fix(autonomous): deliver escalations to user (AUDIT-H2)#263
Merged
xlabtg merged 4 commits intoxlabtg:mainfrom Apr 22, 2026
Merged
fix(autonomous): deliver escalations to user (AUDIT-H2)#263xlabtg merged 4 commits intoxlabtg:mainfrom
xlabtg merged 4 commits intoxlabtg:mainfrom
Conversation
Adding .gitkeep for PR creation (default mode). This file will be removed when the task is complete. Issue: xlabtg#262
Route policy-triggered escalations through the Telegram bridge and the in-app notificationBus instead of only writing to the logger. When the autonomous loop pauses a task for human confirmation, every configured admin now receives a DM via deps.bridge.sendMessage, an entry is added to the notifications table, and WebUI SSE clients see the unread-count badge update in real time. Each channel is guarded independently so a single transport failure never suppresses the others and log.warn stays as the last-resort fallback. Closes xlabtg#262
konard
changed the title
Author
Solution summaryPR is ready and mergeable. Summary:
This summary was automatically extracted from the AI working session output. |
Author
🤖 Solution Draft LogThis log file contains the complete execution trace of the AI solution draft process. 💰 Cost: $3.328022📊 Context and tokens usage:
Total: (98.2K + 4.4M cached) input tokens, 19.6K output tokens, $3.328022 cost 🤖 Models used:
📎 Log file uploaded as Gist (1663KB)Now working session is ended, feel free to review and add any feedback on the solution draft. |
Author
🔄 Auto-restart triggered (iteration 1)Reason: Merge conflicts detected Starting new session to address the issues. Auto-restart-until-mergeable mode is active. Will continue until PR becomes mergeable. |
Resolves .gitkeep timestamp conflict and updates the AUDIT-H2 integration test to use the new real tool name (ton_send) that AUDIT-C1 introduced in DEFAULT_POLICY_CONFIG.restrictedTools.
Pulls the latest AUDIT fixes (policy engine tool-name corrections, autonomous loop abort safety, checkpoint retention, webui auth token redaction). Resolves the .gitkeep timestamp conflict; no other conflicts. Integration test already updated to use the real tool name `ton_send` from DEFAULT_POLICY_CONFIG.
Author
🔄 Auto-restart-until-mergeable Log (iteration 1)This log file contains the complete execution trace of the AI solution draft process. 💰 Cost: $2.892774📊 Context and tokens usage:
Total: (76.1K + 4.1M cached) input tokens, 15.4K output tokens, $2.892774 cost 🤖 Models used:
📎 Log file uploaded as Gist (3287KB)Now working session is ended, feel free to review and add any feedback on the solution draft. |
3 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Route autonomous-task escalations through real user-facing channels instead of the logger only. Closes #262 (AUDIT-H2).
src/autonomous/integration.tsnotify()now:config.telegram.admin_idsviadeps.bridge.sendMessage.warningentry in the existingnotificationstable, and emitsupdate+escalationevents onnotificationBusso the WebUI SSE stream (/api/notifications/stream) raises a real-time badge.log.warnas the first action so the log trail survives even when every side channel is down.Each channel is wrapped in its own
try/catch, so a Telegram outage cannot suppress the WebUI notification and vice versa.How to reproduce
Before this PR, a policy-triggered escalation (e.g. a planned
wallet:sendabove the confirmation threshold) paused the task but only produced a log line — the user had to notice the pause by polling the UI. The new integration tests exercise that exact path and assert that the mock bridge + notificationBus both see the event.Test plan
npm test— 2936 tests across 139 files passnpm run lintnpm run typecheck(afternpm run build:sdk)npm run -- prettier --checkon the modified filessrc/autonomous/__tests__/integration.test.ts:notify()sends a Telegram message to every configured admin via bridgenotify()skips Telegram delivery when noadmin_idsare configurednotify()emits anescalationevent onnotificationBusfor WebUInotify()records an in-app notification so the WebUI badge updatesnotify()still logs and emits a bus event whenbridge.sendMessagethrowsbridge.sendMessageend-to-end (drivesAutonomousLoopthrough the integrated deps with awallet:sendover the 0.5 TON confirmation threshold and asserts the mock bridge received the DM)Acceptance criteria (from issue)
notificationBusfor WebUIlog.warnwithout crashing when bridge/bus fails (per-channeltry/catch)notifycallsbridge.sendMessagewith the correctchatIdnotifyis resilient to a bridge error and still logs