switchroom 0.14.32 → 0.14.34

package/dist/agent-scheduler/index.js

@@ -11219,6 +11219,7 @@ var profileFields = {
     }).optional()
   }).optional(),
   schedule: exports_external.array(ScheduleEntrySchema).optional(),
+  secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional().describe("Operator-granted STANDING vault keys this agent may read via the " + "broker — independent of any cron or MCP server. Use when an agent " + "needs a credential both interactively and in its own (agent-managed) " + "schedules, so the grant lives with the agent rather than welded to a " + "specific cron's `secrets[]`. OPERATOR-SET ONLY: agents cannot edit " + "switchroom.yaml or self-grant (reference/vision.md outcome 2 — 'you " + "hold the leash; only your tap grants it'). Exact key names. Cascades " + "UNION across defaults -> profile -> agent (see docs/configuration.md)."),
   reactions: ReactionsSchema,
   model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only").optional(),
   thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
@@ -11287,6 +11288,7 @@ var AgentSchema = exports_external.object({
   tools: AgentToolsSchema,
   memory: AgentMemorySchema,
   schedule: exports_external.array(ScheduleEntrySchema).default([]),
+  secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional(),
   reactions: ReactionsSchema,
   model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only (no spaces or shell specials)").optional().describe("Claude model override (e.g., 'claude-sonnet-4-6')"),
   thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "Per-agent override wins over defaults.thinking_effort. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
@@ -11756,6 +11758,12 @@ function mergeAgentConfig(defaultsIn, agentIn) {
       deny: dedupe([...dDeny, ...aDeny])
     };
   }
+  if (defaults.secrets || merged.secrets) {
+    merged.secrets = dedupe([
+      ...defaults.secrets ?? [],
+      ...merged.secrets ?? []
+    ]);
+  }
   if (defaults.soul || merged.soul) {
     const base = defaults.soul ?? {};
     const override = merged.soul ?? {};

package/dist/auth-broker/index.js

@@ -11219,6 +11219,7 @@ var profileFields = {
     }).optional()
   }).optional(),
   schedule: exports_external.array(ScheduleEntrySchema).optional(),
+  secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional().describe("Operator-granted STANDING vault keys this agent may read via the " + "broker — independent of any cron or MCP server. Use when an agent " + "needs a credential both interactively and in its own (agent-managed) " + "schedules, so the grant lives with the agent rather than welded to a " + "specific cron's `secrets[]`. OPERATOR-SET ONLY: agents cannot edit " + "switchroom.yaml or self-grant (reference/vision.md outcome 2 — 'you " + "hold the leash; only your tap grants it'). Exact key names. Cascades " + "UNION across defaults -> profile -> agent (see docs/configuration.md)."),
   reactions: ReactionsSchema,
   model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only").optional(),
   thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
@@ -11287,6 +11288,7 @@ var AgentSchema = exports_external.object({
   tools: AgentToolsSchema,
   memory: AgentMemorySchema,
   schedule: exports_external.array(ScheduleEntrySchema).default([]),
+  secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional(),
   reactions: ReactionsSchema,
   model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only (no spaces or shell specials)").optional().describe("Claude model override (e.g., 'claude-sonnet-4-6')"),
   thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "Per-agent override wins over defaults.thinking_effort. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
@@ -11756,6 +11758,12 @@ function mergeAgentConfig(defaultsIn, agentIn) {
       deny: dedupe([...dDeny, ...aDeny])
     };
   }
+  if (defaults.secrets || merged.secrets) {
+    merged.secrets = dedupe([
+      ...defaults.secrets ?? [],
+      ...merged.secrets ?? []
+    ]);
+  }
   if (defaults.soul || merged.soul) {
     const base = defaults.soul ?? {};
     const override = merged.soul ?? {};

package/dist/cli/autoaccept-poll.js

@@ -110,6 +110,138 @@ async function runAutoaccept(opts) {
   return { fired, reason: "manual-stop" };
 }
 
+// src/agents/autoaccept.ts
+import { execFileSync as execFileSync2 } from "node:child_process";
+var PROMPTS2 = [
+  {
+    name: "dev-channels-loading",
+    match: /Loading.{1,30}development.{1,30}channels/,
+    keys: ["Enter"]
+  },
+  {
+    name: "dev-channels-local",
+    match: /using this for local development/,
+    keys: ["Enter"]
+  },
+  {
+    name: "dev-channels",
+    match: /I.{0,5}accept.{0,80}development.{0,10}channels/,
+    keys: ["Down", "Enter"]
+  },
+  {
+    name: "mcp-trust",
+    match: /Use this and all future MCP servers/,
+    keys: ["Enter"]
+  },
+  {
+    name: "theme",
+    match: /Choose.{1,30}text.{1,30}style/,
+    keys: ["Enter"]
+  },
+  {
+    name: "provider",
+    match: /Anthropic.{1,80}Bedrock/,
+    keys: ["Enter"]
+  },
+  {
+    name: "enter-to-confirm",
+    match: /Enter.{1,30}confirm/,
+    keys: ["Enter"]
+  }
+];
+function capturePane2(agentName) {
+  const socket = `switchroom-${agentName}`;
+  try {
+    const out = execFileSync2("tmux", ["-L", socket, "capture-pane", "-p", "-t", agentName], {
+      timeout: 3000,
+      stdio: ["ignore", "pipe", "pipe"],
+      maxBuffer: 4 * 1024 * 1024
+    });
+    return out.toString("utf8");
+  } catch (err) {
+    console.error(`[autoaccept] ${agentName}: capture-pane failed: ${err.message}`);
+    return "";
+  }
+}
+function sendKeys2(agentName, keys) {
+  const socket = `switchroom-${agentName}`;
+  try {
+    execFileSync2("tmux", ["-L", socket, "send-keys", "-t", agentName, ...keys], { timeout: 3000, stdio: ["ignore", "pipe", "pipe"] });
+    return true;
+  } catch (err) {
+    console.error(`[autoaccept] ${agentName}: send-keys ${keys.join(" ")} failed: ${err.message}`);
+    return false;
+  }
+}
+
+// src/agents/wedge-watchdog.ts
+var WEDGE_FOOTER_SIGNATURE = /(?=[\s\S]*[Ee]sc(?:ape)?[^\n]*cancel)(?=[\s\S]*(?:to select|to navigate|\u2191\/\u2193))/;
+var DEFAULT_POLL_MS2 = 5000;
+var DEFAULT_STABILITY_THRESHOLD = 3;
+var DEFAULT_COOLDOWN_MS = 60000;
+function defaultSleep2(ms) {
+  return new Promise((r) => setTimeout(r, ms));
+}
+function stabilityKey(text) {
+  return text.split(`
+`).map((l) => l.replace(/\s+$/, "")).join(`
+`);
+}
+async function runWedgeWatchdog(opts) {
+  const pollIntervalMs = opts.pollIntervalMs ?? DEFAULT_POLL_MS2;
+  const stabilityThreshold = opts.stabilityThreshold ?? DEFAULT_STABILITY_THRESHOLD;
+  const cooldownMs = opts.cooldownMs ?? DEFAULT_COOLDOWN_MS;
+  const deferToPrompts = opts.deferToPrompts ?? PROMPTS2;
+  const signature = opts.wedgeSignature ?? WEDGE_FOOTER_SIGNATURE;
+  const maxPolls = opts.maxPolls ?? Number.POSITIVE_INFINITY;
+  const now = opts.now ?? Date.now;
+  const sleep = opts.sleep ?? defaultSleep2;
+  const capture = opts.capture ?? capturePane2;
+  const send = opts.send ?? sendKeys2;
+  let stableCount = 0;
+  let lastKey = null;
+  let cooldownUntil = 0;
+  let fires = 0;
+  let polls = 0;
+  while (polls < maxPolls) {
+    polls++;
+    let text = "";
+    try {
+      text = capture(opts.agentName);
+    } catch (err) {
+      console.error(`[wedge-watchdog] ${opts.agentName}: capture threw: ${err.message}`);
+      text = "";
+    }
+    const isBlockingModal = !!text && signature.test(text) && !deferToPrompts.some((p) => p.match.test(text));
+    if (isBlockingModal) {
+      const key = stabilityKey(text);
+      if (key === lastKey) {
+        stableCount++;
+      } else {
+        stableCount = 1;
+        lastKey = key;
+      }
+      if (stableCount >= stabilityThreshold && now() >= cooldownUntil) {
+        console.error(`[wedge-watchdog] ${opts.agentName}: dismissing stuck blocking prompt ` + `(Esc) after ${stableCount} stable polls (~${stableCount * pollIntervalMs / 1000}s) \u2014 no human to answer it`);
+        try {
+          send(opts.agentName, ["Escape"]);
+        } catch (err) {
+          console.error(`[wedge-watchdog] ${opts.agentName}: send threw: ${err.message}`);
+        }
+        fires++;
+        cooldownUntil = now() + cooldownMs;
+        stableCount = 0;
+        lastKey = null;
+      }
+    } else {
+      stableCount = 0;
+      lastKey = null;
+    }
+    await sleep(pollIntervalMs);
+  }
+  return { fires, polls, reason: "max-polls" };
+}
+
 // src/cli/autoaccept-poll.ts
 async function main() {
   const agentName = process.argv[2];
@@ -119,9 +251,20 @@ async function main() {
   }
   try {
     const res = await runAutoaccept({ agentName });
-    console.error(`[autoaccept-poll] ${agentName}: done reason=${res.reason} fired=${res.fired.length ? res.fired.join(",") : "(none)"}`);
+    console.error(`[autoaccept-poll] ${agentName}: boot done reason=${res.reason} fired=${res.fired.length ? res.fired.join(",") : "(none)"}`);
+  } catch (err) {
+    console.error(`[autoaccept-poll] ${agentName}: boot unexpected throw: ${err.message}`);
+  }
+  if (process.env.SWITCHROOM_WEDGE_WATCHDOG === "0") {
+    console.error(`[autoaccept-poll] ${agentName}: wedge-watchdog disabled (SWITCHROOM_WEDGE_WATCHDOG=0) \u2014 exiting after boot phase`);
+    process.exit(0);
+  }
+  try {
+    console.error(`[autoaccept-poll] ${agentName}: entering wedge-watchdog (continuous)`);
+    const res = await runWedgeWatchdog({ agentName });
+    console.error(`[autoaccept-poll] ${agentName}: wedge-watchdog returned reason=${res.reason} fires=${res.fires}`);
   } catch (err) {
-    console.error(`[autoaccept-poll] ${agentName}: unexpected throw: ${err.message}`);
+    console.error(`[autoaccept-poll] ${agentName}: wedge-watchdog unexpected throw: ${err.message}`);
   }
   process.exit(0);
 }

package/dist/cli/notion-write-pretool.mjs

@@ -11966,6 +11966,7 @@ var profileFields = {
     }).optional()
   }).optional(),
   schedule: exports_external.array(ScheduleEntrySchema).optional(),
+  secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional().describe("Operator-granted STANDING vault keys this agent may read via the " + "broker \u2014 independent of any cron or MCP server. Use when an agent " + "needs a credential both interactively and in its own (agent-managed) " + "schedules, so the grant lives with the agent rather than welded to a " + "specific cron's `secrets[]`. OPERATOR-SET ONLY: agents cannot edit " + "switchroom.yaml or self-grant (reference/vision.md outcome 2 \u2014 'you " + "hold the leash; only your tap grants it'). Exact key names. Cascades " + "UNION across defaults -> profile -> agent (see docs/configuration.md)."),
   reactions: ReactionsSchema,
   model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only").optional(),
   thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
@@ -12034,6 +12035,7 @@ var AgentSchema = exports_external.object({
   tools: AgentToolsSchema,
   memory: AgentMemorySchema,
   schedule: exports_external.array(ScheduleEntrySchema).default([]),
+  secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional(),
   reactions: ReactionsSchema,
   model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only (no spaces or shell specials)").optional().describe("Claude model override (e.g., 'claude-sonnet-4-6')"),
   thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "Per-agent override wins over defaults.thinking_effort. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
@@ -12505,6 +12507,12 @@ function mergeAgentConfig(defaultsIn, agentIn) {
       deny: dedupe([...dDeny, ...aDeny])
     };
   }
+  if (defaults.secrets || merged.secrets) {
+    merged.secrets = dedupe([
+      ...defaults.secrets ?? [],
+      ...merged.secrets ?? []
+    ]);
+  }
   if (defaults.soul || merged.soul) {
     const base = defaults.soul ?? {};
     const override = merged.soul ?? {};

package/dist/cli/switchroom.js

@@ -13783,6 +13783,7 @@ var init_schema = __esm(() => {
       }).optional()
     }).optional(),
     schedule: exports_external.array(ScheduleEntrySchema).optional(),
+    secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional().describe("Operator-granted STANDING vault keys this agent may read via the " + "broker \u2014 independent of any cron or MCP server. Use when an agent " + "needs a credential both interactively and in its own (agent-managed) " + "schedules, so the grant lives with the agent rather than welded to a " + "specific cron's `secrets[]`. OPERATOR-SET ONLY: agents cannot edit " + "switchroom.yaml or self-grant (reference/vision.md outcome 2 \u2014 'you " + "hold the leash; only your tap grants it'). Exact key names. Cascades " + "UNION across defaults -> profile -> agent (see docs/configuration.md)."),
     reactions: ReactionsSchema,
     model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only").optional(),
     thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
@@ -13851,6 +13852,7 @@ var init_schema = __esm(() => {
     tools: AgentToolsSchema,
     memory: AgentMemorySchema,
     schedule: exports_external.array(ScheduleEntrySchema).default([]),
+    secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional(),
     reactions: ReactionsSchema,
     model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only (no spaces or shell specials)").optional().describe("Claude model override (e.g., 'claude-sonnet-4-6')"),
     thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "Per-agent override wins over defaults.thinking_effort. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
@@ -14372,6 +14374,12 @@ function mergeAgentConfig(defaultsIn, agentIn) {
       deny: dedupe([...dDeny, ...aDeny])
     };
   }
+  if (defaults.secrets || merged.secrets) {
+    merged.secrets = dedupe([
+      ...defaults.secrets ?? [],
+      ...merged.secrets ?? []
+    ]);
+  }
   if (defaults.soul || merged.soul) {
     const base = defaults.soul ?? {};
     const override = merged.soul ?? {};
@@ -27941,11 +27949,21 @@ function checkAclByAgent(config, agentName, key) {
       return { allow: true };
     }
   }
+  const cfgSecrets = config;
+  const profileSecrets = profileName != null && profileName.length > 0 ? cfgSecrets.profiles?.[profileName]?.secrets : undefined;
+  const standingSecrets = [
+    ...Array.isArray(cfgSecrets.defaults?.secrets) ? cfgSecrets.defaults.secrets : [],
+    ...Array.isArray(profileSecrets) ? profileSecrets : [],
+    ...Array.isArray(agentConfig.secrets) ? agentConfig.secrets : []
+  ];
+  if (standingSecrets.includes(key)) {
+    return { allow: true };
+  }
   const schedule = agentConfig.schedule ?? [];
   if (schedule.length === 0) {
     return {
       allow: false,
-      reason: `agent '${agentName}' has no schedule entries declaring 'secrets' and no mcp_servers.*.secrets[] declaring '${key}'; nothing is broker-accessible`
+      reason: `agent '${agentName}' has no schedule entries declaring 'secrets', no mcp_servers.*.secrets[], and no agents.${agentName}.secrets[] standing grant declaring '${key}'; nothing is broker-accessible`
     };
   }
   for (const entry of schedule) {
@@ -49420,8 +49438,8 @@ var {
 } = import__.default;
 
 // src/build-info.ts
-var VERSION = "0.14.32";
-var COMMIT_SHA = "d9254a62";
+var VERSION = "0.14.34";
+var COMMIT_SHA = "05829ce8";
 
 // src/cli/agent.ts
 init_source();
@@ -50523,6 +50541,7 @@ var DEFAULT_READ_ONLY_PREAPPROVED_TOOLS = [
   "Skill"
 ];
 var WEBKITE_FLEET_DENY_TOOLS = ["WebFetch", "WebSearch"];
+var INTERACTIVE_TUI_FLEET_DENY_TOOLS = ["AskUserQuestion"];
 var WEBKITE_BINARY_CONTAINER_PATH = "/usr/local/bin/webkite";
 function webkiteBinaryAvailable() {
   const override = process.env.SWITCHROOM_WEBKITE_BINARY;
@@ -51107,7 +51126,8 @@ function buildWorkspaceContext(args) {
     tools,
     toolsDeny: dedupe2([
       ...tools.deny ?? [],
-      ...webkiteDenyForAgent(agentConfig)
+      ...webkiteDenyForAgent(agentConfig),
+      ...INTERACTIVE_TUI_FLEET_DENY_TOOLS
     ]),
     permissionAllow,
     defaultModeAcceptEdits: hasAllWildcard,
@@ -51392,6 +51412,12 @@ function scaffoldAgent(name, agentConfigRaw, agentsDir, telegramConfig, switchro
           allow.push(t);
       }
       settings.permissions.allow = allow;
+      const deny = Array.isArray(settings.permissions.deny) ? settings.permissions.deny : [];
+      for (const t of INTERACTIVE_TUI_FLEET_DENY_TOOLS) {
+        if (!deny.includes(t))
+          deny.push(t);
+      }
+      settings.permissions.deny = deny;
       if (settings.mcpServers && "switchroom" in settings.mcpServers) {
         delete settings.mcpServers["switchroom"];
       }
@@ -52126,7 +52152,8 @@ function reconcileAgent(name, agentConfigRaw, agentsDir, telegramConfig, switchr
   ]);
   const desiredDeny = dedupe2([
     ...tools.deny ?? [],
-    ...webkiteDenyForAgent(agentConfig)
+    ...webkiteDenyForAgent(agentConfig),
+    ...INTERACTIVE_TUI_FLEET_DENY_TOOLS
   ]);
   let topicId = agentConfig.topic_id;
   if (topicId === undefined) {

package/dist/host-control/main.js

@@ -13954,6 +13954,7 @@ var profileFields = {
     }).optional()
   }).optional(),
   schedule: exports_external.array(ScheduleEntrySchema).optional(),
+  secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional().describe("Operator-granted STANDING vault keys this agent may read via the " + "broker — independent of any cron or MCP server. Use when an agent " + "needs a credential both interactively and in its own (agent-managed) " + "schedules, so the grant lives with the agent rather than welded to a " + "specific cron's `secrets[]`. OPERATOR-SET ONLY: agents cannot edit " + "switchroom.yaml or self-grant (reference/vision.md outcome 2 — 'you " + "hold the leash; only your tap grants it'). Exact key names. Cascades " + "UNION across defaults -> profile -> agent (see docs/configuration.md)."),
   reactions: ReactionsSchema,
   model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only").optional(),
   thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
@@ -14022,6 +14023,7 @@ var AgentSchema = exports_external.object({
   tools: AgentToolsSchema,
   memory: AgentMemorySchema,
   schedule: exports_external.array(ScheduleEntrySchema).default([]),
+  secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional(),
   reactions: ReactionsSchema,
   model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only (no spaces or shell specials)").optional().describe("Claude model override (e.g., 'claude-sonnet-4-6')"),
   thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "Per-agent override wins over defaults.thinking_effort. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
@@ -14501,6 +14503,12 @@ function mergeAgentConfig(defaultsIn, agentIn) {
       deny: dedupe([...dDeny, ...aDeny])
     };
   }
+  if (defaults.secrets || merged.secrets) {
+    merged.secrets = dedupe([
+      ...defaults.secrets ?? [],
+      ...merged.secrets ?? []
+    ]);
+  }
   if (defaults.soul || merged.soul) {
     const base = defaults.soul ?? {};
     const override = merged.soul ?? {};
@@ -14918,7 +14926,11 @@ import {
   writeFileSync as writeFileSync3,
   renameSync,
   mkdirSync as mkdirSync2,
-  unlinkSync
+  openSync as openSync2,
+  ftruncateSync,
+  writeSync,
+  fsyncSync,
+  closeSync as closeSync2
 } from "node:fs";
 import { join as join3, dirname as dirname4, resolve as resolve5 } from "node:path";
 import { randomUUID as randomUUID2, randomBytes } from "node:crypto";
@@ -20740,10 +20752,23 @@ function formatConfigApprovalDenyError(approval, approvalId) {
   const suffix = approval.reason ? `: ${approval.reason}` : "";
   return `E_DENIED: operator denied config_propose_edit${suffix} (approval_id=${approvalId})`;
 }
-function unlinkSyncBestEffort(path2) {
+function writeFileInPlacePreservingInode(targetPath, content) {
+  const buf = Buffer.from(content, "utf-8");
+  const fd = openSync2(targetPath, "r+");
   try {
-    unlinkSync(path2);
-  } catch {}
+    ftruncateSync(fd, 0);
+    let off = 0;
+    while (off < buf.length) {
+      off += writeSync(fd, buf, off, buf.length - off, off);
+    }
+    fsyncSync(fd);
+  } finally {
+    closeSync2(fd);
+  }
+  const readBack = readFileSync5(targetPath);
+  if (readBack.length !== buf.length) {
+    throw new Error(`in-place write short: wrote ${buf.length} bytes but read back ${readBack.length}`);
+  }
 }
 var STATUS_RETENTION_MS = 10 * 60 * 1000;
 var STATUS_MAX_ENTRIES = 256;
@@ -21341,15 +21366,15 @@ class HostdServer {
         return this.reconcileFailedRolledBack(`snapshot read failed: ${e.message}`, req, caller, started);
       }
       const postApply = verdict.postApplyContent;
-      const tmp = configPath + ".tmp";
       try {
-        writeFileSync3(tmp, postApply);
-        renameSync(tmp, configPath);
+        writeFileInPlacePreservingInode(configPath, postApply);
       } catch (e) {
-        unlinkSyncBestEffort(tmp);
+        try {
+          writeFileInPlacePreservingInode(configPath, snapshot);
+        } catch {}
         await approval.finalize({
           outcome: "reconcile_failed_rolled_back",
-          detail: `atomic write failed: ${e.message}`
+          detail: `in-place write failed: ${e.message}`
         });
         return this.reconcileFailedRolledBack(`write failed: ${e.message}`, req, caller, started);
       }
@@ -21369,8 +21394,7 @@ class HostdServer {
       }
       let rollbackDetail = "";
       try {
-        writeFileSync3(tmp, snapshot);
-        renameSync(tmp, configPath);
+        writeFileInPlacePreservingInode(configPath, snapshot);
       } catch (e) {
         rollbackDetail = `snapshot restore failed: ${e.message}`;
         await approval.finalize({

package/dist/vault/approvals/kernel-server.js

@@ -4106,6 +4106,12 @@ function mergeAgentConfig(defaultsIn, agentIn) {
       deny: dedupe([...dDeny, ...aDeny])
     };
   }
+  if (defaults.secrets || merged.secrets) {
+    merged.secrets = dedupe([
+      ...defaults.secrets ?? [],
+      ...merged.secrets ?? []
+    ]);
+  }
   if (defaults.soul || merged.soul) {
     const base = defaults.soul ?? {};
     const override = merged.soul ?? {};
@@ -11534,6 +11540,7 @@ var init_schema = __esm(() => {
       }).optional()
     }).optional(),
     schedule: exports_external.array(ScheduleEntrySchema).optional(),
+    secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional().describe("Operator-granted STANDING vault keys this agent may read via the " + "broker — independent of any cron or MCP server. Use when an agent " + "needs a credential both interactively and in its own (agent-managed) " + "schedules, so the grant lives with the agent rather than welded to a " + "specific cron's `secrets[]`. OPERATOR-SET ONLY: agents cannot edit " + "switchroom.yaml or self-grant (reference/vision.md outcome 2 — 'you " + "hold the leash; only your tap grants it'). Exact key names. Cascades " + "UNION across defaults -> profile -> agent (see docs/configuration.md)."),
     reactions: ReactionsSchema,
     model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only").optional(),
     thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
@@ -11602,6 +11609,7 @@ var init_schema = __esm(() => {
     tools: AgentToolsSchema,
     memory: AgentMemorySchema,
     schedule: exports_external.array(ScheduleEntrySchema).default([]),
+    secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional(),
     reactions: ReactionsSchema,
     model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only (no spaces or shell specials)").optional().describe("Claude model override (e.g., 'claude-sonnet-4-6')"),
     thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "Per-agent override wins over defaults.thinking_effort. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),

package/dist/vault/broker/server.js

@@ -140,6 +140,12 @@ function mergeAgentConfig(defaultsIn, agentIn) {
       deny: dedupe([...dDeny, ...aDeny])
     };
   }
+  if (defaults.secrets || merged.secrets) {
+    merged.secrets = dedupe([
+      ...defaults.secrets ?? [],
+      ...merged.secrets ?? []
+    ]);
+  }
   if (defaults.soul || merged.soul) {
     const base = defaults.soul ?? {};
     const override = merged.soul ?? {};
@@ -11534,6 +11540,7 @@ var init_schema = __esm(() => {
       }).optional()
     }).optional(),
     schedule: exports_external.array(ScheduleEntrySchema).optional(),
+    secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional().describe("Operator-granted STANDING vault keys this agent may read via the " + "broker — independent of any cron or MCP server. Use when an agent " + "needs a credential both interactively and in its own (agent-managed) " + "schedules, so the grant lives with the agent rather than welded to a " + "specific cron's `secrets[]`. OPERATOR-SET ONLY: agents cannot edit " + "switchroom.yaml or self-grant (reference/vision.md outcome 2 — 'you " + "hold the leash; only your tap grants it'). Exact key names. Cascades " + "UNION across defaults -> profile -> agent (see docs/configuration.md)."),
     reactions: ReactionsSchema,
     model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only").optional(),
     thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
@@ -11602,6 +11609,7 @@ var init_schema = __esm(() => {
     tools: AgentToolsSchema,
     memory: AgentMemorySchema,
     schedule: exports_external.array(ScheduleEntrySchema).default([]),
+    secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional(),
     reactions: ReactionsSchema,
     model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only (no spaces or shell specials)").optional().describe("Claude model override (e.g., 'claude-sonnet-4-6')"),
     thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "Per-agent override wins over defaults.thinking_effort. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
@@ -13288,11 +13296,21 @@ function checkAclByAgent(config, agentName, key) {
       return { allow: true };
     }
   }
+  const cfgSecrets = config;
+  const profileSecrets = profileName != null && profileName.length > 0 ? cfgSecrets.profiles?.[profileName]?.secrets : undefined;
+  const standingSecrets = [
+    ...Array.isArray(cfgSecrets.defaults?.secrets) ? cfgSecrets.defaults.secrets : [],
+    ...Array.isArray(profileSecrets) ? profileSecrets : [],
+    ...Array.isArray(agentConfig.secrets) ? agentConfig.secrets : []
+  ];
+  if (standingSecrets.includes(key)) {
+    return { allow: true };
+  }
   const schedule = agentConfig.schedule ?? [];
   if (schedule.length === 0) {
     return {
       allow: false,
-      reason: `agent '${agentName}' has no schedule entries declaring 'secrets' and no mcp_servers.*.secrets[] declaring '${key}'; nothing is broker-accessible`
+      reason: `agent '${agentName}' has no schedule entries declaring 'secrets', no mcp_servers.*.secrets[], and no agents.${agentName}.secrets[] standing grant declaring '${key}'; nothing is broker-accessible`
     };
   }
   for (const entry of schedule) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "switchroom",
-  "version": "0.14.32",
+  "version": "0.14.34",
   "description": "Run Claude Code 24/7 on your Claude Pro/Max subscription over Telegram. Open-source alternative to OpenClaw and NanoClaw — no API keys.",
   "type": "module",
   "bin": {

package/profiles/_base/start.sh.hbs

@@ -111,10 +111,15 @@ if [ "$SWITCHROOM_RUNTIME" = "docker" ] && [ -z "$SWITCHROOM_DOCKER_TMUX_INNER"
     echo "[start.sh] channels.telegram.enabled=false — skipping gateway sidecar" >&2
   fi
 
-  # 2) autoaccept-poll — first-run TUI prompt dispatcher. Single-shot
-  #    by design (exits cleanly after idle-timeout once prompts have
-  #    fired); the supervisor's exponential backoff keeps a flaky
-  #    autoaccept from busy-looping.
+  # 2) autoaccept-poll — first-run TUI prompt dispatcher, then continuous
+  #    wedge-watchdog. Two phases in one process: a one-shot boot phase
+  #    dispatches the first-run prompts and returns after idle-timeout,
+  #    then the process stays alive running the wedge-watchdog (dismisses a
+  #    stuck blocking modal selector mid-session — the AskUserQuestion /
+  #    ExitPlanMode class — with Esc). So it is NORMALLY long-lived; the
+  #    supervisor only respawns it if it crashes/exits, and its backoff
+  #    keeps a flaky run from busy-looping. Set SWITCHROOM_WEDGE_WATCHDOG=0
+  #    to restore the legacy boot-only single-shot behaviour.
   if [ -f /opt/switchroom/autoaccept-poll.js ] && command -v bun >/dev/null 2>&1; then
     _switchroom_supervise autoaccept /var/log/switchroom/autoaccept.log \
       bun /opt/switchroom/autoaccept-poll.js "{{name}}" &

package/telegram-plugin/dist/gateway/gateway.js

@@ -23925,6 +23925,7 @@ var init_schema = __esm(() => {
       }).optional()
     }).optional(),
     schedule: exports_external.array(ScheduleEntrySchema).optional(),
+    secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional().describe("Operator-granted STANDING vault keys this agent may read via the " + "broker \u2014 independent of any cron or MCP server. Use when an agent " + "needs a credential both interactively and in its own (agent-managed) " + "schedules, so the grant lives with the agent rather than welded to a " + "specific cron's `secrets[]`. OPERATOR-SET ONLY: agents cannot edit " + "switchroom.yaml or self-grant (reference/vision.md outcome 2 \u2014 'you " + "hold the leash; only your tap grants it'). Exact key names. Cascades " + "UNION across defaults -> profile -> agent (see docs/configuration.md)."),
     reactions: ReactionsSchema,
     model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only").optional(),
     thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
@@ -23993,6 +23994,7 @@ var init_schema = __esm(() => {
     tools: AgentToolsSchema,
     memory: AgentMemorySchema,
     schedule: exports_external.array(ScheduleEntrySchema).default([]),
+    secrets: exports_external.array(exports_external.string().regex(/^[a-zA-Z0-9_\-/]+$/, "Secret key names must contain only alphanumeric characters, underscores, hyphens, and forward slashes")).optional(),
     reactions: ReactionsSchema,
     model: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9._\-/\[\]:]*$/, "Model name must be alphanumeric with ._-/[]: only (no spaces or shell specials)").optional().describe("Claude model override (e.g., 'claude-sonnet-4-6')"),
     thinking_effort: exports_external.enum(["low", "medium", "high", "xhigh", "max"]).optional().describe("Adaptive-thinking effort level passed as --effort to the claude CLI. " + "Per-agent override wins over defaults.thinking_effort. " + "lower = faster/cheaper, higher = more reasoning. Omit to use Claude's default."),
@@ -24472,6 +24474,12 @@ function mergeAgentConfig(defaultsIn, agentIn) {
       deny: dedupe([...dDeny, ...aDeny])
     };
   }
+  if (defaults.secrets || merged.secrets) {
+    merged.secrets = dedupe([
+      ...defaults.secrets ?? [],
+      ...merged.secrets ?? []
+    ]);
+  }
   if (defaults.soul || merged.soul) {
     const base = defaults.soul ?? {};
     const override = merged.soul ?? {};
@@ -44481,6 +44489,12 @@ function mergeAgentConfig2(defaultsIn, agentIn) {
       deny: dedupe2([...dDeny, ...aDeny])
     };
   }
+  if (defaults.secrets || merged.secrets) {
+    merged.secrets = dedupe2([
+      ...defaults.secrets ?? [],
+      ...merged.secrets ?? []
+    ]);
+  }
   if (defaults.soul || merged.soul) {
     const base = defaults.soul ?? {};
     const override = merged.soul ?? {};
@@ -51766,10 +51780,10 @@ function sweepStaleTurnActiveMarker(stateDir, opts) {
 }
 
 // ../src/build-info.ts
-var VERSION = "0.14.32";
-var COMMIT_SHA = "d9254a62";
-var COMMIT_DATE = "2026-06-01T07:50:15Z";
-var LATEST_PR = 2062;
+var VERSION = "0.14.34";
+var COMMIT_SHA = "05829ce8";
+var COMMIT_DATE = "2026-06-01T13:11:35Z";
+var LATEST_PR = 2068;
 var COMMITS_AHEAD_OF_TAG = 0;
 
 // gateway/boot-version.ts