vellum 0.2.8 → 0.2.9

package/src/config/schema.ts

@@ -895,9 +895,6 @@ export const CallsConfigSchema = z.object({
       error: `calls.provider must be one of: ${VALID_CALL_PROVIDERS.join(', ')}`,
     })
     .default('twilio'),
-  webhookBaseUrl: z
-    .string({ error: 'calls.webhookBaseUrl must be a string' })
-    .default(''),
   maxDurationSeconds: z
     .number({ error: 'calls.maxDurationSeconds must be a number' })
     .int('calls.maxDurationSeconds must be an integer')
@@ -934,7 +931,7 @@ export const IngressConfigSchema = z.object({
     .enum(VALID_INGRESS_MODES, {
       error: `ingress.mode must be one of: ${VALID_INGRESS_MODES.join(', ')}`,
     })
-    .default('compat'),
+    .default('gateway_only'),
 });
 
 export const AssistantConfigSchema = z.object({
@@ -1175,7 +1172,6 @@ export const AssistantConfigSchema = z.object({
   calls: CallsConfigSchema.default({
     enabled: true,
     provider: 'twilio',
-    webhookBaseUrl: '',
     maxDurationSeconds: 3600,
     userConsultTimeoutSeconds: 120,
     disclosure: {
@@ -1188,7 +1184,7 @@ export const AssistantConfigSchema = z.object({
   }),
   ingress: IngressConfigSchema.default({
     publicBaseUrl: '',
-    mode: 'compat',
+    mode: 'gateway_only',
   }),
 }).superRefine((config, ctx) => {
   if (config.contextWindow.targetInputTokens >= config.contextWindow.maxInputTokens) {

package/src/config/vellum-skills/google-oauth-setup/SKILL.md

@@ -124,7 +124,7 @@ Tell the user: "Consent screen is configured! Almost there — just need to crea
 
 > **Create OAuth Credentials**
 >
-> I'm about to create OAuth Desktop credentials for Vellum Assistant. This generates a client ID that Vellum uses to initiate the authorization flow. No secret keys are involved — we use the secure PKCE method.
+> I'm about to create OAuth Web Application credentials for Vellum Assistant. This generates a client ID that Vellum uses to initiate the authorization flow. The redirect URI will point to the gateway's OAuth callback endpoint.
 
 Wait for the user to approve. If they decline, explain that credentials are the final step needed and offer to try again or cancel.
 
@@ -133,8 +133,9 @@ Once approved, navigate to `https://console.cloud.google.com/apis/credentials?pr
 Use `browser_click` on "+ Create Credentials" at the top, then select "OAuth client ID" from the dropdown.
 
 Take a `browser_snapshot` and fill in:
-1. **Application type:** Select "Desktop app" from the dropdown
-2. **Name:** "Vellum Assistant Desktop"
+1. **Application type:** Select "Web application" from the dropdown
+2. **Name:** "Vellum Assistant"
+3. **Authorized redirect URIs:** Click "Add URI" and enter `${ingress.publicBaseUrl}/webhooks/oauth/callback` (e.g. `https://abc123.ngrok-free.app/webhooks/oauth/callback`). Read the `ingress.publicBaseUrl` value from the assistant's workspace config (Settings > Public Ingress) or the `INGRESS_PUBLIC_BASE_URL` environment variable.
 
 Use `browser_click` on the "Create" button.
 
@@ -179,7 +180,7 @@ Summarize what was accomplished:
 - Created a Google Cloud project (or used an existing one)
 - Enabled the Gmail API and Google Calendar API
 - Configured the OAuth consent screen with appropriate scopes (including calendar)
-- Created OAuth Desktop credentials using secure PKCE
+- Created OAuth Web Application credentials with gateway callback redirect URI
 - Connected your Gmail and Google Calendar accounts
 
 ## Error Handling

package/src/config/vellum-skills/slack-oauth-setup/SKILL.md

@@ -85,14 +85,16 @@ Tell the user: "Permissions configured! Now let's set up the redirect URL and ge
 
 Navigate to the "OAuth & Permissions" page if not already there.
 
+The redirect URL must point to the gateway's OAuth callback endpoint. Determine the URL by reading the `ingress.publicBaseUrl` value from the assistant's workspace config (Settings > Public Ingress) or the `INGRESS_PUBLIC_BASE_URL` environment variable. The callback path is `/webhooks/oauth/callback`.
+
 In the "Redirect URLs" section:
 1. Click "Add New Redirect URL"
-2. Enter `http://127.0.0.1:0/callback` — Vellum will use a random port on localhost
+2. Enter `${ingress.publicBaseUrl}/webhooks/oauth/callback` (e.g. `https://abc123.ngrok-free.app/webhooks/oauth/callback`)
 3. Click "Add" then "Save URLs"
 
 Take a `browser_snapshot` to confirm.
 
-Tell the user: "Redirect URL configured."
+Tell the user: "Redirect URL configured. Make sure your tunnel is running and `ingress.publicBaseUrl` is set in Settings so the callback can reach the gateway."
 
 ## Step 5: Extract Client ID and Client Secret
 

package/src/config/vellum-skills/telegram-setup/SKILL.md

@@ -5,14 +5,14 @@ user-invocable: true
 metadata: {"vellum": {"emoji": "\ud83e\udd16"}}
 ---
 
-You are helping your user connect a Telegram bot to the Vellum Assistant gateway. When this skill is invoked, walk through each step below using only existing tools.
+You are helping your user connect a Telegram bot to the Vellum Assistant gateway. Telegram webhooks are received exclusively by the gateway (the public ingress boundary) — they never hit the assistant runtime directly. When this skill is invoked, walk through each step below using only existing tools.
 
 ## What You Need
 
 1. **Bot token** from Telegram's @BotFather (the user provides this)
-2. **Gateway webhook URL** where the gateway receives webhooks (e.g. `https://their-domain/webhooks/telegram`)
+2. **Gateway webhook URL** — derived from the canonical ingress setting: `${ingress.publicBaseUrl}/webhooks/telegram`. The gateway is the only publicly reachable endpoint; Telegram sends webhooks to the gateway, which validates and forwards them to the assistant runtime internally. If `ingress.publicBaseUrl` is configured (Settings UI > Public Ingress, or `INGRESS_PUBLIC_BASE_URL` env var), use it to auto-derive the webhook URL. If it is not configured, ask the user to set it before proceeding.
 
-If the user has already provided the bot token in the conversation, use it directly. Otherwise, ask for it. Always confirm the gateway webhook URL if not provided.
+If the user has already provided the bot token in the conversation, use it directly. Otherwise, ask for it.
 
 ## Setup Steps
 

package/src/daemon/handlers/config.ts

@@ -19,7 +19,6 @@ import type {
   ReminderCancel,
   ShareToSlackRequest,
   SlackWebhookConfigRequest,
-  TwilioWebhookConfigRequest,
   IngressConfigRequest,
   VercelApiConfigRequest,
   TwitterIntegrationConfigRequest,
@@ -90,11 +89,12 @@ export function handleModelSet(
     // Suppress the file watcher callback — handleModelSet already does
     // the full reload sequence; a redundant watcher-triggered reload
     // would incorrectly evict sessions created after this method returns.
+    const wasSuppressed = ctx.suppressConfigReload;
     ctx.setSuppressConfigReload(true);
     try {
       saveRawConfig(raw);
     } catch (err) {
-      ctx.setSuppressConfigReload(false);
+      ctx.setSuppressConfigReload(wasSuppressed);
       throw err;
     }
     const existingSuppressTimer = ctx.debounceTimers.get('__suppress_reset__');
@@ -139,11 +139,12 @@ export function handleImageGenModelSet(
     const raw = loadRawConfig();
     raw.imageGenModel = msg.model;
 
+    const wasSuppressed = ctx.suppressConfigReload;
     ctx.setSuppressConfigReload(true);
     try {
       saveRawConfig(raw);
     } catch (err) {
-      ctx.setSuppressConfigReload(false);
+      ctx.setSuppressConfigReload(wasSuppressed);
       throw err;
     }
     const existingSuppressTimer = ctx.debounceTimers.get('__suppress_reset__');
@@ -398,41 +399,10 @@ export function handleSlackWebhookConfig(
   }
 }
 
-export function handleTwilioWebhookConfig(
-  msg: TwilioWebhookConfigRequest,
-  socket: net.Socket,
-  ctx: HandlerContext,
-): void {
-  try {
-    if (msg.action === 'get') {
-      const raw = loadRawConfig();
-      const webhookBaseUrl = (raw?.calls as Record<string, unknown>)?.webhookBaseUrl as string ?? '';
-      ctx.send(socket, { type: 'twilio_webhook_config_response', webhookBaseUrl, success: true });
-    } else if (msg.action === 'set') {
-      const value = (msg.webhookBaseUrl ?? '').trim().replace(/\/+$/, '');
-      const raw = loadRawConfig();
-      const calls = (raw?.calls ?? {}) as Record<string, unknown>;
-      calls.webhookBaseUrl = value || undefined;
-      const wasSuppressed = ctx.suppressConfigReload;
-      ctx.setSuppressConfigReload(true);
-      try {
-        saveRawConfig({ ...raw, calls });
-      } catch (err) {
-        ctx.setSuppressConfigReload(wasSuppressed);
-        throw err;
-      }
-      const existingSuppressTimer = ctx.debounceTimers.get('__suppress_reset__');
-      if (existingSuppressTimer) clearTimeout(existingSuppressTimer);
-      const resetTimer = setTimeout(() => { ctx.setSuppressConfigReload(false); }, CONFIG_RELOAD_DEBOUNCE_MS);
-      ctx.debounceTimers.set('__suppress_reset__', resetTimer);
-      ctx.send(socket, { type: 'twilio_webhook_config_response', webhookBaseUrl: value, success: true });
-    } else {
-      ctx.send(socket, { type: 'twilio_webhook_config_response', webhookBaseUrl: '', success: false, error: `Unknown action: ${String((msg as unknown as Record<string, unknown>).action)}` });
-    }
-  } catch (err) {
-    const message = err instanceof Error ? err.message : String(err);
-    ctx.send(socket, { type: 'twilio_webhook_config_response', webhookBaseUrl: '', success: false, error: message });
-  }
+function computeLocalGatewayTarget(): string {
+  const portRaw = process.env.GATEWAY_PORT || '7830';
+  const port = Number(portRaw) || 7830;
+  return `http://127.0.0.1:${port}`;
 }
 
 export function handleIngressConfig(
@@ -440,28 +410,29 @@ export function handleIngressConfig(
   socket: net.Socket,
   ctx: HandlerContext,
 ): void {
+  const localGatewayTarget = computeLocalGatewayTarget();
   try {
     if (msg.action === 'get') {
       const raw = loadRawConfig();
       const ingress = (raw?.ingress ?? {}) as Record<string, unknown>;
       const publicBaseUrl = (ingress.publicBaseUrl as string) ?? '';
-      ctx.send(socket, { type: 'ingress_config_response', publicBaseUrl, success: true });
+      ctx.send(socket, { type: 'ingress_config_response', publicBaseUrl, localGatewayTarget, success: true });
     } else if (msg.action === 'set') {
       const value = (msg.publicBaseUrl ?? '').trim().replace(/\/+$/, '');
       const raw = loadRawConfig();
 
-      // Update ingress.publicBaseUrl
+      // Update ingress.publicBaseUrl — this is the single source of truth for
+      // the canonical public ingress URL. The gateway receives this value via
+      // the INGRESS_PUBLIC_BASE_URL env var at spawn time (see hatch.ts).
+      // A gateway restart is required for the new value to take effect in
+      // inbound Twilio signature validation.
       const ingress = (raw?.ingress ?? {}) as Record<string, unknown>;
       ingress.publicBaseUrl = value || undefined;
 
-      // Also update calls.webhookBaseUrl for backward compat
-      const calls = (raw?.calls ?? {}) as Record<string, unknown>;
-      calls.webhookBaseUrl = value || undefined;
-
       const wasSuppressed = ctx.suppressConfigReload;
       ctx.setSuppressConfigReload(true);
       try {
-        saveRawConfig({ ...raw, ingress, calls });
+        saveRawConfig({ ...raw, ingress });
       } catch (err) {
         ctx.setSuppressConfigReload(wasSuppressed);
         throw err;
@@ -470,13 +441,26 @@ export function handleIngressConfig(
       if (existingSuppressTimer) clearTimeout(existingSuppressTimer);
       const resetTimer = setTimeout(() => { ctx.setSuppressConfigReload(false); }, CONFIG_RELOAD_DEBOUNCE_MS);
       ctx.debounceTimers.set('__suppress_reset__', resetTimer);
-      ctx.send(socket, { type: 'ingress_config_response', publicBaseUrl: value, success: true });
+
+      // Propagate to the gateway's process environment so it picks up the
+      // new URL on its next config load. For the local-deployment path the
+      // gateway runs as a child process that inherited the assistant's env,
+      // so updating process.env here ensures the value is visible when the
+      // gateway is restarted (e.g. by the self-upgrade skill or a manual
+      // `pkill -f gateway`).
+      if (value) {
+        process.env.INGRESS_PUBLIC_BASE_URL = value;
+      }
+      // When cleared, do NOT delete the env var — the original env-provided
+      // value (if any) serves as a fallback per the documented precedence model.
+
+      ctx.send(socket, { type: 'ingress_config_response', publicBaseUrl: value, localGatewayTarget, success: true });
     } else {
-      ctx.send(socket, { type: 'ingress_config_response', publicBaseUrl: '', success: false, error: `Unknown action: ${String((msg as unknown as Record<string, unknown>).action)}` });
+      ctx.send(socket, { type: 'ingress_config_response', publicBaseUrl: '', localGatewayTarget, success: false, error: `Unknown action: ${String((msg as unknown as Record<string, unknown>).action)}` });
     }
   } catch (err) {
     const message = err instanceof Error ? err.message : String(err);
-    ctx.send(socket, { type: 'ingress_config_response', publicBaseUrl: '', success: false, error: message });
+    ctx.send(socket, { type: 'ingress_config_response', publicBaseUrl: '', localGatewayTarget, success: false, error: message });
   }
 }
 
@@ -613,7 +597,7 @@ export function handleTwitterIntegrationConfig(
             type: 'twitter_integration_config_response',
             success: false,
             managedAvailable: false,
-            localClientConfigured: false,
+            localClientConfigured: !!previousClientId,
             connected: false,
             error: 'Failed to store client secret in secure storage',
           });
@@ -705,7 +689,6 @@ export const configHandlers = defineHandlers({
   reminder_cancel: handleReminderCancel,
   share_to_slack: handleShareToSlack,
   slack_webhook_config: handleSlackWebhookConfig,
-  twilio_webhook_config: handleTwilioWebhookConfig,
   ingress_config: handleIngressConfig,
   vercel_api_config: handleVercelApiConfig,
   twitter_integration_config: handleTwitterIntegrationConfig,

package/src/daemon/handlers/shared.ts

@@ -75,6 +75,7 @@ export interface SubagentNotificationData {
   label: string;
   status: 'completed' | 'failed' | 'aborted';
   error?: string;
+  conversationId?: string;
 }
 
 export interface ParsedHistoryMessage {

package/src/daemon/handlers/subagents.ts

@@ -3,10 +3,11 @@
  */
 
 import * as net from 'node:net';
-import type { SubagentAbortRequest, SubagentStatusRequest, SubagentMessageRequest } from '../ipc-protocol.js';
+import type { SubagentAbortRequest, SubagentStatusRequest, SubagentMessageRequest, SubagentDetailRequest } from '../ipc-protocol.js';
+import * as conversationStore from '../../memory/conversation-store.js';
 import type { HandlerContext } from './shared.js';
 import { getSubagentManager } from '../../subagent/index.js';
-import { log, defineHandlers } from './shared.js';
+import { log, defineHandlers, isRecord } from './shared.js';
 
 export function handleSubagentAbort(
   msg: SubagentAbortRequest,
@@ -120,8 +121,90 @@ export function handleSubagentMessage(
   }
 }
 
+export function handleSubagentDetailRequest(
+  msg: SubagentDetailRequest,
+  socket: net.Socket,
+  ctx: HandlerContext,
+): void {
+  // Ownership check: reject if the socket has no bound session.
+  const callerSessionId = ctx.socketToSession.get(socket);
+  if (!callerSessionId) {
+    log.warn({ subagentId: msg.subagentId }, 'Detail request rejected: socket has no bound session');
+    return;
+  }
+
+  // If the subagent is still in memory, verify the caller owns it.
+  // After daemon restart getState() returns null — we allow the request
+  // since the conversationId itself acts as a capability token (the client
+  // only knows it because it was sent in a prior subagent_notification).
+  const manager = getSubagentManager();
+  const state = manager.getState(msg.subagentId);
+  if (state && state.config.parentSessionId !== callerSessionId) {
+    log.warn({ subagentId: msg.subagentId, callerSessionId }, 'Detail request rejected: subagent not owned by caller');
+    return;
+  }
+
+  const subagentMsgs = conversationStore.getMessages(msg.conversationId);
+
+  // Extract objective from the first user message
+  let objective: string | undefined;
+  const firstUser = subagentMsgs.find(m => m.role === 'user');
+  if (firstUser) {
+    try {
+      const parsed = JSON.parse(firstUser.content);
+      if (Array.isArray(parsed)) {
+        const textBlock = parsed.find((b: Record<string, unknown>) => isRecord(b) && b.type === 'text');
+        if (textBlock && typeof textBlock.text === 'string') {
+          objective = textBlock.text;
+        }
+      }
+    } catch { /* ignore */ }
+  }
+
+  // Extract events from both assistant and user messages.
+  // Subagent conversations are not consolidated, so tool_result blocks
+  // live in separate user-role messages following the assistant's tool_use.
+  const events: Array<{ type: string; content: string; toolName?: string; isError?: boolean }> = [];
+  const pendingTools = new Map<string, string>();
+  for (const m of subagentMsgs) {
+    if (m.role !== 'assistant' && m.role !== 'user') continue;
+    let content: unknown[];
+    try {
+      const parsed = JSON.parse(m.content);
+      content = Array.isArray(parsed) ? parsed : [];
+    } catch { continue; }
+
+    for (const block of content) {
+      if (!isRecord(block) || typeof block.type !== 'string') continue;
+      if (m.role === 'assistant' && block.type === 'text' && typeof block.text === 'string') {
+        events.push({ type: 'text', content: block.text });
+      } else if (block.type === 'tool_use') {
+        const name = typeof block.name === 'string' ? block.name : 'unknown';
+        const input = isRecord(block.input) ? block.input as Record<string, unknown> : {};
+        const id = typeof block.id === 'string' ? block.id : '';
+        events.push({ type: 'tool_use', content: JSON.stringify(input), toolName: name });
+        if (id) pendingTools.set(id, name);
+      } else if (block.type === 'tool_result') {
+        const toolUseId = typeof block.tool_use_id === 'string' ? block.tool_use_id : '';
+        const resultContent = typeof block.content === 'string' ? block.content : '';
+        const isError = block.is_error === true;
+        const toolName = toolUseId ? pendingTools.get(toolUseId) : undefined;
+        events.push({ type: 'tool_result', content: resultContent, toolName: toolName ?? 'unknown', isError });
+      }
+    }
+  }
+
+  ctx.send(socket, {
+    type: 'subagent_detail_response',
+    subagentId: msg.subagentId,
+    objective,
+    events,
+  });
+}
+
 export const subagentHandlers = defineHandlers({
   subagent_abort: handleSubagentAbort,
   subagent_status: handleSubagentStatus,
   subagent_message: handleSubagentMessage,
+  subagent_detail_request: handleSubagentDetailRequest,
 });

package/src/daemon/handlers/twitter-auth.ts

@@ -1,8 +1,10 @@
 import * as net from 'node:net';
-import { loadRawConfig } from '../../config/loader.js';
+import { loadRawConfig, loadConfig } from '../../config/loader.js';
 import { getSecureKey, setSecureKey, deleteSecureKey } from '../../security/secure-keys.js';
 import { startOAuth2Flow } from '../../security/oauth2.js';
+import { getPublicBaseUrl } from '../../inbound/public-ingress-urls.js';
 import { upsertCredentialMetadata, getCredentialMetadata } from '../../tools/credentials/metadata-store.js';
+import { ConfigError } from '../../util/errors.js';
 import type { TwitterAuthStartRequest, TwitterAuthStatusRequest } from '../ipc-protocol.js';
 import { log, defineHandlers, type HandlerContext } from './shared.js';
 import type { OAuth2Config } from '../../security/oauth2.js';
@@ -36,6 +38,33 @@ export async function handleTwitterAuthStart(
 
     const clientSecret = getSecureKey('credential:integration:twitter:oauth_client_secret') || undefined;
 
+    // Fail fast if no public ingress URL is configured — Twitter OAuth
+    // callbacks must route through the gateway, never via loopback.
+    let config;
+    try {
+      config = loadConfig();
+    } catch (err) {
+      const detail = err instanceof ConfigError ? err.message : String(err);
+      ctx.send(socket, {
+        type: 'twitter_auth_result',
+        success: false,
+        error: `Unable to load config: ${detail}`,
+      });
+      return;
+    }
+
+    try {
+      getPublicBaseUrl(config);
+    } catch {
+      ctx.send(socket, {
+        type: 'twitter_auth_result',
+        success: false,
+        error:
+          'Set ingress.publicBaseUrl (or INGRESS_PUBLIC_BASE_URL) so OAuth callbacks can route through /webhooks/oauth/callback on the gateway.',
+      });
+      return;
+    }
+
     const oauthConfig: OAuth2Config = {
       authUrl: 'https://twitter.com/i/oauth2/authorize',
       tokenUrl: 'https://api.x.com/2/oauth2/token',
@@ -49,7 +78,7 @@ export async function handleTwitterAuthStart(
       openUrl: (url: string) => {
         ctx.send(socket, { type: 'open_url', url });
       },
-    });
+    }, { callbackTransport: 'gateway' });
 
     // Verify identity via Twitter API before persisting any tokens
     let accountInfo: string;

package/src/daemon/ipc-contract-inventory.json

@@ -76,12 +76,12 @@
     "SkillsUpdateRequest",
     "SlackWebhookConfigRequest",
     "SubagentAbortRequest",
+    "SubagentDetailRequest",
     "SubagentMessageRequest",
     "SubagentStatusRequest",
     "SuggestionRequest",
     "TaskSubmit",
     "TrustRulesList",
-    "TwilioWebhookConfigRequest",
     "TwitterAuthStartRequest",
     "TwitterAuthStatusRequest",
     "TwitterIntegrationConfigRequest",
@@ -181,6 +181,7 @@
     "SkillsListResponse",
     "SkillsOperationResponse",
     "SlackWebhookConfigResponse",
+    "SubagentDetailResponse",
     "SubagentEvent",
     "SubagentSpawned",
     "SubagentStatusChanged",
@@ -194,7 +195,6 @@
     "ToolUseStart",
     "TraceEvent",
     "TrustRulesListResponse",
-    "TwilioWebhookConfigResponse",
     "TwitterAuthResult",
     "TwitterAuthStatusResponse",
     "TwitterIntegrationConfigResponse",
@@ -301,12 +301,12 @@
     "skills_update",
     "slack_webhook_config",
     "subagent_abort",
+    "subagent_detail_request",
     "subagent_message",
     "subagent_status",
     "suggestion_request",
     "task_submit",
     "trust_rules_list",
-    "twilio_webhook_config",
     "twitter_auth_start",
     "twitter_auth_status",
     "twitter_integration_config",
@@ -406,6 +406,7 @@
     "skills_operation_response",
     "skills_state_changed",
     "slack_webhook_config_response",
+    "subagent_detail_response",
     "subagent_event",
     "subagent_spawned",
     "subagent_status_changed",
@@ -419,7 +420,6 @@
     "tool_use_start",
     "trace_event",
     "trust_rules_list_response",
-    "twilio_webhook_config_response",
     "twitter_auth_result",
     "twitter_auth_status_response",
     "twitter_integration_config_response",

package/src/daemon/ipc-contract.ts

@@ -472,12 +472,6 @@ export interface SlackWebhookConfigRequest {
   webhookUrl?: string;
 }
 
-export interface TwilioWebhookConfigRequest {
-  type: 'twilio_webhook_config';
-  action: 'get' | 'set';
-  webhookBaseUrl?: string;
-}
-
 export interface IngressConfigRequest {
   type: 'ingress_config';
   action: 'get' | 'set';
@@ -947,7 +941,6 @@ export type ClientMessage =
   | ShareAppCloudRequest
   | ShareToSlackRequest
   | SlackWebhookConfigRequest
-  | TwilioWebhookConfigRequest
   | IngressConfigRequest
   | VercelApiConfigRequest
   | TwitterIntegrationConfigRequest
@@ -985,11 +978,8 @@ export type ClientMessage =
   | WorkItemCancelRequest
   | SubagentAbortRequest
   | SubagentStatusRequest
-  | SubagentMessageRequest;
-
-// ── Legacy integration IPC stubs ────────────────────────────────────
-// The macOS Settings panel still sends these messages. Stub types keep
-// the dispatch map happy until the client-side migration lands.
+  | SubagentMessageRequest
+  | SubagentDetailRequest;
 
 export interface IntegrationListRequest {
   type: 'integration_list';
@@ -1234,6 +1224,7 @@ export interface HistoryResponse {
       label: string;
       status: 'completed' | 'failed' | 'aborted';
       error?: string;
+      conversationId?: string;
     };
   }>;
 }
@@ -1697,16 +1688,11 @@ export interface SlackWebhookConfigResponse {
   error?: string;
 }
 
-export interface TwilioWebhookConfigResponse {
-  type: 'twilio_webhook_config_response';
-  webhookBaseUrl: string;
-  success: boolean;
-  error?: string;
-}
-
 export interface IngressConfigResponse {
   type: 'ingress_config_response';
   publicBaseUrl: string;
+  /** Read-only gateway target computed from GATEWAY_PORT env var (default 7830) + loopback host. */
+  localGatewayTarget: string;
   success: boolean;
   error?: string;
 }
@@ -2194,7 +2180,6 @@ export type ServerMessage =
   | GalleryInstallResponse
   | ShareToSlackResponse
   | SlackWebhookConfigResponse
-  | TwilioWebhookConfigResponse
   | IngressConfigResponse
   | VercelApiConfigResponse
   | TwitterIntegrationConfigResponse
@@ -2234,7 +2219,8 @@ export type ServerMessage =
   | OpenTasksWindow
   | SubagentSpawned
   | SubagentStatusChanged
-  | SubagentEvent;
+  | SubagentEvent
+  | SubagentDetailResponse;
 
 // === Subagent IPC ─────────────────────────────────────────────────────
 
@@ -2254,6 +2240,18 @@ export interface SubagentStatusChanged {
   usage?: UsageStats;
 }
 
+export interface SubagentDetailResponse {
+  type: 'subagent_detail_response';
+  subagentId: string;
+  objective?: string;
+  events: Array<{
+    type: string;
+    content: string;
+    toolName?: string;
+    isError?: boolean;
+  }>;
+}
+
 /** Wraps any ServerMessage emitted by a subagent session for routing to the client. */
 export interface SubagentEvent {
   type: 'subagent_event';
@@ -2280,6 +2278,12 @@ export interface SubagentMessageRequest {
   content: string;
 }
 
+export interface SubagentDetailRequest {
+  type: 'subagent_detail_request';
+  subagentId: string;
+  conversationId: string;
+}
+
 // === Contract schema ===
 
 export interface IPCContractSchema {

package/src/daemon/lifecycle.ts

@@ -316,6 +316,14 @@ export async function runDaemon(): Promise<void> {
   await initializeTools();
   log.info('Daemon startup: providers and tools initialized');
 
+  // Start the IPC socket BEFORE Qdrant so that clients can connect
+  // immediately. Qdrant startup can take 30+ seconds (binary download,
+  // /readyz polling) which previously blocked the socket from appearing.
+  log.info('Daemon startup: starting DaemonServer (IPC socket)');
+  const server = new DaemonServer();
+  await server.start();
+  log.info('Daemon startup: DaemonServer started');
+
   // Initialize Qdrant vector store — non-fatal so the daemon stays up without it
   const qdrantUrl = process.env.QDRANT_URL?.trim() || config.memory.qdrant.url;
   log.info({ qdrantUrl }, 'Daemon startup: initializing Qdrant');
@@ -336,10 +344,7 @@ export async function runDaemon(): Promise<void> {
     log.warn({ err }, 'Qdrant failed to start — memory features will be unavailable');
   }
 
-  log.info('Daemon startup: starting DaemonServer (IPC socket)');
-  const server = new DaemonServer();
-  await server.start();
-  log.info('Daemon startup: DaemonServer started, starting memory worker');
+  log.info('Daemon startup: starting memory worker');
   const memoryWorker = startMemoryJobsWorker();
   // Initialize watcher engine and register providers
   registerWatcherProvider(gmailProvider);

package/src/daemon/server.ts

@@ -39,6 +39,7 @@ import { getSubagentManager } from '../subagent/index.js';
 import { tryHandlePendingCallAnswer } from '../calls/call-bridge.js';
 import { resolveSlash } from './session-slash.js';
 import { createUserMessage, createAssistantMessage } from '../agent/message-types.js';
+import { registerDaemonCallbacks } from '../work-items/work-item-runner.js';
 
 const log = getLogger('server');
 
@@ -184,6 +185,12 @@ export class DaemonServer {
 
     this.evictor.start();
 
+    // Register daemon callbacks so tools can trigger work item execution
+    registerDaemonCallbacks({
+      getOrCreateSession: (conversationId) => this.getOrCreateSession(conversationId),
+      broadcast: (msg) => this.broadcast(msg),
+    });
+
     ensureBlobDir();
     this.blobSweepTimer = setInterval(() => {
       sweepStaleBlobs(30 * 60 * 1000).catch((err) => {

package/src/daemon/session-tool-setup.ts

@@ -282,7 +282,7 @@ export function createToolExecutor(
 
     // Broadcast tasks_changed so connected clients (e.g. macOS Tasks window)
     // auto-refresh when the LLM mutates the task queue via tools
-    if ((name === 'task_list_add' || name === 'task_list_update' || name === 'task_list_remove') && !result.isError) {
+    if ((name === 'task_list_add' || name === 'task_list_update' || name === 'task_list_remove' || name === 'task_queue_run') && !result.isError) {
       broadcastToAllClients?.({ type: 'tasks_changed' });
     }