v1.5.2

1.5.2 - 2026-06-17

• v1.5.2 is a patch on the 1.5 line. The fullscreen Agent workspace, Agent-local behavior, isolated Agent Knowledge, connected-host operator integration, and explicit side-effect boundaries all stay in force; this release picks up the latest bundled platform SDK and keeps review scoring aligned with it.
• Updated the bundled GoodVibes platform SDK to 0.33.38, so Agent runs on the current shared review, agent, and reporting primitives.
• Tightened review pass/fail reporting to match the updated SDK: a review only passes when its score meets or exceeds the configured threshold. Prose like "passed" or "approved" no longer lifts a sub-threshold score over the bar, removing a path where a weak review could read as a pass.
• Explicit fail language in a review at or above the threshold is still honored as a safety override unless the same review also states it passed, so genuine failures are not silently swallowed.
• No change to your conversations, memory, skills, routines, or operator confirmation gates; this is an internal dependency and scoring-consistency update.

v1.5.1

1.5.1 - 2026-06-14

• v1.5.1 is a patch on the 1.5 line. The fullscreen Agent workspace, Agent-local behavior, isolated Agent Knowledge, connected-host operator integration, and explicit side-effect boundaries all stay in force; this release restores the inline shell escape and refreshes release verification.
• Restored the inline shell escape in the prompt: type an exclamation mark followed by a command (for example, exclamation-mark git status) to run it in your working directory without leaving Agent. The command output appears inline, and the result is carried into your next message as context so you can run something and immediately ask about it. The composer already showed this as shell mode, but the command never actually ran since the workspace fork; it executes again now.
• The exclamation-hash memory pin is unchanged and still takes precedence, so pinning a note keeps working exactly as before.
• Release hygiene: regenerated the strict live-verification attestation against the running connected host so the published package carries current evidence.
• Test suite: 7931 pass / 0 fail / 2 skip across 554 files.

v1.5.0

1.5.0 - 2026-06-11

• v1.5.0 opens the 1.5 minor line: the fullscreen Agent workspace remains the primary user surface, Agent-local behavior, isolated Agent Knowledge, connected-host operator integration, explicit side-effect boundaries, and release hardening from 1.3.x and 1.4.x all stay in force. This release replaces the split-pane panel system with the Activity sidebar, rebuilds first-run onboarding around readiness, and adds local calendar, direct email, hardware-aware model recommendations, and skill import/export.
• Replaced the 21-panel split-pane system with a single Activity sidebar. Live activity, process output, and runtime state now surface in one consistent lane instead of stacked panels; the footer was slimmed and tool calls show human-readable labels.
• Rewrote the workspace Home as plain-language lanes and merged duplicate categories. The slash-command long tail moved behind /commands so the prompt surface stays focused on what users actually run.
• Added a While you were away digest on return plus a live Coming up sidebar fed by the local calendar, so upcoming commitments stay visible without asking.
• Rebuilt first-run onboarding around a readiness model: setup steps sequence themselves by what is actually configured, the flow can be resumed midway, and a completion recap shows what was set up. The first screen leads with a working path, the first-run model picker opens with a hardware-fit recommendation, and a plain-language hint appears in conversation while setup is incomplete.
• Competitive parity wave: local calendar support, direct email send and read over SMTP and IMAP with TLS or STARTTLS, hardware-aware model recommendations, and automatic skill drafts.
• Skills now import and export in the open skill standard. Exports are lossless, and skills discovered from imports stay disabled until explicitly enabled.
• Hardened the email and calendar surfaces: SMTP and IMAP commands validate addresses and reject control characters, STARTTLS upgrades verify no data arrives before negotiation completes, and calendar parsing is stricter about malformed input.
• Reliability fixes across the TUI: closed a text-wrap hang, made wide-character rendering consistent, fixed webhook notifier reuse, routed the benchmark editor to its real action, and made command failures surface user-visible errors everywhere.
• Release and verification hygiene: the operator token is redacted from release artifacts, the coverage ledger reports honest numbers, release evidence is checked for existence, and operator-facing copy passes a plain-language gate.
• Test suite: 7931 pass / 0 fail / 2 skip across 554 files.

v1.4.4

1.4.4 - 2026-06-09

• v1.4.4 continues the stable 1.x line: the fullscreen Agent workspace remains the primary user surface, Agent-local behavior, isolated Agent Knowledge, connected-host operator integration, explicit side-effect boundaries, and release hardening from 1.3.x and 1.4.x all stay in force. This patch finishes the onboarding-modal cleanup begun in 1.4.0–1.4.3.
• Trimmed Model Routing from 23 rows down to a cleaner first-run set. Removed duplicates (account-main-model duplicated provider-use), removed three guidance rows that leaked model-tool syntax in their detail strings (models action:"status|local|smoke" etc.), removed the model-only secondary pickers that duplicated provider+model pickers for helper / tool / spoken-turn routes, and grouped the rest into Essentials → Helper/tool/spoken-turn (advanced) → System prompt / custom provider / benchmark (advanced) → Prompt cache (advanced).
• Trimmed Tools & Permissions from 24 rows to 14. Dropped 9 granular per-tool permission settings (find, analyze, inspect, state, registry, mcp, agent, workflow, delegate) that defaulted to safe values and overwhelmed first-time users; the broader policy controls (Permission mode, Auto-approve, file reads / writes / edits, shell, network) stay. Also moved the advanced runtime limits to the bottom of the page.
• Renamed labels to plain English across Start, Model Routing, and Tools & Permissions: "Enable helper model" → "Use a dedicated helper model", "Add MCP server" → "Add an MCP server", etc., so the modal reads like an onboarding wizard, not a configuration dump.
• Trimmed the Model Routing summary and detail so the description fits the harness-text length budget and reads as plain operator UX.
• Tests covering the removed rows are skipped rather than rewritten; the removed settings still exist in the config schema and can be reached via the prompt or future advanced surfaces.
• Test suite: 7553 pass / 0 fail / 67 skip across 548 files. The fullscreen Agent workspace, Agent-local behavior, isolated Agent Knowledge, connected-host operator integration, side-effect boundaries, and release hardening guarantees all remain in force.

v1.4.3

1.4.3 - 2026-06-09

• v1.4.3 continues the stable 1.x line: the fullscreen Agent workspace remains the primary user surface, Agent-local behavior, isolated Agent Knowledge, connected-host operator integration, explicit side-effect boundaries, and release hardening from 1.3.x and 1.4.x all stay in force. This patch finishes the workspace cleanup.
• Every workspace category now renders the consistent Setting/Default/Current 3-column table. The old Option/Does fallback was confusing users who saw two different page styles across the same modal. Non-setting rows (editors, model pickers, settings modals, guidance) show their label in Setting and a placeholder dash in Default/Current.
• Removed every kind: 'command' slash-command row from the workspace categories — 145 rows gone. The modal is not a redundant slash-command launcher; the slash commands themselves still work in the main prompt. This applies across the full category list, not just the ONBOARDING group.
• Reordered the Start (setup) category so a first-time user sees the essentials first: sign in to a provider, finish sign-in, choose main model, then optional settings import, reasoning effort, and save-history toggle. The advanced rows (custom provider, stored credentials, secret storage policy, resume-point controls) moved to the bottom of the page where they don't clutter first-run.
• Renamed several Start rows to plain English: "Start subscription login" → "Sign in to a provider", "Finish subscription login" → "Finish provider sign-in", "Logout subscription" → "Sign out of a provider", "Setup checkpoint show/save/clear" → "Show/Save/Clear saved resume point".
• Tests covering the removed command-row dispatch paths are skipped rather than rewritten; the slash commands still exist as commands, just not as workspace rows.
• Test suite: 7556 pass / 0 fail / 64 skip across 548 files.

v1.4.2

1.4.2 - 2026-06-08

• v1.4.2 continues the stable 1.x line: the fullscreen Agent workspace remains the primary user surface, Agent-local behavior, isolated Agent Knowledge, connected-host operator integration, explicit side-effect boundaries, and release hardening from 1.3.x and 1.4.x all stay in force; 1.4.2 removes a planning feature that did not belong in this product and finishes the onboarding-modal cleanup.
• Removed the project planning subsystem entirely. The /plan and /workplan slash commands, the project-planning panel, the work-plan panel, the planning runtime coordinator, and all related workspace categories are gone. This is an operator assistant, not a coding planning harness, and the planning interceptor at src/planning/project-planning-coordinator.ts was matching the word plan in any user prompt and auto-opening a panel that captured keyboard focus.
• Stopped the onboarding modal from exiting the user mid-flow. The Phase 1 default dispatch behavior was compose, which closed the modal before running the slash command. The new default is inline: editor submissions, settings imports, and ad-hoc commands now stay inside the workspace and surface their output in the result pane. Only commandBehavior: 'compose' (explicit) or 'exit' (only /quit) closes the modal.
• Forced the consistent Setting/Default/Current 3-column table layout on every ONBOARDING category. Pages with mixed-kind action lists (editor + setting + guidance) previously fell back to the old two-column Option/Does layout, so users saw two different page styles across the onboarding flow. Now every onboarding page uses the same 3-column header, and non-setting rows show their action label in the Setting column with placeholder dashes for Default and Current.
• Removed every onboarding workspace row that referenced the deleted planning feature: personal-ops-workplan, personal-ops-workplan-add, workplan, workplan-show, workplan-add, workplan-status, workplan-delete, workplan-clear-completed, planning-status, planning-mode, planning-explain, planning-list, plan-seed, plan-show, plan-approve, plan-override, plan-clear. Help overlay and docs cleaned of /plan and /workplan mentions.
• Trimmed the agent-boundary docs test that previously asserted on the deleted 1.2.0 repair handoff doc, plus the release-evidence test now targets a stable required theme instead of a 1.3.0-specific phrase.
• Test suite: 7601 pass / 0 fail / 19 skip across 548 files.

v1.4.1

1.4.1 - 2026-06-08

• v1.4.0 was cut but its publish step never ran; v1.4.1 ships the same onboarding rebuild as the first publicly published version of the 1.4.x line. The fullscreen Agent workspace, Agent-local behavior, isolated Agent Knowledge, connected-host operator integration, explicit side-effect boundaries, and release hardening from 1.3.x all stay in force.
• Fixed a release-evidence test that hardcoded a 1.3.0-specific phrase (compact model-visible harness pass) and prevented the v1.4.0 publish workflow from completing. The assertion now targets the stable required-theme fullscreen Agent workspace, so future release-notes rotations no longer break release CI.
• Rebuilt the Agent Workspace onboarding modal so first-time users land in a focused ONBOARDING-only category list, no longer see HOME and post-onboarding categories competing for attention, and never get kicked out of the modal when activating a slash-command row.
• Added typed commandBehavior (inline | compose | exit) on workspace actions so safe read-only commands can run inside the onboarding modal with their captured output rendered into the result pane, instead of forcing the modal closed to dispatch through the composer.
• Guarded the new inline dispatch path so a missing executeCommand no longer clobbers context.print; the modal surfaces a clear "command unavailable" result and stays open.
• Replaced release-engineering vocabulary (smoke history, receipt gaps, durable receipt, closeout policy, schema status, event cursor, publication guarantee, step history, repeated blocker, setup checkpoint summary) with a tight progress + single next-action summary in the onboarding right pane.
• Closed a leak where channel-guide context lines could expose internal userRoute strings containing model-tool-call syntax; the channels guide now shows only human-readable labels.
• Trimmed the user-facing setup checklist from fifteen items to thirteen by removing the install-smoke and browser-pwa release-engineering items; both remain available to model-facing routes but no longer appear in the onboarding flow.
• Renamed the misleading command field on AgentWorkspaceSetupChecklistItem to breadcrumb so the field's purpose (UI navigation hint) no longer collides with the kind: 'command' action type.
• Added clear verb-led row labels in the onboarding modal so users can see exactly what activating a row does: "Choose provider and model", "Edit MCP server", "Switch to ", "Run: ", "Open: ", "Finish setup", and so on, replacing generic labels like "Open option" and "Open guided form".
• Added a sticky "Finish setup" footer row visible on every ONBOARDING category, colored green when prerequisites (provider/model, connected-host auth, runtime) are ready and warn-colored with the unmet items listed otherwise; the row is wired through the real activation path so pressing Enter triggers completeOnboarding().
• Added per-category readiness glyphs in the onboarding left pane: a green checkmark for categories whose mapped checklist items are all ready, a warn glyph for categories with blockers or recommended items, and no glyph for optional-only categories.
• Relocated the diagnostic fields on AgentSetupWizard (smokeHistory, stepHistory, receiptGaps, closeout, checkpoint, repeatedBlocker) under a _diagnostic subkey so model-facing wizard mechanics are cleanly separated from user-facing wizard state, while preserving the existing model-tool surface.
• Tightened AgentWorkspaceCategory.group and the workspace _onlyGroup filter to a literal union AgentWorkspaceCategoryGroup, so category-group typos fail at compile time instead of producing silent navigation bugs.
• Added end-to-end acceptance tests for the new behavior: inline command dispatch keeps the workspace active and populates lastActionResult with captured output, first-run filter restricts the modal to ONBOARDING categories only, and the jargon allowlist guarantees no banned vocabulary leaks back into user-facing copy.

v1.3.0

1.3.0 - 2026-06-08

• Promoted GoodVibes Agent to the stable 1.0.x operator product surface: the fullscreen Agent workspace is the primary TUI, with setup, provider/model routing, status, compatibility, and doctor flows shaped around personal operator use instead of copied host lifecycle controls.
• Completed the Agent-local behavior system for day-one operation: VIBE.md personality, project context files, local memory posture, prompt-active recall, vector/embedding health, notes, personas, skills, skill bundles, routines, starter profiles, discovery/import flows, review/stale/delete controls, and secret-looking content rejection all stay under Agent ownership.
• Completed isolated Agent Knowledge coverage across CLI, slash commands, workspace panels, connector/source/node/issue views, URL/file/browser/connector ingest, semantic ask/search, issue review, packet/explain previews, consolidation, reindex, and connected-host /api/goodvibes-agent/knowledge/* routes without fallback to default or non-Agent knowledge surfaces.
• Completed connected-host operator integration without taking host lifecycle ownership: compatibility/status checks, authenticated health and model routes, channel readiness, provider-account posture, approvals, automation snapshots, schedules, work plans, media/voice readiness, pairing, and explicit public-route diagnostics are all visible from Agent.
• Completed explicit side-effect boundaries for personal operation: channel sends, notifications, autonomous schedule creation, schedule enable/disable/delete, routine schedule promotion, reminders, subscription/auth actions, memory bundle imports/exports, support bundles, MCP configuration, profile changes, and build delegation require explicit confirmation where they mutate state or call external routes.
• Added first-class user-task route planning: route action:"plan|status" and lower-level agent_harness mode:"route_decision" turn a plain request into the preferred visible Agent route, alternatives, missing fields, confirmation boundary, workspace matches, and harness mode matches without running tools or creating hidden work, including screenshot/browser-control requests that now route to computer action:"plan".
• Host/daemon health, doctor, readiness, service, and compatibility requests now route to host action:"status" first before setup repair or service lifecycle effects.
• Normal settings/configuration requests now route to settings action:"list" first so setting changes start with Agent-owned discovery and explicit confirmation boundaries.
• Direct reminders, schedules, cron, and schedule lifecycle requests now route to schedule action:"list" first, while broader ongoing work remains on autonomy intake.
• Plain command-shaped background work now routes to execution action:"processes" and the first-class terminal/process UX, while scheduled or watcher-like background work stays on autonomy intake.
• Interactive terminal, PTY, stdin, and sudo requests now route to execution action:"process_capabilities" first so users see current support, setup posture, and confirmation boundaries before any hidden process start or credential effect.
• External memory-provider, backend, cross-session sync, import/export, and named-provider requests now route to memory action:"provider" or the external provider checklist before Agent promises provider writes, sync, credentials, or import/export effects; provider detail also exposes next-route packets, missing setup/status/read/write/sync checks, and required receipt fields for SDK/daemon records Agent can consume.
• Model provider, local-cookbook, local server smoke, and route-fit requests now route to models action:"provider|local|smoke|route" before Agent attempts credential, smoke, benchmark, or route-change effects.
• Browser-backed research runner requests now route to research action:"runner", and visual research report rendering requests route to research action:"plan" plus report artifacts before Agent claims browser/PWA rendering readiness.
• Voice workflow, TTS-provider, browser cockpit, and PWA requests now route to device action:"voice|provider" or computer action:"browser" before Agent attempts capture, playback, picker, or browser-open effects.
• Personal Ops briefing, saved queue, fresh inbox/calendar read, and connector setup requests now route to personal_ops action:"briefing|queue|intake|lane" before Agent attempts live provider reads or effects.
• Channel setup, triage, delivery receipt, and send requests now route to channels action:"setup|triage|deliveries|channel" before Agent attempts confirmed external delivery.
• Plain file undo/redo/recovery requests now route to execution action:"recovery" so users inspect available snapshots before confirming a local file mutation.
• Media generation requests now route to provider readiness and confirmed agent_media_generate saved-artifact output instead of inline bytes or silent Knowledge promotion.
• Permission posture, security finding, and blocked-action questions now route to security action:"status|finding|explain" so users get active permission state, exact redacted findings, or read-only policy preflight without knowing security harness mode names.
• Support-bundle, saved-session/bookmark, and release/audit evidence requests now route to first-class read-only support action:"status|bundle", sessions action:"list|get", and audit action:"readiness|evidence|item|artifact" before bundle export/import/share, session lifecycle, or audit drill-in effects.
• Added first-class setup repair decisions: setup action:"repair" and lower-level agent_harness mode:"setup_repair" choose the next safe token repair, connected-host status, services.status receipt, user-run bootstrap, or no lifecycle action without executing lifecycle, token, import, or UI effects.
• Added first-class policy explanations: security action:"explain" and lower-level agent_harness mode:"policy_explain" show why one model action is allowed, denied, or waiting on confirmation across the Agent route guard, permission mode, and typed tool confirmation, with secret-looking args redacted and no tool execution.
• Added user-first delegation decision cards and structured handoff briefs: execution and delegation posture now distinguish local-first work, TUI handoff, delegated review, remote inspection, and blocked hidden fanout, while /delegate and the Agent Workspace form preserve reason, success criteria, workspace hints, priority, and explicit review intent.
• Added the first-class delegation tool: action:"status|routes|route" exposes delegation policy, route catalogs, and exact confirmed handoff contracts without requiring harness mode names.
• Added the first-class execution tool: action:"status|route|history|record|processes|process_capabilities|process|recovery" exposes local-vs-delegated work posture, exact route inspection, activity cards, tracked process inspection, direct process parity/doctor reporting, and file recovery without requiring harness mode names.
• Added the first-class computer tool: action:"status|plan|control|browser|setup|mcp|open_browser" exposes browser/PWA readiness, browser/screenshot/desktop-control route planning, repair/setup rows, trusted MCP/tool discovery, and confirmed browser cockpit opens without requiring harness mode names.
• Added normalized autonomy queue controls: research runs, connected-host tasks, approvals, automation runs, and schedules now expose available/unavailable controls with reasons plus exact confirmed routes for checkpoint, pause, resume, cancel, approve, deny, retry, run, edit, enable, disable, and delete actions; host task cancel/retry stays on confirmed agent_operator_method routes while /tasks remains inspection-only.
• Added the first-class autonomy tool: action:"intake|queue|item|status" exposes ongoing-work route selection and visible autonomy queue inspection without requiring harness mode names.
• Added trigger workflow posture: autonomy action:"intake" now maps time-based wakeups/schedules, incoming webhook/event watchers through published watchers.* daemon routes, Gmail/email connector-gated triggers, and read-only control-plane event streams, with watcher creation kept admin-confirmed and source-scoped.
• Added certified watcher receipts: autonomy action:"intake" now exposes watcher success criteria, and agent_operator_method summarizes watchers.create/patch/run/start/stop/delete receipts into certified or follow-up outcomes without exposing operator tokens.
• Added a source-owned watcher evidence contract: autonomy action:"intake" now tells users and models which SDK/daemon-owned durable run-history receipts, provider source records, redacted event payload descriptors, and queue correlation records are needed before Agent claims persisted webhook/Gmail watcher history.
• Added live watcher run/source read-model consumption: the autonomy queue now ingests SDK/daemon watcher run history, automation watcher runs, Gmail/email provider sources, bounded redacted watcher output chunks, source/checkpoint/correlation diagnostics, read-only source inspect/refresh controls, and exact confirmed watcher controls only when the owning host publishes those routes.
• Added host task output posture: autonomy queue connected-host task records now expose /tasks output routes plus bounded redacted result/error previews when the host publishes them, and route-only status when true output text is not in the read model.
• Completed package and release hardening for the release gate: Bun-only install/run instructions, package-facing text verification, package runtime bundling, packed global install smoke, blocked lifecycle command smoke, source/package boundary checks, architecture checks, recorded performance snapshot checks, verification ledger, strict live verification artifacts, and release-quality readiness inventory dimensions are now...

v1.2.0

1.2.0 - 2026-06-07

• Promoted GoodVibes Agent to the stable 1.0.x operator product surface: the fullscreen Agent workspace is the primary TUI, with setup, provider/model routing, status, compatibility, and doctor flows shaped around personal operator use instead of copied host lifecycle controls.
• Completed the Agent-local behavior system for day-one operation: VIBE.md personality, project context files, local memory posture, prompt-active recall, vector/embedding health, notes, personas, skills, skill bundles, routines, starter profiles, discovery/import flows, review/stale/delete controls, and secret-looking content rejection all stay under Agent ownership.
• Completed isolated Agent Knowledge coverage across CLI, slash commands, workspace panels, connector/source/node/issue views, URL/file/browser/connector ingest, semantic ask/search, issue review, packet/explain previews, consolidation, reindex, and connected-host /api/goodvibes-agent/knowledge/* routes without fallback to default or non-Agent knowledge surfaces.
• Completed connected-host operator integration without taking host lifecycle ownership: compatibility/status checks, authenticated health and model routes, channel readiness, provider-account posture, approvals, automation snapshots, schedules, work plans, media/voice readiness, pairing, and explicit public-route diagnostics are all visible from Agent.
• Completed explicit side-effect boundaries for personal operation: channel sends, notifications, autonomous schedule creation, schedule enable/disable/delete, routine schedule promotion, reminders, subscription/auth actions, memory bundle imports/exports, support bundles, MCP configuration, profile changes, and build delegation require explicit confirmation where they mutate state or call external routes.
• Added first-class user-task route planning: route action:"plan|status" and lower-level agent_harness mode:"route_decision" turn a plain request into the preferred visible Agent route, alternatives, missing fields, confirmation boundary, workspace matches, and harness mode matches without running tools or creating hidden work, including screenshot/browser-control requests that now route to computer action:"plan".
• Host/daemon health, doctor, readiness, service, and compatibility requests now route to host action:"status" first before setup repair or service lifecycle effects.
• Normal settings/configuration requests now route to settings action:"list" first so setting changes start with Agent-owned discovery and explicit confirmation boundaries.
• Direct reminders, schedules, cron, and schedule lifecycle requests now route to schedule action:"list" first, while broader ongoing work remains on autonomy intake.
• Plain command-shaped background work now routes to execution action:"processes" and the first-class terminal/process UX, while scheduled or watcher-like background work stays on autonomy intake.
• Interactive terminal, PTY, stdin, and sudo requests now route to execution action:"process_capabilities" first so users see current support, setup posture, and confirmation boundaries before any hidden process start or credential effect.
• External memory-provider, backend, cross-session sync, import/export, and named-provider requests now route to memory action:"provider" or the external provider checklist before Agent promises provider writes, sync, credentials, or import/export effects; provider detail also exposes next-route packets, missing setup/status/read/write/sync checks, and required receipt fields for SDK/daemon records Agent can consume.
• Model provider, local-cookbook, local server smoke, and route-fit requests now route to models action:"provider|local|smoke|route" before Agent attempts credential, smoke, benchmark, or route-change effects.
• Browser-backed research runner requests now route to research action:"runner", and visual research report rendering requests route to research action:"plan" plus report artifacts before Agent claims browser/PWA rendering readiness.
• Voice workflow, TTS-provider, browser cockpit, and PWA requests now route to device action:"voice|provider" or computer action:"browser" before Agent attempts capture, playback, picker, or browser-open effects.
• Personal Ops briefing, saved queue, fresh inbox/calendar read, and connector setup requests now route to personal_ops action:"briefing|queue|intake|lane" before Agent attempts live provider reads or effects.
• Channel setup, triage, delivery receipt, and send requests now route to channels action:"setup|triage|deliveries|channel" before Agent attempts confirmed external delivery.
• Plain file undo/redo/recovery requests now route to execution action:"recovery" so users inspect available snapshots before confirming a local file mutation.
• Media generation requests now route to provider readiness and confirmed agent_media_generate saved-artifact output instead of inline bytes or silent Knowledge promotion.
• Permission posture, security finding, and blocked-action questions now route to security action:"status|finding|explain" so users get active permission state, exact redacted findings, or read-only policy preflight without knowing security harness mode names.
• Support-bundle, saved-session/bookmark, and release/audit evidence requests now route to first-class read-only support action:"status|bundle", sessions action:"list|get", and audit action:"readiness|evidence|item|artifact" before bundle export/import/share, session lifecycle, or audit drill-in effects.
• Added first-class setup repair decisions: setup action:"repair" and lower-level agent_harness mode:"setup_repair" choose the next safe token repair, connected-host status, services.status receipt, user-run bootstrap, or no lifecycle action without executing lifecycle, token, import, or UI effects.
• Added first-class policy explanations: security action:"explain" and lower-level agent_harness mode:"policy_explain" show why one model action is allowed, denied, or waiting on confirmation across the Agent route guard, permission mode, and typed tool confirmation, with secret-looking args redacted and no tool execution.
• Added user-first delegation decision cards and structured handoff briefs: execution and delegation posture now distinguish local-first work, TUI handoff, delegated review, remote inspection, and blocked hidden fanout, while /delegate and the Agent Workspace form preserve reason, success criteria, workspace hints, priority, and explicit review intent.
• Added the first-class delegation tool: action:"status|routes|route" exposes delegation policy, route catalogs, and exact confirmed handoff contracts without requiring harness mode names.
• Added the first-class execution tool: action:"status|route|history|record|processes|process_capabilities|process|recovery" exposes local-vs-delegated work posture, exact route inspection, activity cards, tracked process inspection, direct process parity/doctor reporting, and file recovery without requiring harness mode names.
• Added the first-class computer tool: action:"status|plan|control|browser|setup|mcp|open_browser" exposes browser/PWA readiness, browser/screenshot/desktop-control route planning, repair/setup rows, trusted MCP/tool discovery, and confirmed browser cockpit opens without requiring harness mode names.
• Added normalized autonomy queue controls: research runs, connected-host tasks, approvals, automation runs, and schedules now expose available/unavailable controls with reasons plus exact confirmed routes for checkpoint, pause, resume, cancel, approve, deny, retry, run, edit, enable, disable, and delete actions; host task cancel/retry stays on confirmed agent_operator_method routes while /tasks remains inspection-only.
• Added the first-class autonomy tool: action:"intake|queue|item|status" exposes ongoing-work route selection and visible autonomy queue inspection without requiring harness mode names.
• Added trigger workflow posture: autonomy action:"intake" now maps time-based wakeups/schedules, incoming webhook/event watchers through published watchers.* daemon routes, Gmail/email connector-gated triggers, and read-only control-plane event streams, with watcher creation kept admin-confirmed and source-scoped.
• Added certified watcher receipts: autonomy action:"intake" now exposes watcher success criteria, and agent_operator_method summarizes watchers.create/patch/run/start/stop/delete receipts into certified or follow-up outcomes without exposing operator tokens.
• Added a source-owned watcher evidence contract: autonomy action:"intake" now tells users and models which SDK/daemon-owned durable run-history receipts, provider source records, redacted event payload descriptors, and queue correlation records are needed before Agent claims persisted webhook/Gmail watcher history.
• Added host task output posture: autonomy queue connected-host task records now expose /tasks output routes plus bounded redacted result/error previews when the host publishes them, and route-only status when true output text is not in the read model.
• Completed package and release hardening for the release gate: Bun-only install/run instructions, package-facing text verification, package runtime bundling, packed global install smoke, blocked lifecycle command smoke, source/package boundary checks, architecture checks, recorded performance snapshot checks, verification ledger, strict live verification artifacts, and release-quality readiness inventory dimensions are now part of the validated release path.
• Completed the compact model-visible harness pass: agent_harness summary now starts with an assistant-first cockpit before technical counters, plural catalogs default to compact rows, mode:"modes" searches every harness mode by task/id/effect/parameter, and mode:"mode" inspects one mode contract with full schemas, policy blocks, route metada...

v1.1.7

1.1.7 - 2026-06-05

• Hardened the Agent model tool surface so goodvibes_context routes to the Agent harness instead of dead-ending.
• Added tool execution and permission safety guards so registered model tools return structured failures instead of aborting turns.
• Added registered-tool smoke coverage for the Agent-guarded platform tool roster.