openclacky 0.9.10 → 0.9.12

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 938c620eb9886a37c1e190c5bf2d8c804a6ed86eb496332a26f5f225e832a5ec
-  data.tar.gz: c165097e40b1bde5339e9819f7ccdd2a3191ecd24f9233a758a4a2406f5d74db
+  metadata.gz: 791fa59b1013c559e294b373e1a7ba671545eef76ae7037ed3c604ed9f269b45
+  data.tar.gz: 8ffae20491125d886e36387b811f9ea8c2e2fcc76d76d10e08224bcc06a93972
 SHA512:
-  metadata.gz: 845fef0c86bca42adcb00d2fe34946acd3b72b2d750412a744e78a080cef34b653457ae98318ddad5b623f22325b654ad2a77a61d39abc544edbfd11f44891f3
-  data.tar.gz: ea770a8ac65695d64affd358b4af0788cccc2c4e70eb95d0afaebea61a639ba8829dbcf61af84d0d8229dac9b4af8e969316a5e5c8fb8ec75f9f430647f9b1cc
+  metadata.gz: 6895348aeef5d8ed713273a2d386e390a018e5b4991c37a7fd20b7fdbb4782fc945779b45556f31cb2a0894f78df72efc80ad4661b3b95d89cd8ab0c333b65a0
+  data.tar.gz: 01c35bb0a3377b81c4e3f89892d58b10472f9611347ed9b0478872e76e3c236def6b499475df32d6020c56fe94dcd33c11495512ee94a5a44a1c81aefbaaad3e

data/.clacky/skills/gem-release/SKILL.md

@@ -105,7 +105,7 @@ To use this skill, simply say:
    - Parse the CHANGELOG.md section for `[{version}]`
    - Write it to a temp file (e.g., `/tmp/release_notes_{version}.md`) to avoid shell escaping issues
    - Run `gh release create` with `--notes-file`
-   - Verify the release appears at: `https://github.com/clacky-ai/open-clacky/releases`
+   - Verify the release appears at: `https://github.com/clacky-ai/openclacky/releases`
 
    > **Prerequisite**: `gh` CLI must be installed (`brew install gh`) and authenticated (`gh auth login`)
 
@@ -238,14 +238,14 @@ Present a clear, user-facing release summary after all steps complete:
 
 🔗 Links:
 - RubyGems: https://rubygems.org/gems/openclacky/versions/{version}
-- GitHub Release: https://github.com/clacky-ai/open-clacky/releases/tag/v{version}
+- GitHub Release: https://github.com/clacky-ai/openclacky/releases/tag/v{version}
 
 ⬆️ Upgrade:
 - In the Clacky UI, click "Upgrade" in the bottom-left → detect new version → click upgrade → done
 - Manual upgrade (CLI): `gem update openclacky`
 
 🆕 Fresh install:
-/bin/bash -c "$(curl -sSL https://raw.githubusercontent.com/clacky-ai/open-clacky/main/scripts/install.sh)"
+/bin/bash -c "$(curl -sSL https://raw.githubusercontent.com/clacky-ai/openclacky/main/scripts/install.sh)"
 ```
 
 **Rules for writing the summary:**
@@ -308,7 +308,7 @@ gh release create vX.Y.Z \
 - New version successfully published to RubyGems
 - Git repository updated with version tag
 - CHANGELOG.md updated with release notes
-- GitHub Release created and visible at https://github.com/clacky-ai/open-clacky/releases
+- GitHub Release created and visible at https://github.com/clacky-ai/openclacky/releases
 - No build or deployment errors
 - User-facing release summary presented at the end
 

data/CHANGELOG.md

@@ -7,6 +7,42 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [0.9.12] - 2026-03-27
+
+### Added
+- **Improved Anthropic prompt cache hit rate (2-point caching)**: the last 2 eligible messages are now marked for caching instead of 1, so Turn N's cached prefix is still a hit in Turn N+1 — significantly reducing API costs for long sessions
+
+### Improved
+- **Ruby 2.6+ and macOS system Ruby compatibility**: the gem now works with the macOS built-in Ruby (2.6) and LibreSSL — includes polyfills for `filter_map`, `File.absolute_path?`, `URI.encode_uri_component`, and a pure-Ruby AES-256-GCM fallback for LibreSSL environments where native OpenSSL GCM is unavailable
+- **Install script streamlined for China**: the installer is now significantly simplified and more reliable for users in China — direct Alibaba Cloud mirror for RubyGems, plus a dedicated CN-optimized install path
+- **Compression no longer crashes when system prompt is frozen**: fixed a bug where message compression would raise `FrozenError` by mutating the shared system prompt object — it now safely duplicates the string before modification
+
+### Fixed
+- **Compression crash on frozen system prompt**: `MessageCompressor` now calls `.dup` on the system prompt before injecting the compression instruction, preventing `FrozenError` in long sessions
+
+## [0.9.11] - 2026-03-25
+
+### Added
+- **Network-aware installer mirrors**: the install script now automatically detects whether you're in China and picks the fastest mirror (RubyGems China mirror, GitHub, etc.) — no manual configuration needed
+- **Shell rc-file loading**: the shell tool now sources your `.zshrc` / `.bashrc` so commands that depend on environment variables or aliases set in your shell profile work correctly
+
+### Improved
+- **Browser tool `evaluate` targets active page**: JavaScript evaluation now automatically targets the currently active browser tab instead of the last opened one, so `evaluate` always runs in the right context
+- **Browser MCP process cleaned up on server shutdown**: the `chrome-devtools-mcp` node process is now stopped when the server shuts down, preventing orphaned processes that held onto port 7070
+- **Server worker process isolation**: workers are now spawned in their own process group, ensuring grandchild processes (e.g. browser MCP) are fully cleaned up during zero-downtime restarts
+- **Channel status via live API**: `channel status` now queries the running server API instead of reading `~/.clacky/channels.yml` directly, so it reflects the actual runtime state
+- **Idle compression timer race fix**: the compression thread is now registered inside a mutex before starting, eliminating a race where `cancel()` could miss an in-flight compression and leave history in an inconsistent state
+- **Compression token display accuracy**: the post-compression token count now uses the rebuilt history estimate instead of the stale pre-compression API count
+- **Shell process group signals**: `SIGTERM`/`SIGKILL` are now sent to the entire process group (`-pgid`) instead of just the child PID, ensuring backgrounded subprocesses are also killed on timeout
+
+### Fixed
+- **Task error session save**: sessions are now correctly saved to disk even when a task ends with an error, preventing session loss on agent failures
+- **History load and model load bugs**: fixed crashes when loading sessions with missing or malformed history/model fields
+- **Default model updated to Claude claude-sonnet-4-6**: bumped the default Gemini model reference from `gemini-2.5-flash` → `gemini-2.7-flash`
+
+### More
+- Renamed gem references from `open-clacky` to `openclacky` across docs, gemspec, and scripts
+
 ## [0.9.10] - 2026-03-24
 
 ### Added

data/README.md

@@ -1,6 +1,6 @@
 # OpenClacky
 
-[![Build](https://img.shields.io/github/actions/workflow/status/clacky-ai/open-clacky/main.yml?label=build&style=flat-square)](https://github.com/clacky-ai/open-clacky/actions)
+[![Build](https://img.shields.io/github/actions/workflow/status/clacky-ai/openclacky/main.yml?label=build&style=flat-square)](https://github.com/clacky-ai/openclacky/actions)
 [![Release](https://img.shields.io/gem/v/openclacky?label=release&style=flat-square&color=blue)](https://rubygems.org/gems/openclacky)
 [![Ruby](https://img.shields.io/badge/ruby-%3E%3D%203.1.0-red?style=flat-square)](https://www.ruby-lang.org)
 [![Downloads](https://img.shields.io/gem/dt/openclacky?label=downloads&style=flat-square&color=brightgreen)](https://rubygems.org/gems/openclacky)
@@ -73,7 +73,7 @@ Built on a production-ready Rails architecture with one-click deployment, dev/pr
 ### Method 1: One-line Install (Recommended)
 
 ```bash
-/bin/bash -c "$(curl -sSL https://raw.githubusercontent.com/clacky-ai/open-clacky/main/scripts/install.sh)"
+/bin/bash -c "$(curl -sSL https://raw.githubusercontent.com/clacky-ai/openclacky/main/scripts/install.sh)"
 ```
 
 ### Method 2: RubyGems
@@ -119,15 +119,15 @@ You'll be prompted to set your **API Key**, **Model**, and **Base URL** (any Ope
 ## Install from Source
 
 ```bash
-git clone https://github.com/clacky-ai/open-clacky.git
-cd open-clacky
+git clone https://github.com/clacky-ai/openclacky.git
+cd openclacky
 bundle install
 bin/clacky
 ```
 
 ## Contributing
 
-Bug reports and pull requests are welcome on GitHub at https://github.com/clacky-ai/open-clacky. Contributors are expected to adhere to the [code of conduct](https://github.com/clacky-ai/open-clacky/blob/main/CODE_OF_CONDUCT.md).
+Bug reports and pull requests are welcome on GitHub at https://github.com/clacky-ai/openclacky. Contributors are expected to adhere to the [code of conduct](https://github.com/clacky-ai/openclacky/blob/main/CODE_OF_CONDUCT.md).
 
 ## License
 

data/clacky-legacy/clacky.gemspec

@@ -8,13 +8,13 @@ Gem::Specification.new do |spec|
 
   spec.summary = "Legacy name for openclacky gem"
   spec.description = "This is a transitional gem that depends on openclacky. The clacky project has been renamed to openclacky. Installing this gem will automatically install openclacky."
-  spec.homepage = "https://github.com/clacky-ai/open-clacky"
+  spec.homepage = "https://github.com/clacky-ai/openclacky"
   spec.license = "MIT"
   spec.required_ruby_version = ">= 3.1.0"
 
   spec.metadata["homepage_uri"] = spec.homepage
-  spec.metadata["source_code_uri"] = "https://github.com/clacky-ai/open-clacky"
-  spec.metadata["changelog_uri"] = "https://github.com/clacky-ai/open-clacky/blob/main/CHANGELOG.md"
+  spec.metadata["source_code_uri"] = "https://github.com/clacky-ai/openclacky"
+  spec.metadata["changelog_uri"] = "https://github.com/clacky-ai/openclacky/blob/main/CHANGELOG.md"
 
   spec.files = Dir["lib/**/*", "bin/*", "README.md", "LICENSE.txt"]
   spec.require_paths = ["lib"]

data/clacky-legacy/clarky.gemspec

@@ -8,13 +8,13 @@ Gem::Specification.new do |spec|
 
   spec.summary = "Legacy name for openclacky - AI agent command-line interface"
   spec.description = "This is a placeholder gem. Installing 'clarky' will automatically install 'openclacky'. The clarky command is maintained for backward compatibility."
-  spec.homepage = "https://github.com/clacky-ai/open-clacky"
+  spec.homepage = "https://github.com/clacky-ai/openclacky"
   spec.license = "MIT"
   spec.required_ruby_version = ">= 3.1.0"
 
   spec.metadata["homepage_uri"] = spec.homepage
-  spec.metadata["source_code_uri"] = "https://github.com/clacky-ai/open-clacky"
-  spec.metadata["changelog_uri"] = "https://github.com/clacky-ai/open-clacky/blob/main/CHANGELOG.md"
+  spec.metadata["source_code_uri"] = "https://github.com/clacky-ai/openclacky"
+  spec.metadata["changelog_uri"] = "https://github.com/clacky-ai/openclacky/blob/main/CHANGELOG.md"
 
   spec.files = Dir["lib/**/*", "bin/*", "README.md", "LICENSE.txt"]
   spec.require_paths = ["lib"]

data/docs/HOW-TO-USE-CN.md

@@ -91,6 +91,6 @@ Clacky 可以自动执行复杂任务，内置多种工具：
 
 ## 了解更多
 
-- GitHub：https://github.com/clacky-ai/open-clacky
-- 问题反馈：https://github.com/clacky-ai/open-clacky/issues
+- GitHub：https://github.com/clacky-ai/openclacky
+- 问题反馈：https://github.com/clacky-ai/openclacky/issues
 - 当前版本：0.7.0

data/docs/HOW-TO-USE.md

@@ -89,6 +89,6 @@ Create your own skills in `.clacky/skills/` directory!
 
 ## Learn More
 
-- GitHub: https://github.com/clacky-ai/open-clacky
-- Report Issues: https://github.com/clacky-ai/open-clacky/issues
+- GitHub: https://github.com/clacky-ai/openclacky
+- Report Issues: https://github.com/clacky-ai/openclacky/issues
 - Version: 0.7.0

data/docs/install-script-simplification.md

@@ -0,0 +1,89 @@
+# Install Script Simplification Plan
+
+## Background
+
+We now support Ruby >= 2.6.0 (down from 3.1.0). This opens the door to significantly
+simplifying the install script by leveraging the system Ruby that ships with older macOS versions.
+
+## Current Flow (Heavy)
+
+```
+install.sh
+  → detect_network_region
+  → install_macos_dependencies
+      → Homebrew (+ openssl@3, libyaml, gmp build deps)
+      → mise (Ruby version manager)
+      → Ruby 3 (via mise)
+      → Node 22 (via mise, for chrome-devtools-mcp)
+  → gem install openclacky
+  → install_chrome_devtools_mcp (npm install -g)
+```
+
+## Target Flow (Simplified)
+
+```
+check_ruby >= 2.6?
+  ├── YES → gem install openclacky ✅  (done, zero extra deps)
+  └── NO  → check CLT exists (xcode-select -p)
+              ├── YES → mise install ruby → gem install ✅
+              └── NO  → print clear instructions, exit:
+                          Option 1: xcode-select --install  (then re-run installer)
+                          Option 2: brew install ruby        (if brew already exists)
+```
+
+## Key Decisions
+
+### Ruby version threshold: 3.1 → 2.6
+- macOS 10.15 Catalina: Ruby 2.6.3 ✅
+- macOS 11 Big Sur: Ruby 2.6.8 ✅
+- macOS 12+ Monterey and above: no system Ruby (Apple removed it)
+
+### Homebrew: removed from happy path
+- Only Homebrew's build deps (openssl@3, libyaml, gmp) were needed to compile Ruby via mise
+- If system Ruby exists, none of these are needed
+- Homebrew itself is NOT installed by the script anymore
+
+### mise: fallback only
+- Only invoked when system Ruby is absent (macOS 12+)
+- Requires Xcode CLT to be present first (for compiling Ruby)
+- No longer used to install Node
+
+### Node / chrome-devtools-mcp: removed from install.sh
+- Browser automation is an optional feature
+- Move Node installation guidance into the `browser-setup` skill
+- `clacky browser setup` handles Node + chrome-devtools-mcp installation
+
+## Xcode CLT Handling (Deferred)
+
+Brew uses a clever trick to install CLT silently (no GUI popup):
+
+```bash
+# Creates a placeholder file that triggers softwareupdate to list CLT
+touch /tmp/.com.apple.dt.CommandLineTools.installondemand.in-progress
+
+# Find the CLT package label
+clt_label=$(softwareupdate -l | grep "Command Line Tools" | ...)
+
+# Silent install — no GUI!
+sudo softwareupdate -i "${clt_label}"
+```
+
+However this still requires `sudo` (root password). Given that:
+- macOS 12+ users who lack CLT are rare (any git/Xcode/Homebrew usage installs it)
+- Silent CLT install downloads hundreds of MB
+
+The current plan is to **not auto-install CLT**, and instead print clear instructions
+asking the user to run `xcode-select --install` and re-run the installer.
+
+We can revisit adopting Homebrew's `softwareupdate` approach in the future if
+the "no CLT" case proves common enough.
+
+## Files to Change
+
+| File | Change |
+|------|--------|
+| `scripts/install.sh` | Ruby threshold 3.1 → 2.6; remove Homebrew install; remove Node/npm install; simplify macOS deps function |
+| `README.md` | Ruby badge and requirements: >= 3.1.0 → >= 2.6.0 |
+| `docs/HOW-TO-USE.md` | Requirements: Ruby >= 3.1 → >= 2.6 |
+| `docs/HOW-TO-USE-CN.md` | Same as above |
+| `homebrew/openclacky.rb` | `depends_on "ruby@3.3"` → remove or update |

data/docs/why-developer.md

@@ -285,7 +285,7 @@ models:
 
 ```bash
 # One-line installation (macOS/Linux)
-curl -sSL https://raw.githubusercontent.com/clacky-ai/open-clacky/main/scripts/install.sh | bash
+curl -sSL https://raw.githubusercontent.com/clacky-ai/openclacky/main/scripts/install.sh | bash
 
 # Or via Ruby gem
 gem install openclacky
@@ -362,7 +362,7 @@ clacky tools
 
 ## Get Started
 
-- **GitHub**: https://github.com/clacky-ai/open-clacky
+- **GitHub**: https://github.com/clacky-ai/openclacky
 - **Documentation**: https://docs.clacky.ai
 - **Discord**: https://discord.gg/clacky
 

data/docs/why-openclacky.md

@@ -211,7 +211,7 @@ We believe AI development tools should be accessible to everyone.
 
 ```bash
 # One-line installation (macOS/Linux)
-curl -sSL https://raw.githubusercontent.com/clacky-ai/open-clacky/main/scripts/install.sh | bash
+curl -sSL https://raw.githubusercontent.com/clacky-ai/openclacky/main/scripts/install.sh | bash
 
 # Or if you have Ruby 3.1+
 gem install openclacky
@@ -239,7 +239,7 @@ clacky tools
 
 Clacky is an open-source project. We welcome contributions!
 
-- **GitHub**: https://github.com/clacky-ai/open-clacky
+- **GitHub**: https://github.com/clacky-ai/openclacky
 - **Discord**: https://discord.gg/clacky
 - **Twitter**: https://twitter.com/clacky_ai
 

data/homebrew/openclacky.rb

@@ -2,7 +2,7 @@
 
 class Openclacky < Formula
   desc "Command-line interface for AI models with autonomous agent capabilities"
-  homepage "https://github.com/clacky-ai/open-clacky"
+  homepage "https://github.com/clacky-ai/openclacky"
   url "https://rubygems.org/downloads/openclacky-0.6.1.gem"
   sha256 "" # Will be updated when gem is published
   license "MIT"

data/lib/clacky/aes_gcm.rb

@@ -0,0 +1,205 @@
+# frozen_string_literal: true
+
+require "openssl"
+require "base64"
+
+module Clacky
+  # Pure-Ruby AES-256-GCM implementation.
+  #
+  # Why this exists:
+  #   macOS ships Ruby 2.6 linked against LibreSSL 3.3.x which has a known
+  #   bug: AES-GCM encrypt/decrypt raises CipherError even for valid inputs.
+  #   This implementation uses AES-256-ECB (which LibreSSL supports correctly)
+  #   as the single block-cipher primitive and builds GCM on top:
+  #
+  #     - CTR mode   → keystream for encryption / decryption
+  #     - GHASH      → authentication tag
+  #
+  # The output is 100% compatible with OpenSSL / standard AES-256-GCM:
+  #   ciphertext, iv, and auth_tag produced here can be decrypted by OpenSSL
+  #   and vice-versa.
+  #
+  # Reference: NIST SP 800-38D
+  #
+  # Usage:
+  #   ct, tag = AesGcm.encrypt(key, iv, plaintext, aad)
+  #   pt      = AesGcm.decrypt(key, iv, ciphertext, tag, aad)
+  module AesGcm
+    BLOCK_SIZE = 16
+    TAG_LENGTH = 16
+
+    # Encrypt plaintext with AES-256-GCM.
+    #
+    # @param key        [String] 32-byte binary key
+    # @param iv         [String] 12-byte binary IV (recommended for GCM)
+    # @param plaintext  [String] binary or UTF-8 plaintext
+    # @param aad        [String] additional authenticated data (may be empty)
+    # @return [Array<String, String>] [ciphertext, auth_tag] both binary strings
+    def self.encrypt(key, iv, plaintext, aad = "")
+      aes  = aes_ecb(key)
+      h    = aes.call("\x00" * BLOCK_SIZE)              # H = E(K, 0^128)
+      j0   = build_j0(iv, h)
+      ct   = ctr_crypt(aes, inc32(j0), plaintext.b)
+      tag  = compute_tag(aes, h, j0, ct, aad.b)
+      [ct, tag]
+    end
+
+    # Decrypt ciphertext with AES-256-GCM and verify auth tag.
+    #
+    # @param key        [String] 32-byte binary key
+    # @param iv         [String] 12-byte binary IV
+    # @param ciphertext [String] binary ciphertext
+    # @param tag        [String] 16-byte binary auth tag
+    # @param aad        [String] additional authenticated data (may be empty)
+    # @return [String] plaintext (UTF-8)
+    # @raise  [OpenSSL::Cipher::CipherError] on authentication failure
+    def self.decrypt(key, iv, ciphertext, tag, aad = "")
+      aes       = aes_ecb(key)
+      h         = aes.call("\x00" * BLOCK_SIZE)
+      j0        = build_j0(iv, h)
+      exp_tag   = compute_tag(aes, h, j0, ciphertext, aad.b)
+
+      unless secure_compare(exp_tag, tag)
+        raise OpenSSL::Cipher::CipherError, "bad decrypt (authentication tag mismatch)"
+      end
+
+      ctr_crypt(aes, inc32(j0), ciphertext).force_encoding("UTF-8")
+    end
+
+    # ── Private helpers ──────────────────────────────────────────────────────
+
+    # Return a lambda: block(16 bytes) → encrypted block(16 bytes)
+    private_class_method def self.aes_ecb(key)
+      lambda do |block|
+        c = OpenSSL::Cipher.new("aes-256-ecb")
+        c.encrypt
+        c.padding = 0
+        c.key     = key
+        c.update(block) + c.final
+      end
+    end
+
+    # Build J0 counter block.
+    # For 12-byte IVs (standard): J0 = IV || 0x00000001
+    # For other lengths: J0 = GHASH(H, {}, IV)
+    private_class_method def self.build_j0(iv, h)
+      if iv.bytesize == 12
+        iv.b + "\x00\x00\x00\x01"
+      else
+        ghash(h, "", iv.b)
+      end
+    end
+
+    # CTR-mode encryption/decryption (symmetric — same operation).
+    # Starting counter block is `ctr0` (already incremented to J0+1 by caller).
+    private_class_method def self.ctr_crypt(aes, ctr0, data)
+      return "".b if data.empty?
+
+      out = "".b
+      ctr = ctr0.dup
+      pos = 0
+
+      while pos < data.bytesize
+        keystream = aes.call(ctr)
+        chunk     = data.byteslice(pos, BLOCK_SIZE)
+        out << xor_blocks(keystream, chunk)
+        ctr = inc32(ctr)
+        pos += BLOCK_SIZE
+      end
+
+      out
+    end
+
+    # Compute GCM auth tag.
+    # tag = E(K, J0) XOR GHASH(H, aad, ciphertext)
+    private_class_method def self.compute_tag(aes, h, j0, ciphertext, aad)
+      s   = ghash(h, aad, ciphertext)
+      ej0 = aes.call(j0)
+      xor_blocks(ej0, s)
+    end
+
+    # GHASH: polynomial hashing over GF(2^128)
+    # ghash = Σ (Xi * H^i) where Xi are 128-bit blocks of padded aad + ciphertext + lengths
+    private_class_method def self.ghash(h, aad, ciphertext)
+      h_int = bytes_to_int(h)
+      x     = 0
+
+      # Process AAD blocks
+      each_block(aad) { |blk| x = gf128_mul(bytes_to_int(blk) ^ x, h_int) }
+
+      # Process ciphertext blocks
+      each_block(ciphertext) { |blk| x = gf128_mul(bytes_to_int(blk) ^ x, h_int) }
+
+      # Final block: len(aad) || len(ciphertext) in bits, each as 64-bit big-endian
+      len_block = [aad.bytesize * 8].pack("Q>") + [ciphertext.bytesize * 8].pack("Q>")
+      x = gf128_mul(bytes_to_int(len_block) ^ x, h_int)
+
+      int_to_bytes(x)
+    end
+
+    # Iterate over 16-byte zero-padded blocks of data, yielding each block.
+    private_class_method def self.each_block(data, &block)
+      return if data.empty?
+
+      i = 0
+      while i < data.bytesize
+        chunk = data.byteslice(i, BLOCK_SIZE)
+        chunk = chunk.ljust(BLOCK_SIZE, "\x00") if chunk.bytesize < BLOCK_SIZE
+        block.call(chunk)
+        i += BLOCK_SIZE
+      end
+    end
+
+    # Galois Field GF(2^128) multiplication.
+    # Reduction polynomial: x^128 + x^7 + x^2 + x + 1
+    # Uses the reflected bit order per GCM spec.
+    R = 0xe1000000000000000000000000000000
+    private_class_method def self.gf128_mul(x, y)
+      z = 0
+      v = x
+      128.times do
+        z ^= v if y & (1 << 127) != 0
+        lsb = v & 1
+        v >>= 1
+        v ^= R if lsb == 1
+        y <<= 1
+        y &= (1 << 128) - 1
+      end
+      z
+    end
+
+    # Increment the rightmost 32 bits of a 16-byte counter block (big-endian).
+    private_class_method def self.inc32(block)
+      prefix  = block.byteslice(0, 12)
+      counter = block.byteslice(12, 4).unpack1("N")
+      prefix + [(counter + 1) & 0xFFFFFFFF].pack("N")
+    end
+
+    # XOR two binary strings, truncated to the shorter length.
+    private_class_method def self.xor_blocks(a, b)
+      len = [a.bytesize, b.bytesize].min
+      len.times.map { |i| (a.getbyte(i) ^ b.getbyte(i)).chr }.join.b
+    end
+
+    # Convert a binary string to an unsigned big-endian integer.
+    private_class_method def self.bytes_to_int(str)
+      str.bytes.inject(0) { |acc, b| (acc << 8) | b }
+    end
+
+    # Convert an unsigned integer to a 16-byte big-endian binary string.
+    private_class_method def self.int_to_bytes(n)
+      bytes = []
+      16.times { bytes.unshift(n & 0xFF); n >>= 8 }
+      bytes.pack("C*")
+    end
+
+    # Constant-time string comparison to prevent timing attacks.
+    private_class_method def self.secure_compare(a, b)
+      return false if a.bytesize != b.bytesize
+
+      result = 0
+      a.bytes.zip(b.bytes) { |x, y| result |= x ^ y }
+      result == 0
+    end
+  end
+end

data/lib/clacky/agent/cost_tracker.rb

@@ -82,71 +82,7 @@ module Clacky
 
       # Estimate token count for a message content
       # Simple approximation: characters / 4 (English text)
-      # For Chinese/other languages, characters / 2 is more accurate
-      # This is a rough estimate for compression triggering purposes
-      # @param content [String, Array, Object] Message content
-      # @return [Integer] Estimated token count
-      def estimate_tokens(content)
-        return 0 if content.nil?
-
-        text = if content.is_a?(String)
-                 content
-               elsif content.is_a?(Array)
-                 # Handle content arrays (e.g., with images)
-                 # Add safety check to prevent nil.compact error
-                 mapped = content.map { |c| c[:text] if c.is_a?(Hash) }
-                 (mapped || []).compact.join
-               else
-                 content.to_s
-               end
-
-        return 0 if text.empty?
-
-        # Detect language mix - count non-ASCII characters
-        ascii_count = text.bytes.count { |b| b < 128 }
-        total_bytes = text.bytes.length
-
-        # Mix ratio (1.0 = all English, 0.5 = all Chinese)
-        mix_ratio = total_bytes > 0 ? ascii_count.to_f / total_bytes : 1.0
-
-        # English: ~4 chars/token, Chinese: ~2 chars/token
-        base_chars_per_token = mix_ratio * 4 + (1 - mix_ratio) * 2
-
-        (text.length / base_chars_per_token).to_i + 50 # Add overhead for message structure
-      end
-
-      # Calculate total token count for all messages
-      # Returns estimated tokens and breakdown by category
-      # @return [Hash] Token counts by role and total
-      def total_message_tokens
-        system_tokens = 0
-        user_tokens = 0
-        assistant_tokens = 0
-        tool_tokens = 0
-        summary_tokens = 0
-
-        @history.to_a.each do |msg|
-          tokens = estimate_tokens(msg[:content])
-          case msg[:role]
-          when "system"
-            system_tokens += tokens
-          when "user"
-            user_tokens += tokens
-          when "assistant"
-            assistant_tokens += tokens
-          when "tool"
-            tool_tokens += tokens
-          end
-        end
 
-        {
-          total: system_tokens + user_tokens + assistant_tokens + tool_tokens,
-          system: system_tokens,
-          user: user_tokens,
-          assistant: assistant_tokens,
-          tool: tool_tokens
-        }
-      end
 
       private
 

data/lib/clacky/agent/message_compressor.rb

@@ -99,8 +99,13 @@ module Clacky
         raise "LLM compression failed: unable to parse compressed messages"
       end
 
-      # Return system message + compressed messages + recent messages
-      [system_msg, *parsed_messages, *recent_messages].compact
+      # Return system message + compressed messages + recent messages.
+      # Strip any system messages from recent_messages as a safety net —
+      # get_recent_messages_with_tool_pairs already excludes them, but this
+      # guard ensures we never end up with duplicate system prompts even if
+      # the caller passes an unfiltered list.
+      safe_recent = recent_messages.reject { |m| m[:role] == "system" }
+      [system_msg, *parsed_messages, *safe_recent].compact
     end
 
     private