switchroom 0.13.33 → 0.13.36

package/bin/timezone-hook.sh

@@ -45,7 +45,7 @@ fi
 # `-d "@<unix>"` is required (Linux-only, fine for switchroom production).
 NOW_UNIX=$(date +%s)
 ROUNDED=$(( NOW_UNIX - (NOW_UNIX % 900) ))
-NOW=$(TZ="$TZ_VAL" date -d "@$ROUNDED" '+%Y-%m-%d %H:%M %Z (UTC%:z)')
+NOW=$(TZ="$TZ_VAL" date -d "@$ROUNDED" '+%A %Y-%m-%d %I:%M %p %Z (UTC%:z)')
 
 if [ "$TZ_UNSET" = "1" ]; then
   MSG="Current local time: $NOW ($TZ_VAL — WARNING: SWITCHROOM_TIMEZONE unset; compose env may be stale, run \`switchroom apply && switchroom agent restart <agent>\` to refresh)"

package/dist/agent-scheduler/index.js

@@ -11302,8 +11302,15 @@ var QuotaConfigSchema = exports_external.object({
   weekly_budget_usd: exports_external.number().positive().optional().describe("Weekly USD spend budget. If unset, the greeting shows raw usage only."),
   monthly_budget_usd: exports_external.number().positive().optional().describe("Monthly USD spend budget. If unset, the greeting shows raw usage only.")
 });
+var AutoReleaseCheckSchema = exports_external.object({
+  enabled: exports_external.boolean().default(false).describe("When true, hostd polls the remote release tag every " + "`interval_minutes` and applies + restarts the fleet when a new " + "release is detected. Default false — opt-in."),
+  interval_minutes: exports_external.number().int().min(5).max(1440).default(5).describe("Poll interval in minutes. Floor of 5m matches the agent-config " + "cron rate limit; ceiling of 1440m (24h) is a sanity cap."),
+  apply_on_detect: exports_external.boolean().default(true).describe("When false, hostd logs `release_detected` but does NOT call " + "update_apply / restart all. Useful for dogfooding the detector " + "without rolling the fleet."),
+  image_ref: exports_external.string().default("ghcr.io/switchroom/switchroom-agent:latest").describe("Image reference whose remote digest is compared to the local " + "image digest. Defaults to the agent image's :latest tag, which " + "is the canonical signal that a release has been promoted.")
+});
 var HostControlConfigSchema = exports_external.object({
-  enabled: exports_external.boolean().default(true).describe("Whether the host-control daemon is in use. Default: true (since " + "RFC C Phase 2 default-flip — the gateway's /restart, /new, /reset, " + "and /update apply slash-commands all dispatch through hostd, and " + "without it those verbs fail on docker-mode installs because the " + "agent container has no docker binary/socket). " + "When true, the compose generator emits per-agent bind mounts " + "at `~/.switchroom/hostd/<name>/sock` for every admin-flagged " + "agent. Install the daemon with `switchroom hostd install` — " + "it runs as a docker container in its own compose project " + "(`switchroom-hostd`), separate from the agent fleet's compose " + "project so `up -d --remove-orphans` cycles of the fleet " + "can't recreate the daemon mid-RPC. See RFC C §5.1. " + "Set enabled: false only on legacy systemd-mode installs that " + "still rely on the in-container `spawnSwitchroomDetached` " + "shellout (removal is tracked as RFC C Phase 3).")
+  enabled: exports_external.boolean().default(true).describe("Whether the host-control daemon is in use. Default: true (since " + "RFC C Phase 2 default-flip — the gateway's /restart, /new, /reset, " + "and /update apply slash-commands all dispatch through hostd, and " + "without it those verbs fail on docker-mode installs because the " + "agent container has no docker binary/socket). " + "When true, the compose generator emits per-agent bind mounts " + "at `~/.switchroom/hostd/<name>/sock` for every admin-flagged " + "agent. Install the daemon with `switchroom hostd install` — " + "it runs as a docker container in its own compose project " + "(`switchroom-hostd`), separate from the agent fleet's compose " + "project so `up -d --remove-orphans` cycles of the fleet " + "can't recreate the daemon mid-RPC. See RFC C §5.1. " + "Set enabled: false only on legacy systemd-mode installs that " + "still rely on the in-container `spawnSwitchroomDetached` " + "shellout (removal is tracked as RFC C Phase 3)."),
+  auto_release_check: AutoReleaseCheckSchema.default({}).describe("Pull-based release-triggered fleet restart (#1743). hostd polls " + "the remote release tag on a fixed interval and applies + " + "restarts the fleet (graceful) when a new release is detected. " + "Opt-in: default enabled=false.")
 });
 var HostdConfigSchema = exports_external.object({
   config_edit_enabled: exports_external.boolean().default(false).describe("Opt-in toggle for the `config_propose_edit` hostd verb (RFC " + "admin-agent-config-edit §3). Default false — the verb returns " + "`E_CONFIG_EDIT_DISABLED` until the operator explicitly flips " + "this to true. When true (and once PR 1c lands the apply path), " + "admin agents can propose unified-diff patches against " + "`/state/config/switchroom.yaml`, gated by an operator approval " + "card in the primary chat. Same trust posture as `update_apply` " + "and `agent_restart`: the human-in-the-loop tap is the security " + "boundary, not the agent's judgement."),

package/dist/auth-broker/index.js

@@ -11302,8 +11302,15 @@ var QuotaConfigSchema = exports_external.object({
   weekly_budget_usd: exports_external.number().positive().optional().describe("Weekly USD spend budget. If unset, the greeting shows raw usage only."),
   monthly_budget_usd: exports_external.number().positive().optional().describe("Monthly USD spend budget. If unset, the greeting shows raw usage only.")
 });
+var AutoReleaseCheckSchema = exports_external.object({
+  enabled: exports_external.boolean().default(false).describe("When true, hostd polls the remote release tag every " + "`interval_minutes` and applies + restarts the fleet when a new " + "release is detected. Default false — opt-in."),
+  interval_minutes: exports_external.number().int().min(5).max(1440).default(5).describe("Poll interval in minutes. Floor of 5m matches the agent-config " + "cron rate limit; ceiling of 1440m (24h) is a sanity cap."),
+  apply_on_detect: exports_external.boolean().default(true).describe("When false, hostd logs `release_detected` but does NOT call " + "update_apply / restart all. Useful for dogfooding the detector " + "without rolling the fleet."),
+  image_ref: exports_external.string().default("ghcr.io/switchroom/switchroom-agent:latest").describe("Image reference whose remote digest is compared to the local " + "image digest. Defaults to the agent image's :latest tag, which " + "is the canonical signal that a release has been promoted.")
+});
 var HostControlConfigSchema = exports_external.object({
-  enabled: exports_external.boolean().default(true).describe("Whether the host-control daemon is in use. Default: true (since " + "RFC C Phase 2 default-flip — the gateway's /restart, /new, /reset, " + "and /update apply slash-commands all dispatch through hostd, and " + "without it those verbs fail on docker-mode installs because the " + "agent container has no docker binary/socket). " + "When true, the compose generator emits per-agent bind mounts " + "at `~/.switchroom/hostd/<name>/sock` for every admin-flagged " + "agent. Install the daemon with `switchroom hostd install` — " + "it runs as a docker container in its own compose project " + "(`switchroom-hostd`), separate from the agent fleet's compose " + "project so `up -d --remove-orphans` cycles of the fleet " + "can't recreate the daemon mid-RPC. See RFC C §5.1. " + "Set enabled: false only on legacy systemd-mode installs that " + "still rely on the in-container `spawnSwitchroomDetached` " + "shellout (removal is tracked as RFC C Phase 3).")
+  enabled: exports_external.boolean().default(true).describe("Whether the host-control daemon is in use. Default: true (since " + "RFC C Phase 2 default-flip — the gateway's /restart, /new, /reset, " + "and /update apply slash-commands all dispatch through hostd, and " + "without it those verbs fail on docker-mode installs because the " + "agent container has no docker binary/socket). " + "When true, the compose generator emits per-agent bind mounts " + "at `~/.switchroom/hostd/<name>/sock` for every admin-flagged " + "agent. Install the daemon with `switchroom hostd install` — " + "it runs as a docker container in its own compose project " + "(`switchroom-hostd`), separate from the agent fleet's compose " + "project so `up -d --remove-orphans` cycles of the fleet " + "can't recreate the daemon mid-RPC. See RFC C §5.1. " + "Set enabled: false only on legacy systemd-mode installs that " + "still rely on the in-container `spawnSwitchroomDetached` " + "shellout (removal is tracked as RFC C Phase 3)."),
+  auto_release_check: AutoReleaseCheckSchema.default({}).describe("Pull-based release-triggered fleet restart (#1743). hostd polls " + "the remote release tag on a fixed interval and applies + " + "restarts the fleet (graceful) when a new release is detected. " + "Opt-in: default enabled=false.")
 });
 var HostdConfigSchema = exports_external.object({
   config_edit_enabled: exports_external.boolean().default(false).describe("Opt-in toggle for the `config_propose_edit` hostd verb (RFC " + "admin-agent-config-edit §3). Default false — the verb returns " + "`E_CONFIG_EDIT_DISABLED` until the operator explicitly flips " + "this to true. When true (and once PR 1c lands the apply path), " + "admin agents can propose unified-diff patches against " + "`/state/config/switchroom.yaml`, gated by an operator approval " + "card in the primary chat. Same trust posture as `update_apply` " + "and `agent_restart`: the human-in-the-loop tap is the security " + "boundary, not the agent's judgement."),

package/dist/cli/switchroom.js

@@ -13520,7 +13520,7 @@ var init_zod = __esm(() => {
 });
 
 // src/config/schema.ts
-var CodeRepoEntrySchema, AgentBindMountSchema, ScheduleEntrySchema, AgentSoulSchema, AgentToolsSchema, AgentMemorySchema, HookEntrySchema, AgentHooksSchema, SubagentSchema, SessionSchema, SessionContinuitySchema, TelegramChannelSchema, ChannelsSchema, TIMEZONE_REGEX, ApproverIdSchema, GoogleWorkspaceTierSchema, GoogleWorkspaceConfigSchema, AgentGoogleWorkspaceConfigSchema, ReactionsSchema, ReleaseBlock, NetworkIsolationSchema, profileFields, ProfileSchema, _omitExtends, defaultsFields, AgentDefaultsSchema, DEFAULT_PROFILE = "default", AgentSchema, TelegramConfigSchema, MemoryBackendConfigSchema, VaultConfigSchema, QuotaConfigSchema, HostControlConfigSchema, HostdConfigSchema, SwitchroomConfigSchema;
+var CodeRepoEntrySchema, AgentBindMountSchema, ScheduleEntrySchema, AgentSoulSchema, AgentToolsSchema, AgentMemorySchema, HookEntrySchema, AgentHooksSchema, SubagentSchema, SessionSchema, SessionContinuitySchema, TelegramChannelSchema, ChannelsSchema, TIMEZONE_REGEX, ApproverIdSchema, GoogleWorkspaceTierSchema, GoogleWorkspaceConfigSchema, AgentGoogleWorkspaceConfigSchema, ReactionsSchema, ReleaseBlock, NetworkIsolationSchema, profileFields, ProfileSchema, _omitExtends, defaultsFields, AgentDefaultsSchema, DEFAULT_PROFILE = "default", AgentSchema, TelegramConfigSchema, MemoryBackendConfigSchema, VaultConfigSchema, QuotaConfigSchema, AutoReleaseCheckSchema, HostControlConfigSchema, HostdConfigSchema, SwitchroomConfigSchema;
 var init_schema = __esm(() => {
   init_zod();
   CodeRepoEntrySchema = exports_external.object({
@@ -13866,8 +13866,15 @@ var init_schema = __esm(() => {
     weekly_budget_usd: exports_external.number().positive().optional().describe("Weekly USD spend budget. If unset, the greeting shows raw usage only."),
     monthly_budget_usd: exports_external.number().positive().optional().describe("Monthly USD spend budget. If unset, the greeting shows raw usage only.")
   });
+  AutoReleaseCheckSchema = exports_external.object({
+    enabled: exports_external.boolean().default(false).describe("When true, hostd polls the remote release tag every " + "`interval_minutes` and applies + restarts the fleet when a new " + "release is detected. Default false \u2014 opt-in."),
+    interval_minutes: exports_external.number().int().min(5).max(1440).default(5).describe("Poll interval in minutes. Floor of 5m matches the agent-config " + "cron rate limit; ceiling of 1440m (24h) is a sanity cap."),
+    apply_on_detect: exports_external.boolean().default(true).describe("When false, hostd logs `release_detected` but does NOT call " + "update_apply / restart all. Useful for dogfooding the detector " + "without rolling the fleet."),
+    image_ref: exports_external.string().default("ghcr.io/switchroom/switchroom-agent:latest").describe("Image reference whose remote digest is compared to the local " + "image digest. Defaults to the agent image's :latest tag, which " + "is the canonical signal that a release has been promoted.")
+  });
   HostControlConfigSchema = exports_external.object({
-    enabled: exports_external.boolean().default(true).describe("Whether the host-control daemon is in use. Default: true (since " + "RFC C Phase 2 default-flip \u2014 the gateway's /restart, /new, /reset, " + "and /update apply slash-commands all dispatch through hostd, and " + "without it those verbs fail on docker-mode installs because the " + "agent container has no docker binary/socket). " + "When true, the compose generator emits per-agent bind mounts " + "at `~/.switchroom/hostd/<name>/sock` for every admin-flagged " + "agent. Install the daemon with `switchroom hostd install` \u2014 " + "it runs as a docker container in its own compose project " + "(`switchroom-hostd`), separate from the agent fleet's compose " + "project so `up -d --remove-orphans` cycles of the fleet " + "can't recreate the daemon mid-RPC. See RFC C \u00a75.1. " + "Set enabled: false only on legacy systemd-mode installs that " + "still rely on the in-container `spawnSwitchroomDetached` " + "shellout (removal is tracked as RFC C Phase 3).")
+    enabled: exports_external.boolean().default(true).describe("Whether the host-control daemon is in use. Default: true (since " + "RFC C Phase 2 default-flip \u2014 the gateway's /restart, /new, /reset, " + "and /update apply slash-commands all dispatch through hostd, and " + "without it those verbs fail on docker-mode installs because the " + "agent container has no docker binary/socket). " + "When true, the compose generator emits per-agent bind mounts " + "at `~/.switchroom/hostd/<name>/sock` for every admin-flagged " + "agent. Install the daemon with `switchroom hostd install` \u2014 " + "it runs as a docker container in its own compose project " + "(`switchroom-hostd`), separate from the agent fleet's compose " + "project so `up -d --remove-orphans` cycles of the fleet " + "can't recreate the daemon mid-RPC. See RFC C \u00a75.1. " + "Set enabled: false only on legacy systemd-mode installs that " + "still rely on the in-container `spawnSwitchroomDetached` " + "shellout (removal is tracked as RFC C Phase 3)."),
+    auto_release_check: AutoReleaseCheckSchema.default({}).describe("Pull-based release-triggered fleet restart (#1743). hostd polls " + "the remote release tag on a fixed interval and applies + " + "restarts the fleet (graceful) when a new release is detected. " + "Opt-in: default enabled=false.")
   });
   HostdConfigSchema = exports_external.object({
     config_edit_enabled: exports_external.boolean().default(false).describe("Opt-in toggle for the `config_propose_edit` hostd verb (RFC " + "admin-agent-config-edit \u00a73). Default false \u2014 the verb returns " + "`E_CONFIG_EDIT_DISABLED` until the operator explicitly flips " + "this to true. When true (and once PR 1c lands the apply path), " + "admin agents can propose unified-diff patches against " + "`/state/config/switchroom.yaml`, gated by an operator approval " + "card in the primary chat. Same trust posture as `update_apply` " + "and `agent_restart`: the human-in-the-loop tap is the security " + "boundary, not the agent's judgement."),
@@ -29101,7 +29108,7 @@ function decodeResponse3(line) {
   const obj = JSON.parse(line);
   return ResponseSchema3.parse(obj);
 }
-var MAX_FRAME_BYTES3, RequestEnvelope, AgentRestartRequestSchema, UpgradeStatusRequestSchema, GetStatusRequestSchema, AgentNameSchema2, UpdateCheckRequestSchema, UpdateApplyRequestSchema, ApplyRequestSchema, AgentStartRequestSchema, AgentStopRequestSchema, AgentLogsRequestSchema, AgentExecRequestSchema, DoctorRequestSchema, AgentSmokeRequestSchema, ConfigProposeEditRequestSchema, RequestSchema3, ResultSchema, ResponseEnvelope, ResponseSchema3;
+var MAX_FRAME_BYTES3, RequestEnvelope, AgentRestartRequestSchema, UpgradeStatusRequestSchema, GetStatusRequestSchema, AgentNameSchema2, UpdateCheckRequestSchema, UpdateApplyRequestSchema, ApplyRequestSchema, AgentStartRequestSchema, AgentStopRequestSchema, AgentLogsRequestSchema, AgentExecRequestSchema, DoctorRequestSchema, AgentSmokeRequestSchema, ConfigProposeEditRequestSchema, RequestSchema3, ResultSchema, ErrorFixSchema, ErrorEnvelopeSchema, ResponseEnvelope, ResponseSchema3;
 var init_protocol3 = __esm(() => {
   init_zod();
   MAX_FRAME_BYTES3 = 64 * 1024;
@@ -29220,6 +29227,45 @@ var init_protocol3 = __esm(() => {
     ConfigProposeEditRequestSchema
   ]);
   ResultSchema = exports_external.enum(["started", "completed", "denied", "error"]);
+  ErrorFixSchema = exports_external.discriminatedUnion("kind", [
+    exports_external.object({
+      kind: exports_external.literal("flip_yaml_flag"),
+      yaml_path: exports_external.string(),
+      to: exports_external.unknown()
+    }),
+    exports_external.object({
+      kind: exports_external.literal("request_vault_grant"),
+      vault_key: exports_external.string()
+    }),
+    exports_external.object({
+      kind: exports_external.literal("operator_action"),
+      subkind: exports_external.enum(["policy_denied", "infra", "out_of_scope"]),
+      operator_steps: exports_external.array(exports_external.string()).min(1).optional()
+    }),
+    exports_external.object({
+      kind: exports_external.literal("retry_after"),
+      retry_at: exports_external.string()
+    }),
+    exports_external.object({
+      kind: exports_external.literal("quota_exceeded"),
+      quota: exports_external.string(),
+      current: exports_external.number(),
+      limit: exports_external.number()
+    }),
+    exports_external.object({
+      kind: exports_external.literal("bad_input"),
+      field: exports_external.string().optional()
+    })
+  ]);
+  ErrorEnvelopeSchema = exports_external.object({
+    v: exports_external.literal(1),
+    code: exports_external.string().regex(/^(E_[A-Z0-9_]+|VAULT-[A-Z-]+)$/),
+    human: exports_external.string().min(1),
+    why: exports_external.string().optional(),
+    fix: ErrorFixSchema.optional(),
+    docs: exports_external.string().url().optional(),
+    request_id: exports_external.string().min(1)
+  });
   ResponseEnvelope = {
     v: exports_external.literal(1),
     request_id: exports_external.string().min(1).max(128),
@@ -29229,7 +29275,8 @@ var init_protocol3 = __esm(() => {
     audit_id: exports_external.string().min(1).optional(),
     stdout_tail: exports_external.string().optional(),
     stderr_tail: exports_external.string().optional(),
-    error: exports_external.string().optional()
+    error: exports_external.string().optional(),
+    error_envelope: ErrorEnvelopeSchema.optional()
   };
   ResponseSchema3 = exports_external.object(ResponseEnvelope);
 });
@@ -47403,10 +47450,18 @@ async function dispatchTool2(name, args) {
   if (resp.result === "started" || resp.result === "completed") {
     return jsonText2(resp);
   }
-  return {
-    content: [{ type: "text", text: JSON.stringify(resp) }],
-    isError: true
-  };
+  const content = [
+    { type: "text", text: JSON.stringify(resp) }
+  ];
+  if (resp.error_envelope) {
+    const env2 = resp.error_envelope;
+    content.push({
+      type: "text",
+      text: `Structured error \u2014 fix.kind=${env2.fix?.kind ?? "none"}
+` + JSON.stringify(env2, null, 2)
+    });
+  }
+  return { content, isError: true };
 }
 function resolveAuditLogPath() {
   if (process.env.HOSTD_AUDIT_LOG_PATH)
@@ -47656,8 +47711,8 @@ var {
 } = import__.default;
 
 // src/build-info.ts
-var VERSION = "0.13.33";
-var COMMIT_SHA = "a8018071";
+var VERSION = "0.13.36";
+var COMMIT_SHA = "73e8bb05";
 
 // src/cli/agent.ts
 init_source();
@@ -49707,17 +49762,16 @@ function classifyChange(path, agentDir, useHotReloadStable) {
   return "stale-till-restart";
 }
 function buildSettingsHooksBlock(p) {
-  const { agentName, agentConfig, hindsightEnabled, useSwitchroomPlugin, configPath } = p;
+  const { agentName, agentConfig, hindsightEnabled, useSwitchroomPlugin } = p;
   const userHooks = translateHooksToClaudeShape(agentConfig.hooks);
   const wrapper = `bash "${join8(DOCKER_BIN_PATH, "run-hook.sh")}"`;
   const wrap = (source, command) => `${wrapper} ${shellSingleQuote(source)} ${command}`;
   const handoffEnabled = agentConfig.session_continuity?.enabled !== false;
-  const handoffConfigArg = configPath ? ` --config ${shellSingleQuote(DOCKER_CONFIG_PATH)}` : "";
   const stopHooks = [];
   if (handoffEnabled) {
     stopHooks.push({
       type: "command",
-      command: wrap("hook:handoff", `switchroom${handoffConfigArg} handoff ${agentName}`),
+      command: wrap("hook:handoff", `switchroom handoff ${agentName}`),
       timeout: 35,
       async: true
     });
@@ -61526,6 +61580,23 @@ function registerVaultBackupCommand(vault, program3) {
   });
 }
 
+// src/cli/vault-denied-envelope.ts
+var ENVELOPE_SENTINEL = "ERROR-ENVELOPE:";
+function writeVaultDeniedEnvelope(vaultKey, brokerCode, human) {
+  const envelope = {
+    v: 1,
+    code: "VAULT-BROKER-DENIED",
+    human: `${brokerCode}: ${human}`,
+    fix: {
+      kind: "request_vault_grant",
+      vault_key: vaultKey
+    },
+    request_id: `vault-cli-${Date.now()}-${Math.random().toString(36).slice(2, 10)}`
+  };
+  process.stderr.write(`${ENVELOPE_SENTINEL} ${JSON.stringify(envelope)}
+`);
+}
+
 // src/cli/vault.ts
 function isSandboxContext() {
   return process.env.SWITCHROOM_RUNTIME === "docker";
@@ -61751,6 +61822,7 @@ function registerVaultCommand(program3) {
         }
         process.stderr.write(`VAULT-BROKER-DENIED [${result.code}]: ${result.msg}
 `);
+        writeVaultDeniedEnvelope(key, result.code, result.msg);
         process.exit(VAULT_EXIT_DENIED);
       }
       if (inSandbox) {
@@ -61966,6 +62038,7 @@ Push passphrase to broker for future requests? [Y/n]: `);
             process.stderr.write(`VAULT-BROKER-DENIED [${result.code}]: ${result.msg}
 ` + `${recoveryHint("denied", key)}
 `);
+            writeVaultDeniedEnvelope(key, result.code, result.msg);
             process.exit(2);
           }
         } else {
@@ -70736,21 +70809,32 @@ init_loader();
 import { resolve as resolve33 } from "node:path";
 function registerHandoffCommand(program3) {
   program3.command("handoff <agent>", { hidden: true }).description("Build the agent's session handoff sidecars \u2014 a transcript-tail " + "briefing (.handoff.md) and topic line (.handoff-topic). " + "[internal \u2014 used by the Stop hook]").option("--max-turns <n>", "Max turns kept in the handoff transcript tail", String(DEFAULT_MAX_TURNS)).action(withConfigError(async (agentName, opts) => {
-    const config = getConfig(program3);
-    const agentConfig = config.agents[agentName];
-    if (!agentConfig) {
-      process.stderr.write(`handoff: agent "${agentName}" not defined in switchroom.yaml
+    let agentConfig;
+    let agentDir;
+    try {
+      const config = getConfig(program3);
+      agentConfig = config.agents[agentName];
+      if (!agentConfig) {
+        process.stderr.write(`handoff: agent "${agentName}" not defined in switchroom.yaml
 `);
-      return;
+        return;
+      }
+      const agentsDir = resolveAgentsDir(config);
+      agentDir = resolve33(agentsDir, agentName);
+    } catch (err) {
+      if (!(err instanceof ConfigError))
+        throw err;
+      process.stderr.write(`handoff: yaml unavailable (${err.message}); using defaults
+`);
+      agentConfig = undefined;
+      agentDir = process.env.CLAUDE_PROJECT_DIR ?? process.cwd();
     }
-    const continuity = agentConfig.session_continuity;
+    const continuity = agentConfig?.session_continuity;
     if (continuity?.enabled === false) {
       process.stderr.write(`handoff: session_continuity.enabled=false for "${agentName}"; skipping
 `);
       return;
     }
-    const agentsDir = resolveAgentsDir(config);
-    const agentDir = resolve33(agentsDir, agentName);
     const claudeConfigDir = resolve33(agentDir, ".claude");
     const jsonl = findLatestSessionJsonl(claudeConfigDir);
     if (!jsonl) {
@@ -76133,7 +76217,34 @@ function denyPendingScheduleEntry(opts) {
 
 // src/cli/agent-config-write.ts
 import { existsSync as existsSync73, readFileSync as readFileSync59 } from "node:fs";
+import { randomUUID as randomUUID5 } from "node:crypto";
 var MAX_ENTRIES_PER_AGENT = 20;
+var MIN_CRON_INTERVAL_MIN = 5;
+function extractCronSmallestGapMin(expr) {
+  const fields = expr.trim().split(/\s+/);
+  if (fields.length < 5)
+    return 0;
+  const min = fields[0];
+  if (min === "*")
+    return 1;
+  const step = min.match(/^\*\/(\d+)$/);
+  if (step)
+    return Number(step[1]);
+  if (min.includes(",")) {
+    const parts = min.split(",").map((s) => Number(s)).filter((n) => Number.isFinite(n));
+    if (parts.length >= 2) {
+      const sorted = [...parts].sort((a, b) => a - b);
+      let smallest = Infinity;
+      for (let i = 1;i < sorted.length; i++) {
+        const gap = sorted[i] - sorted[i - 1];
+        if (gap > 0 && gap < smallest)
+          smallest = gap;
+      }
+      return Number.isFinite(smallest) ? smallest : 0;
+    }
+  }
+  return 0;
+}
 function checkOperatorContext(verb, env2 = process.env) {
   if (env2.SWITCHROOM_OPERATOR === "1")
     return { ok: true };
@@ -76146,8 +76257,45 @@ function checkOperatorContext(verb, env2 = process.env) {
   }
   return { ok: true };
 }
+function buildEnvelopeForCode(code, message, extra) {
+  const request_id = `agent-config-${randomUUID5()}`;
+  if (code === "E_CRON_TOO_FREQUENT") {
+    return {
+      v: 1,
+      code,
+      human: message,
+      fix: {
+        kind: "quota_exceeded",
+        quota: "cron_min_interval_minutes",
+        current: typeof extra.requested_interval_min === "number" ? extra.requested_interval_min : 0,
+        limit: MIN_CRON_INTERVAL_MIN
+      },
+      request_id
+    };
+  }
+  if (code === "E_QUOTA_EXCEEDED") {
+    const current = typeof extra.current === "number" ? extra.current : MAX_ENTRIES_PER_AGENT;
+    return {
+      v: 1,
+      code,
+      human: message,
+      fix: {
+        kind: "quota_exceeded",
+        quota: "schedule_entries_per_agent",
+        current,
+        limit: MAX_ENTRIES_PER_AGENT
+      },
+      request_id
+    };
+  }
+  return;
+}
 function emitError(code, message, extra = {}) {
-  process.stderr.write(JSON.stringify({ code, message, ...extra }) + `
+  const error_envelope = buildEnvelopeForCode(code, message, extra);
+  const line = { code, message, ...extra };
+  if (error_envelope)
+    line.error_envelope = error_envelope;
+  process.stderr.write(JSON.stringify(line) + `
 `);
 }
 function exitCodeFor(code) {
@@ -76211,7 +76359,8 @@ function scheduleAdd(opts) {
       ok: false,
       code: "E_CRON_TOO_FREQUENT",
       message: "cron interval is tighter than the minimum (5 minutes)",
-      exit: 9
+      exit: 9,
+      meta: { requested_interval_min: extractCronSmallestGapMin(opts.cronExpr) }
     };
   }
   const rej = filterOverlaySecrets(dry.doc, "overlay");
@@ -76229,7 +76378,8 @@ function scheduleAdd(opts) {
       ok: false,
       code: "E_QUOTA_EXCEEDED",
       message: `agent already has ${existing.length} overlay entries (max ${MAX_ENTRIES_PER_AGENT})`,
-      exit: 9
+      exit: 9,
+      meta: { current: existing.length }
     };
   }
   const hash2 = cronUnitHash(opts.cronExpr, opts.prompt);
@@ -76428,7 +76578,7 @@ function registerAgentConfigWriteCommands(program3) {
     else if (process.env.SWITCHROOM_AGENT_NAME)
       resolvedAgent = process.env.SWITCHROOM_AGENT_NAME;
     if (!r.ok) {
-      emitError(r.code, r.message);
+      emitError(r.code, r.message, r.meta ?? {});
       appendAudit(resolvedAgent, "schedule.add", { cron: opts.cron, prompt: opts.prompt, name: opts.name, code: r.code, would_recreate: false }, r.exit);
       process.exit(r.exit);
     }
@@ -76541,7 +76691,7 @@ function registerAgentConfigWriteCommands(program3) {
     else if (process.env.SWITCHROOM_AGENT_NAME)
       resolvedAgent = process.env.SWITCHROOM_AGENT_NAME;
     if (!r.ok) {
-      emitError(r.code, r.message);
+      emitError(r.code, r.message, r.meta ?? {});
       appendAudit(resolvedAgent, "schedule.remove", { ...opts, code: r.code }, r.exit);
       process.exit(r.exit);
     }