typeclaw 0.26.0 → 0.28.0

package/src/bundled-plugins/github-cli-auth/review-recorder.ts

@@ -0,0 +1,93 @@
+import { readFile } from 'node:fs/promises'
+
+import { recordReview } from '@/channels/github-review-turn-ledger'
+import type { ContentPart, ToolResult } from '@/plugin'
+
+import { detectReviewSubmission, type DetectedReview } from './gh-review-detect'
+
+// Bridges the bash `gh` interceptor to the false-receipt ledger: at tool.before
+// we detect a review-submission command (resolving its --input file), stash it by
+// callId, and at tool.after we credit the ledger ONLY if the command actually
+// succeeded. Strict success detection is the safe bias here — wrongly crediting a
+// review that never landed would re-open the false-receipt hole, so an ambiguous
+// result is treated as "not landed" and left uncredited.
+
+const pending = new Map<string, DetectedReview>()
+
+const MAX_INPUT_BYTES = 1_000_000
+
+export async function noteReviewCommand(args: { callId: string; command: string }): Promise<void> {
+  const inputFileContents = await readInputFile(args.command)
+  const detected = detectReviewSubmission({ command: args.command, inputFileContents })
+  if (detected !== null) pending.set(args.callId, detected)
+}
+
+export function commitReviewIfSucceeded(args: { sessionId: string; callId: string; result: ToolResult }): void {
+  const detected = pending.get(args.callId)
+  if (detected === undefined) return
+  pending.delete(args.callId)
+  if (!looksSucceeded(detected, collectText(args.result.content))) return
+  recordReview({
+    sessionId: args.sessionId,
+    workspace: detected.workspace,
+    prNumber: detected.prNumber,
+    verdict: detected.verdict,
+  })
+}
+
+async function readInputFile(command: string): Promise<string | null> {
+  const path = inputFilePath(command)
+  if (path === null) return null
+  try {
+    const buf = await readFile(path)
+    if (buf.byteLength > MAX_INPUT_BYTES) return null
+    return buf.toString('utf8')
+  } catch {
+    return null
+  }
+}
+
+function inputFilePath(command: string): string | null {
+  const m = /(?:^|\s)--input(?:=|\s+)(\S+)/.exec(command)
+  if (m === null) return null
+  const raw = m[1] as string
+  if (raw === '-') return null
+  return stripQuotes(raw)
+}
+
+function stripQuotes(value: string): string {
+  if (value.length >= 2 && (value[0] === '"' || value[0] === "'") && value[value.length - 1] === value[0]) {
+    return value.slice(1, -1)
+  }
+  return value
+}
+
+// Success markers are vector-specific. The REST endpoints echo the created
+// review JSON; the `gh pr review` porcelain prints a plain confirmation line
+// ("✓ Approved pull request OWNER/REPO#N" / "+ Requested changes to pull
+// request …", from cli/cli pkg/cmd/pr/review). Matching REST JSON markers
+// against porcelain output left every `gh pr review --approve` uncredited, so a
+// later "Approved" reply in the same turn was wrongly blocked.
+const API_SUCCESS_MARKERS = [
+  '"node_id":"PRR_',
+  '"state":"APPROVED"',
+  '"state":"CHANGES_REQUESTED"',
+  '"state": "APPROVED"',
+]
+const PR_REVIEW_SUCCESS_MARKERS = ['Approved pull request', 'Requested changes to pull request']
+const FAILURE_MARKERS = ['gh: ', 'HTTP 4', 'HTTP 5', 'Bad credentials', 'Not Found', 'Validation Failed']
+
+// Require a success marker AND no failure marker, so a partial/garbled capture
+// fails closed (uncredited).
+function looksSucceeded(detected: DetectedReview, text: string): boolean {
+  if (FAILURE_MARKERS.some((m) => text.includes(m))) return false
+  const markers = detected.source === 'pr-review' ? PR_REVIEW_SUCCESS_MARKERS : API_SUCCESS_MARKERS
+  return markers.some((m) => text.includes(m))
+}
+
+function collectText(content: readonly ContentPart[]): string {
+  return content
+    .filter((p): p is ContentPart & { type: 'text' } => p.type === 'text')
+    .map((p) => p.text)
+    .join('\n')
+}

package/src/bundled-plugins/guard/policies/managed-config.ts

@@ -71,7 +71,7 @@ function validateManagedContent(file: ManagedFile, content: string): { ok: true
     const result = parseConfigJson(content, { migrate: false })
     return result.ok ? { ok: true } : { ok: false, reason: result.reason }
   }
-  const result = parseCronJson(content, { migrate: false })
+  const result = parseCronJson(content)
   return result.ok ? { ok: true } : { ok: false, reason: result.reason }
 }
 

package/src/bundled-plugins/memory/README.md

@@ -85,29 +85,11 @@ A `[dreaming] citation-superset violation: …` warning logs the dropped ids and
 
 - **`memory/topics/<slug>.md`** — per-topic shards with YAML frontmatter (`heading`, `cites`, `days`, `lastReinforced`, `tags?`) + body markdown. Runtime owns the frontmatter (recomputed after every dreaming run from the body's citations); dreaming subagent writes body only.
 - **`memory/streams/yyyy-MM-dd.jsonl`** — daily fragment streams. One event per line, discriminated union of `fragment | watermark | legacy_prose`. Force-committed alongside the shards.
-- **`memory/MEMORY.md.pre-shard.bak`** — one-shot pre-migration backup created by the boot migration. Safe to delete after verifying.
+- **`memory/MEMORY.md.pre-shard.bak`** — legacy pre-shard backup left by older TypeClaw versions. Safe to delete after verifying.
 - **`memory/skills/<name>/SKILL.md`** — muscle memory. Skills the dreaming subagent distills from repeated procedures. Auto-loaded as first-class skills.
 - **`memory/.dreaming-state.json`** — per-day dreamed-id sets.
 - **`memory/.retrieval-cache/<sessionId>.md`** — ephemeral retrieval summaries. Written by `memory-retrieval`, read by `loadMemory` on the next prompt of the same session, unlinked on `session.end`.
 
-## One-shot boot migration
-
-When the plugin boots against an agent folder with a root `MEMORY.md` and no `memory/topics/`, it runs `runShardingMigration`. Steps:
-
-1. Detect prerequisites.
-2. Reset `memory/.migrating/` if a previous run crashed mid-flight.
-3. Run the legacy `.md → .jsonl` daily-stream migration (existing behavior).
-4. Parse `MEMORY.md` via `parseTopicsWithBodies`.
-5. **Stage topic shards** in `memory/.migrating/topics/` (originals untouched).
-6. **Stage streams** by COPY (not rename) to `memory/.migrating/streams/`.
-7. Stage pre-shard backup by COPY.
-8. **Verify staging** via `checkCitationSupersetAcrossShards`. On failure, abort and KEEP `memory/.migrating/` for human inspection. Originals untouched.
-9. **Atomic finalization**: rename three dirs (`topics`, `streams`, `.pre-shard.bak`), then unlink originals.
-
-Crash-recovery branches at boot: stale `memory/.migrating/` with no `topics/` → cleanup + retry; leftover `memory/.migrating/` alongside complete `topics/` → cleanup only; orphan root `MEMORY.md` or `memory/<date>.jsonl` alongside the new layout → delete orphans.
-
-The migration is idempotent and crash-safe.
-
 ## How `session.idle` works
 
 Core fires `session.idle` immediately after every `session.prompt()` completion. The plugin owns the debounce: a `Map<sessionId, Timeout>` reset on every event. When the timer fires, the plugin spawns `memory-logger` for that session — unless the min-delta gate suppresses the spawn (see below).
@@ -132,9 +114,9 @@ Each `memory-logger` spawn captures the line count of `memory/streams/<today>.js
 
 ## Tests
 
-Test files in this directory (kebab-case, `.test.ts` neighbors): `paths`, `slug`, `frontmatter`, `topics`, `shard-snapshot`, `delete-tool`, `citations`, `citation-superset`, `migration`, `load-shards`, `load-memory`, `injection-plan`, `search-tool`, `memory-retrieval`, `memory-logger`, `dreaming`, `index`, `integration`. Plus guard policies in `../guard/policies/`: `memory-topics-delete`, `memory-topics-write`, `memory-retrieval-cache-write`.
+Test files in this directory (kebab-case, `.test.ts` neighbors): `paths`, `slug`, `frontmatter`, `topics`, `shard-snapshot`, `delete-tool`, `citations`, `citation-superset`, `load-shards`, `load-memory`, `injection-plan`, `search-tool`, `memory-retrieval`, `memory-logger`, `dreaming`, `index`, `integration`. Plus guard policies in `../guard/policies/`: `memory-topics-delete`, `memory-topics-write`, `memory-retrieval-cache-write`.
 
-## Migration notes (from before the plugin existed)
+## Notes from before the plugin existed
 
 - `memory.idleMs` and `memory.dreaming.schedule` already existed in core's `typeclaw.json` schema and moved into this plugin's `configSchema` verbatim.
 - `memory.dreaming.schedule` is now **restart-required** because plugin config is read once at boot.

package/src/bundled-plugins/memory/index.ts

@@ -1,5 +1,5 @@
 import { existsSync } from 'node:fs'
-import { access, constants as fsConstants, mkdir, readFile, readdir, stat, unlink, writeFile } from 'node:fs/promises'
+import { access, constants as fsConstants, mkdir, readFile, stat, unlink, writeFile } from 'node:fs/promises'
 import { join } from 'node:path'
 
 import { CronExpressionParser } from 'cron-parser'
@@ -14,7 +14,6 @@ import { buildInjectionPlan, DEFAULT_INJECTION_BUDGET_BYTES, MIN_INJECTION_BUDGE
 import { loadAllShards } from './load-shards'
 import { createMemoryLoggerSubagent, type MemoryLoggerPayload } from './memory-logger'
 import { createMemoryRetrievalSubagent, type MemoryRetrievalPayload } from './memory-retrieval'
-import { runMigration, runShardingMigration } from './migration'
 import { preShardBackupPath, streamFilePath, streamsDir, topicsDir } from './paths'
 import { memorySearchTool } from './search-tool'
 
@@ -141,26 +140,6 @@ export default definePlugin({
     const retrievalSpawnTimeoutMs = ctx.config.retrievalSpawnTimeoutMs
     const dreamingSchedule = ctx.config.dreaming?.schedule ?? DEFAULT_DREAMING_SCHEDULE
 
-    const migrationResult = await runMigration({
-      agentDir: ctx.agentDir,
-      logger: ctx.logger,
-    })
-    if (migrationResult.migrated.length > 0) {
-      ctx.logger.info(`[memory] migrated ${migrationResult.migrated.length} daily stream(s) to JSONL`)
-    }
-
-    const shardingResult = await runShardingMigration({
-      agentDir: ctx.agentDir,
-      logger: ctx.logger,
-    })
-    if (shardingResult.migrated) {
-      ctx.logger.info(
-        `[memory] sharded ${shardingResult.topicCount} topics + ${shardingResult.streamCount} streams (pre-shard backup at memory/MEMORY.md.pre-shard.bak)`,
-      )
-    } else if (shardingResult.error !== undefined) {
-      ctx.logger.warn(`[memory] sharding migration aborted: ${shardingResult.error}`)
-    }
-
     const idleTimers = new Map<string, ReturnType<typeof setTimeout>>()
     const lastIdleEvent = new Map<string, { parentTranscriptPath: string | undefined; origin?: SessionOrigin }>()
     const bytesAtLastRun = new Map<string, number>()
@@ -548,133 +527,6 @@ export default definePlugin({
             }
           },
         },
-        'legacy-md-cleanup': {
-          description: 'Check for legacy .md daily stream files and un-migrated root MEMORY.md',
-          run: async (dctx) => {
-            const memoryDir = join(dctx.agentDir, 'memory')
-            // kept: pre-migration agents may still have a root MEMORY.md.
-            const rootMemoryPath = join(dctx.agentDir, 'MEMORY.md')
-            const hasRootMemory = existsSync(rootMemoryPath)
-            const hasTopicsDir = existsSync(topicsDir(dctx.agentDir))
-
-            let files: string[]
-            try {
-              files = await readdir(memoryDir)
-            } catch {
-              if (!hasRootMemory) return { status: 'ok', message: 'memory/ does not exist yet' }
-              return {
-                status: 'warning',
-                message: 'root MEMORY.md present but not sharded',
-                fix: {
-                  description: 'Run sharding migration to convert root MEMORY.md to topic shards',
-                  apply: async (fixCtx) => {
-                    const result = await runShardingMigration({ agentDir: fixCtx.agentDir, logger: fixCtx.logger })
-                    return {
-                      summary: result.migrated
-                        ? `sharded ${result.topicCount} topic(s) and ${result.streamCount} stream(s)`
-                        : `sharding migration did not run${result.error ? `: ${result.error}` : ''}`,
-                      changedPaths: result.migrated
-                        ? [
-                            join('memory', 'topics'),
-                            join('memory', 'streams'),
-                            join('memory', 'MEMORY.md.pre-shard.bak'),
-                          ]
-                        : [],
-                    }
-                  },
-                },
-              }
-            }
-
-            const mdFiles = files.filter((f) => /^\d{4}-\d{2}-\d{2}\.md$/.test(f))
-
-            if (hasRootMemory) {
-              if (!hasTopicsDir) {
-                const mdMsg = mdFiles.length > 0 ? `; also ${mdFiles.length} legacy .md daily stream(s)` : ''
-                return {
-                  status: 'warning',
-                  message: `root MEMORY.md present but not sharded${mdMsg}`,
-                  fix: {
-                    description: 'Run sharding migration to convert root MEMORY.md to topic shards',
-                    apply: async (fixCtx) => {
-                      const result = await runShardingMigration({ agentDir: fixCtx.agentDir, logger: fixCtx.logger })
-                      return {
-                        summary: result.migrated
-                          ? `sharded ${result.topicCount} topic(s) and ${result.streamCount} stream(s)`
-                          : `sharding migration did not run${result.error ? `: ${result.error}` : ''}`,
-                        changedPaths: result.migrated
-                          ? [
-                              join('memory', 'topics'),
-                              join('memory', 'streams'),
-                              join('memory', 'MEMORY.md.pre-shard.bak'),
-                            ]
-                          : [],
-                      }
-                    },
-                  },
-                }
-              }
-              const mdMsg = mdFiles.length > 0 ? `; also ${mdFiles.length} legacy .md daily stream(s)` : ''
-              return {
-                status: 'warning',
-                message: `orphaned root MEMORY.md after sharding migration${mdMsg}`,
-                fix: {
-                  description: 'Delete the orphaned root MEMORY.md file',
-                  apply: async () => {
-                    await unlink(rootMemoryPath)
-                    return { summary: 'deleted orphaned root MEMORY.md', changedPaths: ['MEMORY.md'] }
-                  },
-                },
-              }
-            }
-
-            if (mdFiles.length === 0) return { status: 'ok', message: 'no legacy .md daily streams found' }
-
-            const caseA: string[] = []
-            const caseB: string[] = []
-
-            for (const mdFile of mdFiles) {
-              const date = mdFile.replace('.md', '')
-              const jsonlFile = `${date}.jsonl`
-              if (files.includes(jsonlFile)) {
-                caseB.push(date)
-              } else {
-                caseA.push(date)
-              }
-            }
-
-            if (caseA.length > 0 && caseB.length === 0) {
-              return {
-                status: 'warning',
-                message: `${caseA.length} legacy .md daily stream(s) still present; boot-time migration likely failed`,
-                fix: {
-                  description: 'Re-run migration to convert .md files to .jsonl',
-                  apply: async (fixCtx) => {
-                    const result = await runMigration({ agentDir: fixCtx.agentDir, logger: fixCtx.logger })
-                    return {
-                      summary: `migrated ${result.migrated.length} legacy .md daily stream(s) to .jsonl`,
-                      changedPaths: result.migrated.map((d) => `memory/${d}.jsonl`),
-                    }
-                  },
-                },
-              }
-            }
-
-            if (caseB.length > 0) {
-              const allDates = [...caseA, ...caseB]
-              return {
-                status: 'warning',
-                message: `Conflicting .md+.jsonl pair for dates: ${allDates.join(', ')}. Inspect manually: the .jsonl is the authoritative new format; if its contents match or supersede the .md, delete the .md by hand.`,
-                fix: {
-                  description: 'Manual inspection required. Delete the .md file if the .jsonl is correct.',
-                  // No apply — this is an operator decision
-                },
-              }
-            }
-
-            return { status: 'ok', message: 'no legacy .md daily streams found' }
-          },
-        },
         'pre-shard-backup-age': {
           description: 'Warn when pre-shard backup is older than 30 days',
           run: async (dctx) => {

package/src/bundled-plugins/reviewer/skills/code-review.ts

@@ -66,7 +66,9 @@ Prioritize in this order:
 
 ### Re-reviews must re-decide, not observe
 
-When the payload tells you this is a **re-review** — you (or this agent) previously requested changes on this PR and the author has pushed fixes and asked again — your verdict's whole purpose is to **re-decide the blocking state**, so:
+When the payload tells you this is a **re-review** — you (or this agent) previously requested changes on this PR and the author has pushed fixes — your verdict's whole purpose is to **re-decide the blocking state**, so:
+
+This includes payloads where the parent says the author **addressed your prior blocking feedback** — "fixed both issues", "addressed your review", "pushed a fix" — even when the inbound was phrased conversationally rather than as an explicit "review again". An author responding to the blocker you raised IS the re-review trigger; the absence of the words "review again" does not downgrade it to a \`comment\`. Re-decide:
 
 - Return **approve** if the blockers that drove the prior \`request-changes\` are resolved (leftover nits do not block — \`approve\` with inline nits is correct).
 - Return **request-changes** if any blocker remains or a new one appeared.

package/src/bundled-plugins/security/policies/cron-promotion.ts

@@ -191,7 +191,7 @@ async function intendedContent(
 }
 
 function parseJobsFromContent(content: string): readonly ParsedCronJob[] | undefined {
-  const result = parseCronJson(content, { migrate: false })
+  const result = parseCronJson(content)
   if (!result.ok) return undefined
   return result.file.jobs
 }
@@ -203,7 +203,7 @@ async function readExistingJobs(targetPath: string): Promise<readonly ParsedCron
   } catch {
     return []
   }
-  const result = parseCronJson(raw, { migrate: true })
+  const result = parseCronJson(raw)
   if (!result.ok) return []
   return result.file.jobs
 }

package/src/channels/adapters/github/inbound.ts

@@ -8,6 +8,7 @@ import { removeRequestedReviewer } from './decoy-reviewer'
 import type { DeliveryDedup } from './dedup'
 import { isGithubEventAllowed } from './event-allowlist'
 import { encodeGithubReactionRef, type GithubReactionTarget } from './reactions'
+import { listUnresolvedSelfReviewThreads } from './review-thread-resolver'
 
 export type GithubInboundLogger = { info: (m: string) => void; warn: (m: string) => void; error: (m: string) => void }
 
@@ -80,6 +81,18 @@ export function createGithubWebhookHandler(options: GithubWebhookHandlerOptions)
       return ok()
     }
 
+    // A push to an open PR (`synchronize`) is not a message to react to — it is
+    // a trigger to re-check whether the new commits addressed the bot's own
+    // still-open review threads. The check needs a GraphQL round-trip, so it
+    // runs OFF the ACK path (like the decoy-reviewer drop) and only wakes a
+    // session when there is at least one such thread. Returning here also keeps
+    // synchronize out of the generic awareness-only fallthrough below.
+    if (event === 'pull_request' && action === 'synchronize') {
+      if (delivery !== '') options.dedup.add(delivery)
+      scheduleReviewThreadRecheck({ payload, selfLogin, options })
+      return ok()
+    }
+
     const teamIsBotMember = await resolveTeamMembership(event, payload, options)
     const classified = classifyGithubInbound(event, payload, selfLogin, {
       teamIsBotMember,
@@ -171,6 +184,96 @@ function defaultScheduleBackgroundTask(task: () => Promise<void>): void {
   void task().catch(() => {})
 }
 
+function scheduleReviewThreadRecheck(input: {
+  payload: Record<string, unknown>
+  selfLogin: string | null
+  options: GithubWebhookHandlerOptions
+}): void {
+  const { payload, selfLogin, options } = input
+  if (selfLogin === null) return
+  const authToken = options.authToken
+  if (authToken === undefined) return
+
+  const repository = readRepository(payload)
+  const pr = readRecord(payload.pull_request)
+  const pullNumber = readNumber(pr, 'number')
+  if (repository === null || pullNumber === null) return
+  const headSha = readString(readRecord(pr?.head), 'sha')
+
+  const fetchImpl = options.fetchImpl ?? fetch
+  const schedule = options.scheduleBackgroundTask ?? defaultScheduleBackgroundTask
+  const target = `${repository.owner}/${repository.name}#${pullNumber}`
+  schedule(async () => {
+    try {
+      const token = await authToken({ repoSlug: `${repository.owner}/${repository.name}` })
+      const result = await listUnresolvedSelfReviewThreads({
+        token,
+        selfLogin,
+        owner: repository.owner,
+        repo: repository.name,
+        prNumber: pullNumber,
+        fetchImpl,
+      })
+      if (!result.ok) {
+        options.logger.warn(`[github] review-thread recheck failed for ${target}: ${result.error}`)
+        return
+      }
+      if (result.threads.length === 0) return
+      options.route(
+        buildRecheckInbound({
+          repository,
+          pullNumber,
+          headSha,
+          rootCommentIds: result.threads.map((t) => t.rootCommentId),
+          title: readString(pr, 'title'),
+        }),
+      )
+    } catch (err) {
+      options.logger.warn(
+        `[github] review-thread recheck failed for ${target}: ${err instanceof Error ? err.message : String(err)}`,
+      )
+    }
+  })
+}
+
+function buildRecheckInbound(input: {
+  repository: { owner: string; name: string }
+  pullNumber: number
+  headSha: string | null
+  rootCommentIds: readonly number[]
+  title: string | null
+}): InboundMessage {
+  const { repository, pullNumber, headSha, rootCommentIds, title } = input
+  const titleSegment = title !== null && title.trim() !== '' ? `: "${title}"` : ''
+  const shaSegment = headSha !== null ? ` (now at ${headSha.slice(0, 7)})` : ''
+  const idList = rootCommentIds.join(', ')
+  const text =
+    `PR #${pullNumber}${titleSegment} received new commits${shaSegment}. ` +
+    `You have ${rootCommentIds.length} unresolved review thread(s) you authored on this PR ` +
+    `(root comment id(s): ${idList}). For each, check whether the new commits addressed your ` +
+    `concern. If addressed, reply on that thread via channel_send with a short acknowledgement ` +
+    `and resolve_review_thread: true (the thread id is the root comment id). If not addressed, ` +
+    `leave it open. If none are addressed, end your turn without replying.`
+
+  return {
+    adapter: 'github',
+    workspace: `${repository.owner}/${repository.name}`,
+    chat: `pr:${pullNumber}`,
+    thread: null,
+    text,
+    externalMessageId: `pr-${pullNumber}-recheck-${headSha ?? 'unknown'}`,
+    authorId: 'github-system',
+    authorName: 'github',
+    authorIsBot: false,
+    isBotMention: true,
+    replyToBotMessageId: null,
+    mentionsOthers: false,
+    replyToOtherMessageId: null,
+    isDm: false,
+    ts: 0,
+  }
+}
+
 export async function verifySignature(body: string, secret: string, sigHeader: string): Promise<boolean> {
   const expected = `sha256=${createHmac('sha256', secret).update(body).digest('hex')}`
   const a = Buffer.from(expected)
@@ -187,6 +290,7 @@ export function classifyGithubInbound(
 ): InboundMessage | null {
   const repository = readRepository(payload)
   if (repository === null) return null
+  const mention = resolveBotMentionLogins(selfLogin, options?.authType ?? 'pat')
   const base = {
     adapter: 'github' as const,
     workspace: `${repository.owner}/${repository.name}`,
@@ -209,7 +313,7 @@ export function classifyGithubInbound(
       comment.body,
       id,
       user,
-      selfLogin,
+      mention,
       comment.created_at,
       { kind: 'issue-comment', owner: repository.owner, repo: repository.name, commentId: id },
     )
@@ -228,7 +332,7 @@ export function classifyGithubInbound(
       comment.body,
       id,
       readUser(comment.user),
-      selfLogin,
+      mention,
       comment.created_at,
       { kind: 'pr-review-comment', owner: repository.owner, repo: repository.name, commentId: id },
     )
@@ -246,7 +350,7 @@ export function classifyGithubInbound(
       comment.body,
       id,
       readUser(comment.user),
-      selfLogin,
+      mention,
       comment.created_at,
       null,
     )
@@ -270,7 +374,7 @@ export function classifyGithubInbound(
       text,
       id,
       opener,
-      selfLogin,
+      mention,
       issue.created_at,
       { kind: 'issue', owner: repository.owner, repo: repository.name, issueNumber: number },
       action === 'opened' && !hasBody,
@@ -325,7 +429,7 @@ export function classifyGithubInbound(
       prText,
       id,
       opener,
-      selfLogin,
+      mention,
       pr.created_at,
       { kind: 'issue', owner: repository.owner, repo: repository.name, issueNumber: number },
       isOpenLike && !hasBody,
@@ -352,7 +456,7 @@ export function classifyGithubInbound(
       text,
       id,
       reviewer,
-      selfLogin,
+      mention,
       review.submitted_at,
       null,
       !hasBody,
@@ -377,7 +481,7 @@ export function classifyGithubInbound(
       text,
       id,
       opener,
-      selfLogin,
+      mention,
       discussion.created_at,
       null,
       action === 'created' && !hasBody,
@@ -417,6 +521,48 @@ function resolveDecoyReviewerLogin(selfLogin: string, authType: 'pat' | 'app'):
   return slug !== '' ? slug : null
 }
 
+// The @-handles that count as "addressed to us" in inbound body text. Under
+// App auth `selfLogin` is the actor login `slug[bot]`, but GitHub renders a
+// human's mention of the App as `@slug` (the bare slug — the decoy account's
+// login), with no `[bot]` suffix and no way to type one. Matching only against
+// `selfLogin` therefore never sees `@typeey` for a `typeey[bot]` actor, so a
+// direct "@typeey review again" lands with isBotMention=false and falls through
+// the engagement mention gate. Include the decoy slug so the bare-slug mention
+// is recognized. Under PAT auth the bot IS a real user, so there is no decoy
+// and only `selfLogin` applies.
+export type BotMentionLogins = readonly string[]
+
+export function resolveBotMentionLogins(selfLogin: string | null, authType: 'pat' | 'app'): BotMentionLogins {
+  if (selfLogin === null) return []
+  const decoyLogin = resolveDecoyReviewerLogin(selfLogin, authType)
+  return decoyLogin !== null ? [selfLogin, decoyLogin] : [selfLogin]
+}
+
+// GitHub login chars are ASCII letters, digits, and hyphen. A `@login` token is
+// a real mention of `login` only when the char right after it is not one of
+// these — otherwise `@${login}` is a prefix of a longer, different login. This
+// matters for the App decoy slug: `resolveBotMentionLogins('typeclaw[bot]')`
+// yields the bare slug `typeclaw`, and a naive substring check would treat
+// `@typeclaw-bot` (a different user) as a self-mention. The trailing `[` of
+// `@typeclaw[bot]` is not a login char, so the full actor handle still matches.
+const LOGIN_CHAR = /[A-Za-z0-9-]/
+
+function textMentionsBot(text: string, mentionLogins: BotMentionLogins): boolean {
+  return mentionLogins.some((login) => mentionsLogin(text, login))
+}
+
+function mentionsLogin(text: string, login: string): boolean {
+  const token = `@${login}`
+  let from = 0
+  for (;;) {
+    const at = text.indexOf(token, from)
+    if (at === -1) return false
+    const next = text[at + token.length]
+    if (next === undefined || !LOGIN_CHAR.test(next)) return true
+    from = at + 1
+  }
+}
+
 function classifyReviewRequest(input: ReviewRequestInput): InboundMessage | null {
   const { action, payload, pr, number, base, selfLogin, authType, teamIsBotMember } = input
   if (selfLogin === null) return null
@@ -550,7 +696,7 @@ function buildInbound(
   rawText: unknown,
   id: number,
   user: GithubUser | null,
-  selfLogin: string | null,
+  mention: BotMentionLogins,
   rawTs: unknown,
   reactionTarget: GithubReactionTarget | null,
   synthesizedAwareness = false,
@@ -567,7 +713,7 @@ function buildInbound(
   // Synthesized awareness lines carry an `@author` prefix describing who acted;
   // that handle is the author, never a third-party mention of the bot, so the
   // body-text mention heuristic must not fire on it.
-  const isBotMention = !synthesizedAwareness && selfLogin !== null && text.includes(`@${selfLogin}`)
+  const isBotMention = !synthesizedAwareness && textMentionsBot(text, mention)
   return {
     ...key,
     text,