switchroom 0.15.12 → 0.15.13

package/telegram-plugin/dist/gateway/gateway.js

@@ -23996,7 +23996,8 @@ var init_schema = __esm(() => {
     linear_agent: exports_external.object({
       enabled: exports_external.boolean(),
       token: exports_external.string().describe("vault:<key> reference to the Linear OAuth app token (actor=app). " + "Resolved at runtime via the vault broker (canonically " + "vault:linear/<agent>/token). Never an inline literal."),
-      workspace_id: exports_external.string().optional().describe("Optional Linear workspace (organization) id this agent is " + "installed into. Informational \u2014 used for setup hints and " + "multi-workspace disambiguation; the token already scopes the " + "app to its workspace.")
+      workspace_id: exports_external.string().optional().describe("Optional Linear workspace (organization) id this agent is " + "installed into. Informational \u2014 used for setup hints and " + "multi-workspace disambiguation; the token already scopes the " + "app to its workspace."),
+      default_team_id: exports_external.string().optional().describe("Optional Linear team id new captured issues file into when the " + "agent doesn't pass an explicit team_id. Unnecessary for a " + "single-team workspace (auto-resolved); set it only when the " + "workspace has multiple teams. Manage via " + "`switchroom linear-agent set-team <agent> <team>`.")
     }).optional().describe("Linear first-class agent integration (#2298). When enabled, the " + "agent appears in a Linear workspace as an app actor (own name/" + "avatar, @-mentionable, delegate-assignable). Linear AgentSessionEvent " + "webhooks (mention / delegation) wake the agent instantly via the " + "same gateway inject path as webhook_dispatch, tagged " + 'meta.source="linear" with the agent_session_id, and the agent ' + "responds with structured AgentActivity (thought/message/complete/" + "error) via the linear_agent_activity MCP tool. Builds the " + "session-lifecycle layer on top of the plain webhook_sources:[linear] " + "+ webhook_dispatch support (#2272). The OAuth app token is stored in " + "the vault and referenced here as vault:linear/<agent>/token; run " + "`switchroom linear-agent setup <agent>` to provision it. Off by " + "default \u2014 opt in per agent. Cascades from " + "defaults.channels.telegram.linear_agent."),
     chat_id: exports_external.string().regex(/^-\d+$/, 'supergroup chat_id must be a negative integer as a string (e.g. "-1001234567890")').optional().describe("Per-agent supergroup ID \u2014 overrides fleet `telegram.forum_chat_id`. " + "When set, requires `default_topic_id`. Negative integer as string. " + "Forbidden when `dm_only: true`. See docs/rfcs/supergroup-mode.md."),
     default_topic_id: exports_external.number().int().positive().optional().describe("Forum topic ID this agent's automated outbounds default to when " + "no more-specific alias resolves. Defaults to General (topic 1) when " + "`chat_id` is set and this is omitted \u2014 set it only to pin a different " + "fallback topic. " + "Telegram's General topic is `id=1` at MTProto but sends omit the " + "field \u2014 the outbound wrapper strips `message_thread_id === 1` " + "on send. Forbidden when `dm_only: true`."),
@@ -24880,6 +24881,16 @@ function mergeAgentConfig(defaultsIn, agentIn) {
     }
     merged.reaction_dispatch = combined;
   }
+  const linearEnabled = merged.channels?.telegram?.linear_agent?.enabled === true;
+  if (linearEnabled) {
+    const rd = merged.reaction_dispatch;
+    if (!rd || rd.emojis === undefined) {
+      merged.reaction_dispatch = {
+        enabled: rd?.enabled ?? true,
+        emojis: ["\uD83D\uDC68\u200d\uD83D\uDCBB", "\uD83D\uDCCC"]
+      };
+    }
+  }
   if (defaults.resources || merged.resources) {
     const d = defaults.resources ?? {};
     const a = merged.resources ?? {};
@@ -31455,7 +31466,7 @@ import {
   appendFileSync as appendFileSync5
 } from "fs";
 import { homedir as homedir14 } from "os";
-import { join as join35, extname, sep as sep3, basename as basename7 } from "path";
+import { join as join35, extname, sep as sep3, basename as basename9 } from "path";
 
 // plugin-logger.ts
 import { appendFileSync, mkdirSync, renameSync, statSync, existsSync } from "fs";
@@ -45826,6 +45837,16 @@ function mergeAgentConfig2(defaultsIn, agentIn) {
     }
     merged.reaction_dispatch = combined;
   }
+  const linearEnabled = merged.channels?.telegram?.linear_agent?.enabled === true;
+  if (linearEnabled) {
+    const rd = merged.reaction_dispatch;
+    if (!rd || rd.emojis === undefined) {
+      merged.reaction_dispatch = {
+        enabled: rd?.enabled ?? true,
+        emojis: ["\uD83D\uDC68\u200d\uD83D\uDCBB", "\uD83D\uDCCC"]
+      };
+    }
+  }
   if (defaults.resources || merged.resources) {
     const d = defaults.resources ?? {};
     const a = merged.resources ?? {};
@@ -52781,9 +52802,10 @@ function defaultReadEvents(stateDir) {
   return readAll(stateDir);
 }
 // permission-title.ts
-import { basename as basename5 } from "node:path";
+import { basename as basename6 } from "node:path";
 
 // permission-rule.ts
+import { basename as basename5 } from "node:path";
 var FILE_TOOLS = new Set([
   "Edit",
   "Write",
@@ -52804,6 +52826,83 @@ var BROAD_ONLY_TOOLS = new Set([
 function prettyMcpServer(server) {
   return server.split(/[-_]/).filter((w) => w.length > 0).map((w) => w.charAt(0).toUpperCase() + w.slice(1)).join(" ");
 }
+function resolveSkillName(input) {
+  return readString(input, "skill") ?? readString(input, "skill_name") ?? readString(input, "skillName") ?? readString(input, "name") ?? skillBasenameFromPath(input);
+}
+function filePathFrom(input) {
+  if (!input)
+    return null;
+  return readString(input, "file_path") ?? readString(input, "notebook_path");
+}
+function bashFirstToken(command) {
+  const m = /^\s*([^\s|&;<>()`$]+)/.exec(command);
+  if (!m)
+    return null;
+  const tok = m[1];
+  if (tok.includes(".."))
+    return null;
+  return /^[A-Za-z0-9._\-\/]+$/.test(tok) ? tok : null;
+}
+function parseInput(raw) {
+  if (!raw || typeof raw !== "string")
+    return null;
+  const trimmed = raw.trim();
+  if (!trimmed.startsWith("{"))
+    return null;
+  try {
+    const parsed = JSON.parse(trimmed);
+    if (parsed && typeof parsed === "object" && !Array.isArray(parsed)) {
+      return parsed;
+    }
+  } catch {}
+  return null;
+}
+function readString(input, key) {
+  const value = input[key];
+  return typeof value === "string" && value.length > 0 ? value : null;
+}
+function skillBasenameFromPath(input) {
+  const path = readString(input, "path") ?? readString(input, "skill_path");
+  if (!path)
+    return null;
+  const trimmed = path.replace(/\/SKILL\.md$/i, "").replace(/\/$/, "");
+  return basename5(trimmed) || null;
+}
+function matchesAllowRule(rule, toolName, inputPreview) {
+  if (!rule || !toolName)
+    return false;
+  if (rule.endsWith("__*") && rule.startsWith("mcp__")) {
+    const prefix = rule.slice(0, -1);
+    return toolName.startsWith(prefix);
+  }
+  const scoped = /^([A-Za-z]+)\((.+)\)$/.exec(rule);
+  if (scoped) {
+    const ruleTool = scoped[1];
+    const arg = scoped[2];
+    if (ruleTool !== toolName)
+      return false;
+    const input = parseInput(inputPreview);
+    if (ruleTool === "Skill") {
+      if (!input)
+        return false;
+      return resolveSkillName(input) === arg;
+    }
+    if (ruleTool === "Bash") {
+      const cmd = input ? readString(input, "command") : null;
+      if (!cmd)
+        return false;
+      const m = /^([^:]+):\*$/.exec(arg);
+      if (!m)
+        return false;
+      return bashFirstToken(cmd) === m[1];
+    }
+    if (FILE_TOOLS.has(ruleTool)) {
+      return filePathFrom(input) === arg;
+    }
+    return false;
+  }
+  return rule === toolName;
+}
 
 // permission-title.ts
 init_redact();
@@ -52862,7 +52961,7 @@ function formatPermissionCardBody(opts) {
 `);
 }
 function naturalAction(toolName, inputPreview) {
-  const input = parseInput(inputPreview);
+  const input = parseInput2(inputPreview);
   if (toolName.startsWith("mcp__"))
     return naturalMcpAction(toolName, input);
   switch (toolName) {
@@ -52881,24 +52980,24 @@ function naturalAction(toolName, inputPreview) {
       return f ? `read: ${f}` : "read files";
     }
     case "Bash": {
-      const c = input ? readString(input, "command") : null;
+      const c = input ? readString2(input, "command") : null;
       return c ? `run: ${truncate6(c, COMMAND_TITLE_MAX)}` : "run shell commands";
     }
     case "Skill": {
-      const s = input ? resolveSkillName(input) : null;
+      const s = input ? resolveSkillName2(input) : null;
       return s ? `use the ${s} skill` : "use a skill";
     }
     case "Glob":
     case "Grep": {
-      const p = input ? readString(input, "pattern") : null;
+      const p = input ? readString2(input, "pattern") : null;
       return p ? `search files for: ${truncate6(p, COMMAND_TITLE_MAX)}` : "search files";
     }
     case "WebSearch": {
-      const q = input ? readString(input, "query") : null;
+      const q = input ? readString2(input, "query") : null;
       return q ? `search the web for: ${truncate6(q, COMMAND_TITLE_MAX)}` : "search the web";
     }
     case "WebFetch": {
-      const u = input ? readString(input, "url") : null;
+      const u = input ? readString2(input, "url") : null;
       return u ? `fetch a web page: ${truncate6(u, COMMAND_TITLE_MAX)}` : "fetch a web page";
     }
     case "Task":
@@ -52936,7 +53035,7 @@ function restResourcePhrase(server, verb, input) {
     return null;
   let path = null;
   for (const key of RESOURCE_KEYS) {
-    path = readString(input, key);
+    path = readString2(input, key);
     if (path)
       break;
   }
@@ -52952,7 +53051,7 @@ function mcpArgSummary(toolName, inputPreview) {
   const server = toolName.split("__")[1] ?? "";
   if (INTERNAL_MCP_SERVERS.has(server))
     return null;
-  const input = parseInput(inputPreview);
+  const input = parseInput2(inputPreview);
   if (!input)
     return null;
   const payload = input.body ?? input.query;
@@ -52996,11 +53095,11 @@ function describeGrant(toolName, inputPreview, option) {
       return m ? `run ${m[1]} commands` : "run that command";
     }
     if (t === "Edit" || t === "MultiEdit" || t === "NotebookEdit")
-      return `edit ${basename5(arg)}`;
+      return `edit ${basename6(arg)}`;
     if (t === "Write")
-      return `write ${basename5(arg)}`;
+      return `write ${basename6(arg)}`;
     if (t === "Read")
-      return `read ${basename5(arg)}`;
+      return `read ${basename6(arg)}`;
     return naturalAction(toolName, inputPreview);
   }
   switch (rule) {
@@ -53032,14 +53131,14 @@ function formatPermissionResumeMessage(opts) {
   }
   return hasAction ? `\uD83D\uDEAB ${who} \u2014 noted, I won't ${escapeTgHtml(lowerFirst(act))}. Continuing without it.` : `\uD83D\uDEAB ${who} \u2014 noted, continuing without it.`;
 }
-function resolveSkillName(input) {
-  return readString(input, "skill") ?? readString(input, "skill_name") ?? readString(input, "skillName") ?? readString(input, "name") ?? skillBasenameFromPath(input);
+function resolveSkillName2(input) {
+  return readString2(input, "skill") ?? readString2(input, "skill_name") ?? readString2(input, "skillName") ?? readString2(input, "name") ?? skillBasenameFromPath2(input);
 }
 function fileBase(input) {
   if (!input)
     return null;
-  const p = readString(input, "file_path") ?? readString(input, "notebook_path");
-  return p ? basename5(p) : null;
+  const p = readString2(input, "file_path") ?? readString2(input, "notebook_path");
+  return p ? basename6(p) : null;
 }
 function lowerFirst(text) {
   return text.length > 0 ? text.charAt(0).toLowerCase() + text.slice(1) : text;
@@ -53050,7 +53149,7 @@ function capFirst(text) {
 function escapeTgHtml(text) {
   return text.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;");
 }
-function parseInput(raw) {
+function parseInput2(raw) {
   if (!raw || typeof raw !== "string")
     return null;
   const trimmed = raw.trim();
@@ -53064,12 +53163,12 @@ function parseInput(raw) {
   } catch {}
   return null;
 }
-function readString(input, key) {
+function readString2(input, key) {
   const value = input[key];
   return typeof value === "string" && value.length > 0 ? value : null;
 }
-function skillBasenameFromPath(input) {
-  const path = readString(input, "path") ?? readString(input, "skill_path");
+function skillBasenameFromPath2(input) {
+  const path = readString2(input, "path") ?? readString2(input, "skill_path");
   if (!path)
     return null;
   const trimmed = path.replace(/\/SKILL\.md$/i, "").replace(/\/$/, "");
@@ -53085,7 +53184,7 @@ function truncate6(text, max) {
 }
 
 // permission-rule.ts
-import { basename as basename6 } from "node:path";
+import { basename as basename7 } from "node:path";
 var FILE_TOOLS2 = new Set([
   "Edit",
   "Write",
@@ -53106,9 +53205,9 @@ var BROAD_ONLY_TOOLS2 = new Set([
 function resolveScopedAllowChoices(toolName, inputPreview) {
   if (!toolName)
     return null;
-  const input = parseInput2(inputPreview);
+  const input = parseInput3(inputPreview);
   if (toolName === "Skill") {
-    const skill = input ? resolveSkillName2(input) : null;
+    const skill = input ? resolveSkillName3(input) : null;
     if (!skill)
       return null;
     if (!/^[A-Za-z0-9._\-+]+$/.test(skill))
@@ -53119,7 +53218,7 @@ function resolveScopedAllowChoices(toolName, inputPreview) {
     };
   }
   if (FILE_TOOLS2.has(toolName)) {
-    const path = filePathFrom(input);
+    const path = filePathFrom2(input);
     const broad = { rule: toolName, buttonLabel: "Any file", broad: true };
     if (path) {
       return {
@@ -53131,8 +53230,8 @@ function resolveScopedAllowChoices(toolName, inputPreview) {
   }
   if (toolName === "Bash") {
     const broad = { rule: "Bash", buttonLabel: "Any command", broad: true };
-    const cmd = input ? readString2(input, "command") : null;
-    const tok = cmd ? bashFirstToken(cmd) : null;
+    const cmd = input ? readString3(input, "command") : null;
+    const tok = cmd ? bashFirstToken2(cmd) : null;
     if (tok) {
       return {
         specific: { rule: `Bash(${tok}:*)`, buttonLabel: `${tok} commands`, broad: false },
@@ -53160,15 +53259,15 @@ function resolveScopedAllowChoices(toolName, inputPreview) {
 function prettyMcpServer2(server) {
   return server.split(/[-_]/).filter((w) => w.length > 0).map((w) => w.charAt(0).toUpperCase() + w.slice(1)).join(" ");
 }
-function resolveSkillName2(input) {
-  return readString2(input, "skill") ?? readString2(input, "skill_name") ?? readString2(input, "skillName") ?? readString2(input, "name") ?? skillBasenameFromPath2(input);
+function resolveSkillName3(input) {
+  return readString3(input, "skill") ?? readString3(input, "skill_name") ?? readString3(input, "skillName") ?? readString3(input, "name") ?? skillBasenameFromPath3(input);
 }
-function filePathFrom(input) {
+function filePathFrom2(input) {
   if (!input)
     return null;
-  return readString2(input, "file_path") ?? readString2(input, "notebook_path");
+  return readString3(input, "file_path") ?? readString3(input, "notebook_path");
 }
-function bashFirstToken(command) {
+function bashFirstToken2(command) {
   const m = /^\s*([^\s|&;<>()`$]+)/.exec(command);
   if (!m)
     return null;
@@ -53177,7 +53276,7 @@ function bashFirstToken(command) {
     return null;
   return /^[A-Za-z0-9._\-\/]+$/.test(tok) ? tok : null;
 }
-function parseInput2(raw) {
+function parseInput3(raw) {
   if (!raw || typeof raw !== "string")
     return null;
   const trimmed = raw.trim();
@@ -53191,21 +53290,136 @@ function parseInput2(raw) {
   } catch {}
   return null;
 }
-function readString2(input, key) {
+function readString3(input, key) {
   const value = input[key];
   return typeof value === "string" && value.length > 0 ? value : null;
 }
-function skillBasenameFromPath2(input) {
-  const path = readString2(input, "path") ?? readString2(input, "skill_path");
+function skillBasenameFromPath3(input) {
+  const path = readString3(input, "path") ?? readString3(input, "skill_path");
   if (!path)
     return null;
   const trimmed = path.replace(/\/SKILL\.md$/i, "").replace(/\/$/, "");
-  return basename6(trimmed) || null;
+  return basename7(trimmed) || null;
 }
 function isRulePersisted(resolvedAllow, ruleRule) {
   return resolvedAllow.includes(ruleRule);
 }
 
+// scoped-approval.ts
+import { basename as basename8 } from "node:path";
+var SCOPED_APPROVAL_DEFAULT_TTL_MS = 30 * 60 * 1000;
+function scopedApprovalTtlMs(env = process.env) {
+  const raw = env.SWITCHROOM_SCOPED_APPROVAL_TTL_MS;
+  if (raw === undefined || raw.trim() === "")
+    return SCOPED_APPROVAL_DEFAULT_TTL_MS;
+  const n = Number(raw);
+  if (!Number.isFinite(n) || n < 0)
+    return SCOPED_APPROVAL_DEFAULT_TTL_MS;
+  return Math.floor(n);
+}
+var FILE_RULE = /^(Edit|Write|MultiEdit|NotebookEdit|Read)\((.+)\)$/;
+var BASH_FAMILY_RULE = /^Bash\(([^:]+):\*\)$/;
+function resolveTimeBox(toolName, inputPreview, choices) {
+  const specific = choices?.specific;
+  if (!specific || specific.broad)
+    return null;
+  const rule = specific.rule;
+  const fileMatch = FILE_RULE.exec(rule);
+  if (fileMatch) {
+    const verb = fileMatch[1] === "Read" ? "reads of" : "edits to";
+    return { rule, breadth: `${verb} ${basename8(fileMatch[2])}` };
+  }
+  const bashMatch = BASH_FAMILY_RULE.exec(rule);
+  if (bashMatch) {
+    const cmd = readBashCommand(inputPreview);
+    if (!cmd || isDestructiveBashCommand(cmd))
+      return null;
+    return { rule, breadth: `any \`${bashMatch[1]}\` command` };
+  }
+  return null;
+}
+function recordScopedGrant(store2, agent, rule, now, ttlMs) {
+  if (ttlMs <= 0)
+    return;
+  const list2 = store2.get(agent) ?? [];
+  const others = list2.filter((g) => g.rule !== rule);
+  others.push({ rule, expiresAt: now + ttlMs });
+  store2.set(agent, others);
+}
+function lookupScopedGrant(store2, agent, toolName, inputPreview, now) {
+  const list2 = store2.get(agent);
+  if (!list2 || list2.length === 0)
+    return null;
+  for (const g of list2) {
+    if (g.expiresAt <= now)
+      continue;
+    if (!matchesAllowRule(g.rule, toolName, inputPreview))
+      continue;
+    if (toolName === "Bash") {
+      const cmd = readBashCommand(inputPreview);
+      if (!cmd || isDestructiveBashCommand(cmd))
+        return null;
+    }
+    return g.rule;
+  }
+  return null;
+}
+function sweepScopedGrants(store2, now) {
+  for (const [agent, list2] of store2) {
+    const live = list2.filter((g) => g.expiresAt > now);
+    if (live.length === 0)
+      store2.delete(agent);
+    else if (live.length !== list2.length)
+      store2.set(agent, live);
+  }
+}
+function isDestructiveBashCommand(command) {
+  if (!command || !command.trim())
+    return true;
+  const c = command.toLowerCase();
+  if (c.includes("`"))
+    return true;
+  if (/\|\s*(sudo\s+)?(sh|bash|zsh|fish|python\d?|perl|ruby|node)\b/.test(c))
+    return true;
+  if (/(^|\s|;|&&|\|\||\()sudo\b/.test(c))
+    return true;
+  if (/(^|\s|;|&&|\|\||\()(su|doas)\s/.test(c))
+    return true;
+  if (/(^|\s|;|&&|\|\||\()(rm|rmdir|dd|shred|truncate|fdisk|mkfs\S*|wipefs|blkdiscard|fallocate)\b/.test(c))
+    return true;
+  if (/\b(chmod|chown|chgrp)\b[^|;&]*(\s-(-recursive|[a-z]*r[a-z]*)\b)/.test(c))
+    return true;
+  if (/>\s*\/(dev|etc|boot|sys|proc)\b/.test(c))
+    return true;
+  if (/\bgit\b/.test(c) && /(push\b[^|;&]*(--force|-f\b|--force-with-lease)|push\s+[^\s]*\s+\+|reset\s+--hard|clean\s+-[a-z]*[fd]|filter-branch|reflog\s+expire|update-ref\s+-d|branch\s+-d{1,2}\b|checkout\s+--\s|restore\b)/.test(c))
+    return true;
+  if (/(^|\s|;|&&|\|\||\()(shutdown|reboot|halt|poweroff|kill|killall|pkill)\b/.test(c))
+    return true;
+  if (/(^|\s)init\s+0\b/.test(c))
+    return true;
+  if (/\bdocker\b[^|;&]*\b(rm|prune)\b/.test(c))
+    return true;
+  if (/(^|\s)(apt|apt-get|yum|dnf|brew|pacman|npm|pnpm|yarn|pip\d?)\b[^|;&]*\b(remove|uninstall|purge|prune)\b/.test(c))
+    return true;
+  if (/:\s*\(\s*\)\s*\{/.test(c))
+    return true;
+  return false;
+}
+function readBashCommand(inputPreview) {
+  if (!inputPreview || typeof inputPreview !== "string")
+    return null;
+  const trimmed = inputPreview.trim();
+  if (!trimmed.startsWith("{"))
+    return null;
+  try {
+    const parsed = JSON.parse(trimmed);
+    const cmd = parsed?.command;
+    return typeof cmd === "string" && cmd.length > 0 ? cmd : null;
+  } catch {
+    return null;
+  }
+}
+
 // permission-diff.ts
 var TARGET_HEADER_A = "--- a/switchroom.yaml";
 var TARGET_HEADER_B = "+++ b/switchroom.yaml";
@@ -53877,11 +54091,11 @@ function readTurnActiveMarkerAgeMs(stateDir, now) {
 }
 
 // ../src/build-info.ts
-var VERSION = "0.15.12";
-var COMMIT_SHA = "18b7b6e6";
-var COMMIT_DATE = "2026-06-13T04:55:14Z";
-var LATEST_PR = 2311;
-var COMMITS_AHEAD_OF_TAG = 0;
+var VERSION = "0.15.13";
+var COMMIT_SHA = "36ba2682";
+var COMMIT_DATE = "2026-06-13T16:49:14+10:00";
+var LATEST_PR = null;
+var COMMITS_AHEAD_OF_TAG = 6;
 
 // gateway/boot-version.ts
 function formatRelativeAgo(iso) {
@@ -54274,6 +54488,106 @@ async function emitLinearAgentActivity(args, deps = {}) {
 `);
   return { content: [{ type: "text", text: `Linear ${type} emitted on session ${sessionId}` }] };
 }
+function captureDedupMarker(dedupKey) {
+  return `
+
+<!-- switchroom-capture: ${dedupKey} -->`;
+}
+async function createLinearIssue(args, deps = {}) {
+  const log = deps.log ?? ((s) => process.stderr.write(s));
+  const fetchImpl = deps.fetchImpl ?? fetch;
+  const title = args.title;
+  if (!title || title.trim() === "")
+    throw new Error("linear_create_issue: title is required");
+  const body = args.body ?? "";
+  const teamIdArg = args.team_id ?? (deps.defaultTeamId ?? process.env.SWITCHROOM_LINEAR_DEFAULT_TEAM_ID) ?? undefined;
+  const dedupKey = args.dedup_key ?? undefined;
+  const priority = typeof args.priority === "number" ? args.priority : undefined;
+  const agent = deps.agent ?? process.env.SWITCHROOM_AGENT_NAME ?? "-";
+  const resolveToken = deps.resolveToken ?? defaultResolveLinearToken;
+  const tokenResult = await resolveToken(agent);
+  if (!tokenResult.ok) {
+    const hint = tokenResult.reason === "denied" || tokenResult.reason === "not_found" ? ` Call vault_request_access for key 'linear/${agent}/token' (scope read), then retry.` : "";
+    return {
+      content: [
+        { type: "text", text: `Couldn't file to Linear: no token (vault ${tokenResult.reason}).${hint}` }
+      ]
+    };
+  }
+  const token = tokenResult.token;
+  const gql = async (query2, variables) => {
+    let resp;
+    try {
+      resp = await fetchImpl(LINEAR_GRAPHQL_ENDPOINT, {
+        method: "POST",
+        headers: { "Content-Type": "application/json", Authorization: token },
+        body: JSON.stringify({ query: query2, variables })
+      });
+    } catch (err) {
+      return { ok: false, text: `request error: ${err.message}` };
+    }
+    if (!resp.ok) {
+      const txt = await resp.text().catch(() => "");
+      return { ok: false, text: `Linear API ${resp.status}${txt ? ` \u2014 ${txt.slice(0, 200)}` : ""}` };
+    }
+    let json;
+    try {
+      json = await resp.json();
+    } catch {
+      return { ok: false, text: "malformed Linear API response" };
+    }
+    if (json.errors && json.errors.length > 0) {
+      return { ok: false, text: json.errors.map((e) => e.message ?? "error").join("; ").slice(0, 300) };
+    }
+    return { ok: true, data: json.data };
+  };
+  if (dedupKey) {
+    const search = await gql("query($term: String!) { searchIssues(term: $term) { nodes { id url title } } }", { term: dedupKey });
+    if (search.ok) {
+      const hit = (search.data?.searchIssues?.nodes ?? [])[0];
+      if (hit?.url) {
+        log(`telegram gateway: linear_create_issue: dedup hit key=${dedupKey} agent=${agent}
+`);
+        return { content: [{ type: "text", text: `Already filed: ${hit.url}` }] };
+      }
+    }
+  }
+  let teamId = teamIdArg;
+  if (!teamId) {
+    const teams = await gql("query { teams(first: 50) { nodes { id key name } } }", {});
+    if (!teams.ok) {
+      return { content: [{ type: "text", text: `Couldn't file to Linear: ${teams.text}` }] };
+    }
+    const nodes = teams.data?.teams?.nodes ?? [];
+    if (nodes.length === 0) {
+      return { content: [{ type: "text", text: "Couldn't file to Linear: the workspace has no teams." }] };
+    }
+    if (nodes.length > 1) {
+      const list2 = nodes.map((t) => `${t.key} (${t.name})`).join(", ");
+      return {
+        content: [
+          { type: "text", text: `Couldn't file to Linear: multiple teams (${list2}) \u2014 set a default team (linear_agent.default_team_id) or pass team_id.` }
+        ]
+      };
+    }
+    teamId = nodes[0].id;
+  }
+  const description = dedupKey ? `${body}${captureDedupMarker(dedupKey)}` : body;
+  const input = { teamId, title, description };
+  if (priority !== undefined)
+    input.priority = priority;
+  const create = await gql("mutation($input: IssueCreateInput!) { issueCreate(input: $input) { success issue { id identifier url } } }", { input });
+  if (!create.ok) {
+    return { content: [{ type: "text", text: `Couldn't file to Linear: ${create.text}` }] };
+  }
+  const issue = create.data?.issueCreate?.issue;
+  if (create.data?.issueCreate?.success === false || !issue?.url) {
+    return { content: [{ type: "text", text: "Couldn't file to Linear: issue not created (success=false)." }] };
+  }
+  log(`telegram gateway: linear_create_issue: filed ${issue.identifier} agent=${agent}${dedupKey ? ` dedup=${dedupKey}` : ""}
+`);
+  return { content: [{ type: "text", text: `Filed: ${title} \u2192 ${issue.url}` }] };
+}
 
 // vault-approval-posture.ts
 function resolveVaultApprovalPosture(broker) {
@@ -56049,6 +56363,8 @@ function sweepStaleAlwaysAllowCorrelations(now = Date.now()) {
     }
   }
 }
+var scopedGrants = new Map;
+var selfAgentName = () => process.env.SWITCHROOM_AGENT_NAME ?? "";
 var pendingAskUser = new Map;
 var pendingReauthFlows = new Map;
 var REAUTH_INTERCEPT_TTL_MS = 600000;
@@ -56283,6 +56599,7 @@ var pendingStateReaper = setInterval(() => {
     if (now > v.expiresAt)
       vaultPassphraseCache.delete(k);
   }
+  sweepScopedGrants(scopedGrants, now);
   for (const [k, v] of deferredSecrets) {
     if (now - v.staged_at > DEFERRED_SECRET_TTL_MS)
       deferredSecrets.delete(k);
@@ -56822,8 +57139,10 @@ if (inboundSpool != null) {
   }
 }
 var pendingPermissionBuffer = createPendingPermissionBuffer();
-function buildPermissionActionRow(requestId, showAlways) {
+function buildPermissionActionRow(requestId, showAlways, showTimeBox = false) {
   const kb = new import_grammy9.InlineKeyboard().text("\u274C Deny", `perm:deny:${requestId}`).text("\u2705 Allow once", `perm:allow:${requestId}`);
+  if (showTimeBox)
+    kb.text("\u23F1 30 min", `perm:tmb:${requestId}`);
   if (showAlways)
     kb.text("\uD83D\uDD01 Always\u2026", `perm:always:${requestId}`);
   return kb;
@@ -57062,6 +57381,16 @@ var ipcServer = createIpcServer({
   },
   onPermissionRequest(_client, msg) {
     const { requestId, toolName, description, inputPreview } = msg;
+    const scopedTtl = scopedApprovalTtlMs();
+    if (scopedTtl > 0) {
+      const hit = lookupScopedGrant(scopedGrants, selfAgentName(), toolName, inputPreview, Date.now());
+      if (hit) {
+        dispatchPermissionVerdict({ type: "permission", requestId, behavior: "allow" });
+        process.stderr.write(`telegram gateway: scoped-approval auto-allow tool=${toolName} rule="${hit}" request=${requestId} (time-boxed window)
+`);
+        return;
+      }
+    }
     pendingPermissions.set(requestId, { tool_name: toolName, description, input_preview: inputPreview, startedAt: Date.now() });
     const text = formatPermissionCardBody({
       toolName,
@@ -57069,8 +57398,10 @@ var ipcServer = createIpcServer({
       description,
       agentName: _client.agentName
     });
-    const showAlways = resolveScopedAllowChoices(toolName, inputPreview) != null;
-    const keyboard = buildPermissionActionRow(requestId, showAlways);
+    const scopeChoices = resolveScopedAllowChoices(toolName, inputPreview);
+    const showAlways = scopeChoices != null;
+    const showTimeBox = scopedApprovalTtlMs() > 0 && resolveTimeBox(toolName, inputPreview, scopeChoices) != null;
+    const keyboard = buildPermissionActionRow(requestId, showAlways, showTimeBox);
     const activeTurn = currentTurn;
     const targets = resolvePermissionCardTargets();
     for (const { chatId, threadId } of targets) {
@@ -57483,7 +57814,8 @@ var ALLOWED_TOOLS = new Set([
   "vault_request_save",
   "vault_request_access",
   "request_secret",
-  "linear_agent_activity"
+  "linear_agent_activity",
+  "linear_create_issue"
 ]);
 async function executeToolCall(tool, args) {
   if (!ALLOWED_TOOLS.has(tool)) {
@@ -57530,6 +57862,8 @@ async function executeToolCall(tool, args) {
       return executeRequestSecret(args);
     case "linear_agent_activity":
       return executeLinearAgentActivity(args);
+    case "linear_create_issue":
+      return executeLinearCreateIssue(args);
     default:
       throw new Error(`unknown tool: ${tool}`);
   }
@@ -57563,6 +57897,9 @@ async function executeSendChecklist(args) {
 async function executeLinearAgentActivity(args) {
   return emitLinearAgentActivity(args);
 }
+async function executeLinearCreateIssue(args) {
+  return createLinearIssue(args);
+}
 async function executeUpdateChecklist(args) {
   const chat_id = args.chat_id;
   if (!chat_id)
@@ -60938,7 +61275,7 @@ function getMyAgentName() {
   const fromEnv = process.env.SWITCHROOM_AGENT_NAME;
   if (fromEnv && fromEnv.trim().length > 0)
     return fromEnv.trim();
-  return basename7(process.cwd());
+  return basename9(process.cwd());
 }
 function isSelfTargetingCommand(name) {
   if (name === "all")
@@ -64722,7 +65059,7 @@ ${preBlock(formatSwitchroomOutput(err.message ?? "unknown error"))}`, { html: tr
     }
     return;
   }
-  const m = /^perm:(allow|deny|always|asn|asb|back):([a-km-z]{5})$/.exec(data);
+  const m = /^perm:(allow|deny|always|asn|asb|back|tmb):([a-km-z]{5})$/.exec(data);
   if (!m) {
     await ctx.answerCallbackQuery().catch(() => {});
     return;
@@ -64742,7 +65079,9 @@ ${preBlock(formatSwitchroomOutput(err.message ?? "unknown error"))}`, { html: tr
     }
     let keyboard;
     if (behavior === "back") {
-      keyboard = buildPermissionActionRow(request_id, true);
+      const backChoices = resolveScopedAllowChoices(details.tool_name, details.input_preview);
+      const backTimeBox = scopedApprovalTtlMs() > 0 && resolveTimeBox(details.tool_name, details.input_preview, backChoices) != null;
+      keyboard = buildPermissionActionRow(request_id, true, backTimeBox);
     } else {
       const choices = resolveScopedAllowChoices(details.tool_name, details.input_preview);
       if (choices == null) {
@@ -64883,6 +65222,51 @@ ${preBlock(formatSwitchroomOutput(err.message ?? "unknown error"))}`, { html: tr
       ackText: ackText.slice(0, 200),
       newText: baseText2 ? `${baseText2}
 
+${editLabel}` : editLabel,
+      parseMode: "HTML"
+    });
+    return;
+  }
+  if (behavior === "tmb") {
+    const details = pendingPermissions.get(request_id);
+    if (!details) {
+      await ctx.answerCallbackQuery({ text: "Details no longer available." }).catch(() => {});
+      return;
+    }
+    const ttl = scopedApprovalTtlMs();
+    if (ttl <= 0) {
+      await ctx.answerCallbackQuery({ text: "Time-boxed approvals are disabled." }).catch(() => {});
+      return;
+    }
+    const choices = resolveScopedAllowChoices(details.tool_name, details.input_preview);
+    const tb = resolveTimeBox(details.tool_name, details.input_preview, choices);
+    if (!tb) {
+      await ctx.answerCallbackQuery({ text: "This action can't be time-boxed." }).catch(() => {});
+      return;
+    }
+    const agentName3 = selfAgentName();
+    if (!agentName3) {
+      await ctx.answerCallbackQuery({ text: "Time-box needs SWITCHROOM_AGENT_NAME \u2014 gateway is misconfigured." }).catch(() => {});
+      return;
+    }
+    pendingPermissions.delete(request_id);
+    dispatchPermissionVerdict({ type: "permission", requestId: request_id, behavior: "allow" });
+    recordScopedGrant(scopedGrants, agentName3, tb.rule, Date.now(), ttl);
+    resumeReactionAfterVerdict();
+    postPermissionResumeMessage({
+      behavior: "allow",
+      action: naturalAction(details.tool_name, details.input_preview)
+    });
+    process.stderr.write(`telegram gateway: scoped-approval granted rule="${tb.rule}" agent=${agentName3} ttl_ms=${ttl} (request_id=${request_id})
+`);
+    const mins = Math.max(1, Math.round(ttl / 60000));
+    const sourceMsg = ctx.callbackQuery?.message;
+    const baseText2 = sourceMsg && "text" in sourceMsg && sourceMsg.text ? escapeHtmlForTg(sourceMsg.text) : "";
+    const editLabel = `\u23F1 <b>Allowed for ${mins} min \u2014 ${escapeHtmlForTg(tb.breadth)}</b> \xB7 re-asks after that, and now for anything else`;
+    await finalizeCallback(ctx, {
+      ackText: `\u23F1 Allowed for ${mins} min`.slice(0, 200),
+      newText: baseText2 ? `${baseText2}
+
 ${editLabel}` : editLabel,
       parseMode: "HTML"
     });