switchroom 0.15.38 → 0.15.40

package/dist/cli/switchroom.js

@@ -28441,13 +28441,13 @@ function setAuthActive(yamlText, label) {
   if (typeof label !== "string" || label.length === 0) {
     throw new Error("setAuthActive: label must be a non-empty string");
   }
-  const doc = import_yaml9.parseDocument(yamlText);
+  const doc = import_yaml10.parseDocument(yamlText);
   const root = doc.contents;
-  if (!import_yaml9.isMap(root)) {
+  if (!import_yaml10.isMap(root)) {
     throw new Error("setAuthActive: YAML root is not a map");
   }
   const existing = root.get("auth", true);
-  if (import_yaml9.isMap(existing)) {
+  if (import_yaml10.isMap(existing)) {
     if (existing.get("active") === label) {
       return yamlText;
     }
@@ -28460,9 +28460,9 @@ function setAuthActive(yamlText, label) {
 `) ? out : out + `
 `;
 }
-var import_yaml9;
+var import_yaml10;
 var init_auth_active_yaml = __esm(() => {
-  import_yaml9 = __toESM(require_dist(), 1);
+  import_yaml10 = __toESM(require_dist(), 1);
 });
 
 // src/auth/via-claude.ts
@@ -28476,11 +28476,11 @@ __export(exports_via_claude, {
   PRE_PASTE_RULES: () => PRE_PASTE_RULES,
   POST_PASTE_RULES: () => POST_PASTE_RULES
 });
-import { execFileSync as execFileSync14, spawnSync as spawnSync2 } from "node:child_process";
+import { execFileSync as execFileSync14, spawnSync as spawnSync3 } from "node:child_process";
 import { existsSync as existsSync32, mkdirSync as mkdirSync19, readFileSync as readFileSync27 } from "node:fs";
 import { join as join25, resolve as resolve24 } from "node:path";
 function tmuxHasSession(session) {
-  const r = spawnSync2("tmux", ["has-session", "-t", session], {
+  const r = spawnSync3("tmux", ["has-session", "-t", session], {
     stdio: ["ignore", "ignore", "ignore"]
   });
   return r.status === 0;
@@ -29947,12 +29947,12 @@ var init_doctor_docker = __esm(() => {
 // src/cli/doctor-auth-broker.ts
 import { existsSync as existsSync53, readFileSync as readFileSync50 } from "node:fs";
 import { createHash as createHash10 } from "node:crypto";
-import { spawnSync as spawnSync6 } from "node:child_process";
+import { spawnSync as spawnSync7 } from "node:child_process";
 import { homedir as homedir27 } from "node:os";
 import { join as join49 } from "node:path";
 function defaultDockerInspect(container, format) {
   try {
-    const r = spawnSync6("docker", ["inspect", "-f", format, container], { encoding: "utf-8", timeout: 5000 });
+    const r = spawnSync7("docker", ["inspect", "-f", format, container], { encoding: "utf-8", timeout: 5000 });
     if (r.status !== 0)
       return null;
     return r.stdout.trim();
@@ -29962,7 +29962,7 @@ function defaultDockerInspect(container, format) {
 }
 function defaultDockerExecExists(container, path4) {
   try {
-    const r = spawnSync6("docker", ["exec", container, "test", "-S", path4], { encoding: "utf-8", timeout: 5000 });
+    const r = spawnSync7("docker", ["exec", container, "test", "-S", path4], { encoding: "utf-8", timeout: 5000 });
     return r.status === 0;
   } catch {
     return false;
@@ -29976,12 +29976,12 @@ function sha256Hex(content) {
 }
 function checkAuthBrokerServiceHealth(deps = {}) {
   const inspect = deps.dockerInspect ?? defaultDockerInspect;
-  const status = inspect(AUTH_BROKER_CONTAINER, "{{.State.Status}}|{{if .State.Health}}{{.State.Health.Status}}{{else}}none{{end}}");
+  const status = inspect(AUTH_BROKER_CONTAINER2, "{{.State.Status}}|{{if .State.Health}}{{.State.Health.Status}}{{else}}none{{end}}");
   if (status === null) {
     return {
       name: "auth-broker: service health",
       status: "fail",
-      detail: `container \`${AUTH_BROKER_CONTAINER}\` not found via \`docker inspect\``,
+      detail: `container \`${AUTH_BROKER_CONTAINER2}\` not found via \`docker inspect\``,
       fix: "Run `switchroom apply` to bring the broker online, then `switchroom doctor` again."
     };
   }
@@ -30029,7 +30029,7 @@ function checkAuthBrokerPerAgentSockets(config, deps = {}) {
   const missing = [];
   for (const agent of agents) {
     const socketPath = `/run/switchroom/auth-broker/${agent}/sock`;
-    if (!execExists(AUTH_BROKER_CONTAINER, socketPath)) {
+    if (!execExists(AUTH_BROKER_CONTAINER2, socketPath)) {
       missing.push(agent);
     }
   }
@@ -30190,17 +30190,17 @@ function runAuthBrokerChecks(config, deps = {}) {
   const rank = { fail: 0, warn: 1, ok: 2, skip: 3 };
   return [...results].sort((a, b) => rank[a.status] - rank[b.status]);
 }
-var AUTH_BROKER_CONTAINER = "switchroom-auth-broker";
+var AUTH_BROKER_CONTAINER2 = "switchroom-auth-broker";
 var init_doctor_auth_broker = __esm(() => {
   init_account_store();
   init_paths();
 });
 
 // src/cli/doctor-hostd.ts
-import { spawnSync as spawnSync7 } from "node:child_process";
+import { spawnSync as spawnSync8 } from "node:child_process";
 function realDockerInspect(ref, format) {
   try {
-    const r = spawnSync7("docker", ["inspect", ref, "--format", format], {
+    const r = spawnSync8("docker", ["inspect", ref, "--format", format], {
       encoding: "utf-8",
       timeout: 5000
     });
@@ -31571,6 +31571,13 @@ var init_doctor_notion = __esm(() => {
 });
 
 // src/cli/doctor-mcp-secrets.ts
+function entryScopeDenies(agent, allow, deny) {
+  if (deny.includes(agent))
+    return true;
+  if (allow.length > 0 && !allow.includes(agent))
+    return true;
+  return false;
+}
 function computeMcpSecretRequirements(config) {
   const cfg = config;
   const reqs = [];
@@ -31650,20 +31657,19 @@ async function runMcpSecretChecks(config, deps = {}) {
         });
         continue;
       }
-      if (!acl.allow.includes(r.agent)) {
-        const updated = [...new Set([...acl.allow, r.agent])].sort().join(",");
+      if (entryScopeDenies(r.agent, acl.allow, acl.deny)) {
         results.push({
           name,
           status: "fail",
-          detail: `agent '${r.agent}' loads MCP '${r.server}' but is NOT on the vault ACL for '${key}' \u2014 the broker will deny it at runtime`,
-          fix: `switchroom vault set ${key} --allow ${updated} (vault set overwrites the scope \u2014 re-state the full list including '${r.agent}').`
+          detail: `agent '${r.agent}' loads MCP '${r.server}' but the vault entry scope for '${key}' denies it \u2014 the broker will deny at runtime`,
+          fix: `switchroom vault set ${key} --allow ${[...new Set([...acl.allow, r.agent])].sort().join(",")} (vault set overwrites the scope \u2014 re-state the full list including '${r.agent}'; and drop it from --deny if present).`
         });
         continue;
       }
       results.push({
         name,
         status: "ok",
-        detail: `MCP '${r.server}' \u2192 '${key}' present + ACL-allowed`
+        detail: `MCP '${r.server}' \u2192 '${key}' present + scope-allowed`
       });
     }
   }
@@ -32315,7 +32321,7 @@ __export(exports_doctor, {
   checkAgents: () => checkAgents,
   MFF_VAULT_KEY: () => MFF_VAULT_KEY
 });
-import { execSync as execSync3, spawnSync as spawnSync8 } from "node:child_process";
+import { execSync as execSync3, spawnSync as spawnSync9 } from "node:child_process";
 import {
   accessSync as accessSync2,
   constants as fsConstants5,
@@ -32663,7 +32669,7 @@ function probeVaultBrokerSocketPair(agentName) {
   const dataPath = `/run/switchroom/broker/${agentName}/sock`;
   const unlockPath = `/run/switchroom/broker/${agentName}/unlock`;
   const script = `D=0; U=0; ` + `test -S '${dataPath}' && D=1; ` + `test -S '${unlockPath}' && U=1; ` + `echo "D=$D U=$U"`;
-  const r = spawnSync8("docker", ["exec", "switchroom-vault-broker", "sh", "-c", script], { stdio: "pipe", timeout: 3000 });
+  const r = spawnSync9("docker", ["exec", "switchroom-vault-broker", "sh", "-c", script], { stdio: "pipe", timeout: 3000 });
   if (r.error || r.status === null)
     return "unreachable";
   if (r.status !== 0) {
@@ -32862,7 +32868,7 @@ function checkHindsightConsumer(config, opts) {
 }
 function probeAuthBrokerSocket(consumerName) {
   const containerPath = `/run/switchroom/auth-broker/${consumerName}/sock`;
-  const r = spawnSync8("docker", ["exec", "switchroom-auth-broker", "test", "-S", containerPath], { stdio: "pipe", timeout: 3000 });
+  const r = spawnSync9("docker", ["exec", "switchroom-auth-broker", "test", "-S", containerPath], { stdio: "pipe", timeout: 3000 });
   if (r.error || r.status === null)
     return "unreachable";
   if (r.status === 0)
@@ -33753,7 +33759,7 @@ async function checkMffAuthFlow(envPath = mffEnvPath(), timeoutMs = 8000) {
   const python3 = which("python3") ?? "python3";
   let token;
   try {
-    const result = spawnSync8(python3, [authScript, "--quiet"], {
+    const result = spawnSync9(python3, [authScript, "--quiet"], {
       timeout: timeoutMs,
       encoding: "utf-8",
       env: { ...process.env, ...env2 }
@@ -34014,7 +34020,11 @@ function registerDoctorCommand(program3) {
         const { getViaBrokerStructured: getViaBrokerStructured2 } = await Promise.resolve().then(() => (init_client(), exports_client));
         const result = await getViaBrokerStructured2(key);
         if (result.kind === "ok") {
-          return { kind: "ok", allow: result.entry.scope?.allow ?? [] };
+          return {
+            kind: "ok",
+            allow: result.entry.scope?.allow ?? [],
+            deny: result.entry.scope?.deny ?? []
+          };
         }
         if (result.kind === "not_found")
           return { kind: "not_found" };
@@ -49780,9 +49790,9 @@ __export(exports_server, {
   dispatchTool: () => dispatchTool,
   TOOLS: () => TOOLS
 });
-import { spawnSync as spawnSync14 } from "node:child_process";
+import { spawnSync as spawnSync15 } from "node:child_process";
 function execCli(args, stdin) {
-  const r = spawnSync14(CLI_BIN, args, {
+  const r = spawnSync15(CLI_BIN, args, {
     encoding: "utf-8",
     env: process.env,
     timeout: 15000,
@@ -50692,8 +50702,8 @@ var {
 } = import__.default;
 
 // src/build-info.ts
-var VERSION = "0.15.38";
-var COMMIT_SHA = "d28a331f";
+var VERSION = "0.15.40";
+var COMMIT_SHA = "fd53cf02";
 
 // src/cli/agent.ts
 init_source();
@@ -52591,7 +52601,7 @@ function buildHumanizerEnvVars(agentDir, agent) {
 function buildToolSearchEnvVars() {
   if (process.env.SWITCHROOM_DISABLE_TOOL_SEARCH === "1")
     return {};
-  return { ENABLE_TOOL_SEARCH: process.env.SWITCHROOM_TOOL_SEARCH_MODE ?? "auto" };
+  return { ENABLE_TOOL_SEARCH: process.env.SWITCHROOM_TOOL_SEARCH_MODE ?? "true" };
 }
 var SWITCHROOM_OWNED_SETTINGS_KEYS = new Set([
   "permissions",
@@ -59722,6 +59732,134 @@ function pruneEmptyMap(doc, path) {
 // src/cli/auth-microsoft.ts
 init_helpers();
 
+// src/config/agent-workspace-account.ts
+var import_yaml9 = __toESM(require_dist(), 1);
+function blockKey(provider) {
+  return `${provider}_workspace`;
+}
+function setAgentWorkspaceAccount(yamlText, provider, agent, account) {
+  const doc = import_yaml9.parseDocument(yamlText);
+  const agentsNode = doc.get("agents");
+  if (!import_yaml9.isMap(agentsNode)) {
+    throw new Error("switchroom.yaml has no `agents:` map");
+  }
+  if (!agentsNode.has(agent)) {
+    throw new Error(`agent '${agent}' is not declared in switchroom.yaml`);
+  }
+  const path = ["agents", agent, blockKey(provider), "account"];
+  const current = doc.getIn(path);
+  if (current === account)
+    return yamlText;
+  doc.setIn(path, account);
+  return String(doc);
+}
+function clearAgentWorkspaceAccount(yamlText, provider, agent) {
+  const doc = import_yaml9.parseDocument(yamlText);
+  const agentsNode = doc.get("agents");
+  if (!import_yaml9.isMap(agentsNode))
+    return yamlText;
+  if (!agentsNode.has(agent))
+    return yamlText;
+  const blockPath = ["agents", agent, blockKey(provider)];
+  const block = doc.getIn(blockPath);
+  if (!import_yaml9.isMap(block))
+    return yamlText;
+  const accountPath = [...blockPath, "account"];
+  if (doc.getIn(accountPath) === undefined)
+    return yamlText;
+  doc.deleteIn(accountPath);
+  const after = doc.getIn(blockPath);
+  if (import_yaml9.isMap(after) && after.items.length === 0) {
+    doc.deleteIn(blockPath);
+  }
+  return String(doc);
+}
+function getAgentWorkspaceAccount(yamlText, provider, agent) {
+  const doc = import_yaml9.parseDocument(yamlText);
+  const v = doc.getIn(["agents", agent, blockKey(provider), "account"]);
+  return typeof v === "string" ? v : null;
+}
+
+// src/cli/microsoft-enable-plan.ts
+function planMicrosoftEnable(yamlText, account, agents) {
+  const enabledBefore = getEnabledAgentsForMicrosoftAccount(yamlText, account) ?? [];
+  let text = enableAgentsOnMicrosoftAccount(yamlText, account, agents);
+  const selectorSet = [];
+  const selectorConflict = [];
+  for (const agent of agents) {
+    const current = getAgentWorkspaceAccount(text, "microsoft", agent);
+    if (current == null) {
+      text = setAgentWorkspaceAccount(text, "microsoft", agent, account);
+      selectorSet.push(agent);
+    } else if (current.toLowerCase() !== account.toLowerCase()) {
+      selectorConflict.push({ agent, current });
+    }
+  }
+  const enabledAfter = getEnabledAgentsForMicrosoftAccount(text, account) ?? [];
+  const newlyEnabled = enabledAfter.filter((a) => !enabledBefore.includes(a));
+  return { text, newlyEnabled, enabledAfter, selectorSet, selectorConflict };
+}
+function planMicrosoftDisable(yamlText, account, agents) {
+  const enabledBefore = getEnabledAgentsForMicrosoftAccount(yamlText, account) ?? [];
+  let text = disableAgentsOnMicrosoftAccount(yamlText, account, agents);
+  const enabledAfter = getEnabledAgentsForMicrosoftAccount(text, account) ?? [];
+  const removed = enabledBefore.filter((a) => !enabledAfter.includes(a));
+  const selectorCleared = [];
+  for (const agent of removed) {
+    if (getAgentWorkspaceAccount(text, "microsoft", agent)?.toLowerCase() === account.toLowerCase()) {
+      text = clearAgentWorkspaceAccount(text, "microsoft", agent);
+      selectorCleared.push(agent);
+    }
+  }
+  return { text, removed, enabledAfter, selectorCleared };
+}
+
+// src/auth/broker/reload-signal.ts
+import { spawnSync as spawnSync2 } from "node:child_process";
+var AUTH_BROKER_CONTAINER = "switchroom-auth-broker";
+var defaultRunner = (args) => {
+  const r = spawnSync2("docker", args, { encoding: "utf8" });
+  return {
+    status: r.status,
+    stderr: typeof r.stderr === "string" ? r.stderr : "",
+    error: r.error
+  };
+};
+function reloadAuthBroker(opts = {}) {
+  const runner = opts.runner ?? defaultRunner;
+  const container = opts.container ?? AUTH_BROKER_CONTAINER;
+  const { status, stderr, error } = runner([
+    "kill",
+    "--signal=HUP",
+    container
+  ]);
+  if (error) {
+    if (error.code === "ENOENT") {
+      return { ok: false, reason: "no-docker" };
+    }
+    return { ok: false, reason: "error", detail: error.message };
+  }
+  if (status === 0)
+    return { ok: true };
+  const lower = stderr.toLowerCase();
+  if (lower.includes("no such container") || lower.includes("is not running") || lower.includes("cannot kill")) {
+    return { ok: false, reason: "not-running" };
+  }
+  return { ok: false, reason: "error", detail: stderr.trim() || `exit ${status}` };
+}
+function authBrokerReloadHint(result) {
+  if (result.ok)
+    return null;
+  switch (result.reason) {
+    case "not-running":
+      return "auth-broker is not running \u2014 it will pick up this change on next start.";
+    case "no-docker":
+      return "Could not reach Docker to hot-reload the auth-broker; restart it so the change takes effect: docker restart switchroom-auth-broker";
+    case "error":
+      return `Could not hot-reload the auth-broker (${result.detail ?? "unknown error"}); restart it so the change takes effect: docker restart switchroom-auth-broker`;
+  }
+}
+
 // src/auth/default-oauth-clients.ts
 var DEFAULT_MICROSOFT_CLIENT_ID = "9dff88fa-3126-457b-9d1d-37e58c219019";
 function resolveMicrosoftClientId(configClientId) {
@@ -59810,19 +59948,16 @@ function registerAuthMicrosoftSubcommands(program3, authParent) {
   registerAccountList2(account);
 }
 function registerEnable2(microsoftParent, program3) {
-  microsoftParent.command("enable <account> <agents...>").description("Enable a Microsoft account on one or more agents. Use `all` to enable on every declared agent. Appends to microsoft_accounts.<account>.enabled_for[] \u2014 does NOT mint the broker credentials (use `auth microsoft account add` for that).").action(withConfigError(async (account, agents) => {
+  microsoftParent.command("enable <account> <agents...>").description("Enable a Microsoft account on one or more agents. Use `all` to enable on every declared agent. Appends to microsoft_accounts.<account>.enabled_for[] AND pins agents.<agent>.microsoft_workspace.account (both are required, else the broker returns ACCOUNT_NOT_FOUND), then hot-reloads the running auth-broker so it's live immediately. Does NOT mint the broker credentials \u2014 use `auth microsoft account add` for that.").action(withConfigError(async (account, agents) => {
     const normalizedAccount = validateAndNormalizeAccountEmail2(account);
     const config = getConfig(program3);
     agents = expandAllAgents2(agents, config);
     validateAgentSlugs(agents, config);
     const yamlPath = getConfigPath(program3);
     const before = readFileSync26(yamlPath, "utf-8");
-    const enabledBefore = getEnabledAgentsBefore2(before, normalizedAccount);
-    const after = enableAgentsOnMicrosoftAccount(before, normalizedAccount, agents);
-    if (after !== before)
-      writeFileSync16(yamlPath, after);
-    const enabledAfter = getEnabledAgentsForMicrosoftAccount(after, normalizedAccount) ?? [];
-    const newlyEnabled = enabledAfter.filter((a) => !enabledBefore.includes(a));
+    const { text, newlyEnabled, enabledAfter, selectorSet, selectorConflict } = planMicrosoftEnable(before, normalizedAccount, agents);
+    if (text !== before)
+      writeFileSync16(yamlPath, text);
     console.log();
     if (newlyEnabled.length === 0) {
       console.log(`No change \u2014 all of ${agents.join(", ")} already enabled on ${source_default.bold(normalizedAccount)}.`);
@@ -59833,9 +59968,26 @@ function registerEnable2(microsoftParent, program3) {
       const alreadyEnabled = enabledAfter.filter((a) => !newlyEnabled.includes(a));
       console.log(`  ${source_default.gray("already enabled on:")} ${alreadyEnabled.join(", ")}`);
     }
+    if (selectorSet.length > 0) {
+      console.log(`  ${source_default.green("\u2713")} ${source_default.gray("pinned")} ${source_default.bold("microsoft_workspace.account")} ${source_default.gray("on:")} ${selectorSet.join(", ")}`);
+    }
+    for (const { agent, current } of selectorConflict) {
+      console.log(source_default.yellow(`  \u26a0 ${source_default.bold(agent)} already pins a different account (${source_default.bold(current)}) \u2014 left as-is. Repin with \`switchroom auth microsoft disable ${current} ${agent}\` first if that's unintended.`));
+    }
+    if (text !== before) {
+      const reload = reloadAuthBroker();
+      if (reload.ok) {
+        console.log(`  ${source_default.green("\u2713")} ${source_default.gray("auth-broker hot-reloaded \u2014 credentials are live.")}`);
+      } else {
+        const hint = authBrokerReloadHint(reload);
+        if (hint)
+          console.log(source_default.yellow(`  \u26a0 ${hint}`));
+      }
+    }
     console.log();
-    if (newlyEnabled.length > 0) {
-      console.log(`Next: ${source_default.bold(`switchroom agent restart ${newlyEnabled.join(" ")}`)} so the wrapper picks up the new ACL.`);
+    if (newlyEnabled.length > 0 || selectorSet.length > 0) {
+      const restartTargets = [...new Set([...newlyEnabled, ...selectorSet])];
+      console.log(`Next: ${source_default.bold(`switchroom agent restart ${restartTargets.join(" ")}`)} to regenerate the agent's MCP config and surface the Microsoft/OneDrive tools.`);
       console.log();
     }
   }));
@@ -59854,11 +60006,9 @@ function registerDisable2(microsoftParent, program3) {
       console.log();
       return;
     }
-    const after = disableAgentsOnMicrosoftAccount(before, normalizedAccount, agents);
-    if (after !== before)
-      writeFileSync16(yamlPath, after);
-    const enabledAfter = getEnabledAgentsForMicrosoftAccount(after, normalizedAccount) ?? [];
-    const removed = enabledBefore.filter((a) => !enabledAfter.includes(a));
+    const { text, removed, enabledAfter, selectorCleared } = planMicrosoftDisable(before, normalizedAccount, agents);
+    if (text !== before)
+      writeFileSync16(yamlPath, text);
     console.log();
     if (removed.length === 0) {
       console.log(`No change \u2014 none of ${agents.join(", ")} were enabled on ${source_default.bold(normalizedAccount)}.`);
@@ -59870,9 +60020,22 @@ function registerDisable2(microsoftParent, program3) {
     } else {
       console.log(`  ${source_default.gray("still enabled on:")} ${enabledAfter.join(", ")}`);
     }
+    if (selectorCleared.length > 0) {
+      console.log(`  ${source_default.gray("cleared")} ${source_default.bold("microsoft_workspace.account")} ${source_default.gray("on:")} ${selectorCleared.join(", ")}`);
+    }
+    if (text !== before) {
+      const reload = reloadAuthBroker();
+      if (reload.ok) {
+        console.log(`  ${source_default.green("\u2713")} ${source_default.gray("auth-broker hot-reloaded \u2014 access revoked live.")}`);
+      } else {
+        const hint = authBrokerReloadHint(reload);
+        if (hint)
+          console.log(source_default.yellow(`  \u26a0 ${hint}`));
+      }
+    }
     console.log();
     if (removed.length > 0) {
-      console.log(`Next: ${source_default.bold(`switchroom agent restart ${removed.join(" ")}`)} so the wrapper drops its access.`);
+      console.log(`Next: ${source_default.bold(`switchroom agent restart ${removed.join(" ")}`)} so the agent drops the Microsoft MCP from its config.`);
       console.log();
     }
   }));
@@ -65682,8 +65845,8 @@ init_vault();
 // src/cli/vault-auto-unlock.ts
 init_loader();
 init_client();
-var import_yaml10 = __toESM(require_dist(), 1);
-import { spawnSync as spawnSync3 } from "node:child_process";
+var import_yaml11 = __toESM(require_dist(), 1);
+import { spawnSync as spawnSync4 } from "node:child_process";
 import { readFileSync as readFileSync33, writeFileSync as writeFileSync20 } from "node:fs";
 import { homedir as homedir18 } from "node:os";
 import { join as join34 } from "node:path";
@@ -65715,7 +65878,7 @@ function encryptCredential(passphrase, credPath) {
 }
 function setVaultBrokerAutoUnlock(configPath, value) {
   const raw = readFileSync33(configPath, "utf-8");
-  const doc = import_yaml10.default.parseDocument(raw);
+  const doc = import_yaml11.default.parseDocument(raw);
   doc.setIn(["vault", "broker", "autoUnlock"], value);
   writeFileSync20(configPath, doc.toString(), "utf-8");
 }
@@ -65723,7 +65886,7 @@ var DEFAULT_COMPOSE_FILE = join34(homedir18(), ".switchroom", "compose", "docker
 async function applyAutoUnlock(opts = {}) {
   const log = opts.log ?? ((s) => console.log(s));
   const err = opts.err ?? ((s) => console.error(s));
-  const runDockerCompose = opts.runDockerCompose ?? ((args) => spawnSync3("docker", args, { stdio: "inherit" }));
+  const runDockerCompose = opts.runDockerCompose ?? ((args) => spawnSync4("docker", args, { stdio: "inherit" }));
   const verifyTimeoutMs = opts.verifyTimeoutMs ?? 1e4;
   const configPath = opts.configPath ?? findConfigFile();
   const composeFile = opts.composeFile ?? DEFAULT_COMPOSE_FILE;
@@ -67637,9 +67800,9 @@ init_paths();
 import { createInterface as createInterface4 } from "node:readline";
 
 // src/cli/telegram-yaml.ts
-var import_yaml11 = __toESM(require_dist(), 1);
+var import_yaml12 = __toESM(require_dist(), 1);
 function setLinearAgent(yamlText, agentName, opts) {
-  const doc = import_yaml11.parseDocument(yamlText);
+  const doc = import_yaml12.parseDocument(yamlText);
   ensureAgent(doc, agentName);
   const block = { enabled: true, token: opts.token };
   if (opts.workspaceId)
@@ -67649,7 +67812,7 @@ function setLinearAgent(yamlText, agentName, opts) {
   return String(doc);
 }
 function setLinearDefaultTeam(yamlText, agentName, teamId) {
-  const doc = import_yaml11.parseDocument(yamlText);
+  const doc = import_yaml12.parseDocument(yamlText);
   ensureAgent(doc, agentName);
   if (!doc.hasIn(["agents", agentName, "channels", "telegram", "linear_agent"])) {
     throw new Error(`agent '${agentName}' has no linear_agent block. Run 'switchroom linear-agent setup --agent ${agentName} --token <token>' first.`);
@@ -67664,13 +67827,13 @@ function setLinearDefaultTeam(yamlText, agentName, teamId) {
   return String(doc);
 }
 function setTelegramFeature(yamlText, agentName, feature, value) {
-  const doc = import_yaml11.parseDocument(yamlText);
+  const doc = import_yaml12.parseDocument(yamlText);
   ensureAgent(doc, agentName);
   doc.setIn(["agents", agentName, "channels", "telegram", feature], value);
   return String(doc);
 }
 function removeTelegramFeature(yamlText, agentName, feature) {
-  const doc = import_yaml11.parseDocument(yamlText);
+  const doc = import_yaml12.parseDocument(yamlText);
   if (!hasAgent(doc, agentName))
     return yamlText;
   if (!doc.hasIn(["agents", agentName, "channels", "telegram", feature])) {
@@ -67688,21 +67851,21 @@ function ensureAgent(doc, agentName) {
 }
 function hasAgent(doc, agentName) {
   const agents = doc.get("agents");
-  if (!import_yaml11.isMap(agents))
+  if (!import_yaml12.isMap(agents))
     return false;
   return agents.has(agentName);
 }
 function pruneEmptyMap2(doc, path4) {
   const node = doc.getIn(path4);
-  if (import_yaml11.isMap(node) && node.items.length === 0) {
+  if (import_yaml12.isMap(node) && node.items.length === 0) {
     doc.deleteIn(path4);
   }
 }
 function addWebhookSource(yamlText, agentName, source) {
-  const doc = import_yaml11.parseDocument(yamlText);
+  const doc = import_yaml12.parseDocument(yamlText);
   ensureAgent(doc, agentName);
   const existing = doc.getIn(["agents", agentName, "channels", "telegram", "webhook_sources"]);
-  if (import_yaml11.isSeq(existing)) {
+  if (import_yaml12.isSeq(existing)) {
     const seq = existing;
     for (const item of seq.items) {
       const v = item.value ?? item;
@@ -67716,10 +67879,10 @@ function addWebhookSource(yamlText, agentName, source) {
   return String(doc);
 }
 function addAgentSecret(yamlText, agentName, key) {
-  const doc = import_yaml11.parseDocument(yamlText);
+  const doc = import_yaml12.parseDocument(yamlText);
   ensureAgent(doc, agentName);
   const existing = doc.getIn(["agents", agentName, "secrets"]);
-  if (import_yaml11.isSeq(existing)) {
+  if (import_yaml12.isSeq(existing)) {
     const seq = existing;
     for (const item of seq.items) {
       const v = item.value ?? item;
@@ -67733,11 +67896,11 @@ function addAgentSecret(yamlText, agentName, key) {
   return String(doc);
 }
 function removeWebhookSource(yamlText, agentName, source) {
-  const doc = import_yaml11.parseDocument(yamlText);
+  const doc = import_yaml12.parseDocument(yamlText);
   if (!hasAgent(doc, agentName))
     return yamlText;
   const existing = doc.getIn(["agents", agentName, "channels", "telegram", "webhook_sources"]);
-  if (!import_yaml11.isSeq(existing))
+  if (!import_yaml12.isSeq(existing))
     return yamlText;
   const seq = existing;
   const beforeLen = seq.items.length;
@@ -68599,6 +68762,8 @@ var HINDSIGHT_DEFAULT_MEM_LIMIT = "4g";
 var HINDSIGHT_DEFAULT_MEM_RESERVATION = "2g";
 var HINDSIGHT_DEFAULT_PIDS_LIMIT = 1000;
 var HINDSIGHT_DEFAULT_SHM_SIZE = "2g";
+var HINDSIGHT_HEALTHCHECK_PY = 'import urllib.request,sys; sys.exit(0 if urllib.request.urlopen("http://localhost:8888/health",timeout=4).getcode()==200 else 1)';
+var HINDSIGHT_HEALTHCHECK_CMD = `python3 -c '${HINDSIGHT_HEALTHCHECK_PY}'`;
 function isPortFree(port) {
   return new Promise((resolve28) => {
     const server = createServer4();
@@ -68690,6 +68855,16 @@ function startHindsight(ports) {
     `--memory-reservation=${HINDSIGHT_DEFAULT_MEM_RESERVATION}`,
     `--pids-limit=${HINDSIGHT_DEFAULT_PIDS_LIMIT}`,
     `--shm-size=${HINDSIGHT_DEFAULT_SHM_SIZE}`,
+    "--health-cmd",
+    HINDSIGHT_HEALTHCHECK_CMD,
+    "--health-interval",
+    "30s",
+    "--health-timeout",
+    "5s",
+    "--health-retries",
+    "3",
+    "--health-start-period",
+    "60s",
     "-p",
     `127.0.0.1:${apiPort}:8888`,
     "-p",
@@ -68697,6 +68872,8 @@ function startHindsight(ports) {
     "-v",
     "switchroom-hindsight-data:/home/hindsight/.pg0",
     "-v",
+    "switchroom-hindsight-backups:/backups",
+    "-v",
     `${HINDSIGHT_BROKER_SOCK_VOLUME}:/run/switchroom/auth-broker`,
     "--tmpfs",
     `/run/claude-creds:rw,mode=0700,uid=${HINDSIGHT_DEFAULT_UID},gid=${HINDSIGHT_DEFAULT_UID}`,
@@ -68744,8 +68921,15 @@ function generateHindsightComposeSnippet() {
     `    mem_reservation: ${HINDSIGHT_DEFAULT_MEM_RESERVATION}`,
     `    pids_limit: ${HINDSIGHT_DEFAULT_PIDS_LIMIT}`,
     `    shm_size: ${HINDSIGHT_DEFAULT_SHM_SIZE}`,
+    "    healthcheck:",
+    `      test: ${JSON.stringify(["CMD", "python3", "-c", HINDSIGHT_HEALTHCHECK_PY])}`,
+    "      interval: 30s",
+    "      timeout: 5s",
+    "      retries: 3",
+    "      start_period: 60s",
     "    volumes:",
     "      - switchroom-hindsight-data:/home/hindsight/.pg0",
+    "      - switchroom-hindsight-backups:/backups",
     `      - ${HINDSIGHT_BROKER_SOCK_VOLUME}:/run/switchroom/auth-broker`,
     "    tmpfs:",
     `      - /run/claude-creds:rw,mode=0700,uid=${HINDSIGHT_DEFAULT_UID},gid=${HINDSIGHT_DEFAULT_UID}`,
@@ -68753,6 +68937,7 @@ function generateHindsightComposeSnippet() {
     "",
     "volumes:",
     "  switchroom-hindsight-data:",
+    "  switchroom-hindsight-backups:",
     `  ${HINDSIGHT_BROKER_SOCK_VOLUME}:`,
     "    external: true",
     "    # Bound by the switchroom-auth-broker singleton in the main",
@@ -68763,17 +68948,17 @@ function generateHindsightComposeSnippet() {
 }
 async function ensureHindsightConsumer(configPath, account, uid = HINDSIGHT_DEFAULT_UID) {
   const fs4 = await import("node:fs");
-  const { parseDocument: parseDocument6, isMap: isMap6, isSeq: isSeq4, YAMLMap, YAMLSeq } = await Promise.resolve().then(() => __toESM(require_dist(), 1));
+  const { parseDocument: parseDocument7, isMap: isMap7, isSeq: isSeq4, YAMLMap, YAMLSeq } = await Promise.resolve().then(() => __toESM(require_dist(), 1));
   const { atomicWriteFileSync: atomicWriteFileSync3 } = await Promise.resolve().then(() => (init_atomic(), exports_atomic));
   const raw = fs4.readFileSync(configPath, "utf-8");
-  const doc = parseDocument6(raw);
+  const doc = parseDocument7(raw);
   const root = doc.contents;
-  if (!isMap6(root)) {
+  if (!isMap7(root)) {
     return { added: false, reason: "switchroom.yaml root is not a map" };
   }
   const authRaw = root.get("auth", true);
   let authNode;
-  if (isMap6(authRaw)) {
+  if (isMap7(authRaw)) {
     authNode = authRaw;
   } else {
     authNode = new YAMLMap;
@@ -68788,7 +68973,7 @@ async function ensureHindsightConsumer(configPath, account, uid = HINDSIGHT_DEFA
     doc.setIn(["auth", "consumers"], consumersNode);
   }
   for (const item of consumersNode.items) {
-    if (isMap6(item)) {
+    if (isMap7(item)) {
       const name = item.get("name");
       if (name === HINDSIGHT_CONSUMER_NAME) {
         return { added: false, reason: "already present" };
@@ -68814,7 +68999,7 @@ async function ensureHindsightConsumer(configPath, account, uid = HINDSIGHT_DEFA
 
 // src/cli/memory.ts
 init_loader();
-var import_yaml12 = __toESM(require_dist(), 1);
+var import_yaml13 = __toESM(require_dist(), 1);
 import { existsSync as existsSync44, readFileSync as readFileSync40, writeFileSync as writeFileSync23 } from "node:fs";
 import { join as join39 } from "node:path";
 function readRecallLog(agentDir, limit) {
@@ -69019,7 +69204,7 @@ Cross-agent reflection plan
     try {
       if (existsSync44(configPath)) {
         const raw = readFileSync40(configPath, "utf-8");
-        const doc = import_yaml12.default.parseDocument(raw);
+        const doc = import_yaml13.default.parseDocument(raw);
         if (!doc.has("memory")) {
           doc.set("memory", { backend: "hindsight", shared_collection: "shared", config: { provider, url } });
         } else {
@@ -69143,7 +69328,7 @@ import { timingSafeEqual as timingSafeEqual3, randomBytes as randomBytes11 } fro
 init_lifecycle();
 init_manager();
 init_hindsight();
-import { spawnSync as spawnSync5 } from "node:child_process";
+import { spawnSync as spawnSync6 } from "node:child_process";
 import { existsSync as existsSync47, readFileSync as readFileSync43, statSync as statSync22 } from "node:fs";
 import { resolve as resolve28, join as join44 } from "node:path";
 
@@ -73829,54 +74014,6 @@ function installGlobalErrorHandlers() {
 init_loader();
 init_merge();
 
-// src/config/agent-workspace-account.ts
-var import_yaml13 = __toESM(require_dist(), 1);
-function blockKey(provider) {
-  return `${provider}_workspace`;
-}
-function setAgentWorkspaceAccount(yamlText, provider, agent, account) {
-  const doc = import_yaml13.parseDocument(yamlText);
-  const agentsNode = doc.get("agents");
-  if (!import_yaml13.isMap(agentsNode)) {
-    throw new Error("switchroom.yaml has no `agents:` map");
-  }
-  if (!agentsNode.has(agent)) {
-    throw new Error(`agent '${agent}' is not declared in switchroom.yaml`);
-  }
-  const path4 = ["agents", agent, blockKey(provider), "account"];
-  const current = doc.getIn(path4);
-  if (current === account)
-    return yamlText;
-  doc.setIn(path4, account);
-  return String(doc);
-}
-function clearAgentWorkspaceAccount(yamlText, provider, agent) {
-  const doc = import_yaml13.parseDocument(yamlText);
-  const agentsNode = doc.get("agents");
-  if (!import_yaml13.isMap(agentsNode))
-    return yamlText;
-  if (!agentsNode.has(agent))
-    return yamlText;
-  const blockPath = ["agents", agent, blockKey(provider)];
-  const block = doc.getIn(blockPath);
-  if (!import_yaml13.isMap(block))
-    return yamlText;
-  const accountPath = [...blockPath, "account"];
-  if (doc.getIn(accountPath) === undefined)
-    return yamlText;
-  doc.deleteIn(accountPath);
-  const after = doc.getIn(blockPath);
-  if (import_yaml13.isMap(after) && after.items.length === 0) {
-    doc.deleteIn(blockPath);
-  }
-  return String(doc);
-}
-function getAgentWorkspaceAccount(yamlText, provider, agent) {
-  const doc = import_yaml13.parseDocument(yamlText);
-  const v = doc.getIn(["agents", agent, blockKey(provider), "account"]);
-  return typeof v === "string" ? v : null;
-}
-
 // src/web/config-edit-plan.ts
 init_schema();
 var import_yaml14 = __toESM(require_dist(), 1);
@@ -73923,7 +74060,7 @@ import {
   rmSync as rmrf,
   writeFileSync as writeFileSync25
 } from "node:fs";
-import { spawnSync as spawnSync4 } from "node:child_process";
+import { spawnSync as spawnSync5 } from "node:child_process";
 import { tmpdir as tmpdir4 } from "node:os";
 import { join as join41 } from "node:path";
 
@@ -73938,7 +74075,7 @@ function generateUnifiedDiff(before, after, name = "switchroom.yaml", gitBin = "
     mkdirSync26(join41(dir, "new"), { recursive: true });
     writeFileSync25(join41(dir, "cur", name), before);
     writeFileSync25(join41(dir, "new", name), after);
-    const r = spawnSync4(gitBin, ["diff", "--no-index", "--no-color", "--", `cur/${name}`, `new/${name}`], { cwd: dir, encoding: "utf-8", timeout: 1e4 });
+    const r = spawnSync5(gitBin, ["diff", "--no-index", "--no-color", "--", `cur/${name}`, `new/${name}`], { cwd: dir, encoding: "utf-8", timeout: 1e4 });
     if (r.status === 0)
       return "";
     if (r.status !== 1) {
@@ -74725,7 +74862,7 @@ function inspectEnv(container, keys) {
   const out = {};
   for (const k of keys)
     out[k] = null;
-  const res = spawnSync5("docker", ["inspect", "--format", "{{json .Config.Env}}", container], { encoding: "utf-8", timeout: 4000 });
+  const res = spawnSync6("docker", ["inspect", "--format", "{{json .Config.Env}}", container], { encoding: "utf-8", timeout: 4000 });
   if (res.error || res.status !== 0 || !res.stdout)
     return out;
   try {
@@ -77637,7 +77774,7 @@ init_source();
 init_loader();
 init_lifecycle();
 import { cpSync as cpSync2, existsSync as existsSync58, mkdirSync as mkdirSync32, readFileSync as readFileSync52, realpathSync as realpathSync6, rmSync as rmSync12, statSync as statSync26, chownSync as chownSync5 } from "node:fs";
-import { spawnSync as spawnSync9 } from "node:child_process";
+import { spawnSync as spawnSync10 } from "node:child_process";
 import { join as join61, dirname as dirname15, resolve as resolve35 } from "node:path";
 import { homedir as homedir37 } from "node:os";
 
@@ -77707,7 +77844,7 @@ function rebuildRefusalMessage(scriptPath) {
 }
 function planUpdate(opts) {
   const composePath = opts.composePath ?? DEFAULT_COMPOSE_PATH;
-  const runner = opts.runner ?? defaultRunner;
+  const runner = opts.runner ?? defaultRunner2;
   const scriptPath = opts.scriptPath ?? process.argv[1] ?? "";
   const steps = [];
   if (opts.pin) {
@@ -77912,8 +78049,8 @@ function planUpdate(opts) {
   });
   return steps;
 }
-function defaultRunner(cmd, args) {
-  const r = spawnSync9(cmd, args, { stdio: "inherit" });
+function defaultRunner2(cmd, args) {
+  const r = spawnSync10(cmd, args, { stdio: "inherit" });
   return { status: r.status ?? 1 };
 }
 function writeMarkerInPreferredLocation(agent, reason, runner) {
@@ -77988,7 +78125,7 @@ function defaultStatusProbe(composePath) {
   }
   let serviceList = [];
   try {
-    const r = spawnSync9("docker", ["compose", "-p", "switchroom", "-f", composePath, "config", "--services"], { encoding: "utf-8", timeout: 1e4 });
+    const r = spawnSync10("docker", ["compose", "-p", "switchroom", "-f", composePath, "config", "--services"], { encoding: "utf-8", timeout: 1e4 });
     if (r.status !== 0) {
       warnings.push(`docker compose config --services failed: ${r.stderr?.trim() ?? r.error?.message ?? "unknown"}`);
       return { cliVersion, cliBuiltAt, services, warnings };
@@ -78005,7 +78142,7 @@ function defaultStatusProbe(composePath) {
     let containerCreatedAt = null;
     let status = "<unknown>";
     try {
-      const r = spawnSync9("docker", ["inspect", "-f", "{{.Config.Image}}|{{.Created}}|{{.State.Status}}", containerName2], { encoding: "utf-8", timeout: 5000 });
+      const r = spawnSync10("docker", ["inspect", "-f", "{{.Config.Image}}|{{.Created}}|{{.State.Status}}", containerName2], { encoding: "utf-8", timeout: 5000 });
       if (r.status === 0) {
         const [img, created, st] = r.stdout.trim().split("|");
         image = img ?? null;
@@ -78021,7 +78158,7 @@ function defaultStatusProbe(composePath) {
     let imagePulledAt = null;
     if (image) {
       try {
-        const r = spawnSync9("docker", ["image", "inspect", "-f", "{{.Id}}|{{.Created}}|{{.Metadata.LastTagTime}}", image], { encoding: "utf-8", timeout: 5000 });
+        const r = spawnSync10("docker", ["image", "inspect", "-f", "{{.Id}}|{{.Created}}|{{.Metadata.LastTagTime}}", image], { encoding: "utf-8", timeout: 5000 });
         if (r.status === 0) {
           const [id, created, lastTag] = r.stdout.trim().split("|");
           imageDigestShort = id?.replace(/^sha256:/, "").slice(0, 12) ?? null;
@@ -78167,7 +78304,7 @@ function registerUpdateCommand(program3) {
 
 // src/cli/rollout.ts
 init_helpers();
-import { spawnSync as spawnSync10 } from "node:child_process";
+import { spawnSync as spawnSync11 } from "node:child_process";
 import { readFileSync as readFileSync53, chownSync as chownSync6, statSync as statSync27 } from "node:fs";
 init_atomic();
 function normalizeVersion(v) {
@@ -78339,11 +78476,11 @@ function registerRolloutCommand(program3) {
     const scriptPath = process.argv[1] ?? "switchroom";
     const deps = {
       run: (args) => {
-        const r = spawnSync10(process.execPath, [scriptPath, ...args], { stdio: "inherit" });
+        const r = spawnSync11(process.execPath, [scriptPath, ...args], { stdio: "inherit" });
         return { status: r.status ?? 1 };
       },
       probeVersion: (agent) => {
-        const r = spawnSync10("docker", ["exec", `switchroom-${agent}`, "sh", "-lc", "switchroom --version"], { encoding: "utf8" });
+        const r = spawnSync11("docker", ["exec", `switchroom-${agent}`, "sh", "-lc", "switchroom --version"], { encoding: "utf8" });
         if (r.status !== 0)
           return null;
         return (r.stdout ?? "").trim().split(`
@@ -79842,7 +79979,7 @@ init_helpers();
 init_loader();
 import { existsSync as existsSync64 } from "node:fs";
 import { resolve as resolve40, sep as sep3 } from "node:path";
-import { spawnSync as spawnSync11 } from "node:child_process";
+import { spawnSync as spawnSync12 } from "node:child_process";
 
 // src/agents/workspace.ts
 import { readFile as readFile2, stat } from "node:fs/promises";
@@ -80555,7 +80692,7 @@ function registerWorkspaceCommand(program3) {
       process.exit(1);
     }
     const editor = process.env["EDITOR"] ?? process.env["VISUAL"] ?? "vi";
-    const child = spawnSync11(editor, [target], { stdio: "inherit" });
+    const child = spawnSync12(editor, [target], { stdio: "inherit" });
     if (child.status !== 0 && child.status !== null) {
       process.exit(child.status);
     }
@@ -80622,7 +80759,7 @@ function registerWorkspaceCommand(program3) {
 `);
       return;
     }
-    const statusResult = spawnSync11("git", ["status", "--short"], {
+    const statusResult = spawnSync12("git", ["status", "--short"], {
       cwd: dir,
       encoding: "utf-8"
     });
@@ -80637,7 +80774,7 @@ function registerWorkspaceCommand(program3) {
       return;
     }
     const message = opts.message || `checkpoint: ${new Date().toISOString()}`;
-    const addResult = spawnSync11("git", ["add", "-A"], {
+    const addResult = spawnSync12("git", ["add", "-A"], {
       cwd: dir,
       encoding: "utf-8"
     });
@@ -80646,7 +80783,7 @@ function registerWorkspaceCommand(program3) {
 `);
       process.exit(1);
     }
-    const commitResult = spawnSync11("git", ["commit", "-m", message], {
+    const commitResult = spawnSync12("git", ["commit", "-m", message], {
       cwd: dir,
       encoding: "utf-8"
     });
@@ -80655,7 +80792,7 @@ function registerWorkspaceCommand(program3) {
 `);
       process.exit(1);
     }
-    const shaResult = spawnSync11("git", ["rev-parse", "--short", "HEAD"], {
+    const shaResult = spawnSync12("git", ["rev-parse", "--short", "HEAD"], {
       cwd: dir,
       encoding: "utf-8"
     });
@@ -80676,7 +80813,7 @@ function registerWorkspaceCommand(program3) {
 `);
       return;
     }
-    const child = spawnSync11("git", ["status", "--short"], {
+    const child = spawnSync12("git", ["status", "--short"], {
       cwd: dir,
       stdio: "inherit"
     });
@@ -83273,14 +83410,14 @@ async function computeAgentConnectionIssues(config, agentName, vaultAclReader) {
         });
         continue;
       }
-      if (!acl.allow.includes(agentName)) {
+      if (entryScopeDenies(agentName, acl.allow, acl.deny)) {
         const updated = [...new Set([...acl.allow, agentName])].sort().join(",");
         issues.push({
           server: r.server,
           key,
           kind: "acl",
-          detail: `MCP '${r.server}' not on the vault ACL for '${key}' \u2014 broker will deny at runtime`,
-          fix: `switchroom vault set ${key} --allow ${updated} (re-state the full list)`
+          detail: `MCP '${r.server}' \u2014 vault entry scope for '${key}' denies this agent \u2014 broker will deny at runtime`,
+          fix: `switchroom vault set ${key} --allow ${updated} (re-state the full list; drop from --deny if present)`
         });
       }
     }
@@ -83710,7 +83847,11 @@ Applying switchroom config...
       const { getViaBrokerStructured: getViaBrokerStructured2 } = await Promise.resolve().then(() => (init_client(), exports_client));
       const result = await getViaBrokerStructured2(key);
       if (result.kind === "ok") {
-        return { kind: "ok", allow: result.entry.scope?.allow ?? [] };
+        return {
+          kind: "ok",
+          allow: result.entry.scope?.allow ?? [],
+          deny: result.entry.scope?.deny ?? []
+        };
       }
       if (result.kind === "not_found")
         return { kind: "not_found" };
@@ -85771,7 +85912,7 @@ import {
 } from "node:fs";
 import { tmpdir as tmpdir5, homedir as homedir46 } from "node:os";
 import { dirname as dirname24, join as join81, relative as relative2, resolve as resolve48 } from "node:path";
-import { spawnSync as spawnSync12 } from "node:child_process";
+import { spawnSync as spawnSync13 } from "node:child_process";
 
 // src/cli/skill-common.ts
 var import_yaml23 = __toESM(require_dist(), 1);
@@ -86024,7 +86165,7 @@ function loadFromDir(dir) {
 function loadFromTarball(tarPath) {
   const isGz = tarPath.endsWith(".gz") || tarPath.endsWith(".tgz");
   const listFlags = isGz ? ["-tzf"] : ["-tf"];
-  const list2 = spawnSync12("tar", [...listFlags, tarPath], {
+  const list2 = spawnSync13("tar", [...listFlags, tarPath], {
     encoding: "utf-8",
     stdio: ["ignore", "pipe", "pipe"]
   });
@@ -86041,7 +86182,7 @@ function loadFromTarball(tarPath) {
   const staging = mkdtempSync5(join81(tmpdir5(), "skill-apply-extract-"));
   try {
     const flags = isGz ? ["-xzf"] : ["-xf"];
-    const r = spawnSync12("tar", [
+    const r = spawnSync13("tar", [
       ...flags,
       tarPath,
       "-C",
@@ -86116,7 +86257,7 @@ function validatePayload(name, files) {
   if (errors2.length === 0) {
     for (const [path8, content] of Object.entries(files)) {
       if (SH_SCRIPT_RE2.test(path8)) {
-        const r = spawnSync12("bash", ["-n"], {
+        const r = spawnSync13("bash", ["-n"], {
           input: content,
           encoding: "utf-8"
         });
@@ -86128,7 +86269,7 @@ function validatePayload(name, files) {
         const tmpPy = join81(tmp, "check.py");
         try {
           writeFileSync40(tmpPy, content);
-          const r = spawnSync12("python3", ["-m", "py_compile", tmpPy], {
+          const r = spawnSync13("python3", ["-m", "py_compile", tmpPy], {
             encoding: "utf-8"
           });
           if (r.status !== 0) {
@@ -86291,7 +86432,7 @@ function registerSkillCommand(program3) {
 \u2713 Wrote ${name} to ${currentDir}`));
     const applyBin = process.argv[1] ?? "switchroom";
     console.log(source_default.gray(`Running \`switchroom apply --non-interactive\`...`));
-    const r = spawnSync12(process.argv0, [applyBin, "apply", "--non-interactive"], { stdio: "inherit" });
+    const r = spawnSync13(process.argv0, [applyBin, "apply", "--non-interactive"], { stdio: "inherit" });
     if (r.status !== 0) {
       console.error(source_default.yellow(`(warning: \`switchroom apply\` exited ${r.status} \u2014 skill is ` + `in the pool but symlinks may not be refreshed. Re-run manually.)`));
     }
@@ -86323,7 +86464,7 @@ import {
 } from "node:fs";
 import { dirname as dirname25, join as join82, relative as relative3, resolve as resolve49 } from "node:path";
 import { homedir as homedir47, tmpdir as tmpdir6 } from "node:os";
-import { spawnSync as spawnSync13 } from "node:child_process";
+import { spawnSync as spawnSync14 } from "node:child_process";
 init_helpers();
 init_source();
 var PERSONAL_PREFIX = "personal-";
@@ -86512,7 +86653,7 @@ function behavioralValidate(files) {
   const errors2 = [];
   for (const [path8, content] of Object.entries(files)) {
     if (SH_SCRIPT_RE.test(path8)) {
-      const r = spawnSync13("bash", ["-n"], { input: content, encoding: "utf-8" });
+      const r = spawnSync14("bash", ["-n"], { input: content, encoding: "utf-8" });
       if (r.status !== 0) {
         errors2.push(`${path8} fails \`bash -n\`: ${(r.stderr ?? "").trim()}`);
       }
@@ -86521,7 +86662,7 @@ function behavioralValidate(files) {
       const tmpPy = join82(tmp, "check.py");
       try {
         writeFileSync41(tmpPy, content);
-        const r = spawnSync13("python3", ["-m", "py_compile", tmpPy], {
+        const r = spawnSync14("python3", ["-m", "py_compile", tmpPy], {
           encoding: "utf-8"
         });
         if (r.status !== 0) {
@@ -87214,15 +87355,15 @@ init_helpers();
 import { existsSync as existsSync84, mkdirSync as mkdirSync48, readdirSync as readdirSync33, readFileSync as readFileSync72, writeFileSync as writeFileSync42, statSync as statSync35, copyFileSync as copyFileSync12 } from "node:fs";
 import { homedir as homedir49 } from "node:os";
 import { join as join84 } from "node:path";
-import { spawnSync as spawnSync16 } from "node:child_process";
+import { spawnSync as spawnSync17 } from "node:child_process";
 
 // src/cli/deploy-version-guard.ts
-import { spawnSync as spawnSync15 } from "node:child_process";
-var defaultRunner2 = (args) => {
-  const r = spawnSync15("docker", args, { encoding: "utf8" });
+import { spawnSync as spawnSync16 } from "node:child_process";
+var defaultRunner3 = (args) => {
+  const r = spawnSync16("docker", args, { encoding: "utf8" });
   return { ok: r.status === 0, stdout: r.stdout ?? "", stderr: r.stderr ?? "" };
 };
-function deployedImageTag(container, run = defaultRunner2) {
+function deployedImageTag(container, run = defaultRunner3) {
   const r = run(["inspect", "-f", "{{.Config.Image}}", container]);
   if (!r.ok)
     return null;
@@ -87391,7 +87532,7 @@ function backupExistingCompose() {
   return bak;
 }
 function runDocker(args) {
-  const r = spawnSync16("docker", args, { encoding: "utf8" });
+  const r = spawnSync17("docker", args, { encoding: "utf8" });
   return {
     ok: r.status === 0,
     stdout: r.stdout ?? "",
@@ -87593,7 +87734,7 @@ init_helpers();
 import { existsSync as existsSync85, mkdirSync as mkdirSync49, writeFileSync as writeFileSync43, copyFileSync as copyFileSync13 } from "node:fs";
 import { homedir as homedir50 } from "node:os";
 import { join as join85 } from "node:path";
-import { spawnSync as spawnSync17 } from "node:child_process";
+import { spawnSync as spawnSync18 } from "node:child_process";
 function resolveWebImageTag(explicitTag, release) {
   if (explicitTag)
     return explicitTag;
@@ -87692,7 +87833,7 @@ function backupExistingCompose2() {
   return bak;
 }
 function runDocker2(args) {
-  const r = spawnSync17("docker", args, { encoding: "utf8" });
+  const r = spawnSync18("docker", args, { encoding: "utf8" });
   return {
     ok: r.status === 0,
     stdout: r.stdout ?? "",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "switchroom",
-  "version": "0.15.38",
+  "version": "0.15.40",
   "description": "Run Claude Code 24/7 on your Claude Pro/Max subscription over Telegram. Open-source alternative to OpenClaw and NanoClaw — no API keys.",
   "type": "module",
   "bin": {

package/profiles/default/CLAUDE.md.hbs

@@ -28,6 +28,8 @@ You are operating in the **{{topicName}}** {{#if topicEmoji}}{{topicEmoji}} {{/i
 - Prefer `trash` over `rm` when available (recoverable beats gone forever).
 - Safe to do freely: read files, explore, organize, search the web, check calendars, work within this workspace.
 - Ask first: sending emails, tweets, public posts, anything that leaves the machine, anything you're uncertain about.
+- **Batch foreseeable approvals; don't drip surprises.** When you can already see that several actions will each need the user's approval, tell them up front which approvals are coming and why. Request independent ones together so they can decide once; for dependent ones (one's input comes from another), say what you're doing first and what approval comes next — a permission card should never arrive out of the blue.
+- **A timed-out approval isn't a denial.** If a request came back denied only because the user was away (a timeout, not an explicit "no"), don't silently abandon it. When they're back, remind them it's still pending and re-offer it if they still want it.
 
 ## Execution Bias
 

package/telegram-plugin/dist/gateway/gateway.js

@@ -54519,11 +54519,11 @@ function readTurnActiveMarkerAgeMs(stateDir, now) {
 }
 
 // ../src/build-info.ts
-var VERSION = "0.15.38";
-var COMMIT_SHA = "d28a331f";
-var COMMIT_DATE = "2026-06-18T11:43:40+10:00";
+var VERSION = "0.15.40";
+var COMMIT_SHA = "fd53cf02";
+var COMMIT_DATE = "2026-06-18T13:00:59+10:00";
 var LATEST_PR = null;
-var COMMITS_AHEAD_OF_TAG = 13;
+var COMMITS_AHEAD_OF_TAG = 4;
 
 // gateway/boot-version.ts
 function formatRelativeAgo(iso) {