- Gateway/plugins: reuse a compatible Gateway startup plugin registry during dispatch so safe plugin dispatches avoid redundant registry loading. (#84324) Thanks @ai-hpc.

- Dependencies: refresh provider, plugin, UI, and tooling packages, update `protobufjs` to 8.4.0 to clear the current npm advisory, and carry the Claude ACP completion patch forward to `@agentclientprotocol/claude-agent-acp` 0.36.1.

- Agents/tools: remove the old sender-owner tool gating path so configured tools stay visible for trusted sessions while command and channel-action auth still carry real sender identity.

- Tests/perf: isolate doctor core health check unit coverage from real skills/workspace discovery so `doctor-core-checks` no longer dominates unit perf while keeping one real skills-readiness smoke. (#84493) Thanks @frankekn.

### Fixes

enabled: true,

reconnectMs: 1_500,

replyMode: "agent",

senderIsOwner: false,

token: "ccb_live",

workspace: "wsp_1",

});

replyMode: "model",

model: "openai/gpt-5.4-mini",

toolsAllow: ["web_search"],

senderIsOwner: true,

},

},

},

enabled: true,

model: "openai/gpt-5.4-mini",

replyMode: "model",

senderIsOwner: true,

token: "ccb_peter",

toolsAllow: ["web_search"],

workspace: "wsp_1",

model: "openai/gpt-5.4-mini",

reconnectMs: 1_500,

replyMode: "model",

senderIsOwner: true,

token: "ccb_peter",

toolsAllow: ["web_search"],

workspace: "wsp_1",

systemPrompt: normalizeOptionalString(merged.systemPrompt),

timeoutSeconds: merged.timeoutSeconds,

toolsAllow: merged.toolsAllow,

senderIsOwner: merged.senderIsOwner === true,

defaultTo: merged.defaultTo?.trim() || "channel:general",

allowFrom: merged.allowFrom ?? ["*"],

reconnectMs: merged.reconnectMs ?? DEFAULT_RECONNECT_MS,

systemPrompt: z.string().optional(),

timeoutSeconds: z.number().int().min(1).max(3_600).optional(),

toolsAllow: z.array(z.string()).optional(),

senderIsOwner: z.boolean().optional(),

defaultTo: z.string().optional(),

allowFrom: z.array(z.string()).optional(),

reconnectMs: z.number().int().min(100).max(60_000).optional(),

agentId: "service-bot",

replyMode: "model",

model: "openai/gpt-5.4-mini",

senderIsOwner: false,

toolsAllow: [],

defaultTo: "channel:general",

allowFrom: ["*"],

systemPrompt?: string;

timeoutSeconds?: number;

toolsAllow?: string[];

senderIsOwner?: boolean;

defaultTo?: string;

allowFrom?: string[];

reconnectMs?: number;

systemPrompt?: string;

timeoutSeconds?: number;

toolsAllow?: string[];

senderIsOwner: boolean;

defaultTo: string;

allowFrom: string[];

reconnectMs: number;

senderName: params.senderName,

senderUsername: params.senderUsername,

senderE164: params.senderE164,

senderIsOwner: params.senderIsOwner,

allowGatewaySubagentBinding:

params.allowGatewaySubagentBinding || isForcedPrivateQaCodexRuntime(),

...sessionKeys,

enqueueSystemEvent(eventText, {

sessionKey: route.sessionKey,

contextKey: `discord:agent-button:${channelId}:${componentId}:${userId}`,

forceSenderIsOwnerFalse: true,

trusted: false,

});

await ackComponentInteraction({ interaction, replyOpts, label: "agent button" });

enqueueSystemEvent(eventText, {

sessionKey: route.sessionKey,

contextKey: `discord:agent-select:${channelId}:${componentId}:${userId}`,

forceSenderIsOwnerFalse: true,

trusted: false,

});

await ackComponentInteraction({ interaction, replyOpts, label: "agent select" });

enqueueSystemEvent(text, {

sessionKey: route.sessionKey,

contextKey,

forceSenderIsOwnerFalse: true,

trusted: false,

});

};

const shouldNotifyReaction = (options: {

enqueueSystemEvent(systemText, {

sessionKey: effectiveRoute.sessionKey,

contextKey: `discord:system:${messageChannelId}:${message.id}`,

forceSenderIsOwnerFalse: true,

trusted: false,

});

return null;

}