svamp-cli 0.2.101 → 0.2.103

package/dist/{headlessCli-DcP8eawK.mjs → headlessCli-D7NXB73S.mjs}

@@ -1,5 +1,5 @@
-import { E as resolveModel, N as describeMisconfiguration, O as buildMachineDeps } from './run-CsMTSngP.mjs';
-import { handleRealtimeEvent, initMachineVoiceSession } from './sideband-C10Ni7p_.mjs';
+import { E as resolveModel, N as describeMisconfiguration, O as buildMachineDeps } from './run-BmZjAEob.mjs';
+import { handleRealtimeEvent, initMachineVoiceSession } from './sideband-CNyGVxRy.mjs';
 import { WebSocket } from 'ws';
 import { execSync, spawn } from 'child_process';
 import 'os';
@@ -14,6 +14,7 @@ import 'util';
 import 'node:crypto';
 import 'node:path';
 import 'node:os';
+import 'node:events';
 import '@agentclientprotocol/sdk';
 import '@modelcontextprotocol/sdk/client/index.js';
 import '@modelcontextprotocol/sdk/client/stdio.js';

package/dist/{httpServer-wwHHk1EM.mjs → httpServer-D9qLS8ed.mjs}

@@ -52,6 +52,62 @@ function createChannelHttpServer(deps) {
         res.writeHead(200, { "content-type": "text/markdown" }).end(d.skill?.body || "");
         return;
       }
+      const keyOf = () => (req.headers.authorization || "").replace(/^Bearer\s+/i, "") || u.searchParams.get("key") || void 0;
+      m = u.pathname.match(/^\/channel\/([\w.-]+)\/receive$/);
+      if (m) {
+        const rpc2 = await findOwner(deps, m[1]);
+        if (!rpc2?.channelReceive) {
+          json(404, { error: "channel not found" });
+          return;
+        }
+        const out = await rpc2.channelReceive({
+          channel: m[1],
+          key: keyOf(),
+          from: u.searchParams.get("from") || void 0,
+          cursor: Number(u.searchParams.get("cursor") || 0),
+          correlationId: u.searchParams.get("correlationId") || void 0,
+          wait: u.searchParams.get("wait") != null ? Number(u.searchParams.get("wait")) : void 0
+        });
+        json(out?.error ? out.error === "channel not found" ? 404 : 401 : 200, out);
+        return;
+      }
+      m = u.pathname.match(/^\/channel\/([\w.-]+)\/events$/);
+      if (m) {
+        const rpc2 = await findOwner(deps, m[1]);
+        if (!rpc2?.channelReceive) {
+          res.writeHead(404).end("not found");
+          return;
+        }
+        const key = keyOf();
+        const from = u.searchParams.get("from") || void 0;
+        let cursor = Number(u.searchParams.get("cursor") || 0);
+        res.writeHead(200, { "content-type": "text/event-stream", "cache-control": "no-cache", connection: "keep-alive", "x-accel-buffering": "no" });
+        res.write(": connected\n\n");
+        let closed = false;
+        req.on("close", () => {
+          closed = true;
+        });
+        while (!closed) {
+          const out = await rpc2.channelReceive({ channel: m[1], key, from, cursor, wait: 25 });
+          if (out?.error) {
+            res.write(`event: error
+data: ${JSON.stringify({ error: out.error })}
+
+`);
+            break;
+          }
+          for (const reply of out.replies || []) res.write(`data: ${JSON.stringify(reply)}
+
+`);
+          cursor = out.cursor ?? cursor;
+          if (!(out.replies || []).length) res.write(": keepalive\n\n");
+        }
+        try {
+          res.end();
+        } catch {
+        }
+        return;
+      }
       m = u.pathname.match(/^\/channel\/([\w.-]+)$/);
       if (!m) {
         json(404, { error: "not found" });

package/dist/index.mjs

@@ -1,4 +1,4 @@
-export { c as connectToHypha, a as createSessionStore, d as daemonStatus, g as getHyphaServerUrl, r as registerMachineService, s as startDaemon, b as stopDaemon } from './run-CsMTSngP.mjs';
+export { c as connectToHypha, a as createSessionStore, d as daemonStatus, g as getHyphaServerUrl, r as registerMachineService, s as startDaemon, b as stopDaemon } from './run-BmZjAEob.mjs';
 import 'os';
 import 'fs/promises';
 import 'fs';
@@ -12,6 +12,7 @@ import 'util';
 import 'node:crypto';
 import 'node:path';
 import 'node:os';
+import 'node:events';
 import '@agentclientprotocol/sdk';
 import '@modelcontextprotocol/sdk/client/index.js';
 import '@modelcontextprotocol/sdk/client/stdio.js';

package/dist/{package-DHxiXJ3N.mjs → package-fu3Jsw1q.mjs}

@@ -1,5 +1,5 @@
 var name = "svamp-cli";
-var version = "0.2.101";
+var version = "0.2.103";
 var description = "Svamp CLI — AI workspace daemon on Hypha Cloud";
 var author = "Amun AI AB";
 var license = "SEE LICENSE IN LICENSE";
@@ -19,7 +19,7 @@ var exports$1 = {
 var scripts = {
 	build: "rm -rf dist bin/skills && mkdir -p bin/skills && cp -r ../../skills/artifact bin/skills/artifact && cp -r ../../skills/loop bin/skills/loop && tsc --noEmit && pkgroll",
 	typecheck: "tsc --noEmit",
-	test: "npx tsx test/test-context-window.mjs && npx tsx test/test-instance-config.mjs && npx tsx test/test-authorize.mjs && npx tsx test/test-normalize-allowed-user.mjs && npx tsx test/test-share-url.mjs && npx tsx test/test-update-sharing-normalization.mjs && npx tsx test/test-staged-homes-sweep.mjs && npx tsx test/test-session-helpers.mjs && npx tsx test/test-cli-routing.mjs && npx tsx test/test-security-context.mjs && npx tsx test/test-isolation-decision.mjs && npx tsx test/test-loop-activation.mjs && npx tsx test/test-message-helpers.mjs && npx tsx test/test-agent-config.mjs && npx tsx test/test-wrap-command.mjs && npx tsx test/test-credential-staging.mjs && npx tsx test/test-claude-auth.mjs && npx tsx test/test-output-formatters.mjs && npx tsx test/test-inbox-guard.mjs && npx tsx test/test-agent-types.mjs && npx tsx test/test-transport.mjs && npx tsx test/test-session-update-handlers.mjs && npx tsx test/test-session-scanner.mjs && npx tsx test/test-hypha-client.mjs && npx tsx test/test-hook-settings.mjs && npx tsx test/test-session-service-logic.mjs && npx tsx test/test-daemon-persistence.mjs && npx tsx test/test-detect-isolation.mjs && npx tsx test/test-machine-service-logic.mjs && npx tsx test/test-interactive-helpers.mjs && npx tsx test/test-codex-backend.mjs && npx tsx test/test-acp-backend.mjs && npx tsx test/test-acp-bridge.mjs && npx tsx test/test-hook-server.mjs && npx tsx test/test-session-commands.mjs && npx tsx test/test-interactive-console.mjs && npx tsx test/test-session-messages.mjs && npx tsx test/test-session-send-query.mjs && npx tsx test/test-skills.mjs && npx tsx test/test-agent-grouping.mjs && npx tsx test/test-machine-list-directory.mjs && npx tsx test/test-service-commands.mjs && npx tsx test/test-supervisor.mjs && npx tsx test/test-supervisor-lock.mjs && node test/test-supervisor-restart.mjs && npx tsx test/test-clear-detection.mjs && npx tsx test/test-session-consolidation.mjs && npx tsx test/test-inbox.mjs && npx tsx test/test-session-rpc-dispatch.mjs && npx tsx test/test-sandbox-cli.mjs && npx tsx test/test-serve-manager.mjs && npx tsx test/test-serve-stability.mjs && npx tsx test/test-frpc-e2e.mjs --unit-only && node test/pinnedClaudeCode.test.mjs && node test/fleet.test.mjs && npx tsx test/test-routine.mjs && npx tsx test/test-routine-rpc.mjs && npx tsx test/test-session-file.mjs && npx tsx test/test-channel-rpc.mjs && npx tsx test/test-wise-agent.mjs && npx tsx test/test-channel-agent.mjs && npx tsx test/test-channels-service.mjs && npx tsx test/test-wise-agent-auth.mjs && npx tsx test/test-channel-http.mjs && npx tsx test/test-wise-voice.mjs && npx tsx test/test-wise-headless.mjs && npx tsx test/test-wise-machine.mjs",
+	test: "npx tsx test/test-context-window.mjs && npx tsx test/test-instance-config.mjs && npx tsx test/test-authorize.mjs && npx tsx test/test-normalize-allowed-user.mjs && npx tsx test/test-share-url.mjs && npx tsx test/test-update-sharing-normalization.mjs && npx tsx test/test-staged-homes-sweep.mjs && npx tsx test/test-session-helpers.mjs && npx tsx test/test-cli-routing.mjs && npx tsx test/test-security-context.mjs && npx tsx test/test-isolation-decision.mjs && npx tsx test/test-loop-activation.mjs && npx tsx test/test-message-helpers.mjs && npx tsx test/test-agent-config.mjs && npx tsx test/test-wrap-command.mjs && npx tsx test/test-credential-staging.mjs && npx tsx test/test-claude-auth.mjs && npx tsx test/test-output-formatters.mjs && npx tsx test/test-inbox-guard.mjs && npx tsx test/test-agent-types.mjs && npx tsx test/test-transport.mjs && npx tsx test/test-session-update-handlers.mjs && npx tsx test/test-session-scanner.mjs && npx tsx test/test-hypha-client.mjs && npx tsx test/test-hook-settings.mjs && npx tsx test/test-session-service-logic.mjs && npx tsx test/test-daemon-persistence.mjs && npx tsx test/test-detect-isolation.mjs && npx tsx test/test-machine-service-logic.mjs && npx tsx test/test-interactive-helpers.mjs && npx tsx test/test-codex-backend.mjs && npx tsx test/test-acp-backend.mjs && npx tsx test/test-acp-bridge.mjs && npx tsx test/test-hook-server.mjs && npx tsx test/test-session-commands.mjs && npx tsx test/test-interactive-console.mjs && npx tsx test/test-session-messages.mjs && npx tsx test/test-session-send-query.mjs && npx tsx test/test-skills.mjs && npx tsx test/test-agent-grouping.mjs && npx tsx test/test-machine-list-directory.mjs && npx tsx test/test-service-commands.mjs && npx tsx test/test-supervisor.mjs && npx tsx test/test-supervisor-lock.mjs && node test/test-supervisor-restart.mjs && npx tsx test/test-clear-detection.mjs && npx tsx test/test-session-consolidation.mjs && npx tsx test/test-inbox.mjs && npx tsx test/test-session-rpc-dispatch.mjs && npx tsx test/test-sandbox-cli.mjs && npx tsx test/test-serve-manager.mjs && npx tsx test/test-serve-stability.mjs && npx tsx test/test-frpc-e2e.mjs --unit-only && node test/pinnedClaudeCode.test.mjs && node test/fleet.test.mjs && npx tsx test/test-routine.mjs && npx tsx test/test-routine-rpc.mjs && npx tsx test/test-session-file.mjs && npx tsx test/test-channel-rpc.mjs && npx tsx test/test-wise-agent.mjs && npx tsx test/test-channel-agent.mjs && npx tsx test/test-channels-service.mjs && npx tsx test/test-channel-async-reply.mjs && npx tsx test/test-wise-agent-auth.mjs && npx tsx test/test-channel-http.mjs && npx tsx test/test-wise-voice.mjs && npx tsx test/test-wise-headless.mjs && npx tsx test/test-wise-machine.mjs",
 	"test:hypha": "node --no-warnings test/test-hypha-service.mjs",
 	dev: "tsx src/cli.ts",
 	"dev:daemon": "tsx src/cli.ts daemon start-sync",

package/dist/{run-CsMTSngP.mjs → run-BmZjAEob.mjs}

@@ -11,6 +11,7 @@ import { promisify } from 'util';
 import { randomBytes, randomUUID, createHash } from 'node:crypto';
 import { join as join$1 } from 'node:path';
 import os, { homedir, platform } from 'node:os';
+import { EventEmitter } from 'node:events';
 import { ndJsonStream, ClientSideConnection } from '@agentclientprotocol/sdk';
 import { Client } from '@modelcontextprotocol/sdk/client/index.js';
 import { StdioClientTransport } from '@modelcontextprotocol/sdk/client/stdio.js';
@@ -2165,7 +2166,7 @@ async function registerMachineService(server, machineId, metadata, daemonState,
         const tunnels = handlers.tunnels;
         if (!tunnels) throw new Error("Tunnel management not available");
         if (tunnels.has(params.name)) throw new Error(`Tunnel '${params.name}' already running`);
-        const { FrpcTunnel } = await import('./frpc-WVnBbyjf.mjs');
+        const { FrpcTunnel } = await import('./frpc-Dn5pmk_f.mjs');
         const tunnel = new FrpcTunnel({
           name: params.name,
           ports: params.ports,
@@ -2426,7 +2427,7 @@ QUESTION: ${params.question || "Summarize this concisely."}` }
           }
           const deps = buildSessionDeps(rpc, { cwd, ownerEmail: owner });
           const sender = { name: context?.user?.email || context?.user?.id || "user", kind: "user", verified: true };
-          const { toolsForRole } = await import('./sideband-C10Ni7p_.mjs');
+          const { toolsForRole } = await import('./sideband-CNyGVxRy.mjs');
           const r2 = await runWiseAgent({ message: params.message, sender, config: { tools: toolsForRole(role2) }, deps, transport, model: resolved.model });
           return fmt(r2);
         }
@@ -2502,7 +2503,15 @@ ${d?.error || "not found"}`;
         trackInbound();
         const rpc = await findChannelOwner(kwargs.channel);
         if (!rpc?.channelSend) return { error: "channel not found" };
-        return rpc.channelSend({ channel: kwargs.channel, message: kwargs.message, from: kwargs.from, key: kwargs.key }, context);
+        return rpc.channelSend({ channel: kwargs.channel, message: kwargs.message, from: kwargs.from, key: kwargs.key, reply_to: kwargs.reply_to }, context);
+      },
+      // Async reply retrieval for queue-mode channels — long-poll the channel outbox
+      // for replies addressed to the caller. Channel-identity auth (key/from).
+      receive: async (kwargs = {}, context) => {
+        trackInbound();
+        const rpc = await findChannelOwner(kwargs.channel);
+        if (!rpc?.channelReceive) return { error: "channel not found" };
+        return rpc.channelReceive({ channel: kwargs.channel, key: kwargs.key, from: kwargs.from, cursor: kwargs.cursor, correlationId: kwargs.correlationId, wait: kwargs.wait }, context);
       }
     },
     { overwrite: true }
@@ -2960,10 +2969,27 @@ function generateSkillBody(channel, ctx) {
   const sendUrl = `${gw}/send`;
   const key = ctx?.key || "<your-key>";
   const isAgent = channel.action?.kind === "agent";
+  const isQueue = channel.reply?.mode === "queue";
+  const recvUrl = `${gw}/receive`;
   const hyphaOpen = (channel.identity?.hypha_allow || []).length > 0;
   const name = channel.skill?.name || channel.name;
   const desc = channel.skill?.description || channel.description || `Send a message to the "${channel.name}" channel.`;
-  const replyNote = isAgent ? `This is a **WISE Agent** channel: \`send()\` runs a fast assistant against the session's tools/skills and returns its answer synchronously in the result \`reply\`.` : `Delivery is fire-and-forget \u2014 the message lands in the agent's inbox, tagged with your verified identity (\`from\`).`;
+  const replyNote = isAgent ? `This is a **WISE Agent** channel: \`send()\` runs a fast assistant against the session's tools/skills and returns its answer synchronously in the result \`reply\`.` : isQueue ? `This is an **async** channel: \`send()\` returns a \`correlationId\` and the agent replies later \u2014 poll \`receive()\` (or GET /receive \xB7 /events) for replies addressed to you.` : `Delivery is fire-and-forget \u2014 the message lands in the agent's inbox, tagged with your verified identity (\`from\`).`;
+  const queueSection = isQueue ? `
+
+## Getting the reply (async)
+\`send()\` returns \`{ correlationId }\`. The agent answers later; retrieve replies addressed
+to you by **long-polling** \`receive\` with a cursor you advance each call:
+\`\`\`js
+const { correlationId } = await get_service("${svc}").send({ channel: "${channel.id}", message: "\u2026", from: "your-name" });
+let cursor = 0;
+while (true) {
+  const r = await get_service("${svc}").receive({ channel: "${channel.id}", key: "${key}", cursor, wait: 25 });
+  cursor = r.cursor;
+  for (const reply of r.replies) if (reply.correlationId === correlationId) return reply.body;
+}
+\`\`\`
+**HTTP:** \`POST ${recvUrl}\` with \`{"kwargs": {"channel": "${channel.id}", "key": "${key}", "cursor": 0, "wait": 25}}\` (long-poll), or stream \`GET <channel-http>/channel/${channel.id}/events?key=${key}\` (SSE).` : "";
   const rpcLine = hyphaOpen ? `**Hypha RPC** \u2014 preferred. Your verified Hypha identity is accepted, no key needed:` : `**Hypha RPC** \u2014 verified identity:`;
   return `---
 name: ${name}
@@ -2991,7 +3017,139 @@ POST ${sendUrl}
 Content-Type: application/json
 
 {"kwargs": {"channel": "${channel.id}", "message": "your message here", "from": "your-name", "key": "${key}"}}
-\`\`\``;
+\`\`\`${queueSection}`;
+}
+
+const MAX_PER_CHANNEL = 200;
+const TTL_MS = 60 * 60 * 1e3;
+class ChannelOutbox {
+  file;
+  byChannel = /* @__PURE__ */ new Map();
+  seqByChannel = /* @__PURE__ */ new Map();
+  emitter = new EventEmitter();
+  constructor(projectDir) {
+    const dir = join$1(projectDir, ".svamp", "channels");
+    this.file = join$1(dir, "_outbox.jsonl");
+    this.emitter.setMaxListeners(0);
+    try {
+      mkdirSync$1(dir, { recursive: true });
+    } catch {
+    }
+    this._load();
+  }
+  _load() {
+    if (!existsSync(this.file)) return;
+    const cutoff = Date.now() - TTL_MS;
+    try {
+      for (const line of readFileSync(this.file, "utf8").split("\n")) {
+        if (!line.trim()) continue;
+        let rec = null;
+        try {
+          rec = JSON.parse(line);
+        } catch {
+          continue;
+        }
+        if (!rec || rec.ts < cutoff) continue;
+        const { channelId, ...reply } = rec;
+        const arr = this.byChannel.get(channelId) || [];
+        arr.push(reply);
+        this.byChannel.set(channelId, arr);
+        this.seqByChannel.set(channelId, Math.max(this.seqByChannel.get(channelId) || 0, reply.seq));
+      }
+      for (const [ch, arr] of this.byChannel) if (arr.length > MAX_PER_CHANNEL) this.byChannel.set(ch, arr.slice(-MAX_PER_CHANNEL));
+    } catch {
+    }
+  }
+  _evict(channelId) {
+    const cutoff = Date.now() - TTL_MS;
+    let arr = this.byChannel.get(channelId);
+    if (!arr) return;
+    if (arr.some((r) => r.ts < cutoff)) arr = arr.filter((r) => r.ts >= cutoff);
+    if (arr.length > MAX_PER_CHANNEL) arr = arr.slice(-MAX_PER_CHANNEL);
+    this.byChannel.set(channelId, arr);
+  }
+  /** Append a reply addressed to `to`. Assigns seq + ts, persists, and wakes waiters. */
+  append(channelId, r) {
+    const seq = (this.seqByChannel.get(channelId) || 0) + 1;
+    this.seqByChannel.set(channelId, seq);
+    const reply = { seq, ts: Date.now(), to: r.to, body: r.body, ...r.correlationId ? { correlationId: r.correlationId } : {} };
+    const arr = this.byChannel.get(channelId) || [];
+    arr.push(reply);
+    this.byChannel.set(channelId, arr);
+    this._evict(channelId);
+    try {
+      appendFileSync(this.file, JSON.stringify({ channelId, ...reply }) + "\n");
+    } catch {
+      try {
+        mkdirSync$1(join$1(this.file, ".."), { recursive: true });
+        appendFileSync(this.file, JSON.stringify({ channelId, ...reply }) + "\n");
+      } catch {
+      }
+    }
+    this.emitter.emit(channelId, reply);
+    return reply;
+  }
+  /** Replies for `to` on `channelId` with seq > cursor (optionally one correlationId). */
+  since(channelId, cursor, to, correlationId) {
+    this._evict(channelId);
+    return (this.byChannel.get(channelId) || []).filter((r) => r.seq > cursor && r.to === to && (!correlationId || r.correlationId === correlationId));
+  }
+  /** Highest seq on a channel (the cursor a caller gets back). */
+  cursor(channelId) {
+    return this.seqByChannel.get(channelId) || 0;
+  }
+  /**
+   * Long-poll: resolve immediately if there are replies after `cursor`, else wait for
+   * the next append (filtered to this channel + `to`) or `timeoutMs`, then return.
+   */
+  wait(channelId, cursor, to, timeoutMs, correlationId) {
+    const ready = this.since(channelId, cursor, to, correlationId);
+    if (ready.length) return Promise.resolve({ replies: ready, cursor: this.cursor(channelId) });
+    return new Promise((resolve) => {
+      const onReply = (r) => {
+        if (r.to !== to || correlationId && r.correlationId !== correlationId) return;
+        cleanup();
+        resolve({ replies: this.since(channelId, cursor, to, correlationId), cursor: this.cursor(channelId) });
+      };
+      const timer = setTimeout(() => {
+        cleanup();
+        resolve({ replies: [], cursor: this.cursor(channelId) });
+      }, Math.max(0, timeoutMs));
+      const cleanup = () => {
+        clearTimeout(timer);
+        this.emitter.off(channelId, onReply);
+      };
+      this.emitter.on(channelId, onReply);
+    });
+  }
+  /** Push subscription for SSE: calls onReply for each new reply addressed to `to`. */
+  subscribe(channelId, to, onReply) {
+    const handler = (r) => {
+      if (r.to === to) onReply(r);
+    };
+    this.emitter.on(channelId, handler);
+    return () => this.emitter.off(channelId, handler);
+  }
+  /** Drop a channel's outbox (on channel delete) — best-effort rewrite of the log. */
+  purge(channelId) {
+    this.byChannel.delete(channelId);
+    this.seqByChannel.delete(channelId);
+    if (!existsSync(this.file)) return;
+    try {
+      const kept = readFileSync(this.file, "utf8").split("\n").filter((l) => {
+        if (!l.trim()) return false;
+        try {
+          return JSON.parse(l).channelId !== channelId;
+        } catch {
+          return false;
+        }
+      });
+      const tmp = this.file + ".tmp";
+      writeFileSync$1(tmp, kept.join("\n") + (kept.length ? "\n" : ""));
+      renameSync$1(tmp, this.file);
+    } catch {
+    }
+  }
 }
 
 function resolveSender(channel, input = {}) {
@@ -3269,6 +3427,7 @@ function createSessionStore(server, sessionId, initialMetadata, initialAgentStat
     callbacks.onMetadataUpdate?.(metadata);
   };
   const channelStore = new ChannelStore(initialMetadata.path);
+  const channelOutbox = new ChannelOutbox(initialMetadata.path);
   const cfg = server?.config || {};
   const channelsServiceId = cfg.workspace && cfg.client_id ? `${cfg.workspace}/${cfg.client_id}:channels` : void 0;
   const channelsBaseUrl = cfg.public_base_url || process.env.HYPHA_SERVER_URL || "https://hypha.aicell.io";
@@ -3476,6 +3635,7 @@ function createSessionStore(server, sessionId, initialMetadata, initialAgentStat
     removeChannel: async (id, context) => {
       authorizeRequest(context, metadata.sharing, "admin");
       const ok = channelStore.remove(id);
+      channelOutbox.purge(id);
       syncChannelsToMetadata();
       return { success: ok };
     },
@@ -3546,6 +3706,8 @@ function createSessionStore(server, sessionId, initialMetadata, initialAgentStat
           return { ok: result.status === "completed", call_id: callId, status: result.status, reply: result.reply, tool_calls: result.toolCalls, error: result.error };
         }
         if (c.action?.kind === "loop") return { error: "loop channels are served by the channel server, not channelSend" };
+        const queue = c.reply?.mode === "queue";
+        const replySession = queue ? params.reply_to?.session : void 0;
         const inboxMsg = {
           messageId: callId,
           body: xmlEscape(String(params.message ?? "").slice(0, 16 * 1024)),
@@ -3554,17 +3716,56 @@ function createSessionStore(server, sessionId, initialMetadata, initialAgentStat
           from: r.sender.name,
           verified: r.sender.verified,
           channel: c.name,
-          subject: c.name
+          subject: c.name,
+          ...replySession ? { fromSession: replySession, threadId: callId } : {},
+          ...queue && !replySession ? { channelId: c.id, correlationId: callId } : {}
         };
         await rpcHandlers.sendInboxMessage(inboxMsg, ownerCtx);
         channelStore.recordCall(c.id, { sender: r.sender.name, verified: r.sender.verified, callId, outcome: "delivered" });
         syncChannelsToMetadata();
-        return { ok: true, call_id: callId, status: "accepted" };
+        return { ok: true, call_id: callId, status: queue ? "queued" : "accepted", ...queue ? { correlationId: callId } : {} };
       } catch (e) {
         channelStore.recordCall(c.id, { sender: r.sender.name, verified: r.sender.verified, callId, outcome: "error" });
         return { ok: false, call_id: callId, status: "error", error: e?.message || String(e) };
       }
     },
+    // Agent/owner answers a queued (async) channel message → channel outbox, addressed
+    // to the original external caller. Routed here by `inbox reply` for channel-origin
+    // inbox messages (which carry channelId + correlationId + from). Owner-gated since
+    // it's the session speaking on its own behalf.
+    channelReply: async (params, context) => {
+      authorizeRequest(context, metadata.sharing, "interact");
+      const c = channelStore.get(params.channel);
+      if (!c) return { ok: false, error: "channel not found" };
+      if (!params.to || !params.body) return { ok: false, error: "to and body are required" };
+      const reply = channelOutbox.append(c.id, {
+        correlationId: params.correlationId,
+        to: String(params.to),
+        body: String(params.body).slice(0, 16 * 1024)
+      });
+      channelStore.recordCall(c.id, { sender: String(params.to), verified: true, callId: params.correlationId || `seq_${reply.seq}`, outcome: "replied" });
+      return { ok: true, seq: reply.seq };
+    },
+    // External caller retrieves async replies addressed to it. Channel-identity auth
+    // (key/from) — NOT session sharing. Long-polls up to `wait` seconds for new replies
+    // after `cursor`; the caller advances `cursor` each call (ack-by-cursor).
+    channelReceive: async (params, context) => {
+      const c = channelStore.get(params.channel);
+      if (!c || c.enabled === false) return { error: "channel not found" };
+      const u = context?.user;
+      const r = resolveSender(c, {
+        key: params.key,
+        from: params.from,
+        hyphaUser: u && u.is_anonymous !== true ? u.email || u.id : void 0,
+        hyphaAnonymous: u?.is_anonymous === true,
+        hyphaWorkspace: u?.scope?.current_workspace
+      });
+      if (r.error || !r.sender) return { error: r.error || "unauthorized" };
+      const cursor = Math.max(0, Number(params.cursor) || 0);
+      const waitMs = Math.min(Math.max(0, Number(params.wait ?? 25) * 1e3), 6e4);
+      const out = await channelOutbox.wait(c.id, cursor, r.sender.name, waitMs, params.correlationId);
+      return { ok: true, replies: out.replies, cursor: out.cursor };
+    },
     // ── Agent State ──
     getAgentState: async (context) => {
       authorizeRequest(context, metadata.sharing, "view");
@@ -3909,6 +4110,9 @@ function createSessionStore(server, sessionId, initialMetadata, initialAgentStat
         const child = spawn("claude", args, {
           cwd,
           timeout: 6e4,
+          // Ignore stdin: --print otherwise waits ~3s for piped input ("no stdin
+          // data received in 3s, proceeding without it") — pure latency per /btw.
+          stdio: ["ignore", "pipe", "pipe"],
           env: { ...process.env, CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC: "1" }
         });
         let stdout = "";
@@ -9342,6 +9546,17 @@ function isLoopActive(directory) {
   const s = readLoopState(directory);
   return !!s && s.active !== false && s.phase !== "done" && s.phase !== "gave_up" && s.phase !== "cancelled";
 }
+function loopOwnerSession(directory) {
+  const s = readLoopState(directory);
+  if (!s || s.active === false || s.phase === "done" || s.phase === "gave_up" || s.phase === "cancelled") return null;
+  return typeof s.session_id === "string" ? s.session_id : null;
+}
+function isLoopActiveForSession(directory, sessionId) {
+  const s = readLoopState(directory);
+  if (!s || s.active === false || s.phase === "done" || s.phase === "gave_up" || s.phase === "cancelled") return false;
+  if (typeof s.session_id !== "string") return true;
+  return s.session_id === sessionId;
+}
 function resolveLoopInit() {
   const candidates = [
     join(CLAUDE_SKILLS_DIR, "loop", "bin", "loop-init.mjs"),
@@ -9359,6 +9574,7 @@ function initLoop(directory, cfg) {
   if (typeof cfg.maxIterations === "number") args.push("--max", String(cfg.maxIterations));
   args.push("--evaluator", cfg.evaluator === false ? "off" : "on");
   if (cfg.model) args.push("--model", cfg.model);
+  if (cfg.sessionId) args.push("--session", cfg.sessionId);
   const res = spawnSync(process.execPath, args, { encoding: "utf-8", timeout: 3e4 });
   return res.status === 0;
 }
@@ -9460,7 +9676,8 @@ function createSvampConfigChecker(directory, sessionId, getMetadata, setMetadata
           criteria: typeof lp.criteria === "string" && lp.criteria.trim() ? lp.criteria.trim() : void 0,
           oracle,
           maxIterations,
-          evaluator
+          evaluator,
+          sessionId
         });
         if (ok) {
           const existingQueue = getMetadata().messageQueue || [];
@@ -9922,7 +10139,7 @@ async function startDaemon(options) {
     const list = loadExposedTunnels().filter((t) => t.name !== name);
     saveExposedTunnels(list);
   }
-  const { ServeManager } = await import('./serveManager-DfETVSOb.mjs');
+  const { ServeManager } = await import('./serveManager-D6lGn8jh.mjs');
   const serveManager = new ServeManager(SVAMP_HOME, (msg) => logger.log(`[SERVE] ${msg}`), hyphaServerUrl);
   ensureAutoInstalledSkills(logger).catch(() => {
   });
@@ -10034,7 +10251,7 @@ async function startDaemon(options) {
           }
         }, shouldAutoAllow2 = function(toolName, toolInput) {
           if (toolName === "AskUserQuestion") {
-            return isLoopActive(directory);
+            return isLoopActiveForSession(directory, sessionId);
           }
           if (toolName === "Bash") {
             const inputObj = toolInput;
@@ -10047,7 +10264,7 @@ async function startDaemon(options) {
           } else if (allowedTools.has(toolName)) {
             return true;
           }
-          if (isLoopActive(directory)) return true;
+          if (isLoopActiveForSession(directory, sessionId)) return true;
           if (currentPermissionMode === "bypassPermissions" || currentPermissionMode === "yolo") return true;
           if ((currentPermissionMode === "acceptEdits" || currentPermissionMode === "safe-yolo") && EDIT_TOOLS.has(toolName)) return true;
           return false;
@@ -10412,6 +10629,12 @@ async function startDaemon(options) {
                   logger.log(`[Session ${sessionId}] Permission request: ${requestId} (corr=${correlationId}) tool=${toolName}`);
                   if (shouldAutoAllow2(toolName, toolInput)) {
                     logger.log(`[Session ${sessionId}] Auto-allowing ${toolName} (mode=${currentPermissionMode})`);
+                    if (toolName === "AskUserQuestion") {
+                      sessionService.pushMessage(
+                        { type: "message", message: "\u{1F501} Question auto-dismissed \u2014 a loop is running, so there is no human to prompt. The agent will proceed as if the questions were skipped.", level: "warning" },
+                        "event"
+                      );
+                    }
                     if (claudeProcess && !claudeProcess.killed && claudeProcess.stdin) {
                       const controlResponse = JSON.stringify({
                         type: "control_response",
@@ -10582,6 +10805,10 @@ async function startDaemon(options) {
                     }
                     if (msg.session_id) {
                       claudeResumeId = msg.session_id;
+                      if (sessionMetadata.claudeSessionId !== msg.session_id) {
+                        sessionMetadata = { ...sessionMetadata, claudeSessionId: msg.session_id };
+                        sessionService.updateMetadata(sessionMetadata);
+                      }
                     }
                     signalProcessing(false);
                     sessionWasProcessing = false;
@@ -11485,7 +11712,7 @@ ${capturedError}${buildClaudeErrorHint(capturedError)}`;
           } else if (allowedTools.has(toolName)) {
             return true;
           }
-          if (isLoopActive(directory)) return true;
+          if (isLoopActiveForSession(directory, sessionId)) return true;
           if (currentPermissionMode === "bypassPermissions" || currentPermissionMode === "yolo") return true;
           if ((currentPermissionMode === "acceptEdits" || currentPermissionMode === "safe-yolo") && EDIT_TOOLS.has(toolName)) return true;
           return false;
@@ -12212,7 +12439,7 @@ ${capturedError}${buildClaudeErrorHint(capturedError)}`;
     const channelHttpPort = Number(process.env.SVAMP_CHANNEL_HTTP_PORT) || 0;
     if (channelHttpPort > 0) {
       try {
-        const { createChannelHttpServer } = await import('./httpServer-wwHHk1EM.mjs');
+        const { createChannelHttpServer } = await import('./httpServer-D9qLS8ed.mjs');
         const channelHttpServer = createChannelHttpServer({
           getSessionIds: () => {
             const ids = [];
@@ -12233,7 +12460,7 @@ ${capturedError}${buildClaudeErrorHint(capturedError)}`;
       const specs = loadExposedTunnels();
       if (specs.length === 0) return;
       logger.log(`[exposed-tunnels] Restoring ${specs.length} tunnel(s) from ${EXPOSED_TUNNELS_FILE}`);
-      const { FrpcTunnel } = await import('./frpc-WVnBbyjf.mjs');
+      const { FrpcTunnel } = await import('./frpc-Dn5pmk_f.mjs');
       for (const spec of specs) {
         if (tunnels.has(spec.name)) continue;
         try {
@@ -12315,6 +12542,19 @@ ${capturedError}${buildClaudeErrorHint(capturedError)}`;
     }
     const sessionsToAutoContinue = [];
     const sessionsToLoopResume = [];
+    {
+      const knownSessionIds = new Set(persistedSessions.map((p) => p.sessionId));
+      const sweptDirs = /* @__PURE__ */ new Set();
+      for (const p of persistedSessions) {
+        if (sweptDirs.has(p.directory)) continue;
+        sweptDirs.add(p.directory);
+        const owner = loopOwnerSession(p.directory);
+        if (owner && !knownSessionIds.has(owner)) {
+          deactivateLoop(p.directory);
+          logger.log(`[loop] Deactivated stale loop-state in ${p.directory} (owner session ${owner} no longer known)`);
+        }
+      }
+    }
     if (persistedSessions.length > 0) {
       logger.log(`Restoring ${persistedSessions.length} persisted session(s)...`);
       for (const persisted of persistedSessions) {
@@ -12359,7 +12599,7 @@ ${capturedError}${buildClaudeErrorHint(capturedError)}`;
             if (persisted.wasProcessing && persisted.claudeResumeId && !isOrphaned) {
               sessionsToAutoContinue.push(persisted.sessionId);
             }
-            if (!isOrphaned && !persisted.wasProcessing && isLoopActive(persisted.directory)) {
+            if (!isOrphaned && !persisted.wasProcessing && isLoopActiveForSession(persisted.directory, persisted.sessionId)) {
               sessionsToLoopResume.push({ sessionId: persisted.sessionId, directory: persisted.directory });
             }
           } else {
@@ -12406,7 +12646,7 @@ ${capturedError}${buildClaudeErrorHint(capturedError)}`;
           }
           setTimeout(async () => {
             try {
-              if (!isLoopActive(sessDir)) return;
+              if (!isLoopActiveForSession(sessDir, sessionId)) return;
               const prompt = "Continue the loop. Read LOOP.md and keep working toward the exit conditions until the Stop gate confirms completion.";
               await rpc.sendMessage(
                 JSON.stringify({

package/dist/{run-C7WSV8zx.mjs → run-DTOSfKSH.mjs}

@@ -2,7 +2,7 @@ import{createRequire as _pkgrollCR}from"node:module";const require=_pkgrollCR(im
 import os from 'node:os';
 import { resolve, join } from 'node:path';
 import { existsSync, readFileSync, watch } from 'node:fs';
-import { c as connectToHypha, a as createSessionStore, r as registerMachineService, P as generateHookSettings } from './run-CsMTSngP.mjs';
+import { c as connectToHypha, a as createSessionStore, r as registerMachineService, P as generateHookSettings } from './run-BmZjAEob.mjs';
 import { createServer } from 'node:http';
 import { spawn } from 'node:child_process';
 import { createInterface } from 'node:readline';
@@ -14,6 +14,7 @@ import 'url';
 import 'child_process';
 import 'crypto';
 import 'util';
+import 'node:events';
 import '@agentclientprotocol/sdk';
 import '@modelcontextprotocol/sdk/client/index.js';
 import '@modelcontextprotocol/sdk/client/stdio.js';

package/dist/{serveCommands-Can8WtLI.mjs → serveCommands-zFOjNs-0.mjs}

@@ -54,7 +54,7 @@ async function handleServeCommand() {
   }
 }
 async function serveAdd(args, machineId) {
-  const { connectAndGetMachine } = await import('./commands-CdxEOPUt.mjs');
+  const { connectAndGetMachine } = await import('./commands-C_DlMpl7.mjs');
   const pos = positionalArgs(args);
   const name = pos[0];
   if (!name) {
@@ -93,7 +93,7 @@ async function serveAdd(args, machineId) {
   }
 }
 async function serveApply(args, machineId) {
-  const { connectAndGetMachine } = await import('./commands-CdxEOPUt.mjs');
+  const { connectAndGetMachine } = await import('./commands-C_DlMpl7.mjs');
   const fs = await import('fs');
   const yaml = await import('yaml');
   const file = positionalArgs(args)[0];
@@ -182,7 +182,7 @@ async function serveApply(args, machineId) {
   }
 }
 async function serveRemove(args, machineId) {
-  const { connectAndGetMachine } = await import('./commands-CdxEOPUt.mjs');
+  const { connectAndGetMachine } = await import('./commands-C_DlMpl7.mjs');
   const pos = positionalArgs(args);
   const name = pos[0];
   if (!name) {
@@ -202,7 +202,7 @@ async function serveRemove(args, machineId) {
   }
 }
 async function serveList(args, machineId) {
-  const { connectAndGetMachine } = await import('./commands-CdxEOPUt.mjs');
+  const { connectAndGetMachine } = await import('./commands-C_DlMpl7.mjs');
   const all = hasFlag(args, "--all", "-a");
   const json = hasFlag(args, "--json");
   const sessionId = getFlag(args, "--session");
@@ -235,7 +235,7 @@ async function serveList(args, machineId) {
   }
 }
 async function serveInfo(machineId) {
-  const { connectAndGetMachine } = await import('./commands-CdxEOPUt.mjs');
+  const { connectAndGetMachine } = await import('./commands-C_DlMpl7.mjs');
   const { machine, server } = await connectAndGetMachine(machineId);
   try {
     const info = await machine.serveInfo();