svamp-cli 0.2.103 → 0.2.105

package/dist/{run-BmZjAEob.mjs → run-C89ZXpqq.mjs}

@@ -1,15 +1,15 @@
 import{createRequire as _pkgrollCR}from"node:module";const require=_pkgrollCR(import.meta.url);import os$1, { homedir as homedir$1 } from 'os';
 import fs, { mkdir as mkdir$1, readdir as readdir$1, readFile, writeFile as writeFile$1, rename, unlink } from 'fs/promises';
-import { readFileSync as readFileSync$1, mkdirSync, writeFileSync, renameSync, existsSync as existsSync$1, rmSync as rmSync$1, unlinkSync as unlinkSync$1, copyFileSync, watch, rmdirSync, readdirSync as readdirSync$1 } from 'fs';
-import path__default, { join, dirname, basename, resolve } from 'path';
+import { readFileSync as readFileSync$1, mkdirSync as mkdirSync$1, writeFileSync as writeFileSync$1, renameSync as renameSync$1, existsSync as existsSync$1, rmSync as rmSync$1, unlinkSync as unlinkSync$1, copyFileSync, watch, rmdirSync, readdirSync as readdirSync$1 } from 'fs';
+import path__default, { join as join$1, dirname, basename, resolve } from 'path';
 import { fileURLToPath } from 'url';
 import { execFile, spawn as spawn$1, execSync as execSync$1, spawnSync } from 'child_process';
 import { randomUUID as randomUUID$1 } from 'crypto';
-import { existsSync, readFileSync, mkdirSync as mkdirSync$1, readdirSync, writeFileSync as writeFileSync$1, renameSync as renameSync$1, rmSync, appendFileSync, unlinkSync } from 'node:fs';
+import { existsSync, readFileSync, mkdirSync, readdirSync, writeFileSync, renameSync, rmSync, appendFileSync, unlinkSync } from 'node:fs';
 import { exec, spawn, execSync, execFile as execFile$1, execFileSync } from 'node:child_process';
 import { promisify } from 'util';
+import { join } from 'node:path';
 import { randomBytes, randomUUID, createHash } from 'node:crypto';
-import { join as join$1 } from 'node:path';
 import os, { homedir, platform } from 'node:os';
 import { EventEmitter } from 'node:events';
 import { ndJsonStream, ClientSideConnection } from '@agentclientprotocol/sdk';
@@ -1121,6 +1121,367 @@ async function killDescendant(rootPid, targetPid, signal = "SIGTERM") {
   }
 }
 
+const FIELD_RANGES = [[0, 59], [0, 23], [1, 31], [1, 12], [0, 6]];
+function parseField(token, [min, max]) {
+  const set = /* @__PURE__ */ new Set();
+  for (const part of token.split(",")) {
+    let m;
+    if (part === "*") {
+      for (let i = min; i <= max; i++) set.add(i);
+    } else if (m = part.match(/^\*\/(\d+)$/)) {
+      const s = +m[1];
+      for (let i = min; i <= max; i += s) set.add(i);
+    } else if (m = part.match(/^(\d+)-(\d+)\/(\d+)$/)) {
+      for (let i = +m[1]; i <= +m[2]; i += +m[3]) set.add(i);
+    } else if (m = part.match(/^(\d+)-(\d+)$/)) {
+      for (let i = +m[1]; i <= +m[2]; i++) set.add(i);
+    } else if (m = part.match(/^(\d+)$/)) {
+      set.add(+m[1]);
+    } else throw new Error(`invalid cron field: "${token}"`);
+  }
+  for (const v of set) if (v < min || v > max) throw new Error(`cron value ${v} out of range [${min},${max}]`);
+  return set;
+}
+function parseCron(expr) {
+  const fields = String(expr).trim().split(/\s+/);
+  if (fields.length !== 5) throw new Error(`cron must have 5 fields, got ${fields.length}: "${expr}"`);
+  const [minute, hour, dom, month, dow] = fields.map((f, i) => parseField(f, FIELD_RANGES[i]));
+  return { minute, hour, dom, month, dow, domRestricted: fields[2] !== "*", dowRestricted: fields[4] !== "*" };
+}
+function cronMatches(expr, date) {
+  const c = typeof expr === "string" ? parseCron(expr) : expr;
+  if (!c.minute.has(date.getMinutes())) return false;
+  if (!c.hour.has(date.getHours())) return false;
+  if (!c.month.has(date.getMonth() + 1)) return false;
+  const domOk = c.dom.has(date.getDate());
+  const dowOk = c.dow.has(date.getDay());
+  if (c.domRestricted && c.dowRestricted) return domOk || dowOk;
+  return domOk && dowOk;
+}
+function inZone(date, tz) {
+  if (!tz) return date;
+  try {
+    const p = new Intl.DateTimeFormat("en-US", {
+      timeZone: tz,
+      hour12: false,
+      year: "numeric",
+      month: "2-digit",
+      day: "2-digit",
+      hour: "2-digit",
+      minute: "2-digit"
+    }).formatToParts(date).reduce((o, x) => {
+      o[x.type] = x.value;
+      return o;
+    }, {});
+    return new Date(+p.year, +p.month - 1, +p.day, +(p.hour === "24" ? 0 : p.hour), +p.minute);
+  } catch {
+    return date;
+  }
+}
+function nextFire(expr, from, tz) {
+  const c = parseCron(expr);
+  const d = new Date(from.getTime());
+  d.setSeconds(0, 0);
+  d.setMinutes(d.getMinutes() + 1);
+  for (let i = 0; i < 366 * 24 * 60; i++) {
+    if (cronMatches(c, tz ? inZone(d, tz) : d)) return new Date(d.getTime());
+    d.setMinutes(d.getMinutes() + 1);
+  }
+  return null;
+}
+function resolvePath(ctx, path) {
+  return path.split(".").reduce((o, k) => o == null ? void 0 : o[k], ctx);
+}
+function renderTemplate(template, ctx) {
+  return String(template).replace(/\$\{([\w.$]+)\}/g, (_m, p) => {
+    const v = resolvePath(ctx, p);
+    return v == null ? "" : typeof v === "object" ? JSON.stringify(v) : String(v);
+  });
+}
+const TRIGGER_TYPES = ["manual", "schedule", "webhook", "api"];
+const ACTION_KINDS = ["message", "loop"];
+const OVERLAP = ["queue", "skip", "replace"];
+function validateRoutine(r) {
+  const errs = [];
+  if (!r || typeof r !== "object") return ["routine must be an object"];
+  if (!r.session_id) errs.push("session_id required");
+  if (!r.name) errs.push("name required");
+  const t = r.trigger;
+  if (!t || !TRIGGER_TYPES.includes(t.type)) errs.push(`trigger.type must be one of ${TRIGGER_TYPES.join("|")}`);
+  if (t?.type === "schedule") {
+    try {
+      parseCron(t.cron);
+    } catch (e) {
+      errs.push(`trigger.cron: ${e.message}`);
+    }
+    if (t.missed && !["catchup", "skip"].includes(t.missed)) errs.push("trigger.missed must be catchup|skip");
+  }
+  const a = r.action;
+  if (!a || !ACTION_KINDS.includes(a.kind)) errs.push(`action.kind must be one of ${ACTION_KINDS.join("|")}`);
+  if (a?.kind === "message" && !a.template) errs.push("action.template required for message action");
+  if (a?.kind === "loop" && !a.loop && !a.task_template) errs.push("action.loop or action.task_template required for loop action");
+  if (r.overlap && !OVERLAP.includes(r.overlap)) errs.push(`overlap must be one of ${OVERLAP.join("|")}`);
+  if (r.bind && r.bind !== "stateful" && r.bind !== "stateless") errs.push('bind must be "stateful" or "stateless"');
+  if (r.bind === "stateless") {
+    if (!r.dir) errs.push("a stateless routine requires a dir (the project folder to spawn the one-shot in)");
+    if (a?.kind === "loop") errs.push('a stateless routine cannot use a loop action (needs a persistent session); use a message action or bind "stateful"');
+  }
+  if ((t?.type === "webhook" || t?.type === "api") && t.public && a?.kind === "loop")
+    errs.push("a public webhook/api may not use a loop action (unauthenticated task injection) \u2014 use a message action or require a key");
+  return errs;
+}
+
+const genId$1 = () => "c_" + randomBytes(5).toString("hex");
+const genKey$1 = () => "ck_" + randomBytes(18).toString("base64url");
+const DEFAULT_TEMPLATE = `<inbound-message from="\${sender.name}" sender-type="\${sender.kind}" verified="\${sender.verified}" channel="\${channel.name}" call-id="\${call.id}" at="\${now}">
+\${body.message}
+</inbound-message>`;
+function validateChannel(c) {
+  const errs = [];
+  if (!c || typeof c !== "object") return ["channel must be an object"];
+  if (!c.name) errs.push("name required");
+  const m = c.identity?.mode;
+  if (!["per-key", "caller-supplied", "fixed"].includes(m)) errs.push("identity.mode must be per-key|caller-supplied|fixed");
+  if (m === "fixed" && !c.identity.fixed?.name) errs.push("identity.fixed.name required for fixed mode");
+  if (!["message", "loop", "agent"].includes(c.action?.kind)) errs.push("action.kind must be message|loop|agent");
+  const b = c.bind;
+  const bindOk = b === "dynamic" || b === "stateless" || b && typeof b.session === "string" && !!b.session;
+  if (!bindOk) errs.push('bind must be "dynamic", "stateless", or { session }');
+  if (b === "stateless" && c.reply?.mode === "queue")
+    errs.push('a stateless channel cannot use reply.mode "queue" (no persistent session to answer later)');
+  if (b === "stateless" && (c.action?.kind === "loop" || c.action?.kind === "agent"))
+    errs.push(`a stateless channel cannot use a ${c.action?.kind} action (needs a live session); use dynamic or { session }`);
+  if (c.action?.kind === "loop" && m === "caller-supplied" && !c.identity?.shared_key)
+    errs.push("a caller-supplied channel without a shared_key may not use a loop action (unauthenticated task injection)");
+  if (c.action?.kind === "agent" && m === "caller-supplied" && !c.identity?.shared_key) {
+    const MUTATING = ["run_bash", "send_to_session"];
+    const ag = c.action.agent || {};
+    const grantsMutating = (ag.tools || []).some((t) => MUTATING.includes(t)) || Object.values(ag.per_caller || {}).some((p) => (p?.tools || []).some((t) => MUTATING.includes(t)));
+    if (grantsMutating) errs.push("a caller-supplied agent channel without a shared_key may not grant run_bash/send_to_session");
+  }
+  const unsafe = /[<>"'&\r\n]/;
+  if (unsafe.test(c.name || "")) errs.push(`name must be single-line and not contain < > " ' &`);
+  if (c.description && unsafe.test(c.description)) errs.push(`description must be single-line and not contain < > " ' &`);
+  if (c.skill?.name && unsafe.test(c.skill.name)) errs.push(`skill.name must be single-line and not contain < > " ' &`);
+  if (c.skill?.description && unsafe.test(c.skill.description)) errs.push(`skill.description must be single-line and not contain < > " ' &`);
+  if (m === "fixed" && c.identity.fixed?.name && unsafe.test(c.identity.fixed.name)) errs.push(`identity.fixed.name must not contain < > " ' & or newlines`);
+  for (const cl of c.identity?.callers || []) if (unsafe.test(cl.name || "")) errs.push(`caller name "${cl.name}" must not contain < > " ' & or newlines`);
+  return errs;
+}
+function normalizeBind(c) {
+  const b = c.bind;
+  if (b === "dynamic" || b === "stateless" || b && typeof b.session === "string" && b.session) return c;
+  c.bind = "dynamic";
+  return c;
+}
+function bindMode(c) {
+  const b = normalizeBind(c).bind;
+  if (b === "stateless") return "stateless";
+  if (b && typeof b.session === "string") return "fixed";
+  return "dynamic";
+}
+function fixedSessionId(c) {
+  const b = c.bind;
+  return b && typeof b.session === "string" ? b.session : void 0;
+}
+class ChannelStore {
+  dir;
+  constructor(projectDir) {
+    this.dir = join(projectDir, ".svamp", "channels");
+    try {
+      mkdirSync(this.dir, { recursive: true });
+    } catch {
+    }
+  }
+  _path(id) {
+    return join(this.dir, `${id}.json`);
+  }
+  list() {
+    if (!existsSync(this.dir)) return [];
+    return readdirSync(this.dir).filter((f) => f.endsWith(".json")).map((f) => {
+      try {
+        return normalizeBind(JSON.parse(readFileSync(join(this.dir, f), "utf8")));
+      } catch {
+        return null;
+      }
+    }).filter((c) => !!c);
+  }
+  get(id) {
+    try {
+      return normalizeBind(JSON.parse(readFileSync(this._path(id), "utf8")));
+    } catch {
+      return null;
+    }
+  }
+  save(channel) {
+    const c = { enabled: true, bind: "dynamic", template: DEFAULT_TEMPLATE, last_calls: [], ...channel };
+    if (!c.id) c.id = genId$1();
+    const errs = validateChannel(c);
+    if (errs.length) throw new Error("invalid channel: " + errs.join("; "));
+    mkdirSync(this.dir, { recursive: true });
+    const tmp = this._path(c.id) + ".tmp";
+    writeFileSync(tmp, JSON.stringify(c, null, 2));
+    renameSync(tmp, this._path(c.id));
+    return c;
+  }
+  remove(id) {
+    const p = this._path(id);
+    if (existsSync(p)) {
+      rmSync(p);
+      return true;
+    }
+    return false;
+  }
+  setEnabled(id, enabled) {
+    const c = this.get(id);
+    if (!c) return null;
+    c.enabled = enabled;
+    return this.save(c);
+  }
+  recordCall(id, entry) {
+    const c = this.get(id);
+    if (!c) return;
+    c.last_calls = c.last_calls || [];
+    c.last_calls.unshift({ at: (/* @__PURE__ */ new Date()).toISOString(), ...entry });
+    c.last_calls = c.last_calls.slice(0, 20);
+    this.save(c);
+  }
+  addCaller(id, name, kind = "agent") {
+    const c = this.get(id);
+    if (!c) return null;
+    c.identity.callers = c.identity.callers || [];
+    const caller = { name, kind, key: genKey$1() };
+    c.identity.callers.push(caller);
+    this.save(c);
+    return caller;
+  }
+}
+function routingSession(channel, ctx) {
+  const mode = bindMode(channel);
+  if (mode === "fixed") return fixedSessionId(channel);
+  if (mode === "dynamic") return ctx?.session;
+  return void 0;
+}
+function gatewayBase(channelsServiceId, baseUrl) {
+  const slash = channelsServiceId.indexOf("/");
+  if (slash < 0) return `${baseUrl.replace(/\/$/, "")}/services/${channelsServiceId}`;
+  const ws = channelsServiceId.slice(0, slash);
+  const clientSvc = channelsServiceId.slice(slash + 1);
+  return `${baseUrl.replace(/\/$/, "")}/${ws}/services/${clientSvc}`;
+}
+function generateSkillBody(channel, ctx) {
+  const svc = ctx?.channelsServiceId || "<workspace>/<machine>:channels";
+  const base = ctx?.baseUrl || "https://hypha.aicell.io";
+  const gw = ctx?.channelsServiceId ? gatewayBase(svc, base) : `${base}/<workspace>/services/<machine>:channels`;
+  const skillUrl = `${gw}/skill?channel=${channel.id}`;
+  const sendUrl = `${gw}/send`;
+  const key = ctx?.key || "<your-key>";
+  const isAgent = channel.action?.kind === "agent";
+  const isQueue = channel.reply?.mode === "queue";
+  const recvUrl = `${gw}/receive`;
+  const hyphaOpen = (channel.identity?.hypha_allow || []).length > 0;
+  const mode = bindMode(channel);
+  const rSession = routingSession(channel, ctx);
+  const sessionLineJs = rSession ? `
+  session: "${rSession}",` : "";
+  const sessionKv = rSession ? `, "session": "${rSession}"` : "";
+  const bindNote = mode === "stateless" ? `**Stateless channel** \u2014 each call spawns a fresh, isolated one-shot session (cold-start: a few seconds), runs, replies, and closes. No shared memory between calls.` : mode === "fixed" ? `Routes to a **fixed session** (\`${rSession}\`); reachable only while that session is live.` : rSession ? `Routes to **session \`${rSession}\`** (the one this instruction was copied from); reachable only while it is live, else a fresh stateless run answers.` : `**Dynamic channel** \u2014 pass \`session: "<id>"\` to target a specific live session, else a fresh stateless run answers.`;
+  const name = channel.skill?.name || channel.name;
+  const desc = channel.skill?.description || channel.description || `Send a message to the "${channel.name}" channel.`;
+  const replyNote = isAgent ? `This is a **WISE Agent** channel: \`send()\` runs a fast assistant against the session's tools/skills and returns its answer synchronously in the result \`reply\`.` : isQueue ? `This is an **async** channel: \`send()\` returns a \`correlationId\` and the agent replies later \u2014 poll \`receive()\` (or GET /receive \xB7 /events) for replies addressed to you.` : `Delivery is fire-and-forget \u2014 the message lands in the agent's inbox, tagged with your verified identity (\`from\`).`;
+  const queueSection = isQueue ? `
+
+## Getting the reply (async)
+\`send()\` returns \`{ correlationId }\`. The agent answers later; retrieve replies addressed
+to you by **long-polling** \`receive\` with a cursor you advance each call:
+\`\`\`js
+const { correlationId } = await get_service("${svc}").send({ channel: "${channel.id}", message: "\u2026", from: "your-name" });
+let cursor = 0;
+while (true) {
+  const r = await get_service("${svc}").receive({ channel: "${channel.id}", key: "${key}", cursor, wait: 25 });
+  cursor = r.cursor;
+  for (const reply of r.replies) if (reply.correlationId === correlationId) return reply.body;
+}
+\`\`\`
+**HTTP:** \`POST ${recvUrl}\` with \`{"kwargs": {"channel": "${channel.id}", "key": "${key}", "cursor": 0, "wait": 25}}\` (long-poll), or stream \`GET <channel-http>/channel/${channel.id}/events?key=${key}\` (SSE).` : "";
+  const rpcLine = hyphaOpen ? `**Hypha RPC** \u2014 preferred. Your verified Hypha identity is accepted, no key needed:` : `**Hypha RPC** \u2014 verified identity:`;
+  return `---
+name: ${name}
+description: ${desc}
+---
+# ${name}
+${channel.description || ""}
+
+Self-contained guide for messaging the **${channel.name}** channel. ${replyNote}
+${bindNote}
+This skill (with every value below already filled in) is served at:
+${skillUrl}
+
+${rpcLine}
+\`\`\`js
+await get_service("${svc}").send({
+  channel: "${channel.id}",
+  message: "your message here",
+  from:    "your-name",${sessionLineJs}
+});
+\`\`\`
+
+**HTTP** \u2014 any client, no Hypha SDK needed (Hypha gateway wraps args under \`kwargs\`):
+\`\`\`
+POST ${sendUrl}
+Content-Type: application/json
+
+{"kwargs": {"channel": "${channel.id}", "message": "your message here", "from": "your-name", "key": "${key}"${sessionKv}}}
+\`\`\`${queueSection}`;
+}
+
+function resolveSender(channel, input = {}) {
+  const { key, from, hyphaUser, hyphaWorkspace, hyphaAnonymous } = input;
+  const id = channel.identity || {};
+  if (hyphaUser && !hyphaAnonymous && Array.isArray(id.hypha_allow) && id.hypha_allow.length) {
+    if (id.hypha_allow.includes("*") || id.hypha_allow.includes(hyphaUser) || hyphaWorkspace && id.hypha_allow.includes(hyphaWorkspace))
+      return { sender: { name: hyphaUser, kind: "agent", verified: true } };
+    return { error: "caller not in hypha_allow" };
+  }
+  if (id.mode === "fixed") {
+    if (!id.fixed?.name) return { error: "fixed identity not configured" };
+    return { sender: { name: id.fixed.name, kind: id.fixed.kind, verified: true } };
+  }
+  if (id.mode === "per-key") {
+    const caller = (id.callers || []).find((c) => c.key && c.key === key);
+    if (!caller) return { error: "invalid or missing key" };
+    return { sender: { name: caller.name, kind: caller.kind, verified: true } };
+  }
+  if (id.mode === "caller-supplied") {
+    if (id.shared_key && key !== id.shared_key) return { error: "invalid key" };
+    return { sender: { name: from || "anonymous", kind: "user", verified: false } };
+  }
+  return { error: "unsupported identity mode" };
+}
+const MAX_BODY = 16 * 1024;
+function xmlEscape(s) {
+  return String(s ?? "").replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&#39;");
+}
+const stripControl = (s) => String(s ?? "").replace(/[\x00-\x1f\x7f]/g, " ");
+function renderMessage(channel, { sender = {}, body = {}, query = {}, callId, now }) {
+  const obj = (v) => typeof v === "object" && v !== null ? JSON.stringify(v) : v;
+  const escVal = (v) => xmlEscape(obj(v));
+  const escAttr = (v) => xmlEscape(stripControl(obj(v)));
+  const bodyEsc = {};
+  for (const [k, v] of Object.entries(body)) bodyEsc[k] = k === "message" ? escVal(String(v ?? "").slice(0, MAX_BODY)) : escAttr(v);
+  const queryEsc = {};
+  for (const [k, v] of Object.entries(query)) if (k !== "key") queryEsc[k] = escAttr(v);
+  const ctx = {
+    sender: { name: escAttr(sender.name), kind: escAttr(sender.kind), verified: sender.verified === true },
+    body: bodyEsc,
+    query: queryEsc,
+    channel: { name: escAttr(channel.name), id: escAttr(channel.id) },
+    call: { id: escAttr(callId) },
+    now: escAttr(now || (/* @__PURE__ */ new Date()).toISOString())
+  };
+  return renderTemplate(channel.template || DEFAULT_TEMPLATE, ctx);
+}
+
 function getParamNames(fn) {
   const src = fn.toString();
   const match = src.match(/^(?:async\s+)?(?:function\s*\w*)?\s*\(([^)]*)\)/);
@@ -1151,7 +1512,7 @@ function filterTerminalResponses(data) {
   return filtered;
 }
 function getMachineMetadataPath(svampHomeDir) {
-  return join(svampHomeDir, "machine-metadata.json");
+  return join$1(svampHomeDir, "machine-metadata.json");
 }
 async function mintRealtimeEphemeralKey(baseUrl, apiKey, opts) {
   const realtimeBase = baseUrl || "https://api.openai.com";
@@ -1212,11 +1573,11 @@ function loadPersistedMachineMetadata(svampHomeDir) {
 }
 function savePersistedMachineMetadata(svampHomeDir, data) {
   try {
-    mkdirSync(svampHomeDir, { recursive: true });
+    mkdirSync$1(svampHomeDir, { recursive: true });
     const filePath = getMachineMetadataPath(svampHomeDir);
     const tmpPath = filePath + ".tmp";
-    writeFileSync(tmpPath, JSON.stringify(data, null, 2));
-    renameSync(tmpPath, filePath);
+    writeFileSync$1(tmpPath, JSON.stringify(data, null, 2));
+    renameSync$1(tmpPath, filePath);
   } catch (err) {
     console.error("[HYPHA MACHINE] Failed to persist machine metadata:", err);
   }
@@ -1663,11 +2024,11 @@ async function registerMachineService(server, machineId, metadata, daemonState,
         if (newSharing.enabled && !newSharing.owner && context?.user?.email) {
           newSharing = { ...newSharing, owner: context.user.email };
         }
-        const ownerEmail = newSharing.owner || context?.user?.email || "";
+        const ownerEmail2 = newSharing.owner || context?.user?.email || "";
         newSharing = {
           ...newSharing,
           allowedUsers: (newSharing.allowedUsers || []).map(
-            (u) => normalizeAllowedUser(u, ownerEmail)
+            (u) => normalizeAllowedUser(u, ownerEmail2)
           ),
           publicAccess: null
         };
@@ -2166,7 +2527,7 @@ async function registerMachineService(server, machineId, metadata, daemonState,
         const tunnels = handlers.tunnels;
         if (!tunnels) throw new Error("Tunnel management not available");
         if (tunnels.has(params.name)) throw new Error(`Tunnel '${params.name}' already running`);
-        const { FrpcTunnel } = await import('./frpc-Dn5pmk_f.mjs');
+        const { FrpcTunnel } = await import('./frpc-CG7J02Ft.mjs');
         const tunnel = new FrpcTunnel({
           name: params.name,
           ports: params.ports,
@@ -2222,9 +2583,9 @@ async function registerMachineService(server, machineId, metadata, daemonState,
         authorizeRequest(context, currentMetadata.sharing, "interact");
         const sm = handlers.serveManager;
         if (!sm) throw new Error("Serve manager not available");
-        const ownerEmail = params.ownerEmail || context?.user?.email || void 0;
+        const ownerEmail2 = params.ownerEmail || context?.user?.email || void 0;
         const access = params.access || "owner";
-        return sm.addMount(params.name, params.directory, params.sessionId, access, ownerEmail);
+        return sm.addMount(params.name, params.directory, params.sessionId, access, ownerEmail2);
       },
       /**
        * Apply a mount declaratively. Replaces existing mount with same name.
@@ -2235,7 +2596,7 @@ async function registerMachineService(server, machineId, metadata, daemonState,
         authorizeRequest(context, currentMetadata.sharing, "interact");
         const sm = handlers.serveManager;
         if (!sm) throw new Error("Serve manager not available");
-        const ownerEmail = params.ownerEmail || context?.user?.email || void 0;
+        const ownerEmail2 = params.ownerEmail || context?.user?.email || void 0;
         const access = params.access ?? "owner";
         return sm.applyMount({
           name: params.name,
@@ -2243,7 +2604,7 @@ async function registerMachineService(server, machineId, metadata, daemonState,
           process: params.process,
           sessionId: params.sessionId,
           access,
-          ownerEmail
+          ownerEmail: ownerEmail2
         });
       },
       /** Remove a mount from the shared static file server. */
@@ -2427,7 +2788,7 @@ QUESTION: ${params.question || "Summarize this concisely."}` }
           }
           const deps = buildSessionDeps(rpc, { cwd, ownerEmail: owner });
           const sender = { name: context?.user?.email || context?.user?.id || "user", kind: "user", verified: true };
-          const { toolsForRole } = await import('./sideband-CNyGVxRy.mjs');
+          const { toolsForRole } = await import('./sideband-CHClz1Yz.mjs');
           const r2 = await runWiseAgent({ message: params.message, sender, config: { tools: toolsForRole(role2) }, deps, transport, model: resolved.model });
           return fmt(r2);
         }
@@ -2462,6 +2823,89 @@ QUESTION: ${params.question || "Summarize this concisely."}` }
     }
     return void 0;
   };
+  const readChannelFromDisk = (channelId) => {
+    const seen = /* @__PURE__ */ new Set();
+    for (const t of handlers.getTrackedSessions?.() || []) {
+      const dir = t.directory;
+      if (!dir || seen.has(dir)) continue;
+      seen.add(dir);
+      try {
+        const c = new ChannelStore(dir).get(channelId);
+        if (c && c.enabled !== false) return { c, dir };
+      } catch {
+      }
+    }
+    return void 0;
+  };
+  const liveSessionsInDir = (dir) => (handlers.getTrackedSessions?.() || []).filter((t) => t.directory === dir && handlers.getSessionRPCHandlers?.(t.sessionId)).map((t) => t.sessionId);
+  const resolveChannel = (channelId, targetSession) => {
+    const found = readChannelFromDisk(channelId);
+    if (!found) return { error: "channel not found" };
+    const { c, dir } = found;
+    const mode = bindMode(c);
+    const kind = c.action?.kind;
+    if (kind === "agent" || kind === "loop") {
+      const prefer = mode === "fixed" ? fixedSessionId(c) : mode === "dynamic" ? targetSession : void 0;
+      const sid = prefer && handlers.getSessionRPCHandlers?.(prefer) ? prefer : liveSessionsInDir(dir)[0];
+      if (!sid) {
+        if (mode === "fixed") return { tier: "session", sessionId: fixedSessionId(c) || "?", stopped: true, c, dir };
+        return { error: `no live session to host this ${kind} channel \u2014 start a session in ${dir}` };
+      }
+      return { tier: "session", sessionId: sid, rpc: handlers.getSessionRPCHandlers(sid), c, dir };
+    }
+    const target = mode === "fixed" ? fixedSessionId(c) : mode === "dynamic" ? targetSession : void 0;
+    if (target) {
+      const rpc = handlers.getSessionRPCHandlers?.(target);
+      if (rpc) return { tier: "session", sessionId: target, rpc, c, dir };
+      if (mode === "fixed") return { tier: "session", sessionId: target, stopped: true, c, dir };
+    }
+    return { tier: "stateless", c, dir };
+  };
+  const ownerEmail = currentMetadata.sharing?.owner;
+  const ownerCtx = ownerEmail ? { user: { email: ownerEmail, id: ownerEmail } } : void 0;
+  const selfMachine = {
+    spawnSession: (opts) => handlers.spawnSession(opts),
+    sessionRPC: async (sessionId, method, kwargs) => {
+      const rpc = handlers.getSessionRPCHandlers?.(sessionId);
+      if (!rpc) throw new Error(`Session ${sessionId} not found on this machine`);
+      const handler = rpc[method];
+      if (typeof handler !== "function") throw new Error(`Unknown session method: ${method}`);
+      const paramNames = getParamNames(handler);
+      const callArgs = paramNames.map((n) => n === "context" ? ownerCtx : kwargs?.[n] ?? void 0);
+      return handler(...callArgs);
+    }
+  };
+  const dispatchStateless = async (c, dir, kwargs, context) => {
+    const u = context?.user;
+    const r = resolveSender(c, {
+      key: kwargs.key,
+      from: kwargs.from,
+      hyphaUser: u && u.is_anonymous !== true ? u.email || u.id : void 0,
+      hyphaAnonymous: u?.is_anonymous === true,
+      hyphaWorkspace: u?.scope?.current_workspace
+    });
+    if (r.error || !r.sender) return { error: r.error || "unauthorized" };
+    const callId = "call_" + Math.random().toString(16).slice(2, 12);
+    const rendered = renderMessage(c, { sender: r.sender, body: { message: kwargs.message }, callId });
+    const { queryCore } = await import('./commands-Bj33Q-8L.mjs');
+    const timeout = c.reply?.timeout_sec || 120;
+    let result;
+    try {
+      result = await queryCore(selfMachine, dir, rendered, { permissionMode: "bypassPermissions", tag: "svamp-channel", timeout });
+    } catch (e) {
+      return { ok: false, call_id: callId, status: "error", error: e?.message || String(e) };
+    } finally {
+      if (result?.sessionId) {
+        try {
+          handlers.deleteSession?.(result.sessionId);
+        } catch {
+        }
+      }
+    }
+    if (result.status === "error") return { ok: false, call_id: callId, status: "error", error: result.error };
+    if (result.status === "permission-pending") return { ok: false, call_id: callId, status: "permission-pending", error: result.error };
+    return { ok: true, call_id: callId, status: "completed", reply: result.response };
+  };
   const channelsServiceInfo = await server.registerService(
     {
       id: "channels",
@@ -2501,179 +2945,79 @@ ${d?.error || "not found"}`;
       },
       send: async (kwargs = {}, context) => {
         trackInbound();
-        const rpc = await findChannelOwner(kwargs.channel);
-        if (!rpc?.channelSend) return { error: "channel not found" };
-        return rpc.channelSend({ channel: kwargs.channel, message: kwargs.message, from: kwargs.from, key: kwargs.key, reply_to: kwargs.reply_to }, context);
+        const res = resolveChannel(kwargs.channel, kwargs.session);
+        if ("error" in res) return { error: res.error };
+        if (res.tier === "stateless") return dispatchStateless(res.c, res.dir, kwargs, context);
+        if ("stopped" in res) return { error: `session ${res.sessionId.slice(0, 8)} is stopped \u2014 resume it to reach this channel` };
+        return res.rpc.channelSend({ channel: kwargs.channel, message: kwargs.message, from: kwargs.from, key: kwargs.key, session: kwargs.session, reply_to: kwargs.reply_to }, context);
       },
       // Async reply retrieval for queue-mode channels — long-poll the channel outbox
-      // for replies addressed to the caller. Channel-identity auth (key/from).
-      receive: async (kwargs = {}, context) => {
-        trackInbound();
-        const rpc = await findChannelOwner(kwargs.channel);
-        if (!rpc?.channelReceive) return { error: "channel not found" };
-        return rpc.channelReceive({ channel: kwargs.channel, key: kwargs.key, from: kwargs.from, cursor: kwargs.cursor, correlationId: kwargs.correlationId, wait: kwargs.wait }, context);
-      }
-    },
-    { overwrite: true }
-  );
-  console.log(`[HYPHA MACHINE] Channels service registered: ${channelsServiceInfo.id} (type svamp-channels)`);
-  return {
-    serviceInfo,
-    notifySessionEvent: notifyListeners,
-    updateMetadata: (newMetadata) => {
-      currentMetadata = newMetadata;
-      metadataVersion++;
-      notifyListeners({
-        type: "update-machine",
-        machineId,
-        metadata: { value: currentMetadata, version: metadataVersion }
-      });
-    },
-    updateDaemonState: (newState) => {
-      currentDaemonState = newState;
-      daemonStateVersion++;
-      notifyListeners({
-        type: "update-machine",
-        machineId,
-        daemonState: { value: currentDaemonState, version: daemonStateVersion }
-      });
-    },
-    getLastInboundRpcAt: () => lastInboundRpcAt,
-    disconnect: async () => {
-      const toRemove = [...listeners];
-      for (const listener of toRemove) {
-        removeListener(listener, "disconnect");
-      }
-      await server.unregisterService(serviceInfo.id);
-      await server.unregisterService(channelsServiceInfo.id).catch(() => {
-      });
-    }
-  };
-}
-
-const FIELD_RANGES = [[0, 59], [0, 23], [1, 31], [1, 12], [0, 6]];
-function parseField(token, [min, max]) {
-  const set = /* @__PURE__ */ new Set();
-  for (const part of token.split(",")) {
-    let m;
-    if (part === "*") {
-      for (let i = min; i <= max; i++) set.add(i);
-    } else if (m = part.match(/^\*\/(\d+)$/)) {
-      const s = +m[1];
-      for (let i = min; i <= max; i += s) set.add(i);
-    } else if (m = part.match(/^(\d+)-(\d+)\/(\d+)$/)) {
-      for (let i = +m[1]; i <= +m[2]; i += +m[3]) set.add(i);
-    } else if (m = part.match(/^(\d+)-(\d+)$/)) {
-      for (let i = +m[1]; i <= +m[2]; i++) set.add(i);
-    } else if (m = part.match(/^(\d+)$/)) {
-      set.add(+m[1]);
-    } else throw new Error(`invalid cron field: "${token}"`);
-  }
-  for (const v of set) if (v < min || v > max) throw new Error(`cron value ${v} out of range [${min},${max}]`);
-  return set;
-}
-function parseCron(expr) {
-  const fields = String(expr).trim().split(/\s+/);
-  if (fields.length !== 5) throw new Error(`cron must have 5 fields, got ${fields.length}: "${expr}"`);
-  const [minute, hour, dom, month, dow] = fields.map((f, i) => parseField(f, FIELD_RANGES[i]));
-  return { minute, hour, dom, month, dow, domRestricted: fields[2] !== "*", dowRestricted: fields[4] !== "*" };
-}
-function cronMatches(expr, date) {
-  const c = typeof expr === "string" ? parseCron(expr) : expr;
-  if (!c.minute.has(date.getMinutes())) return false;
-  if (!c.hour.has(date.getHours())) return false;
-  if (!c.month.has(date.getMonth() + 1)) return false;
-  const domOk = c.dom.has(date.getDate());
-  const dowOk = c.dow.has(date.getDay());
-  if (c.domRestricted && c.dowRestricted) return domOk || dowOk;
-  return domOk && dowOk;
-}
-function inZone(date, tz) {
-  if (!tz) return date;
-  try {
-    const p = new Intl.DateTimeFormat("en-US", {
-      timeZone: tz,
-      hour12: false,
-      year: "numeric",
-      month: "2-digit",
-      day: "2-digit",
-      hour: "2-digit",
-      minute: "2-digit"
-    }).formatToParts(date).reduce((o, x) => {
-      o[x.type] = x.value;
-      return o;
-    }, {});
-    return new Date(+p.year, +p.month - 1, +p.day, +(p.hour === "24" ? 0 : p.hour), +p.minute);
-  } catch {
-    return date;
-  }
-}
-function nextFire(expr, from, tz) {
-  const c = parseCron(expr);
-  const d = new Date(from.getTime());
-  d.setSeconds(0, 0);
-  d.setMinutes(d.getMinutes() + 1);
-  for (let i = 0; i < 366 * 24 * 60; i++) {
-    if (cronMatches(c, tz ? inZone(d, tz) : d)) return new Date(d.getTime());
-    d.setMinutes(d.getMinutes() + 1);
-  }
-  return null;
-}
-function resolvePath(ctx, path) {
-  return path.split(".").reduce((o, k) => o == null ? void 0 : o[k], ctx);
-}
-function renderTemplate(template, ctx) {
-  return String(template).replace(/\$\{([\w.$]+)\}/g, (_m, p) => {
-    const v = resolvePath(ctx, p);
-    return v == null ? "" : typeof v === "object" ? JSON.stringify(v) : String(v);
-  });
-}
-const TRIGGER_TYPES = ["manual", "schedule", "webhook", "api"];
-const ACTION_KINDS = ["message", "loop"];
-const OVERLAP = ["queue", "skip", "replace"];
-function validateRoutine(r) {
-  const errs = [];
-  if (!r || typeof r !== "object") return ["routine must be an object"];
-  if (!r.session_id) errs.push("session_id required");
-  if (!r.name) errs.push("name required");
-  const t = r.trigger;
-  if (!t || !TRIGGER_TYPES.includes(t.type)) errs.push(`trigger.type must be one of ${TRIGGER_TYPES.join("|")}`);
-  if (t?.type === "schedule") {
-    try {
-      parseCron(t.cron);
-    } catch (e) {
-      errs.push(`trigger.cron: ${e.message}`);
+      // for replies addressed to the caller. Routed to the session the message landed
+      // in (the `session` target); stateless channels can't queue. Channel-identity auth.
+      receive: async (kwargs = {}, context) => {
+        trackInbound();
+        const res = resolveChannel(kwargs.channel, kwargs.session);
+        if ("error" in res) return { error: res.error };
+        if (res.tier === "stateless") return { error: "stateless channels have no async replies (no persistent session)" };
+        if ("stopped" in res) return { error: `session ${res.sessionId.slice(0, 8)} is stopped` };
+        return res.rpc.channelReceive({ channel: kwargs.channel, key: kwargs.key, from: kwargs.from, cursor: kwargs.cursor, correlationId: kwargs.correlationId, wait: kwargs.wait }, context);
+      }
+    },
+    { overwrite: true }
+  );
+  console.log(`[HYPHA MACHINE] Channels service registered: ${channelsServiceInfo.id} (type svamp-channels)`);
+  return {
+    serviceInfo,
+    notifySessionEvent: notifyListeners,
+    updateMetadata: (newMetadata) => {
+      currentMetadata = newMetadata;
+      metadataVersion++;
+      notifyListeners({
+        type: "update-machine",
+        machineId,
+        metadata: { value: currentMetadata, version: metadataVersion }
+      });
+    },
+    updateDaemonState: (newState) => {
+      currentDaemonState = newState;
+      daemonStateVersion++;
+      notifyListeners({
+        type: "update-machine",
+        machineId,
+        daemonState: { value: currentDaemonState, version: daemonStateVersion }
+      });
+    },
+    getLastInboundRpcAt: () => lastInboundRpcAt,
+    disconnect: async () => {
+      const toRemove = [...listeners];
+      for (const listener of toRemove) {
+        removeListener(listener, "disconnect");
+      }
+      await server.unregisterService(serviceInfo.id);
+      await server.unregisterService(channelsServiceInfo.id).catch(() => {
+      });
     }
-    if (t.missed && !["catchup", "skip"].includes(t.missed)) errs.push("trigger.missed must be catchup|skip");
-  }
-  const a = r.action;
-  if (!a || !ACTION_KINDS.includes(a.kind)) errs.push(`action.kind must be one of ${ACTION_KINDS.join("|")}`);
-  if (a?.kind === "message" && !a.template) errs.push("action.template required for message action");
-  if (a?.kind === "loop" && !a.loop && !a.task_template) errs.push("action.loop or action.task_template required for loop action");
-  if (r.overlap && !OVERLAP.includes(r.overlap)) errs.push(`overlap must be one of ${OVERLAP.join("|")}`);
-  if ((t?.type === "webhook" || t?.type === "api") && t.public && a?.kind === "loop")
-    errs.push("a public webhook/api may not use a loop action (unauthenticated task injection) \u2014 use a message action or require a key");
-  return errs;
+  };
 }
 
 function defaultRoutinesDir() {
-  return process.env.SVAMP_ROUTINES_DIR || join$1(homedir(), ".svamp", "routines");
+  return process.env.SVAMP_ROUTINES_DIR || join(homedir(), ".svamp", "routines");
 }
-const genId$1 = () => "rt_" + randomBytes(5).toString("hex");
-const genKey$1 = () => randomBytes(18).toString("base64url");
+const genId = () => "rt_" + randomBytes(5).toString("hex");
+const genKey = () => randomBytes(18).toString("base64url");
 class RoutineStore {
   dir;
   constructor(dir = defaultRoutinesDir()) {
     this.dir = dir;
-    mkdirSync$1(dir, { recursive: true });
+    mkdirSync(dir, { recursive: true });
   }
   _path(id) {
-    return join$1(this.dir, `${id}.json`);
+    return join(this.dir, `${id}.json`);
   }
   list(sessionId) {
     const all = readdirSync(this.dir).filter((f) => f.endsWith(".json")).map((f) => {
       try {
-        return JSON.parse(readFileSync(join$1(this.dir, f), "utf8"));
+        return JSON.parse(readFileSync(join(this.dir, f), "utf8"));
       } catch {
         return null;
       }
@@ -2689,13 +3033,13 @@ class RoutineStore {
   }
   save(routine) {
     const r = { overlap: "queue", enabled: true, last_runs: [], ...routine };
-    if (!r.id) r.id = genId$1();
-    if ((r.trigger?.type === "webhook" || r.trigger?.type === "api") && !r.trigger.key) r.trigger.key = genKey$1();
+    if (!r.id) r.id = genId();
+    if ((r.trigger?.type === "webhook" || r.trigger?.type === "api") && !r.trigger.key) r.trigger.key = genKey();
     const errs = validateRoutine(r);
     if (errs.length) throw new Error("invalid routine: " + errs.join("; "));
     const tmp = this._path(r.id) + ".tmp";
-    writeFileSync$1(tmp, JSON.stringify(r, null, 2));
-    renameSync$1(tmp, this._path(r.id));
+    writeFileSync(tmp, JSON.stringify(r, null, 2));
+    renameSync(tmp, this._path(r.id));
     return r;
   }
   remove(id) {
@@ -2851,175 +3195,6 @@ class RoutineRunner {
   }
 }
 
-const genId = () => "c_" + randomBytes(5).toString("hex");
-const genKey = () => "ck_" + randomBytes(18).toString("base64url");
-const DEFAULT_TEMPLATE = `<inbound-message from="\${sender.name}" sender-type="\${sender.kind}" verified="\${sender.verified}" channel="\${channel.name}" call-id="\${call.id}" at="\${now}">
-\${body.message}
-</inbound-message>`;
-function validateChannel(c) {
-  const errs = [];
-  if (!c || typeof c !== "object") return ["channel must be an object"];
-  if (!c.name) errs.push("name required");
-  const m = c.identity?.mode;
-  if (!["per-key", "caller-supplied", "fixed"].includes(m)) errs.push("identity.mode must be per-key|caller-supplied|fixed");
-  if (m === "fixed" && !c.identity.fixed?.name) errs.push("identity.fixed.name required for fixed mode");
-  if (!["message", "loop", "agent"].includes(c.action?.kind)) errs.push("action.kind must be message|loop|agent");
-  if (c.bind !== "active" && !(c.bind && (c.bind.tag || c.bind.session))) errs.push('bind must be "active", {tag}, or {session}');
-  if (c.action?.kind === "loop" && m === "caller-supplied" && !c.identity?.shared_key)
-    errs.push("a caller-supplied channel without a shared_key may not use a loop action (unauthenticated task injection)");
-  if (c.action?.kind === "agent" && m === "caller-supplied" && !c.identity?.shared_key) {
-    const MUTATING = ["run_bash", "send_to_session"];
-    const ag = c.action.agent || {};
-    const grantsMutating = (ag.tools || []).some((t) => MUTATING.includes(t)) || Object.values(ag.per_caller || {}).some((p) => (p?.tools || []).some((t) => MUTATING.includes(t)));
-    if (grantsMutating) errs.push("a caller-supplied agent channel without a shared_key may not grant run_bash/send_to_session");
-  }
-  const unsafe = /[<>"'&\r\n]/;
-  if (unsafe.test(c.name || "")) errs.push(`name must be single-line and not contain < > " ' &`);
-  if (c.description && unsafe.test(c.description)) errs.push(`description must be single-line and not contain < > " ' &`);
-  if (c.skill?.name && unsafe.test(c.skill.name)) errs.push(`skill.name must be single-line and not contain < > " ' &`);
-  if (c.skill?.description && unsafe.test(c.skill.description)) errs.push(`skill.description must be single-line and not contain < > " ' &`);
-  if (m === "fixed" && c.identity.fixed?.name && unsafe.test(c.identity.fixed.name)) errs.push(`identity.fixed.name must not contain < > " ' & or newlines`);
-  for (const cl of c.identity?.callers || []) if (unsafe.test(cl.name || "")) errs.push(`caller name "${cl.name}" must not contain < > " ' & or newlines`);
-  return errs;
-}
-class ChannelStore {
-  dir;
-  constructor(projectDir) {
-    this.dir = join$1(projectDir, ".svamp", "channels");
-    try {
-      mkdirSync$1(this.dir, { recursive: true });
-    } catch {
-    }
-  }
-  _path(id) {
-    return join$1(this.dir, `${id}.json`);
-  }
-  list() {
-    if (!existsSync(this.dir)) return [];
-    return readdirSync(this.dir).filter((f) => f.endsWith(".json")).map((f) => {
-      try {
-        return JSON.parse(readFileSync(join$1(this.dir, f), "utf8"));
-      } catch {
-        return null;
-      }
-    }).filter((c) => !!c);
-  }
-  get(id) {
-    try {
-      return JSON.parse(readFileSync(this._path(id), "utf8"));
-    } catch {
-      return null;
-    }
-  }
-  save(channel) {
-    const c = { enabled: true, bind: "active", template: DEFAULT_TEMPLATE, last_calls: [], ...channel };
-    if (!c.id) c.id = genId();
-    const errs = validateChannel(c);
-    if (errs.length) throw new Error("invalid channel: " + errs.join("; "));
-    mkdirSync$1(this.dir, { recursive: true });
-    const tmp = this._path(c.id) + ".tmp";
-    writeFileSync$1(tmp, JSON.stringify(c, null, 2));
-    renameSync$1(tmp, this._path(c.id));
-    return c;
-  }
-  remove(id) {
-    const p = this._path(id);
-    if (existsSync(p)) {
-      rmSync(p);
-      return true;
-    }
-    return false;
-  }
-  setEnabled(id, enabled) {
-    const c = this.get(id);
-    if (!c) return null;
-    c.enabled = enabled;
-    return this.save(c);
-  }
-  recordCall(id, entry) {
-    const c = this.get(id);
-    if (!c) return;
-    c.last_calls = c.last_calls || [];
-    c.last_calls.unshift({ at: (/* @__PURE__ */ new Date()).toISOString(), ...entry });
-    c.last_calls = c.last_calls.slice(0, 20);
-    this.save(c);
-  }
-  addCaller(id, name, kind = "agent") {
-    const c = this.get(id);
-    if (!c) return null;
-    c.identity.callers = c.identity.callers || [];
-    const caller = { name, kind, key: genKey() };
-    c.identity.callers.push(caller);
-    this.save(c);
-    return caller;
-  }
-}
-function gatewayBase(channelsServiceId, baseUrl) {
-  const slash = channelsServiceId.indexOf("/");
-  if (slash < 0) return `${baseUrl.replace(/\/$/, "")}/services/${channelsServiceId}`;
-  const ws = channelsServiceId.slice(0, slash);
-  const clientSvc = channelsServiceId.slice(slash + 1);
-  return `${baseUrl.replace(/\/$/, "")}/${ws}/services/${clientSvc}`;
-}
-function generateSkillBody(channel, ctx) {
-  const svc = ctx?.channelsServiceId || "<workspace>/<machine>:channels";
-  const base = ctx?.baseUrl || "https://hypha.aicell.io";
-  const gw = ctx?.channelsServiceId ? gatewayBase(svc, base) : `${base}/<workspace>/services/<machine>:channels`;
-  const skillUrl = `${gw}/skill?channel=${channel.id}`;
-  const sendUrl = `${gw}/send`;
-  const key = ctx?.key || "<your-key>";
-  const isAgent = channel.action?.kind === "agent";
-  const isQueue = channel.reply?.mode === "queue";
-  const recvUrl = `${gw}/receive`;
-  const hyphaOpen = (channel.identity?.hypha_allow || []).length > 0;
-  const name = channel.skill?.name || channel.name;
-  const desc = channel.skill?.description || channel.description || `Send a message to the "${channel.name}" channel.`;
-  const replyNote = isAgent ? `This is a **WISE Agent** channel: \`send()\` runs a fast assistant against the session's tools/skills and returns its answer synchronously in the result \`reply\`.` : isQueue ? `This is an **async** channel: \`send()\` returns a \`correlationId\` and the agent replies later \u2014 poll \`receive()\` (or GET /receive \xB7 /events) for replies addressed to you.` : `Delivery is fire-and-forget \u2014 the message lands in the agent's inbox, tagged with your verified identity (\`from\`).`;
-  const queueSection = isQueue ? `
-
-## Getting the reply (async)
-\`send()\` returns \`{ correlationId }\`. The agent answers later; retrieve replies addressed
-to you by **long-polling** \`receive\` with a cursor you advance each call:
-\`\`\`js
-const { correlationId } = await get_service("${svc}").send({ channel: "${channel.id}", message: "\u2026", from: "your-name" });
-let cursor = 0;
-while (true) {
-  const r = await get_service("${svc}").receive({ channel: "${channel.id}", key: "${key}", cursor, wait: 25 });
-  cursor = r.cursor;
-  for (const reply of r.replies) if (reply.correlationId === correlationId) return reply.body;
-}
-\`\`\`
-**HTTP:** \`POST ${recvUrl}\` with \`{"kwargs": {"channel": "${channel.id}", "key": "${key}", "cursor": 0, "wait": 25}}\` (long-poll), or stream \`GET <channel-http>/channel/${channel.id}/events?key=${key}\` (SSE).` : "";
-  const rpcLine = hyphaOpen ? `**Hypha RPC** \u2014 preferred. Your verified Hypha identity is accepted, no key needed:` : `**Hypha RPC** \u2014 verified identity:`;
-  return `---
-name: ${name}
-description: ${desc}
----
-# ${name}
-${channel.description || ""}
-
-Self-contained guide for messaging the **${channel.name}** channel. ${replyNote}
-This skill (with every value below already filled in) is served at:
-${skillUrl}
-
-${rpcLine}
-\`\`\`js
-await get_service("${svc}").send({
-  channel: "${channel.id}",
-  message: "your message here",
-  from:    "your-name",
-});
-\`\`\`
-
-**HTTP** \u2014 any client, no Hypha SDK needed (Hypha gateway wraps args under \`kwargs\`):
-\`\`\`
-POST ${sendUrl}
-Content-Type: application/json
-
-{"kwargs": {"channel": "${channel.id}", "message": "your message here", "from": "your-name", "key": "${key}"}}
-\`\`\`${queueSection}`;
-}
-
 const MAX_PER_CHANNEL = 200;
 const TTL_MS = 60 * 60 * 1e3;
 class ChannelOutbox {
@@ -3028,11 +3203,11 @@ class ChannelOutbox {
   seqByChannel = /* @__PURE__ */ new Map();
   emitter = new EventEmitter();
   constructor(projectDir) {
-    const dir = join$1(projectDir, ".svamp", "channels");
-    this.file = join$1(dir, "_outbox.jsonl");
+    const dir = join(projectDir, ".svamp", "channels");
+    this.file = join(dir, "_outbox.jsonl");
     this.emitter.setMaxListeners(0);
     try {
-      mkdirSync$1(dir, { recursive: true });
+      mkdirSync(dir, { recursive: true });
     } catch {
     }
     this._load();
@@ -3081,7 +3256,7 @@ class ChannelOutbox {
       appendFileSync(this.file, JSON.stringify({ channelId, ...reply }) + "\n");
     } catch {
       try {
-        mkdirSync$1(join$1(this.file, ".."), { recursive: true });
+        mkdirSync(join(this.file, ".."), { recursive: true });
         appendFileSync(this.file, JSON.stringify({ channelId, ...reply }) + "\n");
       } catch {
       }
@@ -3145,62 +3320,15 @@ class ChannelOutbox {
         }
       });
       const tmp = this.file + ".tmp";
-      writeFileSync$1(tmp, kept.join("\n") + (kept.length ? "\n" : ""));
-      renameSync$1(tmp, this.file);
+      writeFileSync(tmp, kept.join("\n") + (kept.length ? "\n" : ""));
+      renameSync(tmp, this.file);
     } catch {
     }
   }
 }
 
-function resolveSender(channel, input = {}) {
-  const { key, from, hyphaUser, hyphaWorkspace, hyphaAnonymous } = input;
-  const id = channel.identity || {};
-  if (hyphaUser && !hyphaAnonymous && Array.isArray(id.hypha_allow) && id.hypha_allow.length) {
-    if (id.hypha_allow.includes("*") || id.hypha_allow.includes(hyphaUser) || hyphaWorkspace && id.hypha_allow.includes(hyphaWorkspace))
-      return { sender: { name: hyphaUser, kind: "agent", verified: true } };
-    return { error: "caller not in hypha_allow" };
-  }
-  if (id.mode === "fixed") {
-    if (!id.fixed?.name) return { error: "fixed identity not configured" };
-    return { sender: { name: id.fixed.name, kind: id.fixed.kind, verified: true } };
-  }
-  if (id.mode === "per-key") {
-    const caller = (id.callers || []).find((c) => c.key && c.key === key);
-    if (!caller) return { error: "invalid or missing key" };
-    return { sender: { name: caller.name, kind: caller.kind, verified: true } };
-  }
-  if (id.mode === "caller-supplied") {
-    if (id.shared_key && key !== id.shared_key) return { error: "invalid key" };
-    return { sender: { name: from || "anonymous", kind: "user", verified: false } };
-  }
-  return { error: "unsupported identity mode" };
-}
-const MAX_BODY = 16 * 1024;
-function xmlEscape(s) {
-  return String(s ?? "").replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&#39;");
-}
-const stripControl = (s) => String(s ?? "").replace(/[\x00-\x1f\x7f]/g, " ");
-function renderMessage(channel, { sender = {}, body = {}, query = {}, callId, now }) {
-  const obj = (v) => typeof v === "object" && v !== null ? JSON.stringify(v) : v;
-  const escVal = (v) => xmlEscape(obj(v));
-  const escAttr = (v) => xmlEscape(stripControl(obj(v)));
-  const bodyEsc = {};
-  for (const [k, v] of Object.entries(body)) bodyEsc[k] = k === "message" ? escVal(String(v ?? "").slice(0, MAX_BODY)) : escAttr(v);
-  const queryEsc = {};
-  for (const [k, v] of Object.entries(query)) if (k !== "key") queryEsc[k] = escAttr(v);
-  const ctx = {
-    sender: { name: escAttr(sender.name), kind: escAttr(sender.kind), verified: sender.verified === true },
-    body: bodyEsc,
-    query: queryEsc,
-    channel: { name: escAttr(channel.name), id: escAttr(channel.id) },
-    call: { id: escAttr(callId) },
-    now: escAttr(now || (/* @__PURE__ */ new Date()).toISOString())
-  };
-  return renderTemplate(channel.template || DEFAULT_TEMPLATE, ctx);
-}
-
 function channelPublicView(c) {
-  return { id: c.id, name: c.name, description: c.description, identity: { mode: c.identity?.mode }, action: c.action?.kind };
+  return { id: c.id, name: c.name, description: c.description, identity: { mode: c.identity?.mode }, action: c.action?.kind, bind: c.bind };
 }
 function isStructuredMessage(msg) {
   return !!(msg.from || msg.fromSession || msg.subject || msg.replyTo || msg.threadId || msg.channel);
@@ -3227,7 +3355,7 @@ ${msg.body}
 </svamp-message>`;
 }
 function loadMessages(messagesDir, sessionId) {
-  const filePath = join$1(messagesDir, "messages.jsonl");
+  const filePath = join(messagesDir, "messages.jsonl");
   if (!existsSync(filePath)) return [];
   try {
     const lines = readFileSync(filePath, "utf-8").split("\n").filter((l) => l.trim());
@@ -3244,7 +3372,7 @@ function loadMessages(messagesDir, sessionId) {
   }
 }
 function loadMessagesFromDisk(messagesDir, afterSeq, limit) {
-  const filePath = join$1(messagesDir, "messages.jsonl");
+  const filePath = join(messagesDir, "messages.jsonl");
   if (!existsSync(filePath)) return { messages: [], hasMore: false };
   try {
     const lines = readFileSync(filePath, "utf-8").split("\n").filter((l) => l.trim());
@@ -3263,7 +3391,7 @@ function loadMessagesFromDisk(messagesDir, afterSeq, limit) {
   }
 }
 function loadMessagesFromDiskReverse(messagesDir, beforeSeq, limit) {
-  const filePath = join$1(messagesDir, "messages.jsonl");
+  const filePath = join(messagesDir, "messages.jsonl");
   if (!existsSync(filePath)) return { messages: [], hasMore: false };
   try {
     const lines = readFileSync(filePath, "utf-8").split("\n").filter((l) => l.trim());
@@ -3282,7 +3410,7 @@ function loadMessagesFromDiskReverse(messagesDir, beforeSeq, limit) {
   }
 }
 function countMessagesOnDisk(messagesDir, fallbackInMemory) {
-  const filePath = join$1(messagesDir, "messages.jsonl");
+  const filePath = join(messagesDir, "messages.jsonl");
   if (!existsSync(filePath)) return fallbackInMemory;
   try {
     const data = readFileSync(filePath, "utf-8");
@@ -3296,9 +3424,9 @@ function countMessagesOnDisk(messagesDir, fallbackInMemory) {
 }
 function appendMessage(messagesDir, sessionId, msg) {
   try {
-    const filePath = join$1(messagesDir, "messages.jsonl");
+    const filePath = join(messagesDir, "messages.jsonl");
     if (!existsSync(messagesDir)) {
-      mkdirSync$1(messagesDir, { recursive: true });
+      mkdirSync(messagesDir, { recursive: true });
     }
     appendFileSync(filePath, JSON.stringify(msg) + "\n");
   } catch (err) {
@@ -3434,7 +3562,10 @@ function createSessionStore(server, sessionId, initialMetadata, initialAgentStat
   const skillCtxFor = (c) => ({
     channelsServiceId,
     baseUrl: channelsBaseUrl,
-    key: c.identity?.shared_key || c.identity?.callers?.[0]?.key
+    key: c.identity?.shared_key || c.identity?.callers?.[0]?.key,
+    // The session this skill is being copied FROM — baked into `dynamic` channel
+    // instructions as the routing target so the copied link lands in THIS session.
+    session: sessionId
   });
   const skillUrlsFor = (c) => {
     if (!channelsServiceId) return { skillUrl: void 0, sendUrl: void 0 };
@@ -3584,7 +3715,7 @@ function createSessionStore(server, sessionId, initialMetadata, initialAgentStat
     saveRoutine: async (routine, context) => {
       authorizeRequest(context, metadata.sharing, "admin");
       try {
-        const saved = routineStore.save({ ...routine, session_id: sessionId });
+        const saved = routineStore.save({ ...routine, session_id: sessionId, dir: routine.dir || metadata.path });
         syncRoutinesToMetadata();
         return { success: true, routine: saved };
       } catch (e) {
@@ -3625,6 +3756,10 @@ function createSessionStore(server, sessionId, initialMetadata, initialAgentStat
     saveChannel: async (channel, context) => {
       authorizeRequest(context, metadata.sharing, "admin");
       try {
+        const b = channel.bind;
+        if (b && typeof b === "object" && (b.session === "current" || b.session === "" || b.session == null)) {
+          channel = { ...channel, bind: { session: sessionId } };
+        }
         const saved = channelStore.save(channel);
         syncChannelsToMetadata();
         return { success: true, channel: saved };
@@ -3656,6 +3791,8 @@ function createSessionStore(server, sessionId, initialMetadata, initialAgentStat
       const c = channelStore.get(id);
       if (!c) return { error: "not found" };
       const { skillUrl, sendUrl } = skillUrlsFor(c);
+      const mode = bindMode(c);
+      const routeSession = mode === "fixed" ? fixedSessionId(c) : mode === "dynamic" ? sessionId : void 0;
       return {
         skill: generateSkillBody(c, skillCtxFor(c)),
         channelsServiceId,
@@ -3664,7 +3801,10 @@ function createSessionStore(server, sessionId, initialMetadata, initialAgentStat
         skillUrl,
         sendUrl,
         key: c.identity?.shared_key || c.identity?.callers?.[0]?.key,
-        hyphaKeyless: (c.identity?.hypha_allow || []).length > 0
+        hyphaKeyless: (c.identity?.hypha_allow || []).length > 0,
+        bind: c.bind,
+        bindMode: mode,
+        session: routeSession
       };
     },
     // Public channel discovery (no session authz — channels are deliberately
@@ -4186,9 +4326,9 @@ function createSessionStore(server, sessionId, initialMetadata, initialAgentStat
       messages.length = 0;
       nextSeq = 1;
       if (options?.messagesDir) {
-        const filePath = join$1(options.messagesDir, "messages.jsonl");
+        const filePath = join(options.messagesDir, "messages.jsonl");
         try {
-          writeFileSync$1(filePath, "");
+          writeFileSync(filePath, "");
         } catch {
         }
       }
@@ -4216,7 +4356,7 @@ function createSessionStore(server, sessionId, initialMetadata, initialAgentStat
   return { store, rpcHandlers };
 }
 
-const SVAMP_HOME$2 = process.env.SVAMP_HOME || join$1(os.homedir(), ".svamp");
+const SVAMP_HOME$2 = process.env.SVAMP_HOME || join(os.homedir(), ".svamp");
 const num = (key, def) => {
   const v = Number(process.env[key]);
   return Number.isFinite(v) && v > 0 ? v : def;
@@ -4229,19 +4369,19 @@ const BREAKER_MAX_WAKES = num("SVAMP_INBOX_BREAKER_MAX_WAKES", 30);
 const BREAKER_COOLDOWN_MS = num("SVAMP_INBOX_BREAKER_COOLDOWN_MS", 12e4);
 const CTX_STALE_MS = num("SVAMP_INBOX_CTX_STALE_MS", 30 * 6e4);
 function ctxPath(sessionId) {
-  return join$1(SVAMP_HOME$2, "inbound", `${sessionId}.json`);
+  return join(SVAMP_HOME$2, "inbound", `${sessionId}.json`);
 }
 function writeInboundContext(sessionId, ctx) {
   try {
     const p = ctxPath(sessionId);
-    mkdirSync$1(join$1(SVAMP_HOME$2, "inbound"), { recursive: true });
+    mkdirSync(join(SVAMP_HOME$2, "inbound"), { recursive: true });
     const tmp = p + ".tmp";
-    writeFileSync$1(tmp, JSON.stringify({ ...ctx, deliveredAt: Date.now() }));
+    writeFileSync(tmp, JSON.stringify({ ...ctx, deliveredAt: Date.now() }));
     try {
       rmSync(p, { force: true });
     } catch {
     }
-    writeFileSync$1(p, readFileSync(tmp));
+    writeFileSync(p, readFileSync(tmp));
     try {
       rmSync(tmp, { force: true });
     } catch {
@@ -4528,8 +4668,8 @@ class SessionArtifactSync {
     this.syncing = true;
     try {
       const artifactAlias = `session-${sessionId}`;
-      const sessionJsonPath = join$1(sessionsDir, "session.json");
-      const messagesPath = join$1(sessionsDir, "messages.jsonl");
+      const sessionJsonPath = join(sessionsDir, "session.json");
+      const messagesPath = join(sessionsDir, "messages.jsonl");
       let sessionData = null;
       if (existsSync(sessionJsonPath)) {
         try {
@@ -4639,18 +4779,18 @@ class SessionArtifactSync {
         artifact_id: artifactAlias,
         _rkwargs: true
       });
-      if (!existsSync(targetDir)) mkdirSync$1(targetDir, { recursive: true });
+      if (!existsSync(targetDir)) mkdirSync(targetDir, { recursive: true });
       try {
         const data = await this.downloadFile(artifact.id, "session.json");
         if (data) {
-          writeFileSync$1(join$1(targetDir, "session.json"), data);
+          writeFileSync(join(targetDir, "session.json"), data);
         }
       } catch {
       }
       try {
         const data = await this.downloadFile(artifact.id, "messages.jsonl");
         if (data) {
-          writeFileSync$1(join$1(targetDir, "messages.jsonl"), data);
+          writeFileSync(join(targetDir, "messages.jsonl"), data);
         }
       } catch {
       }
@@ -4703,13 +4843,13 @@ class SessionArtifactSync {
    */
   async syncAll(svampHome, machineId) {
     if (!this.initialized) return;
-    const indexFile = join$1(svampHome, "sessions-index.json");
+    const indexFile = join(svampHome, "sessions-index.json");
     if (!existsSync(indexFile)) return;
     try {
       const index = JSON.parse(readFileSync(indexFile, "utf-8"));
       for (const [sessionId, entry] of Object.entries(index)) {
-        const sessionDir = join$1(entry.directory, ".svamp", sessionId);
-        if (existsSync(join$1(sessionDir, "session.json"))) {
+        const sessionDir = join(entry.directory, ".svamp", sessionId);
+        if (existsSync(join(sessionDir, "session.json"))) {
           await this.syncSession(sessionId, sessionDir, void 0, machineId);
         }
       }
@@ -5025,7 +5165,7 @@ var DefaultTransport$1 = /*#__PURE__*/Object.freeze({
 
 function expandHome(p) {
   if (p === "~") return homedir();
-  if (p.startsWith("~/")) return join$1(homedir(), p.slice(2));
+  if (p.startsWith("~/")) return join(homedir(), p.slice(2));
   return p;
 }
 function wrapWithIsolation(originalCommand, originalArgs, config) {
@@ -5052,11 +5192,11 @@ function wrapWithNono(command, args, config) {
   nonoArgs.push("--allow-cwd");
   if (config.credentialStagingPath) {
     env.HOME = config.credentialStagingPath;
-    const realLocalDir = join$1(homedir(), ".local");
+    const realLocalDir = join(homedir(), ".local");
     if (existsSync(realLocalDir)) {
       nonoArgs.push("--read", realLocalDir);
     }
-    const realKeychainDir = join$1(homedir(), "Library", "Keychains");
+    const realKeychainDir = join(homedir(), "Library", "Keychains");
     if (existsSync(realKeychainDir)) {
       nonoArgs.push("--read", realKeychainDir);
     }
@@ -5117,9 +5257,9 @@ function wrapWithContainer(runtime, command, args, config) {
     config.workspacePath
   ];
   if (config.credentialStagingPath) {
-    const stagedClaudeDir = join$1(config.credentialStagingPath, ".claude");
+    const stagedClaudeDir = join(config.credentialStagingPath, ".claude");
     containerArgs.push("-v", `${stagedClaudeDir}:/root/.claude:ro`);
-    const stagedGitconfig = join$1(config.credentialStagingPath, ".gitconfig");
+    const stagedGitconfig = join(config.credentialStagingPath, ".gitconfig");
     containerArgs.push("-v", `${stagedGitconfig}:/root/.gitconfig:ro`);
     containerArgs.push("-e", "HOME=/root");
   }
@@ -6868,8 +7008,8 @@ var GeminiTransport$1 = /*#__PURE__*/Object.freeze({
 });
 
 const execFileAsync = promisify$1(execFile$1);
-const SVAMP_TOOLS_DIR = join$1(homedir(), ".svamp", "tools");
-const SVAMP_BIN_DIR = join$1(SVAMP_TOOLS_DIR, "bin");
+const SVAMP_TOOLS_DIR = join(homedir(), ".svamp", "tools");
+const SVAMP_BIN_DIR = join(SVAMP_TOOLS_DIR, "bin");
 async function checkCommand(command, versionArgs) {
   try {
     const { stdout } = await execFileAsync(command, versionArgs, {
@@ -6879,7 +7019,7 @@ async function checkCommand(command, versionArgs) {
     return { found: true, version, path: command };
   } catch {
   }
-  const localPath = join$1(SVAMP_BIN_DIR, command);
+  const localPath = join(SVAMP_BIN_DIR, command);
   try {
     const { stdout } = await execFileAsync(localPath, versionArgs, {
       timeout: 5e3
@@ -6946,7 +7086,7 @@ async function installNono() {
     const downloadUrl = asset.browser_download_url;
     console.log(`[isolation] Downloading nono ${version} from ${downloadUrl}...`);
     await mkdir(SVAMP_BIN_DIR, { recursive: true });
-    const tarball = join$1(SVAMP_BIN_DIR, assetName);
+    const tarball = join(SVAMP_BIN_DIR, assetName);
     await execFileAsync("curl", [
       "-fsSL",
       "-o",
@@ -6963,7 +7103,7 @@ async function installNono() {
     ], { timeout: 15e3 });
     await rm(tarball, { force: true }).catch(() => {
     });
-    const nonoPath = join$1(SVAMP_BIN_DIR, "nono");
+    const nonoPath = join(SVAMP_BIN_DIR, "nono");
     await chmod(nonoPath, 493);
     try {
       await access(nonoPath);
@@ -7005,8 +7145,8 @@ async function parseIsolationTestOutput(stdout, probeFile) {
 }
 async function verifyNonoIsolation(binaryPath) {
   const testBase = "/tmp";
-  const workDir = await mkdtemp(join$1(testBase, "svamp-iso-work-"));
-  const probeFile = join$1(homedir(), `.svamp-iso-probe-${process.pid}`);
+  const workDir = await mkdtemp(join(testBase, "svamp-iso-work-"));
+  const probeFile = join(homedir(), `.svamp-iso-probe-${process.pid}`);
   try {
     const testScript = [
       `echo ok > "${workDir}/test" 2>/dev/null; W=$?`,
@@ -7132,7 +7272,7 @@ async function detectIsolationCapabilities() {
   return { available, preferred, details };
 }
 
-const STAGED_HOMES_DIR = join$1(homedir(), ".svamp", "staged-homes");
+const STAGED_HOMES_DIR = join(homedir(), ".svamp", "staged-homes");
 const SENSITIVE_ENV_VARS = [
   "HYPHA_TOKEN",
   "HYPHA_CLIENT_ID",
@@ -7148,23 +7288,23 @@ const SENSITIVE_ENV_VARS = [
 ];
 async function stageCredentialsForSharing(sessionId) {
   const realHome = homedir();
-  const realClaudeDir = join$1(realHome, ".claude");
+  const realClaudeDir = join(realHome, ".claude");
   await mkdir(STAGED_HOMES_DIR, { recursive: true });
-  const tmpHome = join$1(STAGED_HOMES_DIR, sessionId);
+  const tmpHome = join(STAGED_HOMES_DIR, sessionId);
   await mkdir(tmpHome, { recursive: true });
-  const stagedClaudeDir = join$1(tmpHome, ".claude");
+  const stagedClaudeDir = join(tmpHome, ".claude");
   await mkdir(stagedClaudeDir, { recursive: true });
   const credentialFiles = ["credentials.json", ".credentials.json"];
   let credentialsCopied = false;
   for (const file of credentialFiles) {
     try {
-      await copyFile(join$1(realClaudeDir, file), join$1(stagedClaudeDir, file));
+      await copyFile(join(realClaudeDir, file), join(stagedClaudeDir, file));
       credentialsCopied = true;
     } catch {
     }
   }
   if (!credentialsCopied && platform() === "darwin") {
-    const stagedCredFile = join$1(stagedClaudeDir, ".credentials.json");
+    const stagedCredFile = join(stagedClaudeDir, ".credentials.json");
     const hasExistingCredentials = existsSync(stagedCredFile);
     if (!hasExistingCredentials) {
       try {
@@ -7182,25 +7322,25 @@ async function stageCredentialsForSharing(sessionId) {
     }
   }
   try {
-    await copyFile(join$1(realHome, ".gitconfig"), join$1(tmpHome, ".gitconfig"));
+    await copyFile(join(realHome, ".gitconfig"), join(tmpHome, ".gitconfig"));
   } catch {
   }
   try {
     await copyFile(
-      join$1(realHome, ".gitignore_global"),
-      join$1(tmpHome, ".gitignore_global")
+      join(realHome, ".gitignore_global"),
+      join(tmpHome, ".gitignore_global")
     );
   } catch {
   }
-  const claudeJsonPath = join$1(tmpHome, ".claude.json");
+  const claudeJsonPath = join(tmpHome, ".claude.json");
   if (!existsSync(claudeJsonPath)) {
     try {
       await writeFile(claudeJsonPath, "{}");
     } catch {
     }
   }
-  const realSkillsDir = join$1(realClaudeDir, "skills");
-  const stagedSkillsDir = join$1(stagedClaudeDir, "skills");
+  const realSkillsDir = join(realClaudeDir, "skills");
+  const stagedSkillsDir = join(stagedClaudeDir, "skills");
   try {
     await copyDirRecursive(realSkillsDir, stagedSkillsDir);
   } catch {
@@ -7234,7 +7374,7 @@ async function sweepOrphanedStagedHomes(activeSessionIds) {
   for (const entry of entries) {
     if (!entry.isDirectory()) continue;
     if (active.has(entry.name)) continue;
-    const path = join$1(STAGED_HOMES_DIR, entry.name);
+    const path = join(STAGED_HOMES_DIR, entry.name);
     try {
       await rm(path, { recursive: true, force: true });
       removed.push(entry.name);
@@ -7249,8 +7389,8 @@ async function copyDirRecursive(src, dest) {
   await mkdir(dest, { recursive: true });
   const entries = await readdir(src, { withFileTypes: true });
   for (const entry of entries) {
-    const srcPath = join$1(src, entry.name);
-    const destPath = join$1(dest, entry.name);
+    const srcPath = join(src, entry.name);
+    const destPath = join(dest, entry.name);
     if (entry.isDirectory()) {
       await copyDirRecursive(srcPath, destPath);
     } else if (entry.isFile()) {
@@ -7302,8 +7442,8 @@ function resolveHyphaProxyUrl() {
   }
 }
 function envFilePath() {
-  const svampHome = process.env.SVAMP_HOME || join$1(homedir(), ".svamp");
-  return join$1(svampHome, ".env");
+  const svampHome = process.env.SVAMP_HOME || join(homedir(), ".svamp");
+  return join(svampHome, ".env");
 }
 function readEnvLines() {
   const file = envFilePath();
@@ -7312,12 +7452,12 @@ function readEnvLines() {
 }
 function writeEnvLines(lines) {
   const file = envFilePath();
-  const dir = join$1(file, "..");
-  if (!existsSync(dir)) mkdirSync$1(dir, { recursive: true });
+  const dir = join(file, "..");
+  if (!existsSync(dir)) mkdirSync(dir, { recursive: true });
   while (lines.length > 0 && lines[lines.length - 1].trim() === "") {
     lines.pop();
   }
-  writeFileSync$1(file, lines.join("\n") + "\n", "utf-8");
+  writeFileSync(file, lines.join("\n") + "\n", "utf-8");
 }
 function updateEnvFile(updates) {
   const lines = readEnvLines();
@@ -7468,10 +7608,10 @@ var claudeAuth = /*#__PURE__*/Object.freeze({
 });
 
 function svampHome() {
-  return process.env.SVAMP_HOME || join(homedir$1(), ".svamp");
+  return process.env.SVAMP_HOME || join$1(homedir$1(), ".svamp");
 }
 function cacheFile() {
-  return join(svampHome(), "instance-config.json");
+  return join$1(svampHome(), "instance-config.json");
 }
 const CONFIG_FILENAME = "svamp.json";
 let _config = null;
@@ -7514,8 +7654,8 @@ function readCache() {
 }
 function writeCache(cfg) {
   try {
-    mkdirSync(svampHome(), { recursive: true });
-    writeFileSync(cacheFile(), JSON.stringify(cfg, null, 2) + "\n", "utf-8");
+    mkdirSync$1(svampHome(), { recursive: true });
+    writeFileSync$1(cacheFile(), JSON.stringify(cfg, null, 2) + "\n", "utf-8");
   } catch {
   }
 }
@@ -8033,7 +8173,7 @@ function escapeHtml(s) {
   return s.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&#39;");
 }
 
-const SKILLS_DIR = join(os$1.homedir(), ".claude", "skills");
+const SKILLS_DIR = join$1(os$1.homedir(), ".claude", "skills");
 function getSkillsWorkspaceName() {
   return getSkillsWorkspace();
 }
@@ -8764,7 +8904,7 @@ const REFRESH_BUFFER_MS = 60 * 60 * 1e3;
 const OAUTH_CHECK_INTERVAL_MS = 5 * 60 * 1e3;
 const REFRESH_TIMEOUT_MS = 15e3;
 function getCredentialsPath() {
-  return join$1(homedir(), ".claude", ".credentials.json");
+  return join(homedir(), ".claude", ".credentials.json");
 }
 async function readCredentials() {
   const path = getCredentialsPath();
@@ -8925,14 +9065,14 @@ function resolveContextWindow(opts) {
   return candidate;
 }
 
-const SVAMP_HOME$1 = process.env.SVAMP_HOME || join$1(os.homedir(), ".svamp");
+const SVAMP_HOME$1 = process.env.SVAMP_HOME || join(os.homedir(), ".svamp");
 function generateHookSettings(portOrOptions = {}) {
   const opts = typeof portOrOptions === "number" ? { sessionStartPort: portOrOptions } : portOrOptions;
-  const hooksDir = join$1(SVAMP_HOME$1, "tmp", "hooks");
-  mkdirSync$1(hooksDir, { recursive: true });
+  const hooksDir = join(SVAMP_HOME$1, "tmp", "hooks");
+  mkdirSync(hooksDir, { recursive: true });
   const id = opts.id || String(process.pid);
-  const validatorPath = join$1(hooksDir, `image-validator-${id}.cjs`);
-  writeFileSync$1(validatorPath, IMAGE_VALIDATOR_SCRIPT, { mode: 493 });
+  const validatorPath = join(hooksDir, `image-validator-${id}.cjs`);
+  writeFileSync(validatorPath, IMAGE_VALIDATOR_SCRIPT, { mode: 493 });
   const cleanupPaths = [validatorPath];
   const hooks = {
     PreToolUse: [
@@ -8949,7 +9089,7 @@ function generateHookSettings(portOrOptions = {}) {
     ]
   };
   if (typeof opts.sessionStartPort === "number" && opts.sessionStartPort > 0) {
-    const forwarderPath = join$1(hooksDir, `forwarder-${id}.cjs`);
+    const forwarderPath = join(hooksDir, `forwarder-${id}.cjs`);
     const forwarderCode = `#!/usr/bin/env node
 const http = require('http');
 const port = parseInt(process.argv[2], 10);
@@ -8968,7 +9108,7 @@ process.stdin.on('end', () => {
 });
 process.stdin.resume();
 `;
-    writeFileSync$1(forwarderPath, forwarderCode, { mode: 493 });
+    writeFileSync(forwarderPath, forwarderCode, { mode: 493 });
     cleanupPaths.push(forwarderPath);
     hooks.SessionStart = [
       {
@@ -8982,8 +9122,8 @@ process.stdin.resume();
       }
     ];
   }
-  const settingsPath = join$1(hooksDir, `session-hook-${id}.json`);
-  writeFileSync$1(settingsPath, JSON.stringify({ hooks }, null, 2));
+  const settingsPath = join(hooksDir, `session-hook-${id}.json`);
+  writeFileSync(settingsPath, JSON.stringify({ hooks }, null, 2));
   cleanupPaths.push(settingsPath);
   const cleanup = () => {
     for (const p of cleanupPaths) {
@@ -9145,7 +9285,7 @@ async function readSessionFileBase64(resolvedPath) {
 
 const __filename$1 = fileURLToPath(import.meta.url);
 const __dirname$1 = dirname(__filename$1);
-const CLAUDE_SKILLS_DIR = join(os$1.homedir(), ".claude", "skills");
+const CLAUDE_SKILLS_DIR = join$1(os$1.homedir(), ".claude", "skills");
 function looksLikeClaudeError(line) {
   const l = line.toLowerCase();
   return l.includes("api error") || l.includes("request rejected") || l.includes("error:") || l.includes("overloaded") || l.includes("rate limit") || l.includes("unauthorized") || l.includes("forbidden") || /\b(4\d\d|5\d\d)\b/.test(l) && (l.includes("status") || l.includes("error") || l.includes("rejected"));
@@ -9185,7 +9325,7 @@ function buildClaudeErrorHint(text, apiErrorStatus) {
 }
 function readSkillVersion(skillDir) {
   try {
-    const md = readFileSync$1(join(skillDir, "SKILL.md"), "utf-8");
+    const md = readFileSync$1(join$1(skillDir, "SKILL.md"), "utf-8");
     const m = md.match(/^---\s*\n([\s\S]*?)\n---/);
     if (!m) return null;
     const versionLine = m[1].split("\n").find((l) => /^\s*version\s*:/.test(l));
@@ -9211,18 +9351,18 @@ async function installSkillFromEndpoint(name, baseUrl) {
   const index = await resp.json();
   const files = index.files || [];
   if (files.length === 0) throw new Error(`Skill index at ${baseUrl} has no files`);
-  const targetDir = join(CLAUDE_SKILLS_DIR, name);
-  mkdirSync(targetDir, { recursive: true });
+  const targetDir = join$1(CLAUDE_SKILLS_DIR, name);
+  mkdirSync$1(targetDir, { recursive: true });
   for (const filePath of files) {
     if (!filePath) continue;
     const url = `${baseUrl}${filePath}`;
     const fileResp = await fetch(url, { signal: AbortSignal.timeout(3e4) });
     if (!fileResp.ok) throw new Error(`Failed to download ${filePath}: HTTP ${fileResp.status}`);
     const content = await fileResp.text();
-    const localPath = join(targetDir, filePath);
+    const localPath = join$1(targetDir, filePath);
     if (!localPath.startsWith(targetDir + "/")) continue;
-    mkdirSync(dirname(localPath), { recursive: true });
-    writeFileSync(localPath, content, "utf-8");
+    mkdirSync$1(dirname(localPath), { recursive: true });
+    writeFileSync$1(localPath, content, "utf-8");
   }
 }
 async function installSkillFromMarketplace(name) {
@@ -9246,26 +9386,26 @@ async function installSkillFromMarketplace(name) {
   }
   const files = await collectFiles();
   if (files.length === 0) throw new Error(`Skill ${name} has no files in marketplace`);
-  const targetDir = join(CLAUDE_SKILLS_DIR, name);
-  mkdirSync(targetDir, { recursive: true });
+  const targetDir = join$1(CLAUDE_SKILLS_DIR, name);
+  mkdirSync$1(targetDir, { recursive: true });
   for (const filePath of files) {
     const url = `${BASE}/files/${filePath}`;
     const resp = await fetch(url, { signal: AbortSignal.timeout(3e4) });
     if (!resp.ok) throw new Error(`Failed to download ${filePath}: HTTP ${resp.status}`);
     const content = await resp.text();
-    const localPath = join(targetDir, filePath);
+    const localPath = join$1(targetDir, filePath);
     if (!localPath.startsWith(targetDir + "/")) continue;
-    mkdirSync(dirname(localPath), { recursive: true });
-    writeFileSync(localPath, content, "utf-8");
+    mkdirSync$1(dirname(localPath), { recursive: true });
+    writeFileSync$1(localPath, content, "utf-8");
   }
 }
 function getBundledSkillsDir() {
   try {
     const here = fileURLToPath(import.meta.url);
     const candidates = [
-      join(dirname(here), "..", "bin", "skills"),
+      join$1(dirname(here), "..", "bin", "skills"),
       // built dist/ layout
-      join(dirname(here), "..", "..", "bin", "skills")
+      join$1(dirname(here), "..", "..", "bin", "skills")
       // src/daemon → bin layout via tsx
     ];
     for (const c of candidates) {
@@ -9278,17 +9418,17 @@ function getBundledSkillsDir() {
 function installBundledSkill(name) {
   const bundledDir = getBundledSkillsDir();
   if (!bundledDir) throw new Error(`Bundled skills directory not found`);
-  const src = join(bundledDir, name);
+  const src = join$1(bundledDir, name);
   if (!existsSync$1(src)) throw new Error(`Bundled skill not found: ${src}`);
-  const dst = join(CLAUDE_SKILLS_DIR, name);
-  mkdirSync(dst, { recursive: true });
+  const dst = join$1(CLAUDE_SKILLS_DIR, name);
+  mkdirSync$1(dst, { recursive: true });
   function copyDir(s, d) {
-    mkdirSync(d, { recursive: true });
+    mkdirSync$1(d, { recursive: true });
     for (const entry of readdirSync$1(s, { withFileTypes: true })) {
-      const sp = join(s, entry.name);
-      const dp = join(d, entry.name);
+      const sp = join$1(s, entry.name);
+      const dp = join$1(d, entry.name);
       if (entry.isDirectory()) copyDir(sp, dp);
-      else if (entry.isFile()) writeFileSync(dp, readFileSync$1(sp));
+      else if (entry.isFile()) writeFileSync$1(dp, readFileSync$1(sp));
     }
   }
   copyDir(src, dst);
@@ -9296,7 +9436,7 @@ function installBundledSkill(name) {
 function readBundledSkillVersion(name) {
   const bundledDir = getBundledSkillsDir();
   if (!bundledDir) return null;
-  return readSkillVersion(join(bundledDir, name));
+  return readSkillVersion(join$1(bundledDir, name));
 }
 function preventMachineSleep(logger) {
   if (process.platform === "darwin") {
@@ -9404,7 +9544,7 @@ async function ensureAutoInstalledSkills(logger) {
     }
   ];
   for (const task of tasks) {
-    const targetDir = join(CLAUDE_SKILLS_DIR, task.name);
+    const targetDir = join$1(CLAUDE_SKILLS_DIR, task.name);
     const installed = existsSync$1(targetDir);
     if (!installed) {
       try {
@@ -9445,20 +9585,20 @@ function loadEnvFile(path) {
   return true;
 }
 function loadDotEnv() {
-  const svampEnv = join(process.env.SVAMP_HOME || os$1.homedir() + "/.svamp", ".env");
+  const svampEnv = join$1(process.env.SVAMP_HOME || os$1.homedir() + "/.svamp", ".env");
   if (!loadEnvFile(svampEnv)) {
-    const hyphaEnv = join(process.env.HYPHA_HOME || os$1.homedir() + "/.hypha", ".env");
+    const hyphaEnv = join$1(process.env.HYPHA_HOME || os$1.homedir() + "/.hypha", ".env");
     loadEnvFile(hyphaEnv);
   }
 }
 loadDotEnv();
-const SVAMP_HOME = process.env.SVAMP_HOME || join(os$1.homedir(), ".svamp");
-const DAEMON_STATE_FILE = join(SVAMP_HOME, "daemon.state.json");
-const DAEMON_LOCK_FILE = join(SVAMP_HOME, "daemon.lock");
-const DAEMON_STOP_MARKER_FILE = join(SVAMP_HOME, "daemon.stop");
+const SVAMP_HOME = process.env.SVAMP_HOME || join$1(os$1.homedir(), ".svamp");
+const DAEMON_STATE_FILE = join$1(SVAMP_HOME, "daemon.state.json");
+const DAEMON_LOCK_FILE = join$1(SVAMP_HOME, "daemon.lock");
+const DAEMON_STOP_MARKER_FILE = join$1(SVAMP_HOME, "daemon.stop");
 function writeStopMarker(reason) {
   try {
-    writeFileSync(DAEMON_STOP_MARKER_FILE, `${(/* @__PURE__ */ new Date()).toISOString()} ${reason}
+    writeFileSync$1(DAEMON_STOP_MARKER_FILE, `${(/* @__PURE__ */ new Date()).toISOString()} ${reason}
 `, "utf-8");
   } catch {
   }
@@ -9476,11 +9616,11 @@ function stopMarkerExists() {
     return false;
   }
 }
-const LOGS_DIR = join(SVAMP_HOME, "logs");
-const SESSION_INDEX_FILE = join(SVAMP_HOME, "sessions-index.json");
+const LOGS_DIR = join$1(SVAMP_HOME, "logs");
+const SESSION_INDEX_FILE = join$1(SVAMP_HOME, "sessions-index.json");
 function readPackageVersion() {
   try {
-    const pkgPath = join(__dirname$1, "../package.json");
+    const pkgPath = join$1(__dirname$1, "../package.json");
     if (existsSync$1(pkgPath)) {
       return JSON.parse(readFileSync$1(pkgPath, "utf-8")).version || "unknown";
     }
@@ -9490,7 +9630,7 @@ function readPackageVersion() {
 }
 const DAEMON_VERSION = readPackageVersion();
 function loadAgentConfig() {
-  const configPath = join(SVAMP_HOME, "agent-config.json");
+  const configPath = join$1(SVAMP_HOME, "agent-config.json");
   if (existsSync$1(configPath)) {
     try {
       return JSON.parse(readFileSync$1(configPath, "utf-8"));
@@ -9501,19 +9641,19 @@ function loadAgentConfig() {
   return {};
 }
 function getSessionSvampDir(directory) {
-  return join(directory, ".svamp");
+  return join$1(directory, ".svamp");
 }
 function getSessionDir(directory, sessionId) {
-  return join(getSessionSvampDir(directory), sessionId);
+  return join$1(getSessionSvampDir(directory), sessionId);
 }
 function getSessionFilePath(directory, sessionId) {
-  return join(getSessionDir(directory, sessionId), "session.json");
+  return join$1(getSessionDir(directory, sessionId), "session.json");
 }
 function getSessionMessagesPath(directory, sessionId) {
-  return join(getSessionDir(directory, sessionId), "messages.jsonl");
+  return join$1(getSessionDir(directory, sessionId), "messages.jsonl");
 }
 function getSvampConfigPath(directory, sessionId) {
-  return join(getSessionDir(directory, sessionId), "config.json");
+  return join$1(getSessionDir(directory, sessionId), "config.json");
 }
 function readSvampConfig(configPath) {
   try {
@@ -9523,19 +9663,19 @@ function readSvampConfig(configPath) {
   return {};
 }
 function writeSvampConfig(configPath, config) {
-  mkdirSync(dirname(configPath), { recursive: true });
+  mkdirSync$1(dirname(configPath), { recursive: true });
   const content = JSON.stringify(config, null, 2);
   const tmpPath = configPath + ".tmp";
-  writeFileSync(tmpPath, content);
-  renameSync(tmpPath, configPath);
+  writeFileSync$1(tmpPath, content);
+  renameSync$1(tmpPath, configPath);
   return content;
 }
 function getLoopDir(directory) {
-  return join(directory, ".claude", "loop");
+  return join$1(directory, ".claude", "loop");
 }
 function readLoopState(directory) {
   try {
-    const p = join(getLoopDir(directory), "loop-state.json");
+    const p = join$1(getLoopDir(directory), "loop-state.json");
     if (!existsSync$1(p)) return null;
     return JSON.parse(readFileSync$1(p, "utf-8"));
   } catch {
@@ -9559,8 +9699,8 @@ function isLoopActiveForSession(directory, sessionId) {
 }
 function resolveLoopInit() {
   const candidates = [
-    join(CLAUDE_SKILLS_DIR, "loop", "bin", "loop-init.mjs"),
-    ...getBundledSkillsDir() ? [join(getBundledSkillsDir(), "loop", "bin", "loop-init.mjs")] : []
+    join$1(CLAUDE_SKILLS_DIR, "loop", "bin", "loop-init.mjs"),
+    ...getBundledSkillsDir() ? [join$1(getBundledSkillsDir(), "loop", "bin", "loop-init.mjs")] : []
   ];
   for (const c of candidates) if (existsSync$1(c)) return c;
   return null;
@@ -9580,14 +9720,14 @@ function initLoop(directory, cfg) {
 }
 function deactivateLoop(directory) {
   try {
-    const p = join(getLoopDir(directory), "loop-state.json");
+    const p = join$1(getLoopDir(directory), "loop-state.json");
     if (!existsSync$1(p)) return;
     const s = JSON.parse(readFileSync$1(p, "utf-8"));
     s.active = false;
     s.phase = "cancelled";
     const tmp = p + ".tmp";
-    writeFileSync(tmp, JSON.stringify(s, null, 2));
-    renameSync(tmp, p);
+    writeFileSync$1(tmp, JSON.stringify(s, null, 2));
+    renameSync$1(tmp, p);
   } catch {
   }
 }
@@ -9725,7 +9865,7 @@ function createSvampConfigChecker(directory, sessionId, getMetadata, setMetadata
   let watcher = null;
   try {
     const configDir = dirname(configPath);
-    mkdirSync(configDir, { recursive: true });
+    mkdirSync$1(configDir, { recursive: true });
     watcher = watch(configDir, (eventType, filename) => {
       if (filename === "config.json") configChecker();
     });
@@ -9751,18 +9891,18 @@ function loadSessionIndex() {
 }
 function saveSessionIndex(index) {
   const tmp = SESSION_INDEX_FILE + ".tmp";
-  writeFileSync(tmp, JSON.stringify(index, null, 2), "utf-8");
-  renameSync(tmp, SESSION_INDEX_FILE);
+  writeFileSync$1(tmp, JSON.stringify(index, null, 2), "utf-8");
+  renameSync$1(tmp, SESSION_INDEX_FILE);
 }
 function saveSession(session) {
   const sessionDir = getSessionDir(session.directory, session.sessionId);
   if (!existsSync$1(sessionDir)) {
-    mkdirSync(sessionDir, { recursive: true });
+    mkdirSync$1(sessionDir, { recursive: true });
   }
   const filePath = getSessionFilePath(session.directory, session.sessionId);
   const tmpPath = filePath + ".tmp";
-  writeFileSync(tmpPath, JSON.stringify(session, null, 2), "utf-8");
-  renameSync(tmpPath, filePath);
+  writeFileSync$1(tmpPath, JSON.stringify(session, null, 2), "utf-8");
+  renameSync$1(tmpPath, filePath);
   const index = loadSessionIndex();
   index[session.sessionId] = { directory: session.directory, createdAt: session.createdAt };
   saveSessionIndex(index);
@@ -9806,8 +9946,8 @@ function markSessionAsArchived(sessionId) {
     if (data.stopped === true) return true;
     data.stopped = true;
     const tmpPath = filePath + ".tmp";
-    writeFileSync(tmpPath, JSON.stringify(data, null, 2), "utf-8");
-    renameSync(tmpPath, filePath);
+    writeFileSync$1(tmpPath, JSON.stringify(data, null, 2), "utf-8");
+    renameSync$1(tmpPath, filePath);
     return true;
   } catch {
     return false;
@@ -9824,8 +9964,8 @@ function clearSessionArchivedFlag(sessionId) {
     if (data.stopped) {
       delete data.stopped;
       const tmpPath = filePath + ".tmp";
-      writeFileSync(tmpPath, JSON.stringify(data, null, 2), "utf-8");
-      renameSync(tmpPath, filePath);
+      writeFileSync$1(tmpPath, JSON.stringify(data, null, 2), "utf-8");
+      renameSync$1(tmpPath, filePath);
     }
     return data;
   } catch {
@@ -9857,15 +9997,15 @@ function loadPersistedSessions() {
 }
 function ensureHomeDir() {
   if (!existsSync$1(SVAMP_HOME)) {
-    mkdirSync(SVAMP_HOME, { recursive: true });
+    mkdirSync$1(SVAMP_HOME, { recursive: true });
   }
   if (!existsSync$1(LOGS_DIR)) {
-    mkdirSync(LOGS_DIR, { recursive: true });
+    mkdirSync$1(LOGS_DIR, { recursive: true });
   }
 }
 function createLogger() {
   ensureHomeDir();
-  const logFile = join(LOGS_DIR, `daemon-${(/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-")}.log`);
+  const logFile = join$1(LOGS_DIR, `daemon-${(/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-")}.log`);
   return {
     logFilePath: logFile,
     log: (...args) => {
@@ -9889,8 +10029,8 @@ function createLogger() {
 function writeDaemonStateFile(state) {
   ensureHomeDir();
   const tmpPath = DAEMON_STATE_FILE + ".tmp";
-  writeFileSync(tmpPath, JSON.stringify(state, null, 2), "utf-8");
-  renameSync(tmpPath, DAEMON_STATE_FILE);
+  writeFileSync$1(tmpPath, JSON.stringify(state, null, 2), "utf-8");
+  renameSync$1(tmpPath, DAEMON_STATE_FILE);
 }
 function readDaemonStateFile() {
   try {
@@ -10089,7 +10229,7 @@ async function startDaemon(options) {
     logger.log('Warning: No HYPHA_TOKEN set. Run "svamp login" to authenticate.');
     logger.log("Connecting anonymously...");
   }
-  const machineIdFile = join(SVAMP_HOME, "machine-id");
+  const machineIdFile = join$1(SVAMP_HOME, "machine-id");
   let machineId = process.env.SVAMP_MACHINE_ID;
   if (!machineId) {
     if (existsSync$1(machineIdFile)) {
@@ -10098,7 +10238,7 @@ async function startDaemon(options) {
     if (!machineId) {
       machineId = `machine-${os$1.hostname()}-${randomUUID$1().slice(0, 8)}`;
       try {
-        writeFileSync(machineIdFile, machineId, "utf-8");
+        writeFileSync$1(machineIdFile, machineId, "utf-8");
       } catch {
       }
     }
@@ -10108,10 +10248,10 @@ async function startDaemon(options) {
   logger.log(`  Workspace: ${hyphaWorkspace || "(default)"}`);
   logger.log(`  Machine ID: ${machineId}`);
   let server = null;
-  const supervisor = new ProcessSupervisor(join(SVAMP_HOME, "processes"));
+  const supervisor = new ProcessSupervisor(join$1(SVAMP_HOME, "processes"));
   await supervisor.init();
   const tunnels = /* @__PURE__ */ new Map();
-  const EXPOSED_TUNNELS_FILE = join(SVAMP_HOME, "exposed-tunnels.json");
+  const EXPOSED_TUNNELS_FILE = join$1(SVAMP_HOME, "exposed-tunnels.json");
   function loadExposedTunnels() {
     try {
       if (!existsSync$1(EXPOSED_TUNNELS_FILE)) return [];
@@ -10124,8 +10264,8 @@ async function startDaemon(options) {
   }
   function saveExposedTunnels(specs) {
     try {
-      mkdirSync(SVAMP_HOME, { recursive: true });
-      writeFileSync(EXPOSED_TUNNELS_FILE, JSON.stringify({ tunnels: specs }, null, 2));
+      mkdirSync$1(SVAMP_HOME, { recursive: true });
+      writeFileSync$1(EXPOSED_TUNNELS_FILE, JSON.stringify({ tunnels: specs }, null, 2));
     } catch (err) {
       logger.log(`[exposed-tunnels] Persist failed: ${err.message}`);
     }
@@ -10139,7 +10279,7 @@ async function startDaemon(options) {
     const list = loadExposedTunnels().filter((t) => t.name !== name);
     saveExposedTunnels(list);
   }
-  const { ServeManager } = await import('./serveManager-D6lGn8jh.mjs');
+  const { ServeManager } = await import('./serveManager-Drl0uy6Z.mjs');
   const serveManager = new ServeManager(SVAMP_HOME, (msg) => logger.log(`[SERVE] ${msg}`), hyphaServerUrl);
   ensureAutoInstalledSkills(logger).catch(() => {
   });
@@ -10330,8 +10470,8 @@ async function startDaemon(options) {
           machineId,
           homeDir: os$1.homedir(),
           svampHomeDir: SVAMP_HOME,
-          svampLibDir: join(__dirname$1, ".."),
-          svampToolsDir: join(__dirname$1, "..", "tools"),
+          svampLibDir: join$1(__dirname$1, ".."),
+          svampToolsDir: join$1(__dirname$1, "..", "tools"),
           startedFromDaemon: true,
           startedBy: "daemon",
           lifecycleState: resumeSessionId ? "idle" : "starting",
@@ -10438,7 +10578,7 @@ async function startDaemon(options) {
         if (persisted && persisted.sessionId !== sessionId) {
           const oldDir = persisted.directory || directory;
           const newSessionDir = getSessionDir(directory, sessionId);
-          if (!existsSync$1(newSessionDir)) mkdirSync(newSessionDir, { recursive: true });
+          if (!existsSync$1(newSessionDir)) mkdirSync$1(newSessionDir, { recursive: true });
           const oldMsgFile = getSessionMessagesPath(oldDir, persisted.sessionId);
           const newMsgFile = getSessionMessagesPath(directory, sessionId);
           try {
@@ -11562,7 +11702,7 @@ ${capturedError}${buildClaudeErrorHint(capturedError)}`;
                     const children = [];
                     await Promise.all(entries.map(async (entry) => {
                       if (entry.isSymbolicLink()) return;
-                      const childPath = join(p, entry.name);
+                      const childPath = join$1(p, entry.name);
                       const childNode = await buildTree(childPath, entry.name, depth + 1);
                       if (childNode) children.push(childNode);
                     }));
@@ -11725,8 +11865,8 @@ ${capturedError}${buildClaudeErrorHint(capturedError)}`;
           machineId,
           homeDir: os$1.homedir(),
           svampHomeDir: SVAMP_HOME,
-          svampLibDir: join(__dirname$1, ".."),
-          svampToolsDir: join(__dirname$1, "..", "tools"),
+          svampLibDir: join$1(__dirname$1, ".."),
+          svampToolsDir: join$1(__dirname$1, "..", "tools"),
           startedFromDaemon: true,
           startedBy: "daemon",
           lifecycleState: "starting",
@@ -12031,7 +12171,7 @@ ${capturedError}${buildClaudeErrorHint(capturedError)}`;
                     const children = [];
                     await Promise.all(entries.map(async (entry) => {
                       if (entry.isSymbolicLink()) return;
-                      const childPath = join(p, entry.name);
+                      const childPath = join$1(p, entry.name);
                       const childNode = await buildTree(childPath, entry.name, depth + 1);
                       if (childNode) children.push(childNode);
                     }));
@@ -12267,8 +12407,20 @@ ${capturedError}${buildClaudeErrorHint(capturedError)}`;
     };
     const archiveSession = (sessionId) => {
       logger.log(`Archiving session: ${sessionId}`);
+      let loopDir;
+      for (const s of pidToTrackedSession.values()) {
+        if (s.svampSessionId === sessionId) {
+          loopDir = s.directory;
+          break;
+        }
+      }
+      if (!loopDir) loopDir = loadSessionIndex()[sessionId]?.directory;
       const wasInMemory = teardownTrackedSession(sessionId);
       const markedArchived = markSessionAsArchived(sessionId);
+      if (loopDir && isLoopActiveForSession(loopDir, sessionId)) {
+        deactivateLoop(loopDir);
+        logger.log(`Deactivated loop for archived session ${sessionId}`);
+      }
       if (wasInMemory || markedArchived) {
         logger.log(`Session ${sessionId} archived (inMemory=${wasInMemory}, persisted=${markedArchived})`);
         return true;
@@ -12312,8 +12464,19 @@ ${capturedError}${buildClaudeErrorHint(capturedError)}`;
     };
     const deleteSession = (sessionId) => {
       logger.log(`Deleting session: ${sessionId}`);
+      let loopDir;
+      for (const s of pidToTrackedSession.values()) {
+        if (s.svampSessionId === sessionId) {
+          loopDir = s.directory;
+          break;
+        }
+      }
+      if (!loopDir) loopDir = loadSessionIndex()[sessionId]?.directory;
       teardownTrackedSession(sessionId);
       deletePersistedSession(sessionId);
+      if (loopDir && isLoopActiveForSession(loopDir, sessionId)) {
+        deactivateLoop(loopDir);
+      }
       logger.log(`Session ${sessionId} deleted`);
       return true;
     };
@@ -12370,7 +12533,7 @@ ${capturedError}${buildClaudeErrorHint(capturedError)}`;
       svampVersion: "0.1.0 (hypha)",
       homeDir: defaultHomeDir,
       svampHomeDir: SVAMP_HOME,
-      svampLibDir: join(__dirname$1, ".."),
+      svampLibDir: join$1(__dirname$1, ".."),
       displayName: process.env.SVAMP_DISPLAY_NAME || void 0,
       isolationCapabilities,
       // Restore persisted sharing (possibly augmented with --share seed above),
@@ -12439,7 +12602,7 @@ ${capturedError}${buildClaudeErrorHint(capturedError)}`;
     const channelHttpPort = Number(process.env.SVAMP_CHANNEL_HTTP_PORT) || 0;
     if (channelHttpPort > 0) {
       try {
-        const { createChannelHttpServer } = await import('./httpServer-D9qLS8ed.mjs');
+        const { createChannelHttpServer } = await import('./httpServer-CWn3F-0t.mjs');
         const channelHttpServer = createChannelHttpServer({
           getSessionIds: () => {
             const ids = [];
@@ -12460,7 +12623,7 @@ ${capturedError}${buildClaudeErrorHint(capturedError)}`;
       const specs = loadExposedTunnels();
       if (specs.length === 0) return;
       logger.log(`[exposed-tunnels] Restoring ${specs.length} tunnel(s) from ${EXPOSED_TUNNELS_FILE}`);
-      const { FrpcTunnel } = await import('./frpc-Dn5pmk_f.mjs');
+      const { FrpcTunnel } = await import('./frpc-CG7J02Ft.mjs');
       for (const spec of specs) {
         if (tunnels.has(spec.name)) continue;
         try {
@@ -12924,8 +13087,8 @@ ${capturedError}${buildClaudeErrorHint(capturedError)}`;
               if (existsSync$1(filePath)) {
                 const data = JSON.parse(readFileSync$1(filePath, "utf-8"));
                 const tmpPath = filePath + ".tmp";
-                writeFileSync(tmpPath, JSON.stringify({ ...data, stopped: true }, null, 2), "utf-8");
-                renameSync(tmpPath, filePath);
+                writeFileSync$1(tmpPath, JSON.stringify({ ...data, stopped: true }, null, 2), "utf-8");
+                renameSync$1(tmpPath, filePath);
                 markedCount++;
               }
             } catch {
@@ -12988,7 +13151,7 @@ async function stopDaemon(options) {
   const mode = options?.cleanup ? "cleanup (sessions will be stopped)" : "quick (sessions preserved for auto-restore)";
   writeStopMarker(`stopDaemon (${options?.cleanup ? "cleanup" : "quick"})`);
   const pidsToSignal = [];
-  const supervisorPidFile = join(SVAMP_HOME, "supervisor.pid");
+  const supervisorPidFile = join$1(SVAMP_HOME, "supervisor.pid");
   try {
     if (existsSync$1(supervisorPidFile)) {
       const supervisorPid = parseInt(readFileSync$1(supervisorPidFile, "utf-8").trim(), 10);
@@ -13093,7 +13256,7 @@ async function stopDaemon(options) {
   }
 }
 async function restartDaemon() {
-  const supervisorPidFile = join(SVAMP_HOME, "supervisor.pid");
+  const supervisorPidFile = join$1(SVAMP_HOME, "supervisor.pid");
   let supervisorPid = null;
   try {
     if (existsSync$1(supervisorPidFile)) {
@@ -13130,7 +13293,7 @@ async function restartDaemon() {
       });
       child.unref();
     }
-    const stateFile2 = join(SVAMP_HOME, "daemon.state.json");
+    const stateFile2 = join$1(SVAMP_HOME, "daemon.state.json");
     for (let i = 0; i < 100; i++) {
       await new Promise((r) => setTimeout(r, 100));
       if (existsSync$1(stateFile2)) {
@@ -13154,7 +13317,7 @@ async function restartDaemon() {
     await doFullRestart("Failed to signal supervisor");
     return;
   }
-  const stateFile = join(SVAMP_HOME, "daemon.state.json");
+  const stateFile = join$1(SVAMP_HOME, "daemon.state.json");
   for (let i = 0; i < 300; i++) {
     await new Promise((r) => setTimeout(r, 100));
     try {
@@ -13179,7 +13342,7 @@ async function restartDaemon() {
 function daemonStatus() {
   const state = readDaemonStateFile();
   if (!state) {
-    const plistPath = join(os$1.homedir(), "Library", "LaunchAgents", "io.hypha.svamp.daemon.plist");
+    const plistPath = join$1(os$1.homedir(), "Library", "LaunchAgents", "io.hypha.svamp.daemon.plist");
     if (existsSync$1(plistPath)) {
       console.log("Status: Not running (launchd service installed \u2014 may be starting)");
     } else {