switchroom 0.8.1 → 0.10.0

package/dist/vault/broker/server.js

@@ -10948,7 +10948,7 @@ var init_zod = __esm(() => {
 });
 
 // src/config/schema.ts
-var CodeRepoEntrySchema, AgentBindMountSchema, ScheduleEntrySchema, AgentSoulSchema, AgentToolsSchema, AgentMemorySchema, HookEntrySchema, AgentHooksSchema, SubagentSchema, SessionSchema, SessionContinuitySchema, TelegramChannelSchema, ChannelsSchema, TIMEZONE_REGEX, ApproverIdSchema, DriveConfigSchema, AgentDriveConfigSchema, ReactionsSchema, profileFields, ProfileSchema, _omitExtends, defaultsFields, AgentDefaultsSchema, AgentSchema, TelegramConfigSchema, MemoryBackendConfigSchema, VaultConfigSchema, QuotaConfigSchema, HostControlConfigSchema, SwitchroomConfigSchema;
+var CodeRepoEntrySchema, AgentBindMountSchema, ScheduleEntrySchema, AgentSoulSchema, AgentToolsSchema, AgentMemorySchema, HookEntrySchema, AgentHooksSchema, SubagentSchema, SessionSchema, SessionContinuitySchema, TelegramChannelSchema, ChannelsSchema, TIMEZONE_REGEX, ApproverIdSchema, GoogleWorkspaceTierSchema, GoogleWorkspaceConfigSchema, AgentGoogleWorkspaceConfigSchema, ReactionsSchema, profileFields, ProfileSchema, _omitExtends, defaultsFields, AgentDefaultsSchema, AgentSchema, TelegramConfigSchema, MemoryBackendConfigSchema, VaultConfigSchema, QuotaConfigSchema, HostControlConfigSchema, SwitchroomConfigSchema;
 var init_schema = __esm(() => {
   init_zod();
   CodeRepoEntrySchema = exports_external.object({
@@ -11004,7 +11004,7 @@ var init_schema = __esm(() => {
     SessionEnd: exports_external.array(HookEntrySchema).optional()
   }).catchall(exports_external.array(HookEntrySchema)).optional();
   SubagentSchema = exports_external.object({
-    description: exports_external.string().describe("When the main agent should delegate to this sub-agent"),
+    description: exports_external.string().optional().describe("When the main agent should delegate to this sub-agent"),
     model: exports_external.string().optional().describe("Model: 'sonnet', 'opus', 'haiku', full ID, or 'inherit' (default)"),
     background: exports_external.boolean().optional().describe("Run in background by default (non-blocking). Default false"),
     isolation: exports_external.enum(["worktree"]).optional().describe("'worktree' gives the sub-agent its own git branch"),
@@ -11083,13 +11083,20 @@ var init_schema = __esm(() => {
   }).optional();
   TIMEZONE_REGEX = /^UTC$|^[A-Z][A-Za-z0-9_+-]+(\/[A-Z][A-Za-z0-9_+-]+){1,2}$/;
   ApproverIdSchema = exports_external.union([exports_external.number(), exports_external.string().regex(/^\d+$/)]);
-  DriveConfigSchema = exports_external.object({
+  GoogleWorkspaceTierSchema = exports_external.enum([
+    "core",
+    "extended",
+    "complete"
+  ]);
+  GoogleWorkspaceConfigSchema = exports_external.object({
     google_client_id: exports_external.string().min(1).describe("Google OAuth client ID (literal string or vault reference e.g. 'vault:google-oauth-client-id')"),
     google_client_secret: exports_external.string().min(1).describe("Google OAuth client secret (literal string or vault reference e.g. 'vault:google-oauth-client-secret')"),
-    approvers: exports_external.array(ApproverIdSchema).min(1).describe("Array of numeric Telegram user IDs authorized to approve drive onboarding. " + "At least one must be specified.")
+    approvers: exports_external.array(ApproverIdSchema).min(1).describe("Array of numeric Telegram user IDs authorized to approve drive onboarding. " + "At least one must be specified."),
+    tier: GoogleWorkspaceTierSchema.optional().describe("RFC G Phase 1: which upstream MCP tier to expose. " + "core (default) = ~16 tools (Drive+Docs+Sheets+Calendar). " + "extended = ~40 tools (+Slides, Forms, Tasks, Chat). " + "complete = ~60+ tools (+Gmail; not recommended yet — see RFC G §5).")
   }).optional();
-  AgentDriveConfigSchema = exports_external.object({
-    approvers: exports_external.array(ApproverIdSchema).min(1).optional().describe("Per-agent approver override. When set, replaces (does not extend) " + "the top-level drive.approvers list for this agent's onboarding card.")
+  AgentGoogleWorkspaceConfigSchema = exports_external.object({
+    approvers: exports_external.array(ApproverIdSchema).min(1).optional().describe("Per-agent approver override. When set, replaces (does not extend) " + "the top-level drive.approvers list for this agent's onboarding card."),
+    tier: GoogleWorkspaceTierSchema.optional().describe("Per-agent tier override (RFC G Phase 1). When set, replaces the " + "top-level google_workspace.tier for this agent. Common case: most " + "agents on `core`, one specialist on `extended` for Slides access.")
   }).optional();
   ReactionsSchema = exports_external.object({
     enabled: exports_external.boolean().optional().describe("Master switch for the reaction-trigger path. When false, " + "reactions are still persisted via recordReaction but never " + "dispatched to the agent as synthetic inbound turns. Default true."),
@@ -11143,6 +11150,12 @@ var init_schema = __esm(() => {
     claude_md_raw: exports_external.string().optional(),
     cli_args: exports_external.array(exports_external.string()).optional(),
     extra_stable_files: exports_external.array(exports_external.string()).optional().describe("Extra filenames (relative to the agent's workspace directory) to append " + "to the stable bootstrap render. Loaded once at session start via " + "`--append-system-prompt`. Missing files are silently skipped. " + "Example: ['BRIEF.md', 'CONTEXT.md']."),
+    resources: exports_external.object({
+      memory: exports_external.string().regex(/^\d+(\.\d+)?[kmgKMG]?$/, "memory must be a Docker size string like '6g', '512m', '1.5g'").optional().describe("Hard memory cap (Docker `mem_limit` → cgroup memory.max). When the " + "container exceeds this, the kernel OOM-kills processes in the cgroup. " + "Format: '6g', '1.5g', '512m'. When unset at every cascade layer the " + "compose generator falls back to the hard-coded per-profile defaults " + "in src/agents/compose.ts (klanker 6g, coding 2g, conversational 1.5g, " + "lightweight 1g, default 1.5g)."),
+      memory_reservation: exports_external.string().regex(/^\d+(\.\d+)?[kmgKMG]?$/, "memory_reservation must be a Docker size string like '4g', '256m'").optional().describe("Soft memory floor (Docker `mem_reservation` → cgroup memory.low). " + "Under host-wide memory pressure, the kernel protects at least this " + "much from being reclaimed from the cgroup. Must be ≤ memory. Use to " + "keep an agent RAM-resident when the host has other tenants that " + "might push the box (Coolify apps, build jobs). Default: unset."),
+      pids_limit: exports_external.number().int().positive().optional().describe("Max processes the cgroup can spawn (cgroup pids.max). Prevents " + "fork bombs and runaway test runners. Counts every process in the " + "cgroup including bash subprocesses, claude itself, sidecars, and " + "any test/build worker. A typical agent at idle uses ~30 PIDs; " + "`npm test`-style workloads can spike to 200+. Set generously " + "(2000 is a comfortable cap for test-running agents). Default: " + "unset (no cgroup pid cap)."),
+      cpus: exports_external.number().positive().optional().describe("CPU quota (Docker `cpus`). Fractional values OK (e.g. 0.5, 2.0). " + "When unset at every cascade layer the compose generator falls " + "back to the per-profile default (klanker/coding 2.0, default 1.0, " + "lightweight 0.5).")
+    }).optional().describe("Per-agent resource limits. Cascades through defaults → profile → " + "per-agent with per-field merge (agent wins on each field independently). " + "Any field left unset at every layer falls back to the hard-coded " + "per-profile defaults in src/agents/compose.ts."),
     experimental: exports_external.object({
       legacy_pty: exports_external.boolean().optional().describe("Opt out of the default tmux supervisor (#725) and run the agent under " + "the legacy PTY supervisor instead. Default: false (tmux is the default)."),
       legacy_autoaccept_expect: exports_external.boolean().optional().describe("Opt the autoaccept gateway back into the legacy expect-script behaviour " + "instead of the tmux send-keys path. Default: false.")
@@ -11156,13 +11169,13 @@ var init_schema = __esm(() => {
     bot_token: exports_external.string().optional().describe("Per-agent Telegram bot token or vault reference (overrides global telegram.bot_token)"),
     bot_username: exports_external.string().optional().describe("Per-agent Telegram bot username (without leading @) when it doesn't " + "contain the agent slug. Replaces the default 'username includes slug' " + "preflight check with an exact (case-insensitive) match. Use when an " + "agent and its bot have intentionally divergent names (e.g. agent " + "'lawgpt' paired with bot '@meken_law_bot')."),
     timezone: exports_external.string().regex(TIMEZONE_REGEX, "timezone must be an IANA zone name like 'Australia/Melbourne' or 'UTC' " + "(three-letter aliases like EST/PST and bare offsets like UTC+10 are not accepted)").optional().describe("Per-agent IANA timezone override. Wins over any profile/defaults " + "value and over the top-level switchroom.timezone global. Controls " + "the UserPromptSubmit timezone hook's emitted local time and the " + "systemd unit's TZ= env."),
-    auth_label: exports_external.string().optional().describe("Human-readable identity for the session-start greeting (e.g. 'user@example.com'). " + "Anthropic does not expose a public user-profile endpoint for OAuth tokens, so the " + "email/account cannot be read locally; the user declares it here. Appears in the Auth " + "row as '✓ max · <label> · expires ...'."),
     auth: exports_external.object({
-      accounts: exports_external.array(exports_external.string()).optional().describe("Ordered list of Anthropic account labels (from `~/.switchroom/accounts/`) " + "this agent can use. The first non-quota-exhausted account is the active one; " + "subsequent entries are auto-fallback targets. switchroom-auth-broker keeps " + "`<agentDir>/.claude/credentials.json` in sync with the active account on " + "every refresh and on every quota event. When unset, the agent falls back to " + "a single 'default' account; if no `default` account exists, the boot self-test " + "surfaces a one-line nudge to run `switchroom auth account add`.")
-    }).optional().describe("Account routing for switchroom-auth-broker. See " + "reference/share-auth-across-the-fleet.md for the unit-of-authentication model."),
+      override: exports_external.string().min(1).optional().describe("Per-agent override of the fleet-wide `auth.active`. Edge-case use only — " + "this agent talks to the named account regardless of fleet active. See RFC H §4.5.")
+    }).optional().describe("Account routing for switchroom-auth-broker. RFC H schema uses " + "fleet-wide `auth.active` plus per-agent `override:` for edge cases. " + "Pre-RFC-H `auth.accounts: [..]` and `auth_label:` are migrated in-place " + "on first apply (see src/auth/migrate-schema.ts)."),
     dm_only: exports_external.boolean().optional().describe("Mark this agent as a DM-only bot — has its own bot_token and lives " + "exclusively in a private chat with the operator. Suppresses " + "scaffolding's default behavior of inheriting the global " + "telegram.forum_chat_id into the agent's access.json `groups` entry " + "(the forum chat the bot isn't a member of, which would otherwise " + "trigger a 'boot-probe-failed: 400 chat not found' warning every " + "restart). topic_name is still schema-required but unused — set it " + "to a display label like 'DM' for /switchroom status output."),
     topic_name: exports_external.string().describe("Telegram forum topic display name"),
     topic_emoji: exports_external.string().optional().describe("Emoji for the topic (e.g., '\uD83C\uDFCB️')"),
+    purpose: exports_external.string().max(140).optional().describe("One-line description of what this agent does (≤140 chars). Shown to " + "peer agents when they call the agent-config MCP `peers_list` tool, so " + "every agent on the instance can answer 'is there an agent that does X' " + "without baking the fleet into prompts. Sourced live from " + "switchroom.yaml — never memorized into Hindsight. Falls back to " + "`topic_name` when absent."),
     role: exports_external.enum(["assistant", "foreman"]).optional().describe("Agent role. Default (omitted) is `assistant` — a fleet agent doing " + "user-facing tasks. `foreman` opts the agent in to switchroom's bundled " + "operator skills (switchroom-architecture / cli / health / install / manage " + "/ status), auto-symlinked into the agent's .claude/skills/ on scaffold and " + "reconcile. Fleet agents (assistant role) get no operator skills; reconcile " + "actively retracts them if the role flips back. See docs/skills.md for the model."),
     topic_id: exports_external.number().optional().describe("Telegram topic thread ID (auto-populated by switchroom topics sync)"),
     webhook_sources: exports_external.array(exports_external.enum(["github", "generic"])).optional().describe("[DEPRECATED — moved to channels.telegram.webhook_sources in #596] " + "Old per-agent location. Still read but logs a deprecation warning. " + "See channels.telegram.webhook_sources for the canonical spot."),
@@ -11209,7 +11222,8 @@ var init_schema = __esm(() => {
     disallowed_tools: exports_external.array(exports_external.string()).optional().describe("Granular tool denylist passed verbatim to Claude Code's --disallowedTools " + "flag. Same pattern syntax as allowed_tools (e.g. 'Bash(rm *)'). See #199."),
     extra_stable_files: exports_external.array(exports_external.string()).optional().describe("Extra filenames (relative to the agent's workspace directory) to append " + "to the stable bootstrap render. Loaded once at session start via " + "`--append-system-prompt`. Missing files are silently skipped. " + "Example: ['BRIEF.md', 'CONTEXT.md']."),
     code_repos: exports_external.array(CodeRepoEntrySchema).optional().describe("Git repositories this agent is allowed to claim worktrees from. " + "Each entry provides a short name alias, a source path, and an " + "optional concurrency cap (default 5). When code_repos is set, " + "claim_worktree accepts the alias as the repo argument. " + "Absolute paths may always be passed regardless of this list."),
-    drive: AgentDriveConfigSchema.describe("Per-agent drive onboarding overrides (currently just approvers). " + "When set, replaces the top-level drive.approvers list for this agent. " + "google_client_id/secret are not per-agent — they live at the top level."),
+    drive: AgentGoogleWorkspaceConfigSchema.describe("RFC D legacy key — use `google_workspace:` instead. Per-agent " + "google_workspace overrides (currently approvers + tier). When set, " + "replaces the top-level approvers list for this agent. " + "google_client_id/secret are not per-agent — they live at the top level."),
+    google_workspace: AgentGoogleWorkspaceConfigSchema.describe("RFC G canonical key. Per-agent Google Workspace overrides — currently " + "approvers (replaces, does not extend the top-level list) and tier " + "(`core` | `extended` | `complete`, replaces top-level default). " + "google_client_id/secret are not per-agent — they live at the top level. " + "Mutually exclusive with `drive:` on the same agent (loader fails fast " + "if both are set)."),
     repos: exports_external.record(exports_external.string().regex(/^[a-z0-9][a-z0-9-]*$/, "Repo slug must be kebab-case ASCII: start with a lowercase letter or digit, contain only lowercase letters, digits, and hyphens"), exports_external.object({
       url: exports_external.string().min(1).describe("Git remote URL for the repo (e.g. 'git@github.com:org/repo.git' or " + "'https://github.com/org/repo.git'). Used verbatim for git clone."),
       branch_default: exports_external.string().optional().describe("Default branch to track (defaults to the remote's HEAD, typically 'main'). " + "The per-agent branch 'agent/<agentName>/main' fast-forwards to this branch " + "when the worktree is clean on session start.")
@@ -11217,7 +11231,13 @@ var init_schema = __esm(() => {
     experimental: exports_external.object({
       legacy_pty: exports_external.boolean().optional().describe("Opt out of the default tmux supervisor (#725) and run the agent " + "under the legacy PTY supervisor instead. Default: false."),
       legacy_autoaccept_expect: exports_external.boolean().optional().describe("Opt the autoaccept gateway back into the legacy expect-script " + "behaviour instead of the tmux send-keys path. Default: false.")
-    }).optional().describe("Opt-in flags for experimental / legacy behaviours. Cascades through " + "defaults → profile → per-agent.")
+    }).optional().describe("Opt-in flags for experimental / legacy behaviours. Cascades through " + "defaults → profile → per-agent."),
+    resources: exports_external.object({
+      memory: exports_external.string().regex(/^\d+(\.\d+)?[kmgKMG]?$/).optional(),
+      memory_reservation: exports_external.string().regex(/^\d+(\.\d+)?[kmgKMG]?$/).optional(),
+      pids_limit: exports_external.number().int().positive().optional(),
+      cpus: exports_external.number().positive().optional()
+    }).optional()
   });
   TelegramConfigSchema = exports_external.object({
     bot_token: exports_external.string().describe("Telegram bot token or vault reference (e.g., 'vault:telegram-bot-token')"),
@@ -11258,7 +11278,7 @@ var init_schema = __esm(() => {
     monthly_budget_usd: exports_external.number().positive().optional().describe("Monthly USD spend budget. If unset, the greeting shows raw usage only.")
   });
   HostControlConfigSchema = exports_external.object({
-    enabled: exports_external.boolean().optional().describe("Opt-in to the host-control daemon. Default: false (Phase 1). " + "When true, the compose generator emits per-agent bind mounts " + "at `~/.switchroom/hostd/<name>/sock` for every admin-flagged " + "agent. The daemon itself is installed by `switchroom setup` " + "as a systemd user unit. systemd hosts only — compose-mode " + "support is deferred to a v2 RFC (see RFC C §5.1 for why). " + "Gateway integration (swap of spawnSwitchroomDetached callsites) " + "lands in a Phase 2 follow-up PR; setting enabled: true in " + "Phase 1 ships the daemon but does not change gateway behavior.")
+    enabled: exports_external.boolean().optional().describe("Opt-in to the host-control daemon. Default: false. " + "When true, the compose generator emits per-agent bind mounts " + "at `~/.switchroom/hostd/<name>/sock` for every admin-flagged " + "agent. Install the daemon with `switchroom hostd install` — " + "it runs as a docker container in its own compose project " + "(`switchroom-hostd`), separate from the agent fleet's compose " + "project so `up -d --remove-orphans` cycles of the fleet " + "can't recreate the daemon mid-RPC. See RFC C §5.1. " + "Since Phase 2 (#1175 PR γ) the gateway's /restart, /new, /reset, " + "and /update apply slash-commands automatically dispatch through " + "hostd when enabled — replacing the in-container " + "`spawnSwitchroomDetached` shellout that requires docker access. " + "Set enabled: true on docker-mode installs to make those verbs work " + "(they otherwise fail because the agent container has no docker " + "binary/socket).")
   });
   SwitchroomConfigSchema = exports_external.object({
     switchroom: exports_external.object({
@@ -11270,9 +11290,28 @@ var init_schema = __esm(() => {
     telegram: TelegramConfigSchema,
     memory: MemoryBackendConfigSchema.optional(),
     vault: VaultConfigSchema.optional(),
-    drive: DriveConfigSchema.describe("Optional drive onboarding configuration. When set, supplies Google " + "OAuth client credentials and the approver allowlist for `switchroom " + "drive connect`. Env vars (SWITCHROOM_GOOGLE_CLIENT_ID, " + "SWITCHROOM_GOOGLE_CLIENT_SECRET, SWITCHROOM_APPROVER_USER_ID) take " + "precedence over this block when set, preserving back-compat with " + "the env-only flow shipped in #766."),
+    auth: exports_external.object({
+      active: exports_external.string().min(1).optional().describe("Fleet-wide active Anthropic account label. Every agent without " + "an explicit `agent.auth.override` uses this account. See " + "docs/auth.md for the full model. Set by `switchroom auth use <label>`."),
+      fallback_order: exports_external.array(exports_external.string().min(1)).optional().describe("Ordered list of account labels for `switchroom auth rotate` to cycle " + "through when the active account hits a quota event. First entry is " + "normally the same as `auth.active`. When unset, `rotate` is a no-op."),
+      consumers: exports_external.array(exports_external.object({
+        name: exports_external.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9_-]*$/, {
+          message: "Consumer name must be a path-safe slug (letters, digits, underscore, hyphen)"
+        }).describe("Socket-path identity; binds at /run/switchroom/auth-broker/<name>/sock"),
+        account: exports_external.string().min(1).describe("Pinned account label for this consumer. `get-credentials` returns " + "this account's credentials; `mark-exhausted` from this consumer " + "only affects this account."),
+        uid: exports_external.number().int().nonnegative().optional().describe("Optional UID to chown the consumer socket to (defaults to 0 = root, " + "suitable for sibling containers running as root).")
+      })).optional().describe("Non-agent peers that hold a broker socket (RFC H §4.8). Each gets " + "its own `/run/switchroom/auth-broker/<name>/sock` chowned to its UID. " + "Consumers cannot be admins; a consumer name that collides with an " + "agent (whether that agent has `admin: true` or not) is a config " + "error caught at schema validation.")
+    }).optional().describe("Switchroom-auth-broker configuration (RFC H). Fleet-wide active account, " + "fallback order, admin-agent ACL, and ephemeral-consumer surface. " + "Required from the v0.8+ schema onwards; pre-v0.8 fleets are migrated " + "in-place by `switchroom apply` (see src/auth/migrate-schema.ts)."),
+    drive: GoogleWorkspaceConfigSchema.describe("RFC D legacy key — use `google_workspace:` instead. Optional Google " + "Workspace onboarding configuration. When set, supplies Google OAuth " + "client credentials, the approver allowlist for `switchroom drive " + "connect`, and the optional tier knob. Env vars " + "(SWITCHROOM_GOOGLE_CLIENT_ID, SWITCHROOM_GOOGLE_CLIENT_SECRET, " + "SWITCHROOM_APPROVER_USER_ID) take precedence over this block when " + "set, preserving back-compat with the env-only flow shipped in #766."),
+    google_workspace: GoogleWorkspaceConfigSchema.describe("RFC G canonical key. Top-level Google Workspace configuration — " + "OAuth client credentials, approver allowlist, and tier knob (`core` " + "| `extended` | `complete`, default `core`). Mutually exclusive with " + "`drive:` at the top level (loader fails fast if both are set)."),
     quota: QuotaConfigSchema.optional().describe("Optional weekly/monthly USD spend budgets rendered in the session " + "greeting. Usage is read from ccusage at runtime; no network calls."),
     host_control: HostControlConfigSchema.optional().describe("Optional host-control daemon configuration. See RFC C " + "(docs/rfcs/host-control-daemon.md) and the field-level help on " + "`enabled` for the Phase 1 scope."),
+    google_accounts: exports_external.record(exports_external.string().regex(/^[^@\s:]+@[^@\s:]+\.[^@\s:]+$/, {
+      message: "Account key must be a Google account email like 'alice@example.com' (colons not allowed)"
+    }).transform((v) => v.trim().toLowerCase()), exports_external.object({
+      enabled_for: exports_external.array(exports_external.string().regex(/^[a-z0-9][a-z0-9_-]{0,50}$/, {
+        message: "Agent name must match the standard agent-name pattern"
+      })).describe("Agent slugs that may read this account's vault slots " + "(`google:<account>:refresh_token` etc). Per-agent ACL is " + "enforced at the broker, not at the agent identity layer — " + "the agent still authenticates via socket-path-as-identity " + "per RFC D §4.1, broker just gates the cross-agent token share.")
+    })).optional().describe("RFC G Phase 2: per-Google-account ACL for vault slots holding " + "OAuth refresh tokens. Maps account email → list of agents " + "permitted to read that account's slots. Written by `switchroom " + "auth google enable|disable` (Phase 3); read by the broker on " + "every Google slot access. Replaces RFC D's per-agent vault slot " + "scope (which can't express 'two agents share one Google account')."),
     defaults: AgentDefaultsSchema.describe("Implicit bottom-of-cascade profile applied to every agent before " + "per-agent config and `extends:` resolution. Tools, mcp_servers, and " + "schedule are unioned/concatenated; scalars and nested objects are " + "shallow-merged with per-agent values winning."),
     profiles: exports_external.record(exports_external.string(), ProfileSchema).optional().describe("Named profile definitions. Agents reference via `extends: <name>`. " + "Inline profiles declared here take priority over filesystem " + "profiles/<name>/ directories when both exist."),
     agents: exports_external.record(exports_external.string().regex(/^[a-z0-9][a-z0-9_-]{0,50}$/, {
@@ -11307,6 +11346,142 @@ function resolveDualPath(pathStr) {
 var DEFAULT_STATE_DIR = ".switchroom", LEGACY_STATE_DIR = ".clerk";
 var init_paths = () => {};
 
+// src/config/overlay-schema.ts
+var OverlayDocSchema;
+var init_overlay_schema = __esm(() => {
+  init_zod();
+  init_schema();
+  OverlayDocSchema = exports_external.object({
+    schedule: exports_external.array(ScheduleEntrySchema).optional(),
+    skills: exports_external.array(exports_external.string()).optional()
+  }).strict();
+});
+
+// src/config/overlay-loader.ts
+import { existsSync as existsSync5, readFileSync as readFileSync5, readdirSync as readdirSync2, statSync as statSync3 } from "node:fs";
+import { resolve as resolve3 } from "node:path";
+function overlayDirFor(agentName, subdir) {
+  const base = resolveDualPath(`~/.switchroom/agents/${agentName}/${subdir}`);
+  return resolve3(base);
+}
+function listYamlFiles(dir) {
+  if (!existsSync5(dir))
+    return [];
+  let entries;
+  try {
+    entries = readdirSync2(dir);
+  } catch {
+    return [];
+  }
+  const out = [];
+  for (const name of entries) {
+    if (!/\.ya?ml$/i.test(name))
+      continue;
+    const full = resolve3(dir, name);
+    try {
+      if (statSync3(full).isFile())
+        out.push(full);
+    } catch {}
+  }
+  return out.sort();
+}
+function stampOverlay(entry) {
+  Object.defineProperty(entry, OVERLAY_SOURCE, {
+    value: true,
+    enumerable: false,
+    configurable: false,
+    writable: false
+  });
+  return entry;
+}
+function applyAgentOverlays(config) {
+  const warnings = [];
+  const agents = config.agents ?? {};
+  for (const [agentName, agentCfg] of Object.entries(agents)) {
+    try {
+      const scheduleDir = overlayDirFor(agentName, "schedule.d");
+      const files = listYamlFiles(scheduleDir);
+      if (files.length > 0) {
+        const merged = [...agentCfg.schedule ?? []];
+        for (const file of files) {
+          try {
+            const raw = readFileSync5(file, "utf-8");
+            const parsed = $parse(raw);
+            const doc = OverlayDocSchema.parse(parsed);
+            for (const entry of doc.schedule ?? []) {
+              if (entry.secrets && entry.secrets.length > 0) {
+                const w = {
+                  agent: agentName,
+                  file,
+                  reason: "Overlay schedule entry declares secrets — dropped pending Phase E operator approval"
+                };
+                warnings.push(w);
+                console.warn(`[switchroom] overlay-loader: agent='${agentName}' file='${file}': ${w.reason}`);
+                continue;
+              }
+              merged.push(stampOverlay(entry));
+            }
+          } catch (err) {
+            const reason = err instanceof ZodError ? `schema rejection: ${err.errors.map((e) => `${e.path.join(".")}: ${e.message}`).join("; ")}` : `parse error: ${err.message}`;
+            warnings.push({ agent: agentName, file, reason });
+            console.warn(`[switchroom] overlay-loader: agent='${agentName}' file='${file}': ${reason}`);
+          }
+        }
+        agentCfg.schedule = merged;
+      }
+    } catch (err) {
+      warnings.push({
+        agent: agentName,
+        file: "(agent schedule overlay scan)",
+        reason: `unexpected error: ${err.message}`
+      });
+      console.warn(`[switchroom] overlay-loader: agent='${agentName}' schedule.d: unexpected error: ${err.message}`);
+    }
+    try {
+      const skillsDir = overlayDirFor(agentName, "skills.d");
+      const skillFiles = listYamlFiles(skillsDir);
+      if (skillFiles.length === 0) {} else {
+        const merged = [...agentCfg.skills ?? []];
+        const seen = new Set(merged);
+        for (const file of skillFiles) {
+          try {
+            const raw = readFileSync5(file, "utf-8");
+            const parsed = $parse(raw);
+            const doc = OverlayDocSchema.parse(parsed);
+            for (const skillName of doc.skills ?? []) {
+              if (seen.has(skillName))
+                continue;
+              seen.add(skillName);
+              merged.push(skillName);
+            }
+          } catch (err) {
+            const reason = err instanceof ZodError ? `schema rejection: ${err.errors.map((e) => `${e.path.join(".")}: ${e.message}`).join("; ")}` : `parse error: ${err.message}`;
+            warnings.push({ agent: agentName, file, reason });
+            console.warn(`[switchroom] overlay-loader: agent='${agentName}' file='${file}': ${reason}`);
+          }
+        }
+        agentCfg.skills = merged;
+      }
+    } catch (err) {
+      warnings.push({
+        agent: agentName,
+        file: "(agent skills overlay scan)",
+        reason: `unexpected error: ${err.message}`
+      });
+      console.warn(`[switchroom] overlay-loader: agent='${agentName}' skills.d: unexpected error: ${err.message}`);
+    }
+  }
+  return { config, warnings };
+}
+var OVERLAY_SOURCE;
+var init_overlay_loader = __esm(() => {
+  init_dist();
+  init_zod();
+  init_overlay_schema();
+  init_paths();
+  OVERLAY_SOURCE = Symbol.for("switchroom.config.overlay-source");
+});
+
 // src/config/loader.ts
 var exports_loader = {};
 __export(exports_loader, {
@@ -11316,36 +11491,74 @@ __export(exports_loader, {
   findConfigFile: () => findConfigFile,
   ConfigError: () => ConfigError
 });
-import { readFileSync as readFileSync5, existsSync as existsSync5 } from "node:fs";
+import { readFileSync as readFileSync6, existsSync as existsSync6 } from "node:fs";
 import { homedir } from "node:os";
-import { resolve as resolve3 } from "node:path";
+import { resolve as resolve4 } from "node:path";
 function formatZodErrors(error) {
   return error.errors.map((e) => {
     const path = e.path.join(".");
     return `  ${path}: ${e.message}`;
   });
 }
+function coerceLegacyGoogleWorkspaceKeys(parsed, filePath) {
+  const stableStringify = (v) => {
+    if (v === null || typeof v !== "object")
+      return JSON.stringify(v);
+    if (Array.isArray(v))
+      return `[${v.map(stableStringify).join(",")}]`;
+    const obj = v;
+    const keys = Object.keys(obj).sort();
+    return `{${keys.map((k) => `${JSON.stringify(k)}:${stableStringify(obj[k])}`).join(",")}}`;
+  };
+  const aliasInPlace = (obj, where) => {
+    const a = obj.drive;
+    const b = obj.google_workspace;
+    if (a !== undefined && b !== undefined) {
+      if (stableStringify(a) !== stableStringify(b)) {
+        throw new ConfigError(`Both \`drive:\` and \`google_workspace:\` are set on ${where} in ${filePath} with different values.`, [
+          "  These are aliases — pick one and remove the other.",
+          "  `google_workspace:` is the RFC G canonical key; `drive:` is the legacy alias.",
+          "  Allowed during transition: setting both with identical values."
+        ]);
+      }
+      return;
+    }
+    if (a !== undefined && b === undefined)
+      obj.google_workspace = a;
+    if (b !== undefined && a === undefined)
+      obj.drive = b;
+  };
+  aliasInPlace(parsed, "the top level");
+  const agents = parsed.agents;
+  if (agents && typeof agents === "object" && !Array.isArray(agents)) {
+    for (const [name, agent] of Object.entries(agents)) {
+      if (agent && typeof agent === "object" && !Array.isArray(agent)) {
+        aliasInPlace(agent, `agent \`${name}\``);
+      }
+    }
+  }
+}
 function findConfigFile(startDir) {
   const envPath = process.env.SWITCHROOM_CONFIG;
   const home2 = homedir();
-  const userDir = resolve3(home2, ".switchroom");
+  const userDir = resolve4(home2, ".switchroom");
   const searchPaths = [
-    envPath ? resolve3(envPath) : null,
-    startDir ? resolve3(startDir, "switchroom.yaml") : null,
-    startDir ? resolve3(startDir, "switchroom.yml") : null,
-    startDir ? resolve3(startDir, "clerk.yaml") : null,
-    startDir ? resolve3(startDir, "clerk.yml") : null,
-    resolve3(process.cwd(), "switchroom.yaml"),
-    resolve3(process.cwd(), "switchroom.yml"),
-    resolve3(process.cwd(), "clerk.yaml"),
-    resolve3(process.cwd(), "clerk.yml"),
-    resolve3(userDir, "switchroom.yaml"),
-    resolve3(userDir, "switchroom.yml"),
-    resolve3(userDir, "clerk.yaml"),
-    resolve3(userDir, "clerk.yml")
+    envPath ? resolve4(envPath) : null,
+    startDir ? resolve4(startDir, "switchroom.yaml") : null,
+    startDir ? resolve4(startDir, "switchroom.yml") : null,
+    startDir ? resolve4(startDir, "clerk.yaml") : null,
+    startDir ? resolve4(startDir, "clerk.yml") : null,
+    resolve4(process.cwd(), "switchroom.yaml"),
+    resolve4(process.cwd(), "switchroom.yml"),
+    resolve4(process.cwd(), "clerk.yaml"),
+    resolve4(process.cwd(), "clerk.yml"),
+    resolve4(userDir, "switchroom.yaml"),
+    resolve4(userDir, "switchroom.yml"),
+    resolve4(userDir, "clerk.yaml"),
+    resolve4(userDir, "clerk.yml")
   ].filter(Boolean);
   for (const path of searchPaths) {
-    if (existsSync5(path)) {
+    if (existsSync6(path)) {
       return path;
     }
   }
@@ -11353,12 +11566,12 @@ function findConfigFile(startDir) {
 }
 function loadConfig(configPath) {
   const filePath = configPath ?? findConfigFile();
-  if (!existsSync5(filePath)) {
+  if (!existsSync6(filePath)) {
     throw new ConfigError(`Config file not found: ${filePath}`);
   }
   let raw;
   try {
-    raw = readFileSync5(filePath, "utf-8");
+    raw = readFileSync6(filePath, "utf-8");
   } catch (err) {
     throw new ConfigError(`Failed to read config file: ${filePath}`, [
       `  ${err.message}`
@@ -11377,16 +11590,26 @@ function loadConfig(configPath) {
     obj.switchroom = obj.clerk;
     delete obj.clerk;
   }
+  if (parsed && typeof parsed === "object" && !Array.isArray(parsed)) {
+    coerceLegacyGoogleWorkspaceKeys(parsed, filePath);
+  }
+  let config;
   try {
-    return SwitchroomConfigSchema.parse(parsed);
+    config = SwitchroomConfigSchema.parse(parsed);
   } catch (err) {
     if (err instanceof ZodError) {
       throw new ConfigError("Invalid switchroom.yaml configuration", formatZodErrors(err));
     }
     throw err;
   }
+  applyAgentOverlays(config);
+  return config;
 }
 function resolveAgentsDir(config) {
+  const override = process.env.SWITCHROOM_AGENTS_DIR;
+  if (override && override.length > 0 && override.startsWith("/")) {
+    return override;
+  }
   return resolveDualPath(config.switchroom.agents_dir);
 }
 function resolvePath(pathStr) {
@@ -11398,6 +11621,7 @@ var init_loader = __esm(() => {
   init_zod();
   init_schema();
   init_paths();
+  init_overlay_loader();
   ConfigError = class ConfigError extends Error {
     details;
     constructor(message, details) {
@@ -11410,7 +11634,7 @@ var init_loader = __esm(() => {
 
 // src/vault/broker/server.ts
 import * as net from "node:net";
-import { mkdirSync as mkdirSync5, chmodSync as chmodSync4, chownSync, existsSync as existsSync7, readFileSync as readFileSync7, readdirSync as readdirSync2, unlinkSync as unlinkSync4, writeFileSync as writeFileSync3, renameSync as renameSync3 } from "node:fs";
+import { mkdirSync as mkdirSync5, chmodSync as chmodSync4, chownSync, existsSync as existsSync8, readFileSync as readFileSync8, readdirSync as readdirSync3, unlinkSync as unlinkSync4, writeFileSync as writeFileSync3, renameSync as renameSync3 } from "node:fs";
 
 // src/agents/compose.ts
 import { createHash } from "node:crypto";
@@ -11690,6 +11914,11 @@ function mergeAgentConfig(defaultsIn, agentIn) {
     }
     merged.reactions = combined;
   }
+  if (defaults.resources || merged.resources) {
+    const d = defaults.resources ?? {};
+    const a = merged.resources ?? {};
+    merged.resources = { ...d, ...a };
+  }
   if (defaults.experimental || merged.experimental) {
     const d = defaults.experimental ?? {};
     const a = merged.experimental ?? {};
@@ -12031,7 +12260,7 @@ function allocateAgentUid(name) {
 var BIND_MOUNT_EXACT_SOURCE_DENY = new Set(["/var/run/docker.sock"]);
 
 // src/vault/broker/server.ts
-import { dirname as dirname4, resolve as resolve4, basename as basename3 } from "node:path";
+import { dirname as dirname4, resolve as resolve5, basename as basename3 } from "node:path";
 import * as os3 from "node:os";
 import * as path3 from "node:path";
 
@@ -12559,7 +12788,7 @@ init_loader();
 
 // src/vault/auto-unlock.ts
 import { createHmac, randomBytes as randomBytes2, createCipheriv as createCipheriv2, createDecipheriv as createDecipheriv2 } from "node:crypto";
-import { chmodSync as chmodSync2, existsSync as existsSync6, mkdirSync as mkdirSync3, readFileSync as readFileSync6, writeFileSync as writeFileSync2 } from "node:fs";
+import { chmodSync as chmodSync2, existsSync as existsSync7, mkdirSync as mkdirSync3, readFileSync as readFileSync7, writeFileSync as writeFileSync2 } from "node:fs";
 var FORMAT_VERSION = 1;
 var SALT_LEN = 16;
 var NONCE_LEN = 12;
@@ -12587,7 +12816,7 @@ class AutoUnlockDecryptError extends Error {
 function readMachineId() {
   for (const path of [MACHINE_ID_PRIMARY, MACHINE_ID_FALLBACK]) {
     try {
-      const id = readFileSync6(path, "utf8").trim();
+      const id = readFileSync7(path, "utf8").trim();
       if (id.length > 0)
         return id;
     } catch {}
@@ -12624,12 +12853,12 @@ function decryptAutoUnlock(blob, machineId) {
   }
 }
 function readAutoUnlockFile(filePath) {
-  if (!existsSync6(filePath)) {
+  if (!existsSync7(filePath)) {
     throw new AutoUnlockDecryptError("io");
   }
   let blob;
   try {
-    blob = readFileSync6(filePath);
+    blob = readFileSync7(filePath);
   } catch {
     throw new AutoUnlockDecryptError("io");
   }
@@ -12720,6 +12949,10 @@ function checkAclByAgent(config, agentName, key) {
   if (!agentConfig) {
     return { allow: false, reason: `agent '${agentName}' not found in config` };
   }
+  const googleSlot = parseGoogleAccountSlotKey(key);
+  if (googleSlot !== null) {
+    return checkGoogleAccountAcl(config, agentName, googleSlot.account, key);
+  }
   const schedule = agentConfig.schedule ?? [];
   if (schedule.length === 0) {
     return {
@@ -12738,6 +12971,37 @@ function checkAclByAgent(config, agentName, key) {
     reason: `key '${key}' not in ACL for agent '${agentName}'`
   };
 }
+function parseGoogleAccountSlotKey(key) {
+  const match = key.match(/^google:([^:]+):([a-z_]+)$/);
+  if (!match)
+    return null;
+  return { account: match[1], field: match[2] };
+}
+function checkGoogleAccountAcl(config, agentName, account, key) {
+  const accounts = config.google_accounts ?? {};
+  const accountKey = account.toLowerCase();
+  const accountEntry = accounts[accountKey] ?? accounts[account];
+  if (!accountEntry) {
+    return {
+      allow: false,
+      reason: `google_accounts['${account}'] not configured (key '${key}')`
+    };
+  }
+  const enabled = accountEntry.enabled_for ?? [];
+  if (enabled.length === 0) {
+    return {
+      allow: false,
+      reason: `google_accounts['${account}'].enabled_for is empty (key '${key}')`
+    };
+  }
+  if (!enabled.includes(agentName)) {
+    return {
+      allow: false,
+      reason: `agent '${agentName}' not in google_accounts['${account}'].enabled_for (key '${key}')`
+    };
+  }
+  return { allow: true };
+}
 
 // src/vault/broker/protocol.ts
 init_zod();
@@ -13144,13 +13408,13 @@ function genSalt(rounds, seed_length, callback) {
       throw Error("Illegal callback: " + typeof callback);
     _async(callback);
   } else
-    return new Promise(function(resolve4, reject) {
+    return new Promise(function(resolve5, reject) {
       _async(function(err, res) {
         if (err) {
           reject(err);
           return;
         }
-        resolve4(res);
+        resolve5(res);
       });
     });
 }
@@ -13170,13 +13434,13 @@ function hash(password, salt, callback, progressCallback) {
       throw Error("Illegal callback: " + typeof callback);
     _async(callback);
   } else
-    return new Promise(function(resolve4, reject) {
+    return new Promise(function(resolve5, reject) {
       _async(function(err, res) {
         if (err) {
           reject(err);
           return;
         }
-        resolve4(res);
+        resolve5(res);
       });
     });
 }
@@ -13209,13 +13473,13 @@ function compare(password, hashValue, callback, progressCallback) {
       throw Error("Illegal callback: " + typeof callback);
     _async(callback);
   } else
-    return new Promise(function(resolve4, reject) {
+    return new Promise(function(resolve5, reject) {
       _async(function(err, res) {
         if (err) {
           reject(err);
           return;
         }
-        resolve4(res);
+        resolve5(res);
       });
     });
 }
@@ -15330,7 +15594,7 @@ class VaultBroker {
     if (process.platform !== "linux" && process.env.SWITCHROOM_BROKER_ALLOW_NON_LINUX !== "1") {
       throw new Error(`vault-broker is Linux-only (running on ${process.platform}). ` + `The broker's ACL relies on cgroup-based systemd unit identification, ` + `which is not available on this platform. ` + `Use 'switchroom vault get --no-broker' for direct vault access. ` + `If you need to run the broker for development on this platform, ` + `set SWITCHROOM_BROKER_ALLOW_NON_LINUX=1 — but understand that the ` + `broker will accept any same-user caller without per-cron ACL enforcement.`);
     }
-    this.socketPath = resolve4(socketPath);
+    this.socketPath = resolve5(socketPath);
     this.unlockSocketPath = unlockSocketFor(this.socketPath);
     this.startedAt = Date.now();
     if (this.testOpts._testConfig) {
@@ -15340,7 +15604,7 @@ class VaultBroker {
       this.config = loadConfig2(configPath);
     }
     if (vaultPath) {
-      this.vaultPath = resolve4(vaultPath);
+      this.vaultPath = resolve5(vaultPath);
     } else {
       this.vaultPath = resolvePath(this.config.vault?.path ?? "~/.switchroom/vault.enc");
     }
@@ -15357,7 +15621,7 @@ class VaultBroker {
       chmodSync4(parentDir, 448);
     } catch {}
     for (const p of [this.socketPath, this.unlockSocketPath]) {
-      if (existsSync7(p)) {
+      if (existsSync8(p)) {
         try {
           unlinkSync4(p);
         } catch {}
@@ -15407,7 +15671,7 @@ class VaultBroker {
       try {
         entry.server.close();
       } catch {}
-      if (existsSync7(sockPath)) {
+      if (existsSync8(sockPath)) {
         try {
           unlinkSync4(sockPath);
         } catch {}
@@ -15415,7 +15679,7 @@ class VaultBroker {
     }
     this.agentServers.clear();
     for (const p of [this.socketPath, this.unlockSocketPath]) {
-      if (p && existsSync7(p)) {
+      if (p && existsSync8(p)) {
         try {
           unlinkSync4(p);
         } catch {}
@@ -15423,7 +15687,7 @@ class VaultBroker {
     }
     try {
       const pidPath = resolvePath(PID_FILE_DEFAULT);
-      if (existsSync7(pidPath))
+      if (existsSync8(pidPath))
         unlinkSync4(pidPath);
     } catch {}
   }
@@ -15438,7 +15702,7 @@ class VaultBroker {
     return this.secrets;
   }
   bindAgentSocket(socketPath) {
-    const abs = resolve4(socketPath);
+    const abs = resolve5(socketPath);
     const agentName = socketPathToAgent(abs);
     if (agentName === null) {
       return Promise.reject(new Error(`bindAgentSocket: socket path '${abs}' does not match the canonical ` + `/run/switchroom/broker/<agent>.sock shape — refusing to bind without ` + `a verifiable agent identity`));
@@ -15446,7 +15710,7 @@ class VaultBroker {
     return new Promise((resolveP, rejectP) => {
       if (abs.endsWith("/sock")) {
         const dir = abs.slice(0, -"/sock".length);
-        if (existsSync7(dir)) {
+        if (existsSync8(dir)) {
           try {
             chownSync(dir, 0, 0);
           } catch {}
@@ -15455,7 +15719,7 @@ class VaultBroker {
           } catch {}
         }
       }
-      if (existsSync7(abs)) {
+      if (existsSync8(abs)) {
         try {
           unlinkSync4(abs);
         } catch (err) {
@@ -15490,7 +15754,7 @@ class VaultBroker {
     });
   }
   _bindDataSocket() {
-    return new Promise((resolve5, reject) => {
+    return new Promise((resolve6, reject) => {
       const server = net.createServer((socket) => {
         this._handleDataConnection(socket);
       });
@@ -15502,12 +15766,12 @@ class VaultBroker {
           chmodSync4(this.socketPath, 384);
         } catch {}
         this.server = server;
-        resolve5();
+        resolve6();
       });
     });
   }
   bindOperatorListener(socketPath, operatorUid) {
-    const abs = resolve4(socketPath);
+    const abs = resolve5(socketPath);
     const identity2 = socketPathToIdentity(abs);
     if (identity2?.kind !== "operator") {
       return Promise.reject(new Error(`bindOperatorListener: socket path '${abs}' does not match the canonical ` + `/run/switchroom/broker/operator/sock shape — refusing to bind`));
@@ -15515,7 +15779,7 @@ class VaultBroker {
     const unlockAbs = unlockSocketFor(abs);
     if (abs.endsWith("/sock")) {
       const dir = abs.slice(0, -"/sock".length);
-      if (existsSync7(dir)) {
+      if (existsSync8(dir)) {
         try {
           chownSync(dir, 0, 0);
         } catch {}
@@ -15525,7 +15789,7 @@ class VaultBroker {
       }
     }
     for (const p of [abs, unlockAbs]) {
-      if (existsSync7(p)) {
+      if (existsSync8(p)) {
         try {
           unlinkSync4(p);
         } catch {}
@@ -15571,7 +15835,7 @@ class VaultBroker {
     });
   }
   _bindUnlockSocket() {
-    return new Promise((resolve5, reject) => {
+    return new Promise((resolve6, reject) => {
       const server = net.createServer((socket) => {
         this._handleUnlockConnection(socket);
       });
@@ -15583,7 +15847,7 @@ class VaultBroker {
           chmodSync4(this.unlockSocketPath, 384);
         } catch {}
         this.unlockServer = server;
-        resolve5();
+        resolve6();
       });
     });
   }
@@ -16357,7 +16621,7 @@ class VaultBroker {
         const row = this.grantsDb.query("SELECT agent_slug FROM vault_grants WHERE id = ?").get(id);
         if (row) {
           const tokenPath = path3.join(os3.homedir(), ".switchroom", "agents", row.agent_slug, ".vault-token");
-          if (existsSync7(tokenPath)) {
+          if (existsSync8(tokenPath)) {
             try {
               unlinkSync4(tokenPath);
             } catch {}
@@ -16595,7 +16859,7 @@ class VaultBroker {
     const envPath = process.env.SWITCHROOM_VAULT_BROKER_AUTO_UNLOCK_PATH;
     const configuredPath = (envPath && envPath.length > 0 ? envPath : undefined) ?? this.config?.vault?.broker?.autoUnlockCredentialPath ?? DEFAULT_AUTO_UNLOCK_PATH;
     const filePath = resolvePath(configuredPath);
-    if (!existsSync7(filePath))
+    if (!existsSync8(filePath))
       return false;
     let passphrase;
     try {
@@ -16632,7 +16896,7 @@ class VaultBroker {
     const credPath = `${dir}/vault-passphrase`;
     let passphrase;
     try {
-      passphrase = readFileSync7(credPath, "utf8").replace(/\n+$/, "");
+      passphrase = readFileSync8(credPath, "utf8").replace(/\n+$/, "");
     } catch (err) {
       const code = err.code;
       if (code === "ENOENT") {
@@ -16704,19 +16968,19 @@ async function main() {
   const vaultPath = process.env.SWITCHROOM_VAULT_PATH;
   let perAgentTargets = [];
   try {
-    if (existsSync7(perAgentDir)) {
-      const entries = readdirSync2(perAgentDir, { withFileTypes: true });
+    if (existsSync8(perAgentDir)) {
+      const entries = readdirSync3(perAgentDir, { withFileTypes: true });
       const flat = [];
       const subdirs = [];
       for (const e of entries) {
         if (e.name.startsWith("."))
           continue;
         if ((e.isFile() || e.isSocket()) && e.name.endsWith(".sock")) {
-          flat.push(resolve4(perAgentDir, e.name));
+          flat.push(resolve5(perAgentDir, e.name));
           continue;
         }
         if (e.isDirectory()) {
-          const candidate = resolve4(perAgentDir, e.name, "sock");
+          const candidate = resolve5(perAgentDir, e.name, "sock");
           if (socketPathToAgent(candidate) !== null) {
             subdirs.push(candidate);
           }
@@ -16746,7 +17010,7 @@ async function main() {
     }
     const operatorUidStr = process.env.SWITCHROOM_BROKER_OPERATOR_UID;
     const operatorDir = "/run/switchroom/broker/operator";
-    if (operatorUidStr !== undefined && existsSync7(operatorDir)) {
+    if (operatorUidStr !== undefined && existsSync8(operatorDir)) {
       const operatorUid = parseInt(operatorUidStr, 10);
       if (!Number.isFinite(operatorUid) || operatorUid <= 0) {
         process.stderr.write(`[vault-broker] SWITCHROOM_BROKER_OPERATOR_UID='${operatorUidStr}' is not a positive integer; skipping operator listener