switchroom 0.11.1 → 0.12.1

package/telegram-plugin/tests/retry-api-call.test.ts

@@ -14,6 +14,7 @@ import {
   createRetryApiCall,
   createSwallowingRetryApiCall,
   retryWithThreadFallback,
+  isHtmlParseRejectError,
   type RetryObserver,
 } from '../retry-api-call.js'
 import { errors, makeGrammyError } from './fake-bot-api.js'
@@ -436,3 +437,78 @@ describe('retryWithThreadFallback (#1075)', () => {
     expect(result).toBe(true)
   })
 })
+
+describe('isHtmlParseRejectError', () => {
+  it('matches the real Telegram parse-failure 400 descriptions', () => {
+    const descriptions = [
+      "can't parse entities: Unsupported start tag \"h2\" at byte offset 12",
+      'Bad Request: unsupported start tag "span"',
+      "can't find end of the entity starting at byte offset 40",
+      'Bad Request: unclosed start tag at byte offset 5',
+      'Bad Request: unexpected end tag at byte offset 9',
+      "Bad Request: can't parse entities: expected end tag",
+    ]
+    for (const d of descriptions) {
+      expect(
+        isHtmlParseRejectError(
+          makeGrammyError({ error_code: 400, description: d, method: 'sendMessage' }),
+        ),
+      ).toBe(true)
+    }
+  })
+
+  it('does NOT match other 400s (those have their own handling)', () => {
+    for (const d of [
+      'Bad Request: message is not modified',
+      'Bad Request: message to edit not found',
+      'Bad Request: message thread not found',
+      'Bad Request: chat not found',
+    ]) {
+      expect(
+        isHtmlParseRejectError(
+          makeGrammyError({ error_code: 400, description: d, method: 'sendMessage' }),
+        ),
+      ).toBe(false)
+    }
+  })
+
+  it('does not match non-400 GrammyErrors', () => {
+    expect(
+      isHtmlParseRejectError(
+        makeGrammyError({
+          error_code: 429,
+          description: "can't parse entities",
+          method: 'sendMessage',
+        }),
+      ),
+    ).toBe(false)
+    expect(
+      isHtmlParseRejectError(
+        makeGrammyError({
+          error_code: 403,
+          description: 'Forbidden: bot was blocked',
+          method: 'sendMessage',
+        }),
+      ),
+    ).toBe(false)
+  })
+
+  it('does not match plain Errors or non-error values', () => {
+    expect(isHtmlParseRejectError(new Error("can't parse entities"))).toBe(false)
+    expect(isHtmlParseRejectError('string')).toBe(false)
+    expect(isHtmlParseRejectError(null)).toBe(false)
+    expect(isHtmlParseRejectError(undefined)).toBe(false)
+  })
+
+  it('matches the curly-apostrophe variant Telegram sometimes emits', () => {
+    expect(
+      isHtmlParseRejectError(
+        makeGrammyError({
+          error_code: 400,
+          description: 'Bad Request: can’t parse entities: bad tag',
+          method: 'sendMessage',
+        }),
+      ),
+    ).toBe(true)
+  })
+})

package/telegram-plugin/tests/secret-detect-audit.test.ts

@@ -12,7 +12,7 @@ describe('secret-detect audit log', () => {
   })
 
   it('emits a structured event with slug but never the raw value', () => {
-    const raw = 'sk-ant-Apq13yqRnPzx4MxK0TfAbY98Qw22'
+    const raw = ['sk-ant-', 'Apq13yqRnPzx4MxK0TfAbY98Qw22'].join('')
     emitAudit({
       chat_id: '-100',
       message_id: 5,

package/telegram-plugin/tests/secret-detect-pipeline.test.ts

@@ -27,7 +27,8 @@ describe('pipeline.runPipeline', () => {
 
   it('stores a high-confidence hit and rewrites the prompt', () => {
     const { write, list, store } = mkFakeVault()
-    const text = 'hey here is my key: sk-ant-Apq13yqRnPzx4MxK0TfAbY98Qw22 thanks'
+    const tok = ['sk-ant-', 'Apq13yqRnPzx4MxK0TfAbY98Qw22'].join('')
+    const text = `hey here is my key: ${tok} thanks`
     const res = runPipeline({
       chat_id: '-100',
       message_id: 5,
@@ -38,9 +39,9 @@ describe('pipeline.runPipeline', () => {
     })
     expect(res.stored).toHaveLength(1)
     expect(res.rewritten_text).toContain('[secret stored as vault:')
-    expect(res.rewritten_text).not.toContain('sk-ant-Apq13yqRnPzx4MxK0TfAbY98Qw22')
+    expect(res.rewritten_text).not.toContain(tok)
     // The raw secret made it to the vault under the generated slug.
-    expect([...store.values()]).toContain('sk-ant-Apq13yqRnPzx4MxK0TfAbY98Qw22')
+    expect([...store.values()]).toContain(tok)
     // Audit emitted once with action=stored.
     const storedLogs = captured.filter((l) => l.includes('"action":"stored"'))
     expect(storedLogs).toHaveLength(1)
@@ -71,7 +72,7 @@ describe('pipeline.runPipeline', () => {
 
   it('treats suppressed high-confidence hits as ambiguous', () => {
     const { write, list, store } = mkFakeVault()
-    const text = 'test sk-ant-Apq13yqRnPzx4MxK0TfAbY98Qw22'
+    const text = `test ${['sk-ant-', 'Apq13yqRnPzx4MxK0TfAbY98Qw22'].join('')}`
     const res = runPipeline({
       chat_id: 'c',
       message_id: 1,
@@ -89,7 +90,7 @@ describe('pipeline.runPipeline', () => {
     const { write, list, store } = mkFakeVault()
     store.set('anthropic_api_key_20260423', 'preexisting')
     const text =
-      'first: sk-ant-Apq13yqRnPzx4MxK0TfAbY98Qw22 second: sk-ant-BqZ13yqRnPzx4MxK0TfAbY98Qw22'
+      `first: ${['sk-ant-', 'Apq13yqRnPzx4MxK0TfAbY98Qw22'].join('')} second: ${['sk-ant-', 'BqZ13yqRnPzx4MxK0TfAbY98Qw22'].join('')}`
     const res = runPipeline({
       chat_id: 'c',
       message_id: 2,
@@ -111,7 +112,7 @@ describe('pipeline.runPipeline', () => {
     const res = runPipeline({
       chat_id: 'c',
       message_id: 3,
-      text: 'key is sk-ant-Apq13yqRnPzx4MxK0TfAbY98Qw22',
+      text: `key is ${['sk-ant-', 'Apq13yqRnPzx4MxK0TfAbY98Qw22'].join('')}`,
       passphrase: 'pw',
       vaultWrite: failingWrite,
       vaultList: list,

package/telegram-plugin/tests/secret-detect-suppressor-no-silent-allow.test.ts

@@ -20,12 +20,13 @@ import type { VaultWriteFn, VaultListFn } from '../secret-detect/vault-write.js'
  * this without breaking a test.
  */
 describe('suppressor: never silent-allows on structured matches', () => {
+  const tok = ['sk-ant-', 'Apq13yqRnPzx4MxK0TfAbY98Qw22'].join('')
   const phrasings = [
-    'this is a test, here is sk-ant-Apq13yqRnPzx4MxK0TfAbY98Qw22',
-    'mock token: sk-ant-Apq13yqRnPzx4MxK0TfAbY98Qw22',
-    'example: sk-ant-Apq13yqRnPzx4MxK0TfAbY98Qw22',
-    'dummy sk-ant-Apq13yqRnPzx4MxK0TfAbY98Qw22',
-    'fixture sk-ant-Apq13yqRnPzx4MxK0TfAbY98Qw22',
+    `this is a test, here is ${tok}`,
+    `mock token: ${tok}`,
+    `example: ${tok}`,
+    `dummy ${tok}`,
+    `fixture ${tok}`,
   ]
 
   for (const text of phrasings) {

package/telegram-plugin/tests/secret-detect.test.ts

@@ -9,7 +9,7 @@ import { rewritePrompt } from '../secret-detect/rewrite.js'
 
 describe('mask.maskToken', () => {
   it('reveals first 6 + last 4 when length ≥ 18', () => {
-    const tok = 'sk-ant-abc123XYZdefGHI456789'
+    const tok = ['sk-ant-', 'abc123XYZdefGHI456789'].join('')
     expect(maskToken(tok)).toBe(`${tok.slice(0, 6)}...${tok.slice(-4)}`)
   })
   it('returns *** for short inputs', () => {
@@ -96,7 +96,7 @@ describe('chunker.chunk', () => {
 
 describe('suppressor.isSuppressed', () => {
   it('demotes hits near test/mock/example/fixture/dummy', () => {
-    const text = 'test: sk-ant-abc123defgh456789'
+    const text = `test: ${['sk-ant-', 'abc123defgh456789'].join('')}`
     const start = text.indexOf('sk-ant-')
     const end = text.length
     expect(isSuppressed(text, start, end)).toBe(true)
@@ -104,13 +104,13 @@ describe('suppressor.isSuppressed', () => {
   it('ignores markers more than 40 chars away', () => {
     // 80 chars of filler between "test" and the secret
     const filler = ' '.repeat(80)
-    const text = `test${filler}sk-ant-abc123defgh456789`
+    const text = `test${filler}${['sk-ant-', 'abc123defgh456789'].join('')}`
     const start = text.indexOf('sk-ant-')
     const end = text.length
     expect(isSuppressed(text, start, end)).toBe(false)
   })
   it('whole-word only — "tested" does not trigger', () => {
-    const text = 'untested sk-ant-abc123defgh456789'
+    const text = `untested ${['sk-ant-', 'abc123defgh456789'].join('')}`
     const start = text.indexOf('sk-ant-')
     const end = text.length
     expect(isSuppressed(text, start, end)).toBe(false)
@@ -150,7 +150,7 @@ describe('rewrite.rewritePrompt', () => {
     expect(out).toContain('[secret stored as vault:TOKEN]')
   })
   it('preserves non-secret substrings verbatim', () => {
-    const text = 'please stash api key ANTHROPIC_API_KEY=sk-ant-ABCDEFGHIJKLMNOP now'
+    const text = `please stash api key ANTHROPIC_API_KEY=${['sk-ant-', 'ABCDEFGHIJKLMNOP'].join('')} now`
     const detections = detectSecrets(text)
     expect(detections.length).toBeGreaterThan(0)
     const targets = detections.map((d) => ({ detection: d, actual_slug: 'ANTHROPIC_API_KEY' }))
@@ -161,7 +161,7 @@ describe('rewrite.rewritePrompt', () => {
 
 describe('detectSecrets — end-to-end', () => {
   it('finds an anthropic key', () => {
-    const text = 'here you go: sk-ant-Apq13yqRnPzx4MxK0TfAbY98Qw22'
+    const text = `here you go: ${['sk-ant-', 'Apq13yqRnPzx4MxK0TfAbY98Qw22'].join('')}`
     const d = detectSecrets(text)
     expect(d).toHaveLength(1)
     expect(d[0]!.rule_id).toBe('anthropic_api_key')
@@ -175,7 +175,7 @@ describe('detectSecrets — end-to-end', () => {
     expect(d.some((h) => h.rule_id === 'github_pat_classic')).toBe(true)
   })
   it('captures only the value for KEY=VALUE patterns', () => {
-    const text = 'ANTHROPIC_API_KEY=sk-ant-Apq13yqRnPzx4MxK0TfAbY98Qw22'
+    const text = `ANTHROPIC_API_KEY=${['sk-ant-', 'Apq13yqRnPzx4MxK0TfAbY98Qw22'].join('')}`
     const d = detectSecrets(text)
     const envHit = d.find((h) => h.rule_id === 'env_key_value' || h.rule_id === 'anthropic_api_key')
     expect(envHit).toBeDefined()
@@ -183,7 +183,7 @@ describe('detectSecrets — end-to-end', () => {
     expect(envHit!.matched_text.startsWith('sk-ant-')).toBe(true)
   })
   it('flags suppressed on nearby "test"', () => {
-    const text = 'test token: sk-ant-Apq13yqRnPzx4MxK0TfAbY98Qw22'
+    const text = `test token: ${['sk-ant-', 'Apq13yqRnPzx4MxK0TfAbY98Qw22'].join('')}`
     const d = detectSecrets(text)
     expect(d.length).toBeGreaterThan(0)
     expect(d[0]!.suppressed).toBe(true)

package/telegram-plugin/tests/telegram-format.test.ts

@@ -6,7 +6,7 @@ import { describe, test, expect } from 'vitest'
 
 // Import from the side-effect-free format module so tests don't trigger
 // server.ts's startup (env load, token check, grammy init).
-import { markdownToHtml, splitHtmlChunks, isLikelyTelegramHtml, repairEscapedWhitespace, sanitizeForTelegram } from '../format.js'
+import { markdownToHtml, splitHtmlChunks, isLikelyTelegramHtml, repairEscapedWhitespace, sanitizeForTelegram, telegramHtmlToPlainText } from '../format.js'
 
 // ---------------------------------------------------------------------------
 // markdownToHtml
@@ -1091,3 +1091,86 @@ describe('markdownToHtml — markdown table rendering', () => {
     expect(result).toContain('• <b>OR</b>')
   })
 })
+
+describe('telegramHtmlToPlainText (HTML parse-reject fallback)', () => {
+  test('strips supported formatting tags, keeps the text', () => {
+    const out = telegramHtmlToPlainText('<b>Bold</b> and <i>italic</i> and <code>x=1</code>')
+    expect(out).toBe('Bold and italic and x=1')
+  })
+
+  test('anchors become "label (href)"', () => {
+    const out = telegramHtmlToPlainText('see <a href="https://example.com/x">the docs</a> now')
+    expect(out).toBe('see the docs (https://example.com/x) now')
+  })
+
+  test('anchor with label equal to href collapses to the bare url', () => {
+    const out = telegramHtmlToPlainText('<a href="https://example.com">https://example.com</a>')
+    expect(out).toBe('https://example.com')
+  })
+
+  test('anchor with empty label yields just the href', () => {
+    expect(telegramHtmlToPlainText('<a href="https://e.com"></a>')).toBe('https://e.com')
+  })
+
+  test('single-quoted and unquoted href forms are handled', () => {
+    expect(telegramHtmlToPlainText("<a href='https://a.co'>A</a>")).toBe('A (https://a.co)')
+    expect(telegramHtmlToPlainText('<a href=https://b.co>B</a>')).toBe('B (https://b.co)')
+  })
+
+  test('decodes the standard HTML entities (no double-decode of the result)', () => {
+    const out = telegramHtmlToPlainText('a &amp; b &lt;tag&gt; &quot;q&quot; &#39;s&#39; 5 &nbsp;€')
+    expect(out).toBe('a & b <tag> "q" \'s\' 5  €')
+  })
+
+  test('numeric + hex char references decode', () => {
+    expect(telegramHtmlToPlainText('&#8594; &#x2192;')).toBe('→ →')
+  })
+
+  test('out-of-range / malformed char refs are left literal', () => {
+    expect(telegramHtmlToPlainText('&#0; &#1114112; &#xZZ;')).toBe('&#0; &#1114112; &#xZZ;')
+  })
+
+  test('block/break boundaries become newlines', () => {
+    const out = telegramHtmlToPlainText('one<br>two<br/>three</p>four</blockquote>five')
+    expect(out).toBe('one\ntwo\nthree\nfour\nfive')
+  })
+
+  test('unsupported / malformed tags (the actual reject cause) are stripped, not escaped', () => {
+    // A markdown→HTML slip that emitted an unsupported tag is exactly
+    // what triggers Telegram's 400; the fallback must yield clean text.
+    const out = telegramHtmlToPlainText('<h2>Title</h2><span class=x>body </span><unknowntag>tail')
+    expect(out).toBe('Title\nbody tail')
+  })
+
+  test('result is literal (parse_mode unset) — no re-escaping of < > &', () => {
+    // We resend with parse_mode UNSET, so the output must be the raw
+    // characters, not HTML entities.
+    const out = telegramHtmlToPlainText('a &lt; b &amp;&amp; c &gt; d')
+    expect(out).toBe('a < b && c > d')
+    expect(out).not.toContain('&lt;')
+    expect(out).not.toContain('&amp;')
+  })
+
+  test('collapses 3+ blank lines and trims trailing line whitespace', () => {
+    const out = telegramHtmlToPlainText('a   \n\n\n\n\nb')
+    expect(out).toBe('a\n\nb')
+  })
+
+  test('nested formatting inside an anchor label is flattened', () => {
+    const out = telegramHtmlToPlainText('<a href="https://x.io"><b>Big</b> link</a>')
+    expect(out).toBe('Big link (https://x.io)')
+  })
+
+  test('empty / whitespace input is safe', () => {
+    expect(telegramHtmlToPlainText('')).toBe('')
+    expect(telegramHtmlToPlainText('   \n  ')).toBe('')
+  })
+
+  test('pure-markup chunk collapses to empty (gateway substitutes a placeholder)', () => {
+    // Documents the trigger for the empty-string guard in
+    // gateway.ts:sendChunkPlainText — a chunk with no text content
+    // strips to '', so the send path must substitute rather than
+    // post an empty message (Telegram 400 "message text is empty").
+    expect(telegramHtmlToPlainText('<b></b><i></i><br><span></span>')).toBe('')
+  })
+})

package/telegram-plugin/tests/update-announce.test.ts

@@ -0,0 +1,154 @@
+import { describe, it, expect, beforeEach, afterEach } from "vitest";
+import { mkdtempSync, rmSync, writeFileSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import {
+  readLastTerminalUpdateAudit,
+  renderUpdateOutcomeLine,
+  claimUpdateAnnouncement,
+  maybeRenderUpdateAnnouncement,
+} from "../gateway/update-announce.js";
+
+function makeRow(o: Record<string, unknown>): string {
+  return JSON.stringify(o) + "\n";
+}
+
+describe("update-announce — PR C boot-card surfacing", () => {
+  let tmp: string;
+  let auditPath: string;
+  let stateDir: string;
+
+  beforeEach(() => {
+    tmp = mkdtempSync(join(tmpdir(), "update-announce-"));
+    auditPath = join(tmp, "host-control-audit.log");
+    stateDir = join(tmp, "state");
+  });
+  afterEach(() => {
+    rmSync(tmp, { recursive: true, force: true });
+  });
+
+  it("returns null when audit log missing", () => {
+    expect(readLastTerminalUpdateAudit({ auditLogPath: auditPath })).toBeNull();
+  });
+
+  it("returns most recent terminal update_apply row within lookback", () => {
+    const now = Date.parse("2026-05-17T12:00:00.000Z");
+    const lines =
+      makeRow({
+        ts: "2026-05-17T11:59:00.000Z",
+        op: "update_apply",
+        caller: { kind: "operator" },
+        request_id: "req-1",
+        result: "ok",
+        exit_code: 0,
+        duration_ms: 1234,
+        phase: "terminal",
+        channel: "dev",
+        resolved_sha: { "switchroom-agent": "sha256:abcdef1234567890" },
+        install_context: { install_type: "binary", detected_at: "2026-05-17T11:00:00Z" },
+      }) +
+      makeRow({
+        ts: "2026-05-17T11:58:00.000Z",
+        op: "update_apply",
+        caller: { kind: "operator" },
+        request_id: "req-0",
+        result: "started",
+        exit_code: null,
+        duration_ms: 0,
+      });
+    writeFileSync(auditPath, lines, "utf-8");
+    const entry = readLastTerminalUpdateAudit({ auditLogPath: auditPath, now });
+    expect(entry).not.toBeNull();
+    expect(entry!.request_id).toBe("req-1");
+  });
+
+  it("skips entries outside lookback window", () => {
+    const now = Date.parse("2026-05-17T12:00:00.000Z");
+    writeFileSync(auditPath, makeRow({
+      ts: "2026-05-17T11:00:00.000Z", // 60 minutes ago
+      op: "update_apply",
+      caller: { kind: "operator" },
+      request_id: "stale",
+      result: "ok",
+      exit_code: 0,
+      duration_ms: 1,
+      phase: "terminal",
+    }), "utf-8");
+    expect(readLastTerminalUpdateAudit({ auditLogPath: auditPath, now, lookbackMs: 10 * 60 * 1000 })).toBeNull();
+  });
+
+  it("renders success line with channel + short sha", () => {
+    const line = renderUpdateOutcomeLine({
+      ts: "2026-05-17T11:59:00.000Z",
+      op: "update_apply",
+      caller: { kind: "operator" },
+      request_id: "req-1",
+      result: "ok",
+      exit_code: 0,
+      duration_ms: 100,
+      phase: "terminal",
+      channel: "dev",
+      resolved_sha: { "switchroom-agent": "sha256:abcdef1234567890aaaa" },
+    });
+    expect(line).toContain("✅ update completed");
+    expect(line).toContain("channel:dev");
+    expect(line).toContain("sha:abcdef123456");
+  });
+
+  it("renders failure line with stderr + recovery hint for binary install", () => {
+    const line = renderUpdateOutcomeLine({
+      ts: "2026-05-17T11:59:00.000Z",
+      op: "update_apply",
+      caller: { kind: "operator" },
+      request_id: "req-2",
+      result: "error",
+      exit_code: 1,
+      duration_ms: 100,
+      phase: "terminal",
+      stderr_tail: "compose pull failed: registry timeout",
+      install_context: { install_type: "binary", detected_at: "2026-05-17T11:00:00Z" },
+    });
+    expect(line).toContain("❌ update failed at update_apply");
+    expect(line).toContain("compose pull failed");
+    expect(line).toContain("Recovery:");
+    expect(line).toContain("install.sh");
+  });
+
+  it("renders unknown recovery hint when install_type missing", () => {
+    const line = renderUpdateOutcomeLine({
+      ts: "2026-05-17T11:59:00.000Z",
+      op: "update_apply",
+      caller: { kind: "operator" },
+      request_id: "req-3",
+      result: "error",
+      exit_code: 1,
+      duration_ms: 100,
+      phase: "terminal",
+    });
+    expect(line).toContain("Cannot auto-detect install type");
+  });
+
+  it("claimUpdateAnnouncement is atomic — second call returns false", () => {
+    expect(claimUpdateAnnouncement("req-abc", { stateDir })).toBe(true);
+    expect(claimUpdateAnnouncement("req-abc", { stateDir })).toBe(false);
+  });
+
+  it("maybeRenderUpdateAnnouncement dedupes on second call", () => {
+    const now = Date.parse("2026-05-17T12:00:00.000Z");
+    writeFileSync(auditPath, makeRow({
+      ts: "2026-05-17T11:59:00.000Z",
+      op: "update_apply",
+      caller: { kind: "operator" },
+      request_id: "req-dedup",
+      result: "ok",
+      exit_code: 0,
+      duration_ms: 1,
+      phase: "terminal",
+      channel: "dev",
+    }), "utf-8");
+    const first = maybeRenderUpdateAnnouncement({ auditLogPath: auditPath, now, stateDir });
+    expect(first).not.toBeNull();
+    const second = maybeRenderUpdateAnnouncement({ auditLogPath: auditPath, now, stateDir });
+    expect(second).toBeNull();
+  });
+});

package/telegram-plugin/tests/vault-grant-inbound-builders.test.ts

@@ -25,7 +25,7 @@ const CTX_READ: VaultGrantInboundContext = {
   agent: 'gymbro',
   key: 'fatsecret/credentials',
   scope: 'read',
-  chat_id: '8248703757',
+  chat_id: '12345',
   ttl_seconds: 30 * 86400,
 }
 
@@ -42,11 +42,11 @@ describe('buildVaultGrantApprovedInbound', () => {
       ctx: CTX_READ,
       grantId: 'vg_a1b2c3',
       stageId: 'stage-001',
-      operatorId: '8248703757',
+      operatorId: '12345',
       nowMs: FIXED_NOW,
     })
     expect(msg.type).toBe('inbound')
-    expect(msg.chatId).toBe('8248703757')
+    expect(msg.chatId).toBe('12345')
     expect(msg.user).toBe('vault-broker')
     expect(msg.userId).toBe(0)
     expect(msg.ts).toBe(FIXED_NOW)
@@ -71,7 +71,7 @@ describe('buildVaultGrantApprovedInbound', () => {
       ctx: CTX_READ,
       grantId: 'vg_a1b2c3',
       stageId: 'stage-001',
-      operatorId: '8248703757',
+      operatorId: '12345',
     })
     expect(msg.meta).toEqual({
       source: 'vault_grant_approved',
@@ -80,7 +80,7 @@ describe('buildVaultGrantApprovedInbound', () => {
       scope: 'read',
       grant_id: 'vg_a1b2c3',
       stage_id: 'stage-001',
-      operator_id: '8248703757',
+      operator_id: '12345',
     })
   })
 
@@ -151,7 +151,7 @@ describe('buildVaultGrantDeniedInbound', () => {
     const msg = buildVaultGrantDeniedInbound({
       ctx: CTX_READ,
       stageId: 'stage-001',
-      operatorId: '8248703757',
+      operatorId: '12345',
     })
     expect(msg.meta).toEqual({
       source: 'vault_grant_denied',
@@ -159,7 +159,7 @@ describe('buildVaultGrantDeniedInbound', () => {
       key: 'fatsecret/credentials',
       scope: 'read',
       stage_id: 'stage-001',
-      operator_id: '8248703757',
+      operator_id: '12345',
     })
     expect((msg.meta as { grant_id?: string }).grant_id).toBeUndefined()
   })
@@ -189,7 +189,7 @@ describe('buildVaultGrantDeniedInbound', () => {
     expect(denied.type).toBe('inbound')
     expect(denied.user).toBe('vault-broker')
     expect(denied.userId).toBe(0)
-    expect(denied.chatId).toBe('8248703757')
+    expect(denied.chatId).toBe('12345')
     expect(denied.ts).toBe(FIXED_NOW)
     expect(denied.messageId).toBe(FIXED_NOW)
   })

package/telegram-plugin/tests/vault-request-access-tool.test.ts

@@ -112,3 +112,54 @@ describe('vault_request_access (#1012)', () => {
     expect(handlerBlock).toMatch(/allowFrom\.includes/)
   })
 })
+
+/**
+ * Fix B (#1487 follow-up): vault_request_access must NOT card/mint when
+ * the agent's STANDING ACL already covers the key — and must decide
+ * that by probing the BROKER as the agent (no-token listViaBroker over
+ * the per-agent socket — path-as-identity), never a gateway-side
+ * config/checkAclByAgent read (the gateway can see newer config than
+ * the broker has loaded → "covered here, denied there"). Read scope
+ * only; fail-open on probe error. Source-pattern assertions matching
+ * this file's established style (the flow has Telegram + module-state
+ * side effects that aren't behaviourally unit-testable here).
+ */
+describe('Fix B: vault_request_access standing-ACL-aware (#1487 follow-up)', () => {
+  const execBlock =
+    gatewaySrc.split('async function executeVaultRequestAccess')[1]?.split('\nasync function ')[0] ?? ''
+  const approveBlock =
+    gatewaySrc.split('async function performVaultAccessApproval')[1]?.split('\nasync function ')[0] ?? ''
+
+  it('request path: read-scope broker-probe short-circuits BEFORE the card is staged/sent', () => {
+    expect(execBlock).toContain('listViaBroker(')
+    expect(execBlock).toMatch(/scopeRaw === 'read'/)
+    const probeIdx = execBlock.indexOf('listViaBroker(')
+    const stageIdx = execBlock.indexOf('pendingVaultRequestAccesses.set(stageId')
+    expect(probeIdx).toBeGreaterThan(-1)
+    expect(stageIdx).toBeGreaterThan(-1)
+    expect(probeIdx).toBeLessThan(stageIdx)
+    expect(execBlock).toMatch(/ALREADY covered[\s\S]*?return\s*{/)
+  })
+
+  it('request path: decides via the BROKER, not a gateway-side config/ACL read (B2 — no config drift)', () => {
+    expect(execBlock).not.toContain('checkAclByAgent(')
+    expect(execBlock).not.toContain('loadSwitchroomConfig(')
+  })
+
+  it('operator-approve path: parallel guard short-circuits BEFORE mintGrantViaBroker', () => {
+    expect(approveBlock).toContain('listViaBroker(')
+    expect(approveBlock).toMatch(/pending\.scope === 'read'/)
+    const probeIdx = approveBlock.indexOf('listViaBroker(')
+    const mintIdx = approveBlock.indexOf('mintGrantViaBroker(mintArgs)')
+    expect(probeIdx).toBeGreaterThan(-1)
+    expect(mintIdx).toBeGreaterThan(-1)
+    expect(probeIdx).toBeLessThan(mintIdx)
+    expect(approveBlock).toMatch(/listViaBroker\([\s\S]*?pendingVaultRequestAccesses\.delete\(stageId\)[\s\S]*?return/)
+    expect(approveBlock).not.toContain('checkAclByAgent(')
+  })
+
+  it('both guards are fail-open (probe error → normal card/mint flow)', () => {
+    expect(execBlock).toMatch(/try\s*{[\s\S]*?listViaBroker\([\s\S]*?}\s*catch/)
+    expect(approveBlock).toMatch(/try\s*{[\s\S]*?listViaBroker\([\s\S]*?}\s*catch/)
+  })
+})

package/telegram-plugin/welcome-text.ts

@@ -253,14 +253,7 @@ export const switchroomHelpCommandNames = [
   "new", "reset", "approve", "deny", "pending", "interrupt",
   // Agents
   "agents", "agentstart", "stop", "restart", "logs", "memory",
-  // Auth & config. The auth surface consolidated onto the `/auth`
-  // dashboard:
-  //   - /authfallback removed in v0.6.12 (Switch primary picker
-  //     handles the operator case; auto-fallback poller handles the
-  //     transparent on-quota-wall case)
-  //   - /reauth removed in v0.6.13 (dashboard's `🔄 Reauth` button
-  //     fires the same flow; paste-back of the OAuth code is caught
-  //     by the generic message intercept on `pendingReauthFlows`)
+  // Auth & config — consolidated onto the `/auth` dashboard.
   "auth",
   "topics", "update", "version",
   "permissions", "grant", "dangerous", "vault", "doctor",