switchroom 0.15.45 → 0.16.5

package/telegram-plugin/model-unavailable.ts

@@ -84,6 +84,13 @@ export function detectModelUnavailable(
     // resets 8:50am (Australia/Melbourne)".
     'hit your limit',
     'hit the limit',
+    // SESSION-cap wording: "You've hit your session limit · resets 5pm".
+    // A session cap is a quota exhaustion that frees in HOURS (its reset is a
+    // bare time-of-day, see parseResetTime's time-only branch) — recognising
+    // it here is what lets the time-only reset parse fire and keeps a
+    // session-capped account from the +7d weekly bench.
+    'session limit',
+    'session cap',
   ]
   if (quotaSignals.some(s => lower.includes(s))) {
     const resetAt = parseResetTime(sample)
@@ -192,9 +199,126 @@ function parseResetTime(text: string, parseTimeNow: Date = new Date()): Date | u
     if (!Number.isNaN(d.getTime())) return d
   }
 
+  // "resets 5pm (Australia/Melbourne)" / "resets 8:50am" / "resets 17:00 (UTC)"
+  // SESSION-cap wording: a time of day with NO month/day. This frees in
+  // HOURS, not a week — without this branch it falls through to undefined,
+  // and the 429 inference path then applies resolveExhaustUntil's +7d weekly
+  // floor, benching a session-capped account for a week. Must sit AFTER the
+  // calendar branch so "resets May 3, 11am" never matches here. The leading
+  // negative lookahead `(?!...)` rejects a month name so a date-bearing
+  // string can't fall into this time-only branch.
+  const timeOnly = text.match(
+    /resets?\s+(?:at\s+)?(?!(?:jan|feb|mar|apr|may|jun|jul|aug|sep|oct|nov|dec)[a-z]*\b)(\d{1,2})(?::(\d{2}))?\s*(am|pm)?\s*(?:\(([^)]+)\))?/i,
+  )
+  if (timeOnly) {
+    const d = resolveNextWallClock(
+      Number(timeOnly[1]),
+      timeOnly[2] ? Number(timeOnly[2]) : 0,
+      timeOnly[3]?.toLowerCase(),
+      timeOnly[4]?.trim(),
+      parseTimeNow,
+    )
+    if (d != null) return d
+  }
+
+  return undefined
+}
+
+/**
+ * Resolve a bare wall-clock time ("5pm", "8:50am", "17:00") to the NEXT
+ * occurrence of that time, tz-aware. Returns the soonest future Date (rolls
+ * to tomorrow when the time has already passed today). Null on bad input
+ * (out-of-range hour/minute or an unknown tz). When `tz` is omitted the
+ * time is interpreted in UTC (best-effort) — Anthropic's strings normally
+ * carry the IANA tz in parens, e.g. "(Australia/Melbourne)".
+ */
+function resolveNextWallClock(
+  hour12or24: number,
+  minute: number,
+  ampm: string | undefined,
+  tz: string | undefined,
+  nowDate: Date,
+): Date | undefined {
+  let hour = hour12or24
+  if (ampm === 'pm' && hour < 12) hour += 12
+  if (ampm === 'am' && hour === 12) hour = 0
+  if (!Number.isFinite(hour) || hour > 23 || hour < 0) return undefined
+  if (!Number.isFinite(minute) || minute > 59 || minute < 0) return undefined
+  const nowMs = nowDate.getTime()
+  // Walk today and the next two days (DST-safe span) and pick the first
+  // occurrence strictly in the future relative to now.
+  const base = new Date(nowMs)
+  for (let dayOffset = 0; dayOffset <= 2; dayOffset++) {
+    // Derive the y/m/d for `dayOffset` days from now IN THE TARGET TZ, so the
+    // wall-clock date we resolve is the tz's calendar date, not the container's.
+    const dateParts = tzDateParts(new Date(nowMs + dayOffset * 86_400_000), tz)
+    if (dateParts == null) return undefined
+    const epoch = wallClockToEpoch(
+      dateParts.year, dateParts.month, dateParts.day, hour, minute, tz,
+    )
+    if (epoch != null && epoch > nowMs) return new Date(epoch)
+  }
+  // Fallback: shouldn't happen, but keep the function total.
+  void base
   return undefined
 }
 
+/** The y/m/d of `d` as seen in `tz` (UTC when tz omitted). Null on bad tz. */
+function tzDateParts(
+  d: Date,
+  tz: string | undefined,
+): { year: number; month: number; day: number } | null {
+  if (!tz) {
+    return { year: d.getUTCFullYear(), month: d.getUTCMonth(), day: d.getUTCDate() }
+  }
+  try {
+    const fmt = new Intl.DateTimeFormat('en-US', {
+      timeZone: tz, year: 'numeric', month: '2-digit', day: '2-digit',
+    })
+    const parts = Object.fromEntries(
+      fmt.formatToParts(d).filter((p) => p.type !== 'literal').map((p) => [p.type, p.value]),
+    )
+    return {
+      year: Number(parts.year),
+      month: Number(parts.month) - 1,
+      day: Number(parts.day),
+    }
+  } catch {
+    return null
+  }
+}
+
+/**
+ * Convert a wall-clock time in an IANA tz to epoch-ms (null if the tz is
+ * unknown). Resolves the tz's offset AT that date via Intl, so it is correct
+ * across DST — NOT `new Date(localString)`, which assumes the container TZ.
+ * Mirrors wedge-watchdog.ts's helper of the same name (kept local to keep
+ * this module dependency-free / pure-testable).
+ */
+function wallClockToEpoch(
+  year: number, month: number, day: number, hour: number, minute: number, tz: string | undefined,
+): number | null {
+  const asUtc = Date.UTC(year, month, day, hour, minute, 0)
+  if (!tz) return asUtc // no tz given → best-effort UTC
+  try {
+    const fmt = new Intl.DateTimeFormat('en-US', {
+      timeZone: tz, year: 'numeric', month: '2-digit', day: '2-digit',
+      hour: '2-digit', minute: '2-digit', second: '2-digit', hour12: false,
+    })
+    const parts = Object.fromEntries(
+      fmt.formatToParts(new Date(asUtc)).filter((p) => p.type !== 'literal').map((p) => [p.type, p.value]),
+    )
+    const shown = Date.UTC(
+      Number(parts.year), Number(parts.month) - 1, Number(parts.day),
+      Number(parts.hour) % 24, Number(parts.minute), Number(parts.second),
+    )
+    const offset = shown - asUtc // how far ahead the tz wall clock is of UTC
+    return asUtc - offset
+  } catch {
+    return null // unknown tz
+  }
+}
+
 function parseRelativeDuration(s: string): number | null {
   // "2h 15m" / "30m" / "45 seconds"
   let total = 0

package/telegram-plugin/narrative-dedup.ts

@@ -0,0 +1,69 @@
+/**
+ * Reducer-side narrative dedup gate (the correctness core of the
+ * JSONL-text-narrative primitive).
+ *
+ * A `text` / `sub_agent_text` JSONL block is one of two things:
+ *
+ *   1. DRAFT-THEN-SEND — the model composing its answer just before it
+ *      calls `reply` / `stream_reply` with near-identical text. Surfacing
+ *      it would double-print the answer (once as a transient narrative
+ *      step, once as the canonical reply). It MUST be suppressed.
+ *   2. WORKING NARRATION — the agent's own commentary that is never sent
+ *      to the user ("On it. Let me find the repo…", "Sent. Waiting on the
+ *      build…"). It SHOULD be surfaced as a transient liveness step.
+ *
+ * A projector sees one JSONL line at a time and cannot know whether a
+ * later line is a reply tool_use, so the SHOW/SUPPRESS decision is a
+ * stateful, one-step-deferred decision made reducer-side (the gateway for
+ * the main agent, the subagent-watcher for sub/worker). This module is the
+ * pure, fully-unit-testable kernel of that decision — no I/O, no state of
+ * its own; the caller owns the `pendingNarrative` slot.
+ *
+ * The threshold heuristic deliberately matches the spirit of the #546
+ * outbound dedup (trim + lowercase + whitespace-collapse) so a draft and
+ * its reply compare equal the same way #546 considers them the same
+ * message.
+ */
+
+/** Tools whose `input.text` IS the canonical answer surface. */
+export const REPLY_TOOLS = new Set(['reply', 'stream_reply'])
+
+/**
+ * Normalize for prefix comparison: strip markdown/HTML-ish emphasis,
+ * heading and quote marks, collapse whitespace, lowercase. Mirrors the
+ * #546 outbound-dedup normalization so a markdown-decorated draft and its
+ * plain reply compare equal.
+ */
+export function normalizeNarrative(s: string): string {
+  return s
+    .replace(/[*_`>#~]/g, '') // markdown emphasis / heading / quote marks
+    .replace(/\s+/g, ' ')
+    .trim()
+    .toLowerCase()
+}
+
+/** Longest-common-prefix ratio over the SHORTER of the two normalized strings. */
+export function prefixSimilarity(a: string, b: string): number {
+  const x = normalizeNarrative(a)
+  const y = normalizeNarrative(b)
+  if (x.length === 0 || y.length === 0) return 0
+  const n = Math.min(x.length, y.length)
+  let i = 0
+  while (i < n && x[i] === y[i]) i++
+  return i / n
+}
+
+/**
+ * The single tunable. Longest-common-PREFIX ratio (not Levenshtein) is
+ * deliberate: a draft shares a long head with the sent answer even when the
+ * model trims a trailing sentence before sending. 0.8 over the shorter
+ * string tolerates that trim while rejecting the "Sent. Waiting…" +
+ * different-reply case (short string, near-zero shared prefix). Exported so
+ * the test pins it — a silent retune breaks a test.
+ */
+export const DRAFT_SUPPRESS_THRESHOLD = 0.8
+
+/** TRUE ⇒ this text block is a draft-then-send of `replyText`; SUPPRESS it. */
+export function isDraftOfReply(textBlock: string, replyText: string): boolean {
+  return prefixSimilarity(textBlock, replyText) >= DRAFT_SUPPRESS_THRESHOLD
+}

package/telegram-plugin/over-ping-safety-net.ts

@@ -25,7 +25,29 @@
  *     the decision says CLAIM the slot — caller sets `firstPingAt`.
  *   - When the model requested silent, this module is a no-op.
  *
+ * Notification ownership (R8 / PR-2). The bare "first ping wins" rule
+ * above has a residual failure: an interim ACK that pings first claims
+ * the turn's single slot, and the later SUBSTANTIVE answer is then
+ * downgraded to silent — "the reply is last but the phone never buzzed
+ * for the answer." To fix that without re-introducing model double-pings,
+ * the decision is now aware of WHO holds the slot and WHO is asking:
+ *
+ *   - A SUBSTANTIVE final asking to ping while the slot is held by a
+ *     NON-substantive (ack) send ⇒ do NOT suppress; let the answer ping
+ *     and UPGRADE the slot to substantive (the answer owns the ping even
+ *     though the ack already buzzed once — a deliberate, bounded second
+ *     ping so the user is notified of the actual answer).
+ *   - An ACK asking to ping while the slot is held by a SUBSTANTIVE send
+ *     ⇒ suppress (no spurious double-ping AFTER the real answer).
+ *   - A SUBSTANTIVE asking while the slot is held by a SUBSTANTIVE ⇒
+ *     suppress (preserves the #1674 model-double-ping guard: answer +
+ *     wrap-up should be one beep, not two).
+ *   - An ACK while the slot is held by an ACK ⇒ suppress (unchanged).
+ *
  * The slot is claimed BEFORE the actual send (caller responsibility).
+ * On a CLAIM or an UPGRADE the caller MUST set `firstPingAt` AND
+ * `firstPingWasSubstantive` ATOMICALLY (same synchronous block, no await
+ * between) so a racing second reply reads a consistent pair.
  * Trade-off documented inline in `gateway.ts:executeReply`.
  */
 
@@ -39,6 +61,18 @@ export interface OverPingDecisionInput {
    *  has landed yet. Caller threads this through from
    *  `CurrentTurn.firstPingAt`. */
   firstPingAt: number | null
+  /** True iff THIS reply is a substantive final answer (stream `done`,
+   *  or text length ≥ FINAL_ANSWER_MIN_CHARS) — as opposed to a short
+   *  interim ack. Caller computes via `isSubstantiveFinalReply`. Defaults
+   *  to `false` (treat as a non-substantive ack) when omitted, which
+   *  preserves the pre-PR-2 "first ping wins, the rest suppress" behaviour
+   *  for callers that don't yet thread it. */
+  substantive?: boolean
+  /** True iff the send that CLAIMED the turn's ping slot was itself a
+   *  substantive final answer. Caller threads this through from
+   *  `CurrentTurn.firstPingWasSubstantive`. Meaningless (and ignored)
+   *  when `firstPingAt == null`. Defaults to `false`. */
+  firstPingWasSubstantive?: boolean
   /** Deterministic clock for tests; defaults to Date.now() in callers. */
   nowMs: number
 }
@@ -49,8 +83,18 @@ export interface OverPingDecision {
    *  violation by the model — caller should log + emit a metric. */
   suppress: boolean
   /** True iff the caller should claim the slot —
-   *  `turn.firstPingAt = nowMs`. Mutually exclusive with `suppress`. */
+   *  `turn.firstPingAt = nowMs` AND
+   *  `turn.firstPingWasSubstantive = substantive`. Mutually exclusive
+   *  with `suppress`. Set both on a fresh claim (no prior ping) and on
+   *  an UPGRADE (a substantive answer pinging over an ack's slot). */
   claimSlot: boolean
+  /** True iff this is an UPGRADE — a substantive final answer claiming
+   *  the ping slot that was previously held by a NON-substantive ack.
+   *  The answer pings even though the ack already buzzed once. Implied
+   *  by `claimSlot && firstPingAt != null` but surfaced explicitly so
+   *  the caller can log/meter the (intentional) second ping distinctly
+   *  from a normal first claim. Always false on a suppress or a no-op. */
+  upgrade: boolean
   /** When `suppress` is true, how long the first ping has been
    *  "active" (ms since `firstPingAt`). Caller surfaces this in the
    *  log + metric for forensic analysis (e.g. tight rapid double-pings
@@ -63,18 +107,40 @@ export interface OverPingDecision {
  * No mutation, no IO, deterministic under a fixed `nowMs`.
  */
 export function decideOverPing(input: OverPingDecisionInput): OverPingDecision {
+  const substantive = input.substantive === true
+  const firstPingWasSubstantive = input.firstPingWasSubstantive === true
+
   if (!input.modelRequestedPing) {
     // Model already chose silent — nothing for the safety net to do.
-    return { suppress: false, claimSlot: false, sinceFirstPingMs: null }
+    return { suppress: false, claimSlot: false, upgrade: false, sinceFirstPingMs: null }
   }
   if (input.firstPingAt != null) {
-    // Slot already claimed by an earlier ping this turn — suppress.
+    // The turn's ping slot is already held. WHO holds it and WHO is
+    // asking decides whether this is a notification-ownership UPGRADE or
+    // a double-ping to suppress (see the module doc-comment for the full
+    // matrix).
+    if (substantive && !firstPingWasSubstantive) {
+      // The substantive ANSWER is pinging over a slot held by an ack.
+      // Let it ping and upgrade the slot to substantive — the answer
+      // owns the turn's notification, not the earlier ack.
+      return {
+        suppress: false,
+        claimSlot: true,
+        upgrade: true,
+        sinceFirstPingMs: null,
+      }
+    }
+    // Every other slot-held case is a double-ping to suppress:
+    //   - ack over substantive: a spurious wrap-up after the real answer
+    //   - substantive over substantive: the #1674 answer+wrap-up guard
+    //   - ack over ack: the original one-ping-per-turn behaviour
     return {
       suppress: true,
       claimSlot: false,
+      upgrade: false,
       sinceFirstPingMs: input.nowMs - input.firstPingAt,
     }
   }
   // First ping this turn — let it through and claim the slot.
-  return { suppress: false, claimSlot: true, sinceFirstPingMs: null }
+  return { suppress: false, claimSlot: true, upgrade: false, sinceFirstPingMs: null }
 }

package/telegram-plugin/package.json

@@ -40,12 +40,12 @@
   },
   "repository": {
     "type": "git",
-    "url": "https://github.com/mekenthompson/switchroom.git",
+    "url": "https://github.com/switchroom/switchroom.git",
     "directory": "telegram-plugin"
   },
-  "homepage": "https://github.com/mekenthompson/switchroom/tree/main/telegram-plugin#readme",
+  "homepage": "https://github.com/switchroom/switchroom/tree/main/telegram-plugin#readme",
   "bugs": {
-    "url": "https://github.com/mekenthompson/switchroom/issues"
+    "url": "https://github.com/switchroom/switchroom/issues"
   },
   "publishConfig": {
     "access": "public"

package/telegram-plugin/pending-work-progress.ts

@@ -284,6 +284,18 @@ export function noteTurnEnd(key: string): void {
   }
 }
 
+/**
+ * True when the current turn for `key` dispatched async background work
+ * (Agent / Task / Bash run_in_background:true) but the turn has not yet ended
+ * with a cleared pending flag.  Used by the feed-survival predicate so the
+ * orphaned-reply backstop and silence-poke teardown are deferred while a
+ * detached background process is still running — even after inFlight empties
+ * when the near-instant tool_result (e.g. the Bash background handle) returns.
+ */
+export function hasPendingAsyncDispatch(key: string): boolean {
+  return stateByKey.get(key)?.pending === true
+}
+
 /**
  * Clear pending-progress for a chat — reasons:
  *   'inbound'   — user sent a new message, they're re-engaged

package/telegram-plugin/permission-rule.ts

@@ -91,7 +91,7 @@ export function resolveScopedAllowChoices(
 
   // ── File tools: this exact path vs any file.
   if (FILE_TOOLS.has(toolName)) {
-    const path = filePathFrom(input);
+    const path = filePathFrom(input, inputPreview);
     const broad: ScopeOption = { rule: toolName, buttonLabel: "Any file", broad: true };
     if (path) {
       return {
@@ -163,9 +163,36 @@ function resolveSkillName(input: Record<string, unknown>): string | null {
   );
 }
 
-function filePathFrom(input: Record<string, unknown> | null): string | null {
-  if (!input) return null;
-  return readString(input, "file_path") ?? readString(input, "notebook_path");
+function filePathFrom(
+  input: Record<string, unknown> | null,
+  rawPreview?: string,
+): string | null {
+  if (input) {
+    const p = readString(input, "file_path") ?? readString(input, "notebook_path");
+    if (p) return p;
+  }
+  // Claude Code truncates inputPreview to 200 chars, making the surrounding
+  // JSON invalid for Edit/Write (old_string/new_string push it past 200).
+  // "file_path" is the first key, so its value is intact in the truncated
+  // prefix — extract it with a lenient regex on the raw string.
+  if (rawPreview) return extractFilePathFromRaw(rawPreview);
+  return null;
+}
+
+/**
+ * Regex-based fallback to extract "file_path" or "notebook_path" from a raw
+ * (possibly truncated / invalid-JSON) inputPreview string. JSON-unescapes the
+ * captured value. Returns null when neither key is present or value is empty.
+ */
+function extractFilePathFromRaw(raw: string): string | null {
+  const m = /"(?:file_path|notebook_path)"\s*:\s*"((?:[^"\\]|\\.)*)"/.exec(raw);
+  if (!m) return null;
+  try {
+    const value = JSON.parse(`"${m[1]}"`) as string;
+    return typeof value === "string" && value.length > 0 ? value : null;
+  } catch {
+    return null;
+  }
 }
 
 /**
@@ -274,7 +301,7 @@ export function matchesAllowRule(
       return bashFirstToken(cmd) === m[1];
     }
     if (FILE_TOOLS.has(ruleTool)) {
-      return filePathFrom(input) === arg;
+      return filePathFrom(input, inputPreview) === arg;
     }
     return false;
   }

package/telegram-plugin/permission-title.ts

@@ -77,6 +77,21 @@ const INTERNAL_MCP_SERVERS = new Set([
   "switchroom-telegram",
 ]);
 
+/**
+ * hostd fleet verbs that take a target agent `name` as a required arg. The
+ * approval card MUST name WHICH agent is targeted (#2469) — "restart an
+ * agent" with no name leaves the operator blind. We interpolate the target
+ * into the curated phrase: "restart an agent in the fleet" → "restart agent
+ * `carrie` in the fleet". Stays generic when `name` is absent (never crash).
+ */
+const HOSTD_AGENT_TARGET_VERBS = new Set([
+  "mcp__hostd__agent_restart",
+  "mcp__hostd__agent_start",
+  "mcp__hostd__agent_stop",
+  "mcp__hostd__agent_logs",
+  "mcp__hostd__agent_exec",
+]);
+
 /**
  * Build the multi-line card body for an approval prompt.
  *
@@ -86,10 +101,23 @@ const INTERNAL_MCP_SERVERS = new Set([
  * Output is HTML-escaped for `parse_mode: 'HTML'`. The agent name is
  * capitalized for the sentence; dropped (with "wants to") when null —
  * the bridge client can be anonymous during early-boot edge cases.
+ *
+ * The `why:` line is the CALLER's stated rationale — the `reason`/`why`
+ * argument on the tool input, NOT the tool's static JSONSchema
+ * `description`. The schema description is documentation (it can contain
+ * literal tokens like `$SWITCHROOM_AGENT_NAME`), so surfacing it as the
+ * "why" reads like an un-interpolated variable and discards the agent's
+ * actual reason (#2469). We only fall back to "not provided" — never to
+ * the schema description.
  */
 export function formatPermissionCardBody(opts: {
   toolName: string;
   inputPreview: string | undefined;
+  /**
+   * The tool's static JSONSchema description. Retained for the signature
+   * (callers still pass it) but deliberately NOT used as the `why:` line —
+   * see #2469. The caller's rationale comes from the input args instead.
+   */
   description: string | undefined;
   agentName: string | null;
 }): string {
@@ -104,7 +132,10 @@ export function formatPermissionCardBody(opts: {
     lines.push(`🔐 ${escapeTgHtml(capFirst(action))}`);
   }
 
-  const rawWhy = (opts.description ?? "").replace(/\s+/g, " ").trim();
+  // why: the caller-supplied rationale (`reason`/`why` arg), never the
+  // static schema description (#2469).
+  const callerReason = callerSuppliedReason(opts.inputPreview);
+  const rawWhy = (callerReason ?? "").replace(/\s+/g, " ").trim();
   const truncatedWhy =
     rawWhy.length > DESCRIPTION_LINE_MAX
       ? rawWhy.slice(0, DESCRIPTION_LINE_MAX - 1) + "…"
@@ -142,15 +173,15 @@ export function naturalAction(
     case "Edit":
     case "MultiEdit":
     case "NotebookEdit": {
-      const f = fileBase(input);
+      const f = fileBase(input, inputPreview);
       return f ? `edit: ${f}` : "edit files";
     }
     case "Write": {
-      const f = fileBase(input);
+      const f = fileBase(input, inputPreview);
       return f ? `write: ${f}` : "write files";
     }
     case "Read": {
-      const f = fileBase(input);
+      const f = fileBase(input, inputPreview);
       return f ? `read: ${f}` : "read files";
     }
     case "Bash": {
@@ -194,7 +225,7 @@ function naturalMcpAction(
   const server = parts.length >= 2 ? parts[1]! : "";
   const curated = MCP_TOOL_DESCRIPTIONS[toolName];
   if (curated) {
-    const phrase = lowerFirst(curated);
+    const phrase = hostdAgentPhrase(toolName, input) ?? lowerFirst(curated);
     return INTERNAL_MCP_SERVERS.has(server)
       ? phrase
       : `${phrase} (${prettyMcpServer(server)})`;
@@ -217,6 +248,37 @@ function naturalMcpAction(
   return `use ${toolName}`;
 }
 
+/**
+ * For the hostd `agent_*` fleet verbs, build an action phrase that NAMES the
+ * target agent (#2469) — "restart agent `carrie` in the fleet". The verb is
+ * derived from the tool name (`agent_restart` → "restart"); `agent_logs` /
+ * `agent_exec` get bespoke phrasing. Returns null when the tool isn't a
+ * name-targeted hostd verb or no `name` arg is present, so the caller falls
+ * back to the generic curated phrase (never crashes on a missing name).
+ */
+function hostdAgentPhrase(
+  toolName: string,
+  input: Record<string, unknown> | null,
+): string | null {
+  if (!HOSTD_AGENT_TARGET_VERBS.has(toolName)) return null;
+  const name = input ? readString(input, "name") : null;
+  if (!name) return null;
+  switch (toolName) {
+    case "mcp__hostd__agent_restart":
+      return `restart agent \`${name}\` in the fleet`;
+    case "mcp__hostd__agent_start":
+      return `start agent \`${name}\` in the fleet`;
+    case "mcp__hostd__agent_stop":
+      return `stop agent \`${name}\` in the fleet`;
+    case "mcp__hostd__agent_logs":
+      return `read agent \`${name}\`'s container logs`;
+    case "mcp__hostd__agent_exec":
+      return `run a read-only inspection inside agent \`${name}\``;
+    default:
+      return null;
+  }
+}
+
 /**
  * For a REST-wrapper MCP call ({ path, body?, query? }), build the action
  * phrase "<VERB> <path> (<Server>)" — e.g. "POST /smtp/email (Brevo)". The
@@ -405,10 +467,43 @@ function resolveSkillName(input: Record<string, unknown>): string | null {
   );
 }
 
-function fileBase(input: Record<string, unknown> | null): string | null {
-  if (!input) return null;
-  const p = readString(input, "file_path") ?? readString(input, "notebook_path");
-  return p ? basename(p) : null;
+function fileBase(
+  input: Record<string, unknown> | null,
+  rawPreview?: string,
+): string | null {
+  if (input) {
+    const p = readString(input, "file_path") ?? readString(input, "notebook_path");
+    if (p) return basename(p);
+  }
+  // Claude Code truncates inputPreview to 200 chars, making the surrounding
+  // JSON invalid (Edit/Write always exceed 200 chars once old_string/new_string
+  // are included). "file_path" is the first key, so its value is intact in the
+  // truncated prefix — extract it with a lenient regex on the raw string.
+  if (rawPreview) {
+    const p = extractFilePathFromRaw(rawPreview);
+    if (p) return basename(p);
+  }
+  return null;
+}
+
+/**
+ * Regex-based fallback to extract "file_path" or "notebook_path" from a raw
+ * (possibly truncated / invalid-JSON) inputPreview string. JSON-unescapes the
+ * captured value so paths with backslashes or unicode escapes are returned
+ * correctly. Returns null when neither key is present or the captured value is
+ * empty.
+ */
+function extractFilePathFromRaw(raw: string): string | null {
+  // Match the first occurrence of "file_path" or "notebook_path".
+  const m = /"(?:file_path|notebook_path)"\s*:\s*"((?:[^"\\]|\\.)*)"/.exec(raw);
+  if (!m) return null;
+  try {
+    // JSON.parse the quoted string literal so escape sequences are resolved.
+    const value = JSON.parse(`"${m[1]}"`) as string;
+    return typeof value === "string" && value.length > 0 ? value : null;
+  } catch {
+    return null;
+  }
 }
 
 function lowerFirst(text: string): string {
@@ -447,6 +542,54 @@ function readString(input: Record<string, unknown>, key: string): string | null
   return typeof value === "string" && value.length > 0 ? value : null;
 }
 
+/**
+ * The caller's stated rationale for a tool call — the `reason` (or `why`)
+ * argument it passed. This is the agent's actual justification, which is
+ * what belongs on the `why:` line of the approval card. Returns null when
+ * no reason was supplied (caller renders "not provided") — we never fall
+ * back to the tool's static schema description (#2469).
+ */
+function callerSuppliedReason(inputPreview: string | undefined): string | null {
+  const input = parseInput(inputPreview);
+  if (input) {
+    const fromJson = readString(input, "reason") ?? readString(input, "why");
+    if (fromJson) return fromJson;
+  }
+  // Truncation fallback (#2580 follow-up): upstream Claude Code truncates
+  // `inputPreview` to ~200 chars. For a tool whose first/largest key is a
+  // big blob (e.g. config_propose_edit's `unified_diff`), the truncated JSON
+  // is unparseable and the schema-required `reason` is lost — the card then
+  // renders "why: not provided" even though a reason WAS supplied. Mirror the
+  // `extractFilePathFromRaw` lenient-regex fallback so a `reason`/`why` value
+  // surviving in the truncated prefix is still recovered. (Reordering the
+  // schema so `reason` precedes the blob keeps it inside the 200-char prefix;
+  // this regex is what then reads it back out.)
+  if (inputPreview) {
+    const r = extractReasonFromRaw(inputPreview);
+    if (r) return r;
+  }
+  return null;
+}
+
+/**
+ * Regex-based fallback to extract a `reason` or `why` value from a raw
+ * (possibly truncated / invalid-JSON) inputPreview string. Mirrors
+ * `extractFilePathFromRaw`: JSON-unescapes the captured value so a reason
+ * with quotes/backslashes/unicode escapes is returned correctly. Returns
+ * null when neither key is present or the captured value is empty/whitespace.
+ */
+export function extractReasonFromRaw(raw: string): string | null {
+  // Match the first occurrence of "reason" or "why".
+  const m = /"(?:reason|why)"\s*:\s*"((?:[^"\\]|\\.)*)"/.exec(raw);
+  if (!m) return null;
+  try {
+    const value = JSON.parse(`"${m[1]}"`) as string;
+    return typeof value === "string" && value.trim().length > 0 ? value : null;
+  } catch {
+    return null;
+  }
+}
+
 function skillBasenameFromPath(input: Record<string, unknown>): string | null {
   const path = readString(input, "path") ?? readString(input, "skill_path");
   if (!path) return null;

package/telegram-plugin/quota-check.ts

@@ -54,6 +54,15 @@ export type QuotaUtilization = {
   representativeClaim: string | null;
   overageStatus: string | null;
   overageDisabledReason: string | null;
+  /**
+   * #2494 Bug C — header-presence markers. Mirror of the field in
+   * `src/auth/quota.ts` (kept in sync across the bundle boundary). The
+   * utilization fields are always numeric (a missing header coalesces to 0),
+   * so on their own they cannot tell a genuine 0% from a filled-0 thin probe.
+   * Optional → unset means "real probe" (legacy snapshots / fixtures).
+   */
+  fiveHourUtilPresent?: boolean;
+  sevenDayUtilPresent?: boolean;
 };
 
 export type QuotaResult =
@@ -120,8 +129,12 @@ export function parseQuotaHeaders(headers: Headers): QuotaResult {
   return {
     ok: true,
     data: {
+      // #2494 Bug C — coalesce missing window to 0 for back-compat but record
+      // which windows were actually present (both-absent returned ok:false).
       fiveHourUtilizationPct: (fiveHour ?? 0) * 100,
       sevenDayUtilizationPct: (sevenDay ?? 0) * 100,
+      fiveHourUtilPresent: fiveHour != null,
+      sevenDayUtilPresent: sevenDay != null,
       fiveHourResetAt: parseEpochHeader(headers, "anthropic-ratelimit-unified-5h-reset"),
       sevenDayResetAt: parseEpochHeader(headers, "anthropic-ratelimit-unified-7d-reset"),
       representativeClaim: headers.get("anthropic-ratelimit-unified-representative-claim"),