feat(desktop): refine session status reminder summaries

[snowjuly]

First external contributors may need to complete the CLA Assistant check before merge.
For code changes, this PR must link the related issue or RFC in the section below.

Summary

Refine desktop session status reminder notifications so they read like plain-text summaries instead of raw markdown fragments.

User-facing impact:

• Completed reminders no longer leak markdown markers such as headings, emphasis, code fences, or table separators.
• Failed reminders and waiting-for-approval reminders now produce more natural notification copy instead of flat --joined fragments.
• Existing native/system notification flow and cross-platform reminder transport remain unchanged.

Related issue or RFC

Link the issue or RFC:

• Closes [Feature]: Optimize system notification content #437

For code changes, link the tracking issue. Only documentation wording, link fixes, or comment-only cleanups may skip the issue-first flow.

AI assistance disclosure

If AI tools materially assisted this contribution, disclose that here or point to the relevant commit trailer.

• Tool(s) used: Codex
• Scope of assistance: located reminder code paths, implemented notification summary sanitization/formatting updates, added regression tests, ran local verification commands, and built/install-tested the desktop app locally
• Human review or rewrite performed: reviewed and iterated on the reminder text behavior, adjusted summary rules after manual notification testing, and validated final behavior against local test runs and desktop installation output
• Architecture or boundary impact: no new abstraction or cross-boundary contract; existing reminder payload shape and native notification transport are unchanged

Testing evidence

List the commands you ran and the results you observed.

• pnpm --filter desktop exec tsc --noEmit --pretty false — passed
• pnpm --filter desktop test -- --run tests/services/AgentService/task/center-reminder.test.ts — passed
• pnpm --filter desktop test -- --run tests/composables/SearchView/useSearchPage.test.ts — passed
• pnpm --filter desktop test -- --run tests/services/native-service.test.ts — passed
• pnpm --filter desktop test -- --run tests/services/NotificationService/i18n.test.ts — passed
• pnpm tauri build — passed
• Local install/manual verification: built and installed 1.1.1; verified reminder notifications against manual desktop testing flow

Not run locally:

• pnpm test:pr
• pnpm test:coverage:rust
• pnpm test:e2e

Did you follow TDD (test-first) for feature and fix work? Strongly recommended. See docs/testing/testing.md.

pnpm test:pr
pnpm test:coverage:rust
pnpm test:e2e

Risk notes

• AgentService, runtime, MCP, or schema impact: touches AgentService/task/center.ts reminder text generation only; no payload shape, runtime protocol, MCP, or schema change
• database baseline or migration impact: none
• release or packaging impact: desktop package rebuilt and locally installed for manual verification; no packaging config change in this branch

Screenshots or recordings

• Manual desktop notification verification performed locally

Checklist

• The PR title follows Conventional Commits and is valid for squash merge.
• This PR is either ready for review or explicitly marked as a Draft PR.
• I did not use [WIP] or similar title prefixes.
• If AI materially assisted this PR, I disclosed the tools and scope and I personally reviewed every affected change.
• I can explain the why, what, and how of this change without relying on an AI tool.
• If this touches AgentService, runtime, MCP, or schema boundaries, there is an accepted RFC.
• If this changes architecture or adds a new cross-boundary abstraction, there is an accepted RFC.
• I ran pnpm test:pr for this code PR, or this is a docs-only change.
• If I changed Rust behavior or tests, I reviewed pnpm test:coverage:rust or relied on CI coverage evidence.
• If I changed desktop startup/window/search/popup/settings/E2E paths, I ran pnpm test:e2e locally or documented why CI is the first valid proof.
• I added tests or explained why tests are not appropriate.
• I updated docs when behavior changed.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: ad016b45-10ef-4b85-b11d-874d12513232

📥 Commits

Reviewing files that changed from the base of the PR and between 7308d85 and a6a708a.

📒 Files selected for processing (1)

• apps/desktop/src/services/AgentService/task/center.ts

📜 Recent review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: Desktop E2E Smoke (Windows)
• GitHub Check: CodeQL (rust)
• GitHub Check: CodeQL (javascript-typescript)
• GitHub Check: Rust Checks
• GitHub Check: Frontend Tests
• GitHub Check: Frontend Quality

🧰 Additional context used

🪛 ast-grep (0.43.0)

apps/desktop/src/services/AgentService/task/center.ts

[warning] 50-52: Regular expression constructed from variable input detected. This can lead to Regular Expression Denial of Service (ReDoS) attacks if the variable contains malicious patterns. Use libraries like 'recheck' to validate regex safety or use static patterns.
Context: new RegExp(
^(?:${REMINDER_PATH_SEGMENT_PATTERN}/)+${REMINDER_PATH_SEGMENT_PATTERN}$
)
Note: [CWE-1333] Inefficient Regular Expression Complexity

(regexp-from-variable)

---

[warning] 53-55: Regular expression constructed from variable input detected. This can lead to Regular Expression Denial of Service (ReDoS) attacks if the variable contains malicious patterns. Use libraries like 'recheck' to validate regex safety or use static patterns.
Context: new RegExp(
^(?:${REMINDER_PATH_SEGMENT_PATTERN}\\\\)+${REMINDER_PATH_SEGMENT_PATTERN}$
)
Note: [CWE-1333] Inefficient Regular Expression Complexity

(regexp-from-variable)

---

[warning] 56-58: Regular expression constructed from variable input detected. This can lead to Regular Expression Denial of Service (ReDoS) attacks if the variable contains malicious patterns. Use libraries like 'recheck' to validate regex safety or use static patterns.
Context: new RegExp(
^(?:/|\\.{1,2}/|~/)(?:${REMINDER_PATH_SEGMENT_PATTERN}/)*${REMINDER_PATH_SEGMENT_PATTERN}$
)
Note: [CWE-1333] Inefficient Regular Expression Complexity

(regexp-from-variable)

---

[warning] 59-61: Regular expression constructed from variable input detected. This can lead to Regular Expression Denial of Service (ReDoS) attacks if the variable contains malicious patterns. Use libraries like 'recheck' to validate regex safety or use static patterns.
Context: new RegExp(
^(?:[A-Za-z]:\\\\|\\.{1,2}\\\\|~\\\\)(?:${REMINDER_PATH_SEGMENT_PATTERN}\\\\)*${REMINDER_PATH_SEGMENT_PATTERN}$
)
Note: [CWE-1333] Inefficient Regular Expression Complexity

(regexp-from-variable)

---

[warning] 62-64: Regular expression constructed from variable input detected. This can lead to Regular Expression Denial of Service (ReDoS) attacks if the variable contains malicious patterns. Use libraries like 'recheck' to validate regex safety or use static patterns.
Context: new RegExp(
^\\\\\\\\${REMINDER_PATH_SEGMENT_PATTERN}(?:\\\\${REMINDER_PATH_SEGMENT_PATTERN})+$
)
Note: [CWE-1333] Inefficient Regular Expression Complexity

(regexp-from-variable)

🔇 Additional comments (13)

apps/desktop/src/services/AgentService/task/center.ts (13)

50-65: LGTM!

---

67-81: LGTM!

---

83-88: LGTM!

---

117-147: LGTM!

---

149-210: LGTM!

---

212-232: LGTM!

---

234-282: LGTM!

---

284-387: LGTM!

---

389-490: LGTM!

---

492-511: LGTM!

---

513-545: LGTM!

---

547-608: LGTM!

---

609-1120: LGTM!

---

📝 Walkthrough

Summary by CodeRabbit

• Bug Fixes
  • Notifications and reminders now render cleaner, locale-aware plain text from rich/markdown content with smarter truncation, punctuation handling, clause deduplication, and readable command previews that preserve paths, globs, brackets and Windows-style paths. Completed/failed/waiting reminders show clearer, contextual summaries.
• Tests
  • Added tests validating notification sanitization, markdown/table flattening, command-preview preservation, and formatted reminder content.

Walkthrough

Replaces whitespace-based reminder summarization with a locale-aware, markdown/HTML-to-plain-text pipeline (summarizeNotificationText) and applies it to completed, waiting-approval, waiting-user-question, and failed session reminders; tests validate sanitization, command previews, and edge cases.

Changes

Notification text sanitization pipeline

Layer / File(s)	Summary
Markdown sanitization pipeline infrastructure apps/desktop/src/services/AgentService/task/center.ts	Adds getLocale import, reminder-formatting constants/types, initializes reminderMarkdownParser, and implements markdown preparation, HTML-to-text stripping, clause extraction/deduplication, clause joining, truncation, and summarizeNotificationText.
Preprocessing, clause extraction, and joining apps/desktop/src/services/AgentService/task/center.ts	Implements locale-aware truncation/separators, path/token protection, typography normalization, inline token flattening, table/code handling, clause dedupe, mode-specific joining rules, and final truncation/orchestration.
Reminder builders integration apps/desktop/src/services/AgentService/task/center.ts	Completed assistant-history uses summarizeNotificationText(..., 'summary'). Waiting-approval summarizes reason/description/title in natural mode, generates a command-mode preview from approval.command, and conditionally appends a labeled truncated command fragment. Waiting-user-question summarizes only the first pending question in natural mode (falls back if empty). Failed-task error bodies use summarizeNotificationText(snapshot.error).
Test coverage for sanitization and reminder bodies apps/desktop/tests/services/AgentService/task/center-reminder.test.ts	Adds Vitest cases asserting completed/failed/approval reminders are sanitized to plain text (including escaped markdown), flatten markdown tables, preserve non-markdown tokens (brackets, paths, globs, Windows paths, pipelines), and produce readable command previews.

Sequence Diagram

sequenceDiagram
  participant Caller
  participant summarizeNotificationText
  participant reminderMarkdownParser
  Caller->>summarizeNotificationText: request(text, mode, locale)
  summarizeNotificationText->>reminderMarkdownParser: parse markdown/HTML tokens
  summarizeNotificationText->>summarizeNotificationText: extract clauses, dedupe, join, truncate
  summarizeNotificationText->>Caller: return sanitized plain-text summary

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• TouchAI-org/TouchAI#314: Modifies related session-status reminder logic in apps/desktop/src/services/AgentService/task/center.ts.

Suggested reviewers

• hiqiancheng

Poem

🐰 I hopped through markdown, unknotted every tag and fence,
Clauses stitched by locale, trimmed with careful sense,
Paths and pipes kept whole, tables flattened neat,
Reminders now speak plain and tidy in the feed,
A rabbit nods, delighted — copyable and sweet.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 73.33% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The PR title follows Conventional Commits format (feat prefix), is written in English, accurately describes the change (refining reminder summaries), and is concise and clear.
Description check	✅ Passed	The PR description includes all major required sections: summary with user-facing impact, linked issue, AI assistance disclosure with tool scope and human review details, testing evidence with specific commands run, and risk notes addressing AgentService impact boundaries.
Linked Issues check	✅ Passed	The code changes fully satisfy issue #437 requirements: plain-text summary conversion replaces Markdown fragments in notification content (completed, failed, and waiting-approval reminders), improving readability without altering payload shape or runtime boundaries.
Out of Scope Changes check	✅ Passed	All changes are properly scoped to desktop reminder text generation (AgentService/task/center.ts and corresponding tests). No out-of-scope modifications to runtime, MCP, schema, database, or packaging configuration are present.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[hiqiancheng]

Is this solution secure and stable enough? I might lean more towards using an existing Markdown library for parsing

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@apps/desktop/src/services/AgentService/task/center.ts`:
- Around line 51-66: extractReminderInlineText currently assumes a non-standard
token.type === 'link' and also has fallback fields (text/raw) while the parser
and markstream-vue use markdown-it tokens; update extractReminderInlineText to
prefer token.content but also recognize and handle markdown-it link_open and
link_close tokens by recursing into token.children (or the tokens between
link_open/link_close) to extract inner text, rather than only checking for type
'link' or text/raw fields; reference ReminderMarkdownToken,
extractReminderInlineText, and token types 'link', 'link_open', 'link_close'
when locating and updating the logic.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 2d74536f-d945-4769-a9ac-15a47578260d

📥 Commits

Reviewing files that changed from the base of the PR and between 44eb615 and 804cfe2.

📒 Files selected for processing (1)

• apps/desktop/src/services/AgentService/task/center.ts

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: Frontend Quality
• GitHub Check: Rust Checks
• GitHub Check: Frontend Tests
• GitHub Check: CodeQL (rust)
• GitHub Check: CodeQL (javascript-typescript)
• GitHub Check: Desktop E2E Smoke (Windows)

🔇 Additional comments (7)

apps/desktop/src/services/AgentService/task/center.ts (7)

3-4: LGTM!

---

95-126: LGTM!

---

127-172: LGTM!

---

174-228: LGTM!

---

230-323: LGTM!

---

325-426: LGTM!

---

428-481: LGTM!

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@apps/desktop/src/services/AgentService/task/center.ts`:
- Around line 135-156: The regexes inside isReminderPathLikeToken are rebuilt on
every call; hoist pathSegment and the five RegExp instances
(posixRelativePattern, windowsRelativePattern, posixAbsolutePattern,
windowsAbsolutePattern, windowsUncPattern) to module scope as constants
(alongside REMINDER_PATH_WRAPPER_TRIM_PATTERN) and have isReminderPathLikeToken
reuse those precompiled patterns, preserving the same test logic and return
conditions; ensure the module-scope patterns use the same string templates so
behavior remains identical.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 4a6bacf5-9969-4fac-a3dd-232ac1ac2507

📥 Commits

Reviewing files that changed from the base of the PR and between 804cfe2 and 7308d85.

📒 Files selected for processing (2)

• apps/desktop/src/services/AgentService/task/center.ts
• apps/desktop/tests/services/AgentService/task/center-reminder.test.ts

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: Rust Checks
• GitHub Check: Frontend Quality
• GitHub Check: Frontend Tests
• GitHub Check: CodeQL (javascript-typescript)
• GitHub Check: CodeQL (rust)
• GitHub Check: Desktop E2E Smoke (Windows)

🧰 Additional context used

🪛 ast-grep (0.43.0)

apps/desktop/src/services/AgentService/task/center.ts

[warning] 138-138: Regular expression constructed from variable input detected. This can lead to Regular Expression Denial of Service (ReDoS) attacks if the variable contains malicious patterns. Use libraries like 'recheck' to validate regex safety or use static patterns.
Context: new RegExp(^(?:${pathSegment}/)+${pathSegment}$)
Note: [CWE-1333] Inefficient Regular Expression Complexity

(regexp-from-variable)

---

[warning] 139-139: Regular expression constructed from variable input detected. This can lead to Regular Expression Denial of Service (ReDoS) attacks if the variable contains malicious patterns. Use libraries like 'recheck' to validate regex safety or use static patterns.
Context: new RegExp(^(?:${pathSegment}\\\\)+${pathSegment}$)
Note: [CWE-1333] Inefficient Regular Expression Complexity

(regexp-from-variable)

---

[warning] 140-142: Regular expression constructed from variable input detected. This can lead to Regular Expression Denial of Service (ReDoS) attacks if the variable contains malicious patterns. Use libraries like 'recheck' to validate regex safety or use static patterns.
Context: new RegExp(
^(?:/|\\.{1,2}/|~/)(?:${pathSegment}/)*${pathSegment}$
)
Note: [CWE-1333] Inefficient Regular Expression Complexity

(regexp-from-variable)

---

[warning] 143-145: Regular expression constructed from variable input detected. This can lead to Regular Expression Denial of Service (ReDoS) attacks if the variable contains malicious patterns. Use libraries like 'recheck' to validate regex safety or use static patterns.
Context: new RegExp(
^(?:[A-Za-z]:\\\\|\\.{1,2}\\\\|~\\\\)(?:${pathSegment}\\\\)*${pathSegment}$
)
Note: [CWE-1333] Inefficient Regular Expression Complexity

(regexp-from-variable)

---

[warning] 146-146: Regular expression constructed from variable input detected. This can lead to Regular Expression Denial of Service (ReDoS) attacks if the variable contains malicious patterns. Use libraries like 'recheck' to validate regex safety or use static patterns.
Context: new RegExp(^\\\\\\\\${pathSegment}(?:\\\\${pathSegment})+$)
Note: [CWE-1333] Inefficient Regular Expression Complexity

(regexp-from-variable)

🔇 Additional comments (7)

apps/desktop/tests/services/AgentService/task/center-reminder.test.ts (1)

218-250: LGTM!

apps/desktop/src/services/AgentService/task/center.ts (6)

1-69: LGTM!

---

158-202: LGTM!

---

204-224: LGTM!

---

249-257: LGTM!

---

276-482: LGTM!

---

484-600: LGTM!

[hiqiancheng]

REMINDER_PATH_SEGMENT_PATTERN currently does not allow @, so scoped package paths like packages/@touchai/__tests__/center.test.ts are not treated as path-like. That means the markdown pass can still parse __tests__ as emphasis and corrupt the notification path. Please add a regression test for scoped package paths and loosen the segment matcher.