openclacky 1.0.0.beta.4 → 1.0.0.beta.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6793e56434ea9d620acea58d78487dcee09a204ec1fd692dd6057397334b9fad
-  data.tar.gz: 44e54de50aca54413f3668ee4f01b7c16673005dc61752cf2829d47c921a4734
+  metadata.gz: afc12c94c2b8b7580ca948625cc6c106004bbf385f341c783e36e1be9d93fd82
+  data.tar.gz: 95508d829f02270b3fce4849b21e29b6766a46d9c663d47e37df817aed456da5
 SHA512:
-  metadata.gz: 53696e16fd895822b06b613edcbd7ca154e7f7c50f813ef203ace7626209c725a5a1560d7f19a4cc71685b480761c64598162fac96f1d9a7b4bc61aec28d4d35
-  data.tar.gz: 7d5554d91399d9a07a4396c6400189f8a404691aa87fcc3f5c31a828d4044840741895003747932de2462162aef670996d30a487352bf6b2656ff08fa2e2ceb9
+  metadata.gz: 8f44be2b9d9bf26f97490f5ddf2525a6cad937c5152b8486bb2840a263ab104cacfa5838600236b3a38a6806e69cd717fbce982838f2c2a65664158b0b4ed238
+  data.tar.gz: aecb14f4b6f345d190e52de0c0816f380b4e6c3213453c9e69a04b78944f757115e8a1ac042b0a78398e79d27de65190f4c0cb61d1efe3c224416b6a2f55f6c6

data/CHANGELOG.md

@@ -7,15 +7,51 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [1.0.0.beta.6] - 2026-04-30
+
+### Fixed
+- **Compression chunk indexing now uses disk-based discovery.** Chunk files are no longer incorrectly overwritten after the second compression. Previously, chunk index was counted from compressed_summary messages in history — which caps at 1 after rebuild — causing chunk-2.md to be overwritten on every subsequent compression. Now uses durable disk-based chunk discovery via SessionManager, ensuring all compressed chunks are preserved.
+- **Skill evolution no longer creates duplicate skills.** The reflect and auto-create scenarios in skill evolution are now mutually exclusive: when a skill was just used, only reflection runs; when no skill was used, only auto-creation is considered. This prevents near-duplicate "auto-*" skills from being extracted from tasks already served by an existing skill.
+
+### Improved
+- **Slash commands no longer misinterpret filesystem paths.** Pasted paths like `/Users/alice/foo` or `/tmp/bar` are no longer mistaken for slash commands, avoiding confusing "skill not found" notices.
+
+## [1.0.0.beta.5] - 2026-04-29
+
+### Added
+- **WSL2 mirrored networking mode for localhost access.** Windows users running under WSL2 can now configure mirrored networking, allowing the Clacky server to be reached at `localhost` from the Windows host instead of needing to look up the WSL IP address.
+- **Message compressor preserves chunk order.** Compression chunks are now consistently ordered with `chunk-nn` naming, making it easier to browse and understand compressed conversation history.
+- **Session model is now saved.** The currently active model selection is persisted in session data, so it survives page refreshes and server restarts.
+- **Feedback button styling in Web UI.** The feedback interface now has improved CSS styling for a better user experience.
+
+### Improved
+- **Fewer LLM turns for common tool operations.** The file reader, security tool, and todo manager have been optimized to require fewer round-trips with the AI model, making tasks faster and cheaper.
+- **Terminal now supports mise-based Node.js.** The terminal tool correctly resolves Node.js when installed through `mise` version manager, not just `nvm` or system paths.
+
+### Fixed
+- **Browser MCP connection recovers from crashes.** The browser tool's MCP daemon handles process restarts more gracefully, and stale Node.js detection code has been cleaned up.
+- **Brand configuration no longer crashes on empty data.** When brand config data is empty or missing, the system now handles it gracefully instead of raising an error.
+- **Kimi K2.5 and K2.6 models now show correct pricing.** These models are now in the pricing table, so cost tracking reflects actual usage costs.
+- **Feishu messages with images no longer silently dropped.** Image markdown syntax in Feishu messages is now sanitized before sending, preventing the Feishu API from silently rejecting them.
+- **Onboarding model selector and provider presets fixed.** The model combobox in the onboarding flow now works correctly, and provider presets are properly updated.
+- **File reader now works correctly with OpenAI provider.** Files attached to sessions are now properly read and processed when using the OpenAI API format.
+- **Image URLs with special tokens no longer mis-handled.** The message formatter no longer mis-handles image URLs containing special tokens (e.g., `bong`).
+
+### Changed
+- **`run_project` tool removed.** This deprecated tool has been removed. Use the terminal tool to run commands in projects instead.
+
+### More
+- Improved WSL2 detection on Windows PowerShell installer
+- Minor test and documentation fixes
+
 ## [1.0.0.beta.4] - 2026-04-28
 
 ### Fixed
-- **首次配置 API Key 时报 JSON 解析错误。** 初始化向导（Onboard）保存 API 配置时调用了已废弃的旧接口 `POST /api/config`，该接口在 beta.2 重构后已不存在，服务器返回 404 导致前端报 `Unexpected token 'N', "Not Found" is not valid JSON`。现已修复，改为调用正确的新接口 `POST /api/config/models`。
+- **Fix**: onboard.js was calling defunct `POST /api/config` → now calls `POST /api/config/models`
 
 ## [1.0.0.beta.3] - 2026-04-28
 
 ### Added
-- **Gemini 2.5 Pro support.** The new `gemini2.5-pro` model is now available as a selectable option, giving you access to Google's latest flagship model.
 - **File attachments now support Markdown, plain text, and `.tar.gz` archives.** When you attach `.md`, `.txt`, or `.tar.gz` files to a session, the agent can read and reason over their contents directly.
 - **Image type auto-detection.** Image files are now correctly identified by their binary content (magic bytes), not just their file extension — preventing misclassified images from causing upload or vision errors.
 
@@ -33,7 +69,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - **New session creation supports model & working-directory options.** The Web UI "new session" dialog now lets you pick the model and starting directory up front, instead of having to adjust them after the session opens.
 
 ### Fixed
-- **System prompt now refreshes when you switch models.** Previously the system prompt captured at session start stuck around even after `/model` or `/provider` switches, which could leave model-specific instructions out of sync. The agent now re-injects the correct system prompt on every model change.
+- **System prompt now refreshes when you switch models.** Previously the system prompt captured at session start stuck around even after model switches, which could leave model-specific instructions out of sync. The agent now re-injects the correct system prompt on every model change.
 - **Port 7070 properly released when the terminal tool exits.** A lingering listener on port 7070 could block subsequent runs; the terminal tool now cleans it up on shutdown.
 - **Windows installer uses `[IO.Path]::GetTempPath()` for the temp directory** (#58) — more reliable than `$env:TEMP` on systems where the env var is unset or points to a non-ASCII path.
 
@@ -41,7 +77,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Added
 - **Vision support — agents can now "see" images.** When you attach image files (PNG, JPG, GIF, WebP), the agent can analyze them visually with vision-capable models. Non-vision models automatically fall back to disk references instead of breaking.
-- **DeepSeek V4 (Clacky-DS) provider.** New `deepseekv4` provider preset with native DeepSeek API endpoint, supporting `deepseek-v4-pro` and `deepseek-v4-flash` models with accurate pricing.
+- **DeepSeek V4 (Clacky-DS) provider.** New `deepseekv4` provider preset with native DeepSeek API endpoint, supporting `dsk-deepseek-v4-pro` and `dsk-deepseek-v4-flash` models with accurate pricing.
 - **Memory subagent.** Long-term memory management now runs as a dedicated background subagent — writes memories when the task reaches meaningful completion, instead of on every turn.
 - **Usage telemetry.** Anonymous usage data collection helps us understand how the product is used and prioritize improvements. No personal or conversation data is collected.
 - **Brand configuration auto-refresh.** White-label brand settings now refresh automatically when the WebUI starts up, no manual restart needed.
@@ -49,7 +85,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Improved
 - **Progress handles revamped.** Nested progress handles now hide/show automatically, ticker threads keep animations smooth, and fast-completing tasks no longer flash a pointless "done" message.
 - **Todo manager tool upgrades.** Batch add/remove multiple todos at once, and completed todos auto-clear when you add new ones.
-- **Model switching more robust.** CLI slash commands (`/model`, `/provider`) now work seamlessly, server-side routing handles dynamic endpoints correctly, and switching between all provider types is more reliable.
+- **Model switching more robust.** CLI slash commands (/config) now work seamlessly, server-side routing handles dynamic endpoints correctly, and switching between all provider types is more reliable.
 
 ### Fixed
 - **Access key now persists via cookies.** The WebUI login key was stored only in `localStorage`, causing WebSocket connections to lose authentication. Now also written to a `clacky_access_key` cookie for consistent auth across all connection types.

data/lib/clacky/agent/message_compressor.rb

@@ -94,12 +94,18 @@ module Clacky
     # @param recent_messages [Array<Hash>] Recent messages to preserve
     # @param chunk_path [String, nil] Path to the archived chunk MD file (if saved)
     # @return [Array<Hash>] Rebuilt message list: system + compressed + recent
-    def rebuild_with_compression(compressed_content, original_messages:, recent_messages:, chunk_path: nil)
+    def rebuild_with_compression(compressed_content, original_messages:, recent_messages:, chunk_path: nil, topics: nil, previous_chunks: [])
       # Find and preserve system message
       system_msg = original_messages.find { |m| m[:role] == "system" }
 
-      # Parse the compressed result
-      parsed_messages = parse_compressed_result(compressed_content, chunk_path: chunk_path)
+      # Parse the compressed result, embedding previous chunk references so the
+      # new summary carries a complete index of all older archives. This avoids
+      # keeping all prior compressed_summary messages in active history while
+      # still giving the AI a path to find old conversations via file_reader.
+      parsed_messages = parse_compressed_result(compressed_content,
+                                                chunk_path: chunk_path,
+                                                topics: topics,
+                                                previous_chunks: previous_chunks)
 
       # If parsing fails or returns empty, raise error
       if parsed_messages.nil? || parsed_messages.empty?
@@ -124,7 +130,7 @@ module Clacky
       m ? m[1].strip : nil
     end
 
-    def parse_compressed_result(result, chunk_path: nil)
+    def parse_compressed_result(result, chunk_path: nil, topics: nil, previous_chunks: [])
       # Return the compressed result as a single user message (role: "user").
       #
       # Why role:"user" instead of "assistant":
@@ -144,6 +150,10 @@ module Clacky
       # The `compressed_summary: true` flag is preserved so that replay_history still
       # routes this message through the chunk-expansion path (which keys off that flag,
       # not the role).
+      #
+      # @param topics [String, nil] Short topic description extracted from <topics> tag
+      # @param previous_chunks [Array<Hash>] Info about older chunk files
+      #   Each hash: { basename:, path:, topics: }
       content = result.to_s.strip
 
       if content.empty?
@@ -152,22 +162,50 @@ module Clacky
         # Strip out the <topics> block — it's metadata for the chunk file, not for AI context
         content_without_topics = content.gsub(/<topics>.*?<\/topics>\n*/m, "").strip
 
-        # Inject chunk anchor so AI knows where to find original conversation
+        # Build previous chunks index section — links to older chunk files so the AI
+        # can find earlier conversations without keeping all prior compressed_summary
+        # messages in the active history. Shows newest chunks first (reverse order),
+        # capped at 10 to keep the message size bounded.
+        previous_chunks_section = ""
+        if previous_chunks.any?
+          max_visible = 10
+          visible = previous_chunks.last(max_visible).reverse
+          older_count = previous_chunks.size - visible.size
+
+          previous_chunks_section = "\n\n---\n📁 **Previous chunks (newest first):**\n"
+          visible.each do |pc|
+            topic_str = pc[:topics] ? " — #{pc[:topics]}" : ""
+            previous_chunks_section += "- `#{pc[:basename]}`#{topic_str}\n"
+          end
+
+          if older_count > 0
+            oldest = previous_chunks.first
+            previous_chunks_section += "- ... and #{older_count} older chunks back to `#{oldest[:basename]}`\n"
+          end
+
+          previous_chunks_section += "_Use `file_reader` to recall details from these chunks._"
+        end
+
+        # Inject chunk anchor so AI knows where to find original conversation for THIS chunk
+        anchor = ""
         if chunk_path
-          anchor = "\n\n---\n📁 **Original conversation archived at:** `#{chunk_path}`\n" \
+          anchor = "\n\n---\n📁 **Current chunk archived at:** `#{chunk_path}`\n" \
                    "_Use `file_reader` tool to recall details from this chunk._"
-          content_without_topics = content_without_topics + anchor
         end
 
         # Prefix lets the model recognise this is injected context, not a user utterance.
+        # Order: summary → previous chunks → current anchor (chronological)
         framed_content = "[Compressed conversation summary — previous turns archived]\n\n" \
-                         "#{content_without_topics}"
+                         "#{content_without_topics}" \
+                         "#{previous_chunks_section}" \
+                         "#{anchor}"
 
         [{
           role: "user",
           content: framed_content,
           compressed_summary: true,
           chunk_path: chunk_path,
+          topics: topics,
           system_injected: true
         }]
       end

data/lib/clacky/agent/message_compressor_helper.rb

@@ -154,25 +154,50 @@ module Clacky
         # Note: we need to remove the compression instruction message we just added
         original_messages = @history.to_a[0..-2]  # All except the last (compression instruction)
 
-        # Archive compressed messages to a chunk MD file before discarding them
-        # Count existing compressed_summary messages in history to determine the next chunk index.
-        # Using @compressed_summaries.size would reset to 0 on process restart and overwrite existing
-        # chunk files, creating circular chunk references. Counting from history is always accurate.
-        existing_chunk_count = original_messages.count { |m| m[:compressed_summary] }
-        chunk_index = existing_chunk_count + 1
+        # Archive compressed messages to a chunk MD file before discarding them.
+        #
+        # IMPORTANT: chunk_index and previous_chunks MUST come from disk, not from
+        # message history. Each compression's rebuild_with_compression keeps only
+        # ONE compressed_summary message (the new one), dropping older summaries
+        # and embedding their references into the new summary's content. So
+        # counting compressed_summary messages in history caps at 1 from the
+        # second compression onward — causing chunk-2.md to be overwritten on
+        # every subsequent compression, and losing references to chunk-1.md.
+        #
+        # Disk is the only durable source of truth: chunk files survive process
+        # restarts, session reloads, and message rebuilds. SessionManager owns
+        # all chunk file I/O (naming, writing, discovery) — we just ask it.
+        sm = session_manager
+        existing_chunks = sm.chunks_for_current(@session_id, @created_at)
+        chunk_index = sm.next_chunk_index(@session_id, @created_at)
+
+        # Extract topics from the LLM response to store in both the chunk MD front
+        # matter and the compressed_summary message hash (for future chunk indexing).
+        topics = @message_compressor.parse_topics(compressed_content)
+
         chunk_path = save_compressed_chunk(
           original_messages,
           compression_context[:recent_messages],
           chunk_index: chunk_index,
           compression_level: compression_context[:compression_level],
-          topics: @message_compressor.parse_topics(compressed_content)
+          topics: topics
         )
 
+        # Build previous_chunks index from the disk-discovered chunks (already
+        # sorted by index ascending). This gives the new summary a complete
+        # chronological index of all older archives so the AI can recall any
+        # past chunk via file_reader, not just the most recent one.
+        previous_chunks = existing_chunks.map do |c|
+          { basename: c[:basename], path: c[:path], topics: c[:topics] }
+        end
+
         @history.replace_all(@message_compressor.rebuild_with_compression(
           compressed_content,
           original_messages: original_messages,
           recent_messages: compression_context[:recent_messages],
-          chunk_path: chunk_path
+          chunk_path: chunk_path,
+          topics: topics,
+          previous_chunks: previous_chunks
         ))
 
         # Reset to the estimated size of the rebuilt (small) history.
@@ -332,8 +357,22 @@ module Clacky
         end
       end
 
-      # Save the messages being compressed to a chunk MD file for future recall
-      # File path: ~/.clacky/sessions/{datetime}-{short_id}-chunk-{n}.md
+      # Lazy accessor for a SessionManager instance used by compression chunk I/O.
+      # We keep this local to the helper rather than threading a manager instance
+      # through the Agent constructor — Agent itself doesn't persist sessions
+      # (CLI / HTTP server do that), but the compression archive lives in the
+      # same directory under SessionManager's ownership.
+      #
+      # NOTE: Uses Clacky::SessionManager::SESSIONS_DIR by default. Tests can
+      # stub that constant to point at a tmpdir.
+      private def session_manager
+        @session_manager ||= Clacky::SessionManager.new
+      end
+
+      # Save the messages being compressed to a chunk MD file for future recall.
+      # The filesystem concerns (path, write, chmod) are delegated to SessionManager;
+      # this method is responsible only for the business rules of WHAT gets archived.
+      #
       # @param original_messages [Array<Hash>] All messages before compression (excluding compression instruction)
       # @param recent_messages [Array<Hash>] Recent messages being kept (to exclude from chunk)
       # @param chunk_index [Integer] Sequential chunk number
@@ -357,19 +396,14 @@ module Clacky
 
         return nil if messages_to_archive.empty?
 
-        sessions_dir = Clacky::SessionManager::SESSIONS_DIR
-        datetime = Time.parse(@created_at).strftime("%Y-%m-%d-%H-%M-%S")
-        short_id = @session_id[0..7]
-        base_name = "#{datetime}-#{short_id}"
-        chunk_filename = "#{base_name}-chunk-#{chunk_index}.md"
-        chunk_path = File.join(sessions_dir, chunk_filename)
-
-        md_content = build_chunk_md(messages_to_archive, chunk_index: chunk_index, compression_level: compression_level, topics: topics)
-
-        File.write(chunk_path, md_content)
-        FileUtils.chmod(0o600, chunk_path)
+        md_content = build_chunk_md(messages_to_archive,
+                                    chunk_index: chunk_index,
+                                    compression_level: compression_level,
+                                    topics: topics)
 
-        chunk_path
+        # Delegate filesystem concerns (path assembly, write, chmod) to SessionManager —
+        # it owns the on-disk layout for sessions and their chunk archives.
+        session_manager.write_chunk(@session_id, @created_at, chunk_index, md_content)
       rescue => e
         @ui&.log("Failed to save chunk MD: #{e.message}", level: :warn)
         nil

data/lib/clacky/agent/session_serializer.rb

@@ -54,6 +54,20 @@ module Clacky
           @pending_error_rollback = true
         end
 
+        # Restore the session's original model if it still exists in the current
+        # config. This prevents all sessions from silently switching to the new
+        # default model when the user changes it and restarts. Falls back to the
+        # current default if the model was deleted/renamed since the session was
+        # last saved.
+        saved_model_name = session_data.dig(:config, :model_name)
+        if saved_model_name
+          saved_base_url = session_data.dig(:config, :model_base_url)
+          model_entry = @config.find_model_by_name_and_url(saved_model_name, saved_base_url)
+          if model_entry && model_entry["id"]
+            switch_model_by_id(model_entry["id"])
+          end
+        end
+
         # Rebuild and refresh the system prompt so any newly installed skills
         # (or other configuration changes since the session was saved) are
         # reflected immediately — without requiring the user to create a new session.
@@ -98,11 +112,19 @@ module Clacky
           config: {
             # NOTE: api_key and other sensitive credentials are intentionally excluded
             # to prevent leaking secrets into session files on disk.
+            # model_name is saved so the session can restore its original model on restart
+            # (falling back to the current default if the model no longer exists).
             permission_mode: @config.permission_mode.to_s,
             enable_compression: @config.enable_compression,
             enable_prompt_caching: @config.enable_prompt_caching,
             max_tokens: @config.max_tokens,
-            verbose: @config.verbose
+            verbose: @config.verbose,
+            # Persist the current model identity so the session can restore its
+            # original model on restart. model_name + model_base_url form a
+            # composite key to avoid matching a different provider's model of
+            # the same name. Falls back to default if the model no longer exists.
+            model_name: @config.current_model&.dig("model"),
+            model_base_url: @config.current_model&.dig("base_url")
           },
           stats: stats_data,
           messages: @history.to_a

data/lib/clacky/agent/skill_evolution.rb

@@ -10,16 +10,31 @@ module Clacky
     # Triggered at the end of Agent#run (post-run hooks), only for main agents.
     module SkillEvolution
       # Main entry point - runs all skill evolution checks
-      # Called from Agent#run after the main loop completes
+      # Called from Agent#run after the main loop completes.
+      #
+      # The two scenarios are mutually exclusive by design:
+      #
+      #   * If a skill just ran (@skill_execution_context is set), the user's
+      #     need was already served by an existing skill. Run Scenario 2
+      #     (reflect + possibly improve that skill) and skip Scenario 1 —
+      #     otherwise we would auto-extract a near-duplicate "auto-*" skill
+      #     from the same task, polluting the skills directory.
+      #
+      #   * If no skill ran, the task was solved with raw tools. That is the
+      #     signal for Scenario 1: if the pattern is complex/repeatable enough,
+      #     consider extracting it into a new skill.
       def run_skill_evolution_hooks
         return unless skill_evolution_enabled?
         return if @is_subagent
 
-        # Scenario 2: Reflect on executed skill (if one just ran)
-        maybe_reflect_on_skill if @skill_execution_context
-
-        # Scenario 1: Auto-create new skill from complex task
-        maybe_create_skill_from_task
+        if @skill_execution_context
+          # Scenario 2: Reflect on executed skill (may invoke skill-creator
+          # to UPDATE the existing skill, but will not create a new one).
+          maybe_reflect_on_skill
+        else
+          # Scenario 1: Auto-create new skill from complex task.
+          maybe_create_skill_from_task
+        end
       end
 
       # Check if skill evolution is enabled in config

data/lib/clacky/agent/skill_manager.rb

@@ -33,12 +33,46 @@ module Clacky
       def parse_skill_command(input)
         return { matched: false } unless input.start_with?("/")
 
-        match = input.match(%r{^/(\S+)(?:\s+(.*))?$})
+        # Split off the first whitespace-delimited token after the leading "/".
+        # Shape of a slash command:
+        #   /<command>
+        #   /<command> <arguments...>
+        #
+        # The key distinction we need to make is "slash command" vs. "filesystem
+        # path starting with /". Paths look like "/xxx/yyy", "/Users/alice/foo",
+        # "/tmp/bar" — what they all share is a *second* "/" inside the first
+        # token. Slash commands, on the other hand, may legitimately contain
+        # non-slug characters like ':' or '.' (e.g. "/guizang-ppt-skill:create"),
+        # so we deliberately DO NOT require the command to be a clean slug here —
+        # find_by_command handles the lookup, and a pilot-error like "/foo.bar"
+        # should still surface a friendly "skill not found" notice.
+        #
+        # Rejected as slash commands (treated as plain user messages):
+        #   - "/", "//", "/*.rb"        — token is empty or begins with a separator/glob
+        #   - "/ leading space"         — whitespace immediately after /
+        #   - "/Users/alice/foo"        — second "/" inside the first token ⇒ a path
+        #   - "/xxxx/zzzz/"             — same
+        #
+        # Accepted (routed to find_by_command, may yield :not_found notice):
+        #   - "/commit"
+        #   - "/skill-add https://…"     — "/" appears only in arguments, fine
+        #   - "/guizang-ppt-skill:create", "/foo.bar"  — non-slug but no path shape
+        match = input.match(%r{^/(\S+?)(?:\s+(.*))?$})
         return { matched: false } unless match
 
         skill_name = match[1]
         arguments  = match[2] || ""
 
+        # Reject path-like first tokens: anything containing a "/" after the
+        # leading one belongs to the filesystem, not the command namespace.
+        # This also naturally rejects "" (from "/" alone) and "*…" / ".…" style
+        # tokens because they won't be registered as a command — but those edge
+        # cases fall through to :not_found which is acceptable. The main goal is
+        # to stop pasted paths like "/Users/foo/bar" from producing a bogus
+        # "skill /Users/foo/bar not found" reply.
+        return { matched: false } if skill_name.include?("/")
+        return { matched: false } if skill_name.empty?
+
         skill = @skill_loader.find_by_command("/#{skill_name}")
         return { matched: true, found: false, skill_name: skill_name, reason: :not_found } unless skill
 

data/lib/clacky/agent/tool_executor.rb

@@ -169,6 +169,17 @@ module Clacky
         # Inject TODO reminder for non-todo_manager tools
         formatted_result = inject_todo_reminder(call[:name], formatted_result)
 
+        # Extract image_inject sidecar before building the tool content string.
+        # image_inject carries the base64 payload that must be delivered as a
+        # follow-up `role:"user"` message (OpenAI/OpenRouter/Gemini only accept
+        # image_url blocks in user messages, not in tool messages).
+        # Strip it from the content sent to the API so it isn't tokenised as text.
+        image_inject = nil
+        if formatted_result.is_a?(Hash) && formatted_result[:image_inject]
+          image_inject = formatted_result[:image_inject]
+          formatted_result = formatted_result.reject { |k, _| k == :image_inject }
+        end
+
         # If the tool returned a plain string, use it directly (avoids double-escaping).
         # If it returned an Array (e.g. multipart vision blocks with image + text),
         # pass it through as-is so format_tool_results can send it to the API.
@@ -182,10 +193,9 @@ module Clacky
                     JSON.generate(formatted_result)
                   end
 
-        {
-          id: call[:id],
-          content: content
-        }
+        result = { id: call[:id], content: content }
+        result[:image_inject] = image_inject if image_inject
+        result
       end
 
       # Build error result for tool execution

data/lib/clacky/agent.rb

@@ -883,6 +883,36 @@ module Clacky
 
       formatted_messages = @client.format_tool_results(response, tool_results, model: current_model)
       formatted_messages.each { |msg| @history.append(msg.merge(task_id: @current_task_id)) }
+
+      # Append a follow-up `role:"user"` message for any image payloads that
+      # could not be delivered inside the tool message.
+      #
+      # Background: OpenAI-compatible APIs (OpenRouter, Gemini, GPT-4o, etc.)
+      # only accept image_url content blocks in `role:"user"` messages.  Putting
+      # base64 data in a `role:"tool"` message causes it to be JSON-encoded as
+      # plain text, inflating token counts by 20-40x.  The tool result carries a
+      # plain-text description for the LLM; the actual image is delivered here.
+      tool_results.each do |tr|
+        inject = tr[:image_inject]
+        next unless inject
+
+        mime_type  = inject[:mime_type]
+        base64_data = inject[:base64_data]
+        path       = inject[:path]
+        next unless mime_type && base64_data
+
+        data_url = "data:#{mime_type};base64,#{base64_data}"
+        image_content = [
+          { type: "text",      text: "[Image from file_reader: #{File.basename(path.to_s)}]" },
+          { type: "image_url", image_url: { url: data_url } }
+        ]
+        @history.append({
+          role:             "user",
+          content:          image_content,
+          system_injected:  true,
+          task_id:          @current_task_id
+        })
+      end
     end
 
     # Interrupt the agent's current run
@@ -1397,6 +1427,7 @@ module Clacky
       ].compact.join(". ")
 
       content = "[Session context: #{parts}]"
+
       @history.append({
         role: "user",
         content: content,

data/lib/clacky/agent_config.rb

@@ -158,7 +158,7 @@ module Clacky
 
     def initialize(options = {})
       @permission_mode = validate_permission_mode(options[:permission_mode])
-      @max_tokens = options[:max_tokens] || 8192
+      @max_tokens = options[:max_tokens] || 16384
       @verbose = options[:verbose] || false
       @enable_compression = options[:enable_compression].nil? ? true : options[:enable_compression]
       # Enable prompt caching by default for cost savings
@@ -549,6 +549,21 @@ module Clacky
       @models.find { |m| m["type"] == type }
     end
 
+    # Find model by composite key (model name + base_url).
+    # Used when restoring a session to match its original model without relying
+    # on the runtime-only id (which changes on every process restart).
+    # base_url is optional for backward compatibility with sessions saved
+    # before base_url was persisted.
+    # @param model_name [String] the model's "model" field (e.g. "dsk-deepseek-v4-pro")
+    # @param base_url [String, nil] the model's "base_url" field
+    # @return [Hash, nil] the matching model entry or nil
+    def find_model_by_name_and_url(model_name, base_url = nil)
+      @models.find do |m|
+        m["model"] == model_name &&
+          (base_url.nil? || m["base_url"] == base_url)
+      end
+    end
+
     # Get the default model (type: default)
     # Falls back to current_model for backward compatibility
     def default_model

data/lib/clacky/brand_config.rb

@@ -964,16 +964,24 @@ module Clacky
           key = fetch_decryption_key(skill_id: skill_id, skill_version_id: skill_version_id)
 
           ciphertext = File.binread(enc_path)
-          pt         = aes_gcm_decrypt(key, ciphertext, file_meta["iv"], file_meta["tag"])
 
-          # Integrity check
-          actual   = Digest::SHA256.hexdigest(pt)
-          expected = file_meta["original_checksum"]
-          if expected && actual != expected
-            raise "Checksum mismatch for #{rel_plain}: expected #{expected}, got #{actual}"
-          end
+          if ciphertext.nil? || ciphertext.empty?
+            # AES-GCM of empty data still produces 16+ bytes (auth tag + IV).
+            # A 0-byte file means the skill package is corrupted; skip
+            # decryption and produce an empty output so the skill can still run.
+            ""
+          else
+            pt = aes_gcm_decrypt(key, ciphertext, file_meta["iv"], file_meta["tag"])
+
+            # Integrity check
+            actual   = Digest::SHA256.hexdigest(pt)
+            expected = file_meta["original_checksum"]
+            if expected && actual != expected
+              raise "Checksum mismatch for #{rel_plain}: expected #{expected}, got #{actual}"
+            end
 
-          pt
+            pt
+          end
         else
           # Mock/plain skill: raw bytes
           File.binread(enc_path).force_encoding("UTF-8")

data/lib/clacky/client.rb

@@ -15,6 +15,12 @@ module Clacky
       @use_anthropic_format = anthropic_format
       # Detect Bedrock: ABSK key prefix (native AWS) or abs- model prefix (Clacky AI proxy)
       @use_bedrock = MessageFormat::Bedrock.bedrock_api_key?(api_key, model)
+
+      # Determine vision support once at construction time.
+      # Non-vision models (DeepSeek, Kimi, MiniMax, etc.) reject image_url
+      # content blocks; the conversion layer strips them when this is false.
+      provider_id = Providers.resolve_provider(base_url: @base_url, api_key: @api_key)
+      @vision_supported = Providers.supports?(provider_id, :vision, model_name: @model)
     end
 
     # Returns true when the client is using the AWS Bedrock Converse API.
@@ -185,7 +191,10 @@ module Clacky
       # OpenRouter proxies Claude with the same cache_control field convention as Anthropic direct.
       messages = apply_message_caching(messages) if caching_enabled
 
-      body     = MessageFormat::OpenAI.build_request_body(messages, model, tools, max_tokens, caching_enabled)
+      body     = MessageFormat::OpenAI.build_request_body(
+        messages, model, tools, max_tokens, caching_enabled,
+        vision_supported: @vision_supported
+      )
       response = openai_connection.post("chat/completions") { |r| r.body = body.to_json }
 
       raise_error(response) unless response.status == 200

data/lib/clacky/default_skills/new/SKILL.md

@@ -183,12 +183,20 @@ Print a success summary:
 ```
 
 ### 4. Start Development Server
-After the script completes, use the run_project tool to start the server:
+After the script completes, read the `.1024` config file in the project root
+to find the `run_command`, then start it in the background via the terminal tool:
+
 ```
-run_project(action: "start")
+# First, read .1024 to get the run_command (usually `bin/dev` for Rails):
+file_reader(path: ".1024")
+
+# Then start the server in the background:
+terminal(command: "<run_command from .1024>", background: true)
 ```
 
-**Important**: If run_project executes without errors, the server has started successfully. 
+**Important**: If the terminal call returns a session_id (and no error), the
+server has started successfully. You can inspect logs later by polling the
+same session_id with an empty input.
 
 Then inform the user and ask what to develop next:
 ```
@@ -210,7 +218,7 @@ What would you like to develop next?
 - bin/setup fails → Show error, suggest running `./bin/setup` manually
 - Cloud project creation fails → Soft-fail with warning, continue to start server
 - workspace_key missing → Ask user interactively; skip cloud init if user declines
-- run_project fails → Check logs with `run_project(action: "output")` and verify database status
+- Dev server fails to start → Poll the terminal session (empty input) to check logs, verify database status
 
 ## Example Interaction
 User: "/new"
@@ -224,5 +232,5 @@ Response:
 6. Project setup complete!
 7. Initializing cloud project binding...
 8. ✅ Cloud project created and config injected into config/application.yml!
-9. Starting development server with run_project...
+9. Starting development server via terminal (background)...
 10. ✨ Server running! Visit http://localhost:3000