switchroom 0.14.26 → 0.14.28

package/dist/cli/switchroom.js

@@ -49420,8 +49420,8 @@ var {
 } = import__.default;
 
 // src/build-info.ts
-var VERSION = "0.14.26";
-var COMMIT_SHA = "7ef6e93c";
+var VERSION = "0.14.28";
+var COMMIT_SHA = "cb64351f";
 
 // src/cli/agent.ts
 init_source();
@@ -50220,6 +50220,22 @@ a flood. Going quiet mid-work is fine \u2014 going quiet *instead* of
 acknowledging, or *instead* of an update at a real milestone, is the
 black box this exists to prevent.
 
+### Secrets \u2014 never ask for a chat paste
+
+Never ask the user to paste a secret \u2014 an API key, token, password, or
+private key \u2014 as a normal chat message. It would persist in plaintext
+before anything can scrub it. Instead:
+
+- Need a credential that isn't in the vault? Call
+  \`request_secret(key, reason)\`. The operator gets a secure card, provides
+  the value once, and it goes straight to the vault \u2014 you only ever see
+  \`vault:<key>\`. After calling it, end your turn and wait for the reply.
+- The user *handed* you a value to keep? Use \`vault_request_save\`.
+- The key exists but you hit \`VAULT-BROKER-DENIED\`? Use \`vault_request_access\`.
+
+Reference stored secrets only as \`vault:<key>\` \u2014 never echo a raw secret
+value back into chat.
+
 ### Formatting \u2014 make it scannable
 
 \`reply\` and \`stream_reply\` render Markdown as Telegram HTML for you, so
@@ -73962,6 +73978,7 @@ var ANCHORED_PATTERNS = [
   { rule_id: "npm_token", regex: /\b(npm_[A-Za-z0-9]{10,})\b/g, captureIndex: 1, slugHint: "npm_token" },
   { rule_id: "telegram_bot_token_prefixed", regex: /\bbot(\d{6,}:[A-Za-z0-9_-]{20,})\b/g, captureIndex: 1, slugHint: "telegram_bot_token" },
   { rule_id: "telegram_bot_token", regex: /\b(\d{6,}:[A-Za-z0-9_-]{20,})\b/g, captureIndex: 1, slugHint: "telegram_bot_token" },
+  { rule_id: "laravel_sanctum_token", regex: /\b(\d+\|[A-Za-z0-9]{40,})\b/g, captureIndex: 1, slugHint: "api_token" },
   { rule_id: "aws_access_key", regex: /\b(AKIA[0-9A-Z]{16})\b/g, captureIndex: 1, slugHint: "aws_access_key" },
   { rule_id: "jwt", regex: /\b(eyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,})\b/g, captureIndex: 1, slugHint: "jwt" }
 ];
@@ -74216,7 +74233,7 @@ function dropOverlaps(hits) {
   return out;
 }
 
-// src/secret-detect/redact.ts
+// telegram-plugin/secret-detect/redact.ts
 var REDACTED_MARKER = "[REDACTED]";
 function redact(text) {
   if (!text || text.length === 0)
@@ -74239,7 +74256,6 @@ function redactedMarker(ruleId) {
   }
   return `[REDACTED:${trimmed}]`;
 }
-
 // src/issues/store.ts
 var ISSUES_FILE = "issues.jsonl";
 var ISSUES_LOCK = "issues.lock";

package/dist/host-control/main.js

@@ -19866,6 +19866,7 @@ var ANCHORED_PATTERNS = [
   { rule_id: "npm_token", regex: /\b(npm_[A-Za-z0-9]{10,})\b/g, captureIndex: 1, slugHint: "npm_token" },
   { rule_id: "telegram_bot_token_prefixed", regex: /\bbot(\d{6,}:[A-Za-z0-9_-]{20,})\b/g, captureIndex: 1, slugHint: "telegram_bot_token" },
   { rule_id: "telegram_bot_token", regex: /\b(\d{6,}:[A-Za-z0-9_-]{20,})\b/g, captureIndex: 1, slugHint: "telegram_bot_token" },
+  { rule_id: "laravel_sanctum_token", regex: /\b(\d+\|[A-Za-z0-9]{40,})\b/g, captureIndex: 1, slugHint: "api_token" },
   { rule_id: "aws_access_key", regex: /\b(AKIA[0-9A-Z]{16})\b/g, captureIndex: 1, slugHint: "aws_access_key" },
   { rule_id: "jwt", regex: /\b(eyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,})\b/g, captureIndex: 1, slugHint: "jwt" }
 ];
@@ -20120,7 +20121,7 @@ function dropOverlaps(hits) {
   return out;
 }
 
-// src/secret-detect/redact.ts
+// telegram-plugin/secret-detect/redact.ts
 var REDACTED_MARKER = "[REDACTED]";
 function redact(text) {
   if (!text || text.length === 0)
@@ -20143,7 +20144,6 @@ function redactedMarker(ruleId) {
   }
   return `[REDACTED:${trimmed}]`;
 }
-
 // src/cli/install-detect.ts
 import * as fs from "node:fs";
 import * as path from "node:path";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "switchroom",
-  "version": "0.14.26",
+  "version": "0.14.28",
   "description": "Run Claude Code 24/7 on your Claude Pro/Max subscription over Telegram. Open-source alternative to OpenClaw and NanoClaw — no API keys.",
   "type": "module",
   "bin": {

package/telegram-plugin/bridge/bridge.ts

@@ -438,6 +438,21 @@ const TOOL_SCHEMAS = [
       required: ['chat_id', 'key'],
     },
   },
+  {
+    name: 'request_secret',
+    description:
+      'Ask the operator to PROVIDE a secret you do not have, securely — NEVER ask the user to paste a token/key/password as a normal chat message. Use this when you need a credential that is not in the vault (a `vault:<key>` reference is missing/empty, or you know an upcoming task needs one you lack). Renders a Telegram card with [Provide securely] [Decline]; on tap, the operator sends the value once and the gateway DELETES their message instantly and writes it straight to the vault — the raw value is never echoed back to you. You receive only `vault:<key>`. This is the sibling of `vault_request_save` (use that when the user already handed YOU a value to store) and `vault_request_access` (use that when the key exists but you lack read access). After firing this tool, END YOUR TURN cleanly — a fresh inbound message arrives once the operator provides (or declines) the secret. Do NOT call this for keys you already have, and do NOT spam (one open request per key; the operator sees every card).',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        chat_id: { type: 'string', description: 'Chat to render the card in (use the chat_id of the user message that triggered the workflow).' },
+        key: { type: 'string', description: 'Vault key to store the provided secret under. Use lowercase namespaced snake_case, e.g. `coolify/api-token`.' },
+        reason: { type: 'string', description: 'REQUIRED in practice — one-line human-readable rationale rendered on the card (e.g. "to trigger a redeploy on Coolify"). Omitting it makes the operator more likely to Decline.' },
+        message_thread_id: { type: 'string', description: 'Forum topic thread ID. Auto-applied from the last inbound message if not specified.' },
+      },
+      required: ['chat_id', 'key'],
+    },
+  },
 ]
 
 mcp.setRequestHandler(ListToolsRequestSchema, async () => ({ tools: TOOL_SCHEMAS }))

package/telegram-plugin/card-format.ts

@@ -60,3 +60,68 @@ export function escapeHtml(s: string): string {
 export function truncate(s: string, n: number): string {
   return s.length > n ? s.slice(0, n - 1) + '…' : s;
 }
+
+/**
+ * Strip Markdown markup from a single line, leaving plain prose.
+ *
+ * Worker narration is authored as Markdown — the model writes `**bold**`,
+ * `` `code` ``, `- bullets`, `# headings`. The status cards render Telegram
+ * HTML, which does NOT interpret Markdown, so an unstripped `**` shows up as
+ * two literal asterisks (the #94-class "half-done" look). Strip the markup
+ * here so the card reads as clean prose.
+ *
+ * Run this BEFORE `truncate` + `escapeHtml`: clean → measure → escape. (The
+ * stripper never touches `<`/`>`/`&`, so escaping stays the last step.)
+ */
+export function stripMarkdown(s: string): string {
+  let out = s;
+  // Inline + leftover code spans → bare text.
+  out = out.replace(/`+/g, '');
+  // Links / images: [text](url) and ![alt](url) → the label.
+  out = out.replace(/!?\[([^\]]*)\]\([^)]*\)/g, '$1');
+  // Paired bold / emphasis runs (longest marker first).
+  out = out.replace(/\*\*(.+?)\*\*/g, '$1');
+  out = out.replace(/__(.+?)__/g, '$1');
+  out = out.replace(/\*(.+?)\*/g, '$1');
+  out = out.replace(/(?<![A-Za-z0-9])_(.+?)_(?![A-Za-z0-9])/g, '$1');
+  // Leading block markup: heading, blockquote, bullet, ordered item.
+  // `gm` so the markers are stripped on EVERY line, not just the string
+  // start — a multi-line summary like "Done.\n\n## Summary\n…" must not
+  // leak a raw `## Summary` when rendered as a single card step.
+  out = out.replace(/^\s{0,3}#{1,6}\s+/gm, '');
+  out = out.replace(/^\s{0,3}>\s?/gm, '');
+  out = out.replace(/^\s{0,3}[-*+]\s+/gm, '');
+  out = out.replace(/^\s{0,3}\d+[.)]\s+/gm, '');
+  // Residual unpaired bold markers (a lone `*` is left alone so `3 * 4`
+  // survives; only the doubled form is markup-by-construction).
+  out = out.replace(/\*\*/g, '');
+  return out.trim();
+}
+
+/** True for a whole-line horizontal rule: `---`, `___`, `***` (3+ of one). */
+function isRuleLine(s: string): boolean {
+  return /^\s*([-_*])\1{2,}\s*$/.test(s);
+}
+
+/**
+ * Clean a worker's multi-line result/narration into a single plain-text
+ * paragraph for a card's finished body. Drops fenced code blocks and
+ * horizontal rules, strips per-line Markdown, then space-joins what's left.
+ * Output is plain text — the caller still truncates + escapes before
+ * interpolating into HTML.
+ */
+export function cleanWorkerResultParagraph(s: string): string {
+  const kept: string[] = [];
+  let inFence = false;
+  for (const raw of s.split('\n')) {
+    if (/^\s*```/.test(raw)) {
+      inFence = !inFence;
+      continue;
+    }
+    if (inFence) continue;
+    if (isRuleLine(raw)) continue;
+    const cleaned = stripMarkdown(raw);
+    if (cleaned.length > 0) kept.push(cleaned);
+  }
+  return kept.join(' ').replace(/\s+/g, ' ').trim();
+}

package/telegram-plugin/dist/bridge/bridge.js

@@ -24914,6 +24914,20 @@ var TOOL_SCHEMAS = [
       },
       required: ["chat_id", "key"]
     }
+  },
+  {
+    name: "request_secret",
+    description: "Ask the operator to PROVIDE a secret you do not have, securely \u2014 NEVER ask the user to paste a token/key/password as a normal chat message. Use this when you need a credential that is not in the vault (a `vault:<key>` reference is missing/empty, or you know an upcoming task needs one you lack). Renders a Telegram card with [Provide securely] [Decline]; on tap, the operator sends the value once and the gateway DELETES their message instantly and writes it straight to the vault \u2014 the raw value is never echoed back to you. You receive only `vault:<key>`. This is the sibling of `vault_request_save` (use that when the user already handed YOU a value to store) and `vault_request_access` (use that when the key exists but you lack read access). After firing this tool, END YOUR TURN cleanly \u2014 a fresh inbound message arrives once the operator provides (or declines) the secret. Do NOT call this for keys you already have, and do NOT spam (one open request per key; the operator sees every card).",
+    inputSchema: {
+      type: "object",
+      properties: {
+        chat_id: { type: "string", description: "Chat to render the card in (use the chat_id of the user message that triggered the workflow)." },
+        key: { type: "string", description: "Vault key to store the provided secret under. Use lowercase namespaced snake_case, e.g. `coolify/api-token`." },
+        reason: { type: "string", description: 'REQUIRED in practice \u2014 one-line human-readable rationale rendered on the card (e.g. "to trigger a redeploy on Coolify"). Omitting it makes the operator more likely to Decline.' },
+        message_thread_id: { type: "string", description: "Forum topic thread ID. Auto-applied from the last inbound message if not specified." }
+      },
+      required: ["chat_id", "key"]
+    }
   }
 ];
 mcp.setRequestHandler(ListToolsRequestSchema2, async () => ({ tools: TOOL_SCHEMAS }));