refactor: move factcloud from hardcoded SSM to per-user DynamoDB oauth2_m2m connection

- Add oauth2_m2m auth type to mcp_loader.py (client_secret in record, not SSM)
- Remove _get_factcloud_token(), FACTCLOUD_* config, factcloud_clients from main.py
- Seed Daniel's factcloud connection into enrolled_services.mcp_connections
- factcloud now loaded dynamically via mcp_loader at session start

agentclaw/app/agent_claw_main/config.py

@@ -13,7 +13,7 @@ def _load():
     ssm = boto3.client('ssm', region_name='us-east-1')
     names = list(_DEFAULTS.keys())
     try:
-        resp = ssm.get_parameters(Names=names)
+        resp = ssm.get_parameters(Names=names, WithDecryption=True)
         found = {p['Name']: p['Value'] for p in resp['Parameters']}
     except Exception:
         found = {}

agentclaw/app/agent_claw_main/main.py

@@ -4,6 +4,7 @@ agent-claw Runtime 1 — main assistant agent.
 Entrypoint for AgentCore CodeZip deployment.
 """
 import os
+import time
 from strands import Agent, tool
 from strands.models import BedrockModel
 from bedrock_agentcore.runtime import BedrockAgentCoreApp
@@ -90,6 +91,7 @@ except Exception as _e:
 
 # ── Subagent loading ──────────────────────────────────────────────────────
 
+
 TOOL_PRESETS = {
     "aws":       lambda: [MCPClient(lambda: aws_iam_streamablehttp_client(config.AWS_MCP_URL, aws_service="aws-mcp"))],
     "coding":    lambda: [MCPClient(lambda: aws_iam_streamablehttp_client(config.AWS_MCP_URL, aws_service="aws-mcp")), run_code],
@@ -425,6 +427,131 @@ def aws_describe_service(service: str, region: str = "us-east-1") -> str:
         return f"Service {service} not yet implemented. Try: lambda, s3, cloudformation, dynamodb, sqs"
 
 
+# ── Goal helpers ──────────────────────────────────────────────────────────
+
+from datetime import datetime as _dt
+from zoneinfo import ZoneInfo as _ZoneInfo
+
+def _now_iso() -> str:
+    return _dt.now(_ZoneInfo('America/Chicago')).strftime('%Y-%m-%dT%H:%M:%S%z')
+
+
+def _read_goal() -> str | None:
+    """Read GOAL.md from S3, return content or None."""
+    try:
+        return ws_tools.read_file('GOAL.md')
+    except Exception:
+        return None
+
+
+def _write_goal(content: str):
+    ws_tools.write_file('GOAL.md', content)
+    invalidate_prompt()
+
+
+def _delete_goal():
+    try:
+        _s3 = boto3.client('s3')
+        _s3.delete_object(Bucket=ws_tools.get_bucket(), Key='GOAL.md')
+        ws_tools._cache.pop('GOAL.md', None)
+        invalidate_prompt()
+    except Exception:
+        pass
+
+
+def _parse_goal_status(content: str) -> str:
+    """Extract Status field from GOAL.md content."""
+    for line in content.splitlines():
+        if line.startswith('**Status:**'):
+            return line.split('**Status:**')[1].strip()
+    return 'unknown'
+
+
+def _get_active_goal_context() -> dict | None:
+    """Return goal context dict if active, else None."""
+    content = _read_goal()
+    if not content or _parse_goal_status(content) != 'active':
+        return None
+    objective = stopping = last_cp = ''
+    for line in content.splitlines():
+        if line.startswith('**Objective:**'):
+            objective = line.split('**Objective:**')[1].strip()
+        elif line.startswith('**Stopping condition:**'):
+            stopping = line.split('**Stopping condition:**')[1].strip()
+        elif line.startswith('- ['):
+            last_cp = line  # last checkpoint line wins
+    return {'objective': objective, 'stopping_condition': stopping, 'last_checkpoint': last_cp}
+
+
+def _handle_goal_command(prompt: str) -> str | None:
+    """Handle /goal commands. Returns reply string or None if not a goal command."""
+    parts = prompt.split(None, 2)  # ['/goal', subcommand?, rest?]
+    cmd = parts[1] if len(parts) > 1 else 'status'
+    rest = parts[2] if len(parts) > 2 else ''
+
+    if cmd == 'set':
+        if not rest:
+            return '❌ Usage: `/goal set <objective>` or `/goal set <objective> | <stopping condition>`'
+        if '|' in rest:
+            objective, stopping = [s.strip() for s in rest.split('|', 1)]
+        else:
+            objective, stopping = rest.strip(), 'not specified'
+        content = (
+            f'# Goal\n\n'
+            f'**Objective:** {objective}\n'
+            f'**Stopping condition:** {stopping}\n'
+            f'**Status:** active\n'
+            f'**Set at:** {_now_iso()}\n\n'
+            f'## Checkpoint log\n'
+        )
+        _write_goal(content)
+        return f'✅ Goal set: {objective}\nStopping condition: {stopping}'
+
+    elif cmd in ('status', '/goal'):
+        content = _read_goal()
+        if not content:
+            return '📋 No active goal. Use `/goal set <objective>` to set one.'
+        return content
+
+    elif cmd == 'checkpoint':
+        if not rest:
+            return '❌ Usage: `/goal checkpoint <note>`'
+        content = _read_goal()
+        if not content:
+            return '❌ No active goal to checkpoint.'
+        entry = f'- [{_now_iso()}] {rest}\n'
+        content = content.rstrip() + '\n' + entry
+        _write_goal(content)
+        return f'✅ Checkpoint added: {rest}'
+
+    elif cmd == 'pause':
+        content = _read_goal()
+        if not content:
+            return '❌ No active goal to pause.'
+        content = content.replace('**Status:** active', '**Status:** paused')
+        _write_goal(content)
+        return '⏸️ Goal paused.'
+
+    elif cmd == 'resume':
+        content = _read_goal()
+        if not content:
+            return '❌ No goal to resume.'
+        content = content.replace('**Status:** paused', '**Status:** active')
+        _write_goal(content)
+        return '▶️ Goal resumed.'
+
+    elif cmd == 'clear':
+        _delete_goal()
+        return '🗑️ Goal cleared.'
+
+    else:
+        # Not a recognized subcommand — treat the whole thing as status check
+        content = _read_goal()
+        if not content:
+            return '📋 No active goal. Use `/goal set <objective>` to set one.'
+        return content
+
+
 # ── Entrypoint ────────────────────────────────────────────────────────────
 
 # Module-level actor_id for tool closures (set per-invocation)
@@ -528,7 +655,7 @@ async def main(payload: dict, context):
         system_prompt = system_prompt + '\n\n---\n\n' + ltm_block
 
     system_prompt += '\nAWS tools available: call_aws (any AWS API via AWS MCP Server), aws_list_lambda_functions, aws_get_cost_and_usage, aws_describe_service. Use call_aws directly for AWS API calls — do NOT say you lack AWS access.'
-    system_prompt += '\n\nSubagents available — use them aggressively to save cost and improve quality:\n- aws_agent: all AWS infrastructure, cost, resource, IAM, CloudWatch queries\n- coding_agent: code writing, builds, deployments, CodeBuild/AppRunner/ECR\n- document_agent: summarize URLs, extract data from documents, process long text\nDefault to delegating; only answer directly for simple conversational responses or tasks that don\'t fit a subagent.'
+    system_prompt += '\n\nSubagents available — use them aggressively to save cost and improve quality:\n- aws_agent: all AWS infrastructure, cost, resource, IAM, CloudWatch queries\n- coding_agent: code writing, builds, deployments, CodeBuild/AppRunner/ECR\n- document_agent: summarize URLs, extract data from documents, process long text\nYou also have direct access to factcloud MCP tools (your personal knowledge graph) loaded from your MCP connections — use them directly for any factbase, factcloud, or knowledge base queries. Do NOT say you lack access to factcloud.\nDefault to delegating to subagents; only answer directly for simple conversational responses or tasks that don\'t fit a subagent.'
 
     # Model: claude-sonnet-4-6 via cross-region inference
     # NOTE: extended thinking disabled — causes retry/duplicate issues with streaming
@@ -563,9 +690,42 @@ async def main(payload: dict, context):
         tools=all_tools,
     )
 
+    # Intercept /goal commands — handle directly without LLM
+    prompt = payload.get('prompt', '')
+    if prompt.strip().startswith('/goal'):
+        goal_reply = _handle_goal_command(prompt.strip())
+        if goal_reply is not None:
+            yield {'data': goal_reply}
+            _typing_active = False
+            session_manager.close()
+            mcp_loader.close_mcp_clients(_mcp_to_close)
+            return
+
+    # Intercept heartbeat: replace bare [HEARTBEAT] with a strict-format instruction.
+    # Agent-runner suppresses replies that start with HEARTBEAT_OK, so only real alerts reach Telegram.
+    if prompt.strip() == '[HEARTBEAT]':
+        # Inject goal context into heartbeat if active
+        goal_ctx = _get_active_goal_context()
+        goal_heartbeat = ''
+        if goal_ctx:
+            goal_heartbeat = (
+                f' You have an active goal: "{goal_ctx["objective"]}". '
+                f'Stopping condition: "{goal_ctx["stopping_condition"]}". '
+                f'Last checkpoint: "{goal_ctx["last_checkpoint"]}". '
+                f'Make progress toward this goal or report blockers.'
+            )
+        prompt = (
+            'HEARTBEAT CHECK: Silently check for anything urgent Daniel should know about '
+            '(calendar events starting within 2 hours, unread urgent emails, overdue reminders). '
+            'Do NOT narrate your checking process. '
+            'If nothing is urgent: reply with the single word HEARTBEAT_OK and nothing else. '
+            'If something IS urgent: reply with 2-3 lines max summarising only the urgent items.'
+            + goal_heartbeat
+        )
+
     final_message = None
     try:
-        async for event in agent.stream_async(payload.get('prompt', '')):
+        async for event in agent.stream_async(prompt):
             if 'result' in event:
                 final_message = event['result'].message
             yield event

agentclaw/app/agent_claw_main/mcp_loader.py

@@ -45,12 +45,40 @@ def _get_oauth_token(conn: dict, actor_id: str) -> str:
     return token
 
 
+def _get_m2m_token(conn: dict, actor_id: str) -> str:
+    """Fetch OAuth token for oauth2_m2m (secret stored directly in record)."""
+    cache_key = f"{actor_id}:{conn['name']}"
+    cached = _token_cache.get(cache_key)
+    if cached and cached['expires_at'] > time.time() + 60:
+        return cached['token']
+
+    data = urllib.parse.urlencode({
+        'grant_type': 'client_credentials',
+        'client_id': conn['client_id'],
+        'client_secret': conn['client_secret'],
+        'scope': conn.get('scopes', conn.get('scope', '')),
+    }).encode()
+
+    req = urllib.request.Request(conn['token_url'], data=data,
+                                headers={'Content-Type': 'application/x-www-form-urlencoded'})
+    with urllib.request.urlopen(req, timeout=10) as resp:
+        body = json.loads(resp.read())
+
+    token = body['access_token']
+    expires_in = body.get('expires_in', 3600)
+    _token_cache[cache_key] = {'token': token, 'expires_at': time.time() + expires_in}
+    return token
+
+
 def _resolve_auth_headers(conn: dict, actor_id: str) -> dict:
     """Resolve auth headers for a connection."""
     auth_type = conn.get('auth_type', 'none')
     if auth_type == 'oauth_client_credentials':
         token = _get_oauth_token(conn, actor_id)
         return {'Authorization': f'Bearer {token}'}
+    elif auth_type == 'oauth2_m2m':
+        token = _get_m2m_token(conn, actor_id)
+        return {'Authorization': f'Bearer {token}'}
     elif auth_type == 'bearer':
         token = _get_ssm_value(conn['token_ssm'])
         return {'Authorization': f'Bearer {token}'}

agentclaw/app/agent_claw_main/prompt_builder.py

@@ -46,6 +46,16 @@ def _get_base_prompt(actor_id: str = '') -> str:
     s3 = boto3.client('s3')
     parts = []
 
+    # Inject active goal at the top of context
+    try:
+        obj = s3.get_object(Bucket=bucket, Key='GOAL.md')
+        goal_content = obj['Body'].read().decode('utf-8')
+        if '**Status:** active' in goal_content:
+            parts.append(f'## Active Goal\n{goal_content}')
+            print(f'[prompt_builder] Injected GOAL.md ({len(goal_content)} bytes)')
+    except Exception:
+        pass
+
     for fname in ['SOUL.md', 'STATUS.md']:
         try:
             obj = s3.get_object(Bucket=bucket, Key=fname)

cdk/bin/agent-claw.ts

@@ -5,6 +5,11 @@ import { AgentClawStack } from '../lib/agent-claw-stack';
 
 const app = new cdk.App();
 
+// Billing tags applied to all resources in the stack
+cdk.Tags.of(app).add('project', 'agent-claw');
+cdk.Tags.of(app).add('env', 'prod');
+cdk.Tags.of(app).add('owner', 'daniel');
+
 new AgentClawStack(app, 'AgentClawStack', {
   env: {
     account: process.env.CDK_DEFAULT_ACCOUNT,

scripts/create-inference-profiles.py

@@ -0,0 +1,155 @@
+#!/usr/bin/env python3
+"""
+Create Bedrock Application Inference Profiles for agent-claw and update SSM.
+
+Run after: aws sso login --profile ai1
+
+Usage:
+    python3 scripts/create-inference-profiles.py [--dry-run]
+
+Creates:
+    agent-claw-opus    — main agent
+    agent-claw-sonnet  — aws_agent + coding_agent
+    agent-claw-haiku   — document_agent
+
+Then updates SSM:
+    /agent-claw/model-id        → agent-claw-opus ARN
+    /agent-claw/subagents       → inline model_id fields replaced with profile ARNs
+"""
+
+import argparse
+import json
+import sys
+import boto3
+from botocore.exceptions import ClientError
+
+PROFILE = 'ai1'
+REGION  = 'us-east-1'
+
+BILLING_TAGS = [
+    {'key': 'project', 'value': 'agent-claw'},
+    {'key': 'env',     'value': 'prod'},
+    {'key': 'owner',   'value': 'daniel'},
+]
+
+# Map: profile name → cross-region model ID to copy from
+PROFILES_TO_CREATE = {
+    'agent-claw-opus':   'us.anthropic.claude-opus-4-6-v1:0',
+    'agent-claw-sonnet': 'us.anthropic.claude-sonnet-4-6-20251001-v1:0',
+    'agent-claw-haiku':  'us.anthropic.claude-haiku-4-5-20251001-v1:0',
+}
+
+# SSM subagent model_id values → which profile ARN to swap in
+SUBAGENT_MODEL_MAP = {
+    'us.anthropic.claude-sonnet-4-6':              'agent-claw-sonnet',
+    'us.anthropic.claude-sonnet-4-6-20251001-v1:0':'agent-claw-sonnet',
+    'us.anthropic.claude-haiku-4-5-20251001-v1:0': 'agent-claw-haiku',
+}
+
+
+def get_system_inference_profile_arn(bedrock, model_id: str) -> str:
+    """Find the system inference profile ARN for a given cross-region model ID."""
+    paginator = bedrock.get_paginator('list_inference_profiles')
+    for page in paginator.paginate(typeEquals='SYSTEM_DEFINED'):
+        for p in page.get('inferenceProfileSummaries', []):
+            if p.get('inferenceProfileId', '') == model_id or \
+               any(m.get('modelArn', '').endswith(model_id) for m in p.get('models', [])):
+                return p['inferenceProfileArn']
+    # Fallback: construct ARN directly (works for cross-region profiles)
+    return f'arn:aws:bedrock:{REGION}::foundation-model/{model_id}'
+
+
+def get_existing_profile(bedrock, name: str) -> dict | None:
+    """Return existing application profile by name, or None."""
+    paginator = bedrock.get_paginator('list_inference_profiles')
+    for page in paginator.paginate(typeEquals='APPLICATION'):
+        for p in page.get('inferenceProfileSummaries', []):
+            if p.get('inferenceProfileName') == name:
+                return p
+    return None
+
+
+def create_or_get_profile(bedrock, name: str, model_id: str, dry_run: bool) -> str:
+    """Create application inference profile (idempotent). Returns ARN."""
+    existing = get_existing_profile(bedrock, name)
+    if existing:
+        arn = existing['inferenceProfileArn']
+        print(f'  [exists] {name} → {arn}')
+        return arn
+
+    source_arn = get_system_inference_profile_arn(bedrock, model_id)
+    print(f'  [create] {name}')
+    print(f'           source: {source_arn}')
+
+    if dry_run:
+        print(f'           [dry-run] skipping create')
+        return f'arn:aws:bedrock:{REGION}:{{}account}}:application-inference-profile/{name}-DRY-RUN'
+
+    resp = bedrock.create_inference_profile(
+        inferenceProfileName=name,
+        description=f'agent-claw {name.split("-")[-1]} model with billing tags',
+        modelSource={'copyFrom': source_arn},
+        tags=BILLING_TAGS,
+    )
+    arn = resp['inferenceProfileArn']
+    print(f'           → {arn}')
+    return arn
+
+
+def update_ssm(ssm, param: str, value: str, dry_run: bool):
+    print(f'  [ssm] {param} = {value[:80]}...' if len(value) > 80 else f'  [ssm] {param} = {value}')
+    if not dry_run:
+        ssm.put_parameter(Name=param, Value=value, Type='String', Overwrite=True)
+
+
+def main():
+    parser = argparse.ArgumentParser()
+    parser.add_argument('--dry-run', action='store_true')
+    args = parser.parse_args()
+
+    session = boto3.Session(profile_name=PROFILE, region_name=REGION)
+    bedrock = session.client('bedrock')
+    ssm     = session.client('ssm')
+
+    print('=== Creating inference profiles ===')
+    arns = {}
+    for name, model_id in PROFILES_TO_CREATE.items():
+        arns[name] = create_or_get_profile(bedrock, name, model_id, args.dry_run)
+
+    print('\n=== Updating SSM ===')
+
+    # Main agent model
+    update_ssm(ssm, '/agent-claw/model-id', arns['agent-claw-opus'], args.dry_run)
+
+    # Subagents JSON — swap model_id fields
+    try:
+        resp = ssm.get_parameter(Name='/agent-claw/subagents')
+        defs = json.loads(resp['Parameter']['Value'])
+    except ClientError as e:
+        print(f'  [error] Could not read /agent-claw/subagents: {e}')
+        sys.exit(1)
+
+    changed = False
+    for agent in defs:
+        mid = agent.get('model_id', '')
+        profile_name = SUBAGENT_MODEL_MAP.get(mid)
+        if profile_name:
+            new_arn = arns[profile_name]
+            print(f'  [subagent] {agent["name"]}: {mid} → {profile_name}')
+            agent['model_id'] = new_arn
+            changed = True
+        else:
+            print(f'  [subagent] {agent["name"]}: {mid} (no mapping, left as-is)')
+
+    if changed:
+        update_ssm(ssm, '/agent-claw/subagents', json.dumps(defs, indent=2), args.dry_run)
+
+    print('\n=== Done ===')
+    print('Profiles created and SSM updated.')
+    print('Redeploy not required — agent reads model IDs from SSM at startup.')
+    if args.dry_run:
+        print('\n[dry-run mode — no AWS changes were made]')
+
+
+if __name__ == '__main__':
+    main()

scripts/seed_factcloud.py

@@ -0,0 +1,35 @@
+#!/usr/bin/env python3
+"""Seed Daniel's factcloud MCP connection into DynamoDB."""
+import boto3
+
+ACTOR_ID = 'telegram:8537376738'
+TABLE_NAME = 'agent-claw-users'
+
+conn = {
+    'name': 'factcloud',
+    'url': 'https://factbase-cloud-gateway-2czetaoh3u.gateway.bedrock-agentcore.us-east-1.amazonaws.com/mcp',
+    'auth_type': 'oauth2_m2m',
+    'client_id': '5fo2q4fb452j3aekd55g3190i4',
+    'client_secret': '1e0bqs8r4jk90sbeivh96mn893mgmv96h2olvcq7m3o5gjpjc56p',
+    'token_url': 'https://factbase-cloud.auth.us-east-1.amazoncognito.com/oauth2/token',
+    'scopes': 'factbase-cloud/read factbase-cloud/write',
+    'enabled': True,
+}
+
+session = boto3.Session(profile_name='ai1', region_name='us-east-1')
+ddb = session.resource('dynamodb')
+table = ddb.Table(TABLE_NAME)
+
+# Get existing connections, upsert factcloud
+resp = table.get_item(Key={'actor_id': ACTOR_ID})
+services = resp.get('Item', {}).get('enrolled_services', {})
+connections = services.get('mcp_connections', [])
+connections = [c for c in connections if c['name'] != 'factcloud']
+connections.append(conn)
+
+table.update_item(
+    Key={'actor_id': ACTOR_ID},
+    UpdateExpression='SET enrolled_services.mcp_connections = :conns',
+    ExpressionAttributeValues={':conns': connections},
+)
+print(f'Seeded factcloud connection for {ACTOR_ID}')