switchroom 0.14.26 → 0.14.28

package/telegram-plugin/dist/gateway/gateway.js

@@ -6549,6 +6549,43 @@ function escapeHtml(s) {
 function truncate(s, n) {
   return s.length > n ? s.slice(0, n - 1) + "\u2026" : s;
 }
+function stripMarkdown(s) {
+  let out = s;
+  out = out.replace(/`+/g, "");
+  out = out.replace(/!?\[([^\]]*)\]\([^)]*\)/g, "$1");
+  out = out.replace(/\*\*(.+?)\*\*/g, "$1");
+  out = out.replace(/__(.+?)__/g, "$1");
+  out = out.replace(/\*(.+?)\*/g, "$1");
+  out = out.replace(/(?<![A-Za-z0-9])_(.+?)_(?![A-Za-z0-9])/g, "$1");
+  out = out.replace(/^\s{0,3}#{1,6}\s+/gm, "");
+  out = out.replace(/^\s{0,3}>\s?/gm, "");
+  out = out.replace(/^\s{0,3}[-*+]\s+/gm, "");
+  out = out.replace(/^\s{0,3}\d+[.)]\s+/gm, "");
+  out = out.replace(/\*\*/g, "");
+  return out.trim();
+}
+function isRuleLine(s) {
+  return /^\s*([-_*])\1{2,}\s*$/.test(s);
+}
+function cleanWorkerResultParagraph(s) {
+  const kept = [];
+  let inFence = false;
+  for (const raw of s.split(`
+`)) {
+    if (/^\s*```/.test(raw)) {
+      inFence = !inFence;
+      continue;
+    }
+    if (inFence)
+      continue;
+    if (isRuleLine(raw))
+      continue;
+    const cleaned = stripMarkdown(raw);
+    if (cleaned.length > 0)
+      kept.push(cleaned);
+  }
+  return kept.join(" ").replace(/\s+/g, " ").trim();
+}
 
 // ../node_modules/.bun/@grammyjs+runner@2.0.3+c6be0243b1bbec89/node_modules/@grammyjs/runner/out/mod.js
 var require_mod4 = __commonJS((exports) => {
@@ -24829,1269 +24866,380 @@ var init_loader = __esm(() => {
   };
 });
 
-// history.ts
-var exports_history = {};
-__export(exports_history, {
-  recordReaction: () => recordReaction,
-  recordOutbound: () => recordOutbound,
-  recordInbound: () => recordInbound,
-  recordEdit: () => recordEdit,
-  query: () => query,
-  pruneMessagesOlderThanDays: () => pruneMessagesOlderThanDays,
-  lookupMessageRoleAndText: () => lookupMessageRoleAndText,
-  initHistory: () => initHistory,
-  getRecentOutboundCount: () => getRecentOutboundCount,
-  getLatestInboundMessageId: () => getLatestInboundMessageId,
-  deleteFromHistory: () => deleteFromHistory,
-  checkpointWal: () => checkpointWal,
-  _resetForTests: () => _resetForTests
-});
-import { chmodSync as chmodSync2, mkdirSync as mkdirSync9 } from "fs";
-import { join as join11 } from "path";
-function loadDatabaseClass() {
-  if (DatabaseClass != null)
-    return DatabaseClass;
-  try {
-    const metaRequire = import.meta.require;
-    if (typeof metaRequire !== "function") {
-      throw new Error("import.meta.require not available \u2014 Bun runtime required");
-    }
-    const mod = metaRequire("bun:sqlite");
-    if (!mod.Database)
-      throw new Error("bun:sqlite did not export Database");
-    DatabaseClass = mod.Database;
-    return DatabaseClass;
-  } catch (err) {
-    throw new Error(`history.ts requires Bun runtime (bun:sqlite). Caller: ${err.message}`);
-  }
-}
-function initHistory(stateDir, retentionDays = 30) {
-  if (db != null)
-    return;
-  const Database = loadDatabaseClass();
-  mkdirSync9(stateDir, { recursive: true, mode: 448 });
-  const path = join11(stateDir, "history.db");
-  db = new Database(path, { create: true });
-  db.exec("PRAGMA journal_mode = WAL");
-  db.exec("PRAGMA synchronous = NORMAL");
-  db.exec(`
-    CREATE TABLE IF NOT EXISTS messages (
-      chat_id        TEXT    NOT NULL,
-      thread_id      INTEGER,
-      message_id     INTEGER NOT NULL,
-      role           TEXT    NOT NULL,
-      user           TEXT,
-      user_id        TEXT,
-      ts             INTEGER NOT NULL,
-      text           TEXT    NOT NULL,
-      attachment_kind TEXT,
-      group_id       INTEGER,
-      reply_to_message_id INTEGER,
-      reply_to_text  TEXT,
-      PRIMARY KEY (chat_id, thread_id, message_id)
-    )
-  `);
-  db.exec(`
-    CREATE INDEX IF NOT EXISTS idx_messages_recent
-      ON messages (chat_id, thread_id, ts DESC)
-  `);
-  for (const column of ["reply_to_message_id INTEGER", "reply_to_text TEXT", "user_reaction TEXT"]) {
-    try {
-      db.exec(`ALTER TABLE messages ADD COLUMN ${column}`);
-    } catch (err) {
-      const msg = err instanceof Error ? err.message : String(err);
-      if (!/duplicate column name/i.test(msg))
-        throw err;
+// secret-detect/patterns.ts
+var ANCHORED_PATTERNS, STRUCTURED_PATTERNS, ALL_PATTERNS;
+var init_patterns = __esm(() => {
+  ANCHORED_PATTERNS = [
+    { rule_id: "anthropic_api_key", regex: /\b(sk-ant-[A-Za-z0-9_-]{8,})\b/g, captureIndex: 1, slugHint: "anthropic_api_key" },
+    { rule_id: "anthropic_oauth_code", regex: /(?:^|\s)([A-Za-z0-9_-]{20,}#[A-Za-z0-9_-]{20,})(?=\s|$)/gm, captureIndex: 1, slugHint: "anthropic_oauth_code" },
+    { rule_id: "openai_api_key", regex: /\b(sk-[A-Za-z0-9_-]{20,})\b/g, captureIndex: 1, slugHint: "openai_api_key" },
+    { rule_id: "github_pat_classic", regex: /\b(ghp_[A-Za-z0-9]{20,})\b/g, captureIndex: 1, slugHint: "github_pat" },
+    { rule_id: "github_pat_fine_grained", regex: /\b(github_pat_[A-Za-z0-9_]{20,})\b/g, captureIndex: 1, slugHint: "github_pat" },
+    { rule_id: "slack_token", regex: /\b(xox[baprs]-[A-Za-z0-9-]{10,})\b/g, captureIndex: 1, slugHint: "slack_token" },
+    { rule_id: "slack_app_token", regex: /\b(xapp-[A-Za-z0-9-]{10,})\b/g, captureIndex: 1, slugHint: "slack_app_token" },
+    { rule_id: "groq_api_key", regex: /\b(gsk_[A-Za-z0-9_-]{10,})\b/g, captureIndex: 1, slugHint: "groq_api_key" },
+    { rule_id: "google_api_key", regex: /\b(AIza[0-9A-Za-z\-_]{20,})\b/g, captureIndex: 1, slugHint: "google_api_key" },
+    { rule_id: "perplexity_api_key", regex: /\b(pplx-[A-Za-z0-9_-]{10,})\b/g, captureIndex: 1, slugHint: "perplexity_api_key" },
+    { rule_id: "npm_token", regex: /\b(npm_[A-Za-z0-9]{10,})\b/g, captureIndex: 1, slugHint: "npm_token" },
+    { rule_id: "telegram_bot_token_prefixed", regex: /\bbot(\d{6,}:[A-Za-z0-9_-]{20,})\b/g, captureIndex: 1, slugHint: "telegram_bot_token" },
+    { rule_id: "telegram_bot_token", regex: /\b(\d{6,}:[A-Za-z0-9_-]{20,})\b/g, captureIndex: 1, slugHint: "telegram_bot_token" },
+    { rule_id: "laravel_sanctum_token", regex: /\b(\d+\|[A-Za-z0-9]{40,})\b/g, captureIndex: 1, slugHint: "api_token" },
+    { rule_id: "aws_access_key", regex: /\b(AKIA[0-9A-Z]{16})\b/g, captureIndex: 1, slugHint: "aws_access_key" },
+    { rule_id: "jwt", regex: /\b(eyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,})\b/g, captureIndex: 1, slugHint: "jwt" }
+  ];
+  STRUCTURED_PATTERNS = [
+    {
+      rule_id: "env_key_value",
+      regex: /\b([A-Z0-9_]*(?:KEY|TOKEN|SECRET|PASSWORD|PASSWD))\b\s*[=:]\s*(["']?)([^\s"'\\]+)\2/g,
+      captureIndex: 3,
+      slugHint: "env"
+    },
+    {
+      rule_id: "json_secret_field",
+      regex: /"(?:apiKey|token|secret|password|passwd|accessToken|refreshToken)"\s*:\s*"([^"]+)"/g,
+      captureIndex: 1,
+      slugHint: "json_secret"
+    },
+    {
+      rule_id: "cli_flag",
+      regex: /--(?:api[-_]?key|hook[-_]?token|token|secret|password|passwd)\s+(["']?)([^\s"']+)\1/g,
+      captureIndex: 2,
+      slugHint: "cli_flag"
+    },
+    {
+      rule_id: "bearer_auth_header",
+      regex: /Authorization\s*[:=]\s*Bearer\s+([A-Za-z0-9._\-+=]+)/g,
+      captureIndex: 1,
+      slugHint: "bearer_token"
+    },
+    {
+      rule_id: "bearer_loose",
+      regex: /\bBearer\s+([A-Za-z0-9._\-+=]{18,})\b/g,
+      captureIndex: 1,
+      slugHint: "bearer_token"
+    },
+    {
+      rule_id: "pem_private_key",
+      regex: /-----BEGIN [A-Z ]*PRIVATE KEY-----[\s\S]+?-----END [A-Z ]*PRIVATE KEY-----/g,
+      captureIndex: 0,
+      slugHint: "pem_private_key"
     }
+  ];
+  ALL_PATTERNS = [...ANCHORED_PATTERNS, ...STRUCTURED_PATTERNS];
+});
+
+// secret-detect/entropy.ts
+function shannonEntropy(s) {
+  if (s.length === 0)
+    return 0;
+  const counts = new Map;
+  for (const ch of s) {
+    counts.set(ch, (counts.get(ch) ?? 0) + 1);
   }
-  try {
-    chmodSync2(path, 384);
-  } catch {}
-  if (retentionDays > 0) {
-    const cutoff = Math.floor(Date.now() / 1000) - retentionDays * 86400;
-    db.prepare("DELETE FROM messages WHERE ts < ?").run(cutoff);
+  let h = 0;
+  const len = s.length;
+  for (const c of counts.values()) {
+    const p = c / len;
+    h -= p * Math.log2(p);
   }
+  return h;
 }
-function _resetForTests() {
-  if (db != null) {
-    db.close();
-    db = null;
+
+// secret-detect/kv-scanner.ts
+function scanKeyValue(text) {
+  const hits = [];
+  KV_RE.lastIndex = 0;
+  let m;
+  while ((m = KV_RE.exec(text)) !== null) {
+    const [, keyName, value] = m;
+    if (!value)
+      continue;
+    const h = shannonEntropy(value);
+    if (h < KV_ENTROPY_THRESHOLD)
+      continue;
+    const valueOffsetInMatch = m[0].indexOf(value, keyName.length);
+    if (valueOffsetInMatch < 0)
+      continue;
+    const start = m.index + valueOffsetInMatch;
+    const end = start + value.length;
+    hits.push({
+      rule_id: "kv_entropy",
+      start,
+      end,
+      matched_text: value,
+      key_name: keyName,
+      confidence: "ambiguous"
+    });
   }
+  return hits;
 }
-function checkpointWal() {
-  if (db == null)
-    return false;
-  try {
-    db.prepare("PRAGMA wal_checkpoint(TRUNCATE)").run();
-    return true;
-  } catch {
-    return false;
+var KV_RE, KV_ENTROPY_THRESHOLD = 4;
+var init_kv_scanner = __esm(() => {
+  KV_RE = /\b([A-Za-z_][A-Za-z0-9_-]*(?:password|passwd|token|secret|key|api[_-]?key))\s*[:=]\s*["']?([^\s"'\\]{8,})["']?/gi;
+});
+
+// secret-detect/chunker.ts
+function chunk(text) {
+  if (text.length <= CHUNK_THRESHOLD) {
+    return [{ offset: 0, text }];
   }
-}
-function pruneMessagesOlderThanDays(retentionDays, nowSec, batchLimit = 5000) {
-  if (db == null)
-    return 0;
-  if (retentionDays <= 0)
-    return 0;
-  const cutoffSec = (nowSec ?? Math.floor(Date.now() / 1000)) - retentionDays * 86400;
-  const stmt = db.prepare(`
-    DELETE FROM messages
-    WHERE rowid IN (
-      SELECT rowid FROM messages WHERE ts < ? LIMIT ?
-    )
-  `);
-  let total = 0;
-  for (let i = 0;i < 1000; i++) {
-    const result = stmt.run(cutoffSec, batchLimit);
-    const n = result.changes ?? 0;
-    total += n;
-    if (n === 0)
+  const out = [];
+  let offset = 0;
+  while (offset < text.length) {
+    const end = Math.min(offset + WINDOW_SIZE, text.length);
+    out.push({ offset, text: text.slice(offset, end) });
+    if (end >= text.length)
       break;
+    offset = end - OVERLAP;
   }
-  return total;
-}
-function requireDb() {
-  if (db == null) {
-    throw new Error("history: initHistory() must be called before any record/query operation");
-  }
-  return db;
-}
-function recordInbound(args) {
-  if (args.message_id == null)
-    return;
-  const stmt = requireDb().prepare(`
-    INSERT OR REPLACE INTO messages
-      (chat_id, thread_id, message_id, role, user, user_id, ts, text, attachment_kind, group_id, reply_to_message_id, reply_to_text)
-    VALUES (?, ?, ?, 'user', ?, ?, ?, ?, ?, NULL, ?, ?)
-  `);
-  stmt.run(args.chat_id, args.thread_id ?? null, args.message_id, args.user ?? null, args.user_id ?? null, args.ts, args.text, args.attachment_kind ?? null, args.reply_to_message_id ?? null, args.reply_to_text ?? null);
-}
-function recordOutbound(args) {
-  if (args.message_ids.length === 0)
-    return;
-  const ts = args.ts ?? Math.floor(Date.now() / 1000);
-  const groupId = args.message_ids[0];
-  const stmt = requireDb().prepare(`
-    INSERT OR REPLACE INTO messages
-      (chat_id, thread_id, message_id, role, user, user_id, ts, text, attachment_kind, group_id)
-    VALUES (?, ?, ?, 'assistant', NULL, NULL, ?, ?, ?, ?)
-  `);
-  const tx = requireDb().transaction((rows2) => {
-    for (const [msgId, text, attachKind] of rows2) {
-      stmt.run(args.chat_id, args.thread_id ?? null, msgId, ts, text, attachKind, groupId);
-    }
-  });
-  const rows = args.message_ids.map((id, i) => [
-    id,
-    args.texts[i] ?? "",
-    args.attachment_kinds?.[i] ?? null
-  ]);
-  tx(rows);
+  return out;
 }
-function recordEdit(args) {
-  requireDb().prepare(`
-      UPDATE messages
-         SET text = ?
-       WHERE chat_id = ? AND message_id = ?
-    `).run(args.text, args.chat_id, args.message_id);
+var CHUNK_THRESHOLD, WINDOW_SIZE, OVERLAP = 1024;
+var init_chunker = __esm(() => {
+  CHUNK_THRESHOLD = 32 * 1024;
+  WINDOW_SIZE = 16 * 1024;
+});
+
+// secret-detect/suppressor.ts
+function isSuppressed(text, start, end) {
+  const left = Math.max(0, start - WINDOW);
+  const right = Math.min(text.length, end + WINDOW);
+  const context = text.slice(left, start) + text.slice(end, right);
+  return MARKER_RE.test(context);
 }
-function recordReaction(args) {
-  requireDb().prepare(`
-      UPDATE messages
-         SET user_reaction = ?
-       WHERE chat_id = ? AND message_id = ?
-    `).run(args.emoji, args.chat_id, args.message_id);
+var MARKERS, WINDOW = 40, MARKER_RE;
+var init_suppressor = __esm(() => {
+  MARKERS = ["test", "mock", "example", "fixture", "dummy"];
+  MARKER_RE = new RegExp(`\\b(?:${MARKERS.join("|")})\\b`, "i");
+});
+
+// secret-detect/slug.ts
+function sanitizeKeyName(raw) {
+  const up = raw.toUpperCase();
+  const cleaned = up.replace(/[^A-Z0-9_]+/g, "_").replace(/_+/g, "_").replace(/^_+|_+$/g, "");
+  return cleaned.length > 0 ? cleaned : "SECRET";
 }
-function deleteFromHistory(args) {
-  requireDb().prepare(`
-      DELETE FROM messages
-       WHERE chat_id = ? AND message_id = ?
-    `).run(args.chat_id, args.message_id);
+function datePart(now = new Date) {
+  const y = now.getUTCFullYear();
+  const m = String(now.getUTCMonth() + 1).padStart(2, "0");
+  const d = String(now.getUTCDate()).padStart(2, "0");
+  return `${y}${m}${d}`;
 }
-function getLatestInboundMessageId(chatId, threadId) {
-  const params = [chatId];
-  let sql = "SELECT message_id FROM messages WHERE chat_id = ? AND role = 'user'";
-  if (threadId !== undefined) {
-    if (threadId === null) {
-      sql += " AND thread_id IS NULL";
-    } else {
-      sql += " AND thread_id = ?";
-      params.push(threadId);
-    }
+function deriveSlug(inputs, existing) {
+  let base;
+  if (inputs.key_name && inputs.key_name.trim().length > 0) {
+    base = sanitizeKeyName(inputs.key_name);
+  } else {
+    base = `${inputs.rule_id}_${datePart(inputs.now)}`;
   }
-  sql += " ORDER BY ts DESC, message_id DESC LIMIT 1";
-  const row = requireDb().prepare(sql).get(...params);
-  return row?.message_id ?? null;
-}
-function lookupMessageRoleAndText(chatId, messageId) {
-  const row = requireDb().prepare(`SELECT role, text FROM messages WHERE chat_id = ? AND message_id = ? LIMIT 1`).get(chatId, messageId);
-  if (!row)
-    return null;
-  return { role: row.role, text: row.text ?? "" };
-}
-function getRecentOutboundCount(chatId, withinSeconds) {
-  const cutoff = Math.floor(Date.now() / 1000) - withinSeconds;
-  const row = requireDb().prepare("SELECT COUNT(*) as cnt FROM messages WHERE chat_id = ? AND role = ? AND ts >= ?").get(chatId, "assistant", cutoff);
-  return row?.cnt ?? 0;
+  if (!existing.has(base))
+    return base;
+  let n = 2;
+  while (existing.has(`${base}_${n}`))
+    n++;
+  return `${base}_${n}`;
 }
-function query(opts) {
-  const limit = Math.min(MAX_LIMIT, Math.max(1, opts.limit ?? DEFAULT_LIMIT));
-  const params = [opts.chat_id];
-  let sql = "SELECT * FROM messages WHERE chat_id = ?";
-  if (opts.thread_id !== undefined) {
-    if (opts.thread_id === null) {
-      sql += " AND thread_id IS NULL";
-    } else {
-      sql += " AND thread_id = ?";
-      params.push(opts.thread_id);
-    }
-  }
-  if (opts.before_message_id != null) {
-    sql += " AND message_id < ?";
-    params.push(opts.before_message_id);
+
+// secret-detect/mask.ts
+function maskToken(s) {
+  if (s.length >= 18) {
+    return `${s.slice(0, 6)}...${s.slice(-4)}`;
   }
-  sql += " ORDER BY ts DESC, message_id DESC LIMIT ?";
-  params.push(limit);
-  const rows = requireDb().prepare(sql).all(...params);
-  rows.reverse();
-  return rows;
+  return "***";
 }
-var DatabaseClass = null, DEFAULT_LIMIT = 10, MAX_LIMIT = 50, db = null;
-var init_history = () => {};
 
-// quota-check.ts
-import { readFileSync as readFileSync8, existsSync as existsSync12 } from "fs";
-import { join as join12 } from "path";
-function readOauthToken(claudeConfigDir) {
-  const tokenFile = join12(claudeConfigDir, ".oauth-token");
-  if (!existsSync12(tokenFile))
-    return null;
+// secret-detect/url-redact.ts
+function redactUrls(text) {
+  return text.replace(URL_RE, (m) => {
+    const redacted = redactOne(m);
+    return redacted ?? m;
+  });
+}
+function redactOne(raw) {
+  let u;
   try {
-    const raw = readFileSync8(tokenFile, "utf-8").trim();
-    return raw.length > 0 ? raw : null;
+    u = new URL(raw);
   } catch {
     return null;
   }
-}
-function parseFloatHeader(headers, name) {
-  const v = headers.get(name);
-  if (v == null || v.trim().length === 0)
-    return null;
-  const n = Number(v);
-  return Number.isFinite(n) ? n : null;
-}
-function parseEpochHeader(headers, name) {
-  const v = headers.get(name);
-  if (v == null)
-    return null;
-  const n = Number(v);
-  if (!Number.isFinite(n) || n <= 0)
-    return null;
-  return new Date(n * 1000);
-}
-function parseQuotaHeaders(headers) {
-  const fiveHour = parseFloatHeader(headers, "anthropic-ratelimit-unified-5h-utilization");
-  const sevenDay = parseFloatHeader(headers, "anthropic-ratelimit-unified-7d-utilization");
-  if (fiveHour == null && sevenDay == null) {
-    return {
-      ok: false,
-      reason: "no unified rate-limit headers in response (API token, not OAuth?)"
-    };
-  }
-  return {
-    ok: true,
-    data: {
-      fiveHourUtilizationPct: (fiveHour ?? 0) * 100,
-      sevenDayUtilizationPct: (sevenDay ?? 0) * 100,
-      fiveHourResetAt: parseEpochHeader(headers, "anthropic-ratelimit-unified-5h-reset"),
-      sevenDayResetAt: parseEpochHeader(headers, "anthropic-ratelimit-unified-7d-reset"),
-      representativeClaim: headers.get("anthropic-ratelimit-unified-representative-claim"),
-      overageStatus: headers.get("anthropic-ratelimit-unified-overage-status"),
-      overageDisabledReason: headers.get("anthropic-ratelimit-unified-overage-disabled-reason")
+  let changed = false;
+  if (u.username || u.password) {
+    u.username = "***";
+    u.password = "";
+    changed = true;
+  }
+  for (const [key] of u.searchParams) {
+    if (SENSITIVE_PARAMS.has(key.toLowerCase())) {
+      u.searchParams.set(key, "***");
+      changed = true;
     }
-  };
-}
-async function fetchQuota(opts) {
-  let token;
-  if (opts.accessToken && opts.claudeConfigDir) {
-    return {
-      ok: false,
-      reason: "pass only one of `accessToken` or `claudeConfigDir`, not both"
-    };
-  }
-  if (opts.accessToken) {
-    token = opts.accessToken.trim().length > 0 ? opts.accessToken : null;
-  } else if (opts.claudeConfigDir) {
-    token = readOauthToken(opts.claudeConfigDir);
-  } else {
-    return {
-      ok: false,
-      reason: "fetchQuota requires `accessToken` or `claudeConfigDir`"
-    };
   }
-  if (!token) {
-    return { ok: false, reason: "no OAuth token at .oauth-token" };
+  return changed ? u.toString() : null;
+}
+var SENSITIVE_PARAMS, URL_RE;
+var init_url_redact = __esm(() => {
+  SENSITIVE_PARAMS = new Set([
+    "token",
+    "key",
+    "api_key",
+    "apikey",
+    "secret",
+    "access_token",
+    "password",
+    "pass",
+    "auth",
+    "client_secret",
+    "refresh_token",
+    "signature"
+  ]);
+  URL_RE = /\b(?:https?|wss?|ftp):\/\/[^\s<>"']+/gi;
+});
+
+// ../node_modules/.bun/boundary@2.0.0/node_modules/boundary/lib/index.js
+var require_lib = __commonJS((exports2) => {
+  Object.defineProperty(exports2, "__esModule", { value: true });
+  exports2.binarySearch = exports2.upperBound = exports2.lowerBound = exports2.compare = undefined;
+  function compare(v1, v2) {
+    return v1 < v2;
   }
-  const controller = new AbortController;
-  const timeout = setTimeout(() => controller.abort(), opts.timeoutMs ?? 1e4);
-  const fetchFn = opts.fetchImpl ?? fetch;
-  let resp;
-  try {
-    resp = await fetchFn("https://api.anthropic.com/v1/messages", {
-      method: "POST",
-      headers: {
-        "anthropic-version": "2023-06-01",
-        "anthropic-beta": OAUTH_BETA,
-        authorization: `Bearer ${token}`,
-        "x-app": "cli",
-        "user-agent": DEFAULT_USER_AGENT,
-        "content-type": "application/json"
-      },
-      body: JSON.stringify({
-        model: opts.model ?? DEFAULT_PROBE_MODEL,
-        max_tokens: 1,
-        messages: [{ role: "user", content: "hi" }]
-      }),
-      signal: controller.signal
-    });
-  } catch (err) {
-    const msg = err?.message ?? String(err);
-    return { ok: false, reason: `request failed: ${msg}` };
-  } finally {
-    clearTimeout(timeout);
+  exports2.compare = compare;
+  function upperBound(array, value, comp = compare) {
+    let len = array.length;
+    let i = 0;
+    while (len) {
+      let diff = len >>> 1;
+      let cursor = i + diff;
+      if (comp(value, array[cursor])) {
+        len = diff;
+      } else {
+        i = cursor + 1;
+        len -= diff + 1;
+      }
+    }
+    return i;
   }
-  if (resp.status === 401 || resp.status === 403) {
-    return { ok: false, reason: `auth rejected (HTTP ${resp.status})` };
+  exports2.upperBound = upperBound;
+  function lowerBound(array, value, comp = compare) {
+    let len = array.length;
+    let i = 0;
+    while (len) {
+      let diff = len >>> 1;
+      let cursor = i + diff;
+      if (comp(array[cursor], value)) {
+        i = cursor + 1;
+        len -= diff + 1;
+      } else {
+        len = diff;
+      }
+    }
+    return i;
   }
-  const parsed = parseQuotaHeaders(resp.headers);
-  if (!parsed.ok && resp.status >= 400) {
-    return { ok: false, reason: `HTTP ${resp.status}, ${parsed.reason}` };
+  exports2.lowerBound = lowerBound;
+  function binarySearch(array, value, comp = compare) {
+    let cursor = lowerBound(array, value, comp);
+    return cursor !== array.length && !comp(value, array[cursor]);
   }
-  return parsed;
-}
-function formatQuotaLine(q) {
-  const fmt = (n) => `${Math.round(n)}%`;
-  return `${fmt(q.fiveHourUtilizationPct)} / 5h \u00b7 ${fmt(q.sevenDayUtilizationPct)} / 7d`;
-}
-function formatResetRelative(target, now = new Date) {
-  if (!target)
-    return "\u2014";
-  const deltaMs = target.getTime() - now.getTime();
-  if (deltaMs <= 0)
-    return "resets now";
-  const totalMin = Math.round(deltaMs / 60000);
-  if (totalMin < 60)
-    return `resets in ${totalMin}m`;
-  const hours = Math.floor(totalMin / 60);
-  const mins = totalMin % 60;
-  if (hours < 24)
-    return mins > 0 ? `resets in ${hours}h ${mins}m` : `resets in ${hours}h`;
-  const days = Math.floor(hours / 24);
-  const remH = hours % 24;
-  return remH > 0 ? `resets in ${days}d ${remH}h` : `resets in ${days}d`;
-}
-var OAUTH_BETA = "oauth-2025-04-20", DEFAULT_USER_AGENT = "claude-cli/1.0.0 (external, cli)", DEFAULT_PROBE_MODEL = "claude-haiku-4-5-20251001";
-var init_quota_check = () => {};
+  exports2.binarySearch = binarySearch;
+});
 
-// ../src/vault/broker/peercred-ffi.ts
-function getPeerCred(fd) {
-  if (process.platform !== "linux")
-    return null;
-  try {
-    const ffi = __require("bun:ffi");
-    const { dlopen, FFIType, ptr } = ffi;
-    const SOL_SOCKET = 1;
-    const SO_PEERCRED = 17;
-    const UCRED_SIZE = 12;
-    const cache = getPeerCred;
-    const lib = cache._lib ?? (() => {
-      const candidates = ["libc.so.6", "libc.so"];
-      const symbolSpec = {
-        getsockopt: {
-          args: [FFIType.i32, FFIType.i32, FFIType.i32, FFIType.ptr, FFIType.ptr],
-          returns: FFIType.i32
+// ../node_modules/.bun/structured-source@4.0.0/node_modules/structured-source/lib/structured-source.js
+var require_structured_source = __commonJS((exports2) => {
+  Object.defineProperty(exports2, "__esModule", { value: true });
+  exports2.StructuredSource = undefined;
+  var boundary_1 = require_lib();
+
+  class StructuredSource {
+    constructor(source) {
+      this.indice = [0];
+      let regexp = /[\r\n\u2028\u2029]/g;
+      const length = source.length;
+      regexp.lastIndex = 0;
+      while (true) {
+        let result = regexp.exec(source);
+        if (!result) {
+          break;
         }
-      };
-      const errors3 = [];
-      for (const name of candidates) {
-        try {
-          const opened = dlopen(name, symbolSpec);
-          cache._lib = opened;
-          return opened;
-        } catch (e) {
-          errors3.push(`${name}: ${e instanceof Error ? e.message : String(e)}`);
+        let index = result.index;
+        if (source.charCodeAt(index) === 13 && source.charCodeAt(index + 1) === 10) {
+          index += 1;
+        }
+        let nextIndex = index + 1;
+        if (length < nextIndex) {
+          break;
         }
+        this.indice.push(nextIndex);
+        regexp.lastIndex = nextIndex;
       }
-      process.stderr.write(`[vault-broker] peercred-ffi: dlopen failed for all libc candidates ` + `(${errors3.join("; ")}); falling back to ss-parsing.
-`);
-      throw new Error("no libc candidate could be opened");
-    })();
-    const credBuf = new ArrayBuffer(UCRED_SIZE);
-    const lenBuf = new Uint32Array(1);
-    lenBuf[0] = UCRED_SIZE;
-    const rc = lib.symbols.getsockopt(fd, SOL_SOCKET, SO_PEERCRED, ptr(credBuf), ptr(lenBuf.buffer));
-    if (rc !== 0)
-      return null;
-    if (lenBuf[0] !== UCRED_SIZE)
-      return null;
-    const view = new DataView(credBuf);
-    return {
-      pid: view.getInt32(0, true),
-      uid: view.getInt32(4, true),
-      gid: view.getInt32(8, true)
-    };
-  } catch {
-    return null;
-  }
-}
-
-// ../src/vault/broker/peercred.ts
-function isReservedAgentName(name) {
-  return RESERVED_AGENT_NAMES.has(name);
-}
-function unlockSocketFor(dataSocketPath) {
-  if (dataSocketPath.endsWith("/sock")) {
-    return dataSocketPath.slice(0, -"/sock".length) + "/unlock";
+    }
+    get line() {
+      return this.indice.length;
+    }
+    locationToRange(loc) {
+      return [this.positionToIndex(loc.start), this.positionToIndex(loc.end)];
+    }
+    rangeToLocation(range) {
+      return {
+        start: this.indexToPosition(range[0]),
+        end: this.indexToPosition(range[1])
+      };
+    }
+    positionToIndex(pos) {
+      let start = this.indice[pos.line - 1];
+      return start + pos.column;
+    }
+    indexToPosition(index) {
+      const startLine = (0, boundary_1.upperBound)(this.indice, index);
+      return {
+        line: startLine,
+        column: index - this.indice[startLine - 1]
+      };
+    }
   }
-  return dataSocketPath.replace(/\.sock$/, ".unlock.sock");
-}
-var RESERVED_AGENT_NAMES;
-var init_peercred = __esm(() => {
-  RESERVED_AGENT_NAMES = new Set(["operator", "hostd"]);
+  exports2.StructuredSource = StructuredSource;
+});
+// ../node_modules/.bun/@secretlint+core@12.2.0/node_modules/@secretlint/core/module/SecretLintSourceCodeImpl.js
+var import_structured_source;
+var init_SecretLintSourceCodeImpl = __esm(() => {
+  import_structured_source = __toESM(require_structured_source(), 1);
 });
 
-// ../src/vault/broker/protocol.ts
-function encodeRequest2(req) {
-  const json = JSON.stringify(req);
-  if (Buffer.byteLength(json, "utf8") > MAX_FRAME_BYTES2) {
-    throw new Error(`Request frame too large (${Buffer.byteLength(json, "utf8")} bytes; max ${MAX_FRAME_BYTES2})`);
+// ../node_modules/.bun/@secretlint+core@12.2.0/node_modules/@secretlint/core/module/helper/promise-event-emitter.js
+class EventEmitter {
+  #listeners = new Map;
+  on(type, listener) {
+    const prevSet = this.#listeners.get(type);
+    const listenerSet = prevSet ?? new Set;
+    listenerSet?.add(listener);
+    this.#listeners.set(type, listenerSet);
   }
-  return json + `
-`;
-}
-function decodeResponse2(line) {
-  if (Buffer.byteLength(line, "utf8") > MAX_FRAME_BYTES2) {
-    throw new RangeError(`Response frame too large (${Buffer.byteLength(line, "utf8")} bytes; max ${MAX_FRAME_BYTES2})`);
+  emit(type, ...args) {
+    const listenerSet = this.#listeners.get(type);
+    if (!listenerSet) {
+      return;
+    }
+    for (const listenerSetElement of listenerSet) {
+      listenerSetElement(...args);
+    }
   }
-  const obj = JSON.parse(line);
-  return ResponseSchema2.parse(obj);
-}
-var MAX_FRAME_BYTES2, AgentNameSchema, GetRequestSchema, PutRequestSchema, ListRequestSchema, MintGrantRequestSchema, ListGrantsRequestSchema, RevokeGrantRequestSchema, StatusRequestSchema, LockRequestSchema, PreflightAccessRequestSchema, OkPreflightAccessResponseSchema, ApprovalRequestRequestSchema, ApprovalLookupRequestSchema, ApprovalConsumeRequestSchema, ApprovalRevokeRequestSchema, ApprovalListRequestSchema, ApprovalDecisionModeSchema, ApprovalRecordRequestSchema, ApprovalConsumeRecordRequestSchema, RequestSchema2, VaultEntrySchema, ErrorCode, OkEntryResponseSchema, OkKeysResponseSchema, BrokerStatus, OkStatusResponseSchema, OkLockResponseSchema, OkPutResponseSchema, OkMintGrantResponseSchema, GrantMetaSchema, OkListGrantsResponseSchema, OkRevokeGrantResponseSchema, OkApprovalRequestResponseSchema, ApprovalDecisionMetaSchema, OkApprovalLookupResponseSchema, OkApprovalConsumeResponseSchema, OkApprovalRevokeResponseSchema, OkApprovalListResponseSchema, OkApprovalRecordResponseSchema, OkApprovalConsumeRecordResponseSchema, ErrorResponseSchema2, ResponseSchema2;
-var init_protocol2 = __esm(() => {
-  init_zod();
-  init_peercred();
-  MAX_FRAME_BYTES2 = 64 * 1024;
-  AgentNameSchema = exports_external.string().min(1).max(64, "agent name max 64 chars").regex(/^[a-zA-Z0-9][a-zA-Z0-9_-]*$/, "agent name must be kebab-case ASCII (alnum + _- only, first char alnum)").refine((s) => !isReservedAgentName(s), {
-    message: "agent name is reserved"
-  });
-  GetRequestSchema = exports_external.object({
-    v: exports_external.literal(1),
-    op: exports_external.literal("get"),
-    key: exports_external.string().min(1),
-    filename: exports_external.string().optional(),
-    token: exports_external.string().optional()
-  });
-  PutRequestSchema = exports_external.object({
-    v: exports_external.literal(1),
-    op: exports_external.literal("put"),
-    key: exports_external.string().min(1),
-    entry: exports_external.union([
-      exports_external.object({ kind: exports_external.literal("string"), value: exports_external.string() }),
-      exports_external.object({ kind: exports_external.literal("binary"), value: exports_external.string() })
-    ]),
-    token: exports_external.string().optional(),
-    passphrase: exports_external.string().optional(),
-    attest_via_posture: exports_external.boolean().optional()
-  });
-  ListRequestSchema = exports_external.object({
-    v: exports_external.literal(1),
-    op: exports_external.literal("list"),
-    token: exports_external.string().optional()
-  });
-  MintGrantRequestSchema = exports_external.object({
-    v: exports_external.literal(1),
-    op: exports_external.literal("mint_grant"),
-    agent: AgentNameSchema,
-    keys: exports_external.array(exports_external.string().min(1)),
-    ttl_seconds: exports_external.number().int().positive().nullable(),
-    description: exports_external.string().optional(),
-    write_keys: exports_external.array(exports_external.string().min(1)).optional(),
-    passphrase: exports_external.string().optional(),
-    attest_via_posture: exports_external.boolean().optional()
-  });
-  ListGrantsRequestSchema = exports_external.object({
-    v: exports_external.literal(1),
-    op: exports_external.literal("list_grants"),
-    agent: AgentNameSchema.optional(),
-    passphrase: exports_external.string().optional(),
-    attest_via_posture: exports_external.boolean().optional()
-  });
-  RevokeGrantRequestSchema = exports_external.object({
-    v: exports_external.literal(1),
-    op: exports_external.literal("revoke_grant"),
-    id: exports_external.string().min(1)
-  });
-  StatusRequestSchema = exports_external.object({
-    v: exports_external.literal(1),
-    op: exports_external.literal("status")
-  });
-  LockRequestSchema = exports_external.object({
-    v: exports_external.literal(1),
-    op: exports_external.literal("lock")
-  });
-  PreflightAccessRequestSchema = exports_external.object({
-    v: exports_external.literal(1),
-    op: exports_external.literal("preflight_access"),
-    agent: AgentNameSchema,
-    keys: exports_external.array(exports_external.string().min(1)).min(1).max(128)
-  });
-  OkPreflightAccessResponseSchema = exports_external.object({
-    ok: exports_external.literal(true),
-    op: exports_external.literal("preflight_access"),
-    results: exports_external.array(exports_external.object({
-      key: exports_external.string(),
-      exists: exports_external.boolean(),
-      acl_ok: exports_external.boolean(),
-      acl_reason: exports_external.string().optional(),
-      scope_ok: exports_external.boolean(),
-      scope_reason: exports_external.string().optional()
-    }))
-  });
-  ApprovalRequestRequestSchema = exports_external.object({
-    v: exports_external.literal(1),
-    op: exports_external.literal("approval_request"),
-    agent_unit: exports_external.string().min(1),
-    scope: exports_external.string().min(1),
-    action: exports_external.string().min(1),
-    approver_set: exports_external.array(exports_external.string()),
-    why: exports_external.string().optional(),
-    ttl_ms: exports_external.number().int().positive().optional()
-  });
-  ApprovalLookupRequestSchema = exports_external.object({
-    v: exports_external.literal(1),
-    op: exports_external.literal("approval_lookup"),
-    agent_unit: exports_external.string().min(1),
-    scope: exports_external.string().min(1),
-    action: exports_external.string().min(1),
-    current_approver_set: exports_external.array(exports_external.string())
-  });
-  ApprovalConsumeRequestSchema = exports_external.object({
-    v: exports_external.literal(1),
-    op: exports_external.literal("approval_consume"),
-    request_id: exports_external.string().regex(/^[0-9a-f]{32}$/)
-  });
-  ApprovalRevokeRequestSchema = exports_external.object({
-    v: exports_external.literal(1),
-    op: exports_external.literal("approval_revoke"),
-    decision_id: exports_external.string().min(1),
-    actor: exports_external.string().min(1),
-    reason: exports_external.string().optional()
-  });
-  ApprovalListRequestSchema = exports_external.object({
-    v: exports_external.literal(1),
-    op: exports_external.literal("approval_list"),
-    agent_unit: exports_external.string().optional()
-  });
-  ApprovalDecisionModeSchema = exports_external.enum([
-    "allow_once",
-    "allow_always",
-    "allow_ttl",
-    "deny",
-    "deny_perm"
-  ]);
-  ApprovalRecordRequestSchema = exports_external.object({
-    v: exports_external.literal(1),
-    op: exports_external.literal("approval_record"),
-    request_id: exports_external.string().regex(/^[0-9a-f]{32}$/),
-    decision: ApprovalDecisionModeSchema,
-    approver_set: exports_external.array(exports_external.string()),
-    granted_by_user_id: exports_external.number().int(),
-    ttl_ms: exports_external.number().int().positive().nullable().optional()
-  });
-  ApprovalConsumeRecordRequestSchema = exports_external.object({
-    v: exports_external.literal(1),
-    op: exports_external.literal("approval_consume_record"),
-    request_id: exports_external.string().regex(/^[0-9a-f]{32}$/),
-    decision: ApprovalDecisionModeSchema,
-    approver_set: exports_external.array(exports_external.string()),
-    granted_by_user_id: exports_external.number().int(),
-    ttl_ms: exports_external.number().int().positive().nullable().optional()
-  });
-  RequestSchema2 = exports_external.discriminatedUnion("op", [
-    GetRequestSchema,
-    PutRequestSchema,
-    ListRequestSchema,
-    StatusRequestSchema,
-    LockRequestSchema,
-    PreflightAccessRequestSchema,
-    MintGrantRequestSchema,
-    ListGrantsRequestSchema,
-    RevokeGrantRequestSchema,
-    ApprovalRequestRequestSchema,
-    ApprovalLookupRequestSchema,
-    ApprovalConsumeRequestSchema,
-    ApprovalRevokeRequestSchema,
-    ApprovalListRequestSchema,
-    ApprovalRecordRequestSchema,
-    ApprovalConsumeRecordRequestSchema
-  ]);
-  VaultEntrySchema = exports_external.union([
-    exports_external.object({ kind: exports_external.literal("string"), value: exports_external.string() }),
-    exports_external.object({ kind: exports_external.literal("binary"), value: exports_external.string() }),
-    exports_external.object({
-      kind: exports_external.literal("files"),
-      files: exports_external.record(exports_external.string(), exports_external.object({
-        encoding: exports_external.enum(["utf8", "base64"]),
-        value: exports_external.string()
-      }))
-    })
-  ]);
-  ErrorCode = exports_external.enum([
-    "LOCKED",
-    "DENIED",
-    "UNKNOWN_KEY",
-    "BAD_REQUEST",
-    "INTERNAL"
-  ]);
-  OkEntryResponseSchema = exports_external.object({
-    ok: exports_external.literal(true),
-    entry: VaultEntrySchema
-  });
-  OkKeysResponseSchema = exports_external.object({
-    ok: exports_external.literal(true),
-    keys: exports_external.array(exports_external.string())
-  });
-  BrokerStatus = exports_external.object({
-    unlocked: exports_external.boolean(),
-    keyCount: exports_external.number().int().nonnegative(),
-    uptimeSec: exports_external.number().nonnegative()
-  });
-  OkStatusResponseSchema = exports_external.object({
-    ok: exports_external.literal(true),
-    status: BrokerStatus
-  });
-  OkLockResponseSchema = exports_external.object({
-    ok: exports_external.literal(true),
-    locked: exports_external.literal(true)
-  });
-  OkPutResponseSchema = exports_external.object({
-    ok: exports_external.literal(true),
-    put: exports_external.literal(true),
-    key: exports_external.string()
-  });
-  OkMintGrantResponseSchema = exports_external.object({
-    ok: exports_external.literal(true),
-    token: exports_external.string(),
-    id: exports_external.string(),
-    expires_at: exports_external.number().nullable()
-  });
-  GrantMetaSchema = exports_external.object({
-    id: exports_external.string(),
-    agent_slug: exports_external.string(),
-    key_allow: exports_external.array(exports_external.string()),
-    write_allow: exports_external.array(exports_external.string()).default([]),
-    expires_at: exports_external.number().nullable(),
-    created_at: exports_external.number(),
-    description: exports_external.string().nullable()
-  });
-  OkListGrantsResponseSchema = exports_external.object({
-    ok: exports_external.literal(true),
-    grants: exports_external.array(GrantMetaSchema)
-  });
-  OkRevokeGrantResponseSchema = exports_external.object({
-    ok: exports_external.literal(true),
-    revoked: exports_external.boolean()
-  });
-  OkApprovalRequestResponseSchema = exports_external.discriminatedUnion("state", [
-    exports_external.object({
-      ok: exports_external.literal(true),
-      kind: exports_external.literal("approval_request"),
-      state: exports_external.literal("pending"),
-      request_id: exports_external.string(),
-      expires_at: exports_external.number()
-    }),
-    exports_external.object({
-      ok: exports_external.literal(true),
-      kind: exports_external.literal("approval_request"),
-      state: exports_external.literal("rate_limited"),
-      retry_after_ms: exports_external.number()
-    })
-  ]);
-  ApprovalDecisionMetaSchema = exports_external.object({
-    id: exports_external.string(),
-    agent_unit: exports_external.string(),
-    scope: exports_external.string(),
-    action: exports_external.string(),
-    decision: ApprovalDecisionModeSchema,
-    granted_at: exports_external.number(),
-    granted_by_user_id: exports_external.number(),
-    ttl_expires_at: exports_external.number().nullable(),
-    last_used_at: exports_external.number().nullable(),
-    revoked_at: exports_external.number().nullable(),
-    revoke_reason: exports_external.string().nullable()
-  });
-  OkApprovalLookupResponseSchema = exports_external.object({
-    ok: exports_external.literal(true),
-    state: exports_external.enum(["granted", "denied", "pending", "expired", "drift_revoked", "no_decision"]),
-    decision: ApprovalDecisionMetaSchema.nullable().optional()
-  });
-  OkApprovalConsumeResponseSchema = exports_external.object({
-    ok: exports_external.literal(true),
-    consumed: exports_external.boolean(),
-    agent_unit: exports_external.string().optional(),
-    scope: exports_external.string().optional(),
-    action: exports_external.string().optional(),
-    why: exports_external.string().nullable().optional()
-  });
-  OkApprovalRevokeResponseSchema = exports_external.object({
-    ok: exports_external.literal(true),
-    revoked: exports_external.boolean()
-  });
-  OkApprovalListResponseSchema = exports_external.object({
-    ok: exports_external.literal(true),
-    decisions: exports_external.array(ApprovalDecisionMetaSchema)
-  });
-  OkApprovalRecordResponseSchema = exports_external.object({
-    ok: exports_external.literal(true),
-    decision_id: exports_external.string()
-  });
-  OkApprovalConsumeRecordResponseSchema = exports_external.object({
-    ok: exports_external.literal(true),
-    consumed: exports_external.boolean(),
-    decision_id: exports_external.string().optional(),
-    agent_unit: exports_external.string().optional(),
-    scope: exports_external.string().optional(),
-    action: exports_external.string().optional(),
-    why: exports_external.string().nullable().optional()
-  });
-  ErrorResponseSchema2 = exports_external.object({
-    ok: exports_external.literal(false),
-    code: ErrorCode,
-    msg: exports_external.string()
-  });
-  ResponseSchema2 = exports_external.union([
-    OkEntryResponseSchema,
-    OkKeysResponseSchema,
-    OkStatusResponseSchema,
-    OkLockResponseSchema,
-    OkPreflightAccessResponseSchema,
-    OkPutResponseSchema,
-    OkMintGrantResponseSchema,
-    OkListGrantsResponseSchema,
-    OkRevokeGrantResponseSchema,
-    OkApprovalRequestResponseSchema,
-    OkApprovalLookupResponseSchema,
-    OkApprovalConsumeResponseSchema,
-    OkApprovalRevokeResponseSchema,
-    OkApprovalListResponseSchema,
-    OkApprovalRecordResponseSchema,
-    OkApprovalConsumeRecordResponseSchema,
-    ErrorResponseSchema2
-  ]);
-});
-
-// ../src/runtime-mode.ts
-function isDockerRuntime() {
-  return process.env.SWITCHROOM_RUNTIME === "docker";
-}
-
-// ../src/vault/broker/client.ts
-import * as net3 from "node:net";
-import * as fs from "node:fs";
-import { homedir as homedir7 } from "node:os";
-import { join as join15 } from "node:path";
-function defaultBrokerSocketPath() {
-  if (fs.existsSync(OPERATOR_SOCKET_PATH))
-    return OPERATOR_SOCKET_PATH;
-  if (isDockerRuntime())
-    return OPERATOR_SOCKET_PATH;
-  return LEGACY_SOCKET_PATH;
-}
-function vaultTokenFilePath(agentSlug) {
-  return join15(homedir7(), ".switchroom", "agents", agentSlug, ".vault-token");
-}
-function readVaultTokenFile(agentSlug) {
-  const filePath = vaultTokenFilePath(agentSlug);
-  try {
-    const stat = fs.statSync(filePath);
-    const mode = stat.mode & 511;
-    if ((mode & 63) !== 0) {
-      process.stderr.write(`[vault-broker] Refusing to read ${filePath} with mode ${mode.toString(8).padStart(3, "0")} ` + `(must be 0600). Delete the file and re-mint with 'switchroom vault grant mint <agent>'. ` + `Falling through to peercred ACL.
-`);
-      return null;
+  off(type, listener) {
+    const listenerSet = this.#listeners.get(type);
+    if (!listenerSet) {
+      return;
     }
-    const raw = fs.readFileSync(filePath, "utf8");
-    const token = raw.split(`
-`)[0].trim();
-    return token.length > 0 ? token : null;
-  } catch (err) {
-    const code = err.code;
-    if (code === "ENOENT") {
-      return null;
+    for (const listenerSetElement of listenerSet) {
+      if (listenerSetElement === listener) {
+        listenerSet.delete(listener);
+      }
     }
-    const reason = code === "EACCES" ? "permission denied" : err instanceof Error ? err.message : String(err);
-    process.stderr.write(`[vault-broker] Warning: could not read token file ${filePath}: ${reason}. ` + `Falling through to peercred ACL.
-`);
-    return null;
-  }
-}
-function resolveBrokerSocketPath(opts) {
-  if (opts?.socket)
-    return opts.socket;
-  const env = process.env.SWITCHROOM_VAULT_BROKER_SOCK;
-  if (env)
-    return env;
-  if (opts?.vaultBrokerSocket)
-    return opts.vaultBrokerSocket;
-  return defaultBrokerSocketPath();
-}
-async function rpcRaw(req, opts) {
-  return rpc(req, opts);
-}
-async function rpc(req, opts) {
-  const socketPath = resolveBrokerSocketPath(opts);
-  const timeoutMs = opts?.timeoutMs ?? DEFAULT_TIMEOUT_MS3;
-  return new Promise((resolve5) => {
-    let settled = false;
-    const settle = (val) => {
-      if (settled)
-        return;
-      settled = true;
-      resolve5(val);
-    };
-    const client3 = new net3.Socket;
-    const timer3 = setTimeout(() => {
-      client3.destroy();
-      settle({ kind: "unreachable", msg: `broker did not respond within ${timeoutMs}ms` });
-    }, timeoutMs);
-    client3.on("error", (err) => {
-      clearTimeout(timer3);
-      const code = err.code ?? "ERR";
-      let msg;
-      if (code === "ENOENT")
-        msg = "broker socket not found (is the daemon running?)";
-      else if (code === "ECONNREFUSED")
-        msg = "broker socket exists but refused connection";
-      else if (code === "EACCES")
-        msg = "broker socket access denied (wrong UID?)";
-      else
-        msg = `broker connection failed: ${err.message}`;
-      settle({ kind: "unreachable", msg });
-    });
-    let buffer = "";
-    client3.on("data", (chunk) => {
-      buffer += chunk.toString("utf8");
-      const newlineIdx = buffer.indexOf(`
-`);
-      if (newlineIdx !== -1) {
-        const line = buffer.slice(0, newlineIdx).trimEnd();
-        clearTimeout(timer3);
-        client3.destroy();
-        try {
-          const resp = decodeResponse2(line);
-          settle({ kind: "response", resp });
-        } catch (err) {
-          settle({
-            kind: "unreachable",
-            msg: `unparseable broker response: ${err instanceof Error ? err.message : String(err)}`
-          });
-        }
-      }
-    });
-    client3.on("connect", () => {
-      try {
-        client3.write(encodeRequest2(req));
-      } catch (err) {
-        clearTimeout(timer3);
-        client3.destroy();
-        settle({
-          kind: "unreachable",
-          msg: `failed to send request: ${err instanceof Error ? err.message : String(err)}`
-        });
-      }
-    });
-    client3.connect({ path: socketPath });
-  });
-}
-async function getViaBrokerStructured(key, opts) {
-  const token = opts?.token;
-  const result = await rpc({ v: 1, op: "get", key, ...token ? { token } : {} }, opts);
-  if (result.kind === "unreachable") {
-    return { kind: "unreachable", msg: result.msg };
-  }
-  const resp = result.resp;
-  if (resp.ok && "entry" in resp) {
-    return { kind: "ok", entry: resp.entry };
-  }
-  if (!resp.ok) {
-    if (resp.code === "UNKNOWN_KEY") {
-      return { kind: "not_found", code: resp.code, msg: resp.msg };
-    }
-    return { kind: "denied", code: resp.code, msg: resp.msg };
-  }
-  return { kind: "unreachable", msg: "unexpected broker response shape" };
-}
-async function putViaBroker(key, entry, opts) {
-  const token = opts?.token;
-  const passphrase = opts?.passphrase;
-  const attestViaPosture = opts?.attest_via_posture === true;
-  const result = await rpc({
-    v: 1,
-    op: "put",
-    key,
-    entry,
-    ...token ? { token } : {},
-    ...passphrase ? { passphrase } : {},
-    ...attestViaPosture ? { attest_via_posture: true } : {}
-  }, opts);
-  if (result.kind === "unreachable") {
-    return { kind: "unreachable", msg: result.msg };
-  }
-  const resp = result.resp;
-  if (resp.ok && "put" in resp) {
-    return { kind: "ok" };
-  }
-  if (!resp.ok) {
-    if (resp.code === "UNKNOWN_KEY") {
-      return { kind: "not_found", code: resp.code, msg: resp.msg };
-    }
-    return { kind: "denied", code: resp.code, msg: resp.msg };
-  }
-  return { kind: "unreachable", msg: "unexpected broker response shape" };
-}
-var DEFAULT_TIMEOUT_MS3 = 2000, LEGACY_SOCKET_PATH, OPERATOR_SOCKET_PATH;
-var init_client2 = __esm(() => {
-  init_protocol2();
-  init_peercred();
-  LEGACY_SOCKET_PATH = join15(homedir7(), ".switchroom", "vault-broker.sock");
-  OPERATOR_SOCKET_PATH = join15(homedir7(), ".switchroom", "broker-operator", "sock");
-});
-
-// ../src/drive/deep-links.ts
-function classifyMimeType(mimeType) {
-  if (!mimeType)
-    return "file";
-  switch (mimeType) {
-    case "application/vnd.google-apps.document":
-      return "doc";
-    case "application/vnd.google-apps.spreadsheet":
-      return "spreadsheet";
-    case "application/vnd.google-apps.presentation":
-      return "presentation";
-    case "application/vnd.google-apps.form":
-      return "form";
-    case "application/vnd.google-apps.drawing":
-      return "drawing";
-    case "application/vnd.google-apps.folder":
-      return "folder";
-    default:
-      return "file";
-  }
-}
-function openInDriveUrl(options) {
-  validateDriveId2(options.fileId, "fileId");
-  if (options.discussionId !== undefined) {
-    validateDriveId2(options.discussionId, "discussionId");
-  }
-  const kind = options.isFolder ? "folder" : classifyMimeType(options.mimeType);
-  const base = baseUrlFor(kind, options.fileId);
-  if (options.discussionId !== undefined) {
-    return `${base}?disco=${encodeURIComponent(options.discussionId)}`;
-  }
-  return base;
-}
-function baseUrlFor(kind, fileId) {
-  switch (kind) {
-    case "doc":
-      return `https://docs.google.com/document/d/${fileId}/edit`;
-    case "spreadsheet":
-      return `https://docs.google.com/spreadsheets/d/${fileId}/edit`;
-    case "presentation":
-      return `https://docs.google.com/presentation/d/${fileId}/edit`;
-    case "form":
-      return `https://docs.google.com/forms/d/${fileId}/edit`;
-    case "drawing":
-      return `https://docs.google.com/drawings/d/${fileId}/edit`;
-    case "folder":
-      return `https://drive.google.com/drive/folders/${fileId}`;
-    case "file":
-      return `https://drive.google.com/file/d/${fileId}/view`;
-  }
-}
-function validateDriveId2(id, fieldName) {
-  if (id.length === 0) {
-    throw new Error(`Drive ${fieldName} must not be empty`);
-  }
-  if (!/^[A-Za-z0-9_-]+$/.test(id)) {
-    throw new Error(`Drive ${fieldName} '${id.slice(0, 30)}${id.length > 30 ? "\u2026" : ""}' contains invalid characters. Expected base64-url-safe (alphanumerics + - + _).`);
-  }
-}
-function openInDriveButton(options) {
-  return {
-    text: "\uD83D\uDCD6 Open in Drive",
-    url: openInDriveUrl(options)
-  };
-}
-function scopeToOpenInDriveButton(scope, mimeTypeHint) {
-  const parsed = parseDriveScope(scope);
-  if (parsed === null)
-    return null;
-  if (parsed.target.kind === "all")
-    return null;
-  if (parsed.target.kind === "folder") {
-    return openInDriveButton({ fileId: parsed.target.folder_id, isFolder: true });
-  }
-  return openInDriveButton({
-    fileId: parsed.target.doc_id,
-    mimeType: mimeTypeHint
-  });
-}
-function parseDriveScope(scope) {
-  if (!scope.startsWith("doc:gdrive:"))
-    return null;
-  let rest = scope.slice("doc:gdrive:".length);
-  let action = "read";
-  if (rest.startsWith("write:")) {
-    action = "write";
-    rest = rest.slice("write:".length);
-  } else if (rest.startsWith("suggest:")) {
-    action = "suggest";
-    rest = rest.slice("suggest:".length);
-  }
-  if (rest === "**")
-    return { action, target: { kind: "all" } };
-  if (rest.startsWith("folder/")) {
-    const tail = rest.slice("folder/".length);
-    if (!tail.endsWith("/**"))
-      return null;
-    const folder_id = tail.slice(0, -"/**".length);
-    if (!/^[A-Za-z0-9_-]+$/.test(folder_id))
-      return null;
-    return { action, target: { kind: "folder", folder_id } };
-  }
-  if (!/^[A-Za-z0-9_-]+$/.test(rest))
-    return null;
-  return { action, target: { kind: "doc", doc_id: rest } };
-}
-
-// gateway/oversize-card-body.ts
-function truncateRawToFit(input) {
-  const { raw, render, cap, sentinel } = input;
-  const hardLimit = input.hardLimit ?? cap + 196;
-  const fullBody = render(raw);
-  if (fullBody.length <= cap) {
-    return { body: fullBody, truncated: false };
-  }
-  let lo = 0;
-  let hi = raw.length;
-  let bestSliceLen = 0;
-  while (lo <= hi) {
-    const mid = lo + hi >>> 1;
-    const candidate = raw.slice(0, mid) + sentinel;
-    if (render(candidate).length <= cap) {
-      bestSliceLen = mid;
-      lo = mid + 1;
-    } else {
-      hi = mid - 1;
-    }
-  }
-  let chosenRaw = raw.slice(0, bestSliceLen);
-  const lastNl = chosenRaw.lastIndexOf(`
-`);
-  if (lastNl > 0)
-    chosenRaw = chosenRaw.slice(0, lastNl);
-  let body = render(chosenRaw + sentinel);
-  if (body.length > hardLimit) {
-    body = body.slice(0, hardLimit - 1);
-  }
-  return { body, truncated: true };
-}
-
-// secret-detect/suppressor.ts
-function isSuppressed(text, start, end) {
-  const left = Math.max(0, start - WINDOW);
-  const right = Math.min(text.length, end + WINDOW);
-  const context = text.slice(left, start) + text.slice(end, right);
-  return MARKER_RE.test(context);
-}
-var MARKERS, WINDOW = 40, MARKER_RE;
-var init_suppressor = __esm(() => {
-  MARKERS = ["test", "mock", "example", "fixture", "dummy"];
-  MARKER_RE = new RegExp(`\\b(?:${MARKERS.join("|")})\\b`, "i");
-});
-
-// secret-detect/slug.ts
-function sanitizeKeyName(raw) {
-  const up = raw.toUpperCase();
-  const cleaned = up.replace(/[^A-Z0-9_]+/g, "_").replace(/_+/g, "_").replace(/^_+|_+$/g, "");
-  return cleaned.length > 0 ? cleaned : "SECRET";
-}
-function datePart(now = new Date) {
-  const y = now.getUTCFullYear();
-  const m = String(now.getUTCMonth() + 1).padStart(2, "0");
-  const d = String(now.getUTCDate()).padStart(2, "0");
-  return `${y}${m}${d}`;
-}
-function deriveSlug(inputs, existing) {
-  let base;
-  if (inputs.key_name && inputs.key_name.trim().length > 0) {
-    base = sanitizeKeyName(inputs.key_name);
-  } else {
-    base = `${inputs.rule_id}_${datePart(inputs.now)}`;
-  }
-  if (!existing.has(base))
-    return base;
-  let n = 2;
-  while (existing.has(`${base}_${n}`))
-    n++;
-  return `${base}_${n}`;
-}
-
-// ../node_modules/.bun/boundary@2.0.0/node_modules/boundary/lib/index.js
-var require_lib = __commonJS((exports2) => {
-  Object.defineProperty(exports2, "__esModule", { value: true });
-  exports2.binarySearch = exports2.upperBound = exports2.lowerBound = exports2.compare = undefined;
-  function compare(v1, v2) {
-    return v1 < v2;
-  }
-  exports2.compare = compare;
-  function upperBound(array, value, comp = compare) {
-    let len = array.length;
-    let i = 0;
-    while (len) {
-      let diff = len >>> 1;
-      let cursor = i + diff;
-      if (comp(value, array[cursor])) {
-        len = diff;
-      } else {
-        i = cursor + 1;
-        len -= diff + 1;
-      }
-    }
-    return i;
-  }
-  exports2.upperBound = upperBound;
-  function lowerBound(array, value, comp = compare) {
-    let len = array.length;
-    let i = 0;
-    while (len) {
-      let diff = len >>> 1;
-      let cursor = i + diff;
-      if (comp(array[cursor], value)) {
-        i = cursor + 1;
-        len -= diff + 1;
-      } else {
-        len = diff;
-      }
-    }
-    return i;
-  }
-  exports2.lowerBound = lowerBound;
-  function binarySearch(array, value, comp = compare) {
-    let cursor = lowerBound(array, value, comp);
-    return cursor !== array.length && !comp(value, array[cursor]);
-  }
-  exports2.binarySearch = binarySearch;
-});
-
-// ../node_modules/.bun/structured-source@4.0.0/node_modules/structured-source/lib/structured-source.js
-var require_structured_source = __commonJS((exports2) => {
-  Object.defineProperty(exports2, "__esModule", { value: true });
-  exports2.StructuredSource = undefined;
-  var boundary_1 = require_lib();
-
-  class StructuredSource {
-    constructor(source) {
-      this.indice = [0];
-      let regexp = /[\r\n\u2028\u2029]/g;
-      const length = source.length;
-      regexp.lastIndex = 0;
-      while (true) {
-        let result = regexp.exec(source);
-        if (!result) {
-          break;
-        }
-        let index = result.index;
-        if (source.charCodeAt(index) === 13 && source.charCodeAt(index + 1) === 10) {
-          index += 1;
-        }
-        let nextIndex = index + 1;
-        if (length < nextIndex) {
-          break;
-        }
-        this.indice.push(nextIndex);
-        regexp.lastIndex = nextIndex;
-      }
-    }
-    get line() {
-      return this.indice.length;
-    }
-    locationToRange(loc) {
-      return [this.positionToIndex(loc.start), this.positionToIndex(loc.end)];
-    }
-    rangeToLocation(range) {
-      return {
-        start: this.indexToPosition(range[0]),
-        end: this.indexToPosition(range[1])
-      };
-    }
-    positionToIndex(pos) {
-      let start = this.indice[pos.line - 1];
-      return start + pos.column;
-    }
-    indexToPosition(index) {
-      const startLine = (0, boundary_1.upperBound)(this.indice, index);
-      return {
-        line: startLine,
-        column: index - this.indice[startLine - 1]
-      };
-    }
-  }
-  exports2.StructuredSource = StructuredSource;
-});
-// ../node_modules/.bun/@secretlint+core@12.2.0/node_modules/@secretlint/core/module/SecretLintSourceCodeImpl.js
-var import_structured_source;
-var init_SecretLintSourceCodeImpl = __esm(() => {
-  import_structured_source = __toESM(require_structured_source(), 1);
-});
-
-// ../node_modules/.bun/@secretlint+core@12.2.0/node_modules/@secretlint/core/module/helper/promise-event-emitter.js
-class EventEmitter {
-  #listeners = new Map;
-  on(type, listener) {
-    const prevSet = this.#listeners.get(type);
-    const listenerSet = prevSet ?? new Set;
-    listenerSet?.add(listener);
-    this.#listeners.set(type, listenerSet);
-  }
-  emit(type, ...args) {
-    const listenerSet = this.#listeners.get(type);
-    if (!listenerSet) {
-      return;
-    }
-    for (const listenerSetElement of listenerSet) {
-      listenerSetElement(...args);
-    }
-  }
-  off(type, listener) {
-    const listenerSet = this.#listeners.get(type);
-    if (!listenerSet) {
-      return;
-    }
-    for (const listenerSetElement of listenerSet) {
-      if (listenerSetElement === listener) {
-        listenerSet.delete(listener);
-      }
-    }
-  }
-  removeAllListeners() {
-    this.#listeners.clear();
-  }
-  listenerCount(type) {
-    return this.#listeners.get(type)?.size ?? 0;
-  }
-  listeners(type) {
-    return Array.from(this.#listeners.get(type) ?? []);
+  }
+  removeAllListeners() {
+    this.#listeners.clear();
+  }
+  listenerCount(type) {
+    return this.#listeners.get(type)?.size ?? 0;
+  }
+  listeners(type) {
+    return Array.from(this.#listeners.get(type) ?? []);
   }
 }
 // ../node_modules/.bun/@secretlint+core@12.2.0/node_modules/@secretlint/core/module/RuleContext.js
@@ -27628,253 +26776,1464 @@ function requireLodash_sortby() {
         return object[key] === srcValue && (srcValue !== undefined || (key in Object(object)));
       };
     }
-    var stringToPath = memoize(function(string) {
-      string = toString(string);
-      var result = [];
-      if (reLeadingDot.test(string)) {
-        result.push("");
-      }
-      string.replace(rePropName, function(match, number, quote, string2) {
-        result.push(quote ? string2.replace(reEscapeChar, "$1") : number || match);
-      });
-      return result;
+    var stringToPath = memoize(function(string) {
+      string = toString(string);
+      var result = [];
+      if (reLeadingDot.test(string)) {
+        result.push("");
+      }
+      string.replace(rePropName, function(match, number, quote, string2) {
+        result.push(quote ? string2.replace(reEscapeChar, "$1") : number || match);
+      });
+      return result;
+    });
+    function toKey(value) {
+      if (typeof value == "string" || isSymbol(value)) {
+        return value;
+      }
+      var result = value + "";
+      return result == "0" && 1 / value == -Infinity ? "-0" : result;
+    }
+    function toSource(func) {
+      if (func != null) {
+        try {
+          return funcToString.call(func);
+        } catch (e) {}
+        try {
+          return func + "";
+        } catch (e) {}
+      }
+      return "";
+    }
+    var sortBy = baseRest(function(collection, iteratees) {
+      if (collection == null) {
+        return [];
+      }
+      var length = iteratees.length;
+      if (length > 1 && isIterateeCall(collection, iteratees[0], iteratees[1])) {
+        iteratees = [];
+      } else if (length > 2 && isIterateeCall(iteratees[0], iteratees[1], iteratees[2])) {
+        iteratees = [iteratees[0]];
+      }
+      return baseOrderBy(collection, baseFlatten(iteratees), []);
+    });
+    function memoize(func, resolver) {
+      if (typeof func != "function" || resolver && typeof resolver != "function") {
+        throw new TypeError(FUNC_ERROR_TEXT);
+      }
+      var memoized = function() {
+        var args = arguments, key = resolver ? resolver.apply(this, args) : args[0], cache = memoized.cache;
+        if (cache.has(key)) {
+          return cache.get(key);
+        }
+        var result = func.apply(this, args);
+        memoized.cache = cache.set(key, result);
+        return result;
+      };
+      memoized.cache = new (memoize.Cache || MapCache);
+      return memoized;
+    }
+    memoize.Cache = MapCache;
+    function eq(value, other) {
+      return value === other || value !== value && other !== other;
+    }
+    function isArguments(value) {
+      return isArrayLikeObject(value) && hasOwnProperty.call(value, "callee") && (!propertyIsEnumerable.call(value, "callee") || objectToString.call(value) == argsTag);
+    }
+    var isArray2 = Array.isArray;
+    function isArrayLike(value) {
+      return value != null && isLength(value.length) && !isFunction2(value);
+    }
+    function isArrayLikeObject(value) {
+      return isObjectLike(value) && isArrayLike(value);
+    }
+    function isFunction2(value) {
+      var tag = isObject2(value) ? objectToString.call(value) : "";
+      return tag == funcTag || tag == genTag;
+    }
+    function isLength(value) {
+      return typeof value == "number" && value > -1 && value % 1 == 0 && value <= MAX_SAFE_INTEGER;
+    }
+    function isObject2(value) {
+      var type = typeof value;
+      return !!value && (type == "object" || type == "function");
+    }
+    function isObjectLike(value) {
+      return !!value && typeof value == "object";
+    }
+    function isSymbol(value) {
+      return typeof value == "symbol" || isObjectLike(value) && objectToString.call(value) == symbolTag;
+    }
+    var isTypedArray = nodeIsTypedArray ? baseUnary(nodeIsTypedArray) : baseIsTypedArray;
+    function toString(value) {
+      return value == null ? "" : baseToString(value);
+    }
+    function get(object, path, defaultValue) {
+      var result = object == null ? undefined : baseGet(object, path);
+      return result === undefined ? defaultValue : result;
+    }
+    function hasIn(object, path) {
+      return object != null && hasPath(object, path, baseHasIn);
+    }
+    function keys(object) {
+      return isArrayLike(object) ? arrayLikeKeys(object) : baseKeys(object);
+    }
+    function identity2(value) {
+      return value;
+    }
+    function property(path) {
+      return isKey(path) ? baseProperty(toKey(path)) : basePropertyDeep(path);
+    }
+    module.exports = sortBy;
+  })(lodash_sortby, lodash_sortby.exports);
+  return lodash_sortby.exports;
+}
+function requireEscapeStringRegexp() {
+  if (hasRequiredEscapeStringRegexp)
+    return escapeStringRegexp;
+  hasRequiredEscapeStringRegexp = 1;
+  escapeStringRegexp = (string) => {
+    if (typeof string !== "string") {
+      throw new TypeError("Expected a string");
+    }
+    return string.replace(/[|\\{}()[\]^$+*?.]/g, "\\$&").replace(/-/g, "\\x2d");
+  };
+  return escapeStringRegexp;
+}
+function requireRegexpParse() {
+  if (hasRequiredRegexpParse)
+    return regexpParse;
+  hasRequiredRegexpParse = 1;
+  Object.defineProperty(regexpParse, "__esModule", { value: true });
+  regexpParse.isRegExpString = regexpParse.parseRegExpString = undefined;
+  var REGEXP_LITERAL_PATTERN = /^\/(.+)\/([guimysd]*)$/;
+  var parseRegExpString = function(str) {
+    var result = str.match(REGEXP_LITERAL_PATTERN);
+    if (!result) {
+      return null;
+    }
+    return {
+      source: result[1],
+      flagString: result[2]
+    };
+  };
+  regexpParse.parseRegExpString = parseRegExpString;
+  var isRegExpString = function(str) {
+    return REGEXP_LITERAL_PATTERN.test(str);
+  };
+  regexpParse.isRegExpString = isRegExpString;
+  return regexpParse;
+}
+function requireRegexpStringMatcher() {
+  if (hasRequiredRegexpStringMatcher)
+    return regexpStringMatcher;
+  hasRequiredRegexpStringMatcher = 1;
+  (function(exports$1) {
+    var __importDefault = regexpStringMatcher && regexpStringMatcher.__importDefault || function(mod) {
+      return mod && mod.__esModule ? mod : { default: mod };
+    };
+    Object.defineProperty(exports$1, "__esModule", { value: true });
+    exports$1.matchPatterns = exports$1.createRegExp = undefined;
+    var lodash_uniq_1 = __importDefault(requireLodash_uniq());
+    var lodash_uniqwith_1 = __importDefault(requireLodash_uniqwith());
+    var lodash_sortby_1 = __importDefault(requireLodash_sortby());
+    var escape_string_regexp_1 = __importDefault(requireEscapeStringRegexp());
+    var regexp_parse_1 = requireRegexpParse();
+    var DEFAULT_FLAGS = "ug";
+    var defaultFlags = function(flagsString) {
+      if (flagsString.length === 0) {
+        return DEFAULT_FLAGS;
+      }
+      return (0, lodash_uniq_1.default)((flagsString + DEFAULT_FLAGS).split("")).join("");
+    };
+    var createRegExp = function(patternString, defaultFlag) {
+      if (defaultFlag === undefined) {
+        defaultFlag = DEFAULT_FLAGS;
+      }
+      if (patternString.length === 0) {
+        throw new Error("Empty string can not handled");
+      }
+      if ((0, regexp_parse_1.isRegExpString)(patternString)) {
+        var regExpStructure = (0, regexp_parse_1.parseRegExpString)(patternString);
+        if (regExpStructure) {
+          return new RegExp(regExpStructure.source, defaultFlags(regExpStructure.flagString));
+        }
+        throw new Error('"'.concat(patternString, '" can not parse as RegExp.'));
+      } else {
+        return new RegExp((0, escape_string_regexp_1.default)(patternString), defaultFlag);
+      }
+    };
+    exports$1.createRegExp = createRegExp;
+    var isEqualMatchPatternResult = function(a, b) {
+      return a.startIndex === b.startIndex && a.endIndex === b.endIndex && a.match === b.match;
+    };
+    var matchPatterns = function(text, regExpLikeStrings) {
+      var matchPatternResults = [];
+      regExpLikeStrings.map(function(patternString) {
+        return (0, exports$1.createRegExp)(patternString);
+      }).forEach(function(regExp) {
+        var results = text.matchAll(regExp);
+        Array.from(results).forEach(function(result) {
+          if (result.index === undefined) {
+            return;
+          }
+          var match = result[0];
+          var index = result.index;
+          matchPatternResults.push({
+            match,
+            captures: result.slice(1),
+            startIndex: index,
+            endIndex: index + match.length
+          });
+        });
+      });
+      var uniqResults = (0, lodash_uniqwith_1.default)(matchPatternResults, isEqualMatchPatternResult);
+      return (0, lodash_sortby_1.default)(uniqResults, ["startIndex", "endIndex"]);
+    };
+    exports$1.matchPatterns = matchPatterns;
+  })(regexpStringMatcher);
+  return regexpStringMatcher;
+}
+var commonjsGlobal, regexpStringMatcher, lodash_uniq, hasRequiredLodash_uniq, lodash_uniqwith, hasRequiredLodash_uniqwith, lodash_sortby, hasRequiredLodash_sortby, escapeStringRegexp, hasRequiredEscapeStringRegexp, regexpParse, hasRequiredRegexpParse, hasRequiredRegexpStringMatcher, regexpStringMatcherExports, OID_DATA, OID_SHA1, OID_SHA256, OID_SHA384, OID_SHA512, typeMap;
+var init_module2 = __esm(() => {
+  commonjsGlobal = typeof globalThis !== "undefined" ? globalThis : typeof window !== "undefined" ? window : typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : {};
+  regexpStringMatcher = {};
+  lodash_sortby = { exports: {} };
+  lodash_sortby.exports;
+  regexpParse = {};
+  regexpStringMatcherExports = requireRegexpStringMatcher();
+  OID_DATA = new Uint8Array([42, 134, 72, 134, 247, 13, 1, 7, 1]);
+  OID_SHA1 = new Uint8Array([43, 14, 3, 2, 26]);
+  OID_SHA256 = new Uint8Array([96, 134, 72, 1, 101, 3, 4, 2, 1]);
+  OID_SHA384 = new Uint8Array([96, 134, 72, 1, 101, 3, 4, 2, 2]);
+  OID_SHA512 = new Uint8Array([96, 134, 72, 1, 101, 3, 4, 2, 3]);
+  typeMap = new Map([
+    ["ghp", "GitHub personal access tokens"],
+    ["gho", "OAuth access tokens"],
+    ["ghu", "GitHub user-to-server tokens"],
+    ["ghs", "GitHub server-to-server tokens"],
+    ["ghr", "refresh tokens"],
+    ["github_pat", "fine-grained personal access tokens"]
+  ]);
+});
+
+// secret-detect/secretlint-source.ts
+var init_secretlint_source = __esm(() => {
+  init_module();
+  init_module2();
+  init_suppressor();
+});
+
+// secret-detect/index.ts
+function detectSecrets(text) {
+  if (!text || text.length === 0)
+    return [];
+  const windows = chunk(text);
+  const raw = [];
+  for (const win of windows) {
+    for (const p of ALL_PATTERNS) {
+      const re = new RegExp(p.regex.source, p.regex.flags.includes("g") ? p.regex.flags : p.regex.flags + "g");
+      let m;
+      while ((m = re.exec(win.text)) !== null) {
+        if (m[0].length === 0) {
+          re.lastIndex++;
+          continue;
+        }
+        const cap = p.captureIndex === 0 ? m[0] : m[p.captureIndex];
+        if (!cap)
+          continue;
+        const matchStart = p.captureIndex === 0 ? m.index : m.index + m[0].indexOf(cap);
+        if (matchStart < 0)
+          continue;
+        const globalStart = win.offset + matchStart;
+        const globalEnd = globalStart + cap.length;
+        const keyName = p.rule_id === "env_key_value" ? m[1] : undefined;
+        if (p.rule_id === "env_key_value") {
+          const ENV_KV_MIN_LEN = 12;
+          const ENV_KV_MIN_ENTROPY = 3.5;
+          if (cap.length < ENV_KV_MIN_LEN)
+            continue;
+          if (shannonEntropy(cap) < ENV_KV_MIN_ENTROPY)
+            continue;
+        }
+        raw.push({
+          rule_id: p.rule_id,
+          start: globalStart,
+          end: globalEnd,
+          matched_text: cap,
+          key_name: keyName,
+          confidence: "high"
+        });
+      }
+    }
+    const kvHits = scanKeyValue(win.text);
+    for (const h of kvHits) {
+      raw.push({ ...h, start: h.start + win.offset, end: h.end + win.offset });
+    }
+  }
+  const deduped = dedupeRaw(raw);
+  const final = dropOverlaps(deduped);
+  const existing = new Set;
+  const out = [];
+  for (const h of final) {
+    const suggested_slug = deriveSlug({ key_name: h.key_name, rule_id: h.rule_id }, existing);
+    existing.add(suggested_slug);
+    out.push({
+      rule_id: h.rule_id,
+      matched_text: h.matched_text,
+      start: h.start,
+      end: h.end,
+      confidence: h.confidence,
+      suppressed: isSuppressed(text, h.start, h.end),
+      suggested_slug,
+      key_name: h.key_name
+    });
+  }
+  out.sort((a, b) => a.start - b.start);
+  return out;
+}
+function dedupeRaw(raw) {
+  const seen = new Map;
+  for (const h of raw) {
+    const key = `${h.start}:${h.end}`;
+    const existing = seen.get(key);
+    if (!existing) {
+      seen.set(key, h);
+      continue;
+    }
+    if (existing.confidence === "ambiguous" && h.confidence === "high") {
+      seen.set(key, h);
+    }
+  }
+  return Array.from(seen.values());
+}
+function dropOverlaps(hits) {
+  const sorted = [...hits].sort((a, b) => a.end - a.start - (b.end - b.start));
+  const out = [];
+  for (const h of sorted) {
+    const contained = out.some((existing) => existing !== h && existing.start <= h.start && existing.end >= h.end && !(existing.start === h.start && existing.end === h.end));
+    if (!contained)
+      out.push(h);
+  }
+  out.sort((a, b) => a.start - b.start || a.end - b.end);
+  return out;
+}
+var init_secret_detect = __esm(() => {
+  init_patterns();
+  init_kv_scanner();
+  init_chunker();
+  init_suppressor();
+  init_url_redact();
+  init_secretlint_source();
+});
+
+// secret-detect/redact.ts
+function redact(text) {
+  if (!text || text.length === 0)
+    return text;
+  const urlScrubbed = redactUrls(text);
+  const hits = detectSecrets(urlScrubbed);
+  if (hits.length === 0)
+    return urlScrubbed;
+  const sorted = [...hits].sort((a, b) => b.start - a.start);
+  let out = urlScrubbed;
+  for (const h of sorted) {
+    out = out.slice(0, h.start) + redactedMarker(h.rule_id) + out.slice(h.end);
+  }
+  return out;
+}
+function redactedMarker(ruleId) {
+  const trimmed = ruleId.replace(/^(kv|env)_/, "");
+  if (!trimmed || trimmed === "key_value" || trimmed === "kv_entropy") {
+    return REDACTED_MARKER;
+  }
+  return `[REDACTED:${trimmed}]`;
+}
+var REDACTED_MARKER = "[REDACTED]";
+var init_redact = __esm(() => {
+  init_secret_detect();
+  init_url_redact();
+});
+
+// history.ts
+var exports_history = {};
+__export(exports_history, {
+  recordReaction: () => recordReaction,
+  recordOutbound: () => recordOutbound,
+  recordInbound: () => recordInbound,
+  recordEdit: () => recordEdit,
+  query: () => query,
+  pruneMessagesOlderThanDays: () => pruneMessagesOlderThanDays,
+  lookupMessageRoleAndText: () => lookupMessageRoleAndText,
+  initHistory: () => initHistory,
+  getRecentOutboundCount: () => getRecentOutboundCount,
+  getLatestInboundMessageId: () => getLatestInboundMessageId,
+  deleteFromHistory: () => deleteFromHistory,
+  checkpointWal: () => checkpointWal,
+  _resetForTests: () => _resetForTests
+});
+import { chmodSync as chmodSync2, mkdirSync as mkdirSync9 } from "fs";
+import { join as join11 } from "path";
+function loadDatabaseClass() {
+  if (DatabaseClass != null)
+    return DatabaseClass;
+  try {
+    const metaRequire = import.meta.require;
+    if (typeof metaRequire !== "function") {
+      throw new Error("import.meta.require not available \u2014 Bun runtime required");
+    }
+    const mod = metaRequire("bun:sqlite");
+    if (!mod.Database)
+      throw new Error("bun:sqlite did not export Database");
+    DatabaseClass = mod.Database;
+    return DatabaseClass;
+  } catch (err) {
+    throw new Error(`history.ts requires Bun runtime (bun:sqlite). Caller: ${err.message}`);
+  }
+}
+function initHistory(stateDir, retentionDays = 30) {
+  if (db != null)
+    return;
+  const Database = loadDatabaseClass();
+  mkdirSync9(stateDir, { recursive: true, mode: 448 });
+  const path = join11(stateDir, "history.db");
+  db = new Database(path, { create: true });
+  db.exec("PRAGMA journal_mode = WAL");
+  db.exec("PRAGMA synchronous = NORMAL");
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS messages (
+      chat_id        TEXT    NOT NULL,
+      thread_id      INTEGER,
+      message_id     INTEGER NOT NULL,
+      role           TEXT    NOT NULL,
+      user           TEXT,
+      user_id        TEXT,
+      ts             INTEGER NOT NULL,
+      text           TEXT    NOT NULL,
+      attachment_kind TEXT,
+      group_id       INTEGER,
+      reply_to_message_id INTEGER,
+      reply_to_text  TEXT,
+      PRIMARY KEY (chat_id, thread_id, message_id)
+    )
+  `);
+  db.exec(`
+    CREATE INDEX IF NOT EXISTS idx_messages_recent
+      ON messages (chat_id, thread_id, ts DESC)
+  `);
+  for (const column of ["reply_to_message_id INTEGER", "reply_to_text TEXT", "user_reaction TEXT"]) {
+    try {
+      db.exec(`ALTER TABLE messages ADD COLUMN ${column}`);
+    } catch (err) {
+      const msg = err instanceof Error ? err.message : String(err);
+      if (!/duplicate column name/i.test(msg))
+        throw err;
+    }
+  }
+  try {
+    chmodSync2(path, 384);
+  } catch {}
+  if (retentionDays > 0) {
+    const cutoff = Math.floor(Date.now() / 1000) - retentionDays * 86400;
+    db.prepare("DELETE FROM messages WHERE ts < ?").run(cutoff);
+  }
+}
+function _resetForTests() {
+  if (db != null) {
+    db.close();
+    db = null;
+  }
+}
+function checkpointWal() {
+  if (db == null)
+    return false;
+  try {
+    db.prepare("PRAGMA wal_checkpoint(TRUNCATE)").run();
+    return true;
+  } catch {
+    return false;
+  }
+}
+function pruneMessagesOlderThanDays(retentionDays, nowSec, batchLimit = 5000) {
+  if (db == null)
+    return 0;
+  if (retentionDays <= 0)
+    return 0;
+  const cutoffSec = (nowSec ?? Math.floor(Date.now() / 1000)) - retentionDays * 86400;
+  const stmt = db.prepare(`
+    DELETE FROM messages
+    WHERE rowid IN (
+      SELECT rowid FROM messages WHERE ts < ? LIMIT ?
+    )
+  `);
+  let total = 0;
+  for (let i = 0;i < 1000; i++) {
+    const result = stmt.run(cutoffSec, batchLimit);
+    const n = result.changes ?? 0;
+    total += n;
+    if (n === 0)
+      break;
+  }
+  return total;
+}
+function requireDb() {
+  if (db == null) {
+    throw new Error("history: initHistory() must be called before any record/query operation");
+  }
+  return db;
+}
+function recordInbound(args) {
+  if (args.message_id == null)
+    return;
+  const stmt = requireDb().prepare(`
+    INSERT OR REPLACE INTO messages
+      (chat_id, thread_id, message_id, role, user, user_id, ts, text, attachment_kind, group_id, reply_to_message_id, reply_to_text)
+    VALUES (?, ?, ?, 'user', ?, ?, ?, ?, ?, NULL, ?, ?)
+  `);
+  stmt.run(args.chat_id, args.thread_id ?? null, args.message_id, args.user ?? null, args.user_id ?? null, args.ts, redact(args.text), args.attachment_kind ?? null, args.reply_to_message_id ?? null, args.reply_to_text != null ? redact(args.reply_to_text) : args.reply_to_text ?? null);
+}
+function recordOutbound(args) {
+  if (args.message_ids.length === 0)
+    return;
+  const ts = args.ts ?? Math.floor(Date.now() / 1000);
+  const groupId = args.message_ids[0];
+  const stmt = requireDb().prepare(`
+    INSERT OR REPLACE INTO messages
+      (chat_id, thread_id, message_id, role, user, user_id, ts, text, attachment_kind, group_id)
+    VALUES (?, ?, ?, 'assistant', NULL, NULL, ?, ?, ?, ?)
+  `);
+  const tx = requireDb().transaction((rows2) => {
+    for (const [msgId, text, attachKind] of rows2) {
+      stmt.run(args.chat_id, args.thread_id ?? null, msgId, ts, text, attachKind, groupId);
+    }
+  });
+  const rows = args.message_ids.map((id, i) => [
+    id,
+    redact(args.texts[i] ?? ""),
+    args.attachment_kinds?.[i] ?? null
+  ]);
+  tx(rows);
+}
+function recordEdit(args) {
+  requireDb().prepare(`
+      UPDATE messages
+         SET text = ?
+       WHERE chat_id = ? AND message_id = ?
+    `).run(redact(args.text), args.chat_id, args.message_id);
+}
+function recordReaction(args) {
+  requireDb().prepare(`
+      UPDATE messages
+         SET user_reaction = ?
+       WHERE chat_id = ? AND message_id = ?
+    `).run(args.emoji, args.chat_id, args.message_id);
+}
+function deleteFromHistory(args) {
+  requireDb().prepare(`
+      DELETE FROM messages
+       WHERE chat_id = ? AND message_id = ?
+    `).run(args.chat_id, args.message_id);
+}
+function getLatestInboundMessageId(chatId, threadId) {
+  const params = [chatId];
+  let sql = "SELECT message_id FROM messages WHERE chat_id = ? AND role = 'user'";
+  if (threadId !== undefined) {
+    if (threadId === null) {
+      sql += " AND thread_id IS NULL";
+    } else {
+      sql += " AND thread_id = ?";
+      params.push(threadId);
+    }
+  }
+  sql += " ORDER BY ts DESC, message_id DESC LIMIT 1";
+  const row = requireDb().prepare(sql).get(...params);
+  return row?.message_id ?? null;
+}
+function lookupMessageRoleAndText(chatId, messageId) {
+  const row = requireDb().prepare(`SELECT role, text FROM messages WHERE chat_id = ? AND message_id = ? LIMIT 1`).get(chatId, messageId);
+  if (!row)
+    return null;
+  return { role: row.role, text: row.text ?? "" };
+}
+function getRecentOutboundCount(chatId, withinSeconds) {
+  const cutoff = Math.floor(Date.now() / 1000) - withinSeconds;
+  const row = requireDb().prepare("SELECT COUNT(*) as cnt FROM messages WHERE chat_id = ? AND role = ? AND ts >= ?").get(chatId, "assistant", cutoff);
+  return row?.cnt ?? 0;
+}
+function query(opts) {
+  const limit = Math.min(MAX_LIMIT, Math.max(1, opts.limit ?? DEFAULT_LIMIT));
+  const params = [opts.chat_id];
+  let sql = "SELECT * FROM messages WHERE chat_id = ?";
+  if (opts.thread_id !== undefined) {
+    if (opts.thread_id === null) {
+      sql += " AND thread_id IS NULL";
+    } else {
+      sql += " AND thread_id = ?";
+      params.push(opts.thread_id);
+    }
+  }
+  if (opts.before_message_id != null) {
+    sql += " AND message_id < ?";
+    params.push(opts.before_message_id);
+  }
+  sql += " ORDER BY ts DESC, message_id DESC LIMIT ?";
+  params.push(limit);
+  const rows = requireDb().prepare(sql).all(...params);
+  rows.reverse();
+  return rows;
+}
+var DatabaseClass = null, DEFAULT_LIMIT = 10, MAX_LIMIT = 50, db = null;
+var init_history = __esm(() => {
+  init_redact();
+});
+
+// quota-check.ts
+import { readFileSync as readFileSync8, existsSync as existsSync12 } from "fs";
+import { join as join12 } from "path";
+function readOauthToken(claudeConfigDir) {
+  const tokenFile = join12(claudeConfigDir, ".oauth-token");
+  if (!existsSync12(tokenFile))
+    return null;
+  try {
+    const raw = readFileSync8(tokenFile, "utf-8").trim();
+    return raw.length > 0 ? raw : null;
+  } catch {
+    return null;
+  }
+}
+function parseFloatHeader(headers, name) {
+  const v = headers.get(name);
+  if (v == null || v.trim().length === 0)
+    return null;
+  const n = Number(v);
+  return Number.isFinite(n) ? n : null;
+}
+function parseEpochHeader(headers, name) {
+  const v = headers.get(name);
+  if (v == null)
+    return null;
+  const n = Number(v);
+  if (!Number.isFinite(n) || n <= 0)
+    return null;
+  return new Date(n * 1000);
+}
+function parseQuotaHeaders(headers) {
+  const fiveHour = parseFloatHeader(headers, "anthropic-ratelimit-unified-5h-utilization");
+  const sevenDay = parseFloatHeader(headers, "anthropic-ratelimit-unified-7d-utilization");
+  if (fiveHour == null && sevenDay == null) {
+    return {
+      ok: false,
+      reason: "no unified rate-limit headers in response (API token, not OAuth?)"
+    };
+  }
+  return {
+    ok: true,
+    data: {
+      fiveHourUtilizationPct: (fiveHour ?? 0) * 100,
+      sevenDayUtilizationPct: (sevenDay ?? 0) * 100,
+      fiveHourResetAt: parseEpochHeader(headers, "anthropic-ratelimit-unified-5h-reset"),
+      sevenDayResetAt: parseEpochHeader(headers, "anthropic-ratelimit-unified-7d-reset"),
+      representativeClaim: headers.get("anthropic-ratelimit-unified-representative-claim"),
+      overageStatus: headers.get("anthropic-ratelimit-unified-overage-status"),
+      overageDisabledReason: headers.get("anthropic-ratelimit-unified-overage-disabled-reason")
+    }
+  };
+}
+async function fetchQuota(opts) {
+  let token;
+  if (opts.accessToken && opts.claudeConfigDir) {
+    return {
+      ok: false,
+      reason: "pass only one of `accessToken` or `claudeConfigDir`, not both"
+    };
+  }
+  if (opts.accessToken) {
+    token = opts.accessToken.trim().length > 0 ? opts.accessToken : null;
+  } else if (opts.claudeConfigDir) {
+    token = readOauthToken(opts.claudeConfigDir);
+  } else {
+    return {
+      ok: false,
+      reason: "fetchQuota requires `accessToken` or `claudeConfigDir`"
+    };
+  }
+  if (!token) {
+    return { ok: false, reason: "no OAuth token at .oauth-token" };
+  }
+  const controller = new AbortController;
+  const timeout = setTimeout(() => controller.abort(), opts.timeoutMs ?? 1e4);
+  const fetchFn = opts.fetchImpl ?? fetch;
+  let resp;
+  try {
+    resp = await fetchFn("https://api.anthropic.com/v1/messages", {
+      method: "POST",
+      headers: {
+        "anthropic-version": "2023-06-01",
+        "anthropic-beta": OAUTH_BETA,
+        authorization: `Bearer ${token}`,
+        "x-app": "cli",
+        "user-agent": DEFAULT_USER_AGENT,
+        "content-type": "application/json"
+      },
+      body: JSON.stringify({
+        model: opts.model ?? DEFAULT_PROBE_MODEL,
+        max_tokens: 1,
+        messages: [{ role: "user", content: "hi" }]
+      }),
+      signal: controller.signal
+    });
+  } catch (err) {
+    const msg = err?.message ?? String(err);
+    return { ok: false, reason: `request failed: ${msg}` };
+  } finally {
+    clearTimeout(timeout);
+  }
+  if (resp.status === 401 || resp.status === 403) {
+    return { ok: false, reason: `auth rejected (HTTP ${resp.status})` };
+  }
+  const parsed = parseQuotaHeaders(resp.headers);
+  if (!parsed.ok && resp.status >= 400) {
+    return { ok: false, reason: `HTTP ${resp.status}, ${parsed.reason}` };
+  }
+  return parsed;
+}
+function formatQuotaLine(q) {
+  const fmt = (n) => `${Math.round(n)}%`;
+  return `${fmt(q.fiveHourUtilizationPct)} / 5h \u00b7 ${fmt(q.sevenDayUtilizationPct)} / 7d`;
+}
+function formatResetRelative(target, now = new Date) {
+  if (!target)
+    return "\u2014";
+  const deltaMs = target.getTime() - now.getTime();
+  if (deltaMs <= 0)
+    return "resets now";
+  const totalMin = Math.round(deltaMs / 60000);
+  if (totalMin < 60)
+    return `resets in ${totalMin}m`;
+  const hours = Math.floor(totalMin / 60);
+  const mins = totalMin % 60;
+  if (hours < 24)
+    return mins > 0 ? `resets in ${hours}h ${mins}m` : `resets in ${hours}h`;
+  const days = Math.floor(hours / 24);
+  const remH = hours % 24;
+  return remH > 0 ? `resets in ${days}d ${remH}h` : `resets in ${days}d`;
+}
+var OAUTH_BETA = "oauth-2025-04-20", DEFAULT_USER_AGENT = "claude-cli/1.0.0 (external, cli)", DEFAULT_PROBE_MODEL = "claude-haiku-4-5-20251001";
+var init_quota_check = () => {};
+
+// ../src/vault/broker/peercred-ffi.ts
+function getPeerCred(fd) {
+  if (process.platform !== "linux")
+    return null;
+  try {
+    const ffi = __require("bun:ffi");
+    const { dlopen, FFIType, ptr } = ffi;
+    const SOL_SOCKET = 1;
+    const SO_PEERCRED = 17;
+    const UCRED_SIZE = 12;
+    const cache = getPeerCred;
+    const lib = cache._lib ?? (() => {
+      const candidates = ["libc.so.6", "libc.so"];
+      const symbolSpec = {
+        getsockopt: {
+          args: [FFIType.i32, FFIType.i32, FFIType.i32, FFIType.ptr, FFIType.ptr],
+          returns: FFIType.i32
+        }
+      };
+      const errors3 = [];
+      for (const name of candidates) {
+        try {
+          const opened = dlopen(name, symbolSpec);
+          cache._lib = opened;
+          return opened;
+        } catch (e) {
+          errors3.push(`${name}: ${e instanceof Error ? e.message : String(e)}`);
+        }
+      }
+      process.stderr.write(`[vault-broker] peercred-ffi: dlopen failed for all libc candidates ` + `(${errors3.join("; ")}); falling back to ss-parsing.
+`);
+      throw new Error("no libc candidate could be opened");
+    })();
+    const credBuf = new ArrayBuffer(UCRED_SIZE);
+    const lenBuf = new Uint32Array(1);
+    lenBuf[0] = UCRED_SIZE;
+    const rc = lib.symbols.getsockopt(fd, SOL_SOCKET, SO_PEERCRED, ptr(credBuf), ptr(lenBuf.buffer));
+    if (rc !== 0)
+      return null;
+    if (lenBuf[0] !== UCRED_SIZE)
+      return null;
+    const view = new DataView(credBuf);
+    return {
+      pid: view.getInt32(0, true),
+      uid: view.getInt32(4, true),
+      gid: view.getInt32(8, true)
+    };
+  } catch {
+    return null;
+  }
+}
+
+// ../src/vault/broker/peercred.ts
+function isReservedAgentName(name) {
+  return RESERVED_AGENT_NAMES.has(name);
+}
+function unlockSocketFor(dataSocketPath) {
+  if (dataSocketPath.endsWith("/sock")) {
+    return dataSocketPath.slice(0, -"/sock".length) + "/unlock";
+  }
+  return dataSocketPath.replace(/\.sock$/, ".unlock.sock");
+}
+var RESERVED_AGENT_NAMES;
+var init_peercred = __esm(() => {
+  RESERVED_AGENT_NAMES = new Set(["operator", "hostd"]);
+});
+
+// ../src/vault/broker/protocol.ts
+function encodeRequest2(req) {
+  const json = JSON.stringify(req);
+  if (Buffer.byteLength(json, "utf8") > MAX_FRAME_BYTES2) {
+    throw new Error(`Request frame too large (${Buffer.byteLength(json, "utf8")} bytes; max ${MAX_FRAME_BYTES2})`);
+  }
+  return json + `
+`;
+}
+function decodeResponse2(line) {
+  if (Buffer.byteLength(line, "utf8") > MAX_FRAME_BYTES2) {
+    throw new RangeError(`Response frame too large (${Buffer.byteLength(line, "utf8")} bytes; max ${MAX_FRAME_BYTES2})`);
+  }
+  const obj = JSON.parse(line);
+  return ResponseSchema2.parse(obj);
+}
+var MAX_FRAME_BYTES2, AgentNameSchema, GetRequestSchema, PutRequestSchema, ListRequestSchema, MintGrantRequestSchema, ListGrantsRequestSchema, RevokeGrantRequestSchema, StatusRequestSchema, LockRequestSchema, PreflightAccessRequestSchema, OkPreflightAccessResponseSchema, ApprovalRequestRequestSchema, ApprovalLookupRequestSchema, ApprovalConsumeRequestSchema, ApprovalRevokeRequestSchema, ApprovalListRequestSchema, ApprovalDecisionModeSchema, ApprovalRecordRequestSchema, ApprovalConsumeRecordRequestSchema, RequestSchema2, VaultEntrySchema, ErrorCode, OkEntryResponseSchema, OkKeysResponseSchema, BrokerStatus, OkStatusResponseSchema, OkLockResponseSchema, OkPutResponseSchema, OkMintGrantResponseSchema, GrantMetaSchema, OkListGrantsResponseSchema, OkRevokeGrantResponseSchema, OkApprovalRequestResponseSchema, ApprovalDecisionMetaSchema, OkApprovalLookupResponseSchema, OkApprovalConsumeResponseSchema, OkApprovalRevokeResponseSchema, OkApprovalListResponseSchema, OkApprovalRecordResponseSchema, OkApprovalConsumeRecordResponseSchema, ErrorResponseSchema2, ResponseSchema2;
+var init_protocol2 = __esm(() => {
+  init_zod();
+  init_peercred();
+  MAX_FRAME_BYTES2 = 64 * 1024;
+  AgentNameSchema = exports_external.string().min(1).max(64, "agent name max 64 chars").regex(/^[a-zA-Z0-9][a-zA-Z0-9_-]*$/, "agent name must be kebab-case ASCII (alnum + _- only, first char alnum)").refine((s) => !isReservedAgentName(s), {
+    message: "agent name is reserved"
+  });
+  GetRequestSchema = exports_external.object({
+    v: exports_external.literal(1),
+    op: exports_external.literal("get"),
+    key: exports_external.string().min(1),
+    filename: exports_external.string().optional(),
+    token: exports_external.string().optional()
+  });
+  PutRequestSchema = exports_external.object({
+    v: exports_external.literal(1),
+    op: exports_external.literal("put"),
+    key: exports_external.string().min(1),
+    entry: exports_external.union([
+      exports_external.object({ kind: exports_external.literal("string"), value: exports_external.string() }),
+      exports_external.object({ kind: exports_external.literal("binary"), value: exports_external.string() })
+    ]),
+    token: exports_external.string().optional(),
+    passphrase: exports_external.string().optional(),
+    attest_via_posture: exports_external.boolean().optional()
+  });
+  ListRequestSchema = exports_external.object({
+    v: exports_external.literal(1),
+    op: exports_external.literal("list"),
+    token: exports_external.string().optional()
+  });
+  MintGrantRequestSchema = exports_external.object({
+    v: exports_external.literal(1),
+    op: exports_external.literal("mint_grant"),
+    agent: AgentNameSchema,
+    keys: exports_external.array(exports_external.string().min(1)),
+    ttl_seconds: exports_external.number().int().positive().nullable(),
+    description: exports_external.string().optional(),
+    write_keys: exports_external.array(exports_external.string().min(1)).optional(),
+    passphrase: exports_external.string().optional(),
+    attest_via_posture: exports_external.boolean().optional()
+  });
+  ListGrantsRequestSchema = exports_external.object({
+    v: exports_external.literal(1),
+    op: exports_external.literal("list_grants"),
+    agent: AgentNameSchema.optional(),
+    passphrase: exports_external.string().optional(),
+    attest_via_posture: exports_external.boolean().optional()
+  });
+  RevokeGrantRequestSchema = exports_external.object({
+    v: exports_external.literal(1),
+    op: exports_external.literal("revoke_grant"),
+    id: exports_external.string().min(1)
+  });
+  StatusRequestSchema = exports_external.object({
+    v: exports_external.literal(1),
+    op: exports_external.literal("status")
+  });
+  LockRequestSchema = exports_external.object({
+    v: exports_external.literal(1),
+    op: exports_external.literal("lock")
+  });
+  PreflightAccessRequestSchema = exports_external.object({
+    v: exports_external.literal(1),
+    op: exports_external.literal("preflight_access"),
+    agent: AgentNameSchema,
+    keys: exports_external.array(exports_external.string().min(1)).min(1).max(128)
+  });
+  OkPreflightAccessResponseSchema = exports_external.object({
+    ok: exports_external.literal(true),
+    op: exports_external.literal("preflight_access"),
+    results: exports_external.array(exports_external.object({
+      key: exports_external.string(),
+      exists: exports_external.boolean(),
+      acl_ok: exports_external.boolean(),
+      acl_reason: exports_external.string().optional(),
+      scope_ok: exports_external.boolean(),
+      scope_reason: exports_external.string().optional()
+    }))
+  });
+  ApprovalRequestRequestSchema = exports_external.object({
+    v: exports_external.literal(1),
+    op: exports_external.literal("approval_request"),
+    agent_unit: exports_external.string().min(1),
+    scope: exports_external.string().min(1),
+    action: exports_external.string().min(1),
+    approver_set: exports_external.array(exports_external.string()),
+    why: exports_external.string().optional(),
+    ttl_ms: exports_external.number().int().positive().optional()
+  });
+  ApprovalLookupRequestSchema = exports_external.object({
+    v: exports_external.literal(1),
+    op: exports_external.literal("approval_lookup"),
+    agent_unit: exports_external.string().min(1),
+    scope: exports_external.string().min(1),
+    action: exports_external.string().min(1),
+    current_approver_set: exports_external.array(exports_external.string())
+  });
+  ApprovalConsumeRequestSchema = exports_external.object({
+    v: exports_external.literal(1),
+    op: exports_external.literal("approval_consume"),
+    request_id: exports_external.string().regex(/^[0-9a-f]{32}$/)
+  });
+  ApprovalRevokeRequestSchema = exports_external.object({
+    v: exports_external.literal(1),
+    op: exports_external.literal("approval_revoke"),
+    decision_id: exports_external.string().min(1),
+    actor: exports_external.string().min(1),
+    reason: exports_external.string().optional()
+  });
+  ApprovalListRequestSchema = exports_external.object({
+    v: exports_external.literal(1),
+    op: exports_external.literal("approval_list"),
+    agent_unit: exports_external.string().optional()
+  });
+  ApprovalDecisionModeSchema = exports_external.enum([
+    "allow_once",
+    "allow_always",
+    "allow_ttl",
+    "deny",
+    "deny_perm"
+  ]);
+  ApprovalRecordRequestSchema = exports_external.object({
+    v: exports_external.literal(1),
+    op: exports_external.literal("approval_record"),
+    request_id: exports_external.string().regex(/^[0-9a-f]{32}$/),
+    decision: ApprovalDecisionModeSchema,
+    approver_set: exports_external.array(exports_external.string()),
+    granted_by_user_id: exports_external.number().int(),
+    ttl_ms: exports_external.number().int().positive().nullable().optional()
+  });
+  ApprovalConsumeRecordRequestSchema = exports_external.object({
+    v: exports_external.literal(1),
+    op: exports_external.literal("approval_consume_record"),
+    request_id: exports_external.string().regex(/^[0-9a-f]{32}$/),
+    decision: ApprovalDecisionModeSchema,
+    approver_set: exports_external.array(exports_external.string()),
+    granted_by_user_id: exports_external.number().int(),
+    ttl_ms: exports_external.number().int().positive().nullable().optional()
+  });
+  RequestSchema2 = exports_external.discriminatedUnion("op", [
+    GetRequestSchema,
+    PutRequestSchema,
+    ListRequestSchema,
+    StatusRequestSchema,
+    LockRequestSchema,
+    PreflightAccessRequestSchema,
+    MintGrantRequestSchema,
+    ListGrantsRequestSchema,
+    RevokeGrantRequestSchema,
+    ApprovalRequestRequestSchema,
+    ApprovalLookupRequestSchema,
+    ApprovalConsumeRequestSchema,
+    ApprovalRevokeRequestSchema,
+    ApprovalListRequestSchema,
+    ApprovalRecordRequestSchema,
+    ApprovalConsumeRecordRequestSchema
+  ]);
+  VaultEntrySchema = exports_external.union([
+    exports_external.object({ kind: exports_external.literal("string"), value: exports_external.string() }),
+    exports_external.object({ kind: exports_external.literal("binary"), value: exports_external.string() }),
+    exports_external.object({
+      kind: exports_external.literal("files"),
+      files: exports_external.record(exports_external.string(), exports_external.object({
+        encoding: exports_external.enum(["utf8", "base64"]),
+        value: exports_external.string()
+      }))
+    })
+  ]);
+  ErrorCode = exports_external.enum([
+    "LOCKED",
+    "DENIED",
+    "UNKNOWN_KEY",
+    "BAD_REQUEST",
+    "INTERNAL"
+  ]);
+  OkEntryResponseSchema = exports_external.object({
+    ok: exports_external.literal(true),
+    entry: VaultEntrySchema
+  });
+  OkKeysResponseSchema = exports_external.object({
+    ok: exports_external.literal(true),
+    keys: exports_external.array(exports_external.string())
+  });
+  BrokerStatus = exports_external.object({
+    unlocked: exports_external.boolean(),
+    keyCount: exports_external.number().int().nonnegative(),
+    uptimeSec: exports_external.number().nonnegative()
+  });
+  OkStatusResponseSchema = exports_external.object({
+    ok: exports_external.literal(true),
+    status: BrokerStatus
+  });
+  OkLockResponseSchema = exports_external.object({
+    ok: exports_external.literal(true),
+    locked: exports_external.literal(true)
+  });
+  OkPutResponseSchema = exports_external.object({
+    ok: exports_external.literal(true),
+    put: exports_external.literal(true),
+    key: exports_external.string()
+  });
+  OkMintGrantResponseSchema = exports_external.object({
+    ok: exports_external.literal(true),
+    token: exports_external.string(),
+    id: exports_external.string(),
+    expires_at: exports_external.number().nullable()
+  });
+  GrantMetaSchema = exports_external.object({
+    id: exports_external.string(),
+    agent_slug: exports_external.string(),
+    key_allow: exports_external.array(exports_external.string()),
+    write_allow: exports_external.array(exports_external.string()).default([]),
+    expires_at: exports_external.number().nullable(),
+    created_at: exports_external.number(),
+    description: exports_external.string().nullable()
+  });
+  OkListGrantsResponseSchema = exports_external.object({
+    ok: exports_external.literal(true),
+    grants: exports_external.array(GrantMetaSchema)
+  });
+  OkRevokeGrantResponseSchema = exports_external.object({
+    ok: exports_external.literal(true),
+    revoked: exports_external.boolean()
+  });
+  OkApprovalRequestResponseSchema = exports_external.discriminatedUnion("state", [
+    exports_external.object({
+      ok: exports_external.literal(true),
+      kind: exports_external.literal("approval_request"),
+      state: exports_external.literal("pending"),
+      request_id: exports_external.string(),
+      expires_at: exports_external.number()
+    }),
+    exports_external.object({
+      ok: exports_external.literal(true),
+      kind: exports_external.literal("approval_request"),
+      state: exports_external.literal("rate_limited"),
+      retry_after_ms: exports_external.number()
+    })
+  ]);
+  ApprovalDecisionMetaSchema = exports_external.object({
+    id: exports_external.string(),
+    agent_unit: exports_external.string(),
+    scope: exports_external.string(),
+    action: exports_external.string(),
+    decision: ApprovalDecisionModeSchema,
+    granted_at: exports_external.number(),
+    granted_by_user_id: exports_external.number(),
+    ttl_expires_at: exports_external.number().nullable(),
+    last_used_at: exports_external.number().nullable(),
+    revoked_at: exports_external.number().nullable(),
+    revoke_reason: exports_external.string().nullable()
+  });
+  OkApprovalLookupResponseSchema = exports_external.object({
+    ok: exports_external.literal(true),
+    state: exports_external.enum(["granted", "denied", "pending", "expired", "drift_revoked", "no_decision"]),
+    decision: ApprovalDecisionMetaSchema.nullable().optional()
+  });
+  OkApprovalConsumeResponseSchema = exports_external.object({
+    ok: exports_external.literal(true),
+    consumed: exports_external.boolean(),
+    agent_unit: exports_external.string().optional(),
+    scope: exports_external.string().optional(),
+    action: exports_external.string().optional(),
+    why: exports_external.string().nullable().optional()
+  });
+  OkApprovalRevokeResponseSchema = exports_external.object({
+    ok: exports_external.literal(true),
+    revoked: exports_external.boolean()
+  });
+  OkApprovalListResponseSchema = exports_external.object({
+    ok: exports_external.literal(true),
+    decisions: exports_external.array(ApprovalDecisionMetaSchema)
+  });
+  OkApprovalRecordResponseSchema = exports_external.object({
+    ok: exports_external.literal(true),
+    decision_id: exports_external.string()
+  });
+  OkApprovalConsumeRecordResponseSchema = exports_external.object({
+    ok: exports_external.literal(true),
+    consumed: exports_external.boolean(),
+    decision_id: exports_external.string().optional(),
+    agent_unit: exports_external.string().optional(),
+    scope: exports_external.string().optional(),
+    action: exports_external.string().optional(),
+    why: exports_external.string().nullable().optional()
+  });
+  ErrorResponseSchema2 = exports_external.object({
+    ok: exports_external.literal(false),
+    code: ErrorCode,
+    msg: exports_external.string()
+  });
+  ResponseSchema2 = exports_external.union([
+    OkEntryResponseSchema,
+    OkKeysResponseSchema,
+    OkStatusResponseSchema,
+    OkLockResponseSchema,
+    OkPreflightAccessResponseSchema,
+    OkPutResponseSchema,
+    OkMintGrantResponseSchema,
+    OkListGrantsResponseSchema,
+    OkRevokeGrantResponseSchema,
+    OkApprovalRequestResponseSchema,
+    OkApprovalLookupResponseSchema,
+    OkApprovalConsumeResponseSchema,
+    OkApprovalRevokeResponseSchema,
+    OkApprovalListResponseSchema,
+    OkApprovalRecordResponseSchema,
+    OkApprovalConsumeRecordResponseSchema,
+    ErrorResponseSchema2
+  ]);
+});
+
+// ../src/runtime-mode.ts
+function isDockerRuntime() {
+  return process.env.SWITCHROOM_RUNTIME === "docker";
+}
+
+// ../src/vault/broker/client.ts
+import * as net3 from "node:net";
+import * as fs from "node:fs";
+import { homedir as homedir7 } from "node:os";
+import { join as join15 } from "node:path";
+function defaultBrokerSocketPath() {
+  if (fs.existsSync(OPERATOR_SOCKET_PATH))
+    return OPERATOR_SOCKET_PATH;
+  if (isDockerRuntime())
+    return OPERATOR_SOCKET_PATH;
+  return LEGACY_SOCKET_PATH;
+}
+function vaultTokenFilePath(agentSlug) {
+  return join15(homedir7(), ".switchroom", "agents", agentSlug, ".vault-token");
+}
+function readVaultTokenFile(agentSlug) {
+  const filePath = vaultTokenFilePath(agentSlug);
+  try {
+    const stat = fs.statSync(filePath);
+    const mode = stat.mode & 511;
+    if ((mode & 63) !== 0) {
+      process.stderr.write(`[vault-broker] Refusing to read ${filePath} with mode ${mode.toString(8).padStart(3, "0")} ` + `(must be 0600). Delete the file and re-mint with 'switchroom vault grant mint <agent>'. ` + `Falling through to peercred ACL.
+`);
+      return null;
+    }
+    const raw = fs.readFileSync(filePath, "utf8");
+    const token = raw.split(`
+`)[0].trim();
+    return token.length > 0 ? token : null;
+  } catch (err) {
+    const code = err.code;
+    if (code === "ENOENT") {
+      return null;
+    }
+    const reason = code === "EACCES" ? "permission denied" : err instanceof Error ? err.message : String(err);
+    process.stderr.write(`[vault-broker] Warning: could not read token file ${filePath}: ${reason}. ` + `Falling through to peercred ACL.
+`);
+    return null;
+  }
+}
+function resolveBrokerSocketPath(opts) {
+  if (opts?.socket)
+    return opts.socket;
+  const env = process.env.SWITCHROOM_VAULT_BROKER_SOCK;
+  if (env)
+    return env;
+  if (opts?.vaultBrokerSocket)
+    return opts.vaultBrokerSocket;
+  return defaultBrokerSocketPath();
+}
+async function rpcRaw(req, opts) {
+  return rpc(req, opts);
+}
+async function rpc(req, opts) {
+  const socketPath = resolveBrokerSocketPath(opts);
+  const timeoutMs = opts?.timeoutMs ?? DEFAULT_TIMEOUT_MS3;
+  return new Promise((resolve5) => {
+    let settled = false;
+    const settle = (val) => {
+      if (settled)
+        return;
+      settled = true;
+      resolve5(val);
+    };
+    const client3 = new net3.Socket;
+    const timer3 = setTimeout(() => {
+      client3.destroy();
+      settle({ kind: "unreachable", msg: `broker did not respond within ${timeoutMs}ms` });
+    }, timeoutMs);
+    client3.on("error", (err) => {
+      clearTimeout(timer3);
+      const code = err.code ?? "ERR";
+      let msg;
+      if (code === "ENOENT")
+        msg = "broker socket not found (is the daemon running?)";
+      else if (code === "ECONNREFUSED")
+        msg = "broker socket exists but refused connection";
+      else if (code === "EACCES")
+        msg = "broker socket access denied (wrong UID?)";
+      else
+        msg = `broker connection failed: ${err.message}`;
+      settle({ kind: "unreachable", msg });
     });
-    function toKey(value) {
-      if (typeof value == "string" || isSymbol(value)) {
-        return value;
-      }
-      var result = value + "";
-      return result == "0" && 1 / value == -Infinity ? "-0" : result;
-    }
-    function toSource(func) {
-      if (func != null) {
-        try {
-          return funcToString.call(func);
-        } catch (e) {}
+    let buffer = "";
+    client3.on("data", (chunk2) => {
+      buffer += chunk2.toString("utf8");
+      const newlineIdx = buffer.indexOf(`
+`);
+      if (newlineIdx !== -1) {
+        const line = buffer.slice(0, newlineIdx).trimEnd();
+        clearTimeout(timer3);
+        client3.destroy();
         try {
-          return func + "";
-        } catch (e) {}
-      }
-      return "";
-    }
-    var sortBy = baseRest(function(collection, iteratees) {
-      if (collection == null) {
-        return [];
-      }
-      var length = iteratees.length;
-      if (length > 1 && isIterateeCall(collection, iteratees[0], iteratees[1])) {
-        iteratees = [];
-      } else if (length > 2 && isIterateeCall(iteratees[0], iteratees[1], iteratees[2])) {
-        iteratees = [iteratees[0]];
+          const resp = decodeResponse2(line);
+          settle({ kind: "response", resp });
+        } catch (err) {
+          settle({
+            kind: "unreachable",
+            msg: `unparseable broker response: ${err instanceof Error ? err.message : String(err)}`
+          });
+        }
       }
-      return baseOrderBy(collection, baseFlatten(iteratees), []);
     });
-    function memoize(func, resolver) {
-      if (typeof func != "function" || resolver && typeof resolver != "function") {
-        throw new TypeError(FUNC_ERROR_TEXT);
+    client3.on("connect", () => {
+      try {
+        client3.write(encodeRequest2(req));
+      } catch (err) {
+        clearTimeout(timer3);
+        client3.destroy();
+        settle({
+          kind: "unreachable",
+          msg: `failed to send request: ${err instanceof Error ? err.message : String(err)}`
+        });
       }
-      var memoized = function() {
-        var args = arguments, key = resolver ? resolver.apply(this, args) : args[0], cache = memoized.cache;
-        if (cache.has(key)) {
-          return cache.get(key);
-        }
-        var result = func.apply(this, args);
-        memoized.cache = cache.set(key, result);
-        return result;
-      };
-      memoized.cache = new (memoize.Cache || MapCache);
-      return memoized;
-    }
-    memoize.Cache = MapCache;
-    function eq(value, other) {
-      return value === other || value !== value && other !== other;
-    }
-    function isArguments(value) {
-      return isArrayLikeObject(value) && hasOwnProperty.call(value, "callee") && (!propertyIsEnumerable.call(value, "callee") || objectToString.call(value) == argsTag);
-    }
-    var isArray2 = Array.isArray;
-    function isArrayLike(value) {
-      return value != null && isLength(value.length) && !isFunction2(value);
-    }
-    function isArrayLikeObject(value) {
-      return isObjectLike(value) && isArrayLike(value);
-    }
-    function isFunction2(value) {
-      var tag = isObject2(value) ? objectToString.call(value) : "";
-      return tag == funcTag || tag == genTag;
-    }
-    function isLength(value) {
-      return typeof value == "number" && value > -1 && value % 1 == 0 && value <= MAX_SAFE_INTEGER;
-    }
-    function isObject2(value) {
-      var type = typeof value;
-      return !!value && (type == "object" || type == "function");
-    }
-    function isObjectLike(value) {
-      return !!value && typeof value == "object";
-    }
-    function isSymbol(value) {
-      return typeof value == "symbol" || isObjectLike(value) && objectToString.call(value) == symbolTag;
-    }
-    var isTypedArray = nodeIsTypedArray ? baseUnary(nodeIsTypedArray) : baseIsTypedArray;
-    function toString(value) {
-      return value == null ? "" : baseToString(value);
-    }
-    function get(object, path, defaultValue) {
-      var result = object == null ? undefined : baseGet(object, path);
-      return result === undefined ? defaultValue : result;
-    }
-    function hasIn(object, path) {
-      return object != null && hasPath(object, path, baseHasIn);
-    }
-    function keys(object) {
-      return isArrayLike(object) ? arrayLikeKeys(object) : baseKeys(object);
-    }
-    function identity2(value) {
-      return value;
-    }
-    function property(path) {
-      return isKey(path) ? baseProperty(toKey(path)) : basePropertyDeep(path);
-    }
-    module.exports = sortBy;
-  })(lodash_sortby, lodash_sortby.exports);
-  return lodash_sortby.exports;
+    });
+    client3.connect({ path: socketPath });
+  });
 }
-function requireEscapeStringRegexp() {
-  if (hasRequiredEscapeStringRegexp)
-    return escapeStringRegexp;
-  hasRequiredEscapeStringRegexp = 1;
-  escapeStringRegexp = (string) => {
-    if (typeof string !== "string") {
-      throw new TypeError("Expected a string");
+async function getViaBrokerStructured(key, opts) {
+  const token = opts?.token;
+  const result = await rpc({ v: 1, op: "get", key, ...token ? { token } : {} }, opts);
+  if (result.kind === "unreachable") {
+    return { kind: "unreachable", msg: result.msg };
+  }
+  const resp = result.resp;
+  if (resp.ok && "entry" in resp) {
+    return { kind: "ok", entry: resp.entry };
+  }
+  if (!resp.ok) {
+    if (resp.code === "UNKNOWN_KEY") {
+      return { kind: "not_found", code: resp.code, msg: resp.msg };
     }
-    return string.replace(/[|\\{}()[\]^$+*?.]/g, "\\$&").replace(/-/g, "\\x2d");
-  };
-  return escapeStringRegexp;
+    return { kind: "denied", code: resp.code, msg: resp.msg };
+  }
+  return { kind: "unreachable", msg: "unexpected broker response shape" };
 }
-function requireRegexpParse() {
-  if (hasRequiredRegexpParse)
-    return regexpParse;
-  hasRequiredRegexpParse = 1;
-  Object.defineProperty(regexpParse, "__esModule", { value: true });
-  regexpParse.isRegExpString = regexpParse.parseRegExpString = undefined;
-  var REGEXP_LITERAL_PATTERN = /^\/(.+)\/([guimysd]*)$/;
-  var parseRegExpString = function(str) {
-    var result = str.match(REGEXP_LITERAL_PATTERN);
-    if (!result) {
-      return null;
+async function putViaBroker(key, entry, opts) {
+  const token = opts?.token;
+  const passphrase = opts?.passphrase;
+  const attestViaPosture = opts?.attest_via_posture === true;
+  const result = await rpc({
+    v: 1,
+    op: "put",
+    key,
+    entry,
+    ...token ? { token } : {},
+    ...passphrase ? { passphrase } : {},
+    ...attestViaPosture ? { attest_via_posture: true } : {}
+  }, opts);
+  if (result.kind === "unreachable") {
+    return { kind: "unreachable", msg: result.msg };
+  }
+  const resp = result.resp;
+  if (resp.ok && "put" in resp) {
+    return { kind: "ok" };
+  }
+  if (!resp.ok) {
+    if (resp.code === "UNKNOWN_KEY") {
+      return { kind: "not_found", code: resp.code, msg: resp.msg };
     }
-    return {
-      source: result[1],
-      flagString: result[2]
-    };
-  };
-  regexpParse.parseRegExpString = parseRegExpString;
-  var isRegExpString = function(str) {
-    return REGEXP_LITERAL_PATTERN.test(str);
+    return { kind: "denied", code: resp.code, msg: resp.msg };
+  }
+  return { kind: "unreachable", msg: "unexpected broker response shape" };
+}
+var DEFAULT_TIMEOUT_MS3 = 2000, LEGACY_SOCKET_PATH, OPERATOR_SOCKET_PATH;
+var init_client2 = __esm(() => {
+  init_protocol2();
+  init_peercred();
+  LEGACY_SOCKET_PATH = join15(homedir7(), ".switchroom", "vault-broker.sock");
+  OPERATOR_SOCKET_PATH = join15(homedir7(), ".switchroom", "broker-operator", "sock");
+});
+
+// ../src/drive/deep-links.ts
+function classifyMimeType(mimeType) {
+  if (!mimeType)
+    return "file";
+  switch (mimeType) {
+    case "application/vnd.google-apps.document":
+      return "doc";
+    case "application/vnd.google-apps.spreadsheet":
+      return "spreadsheet";
+    case "application/vnd.google-apps.presentation":
+      return "presentation";
+    case "application/vnd.google-apps.form":
+      return "form";
+    case "application/vnd.google-apps.drawing":
+      return "drawing";
+    case "application/vnd.google-apps.folder":
+      return "folder";
+    default:
+      return "file";
+  }
+}
+function openInDriveUrl(options) {
+  validateDriveId2(options.fileId, "fileId");
+  if (options.discussionId !== undefined) {
+    validateDriveId2(options.discussionId, "discussionId");
+  }
+  const kind = options.isFolder ? "folder" : classifyMimeType(options.mimeType);
+  const base = baseUrlFor(kind, options.fileId);
+  if (options.discussionId !== undefined) {
+    return `${base}?disco=${encodeURIComponent(options.discussionId)}`;
+  }
+  return base;
+}
+function baseUrlFor(kind, fileId) {
+  switch (kind) {
+    case "doc":
+      return `https://docs.google.com/document/d/${fileId}/edit`;
+    case "spreadsheet":
+      return `https://docs.google.com/spreadsheets/d/${fileId}/edit`;
+    case "presentation":
+      return `https://docs.google.com/presentation/d/${fileId}/edit`;
+    case "form":
+      return `https://docs.google.com/forms/d/${fileId}/edit`;
+    case "drawing":
+      return `https://docs.google.com/drawings/d/${fileId}/edit`;
+    case "folder":
+      return `https://drive.google.com/drive/folders/${fileId}`;
+    case "file":
+      return `https://drive.google.com/file/d/${fileId}/view`;
+  }
+}
+function validateDriveId2(id, fieldName) {
+  if (id.length === 0) {
+    throw new Error(`Drive ${fieldName} must not be empty`);
+  }
+  if (!/^[A-Za-z0-9_-]+$/.test(id)) {
+    throw new Error(`Drive ${fieldName} '${id.slice(0, 30)}${id.length > 30 ? "\u2026" : ""}' contains invalid characters. Expected base64-url-safe (alphanumerics + - + _).`);
+  }
+}
+function openInDriveButton(options) {
+  return {
+    text: "\uD83D\uDCD6 Open in Drive",
+    url: openInDriveUrl(options)
   };
-  regexpParse.isRegExpString = isRegExpString;
-  return regexpParse;
 }
-function requireRegexpStringMatcher() {
-  if (hasRequiredRegexpStringMatcher)
-    return regexpStringMatcher;
-  hasRequiredRegexpStringMatcher = 1;
-  (function(exports$1) {
-    var __importDefault = regexpStringMatcher && regexpStringMatcher.__importDefault || function(mod) {
-      return mod && mod.__esModule ? mod : { default: mod };
-    };
-    Object.defineProperty(exports$1, "__esModule", { value: true });
-    exports$1.matchPatterns = exports$1.createRegExp = undefined;
-    var lodash_uniq_1 = __importDefault(requireLodash_uniq());
-    var lodash_uniqwith_1 = __importDefault(requireLodash_uniqwith());
-    var lodash_sortby_1 = __importDefault(requireLodash_sortby());
-    var escape_string_regexp_1 = __importDefault(requireEscapeStringRegexp());
-    var regexp_parse_1 = requireRegexpParse();
-    var DEFAULT_FLAGS = "ug";
-    var defaultFlags = function(flagsString) {
-      if (flagsString.length === 0) {
-        return DEFAULT_FLAGS;
-      }
-      return (0, lodash_uniq_1.default)((flagsString + DEFAULT_FLAGS).split("")).join("");
-    };
-    var createRegExp = function(patternString, defaultFlag) {
-      if (defaultFlag === undefined) {
-        defaultFlag = DEFAULT_FLAGS;
-      }
-      if (patternString.length === 0) {
-        throw new Error("Empty string can not handled");
-      }
-      if ((0, regexp_parse_1.isRegExpString)(patternString)) {
-        var regExpStructure = (0, regexp_parse_1.parseRegExpString)(patternString);
-        if (regExpStructure) {
-          return new RegExp(regExpStructure.source, defaultFlags(regExpStructure.flagString));
-        }
-        throw new Error('"'.concat(patternString, '" can not parse as RegExp.'));
-      } else {
-        return new RegExp((0, escape_string_regexp_1.default)(patternString), defaultFlag);
-      }
-    };
-    exports$1.createRegExp = createRegExp;
-    var isEqualMatchPatternResult = function(a, b) {
-      return a.startIndex === b.startIndex && a.endIndex === b.endIndex && a.match === b.match;
-    };
-    var matchPatterns = function(text, regExpLikeStrings) {
-      var matchPatternResults = [];
-      regExpLikeStrings.map(function(patternString) {
-        return (0, exports$1.createRegExp)(patternString);
-      }).forEach(function(regExp) {
-        var results = text.matchAll(regExp);
-        Array.from(results).forEach(function(result) {
-          if (result.index === undefined) {
-            return;
-          }
-          var match = result[0];
-          var index = result.index;
-          matchPatternResults.push({
-            match,
-            captures: result.slice(1),
-            startIndex: index,
-            endIndex: index + match.length
-          });
-        });
-      });
-      var uniqResults = (0, lodash_uniqwith_1.default)(matchPatternResults, isEqualMatchPatternResult);
-      return (0, lodash_sortby_1.default)(uniqResults, ["startIndex", "endIndex"]);
-    };
-    exports$1.matchPatterns = matchPatterns;
-  })(regexpStringMatcher);
-  return regexpStringMatcher;
+function scopeToOpenInDriveButton(scope, mimeTypeHint) {
+  const parsed = parseDriveScope(scope);
+  if (parsed === null)
+    return null;
+  if (parsed.target.kind === "all")
+    return null;
+  if (parsed.target.kind === "folder") {
+    return openInDriveButton({ fileId: parsed.target.folder_id, isFolder: true });
+  }
+  return openInDriveButton({
+    fileId: parsed.target.doc_id,
+    mimeType: mimeTypeHint
+  });
+}
+function parseDriveScope(scope) {
+  if (!scope.startsWith("doc:gdrive:"))
+    return null;
+  let rest = scope.slice("doc:gdrive:".length);
+  let action = "read";
+  if (rest.startsWith("write:")) {
+    action = "write";
+    rest = rest.slice("write:".length);
+  } else if (rest.startsWith("suggest:")) {
+    action = "suggest";
+    rest = rest.slice("suggest:".length);
+  }
+  if (rest === "**")
+    return { action, target: { kind: "all" } };
+  if (rest.startsWith("folder/")) {
+    const tail = rest.slice("folder/".length);
+    if (!tail.endsWith("/**"))
+      return null;
+    const folder_id = tail.slice(0, -"/**".length);
+    if (!/^[A-Za-z0-9_-]+$/.test(folder_id))
+      return null;
+    return { action, target: { kind: "folder", folder_id } };
+  }
+  if (!/^[A-Za-z0-9_-]+$/.test(rest))
+    return null;
+  return { action, target: { kind: "doc", doc_id: rest } };
 }
-var commonjsGlobal, regexpStringMatcher, lodash_uniq, hasRequiredLodash_uniq, lodash_uniqwith, hasRequiredLodash_uniqwith, lodash_sortby, hasRequiredLodash_sortby, escapeStringRegexp, hasRequiredEscapeStringRegexp, regexpParse, hasRequiredRegexpParse, hasRequiredRegexpStringMatcher, regexpStringMatcherExports, OID_DATA, OID_SHA1, OID_SHA256, OID_SHA384, OID_SHA512, typeMap;
-var init_module2 = __esm(() => {
-  commonjsGlobal = typeof globalThis !== "undefined" ? globalThis : typeof window !== "undefined" ? window : typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : {};
-  regexpStringMatcher = {};
-  lodash_sortby = { exports: {} };
-  lodash_sortby.exports;
-  regexpParse = {};
-  regexpStringMatcherExports = requireRegexpStringMatcher();
-  OID_DATA = new Uint8Array([42, 134, 72, 134, 247, 13, 1, 7, 1]);
-  OID_SHA1 = new Uint8Array([43, 14, 3, 2, 26]);
-  OID_SHA256 = new Uint8Array([96, 134, 72, 1, 101, 3, 4, 2, 1]);
-  OID_SHA384 = new Uint8Array([96, 134, 72, 1, 101, 3, 4, 2, 2]);
-  OID_SHA512 = new Uint8Array([96, 134, 72, 1, 101, 3, 4, 2, 3]);
-  typeMap = new Map([
-    ["ghp", "GitHub personal access tokens"],
-    ["gho", "OAuth access tokens"],
-    ["ghu", "GitHub user-to-server tokens"],
-    ["ghs", "GitHub server-to-server tokens"],
-    ["ghr", "refresh tokens"],
-    ["github_pat", "fine-grained personal access tokens"]
-  ]);
-});
 
-// secret-detect/secretlint-source.ts
-var init_secretlint_source = __esm(() => {
-  init_module();
-  init_module2();
-  init_suppressor();
-});
+// gateway/oversize-card-body.ts
+function truncateRawToFit(input) {
+  const { raw, render, cap, sentinel } = input;
+  const hardLimit = input.hardLimit ?? cap + 196;
+  const fullBody = render(raw);
+  if (fullBody.length <= cap) {
+    return { body: fullBody, truncated: false };
+  }
+  let lo = 0;
+  let hi = raw.length;
+  let bestSliceLen = 0;
+  while (lo <= hi) {
+    const mid = lo + hi >>> 1;
+    const candidate = raw.slice(0, mid) + sentinel;
+    if (render(candidate).length <= cap) {
+      bestSliceLen = mid;
+      lo = mid + 1;
+    } else {
+      hi = mid - 1;
+    }
+  }
+  let chosenRaw = raw.slice(0, bestSliceLen);
+  const lastNl = chosenRaw.lastIndexOf(`
+`);
+  if (lastNl > 0)
+    chosenRaw = chosenRaw.slice(0, lastNl);
+  let body = render(chosenRaw + sentinel);
+  if (body.length > hardLimit) {
+    body = body.slice(0, hardLimit - 1);
+  }
+  return { body, truncated: true };
+}
 
 // gateway/auth-line.ts
 function escapeHtml8(s) {
@@ -31966,37 +32325,51 @@ function isWorkerActivityFeedEnabled(envVal) {
   return envVal !== "0";
 }
 var DESC_MAX = 80;
-var TOOL_ARG_MAX = 64;
-var SUMMARY_MAX = 100;
+var STEP_MAX = 100;
+var RESULT_MAX = 320;
+var RULE = "\u2500\u2500\u2500\u2500\u2500";
 var NARRATIVE_MAX_LINES = 6;
+function appendStepFeed(lines, steps, allDone) {
+  if (steps.length === 0)
+    return;
+  const shown = steps.slice(-NARRATIVE_MAX_LINES);
+  const hidden = steps.length - shown.length;
+  if (hidden > 0)
+    lines.push(`<i>\u2713 +${hidden} earlier\u2026</i>`);
+  const lastIdx = shown.length - 1;
+  shown.forEach((s, i) => {
+    lines.push(!allDone && i === lastIdx ? `<b>\u2192 ${s}</b>` : `<i>\u2713 ${s}</i>`);
+  });
+}
 function renderWorkerActivity(v) {
-  const desc = truncate(v.description.trim() || "background task", DESC_MAX);
+  const desc = truncate(stripMarkdown(v.description).trim() || "background task", DESC_MAX);
   const elapsed = formatDuration(v.elapsedMs);
   const toolWord = v.toolCount === 1 ? "tool" : "tools";
-  if (v.state === "done" || v.state === "failed") {
-    const head = v.state === "done" ? `\u2705 <b>Worker done</b> \u00b7 <i>${escapeHtml(desc)}</i>` : `\u26a0\ufe0f <b>Worker failed</b> \u00b7 <i>${escapeHtml(desc)}</i>`;
-    return `${head}
-<i>${v.toolCount} ${toolWord} \u00b7 ${elapsed}</i>`;
-  }
-  const header = `\uD83D\uDD27 <b>Worker</b> \u00b7 <i>${escapeHtml(desc)}</i>`;
-  let activity;
-  if (v.lastTool != null) {
-    const arg = v.lastTool.sanitisedArg.trim();
-    const argPart = arg.length > 0 ? ` ${escapeHtml(truncate(arg, TOOL_ARG_MAX))}` : "";
-    activity = `\u26a1 <code>${escapeHtml(v.lastTool.name)}</code>${argPart} <i>(${v.toolCount} ${toolWord} \u00b7 ${elapsed})</i>`;
-  } else {
-    activity = `<i>starting\u2026 (${elapsed})</i>`;
-  }
-  const lines = [header, activity];
-  const narrative = (v.narrativeLines ?? []).map((s) => s.trim()).filter((s) => s.length > 0);
-  if (narrative.length > 0) {
-    for (const line of narrative) {
-      lines.push(`  \u21b3 <i>${escapeHtml(truncate(line, SUMMARY_MAX))}</i>`);
-    }
+  const header = `\uD83D\uDEE0 <b>Worker</b> \u00b7 <i>${escapeHtml(desc)}</i>`;
+  const finished = v.state === "done" || v.state === "failed";
+  const steps = (v.narrativeLines ?? []).map((s) => stripMarkdown(s).replace(/\s+/g, " ").trim()).filter((s) => s.length > 0).map((s) => escapeHtml(truncate(s, STEP_MAX)));
+  if (finished) {
+    const verb = v.state === "done" ? "completed" : "failed";
+    const lines2 = [header, `<i>finished \u00b7 ${verb} \u00b7 ${v.toolCount} ${toolWord} \u00b7 ${elapsed}</i>`];
+    appendStepFeed(lines2, steps, true);
+    const result = cleanWorkerResultParagraph(v.latestSummary);
+    if (result.length > 0) {
+      const emoji = v.state === "done" ? "\u2705" : "\u26a0\ufe0f";
+      lines2.push(RULE);
+      lines2.push(`${emoji} <i>${escapeHtml(truncate(result, RESULT_MAX))}</i>`);
+    }
+    return lines2.join(`
+`);
+  }
+  const lines = [header, `<i>running \u00b7 ${elapsed} \u00b7 ${v.toolCount} ${toolWord}</i>`];
+  if (steps.length > 0) {
+    appendStepFeed(lines, steps, false);
   } else {
-    const summary = v.latestSummary.trim();
+    const summary = stripMarkdown(v.latestSummary).replace(/\s+/g, " ").trim();
     if (summary.length > 0) {
-      lines.push(`  \u21b3 <i>${escapeHtml(truncate(summary, SUMMARY_MAX))}</i>`);
+      lines.push(`<b>\u2192 ${escapeHtml(truncate(summary, STEP_MAX))}</b>`);
+    } else {
+      lines.push("<i>starting\u2026</i>");
     }
   }
   return lines.join(`
@@ -32085,7 +32458,7 @@ function createWorkerActivityFeed(opts) {
     if (nowFn() < h.cooldownUntil) {
       return;
     }
-    const body = renderWorkerActivity(view);
+    const body = renderWorkerActivity({ ...view, narrativeLines: h.narrative });
     if (body === h.lastBody)
       return;
     try {
@@ -41582,7 +41955,7 @@ var INLINE_PH = `${NULL}VS_INLINE`;
 var HTML_CODE_PH = `${NULL}VS_HTMLCODE`;
 var HTML_PRE_PH = `${NULL}VS_HTMLPRE`;
 var URL_PH = `${NULL}VS_URL`;
-var URL_RE = /https?:\/\/\S+/g;
+var URL_RE2 = /https?:\/\/\S+/g;
 function enabled4() {
   const v = process.env.SWITCHROOM_DISABLE_VOICE_SCRUB;
   return !(v === "1" || v === "true");
@@ -41610,7 +41983,7 @@ function park(text) {
     parts.push({ prefix: INLINE_PH, idx, raw: m });
     return `${INLINE_PH}${idx}${NULL}`;
   });
-  parked = parked.replace(URL_RE, (m) => {
+  parked = parked.replace(URL_RE2, (m) => {
     const idx = parts.length;
     parts.push({ prefix: URL_PH, idx, raw: m });
     return `${URL_PH}${idx}${NULL}`;
@@ -42361,10 +42734,10 @@ class PreambleSuppressor {
     this.setTimer = deps.setTimer ?? ((fn, ms) => setTimeout(fn, ms));
     this.clearTimer = deps.clearTimer ?? ((h) => clearTimeout(h));
   }
-  onText(chunk) {
-    if (chunk.length === 0)
+  onText(chunk2) {
+    if (chunk2.length === 0)
       return;
-    this.pendingBuffer += chunk;
+    this.pendingBuffer += chunk2;
     if (this.pendingTimer != null)
       this.clearTimer(this.pendingTimer);
     this.pendingTimer = this.setTimer(() => this.flushNow(), this.bufferMs);
@@ -44616,8 +44989,8 @@ async function hostdRequest(opts, req) {
         reject(err);
       }
     });
-    socket.on("data", (chunk) => {
-      buf += chunk.toString("utf8");
+    socket.on("data", (chunk2) => {
+      buf += chunk2.toString("utf8");
       if (Buffer.byteLength(buf, "utf8") > MAX_FRAME_BYTES3 * 2) {
         if (settled)
           return;
@@ -44859,10 +45232,10 @@ function startWebhookIngestServer(opts) {
       } catch {}
       conn.end();
     };
-    conn.on("data", (chunk) => {
+    conn.on("data", (chunk2) => {
       if (handled)
         return;
-      buf += chunk;
+      buf += chunk2;
       if (buf.length > MAX_REQUEST_BYTES) {
         reply({ status: "error", error: "request too large" });
         return;
@@ -48070,253 +48443,8 @@ function resolveShutdownMarker(prior, signal, now, maxPreserveAgeMs = REASON_PRE
   return { ts: now, signal, reason: EXTERNAL_RESTART_FALLBACK_REASON };
 }
 
-// secret-detect/patterns.ts
-var ANCHORED_PATTERNS = [
-  { rule_id: "anthropic_api_key", regex: /\b(sk-ant-[A-Za-z0-9_-]{8,})\b/g, captureIndex: 1, slugHint: "anthropic_api_key" },
-  { rule_id: "anthropic_oauth_code", regex: /(?:^|\s)([A-Za-z0-9_-]{20,}#[A-Za-z0-9_-]{20,})(?=\s|$)/gm, captureIndex: 1, slugHint: "anthropic_oauth_code" },
-  { rule_id: "openai_api_key", regex: /\b(sk-[A-Za-z0-9_-]{20,})\b/g, captureIndex: 1, slugHint: "openai_api_key" },
-  { rule_id: "github_pat_classic", regex: /\b(ghp_[A-Za-z0-9]{20,})\b/g, captureIndex: 1, slugHint: "github_pat" },
-  { rule_id: "github_pat_fine_grained", regex: /\b(github_pat_[A-Za-z0-9_]{20,})\b/g, captureIndex: 1, slugHint: "github_pat" },
-  { rule_id: "slack_token", regex: /\b(xox[baprs]-[A-Za-z0-9-]{10,})\b/g, captureIndex: 1, slugHint: "slack_token" },
-  { rule_id: "slack_app_token", regex: /\b(xapp-[A-Za-z0-9-]{10,})\b/g, captureIndex: 1, slugHint: "slack_app_token" },
-  { rule_id: "groq_api_key", regex: /\b(gsk_[A-Za-z0-9_-]{10,})\b/g, captureIndex: 1, slugHint: "groq_api_key" },
-  { rule_id: "google_api_key", regex: /\b(AIza[0-9A-Za-z\-_]{20,})\b/g, captureIndex: 1, slugHint: "google_api_key" },
-  { rule_id: "perplexity_api_key", regex: /\b(pplx-[A-Za-z0-9_-]{10,})\b/g, captureIndex: 1, slugHint: "perplexity_api_key" },
-  { rule_id: "npm_token", regex: /\b(npm_[A-Za-z0-9]{10,})\b/g, captureIndex: 1, slugHint: "npm_token" },
-  { rule_id: "telegram_bot_token_prefixed", regex: /\bbot(\d{6,}:[A-Za-z0-9_-]{20,})\b/g, captureIndex: 1, slugHint: "telegram_bot_token" },
-  { rule_id: "telegram_bot_token", regex: /\b(\d{6,}:[A-Za-z0-9_-]{20,})\b/g, captureIndex: 1, slugHint: "telegram_bot_token" },
-  { rule_id: "aws_access_key", regex: /\b(AKIA[0-9A-Z]{16})\b/g, captureIndex: 1, slugHint: "aws_access_key" },
-  { rule_id: "jwt", regex: /\b(eyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,})\b/g, captureIndex: 1, slugHint: "jwt" }
-];
-var STRUCTURED_PATTERNS = [
-  {
-    rule_id: "env_key_value",
-    regex: /\b([A-Z0-9_]*(?:KEY|TOKEN|SECRET|PASSWORD|PASSWD))\b\s*[=:]\s*(["']?)([^\s"'\\]+)\2/g,
-    captureIndex: 3,
-    slugHint: "env"
-  },
-  {
-    rule_id: "json_secret_field",
-    regex: /"(?:apiKey|token|secret|password|passwd|accessToken|refreshToken)"\s*:\s*"([^"]+)"/g,
-    captureIndex: 1,
-    slugHint: "json_secret"
-  },
-  {
-    rule_id: "cli_flag",
-    regex: /--(?:api[-_]?key|hook[-_]?token|token|secret|password|passwd)\s+(["']?)([^\s"']+)\1/g,
-    captureIndex: 2,
-    slugHint: "cli_flag"
-  },
-  {
-    rule_id: "bearer_auth_header",
-    regex: /Authorization\s*[:=]\s*Bearer\s+([A-Za-z0-9._\-+=]+)/g,
-    captureIndex: 1,
-    slugHint: "bearer_token"
-  },
-  {
-    rule_id: "bearer_loose",
-    regex: /\bBearer\s+([A-Za-z0-9._\-+=]{18,})\b/g,
-    captureIndex: 1,
-    slugHint: "bearer_token"
-  },
-  {
-    rule_id: "pem_private_key",
-    regex: /-----BEGIN [A-Z ]*PRIVATE KEY-----[\s\S]+?-----END [A-Z ]*PRIVATE KEY-----/g,
-    captureIndex: 0,
-    slugHint: "pem_private_key"
-  }
-];
-var ALL_PATTERNS = [...ANCHORED_PATTERNS, ...STRUCTURED_PATTERNS];
-
-// secret-detect/entropy.ts
-function shannonEntropy(s) {
-  if (s.length === 0)
-    return 0;
-  const counts = new Map;
-  for (const ch of s) {
-    counts.set(ch, (counts.get(ch) ?? 0) + 1);
-  }
-  let h = 0;
-  const len = s.length;
-  for (const c of counts.values()) {
-    const p = c / len;
-    h -= p * Math.log2(p);
-  }
-  return h;
-}
-
-// secret-detect/kv-scanner.ts
-var KV_RE = /\b([A-Za-z_][A-Za-z0-9_-]*(?:password|passwd|token|secret|key|api[_-]?key))\s*[:=]\s*["']?([^\s"'\\]{8,})["']?/gi;
-var KV_ENTROPY_THRESHOLD = 4;
-function scanKeyValue(text) {
-  const hits = [];
-  KV_RE.lastIndex = 0;
-  let m;
-  while ((m = KV_RE.exec(text)) !== null) {
-    const [, keyName, value] = m;
-    if (!value)
-      continue;
-    const h = shannonEntropy(value);
-    if (h < KV_ENTROPY_THRESHOLD)
-      continue;
-    const valueOffsetInMatch = m[0].indexOf(value, keyName.length);
-    if (valueOffsetInMatch < 0)
-      continue;
-    const start = m.index + valueOffsetInMatch;
-    const end = start + value.length;
-    hits.push({
-      rule_id: "kv_entropy",
-      start,
-      end,
-      matched_text: value,
-      key_name: keyName,
-      confidence: "ambiguous"
-    });
-  }
-  return hits;
-}
-
-// secret-detect/chunker.ts
-var CHUNK_THRESHOLD = 32 * 1024;
-var WINDOW_SIZE = 16 * 1024;
-var OVERLAP = 1024;
-function chunk(text) {
-  if (text.length <= CHUNK_THRESHOLD) {
-    return [{ offset: 0, text }];
-  }
-  const out = [];
-  let offset = 0;
-  while (offset < text.length) {
-    const end = Math.min(offset + WINDOW_SIZE, text.length);
-    out.push({ offset, text: text.slice(offset, end) });
-    if (end >= text.length)
-      break;
-    offset = end - OVERLAP;
-  }
-  return out;
-}
-
-// secret-detect/index.ts
-init_suppressor();
-
-// secret-detect/mask.ts
-function maskToken(s) {
-  if (s.length >= 18) {
-    return `${s.slice(0, 6)}...${s.slice(-4)}`;
-  }
-  return "***";
-}
-// secret-detect/url-redact.ts
-var SENSITIVE_PARAMS = new Set([
-  "token",
-  "key",
-  "api_key",
-  "apikey",
-  "secret",
-  "access_token",
-  "password",
-  "pass",
-  "auth",
-  "client_secret",
-  "refresh_token",
-  "signature"
-]);
-
-// secret-detect/index.ts
-init_secretlint_source();
-function detectSecrets(text) {
-  if (!text || text.length === 0)
-    return [];
-  const windows = chunk(text);
-  const raw = [];
-  for (const win of windows) {
-    for (const p of ALL_PATTERNS) {
-      const re = new RegExp(p.regex.source, p.regex.flags.includes("g") ? p.regex.flags : p.regex.flags + "g");
-      let m;
-      while ((m = re.exec(win.text)) !== null) {
-        if (m[0].length === 0) {
-          re.lastIndex++;
-          continue;
-        }
-        const cap = p.captureIndex === 0 ? m[0] : m[p.captureIndex];
-        if (!cap)
-          continue;
-        const matchStart = p.captureIndex === 0 ? m.index : m.index + m[0].indexOf(cap);
-        if (matchStart < 0)
-          continue;
-        const globalStart = win.offset + matchStart;
-        const globalEnd = globalStart + cap.length;
-        const keyName = p.rule_id === "env_key_value" ? m[1] : undefined;
-        if (p.rule_id === "env_key_value") {
-          const ENV_KV_MIN_LEN = 12;
-          const ENV_KV_MIN_ENTROPY = 3.5;
-          if (cap.length < ENV_KV_MIN_LEN)
-            continue;
-          if (shannonEntropy(cap) < ENV_KV_MIN_ENTROPY)
-            continue;
-        }
-        raw.push({
-          rule_id: p.rule_id,
-          start: globalStart,
-          end: globalEnd,
-          matched_text: cap,
-          key_name: keyName,
-          confidence: "high"
-        });
-      }
-    }
-    const kvHits = scanKeyValue(win.text);
-    for (const h of kvHits) {
-      raw.push({ ...h, start: h.start + win.offset, end: h.end + win.offset });
-    }
-  }
-  const deduped = dedupeRaw(raw);
-  const final = dropOverlaps(deduped);
-  const existing = new Set;
-  const out = [];
-  for (const h of final) {
-    const suggested_slug = deriveSlug({ key_name: h.key_name, rule_id: h.rule_id }, existing);
-    existing.add(suggested_slug);
-    out.push({
-      rule_id: h.rule_id,
-      matched_text: h.matched_text,
-      start: h.start,
-      end: h.end,
-      confidence: h.confidence,
-      suppressed: isSuppressed(text, h.start, h.end),
-      suggested_slug,
-      key_name: h.key_name
-    });
-  }
-  out.sort((a, b) => a.start - b.start);
-  return out;
-}
-function dedupeRaw(raw) {
-  const seen = new Map;
-  for (const h of raw) {
-    const key = `${h.start}:${h.end}`;
-    const existing = seen.get(key);
-    if (!existing) {
-      seen.set(key, h);
-      continue;
-    }
-    if (existing.confidence === "ambiguous" && h.confidence === "high") {
-      seen.set(key, h);
-    }
-  }
-  return Array.from(seen.values());
-}
-function dropOverlaps(hits) {
-  const sorted = [...hits].sort((a, b) => a.end - a.start - (b.end - b.start));
-  const out = [];
-  for (const h of sorted) {
-    const contained = out.some((existing) => existing !== h && existing.start <= h.start && existing.end >= h.end && !(existing.start === h.start && existing.end === h.end));
-    if (!contained)
-      out.push(h);
-  }
-  out.sort((a, b) => a.start - b.start || a.end - b.end);
-  return out;
-}
+// secret-detect/pipeline.ts
+init_secret_detect();
 
 // secret-detect/rewrite.ts
 function rewritePrompt(text, targets) {
@@ -48680,7 +48808,11 @@ function recentDenialsFromAuditLog(rawAuditLog, opts) {
 }
 
 // secret-detect/index.ts
+init_patterns();
+init_kv_scanner();
+init_chunker();
 init_suppressor();
+init_url_redact();
 init_secretlint_source();
 function detectSecrets2(text) {
   if (!text || text.length === 0)
@@ -48776,6 +48908,32 @@ function dropOverlaps2(hits) {
   return out;
 }
 
+// secret-detect/redact.ts
+init_secret_detect();
+init_url_redact();
+var REDACTED_MARKER2 = "[REDACTED]";
+function redact2(text) {
+  if (!text || text.length === 0)
+    return text;
+  const urlScrubbed = redactUrls(text);
+  const hits = detectSecrets(urlScrubbed);
+  if (hits.length === 0)
+    return urlScrubbed;
+  const sorted = [...hits].sort((a, b) => b.start - a.start);
+  let out = urlScrubbed;
+  for (const h of sorted) {
+    out = out.slice(0, h.start) + redactedMarker2(h.rule_id) + out.slice(h.end);
+  }
+  return out;
+}
+function redactedMarker2(ruleId) {
+  const trimmed = ruleId.replace(/^(kv|env)_/, "");
+  if (!trimmed || trimmed === "key_value" || trimmed === "kv_entropy") {
+    return REDACTED_MARKER2;
+  }
+  return `[REDACTED:${trimmed}]`;
+}
+
 // admin-commands/index.ts
 var ADMIN_COMMAND_NAMES = new Set([
   "agents",
@@ -50320,6 +50478,9 @@ var SEVERITY_RANK2 = {
   critical: 3
 };
 
+// ../src/secret-detect/redact.ts
+init_redact();
+
 // ../src/issues/store.ts
 var ISSUES_FILE = "issues.jsonl";
 var ISSUES_LOCK = "issues.lock";
@@ -50735,6 +50896,18 @@ function describeGrant(toolName, inputPreview, option) {
       return naturalAction(toolName, inputPreview);
   }
 }
+function formatPermissionResumeMessage(opts) {
+  const who = opts.agentName && opts.agentName.length > 0 ? `<b>${escapeTgHtml(capFirst(opts.agentName))}</b>` : `<b>Agent</b>`;
+  const act = (opts.action ?? "").trim();
+  const hasAction = act.length > 0;
+  if (opts.behavior === "allow") {
+    return hasAction ? `\u25b6\ufe0f ${who} \u2014 got it, continuing: <i>${escapeTgHtml(act)}</i>` : `\u25b6\ufe0f ${who} \u2014 got it, back to work.`;
+  }
+  if (opts.timeoutMinutes != null) {
+    return hasAction ? `\uD83D\uDEAB ${who} \u2014 no answer in ${opts.timeoutMinutes}m, continuing without it (<i>${escapeTgHtml(act)}</i>).` : `\uD83D\uDEAB ${who} \u2014 no answer in ${opts.timeoutMinutes}m, continuing without it.`;
+  }
+  return hasAction ? `\uD83D\uDEAB ${who} \u2014 noted, I won't ${escapeTgHtml(lowerFirst(act))}. Continuing without it.` : `\uD83D\uDEAB ${who} \u2014 noted, continuing without it.`;
+}
 function resolveSkillName(input) {
   return readString(input, "skill") ?? readString(input, "skill_name") ?? readString(input, "skillName") ?? readString(input, "name") ?? skillBasenameFromPath(input);
 }
@@ -51469,10 +51642,10 @@ function sweepStaleTurnActiveMarker(stateDir, opts) {
 }
 
 // ../src/build-info.ts
-var VERSION = "0.14.26";
-var COMMIT_SHA = "7ef6e93c";
-var COMMIT_DATE = "2026-06-01T00:40:24Z";
-var LATEST_PR = 2040;
+var VERSION = "0.14.28";
+var COMMIT_SHA = "cb64351f";
+var COMMIT_DATE = "2026-06-01T04:23:25Z";
+var LATEST_PR = 2049;
 var COMMITS_AHEAD_OF_TAG = 0;
 
 // gateway/boot-version.ts
@@ -52906,6 +53079,31 @@ function resumeReactionAfterVerdict() {
     return;
   activeStatusReactions.get(statusKey(turn.sessionChatId, turn.sessionThreadId))?.setThinking();
 }
+function postPermissionResumeMessage(opts) {
+  if (process.env.SWITCHROOM_RESUME_MSG === "0")
+    return;
+  const text = formatPermissionResumeMessage({
+    agentName: process.env.SWITCHROOM_AGENT_NAME ?? null,
+    behavior: opts.behavior,
+    action: opts.action,
+    timeoutMinutes: opts.timeoutMinutes
+  });
+  const turn = currentTurn;
+  const targets = turn != null ? [{ chatId: turn.sessionChatId, threadId: turn.sessionThreadId }] : loadAccess().allowFrom.map((chatId) => ({
+    chatId,
+    threadId: resolveAgentOutboundTopic({
+      kind: "permission",
+      turnInitiated: false,
+      originThreadId: undefined
+    })
+  }));
+  for (const { chatId, threadId } of targets) {
+    swallowingApiCall(() => bot.api.sendMessage(chatId, text, {
+      parse_mode: "HTML",
+      ...threadId != null ? { message_thread_id: threadId } : {}
+    }), { chat_id: chatId, verb: "permission-resume", ...threadId != null ? { threadId } : {} });
+  }
+}
 function resolveThreadId(chat_id, explicit) {
   if (explicit != null)
     return Number(explicit);
@@ -53320,6 +53518,11 @@ var pendingStateReaper = setInterval(() => {
     if (now - v.startedAt > PERMISSION_TTL_MS) {
       dispatchPermissionVerdict({ type: "permission", requestId: k, behavior: "deny" });
       resumeReactionAfterVerdict();
+      postPermissionResumeMessage({
+        behavior: "deny",
+        action: naturalAction(v.tool_name, v.input_preview),
+        timeoutMinutes: Math.round(PERMISSION_TTL_MS / 60000)
+      });
       process.stderr.write(`telegram gateway: permission TTL expired \u2014 auto-deny request=${k} tool=${v.tool_name} (no operator response in ${Math.round(PERMISSION_TTL_MS / 60000)}m)
 `);
       pendingPermissions.delete(k);
@@ -54346,7 +54549,8 @@ var ALLOWED_TOOLS = new Set([
   "send_sticker",
   "send_gif",
   "vault_request_save",
-  "vault_request_access"
+  "vault_request_access",
+  "request_secret"
 ]);
 async function executeToolCall(tool, args) {
   if (!ALLOWED_TOOLS.has(tool)) {
@@ -54389,6 +54593,8 @@ async function executeToolCall(tool, args) {
       return executeVaultRequestSave(args);
     case "vault_request_access":
       return executeVaultRequestAccess(args);
+    case "request_secret":
+      return executeRequestSecret(args);
     default:
       throw new Error(`unknown tool: ${tool}`);
   }
@@ -54434,6 +54640,14 @@ async function executeUpdateChecklist(args) {
 `);
   return { content: [{ type: "text", text: `checklist updated (id: ${message_id})` }] };
 }
+function redactOutboundText(text, site) {
+  const masked = redact2(text);
+  if (masked !== text) {
+    process.stderr.write(`telegram gateway: outbound secret masked site=${site}
+`);
+  }
+  return masked;
+}
 async function executeReply(args) {
   const turn = currentTurn;
   const chat_id = args.chat_id;
@@ -54443,6 +54657,7 @@ async function executeReply(args) {
   if (rawText == null || rawText === "")
     throw new Error("reply: text is required and cannot be empty");
   let text = repairEscapedWhitespace(rawText);
+  text = redactOutboundText(text, "reply");
   {
     const scrub = scrubVoice(text);
     if (scrub.replaced > 0) {
@@ -54865,6 +55080,7 @@ async function executeStreamReply(args) {
     throw new Error("stream_reply: chat_id is required");
   if (args.text == null || args.text === "")
     throw new Error("stream_reply: text is required and cannot be empty");
+  args.text = redactOutboundText(args.text, "stream_reply");
   {
     const scrub = scrubVoice(args.text);
     if (scrub.replaced > 0) {
@@ -55383,6 +55599,213 @@ async function executeVaultRequestSave(args) {
     ]
   };
 }
+var pendingSecretRequests = new Map;
+var armedSecretCaptures = new Map;
+var PENDING_SECRET_REQUEST_TTL_MS = 1800000;
+var ARMED_SECRET_CAPTURE_TTL_MS = 600000;
+function sweepSecretRequests() {
+  const now = Date.now();
+  for (const [k, v] of pendingSecretRequests) {
+    if (now - v.staged_at > PENDING_SECRET_REQUEST_TTL_MS)
+      pendingSecretRequests.delete(k);
+  }
+  for (const [k, v] of armedSecretCaptures) {
+    if (now - v.armed_at > ARMED_SECRET_CAPTURE_TTL_MS)
+      armedSecretCaptures.delete(k);
+  }
+}
+function buildSecretRequestKeyboard(stageId) {
+  return {
+    inline_keyboard: [
+      [
+        { text: "\uD83D\uDD10 Provide securely", callback_data: `vsp:provide:${stageId}` },
+        { text: "\uD83D\uDEAB Decline", callback_data: `vsp:decline:${stageId}` }
+      ]
+    ]
+  };
+}
+function renderSecretRequestCard(req) {
+  const lines = [
+    `\uD83D\uDD12 <b>${escapeHtmlForTg(req.agent)}</b> needs a secret:`,
+    `<code>${escapeHtmlForTg(req.key)}</code>`
+  ];
+  if (req.reason)
+    lines.push(`<i>${escapeHtmlForTg(req.reason)}</i>`);
+  lines.push("", "Tap <b>Provide securely</b>, then send the value as your next message. I\u2019ll delete it instantly and store it in the vault \u2014 it is never shown in chat or to the agent.");
+  return lines.join(`
+`);
+}
+async function executeRequestSecret(args) {
+  const chat_id = args.chat_id;
+  if (!chat_id)
+    throw new Error("request_secret: chat_id is required");
+  const key = args.key;
+  if (!key || typeof key !== "string")
+    throw new Error("request_secret: key is required");
+  const reason = typeof args.reason === "string" ? args.reason : undefined;
+  assertAllowedChat(chat_id);
+  if (!VAULT_KEY_REGEX.test(key)) {
+    throw new Error(`request_secret: key must match ${VAULT_KEY_REGEX_LABEL}`);
+  }
+  const agentSlug = process.env.SWITCHROOM_AGENT_NAME || "agent";
+  for (const [sid, p] of pendingSecretRequests) {
+    if (p.chat_id === chat_id && p.key === key)
+      pendingSecretRequests.delete(sid);
+  }
+  const stageId = randomBytes6(4).toString("hex");
+  const pending2 = { agent: agentSlug, chat_id, key, reason, staged_at: Date.now() };
+  pendingSecretRequests.set(stageId, pending2);
+  sweepSecretRequests();
+  const text = renderSecretRequestCard(pending2);
+  const threadId = args.message_thread_id != null ? Number(args.message_thread_id) : undefined;
+  const sent = await retryWithThreadFallback(robustApiCall, (tid) => lockedBot.api.sendMessage(chat_id, text, {
+    parse_mode: "HTML",
+    reply_markup: buildSecretRequestKeyboard(stageId),
+    ...tid != null && Number.isFinite(tid) ? { message_thread_id: tid } : {}
+  }), { threadId, chat_id, verb: "request_secret.card" });
+  pending2.card_message_id = sent.message_id;
+  return {
+    content: [
+      {
+        type: "text",
+        text: `request_secret: card sent (stage_id=${stageId}, key=${key}). END YOUR TURN now and wait \u2014 a fresh inbound message arrives once the operator provides (or declines) the secret. Do NOT ask them to paste it as a normal message; the card handles it securely.`
+      }
+    ]
+  };
+}
+async function writeRequestedSecret(key, value, chat_id) {
+  if (VAULT_APPROVAL_AUTH_MODE === "telegram-id") {
+    return await defaultVaultWritePosture(key, value);
+  }
+  const cached = vaultPassphraseCache.get(chat_id);
+  if (!cached || cached.expiresAt <= Date.now()) {
+    return { ok: false, output: "VAULT-LOCKED: run /vault unlock once in this chat, then have the agent re-request." };
+  }
+  return defaultVaultWrite(key, value, cached.passphrase);
+}
+async function captureProvidedSecret(ctx, chat_id, msgId, value) {
+  const armed = armedSecretCaptures.get(chat_id);
+  if (!armed || Date.now() - armed.armed_at > ARMED_SECRET_CAPTURE_TTL_MS) {
+    if (armed)
+      armedSecretCaptures.delete(chat_id);
+    return false;
+  }
+  armedSecretCaptures.delete(chat_id);
+  const pending2 = pendingSecretRequests.get(armed.stageId);
+  pendingSecretRequests.delete(armed.stageId);
+  if (msgId != null)
+    await deleteSensitiveMessage(chat_id, msgId, "provided secret value");
+  const write = await writeRequestedSecret(armed.key, value, chat_id);
+  if (!write.ok) {
+    const parsed = parseVaultCliError(write.output);
+    const rendered = renderVaultCliError(parsed, { verb: "save", key: armed.key });
+    const body = rendered.suppressRaw ? rendered.html : `\u26A0\uFE0F vault write failed:
+<pre>${escapeHtmlForTg(write.output)}</pre>`;
+    await switchroomReply(ctx, `${body}
+
+<i>The secret was NOT saved. The agent can re-request with <code>request_secret</code>.</i>`, { html: true });
+    const fts = Date.now();
+    const failMsg = {
+      type: "inbound",
+      chatId: chat_id,
+      messageId: fts,
+      user: "vault-broker",
+      userId: 0,
+      ts: fts,
+      text: `\u26A0\uFE0F The secret you requested for \`vault:${armed.key}\` could NOT be saved (vault write failed). Do not assume it is available; tell the operator or try request_secret again.`,
+      meta: { source: "secret_provide_failed", agent: armed.agent, key: armed.key, stage_id: armed.stageId }
+    };
+    const fdelivered = ipcServer.sendToAgent(armed.agent, failMsg);
+    if (fdelivered)
+      markClaudeBusyForInbound(failMsg);
+    else
+      pendingInboundBuffer.push(armed.agent, failMsg);
+    return true;
+  }
+  await switchroomReply(ctx, `\u2705 saved as <code>vault:${escapeHtmlForTg(armed.key)}</code> (masked: <code>${escapeHtmlForTg(maskToken2(value))}</code>). The agent can now reference it.`, { html: true });
+  const ts = Date.now();
+  const synthetic = {
+    type: "inbound",
+    chatId: chat_id,
+    messageId: ts,
+    user: "vault-broker",
+    userId: 0,
+    ts,
+    text: `\u2705 Operator provided the secret you requested. It is saved as ` + `\`vault:${armed.key}\` \u2014 reference it the usual way. Resume the task ` + `that was waiting on this credential. Do NOT ask the operator to paste it.`,
+    meta: {
+      source: "secret_provided",
+      agent: armed.agent,
+      key: armed.key,
+      stage_id: armed.stageId
+    }
+  };
+  const delivered = ipcServer.sendToAgent(armed.agent, synthetic);
+  if (delivered)
+    markClaudeBusyForInbound(synthetic);
+  else
+    pendingInboundBuffer.push(armed.agent, synthetic);
+  process.stderr.write(`telegram gateway: secret_provided injection agent=${armed.agent} key=${armed.key} stage=${armed.stageId} delivered=${delivered}
+`);
+  return true;
+}
+async function handleSecretRequestCallback(ctx, data) {
+  const senderId = String(ctx.from?.id ?? "");
+  const access = loadAccess();
+  if (!access.allowFrom.includes(senderId)) {
+    await ctx.answerCallbackQuery({ text: "Not authorized." }).catch(() => {});
+    return;
+  }
+  const parts = data.split(":");
+  const action = parts[1];
+  const stageId = parts[2] ?? "";
+  const pending2 = pendingSecretRequests.get(stageId);
+  if (!pending2) {
+    await ctx.answerCallbackQuery({ text: "This request expired." }).catch(() => {});
+    return;
+  }
+  if (action === "provide") {
+    armedSecretCaptures.set(pending2.chat_id, {
+      key: pending2.key,
+      agent: pending2.agent,
+      stageId,
+      armed_at: Date.now()
+    });
+    await ctx.answerCallbackQuery({ text: "Send the value now \u2014 it auto-deletes." }).catch(() => {});
+    if (pending2.card_message_id != null) {
+      await ctx.api.editMessageText(pending2.chat_id, pending2.card_message_id, `\uD83D\uDD10 Send the value for <code>${escapeHtmlForTg(pending2.key)}</code> as your next message \u2014 a single message, exactly as-is (don't add other text). I\u2019ll delete it instantly and store it in the vault.`, { parse_mode: "HTML", reply_markup: { inline_keyboard: [] } }).catch(() => {});
+    }
+    return;
+  }
+  if (action === "decline") {
+    pendingSecretRequests.delete(stageId);
+    armedSecretCaptures.delete(pending2.chat_id);
+    await ctx.answerCallbackQuery({ text: "Declined." }).catch(() => {});
+    if (pending2.card_message_id != null) {
+      await ctx.api.editMessageText(pending2.chat_id, pending2.card_message_id, `\uD83D\uDEAB Declined \u2014 <code>${escapeHtmlForTg(pending2.key)}</code> not provided.`, {
+        parse_mode: "HTML",
+        reply_markup: { inline_keyboard: [] }
+      }).catch(() => {});
+    }
+    const ts = Date.now();
+    const synthetic = {
+      type: "inbound",
+      chatId: pending2.chat_id,
+      messageId: ts,
+      user: "vault-broker",
+      userId: 0,
+      ts,
+      text: `\uD83D\uDEAB Operator declined your request for \`vault:${pending2.key}\`. Proceed without it or ask how they'd like to handle the task.`,
+      meta: { source: "secret_declined", agent: pending2.agent, key: pending2.key, stage_id: stageId }
+    };
+    const delivered = ipcServer.sendToAgent(pending2.agent, synthetic);
+    if (delivered)
+      markClaudeBusyForInbound(synthetic);
+    else
+      pendingInboundBuffer.push(pending2.agent, synthetic);
+    return;
+  }
+  await ctx.answerCallbackQuery().catch(() => {});
+}
 function buildVaultRequestAccessKeyboard(stageId) {
   return {
     inline_keyboard: [
@@ -55544,6 +55967,7 @@ async function executeEditMessage(args) {
   const editConfigMode = editAccess.parseMode ?? "html";
   const editFormat = args.format ?? editConfigMode;
   let editRawText = repairEscapedWhitespace(args.text);
+  editRawText = redactOutboundText(editRawText, "edit_message");
   {
     const scrub = scrubVoice(editRawText);
     if (scrub.replaced > 0) {
@@ -56206,6 +56630,7 @@ function handleSessionEvent(ev) {
         const backstopChatId = chatId;
         const backstopThreadId = threadId;
         const backstopCtrl = ctrl;
+        capturedText = redactOutboundText(capturedText, "turn_flush");
         {
           const scrub = scrubVoice(capturedText);
           if (scrub.replaced > 0) {
@@ -56741,6 +57166,11 @@ async function handleInbound(ctx, text, downloadImage, attachment, extraAttachme
       behavior
     });
     resumeReactionAfterVerdict();
+    const ftDetails = pendingPermissions.get(request_id);
+    postPermissionResumeMessage({
+      behavior,
+      action: ftDetails ? naturalAction(ftDetails.tool_name, ftDetails.input_preview) : ""
+    });
     if (msgId != null) {
       const emoji = behavior === "allow" ? "\u2705" : "\u274C";
       bot.api.setMessageReaction(chat_id, msgId, [
@@ -56951,6 +57381,11 @@ ${preBlock(write.output)}`;
   const parsedQueue = isSteerPrefix ? { queued: false, body: parsedSteer.body } : parseQueuePrefix(text);
   const isQueuedPrefix = parsedQueue.queued;
   let effectiveText = isSteerPrefix ? parsedSteer.body : isQueuedPrefix ? parsedQueue.body : text;
+  if (armedSecretCaptures.has(chat_id)) {
+    const consumed = await captureProvidedSecret(ctx, chat_id, msgId ?? undefined, text);
+    if (consumed)
+      return;
+  }
   try {
     const authCodeSentAt = awaitingAuthCodeAt.get(chat_id);
     const isAuthFlowContext = authCodeSentAt !== undefined && Date.now() - authCodeSentAt < AUTH_CODE_CONTEXT_TTL_MS;
@@ -58484,6 +58919,10 @@ async function handlePermissionSlash(ctx, behavior) {
   }
   dispatchPermissionVerdict({ type: "permission", requestId: request_id, behavior });
   resumeReactionAfterVerdict();
+  postPermissionResumeMessage({
+    behavior,
+    action: naturalAction(details.tool_name, details.input_preview)
+  });
   pendingPermissions.delete(request_id);
   process.stderr.write(`[telegram gateway] slash-${behavior} request_id=${request_id} tool=${details.tool_name} by=${senderId}
 `);
@@ -60601,6 +61040,10 @@ ${preBlock(formatSwitchroomOutput(err.message ?? "unknown error"))}`, { html: tr
     await handleVaultRequestAccessCallback(ctx, data);
     return;
   }
+  if (data.startsWith("vsp:")) {
+    await handleSecretRequestCallback(ctx, data);
+    return;
+  }
   if (data.startsWith("vrd:")) {
     await handleVaultRecentDenialCallback(ctx, data);
     return;
@@ -60781,6 +61224,10 @@ ${preBlock(formatSwitchroomOutput(err.message ?? "unknown error"))}`, { html: tr
       rule: chosen.rule
     });
     resumeReactionAfterVerdict();
+    postPermissionResumeMessage({
+      behavior: "allow",
+      action: naturalAction(details.tool_name, details.input_preview)
+    });
     let durable = false;
     let legacy = false;
     let failReason = "";
@@ -60881,10 +61328,12 @@ ${editLabel}` : editLabel,
     });
     return;
   }
+  const resumeAction = (() => {
+    const d = pendingPermissions.get(request_id);
+    return d ? naturalAction(d.tool_name, d.input_preview) : "";
+  })();
   pendingPermissions.delete(request_id);
-  const resumeAgent = process.env.SWITCHROOM_AGENT_NAME;
-  const resumeBeat = resumeAgent ? `\u25B6\uFE0F ${escapeHtmlForTg(resumeAgent)} resuming\u2026` : "\u25B6\uFE0F resuming\u2026";
-  const label = `${behavior === "allow" ? "\u2705 Allowed" : "\u274C Denied"} \xB7 ${resumeBeat}`;
+  const label = behavior === "allow" ? "\u2705 Allowed" : "\u274C Denied";
   const msg = ctx.callbackQuery?.message;
   const baseText = msg && "text" in msg && msg.text ? escapeHtmlForTg(msg.text) : "";
   await finalizeCallback(ctx, {
@@ -60900,6 +61349,10 @@ ${label}` : label,
         behavior
       });
       resumeReactionAfterVerdict();
+      postPermissionResumeMessage({
+        behavior,
+        action: resumeAction
+      });
     }
   });
 });