+    throw new Error(`Locator registration failed (${response.status}): ${text}`);
+  }
+}
+function registerTailnetInternalRoutes(api) {
+  const pendingPairings = /* @__PURE__ */ new Map();
+  const proofNonces = /* @__PURE__ */ new Map();
+  const rateLimitBucket = /* @__PURE__ */ new Map();
+  let preferredPairingRequestMethod = null;
+  let preferredPairingStatusMethod = null;
+  const cleanupCaches = () => {
+    const now = Date.now();
+    for (const [key, value] of pendingPairings) {
+      if (value.expiresAt <= now) pendingPairings.delete(key);
+    }
+    for (const [key, expiresAt] of proofNonces) {
+      if (expiresAt <= now) proofNonces.delete(key);
+    }
+    for (const [key, bucket] of rateLimitBucket) {
+      if (bucket.resetAt <= now) rateLimitBucket.delete(key);
+    }
+  };
+  const callGatewayMethod = async (method, params) => {
+    return callGatewayAny({}, api, method, params);
+  };
+  const requestPairingFromGateway = async () => {
+    const methods = preferredPairingRequestMethod ? [preferredPairingRequestMethod, ...PAIRING_REQUEST_METHODS.filter((m) => m !== preferredPairingRequestMethod)] : [...PAIRING_REQUEST_METHODS];
+    let lastError = null;
+    for (const method of methods) {
+      try {
+        const result = await callGatewayMethod(method, { displayName: "squad-browser" });
+        const requestId = extractRequestId(result);
+        if (!requestId) {
+          throw new Error("Pairing request created but no requestId was returned");
+        }
+        preferredPairingRequestMethod = method;
+        return {
+          requestId,
+          expiresAt: extractExpiresAt(result)
+        };
+      } catch (error) {
+        lastError = error;
+        const message = error instanceof Error ? error.message : String(error);
+        if (isUnknownGatewayMethodError(message)) {
+          continue;
+        }
+      }
+    }
+    const details = lastError instanceof Error ? lastError.message : String(lastError ?? "");
+    throw new Error(
+      details ? `PAIRING_REQUEST_UNAVAILABLE: ${details}` : "PAIRING_REQUEST_UNAVAILABLE: No pairing request method supported"
+    );
+  };
+  const readPairingStatusFromGateway = async (requestId) => {
+    const methods = preferredPairingStatusMethod ? [preferredPairingStatusMethod, ...PAIRING_STATUS_METHODS.filter((m) => m !== preferredPairingStatusMethod)] : [...PAIRING_STATUS_METHODS];
+    for (const method of methods) {
+      try {
+        const result = await callGatewayMethod(method, { requestId });
+        const status = extractPairingStatus(result);
+        preferredPairingStatusMethod = method;
+        return status;
+      } catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        if (isUnknownGatewayMethodError(message)) continue;
+      }
+    }
+    return "unknown";
+  };
+  const handle = async (request) => {
+    const url = new URL(request.url);
+    const path14 = url.pathname;
+    cleanupCaches();
+    if (request.method === "OPTIONS" && path14.startsWith("/squad-internal/")) {
+      const origin = ensureOriginAllowed(request);
+      if (!origin) {
+        return new Response(null, { status: 403 });
+      }
+      return withCors(
+        request,
+        new Response(null, {
+          status: 204,
+          headers: {
+            "Access-Control-Allow-Origin": origin,
+            "Access-Control-Allow-Methods": "GET, POST, OPTIONS",
+            "Access-Control-Allow-Headers": "Content-Type",
+            "Access-Control-Max-Age": "86400"
+          }
+        })
+      );
+    }
+    if (request.method === "GET" && path14 === "/squad-internal/health") {
+      if (!isTailnetContext(request)) {
+        return jsonError(request, "TAILNET_REQUIRED", "Tailnet context required", 403);
+      }
+      return withCors(
+        request,
+        json({
+          ok: true,
+          mode: "tailnet-direct",
+          pairing: {
+            requestSupported: preferredPairingRequestMethod ?? PAIRING_REQUEST_METHODS[0],
+            statusSupported: preferredPairingStatusMethod ?? "auto"
+          }
+        })
+      );
+    }
+    if (request.method === "POST" && path14 === "/squad-internal/pairing/request") {
+      const origin = ensureOriginAllowed(request);
+      if (!origin) {
+        return jsonError(request, "ORIGIN_NOT_ALLOWED", "Origin is not allowed", 403);
+      }
+      if (!isTailnetContext(request)) {
+        return jsonError(request, "TAILNET_REQUIRED", "Tailnet context required", 403);
+      }
+      let body;
+      try {
+        body = await request.json();
+      } catch {
+        return jsonError(request, "INVALID_REQUEST", "Invalid JSON body", 400);
+      }
+      const proofCheck = await verifyBrowserProof(body, origin, "pairing.request", proofNonces);
+      if (!proofCheck.ok) {
+        return jsonError(request, proofCheck.code, proofCheck.message, proofCheck.status);
+      }
+      const forwardedFor = request.headers.get("x-forwarded-for") ?? "unknown";
+      const ipKey = `ip:${forwardedFor}`;
+      const deviceKey = `device:${proofCheck.deviceId}`;
+      if (isRateLimited(rateLimitBucket, ipKey, 20, 6e4) || isRateLimited(rateLimitBucket, deviceKey, 8, 6e4)) {
+        return jsonError(request, "RATE_LIMITED", "Too many pairing requests", 429);
+      }
+      try {
+        const pairing = await requestPairingFromGateway();
+        pendingPairings.set(pairing.requestId, {
+          requestId: pairing.requestId,
+          deviceId: proofCheck.deviceId,
+          createdAt: Date.now(),
+          expiresAt: pairing.expiresAt
+        });
+        return withCors(
+          request,
+          json({
+            ok: true,
+            requestId: pairing.requestId,
+            approveCommand: `openclaw devices approve ${pairing.requestId}`,
+            expiresAt: pairing.expiresAt
+          })
+        );
+      } catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        return jsonError(
+          request,
+          "PAIRING_REQUEST_UNAVAILABLE",
+          message.replace(/^PAIRING_REQUEST_UNAVAILABLE:\s*/i, ""),
+          501,
+          { nextStep: "openclaw devices list --json" }
+        );
+      }
+    }
+    if (request.method === "GET" && path14 === "/squad-internal/pairing/status") {
+      const origin = ensureOriginAllowed(request);
+      if (!origin) {
+        return jsonError(request, "ORIGIN_NOT_ALLOWED", "Origin is not allowed", 403);
+      }
+      if (!isTailnetContext(request)) {
+        return jsonError(request, "TAILNET_REQUIRED", "Tailnet context required", 403);
+      }
+      const requestId = pickString(url.searchParams.get("requestId"));
+      const deviceId = pickString(url.searchParams.get("deviceId"));
+      if (!requestId || !deviceId) {
+        return jsonError(request, "INVALID_REQUEST", "requestId and deviceId are required", 400);
+      }
+      const record = pendingPairings.get(requestId);
+      if (!record || record.deviceId !== deviceId) {
+        return jsonError(request, "NOT_FOUND", "No pending pairing request for this device", 404);
+      }
+      if (record.expiresAt <= Date.now()) {
+        pendingPairings.delete(requestId);
+        return withCors(request, json({ ok: true, status: "expired" }));
+      }
+      const forwardedFor = request.headers.get("x-forwarded-for") ?? "unknown";
+      if (isRateLimited(rateLimitBucket, `status:${forwardedFor}`, 90, 6e4)) {
+        return jsonError(request, "RATE_LIMITED", "Too many status checks", 429);
+      }
+      const status = await readPairingStatusFromGateway(requestId);
+      if (status === "approved" || status === "expired" || status === "rejected") {
+        pendingPairings.delete(requestId);
+      }
+      return withCors(request, json({ ok: true, status }));
+    }
+    if (request.method === "POST" && path14 === "/squad-internal/locator/register") {
+      const origin = ensureOriginAllowed(request);
+      if (!origin) {
+        return jsonError(request, "ORIGIN_NOT_ALLOWED", "Origin is not allowed", 403);
+      }
+      if (!isTailnetContext(request)) {
+        return jsonError(request, "TAILNET_REQUIRED", "Tailnet context required", 403);
+      }
+      let body;
+      try {
+        body = await request.json();
+      } catch {
+        return jsonError(request, "INVALID_REQUEST", "Invalid JSON body", 400);
+      }
+      const proofCheck = await verifyBrowserProof(body, origin, "locator.register", proofNonces);
+      if (!proofCheck.ok) {
+        return jsonError(request, proofCheck.code, proofCheck.message, proofCheck.status);
+      }
+      const registrationToken = pickString(body.registrationToken);
+      const hostname = normalizeTailnetHostname(pickString(body.hostname) ?? "");
+      if (!registrationToken || !hostname) {
+        return jsonError(
+          request,
+          "INVALID_REQUEST",
+          "registrationToken and hostname (*.ts.net) are required",
+          400
+        );
+      }
+      const relayApiBaseUrl = pickString(body.relayApiBaseUrl) ?? readRegistrationConfig()?.relayApiBaseUrl ?? "https://relay.squad.ceo";
+      const displayName = pickString(body.displayName) ?? "squad-openclaw";
+      const version = pickString(body.version) ?? pickString(process.env.SQUAD_PLUGIN_VERSION) ?? pickString(process.env.npm_package_version) ?? "unknown";
+      const config = {
+        relayApiBaseUrl: relayApiBaseUrl.replace(/\/+$/, ""),
+        registrationToken,
+        hostname,
+        displayName,
+        version
+      };
+      try {
+        await registerLocatorToRelay(config);
+        return withCors(
+          request,
+          json({
+            ok: true,
+            locator: {
+              hostname,
+              source: "plugin",
+              lastSeenAt: Date.now(),
+              displayName,
+              version
+            }
+          })
+        );
+      } catch (error) {
+        return jsonError(
+          request,
+          "LOCATOR_REGISTRATION_FAILED",
+          error instanceof Error ? error.message : String(error),
+          502
+        );
+      }
+    }
+    return new Response("Not Found", { status: 404 });
+  };
+  if (typeof api.registerHttpHandler === "function") {
+    api.registerHttpHandler(handle);
+  } else if (typeof api.registerHttpRoute === "function") {
+    api.registerHttpRoute("/squad-internal/health", handle);
+    api.registerHttpRoute("/squad-internal/pairing/request", handle);
+    api.registerHttpRoute("/squad-internal/pairing/status", handle);
+    api.registerHttpRoute("/squad-internal/locator/register", handle);
+    api.registerHttpRoute("/squad-internal/*", handle);
+  } else if (typeof api.registerHttpMiddleware === "function") {
+    api.registerHttpMiddleware(handle);
+  } else {
+    console.warn("[squad-openclaw] no supported HTTP registration API found for tailnet routes");
+  }
+  const registrationConfig = readRegistrationConfig();
+  if (!registrationConfig) return;
+  const runRegistration = async () => {
+    try {
+      await registerLocatorToRelay(registrationConfig);
+      console.log("[squad-openclaw] tailnet locator registered");
+    } catch (error) {
+      console.warn(
+        "[squad-openclaw] tailnet locator registration failed:",
+        error instanceof Error ? error.message : String(error)
+      );
+    }
+  };
+  void runRegistration();
+  const timer = setInterval(() => {
+    void runRegistration();
+  }, LOCATOR_REFRESH_INTERVAL_MS);
+  const teardown = () => {
+    clearInterval(timer);
+  };
+  if (typeof api.onShutdown === "function") {
+    api.onShutdown(teardown);
+  } else if (typeof api.on === "function") {
+    const maybeOff = api.on("shutdown", teardown);
+    if (typeof maybeOff === "function") {
+    }
+  }
+}
+
 // src/index.ts
 function squadAppPlugin(api) {
-  const onFsChange = (evt) => broadcastToUsers("fs.change", evt);
-  const sharedApi = registerSquadSharedApi(api, onFsChange);
+  const sharedApi = registerSquadSharedApi(api);
   sharedApi.registerCoreGatewayMethods();
+  registerTailnetInternalRoutes(api);
   void runStartupMigrations(api);
-  const relayState = readRelayState();
-  const relayEnabled = !!(relayState.claimToken || relayState.roomId);
-  if (relayEnabled) {
-    const relayUrl = process.env.OPENCLAW_SQUAD_RELAY_URL || process.env.SQUAD_RELAY_URL || "wss://relay.squad.ceo";
-    startRelayClient(api, relayUrl);
-  }
 }
 export {
   squadAppPlugin as default