@agentprojectcontext/apx 1.30.2 → 1.31.1

package/src/core/tools/registry.js

@@ -350,12 +350,17 @@ const TOOL_DEFINITIONS = [
   {
     name: "browser_navigate",
     category: "browser",
-    description: "Navigate the headless browser to a URL. Launches Chromium lazily on first call.",
+    description: "Navigate the headless browser to a URL. Launches Chromium lazily on first call. Auto-retries and falls back to a more permissive wait strategy on redirect-heavy sites.",
     endpoint: { method: "POST", path: "/tools/browser/navigate" },
     parameters: {
       type: "object",
       properties: {
         url: { type: "string" },
+        wait_until: {
+          type: "string",
+          enum: ["load", "domcontentloaded", "networkidle0", "networkidle2"],
+          description: "Puppeteer wait strategy (default networkidle2). Use 'domcontentloaded' for slow/redirect-heavy sites; navigate auto-falls back to it on failure anyway.",
+        },
         launch_options: { type: "object", description: "Puppeteer launch overrides (headless, args, defaultViewport, etc.)." },
         allow_dangerous: { type: "boolean", description: "Allow dangerous launch args (--no-sandbox, --single-process, etc.)." },
       },
@@ -614,6 +619,8 @@ function makeInlineHandlers({ projects, registries }) {
     memory_list: async (body) => {
       const { default: fs } = await import("node:fs");
       const { default: path } = await import("node:path");
+      const { readAgents } = await import("../parser.js");
+      const { agentMemoryPath } = await import("../agent-memory.js");
       // Find the project
       const all = projects.list();
       let p = null;
@@ -624,15 +631,13 @@ function makeInlineHandlers({ projects, registries }) {
       }
       if (!p) p = projects.get(all.filter((x) => x.id !== 0)[0]?.id) || projects.get(0);
       if (!p) throw new Error("no project registered");
-      const agentsDir = path.join(p.path, ".apc", "agents");
-      if (!fs.existsSync(agentsDir)) return { agents_with_memory: [] };
-      const result = fs.readdirSync(agentsDir).filter((slug) => {
-        return fs.existsSync(path.join(agentsDir, slug, "memory.md"));
-      }).map((slug) => {
-        const memPath = path.join(agentsDir, slug, "memory.md");
+      const result = readAgents(p.path).map((agent) => {
+        const slug = agent.slug;
+        const memPath = agentMemoryPath(p, slug);
+        if (!fs.existsSync(memPath)) return null;
         const stat = fs.statSync(memPath);
         return { agent: slug, path: memPath, size: stat.size, mtime: stat.mtime };
-      });
+      }).filter(Boolean);
       return { project: p.path, agents_with_memory: result };
     },
   };

package/src/core/tools/search.js

@@ -45,26 +45,54 @@ function extractText(html) {
     .replace(/&lt;/g, "<")
     .replace(/&gt;/g, ">")
     .replace(/&quot;/g, '"')
-    .replace(/&#039;/g, "'")
+    .replace(/&#0?39;/g, "'")
     .replace(/&nbsp;/g, " ")
+    // Generic numeric entities (decimal &#92; and hex &#x27;) DDG sprinkles into
+    // titles/snippets — decode so results read cleanly.
+    .replace(/&#x([0-9a-f]+);/gi, (_, h) => String.fromCodePoint(parseInt(h, 16)))
+    .replace(/&#(\d+);/g, (_, d) => String.fromCodePoint(parseInt(d, 10)))
     .replace(/\s{2,}/g, " ")
     .trim();
 }
 
+/**
+ * Unwrap DuckDuckGo's result redirect. DDG no longer exposes the target URL
+ * directly: every result href is `//duckduckgo.com/l/?uddg=<urlencoded real
+ * url>&rut=...`. We pull the `uddg` param out and decode it back to the real
+ * destination. Plain/protocol-relative URLs are normalized to https.
+ */
+export function unwrapDdgUrl(href) {
+  if (!href) return href;
+  const m = href.match(/[?&]uddg=([^&]+)/);
+  if (m) {
+    try {
+      return decodeURIComponent(m[1].replace(/&amp;/g, "&"));
+    } catch {
+      /* fall through to raw href */
+    }
+  }
+  if (href.startsWith("//")) return "https:" + href;
+  return href;
+}
+
 /** Parse DuckDuckGo HTML results */
-function parseDdgResults(html, limit) {
+export function parseDdgResults(html, limit) {
   const results = [];
-  // Match result blocks: each has a link (.result__a) and snippet (.result__snippet)
-  const blockRe = /<a[^>]+class="[^"]*result__a[^"]*"[^>]+href="([^"]+)"[^>]*>([\s\S]*?)<\/a>/gi;
+  // Match result blocks: each has a link (.result__a) and snippet (.result__snippet).
+  // Attribute order varies (rel/class/href), so don't assume class precedes href.
+  const blockRe = /<a[^>]+class="[^"]*result__a[^"]*"[^>]*href="([^"]+)"[^>]*>([\s\S]*?)<\/a>/gi;
   const snippetRe = /<a[^>]+class="[^"]*result__snippet[^"]*"[^>]*>([\s\S]*?)<\/a>/gi;
 
   const links = [];
   let m;
   while ((m = blockRe.exec(html)) !== null && links.length < limit * 2) {
-    const href = m[1];
+    // DDG wraps every external link in a //duckduckgo.com/l/?uddg= redirect —
+    // decode it to the real target instead of discarding it (the old code
+    // dropped everything containing "duckduckgo.com", yielding zero results).
+    const url = unwrapDdgUrl(m[1]);
     const title = extractText(m[2]).trim();
-    if (href && title && !href.startsWith("//duckduckgo") && !href.includes("duckduckgo.com")) {
-      links.push({ url: href, title });
+    if (url && title && !/^https?:\/\/(?:[a-z]+\.)?duckduckgo\.com\//i.test(url) && !url.startsWith("//duckduckgo")) {
+      links.push({ url, title });
     }
   }
 

package/src/host/daemon/api/agents.js

@@ -14,6 +14,13 @@ import {
   restoreVaultAgent,
   ensureAgentDir,
 } from "../../../core/scaffold.js";
+import {
+  ensureAgentRuntimeDir,
+  readAgentMemory,
+  writeAgentMemory,
+  agentMemoryPath,
+  legacyAgentMemoryPath,
+} from "../../../core/agent-memory.js";
 import { agentToResponse } from "./shared.js";
 
 // Lowercase the patch keys we accept on the vault and turn skills/tools into
@@ -114,6 +121,7 @@ export function register(app, { projects, project }) {
     try {
       writeAgentFile(p.path, slug, vault.fields || {}, vault.body || "");
       ensureAgentDir(p.path, slug);
+      ensureAgentRuntimeDir(p, slug);
       projects.rebuild(p.id);
       res.status(201).json(agentToResponse(readAgents(p.path).find((a) => a.slug === slug)));
     } catch (e) {
@@ -133,10 +141,7 @@ export function register(app, { projects, project }) {
     const agents = readAgents(p.path);
     const a = agents.find((x) => x.slug === req.params.slug);
     if (!a) return res.status(404).json({ error: "agent not found" });
-    const memPath = path.join(p.path, ".apc", "agents", a.slug, "memory.md");
-    const memory = fs.existsSync(memPath)
-      ? fs.readFileSync(memPath, "utf8")
-      : "";
+    const memory = readAgentMemory(p, a.slug);
     res.json({ ...agentToResponse(a), memory, system: a.body || "" });
   });
 
@@ -163,6 +168,7 @@ export function register(app, { projects, project }) {
         Parent: parent || null,
       });
       ensureAgentDir(p.path, slug);
+      ensureAgentRuntimeDir(p, slug);
       projects.rebuild(p.id);
       const created = readAgents(p.path).find((a) => a.slug === slug);
       res.status(201).json(agentToResponse(created));
@@ -203,6 +209,7 @@ export function register(app, { projects, project }) {
     try {
       writeAgentFile(p.path, slug, fields, body);
       ensureAgentDir(p.path, slug);
+      ensureAgentRuntimeDir(p, slug);
       projects.rebuild(p.id);
       const updated = readAgents(p.path).find((a) => a.slug === slug);
       res.json(agentToResponse(updated));
@@ -211,18 +218,20 @@ export function register(app, { projects, project }) {
     }
   });
 
-  // Delete an agent: removes .apc/agents/<slug>.md and its data dir.
+  // Delete an agent: removes .apc/agents/<slug>.md and runtime data dir.
   app.delete("/projects/:pid/agents/:slug", (req, res) => {
     const p = project(req, res);
     if (!p) return;
     const slug = req.params.slug;
     const file = path.join(p.path, ".apc", "agents", `${slug}.md`);
-    const dir = path.join(p.path, ".apc", "agents", slug);
-    if (!fs.existsSync(file) && !fs.existsSync(dir))
+    const runtimeDir = path.dirname(agentMemoryPath(p, slug));
+    const legacyDir = path.dirname(legacyAgentMemoryPath(p.path, slug));
+    if (!fs.existsSync(file) && !fs.existsSync(runtimeDir) && !fs.existsSync(legacyDir))
       return res.status(404).json({ error: "agent not found" });
     try {
       if (fs.existsSync(file)) fs.rmSync(file);
-      if (fs.existsSync(dir)) fs.rmSync(dir, { recursive: true, force: true });
+      if (fs.existsSync(runtimeDir)) fs.rmSync(runtimeDir, { recursive: true, force: true });
+      if (fs.existsSync(legacyDir)) fs.rmSync(legacyDir, { recursive: true, force: true });
       projects.rebuild(p.id);
       res.json({ ok: true });
     } catch (e) {
@@ -257,15 +266,7 @@ export function register(app, { projects, project }) {
   app.get("/projects/:pid/agents/:slug/memory", (req, res) => {
     const p = project(req, res);
     if (!p) return;
-    const memPath = path.join(
-      p.path,
-      ".apc",
-      "agents",
-      req.params.slug,
-      "memory.md"
-    );
-    if (!fs.existsSync(memPath)) return res.json({ body: "" });
-    res.json({ body: fs.readFileSync(memPath, "utf8") });
+    res.json({ body: readAgentMemory(p, req.params.slug) });
   });
 
   app.put("/projects/:pid/agents/:slug/memory", (req, res) => {
@@ -274,10 +275,7 @@ export function register(app, { projects, project }) {
     const { body } = req.body || {};
     if (typeof body !== "string")
       return res.status(400).json({ error: "body must be string" });
-    const dir = path.join(p.path, ".apc", "agents", req.params.slug);
-    fs.mkdirSync(path.join(dir, "sessions"), { recursive: true });
-    const memPath = path.join(dir, "memory.md");
-    fs.writeFileSync(memPath, body);
+    writeAgentMemory(p, req.params.slug, body);
     projects.rebuild(p.id);
     res.json({ ok: true, bytes: Buffer.byteLength(body, "utf8") });
   });

package/src/host/daemon/api/sessions-search.js

@@ -31,7 +31,7 @@ export function register(app, { projects, config }) {
     for (const p of targetProjects) {
       if (!p) continue;
 
-      // 1) Session files in the repo (.apc/agents/<slug>/sessions/)
+      // 1) Legacy session files in the repo (.apc/agents/<slug>/sessions/)
       const sessionAgentsDir = path.join(p.path, ".apc", "agents");
       if (fs.existsSync(sessionAgentsDir)) {
         for (const slug of fs.readdirSync(sessionAgentsDir)) {

package/src/host/daemon/api/shared.js

@@ -6,6 +6,8 @@ import fs from "node:fs";
 import path from "node:path";
 import { randomUUID } from "node:crypto";
 import { appendErrorTrace, previewText } from "../../../core/logging.js";
+import { readAgents } from "../../../core/parser.js";
+import { agentMemoryPath } from "../../../core/agent-memory.js";
 
 export const nowIso = () =>
   new Date().toISOString().replace(/\.\d{3}Z$/, "Z");
@@ -110,15 +112,10 @@ export function makeTopProjectResolver(projects) {
 }
 
 // Pick the memory.md to use when /memory is called without an agent ref.
-// Prefer the first .apc/agents/<slug>/memory.md; else .apc/memory.md.
+// Prefer the first agent's runtime-local memory; else project-level .apc/memory.md.
 export function resolveMemoryPath(p) {
-  const agentsDir = path.join(p.path, ".apc", "agents");
-  if (fs.existsSync(agentsDir)) {
-    const slugs = fs.readdirSync(agentsDir).filter((s) =>
-      fs.statSync(path.join(agentsDir, s)).isDirectory()
-    );
-    if (slugs.length) return path.join(agentsDir, slugs[0], "memory.md");
-  }
+  const firstAgent = readAgents(p.path)[0];
+  if (firstAgent) return agentMemoryPath(p, firstAgent.slug);
   return path.join(p.path, ".apc", "memory.md");
 }
 

package/src/host/daemon/super-agent-tools/index.js

@@ -28,6 +28,7 @@ import transcribeAudio from "./tools/transcribe-audio.js";
 import askQuestions from "./tools/ask-questions.js";
 import createTask from "./tools/create-task.js";
 import listTasks from "./tools/list-tasks.js";
+import discoverTools from "./tools/discover-tools.js";
 import { createPermissionGuard } from "./helpers.js";
 import { buildBridgedTools, DEFAULT_CATEGORIES } from "./registry-bridge.js";
 
@@ -62,6 +63,7 @@ const NATIVE_TOOLS = [
   askQuestions,
   createTask,
   listTasks,
+  discoverTools,
 ];
 
 // Registry-backed bridges. Categories can be overridden per-process via env
@@ -78,67 +80,254 @@ const TOOLS = [...NATIVE_TOOLS, ...BRIDGED_TOOLS];
 
 export const TOOL_SCHEMAS = TOOLS.map((tool) => tool.schema);
 
-// "Core" tools always sent to the model. The rest are pulled in on-demand via
-// load_skill or by switching to a heavier channel. Picked to fit cheap cloud
-// tiers: full TOOL_SCHEMAS is ~22 KB / ~5.5 K tokens — too much when Groq
-// free tier caps you at 6-12 K TPM. CORE_TOOL_NAMES is ~3 KB / ~700 tokens.
-// See spec/done/backlog item 12 for the underlying motivation.
-const CORE_TOOL_NAMES = new Set([
-  // Inventory — the model NEEDS to call these to know what's there.
+// ---------------------------------------------------------------------------
+// Lazy tools: base set (always loaded) + on-demand set (revealed via
+// discover_tools). Motivation: full TOOL_SCHEMAS is ~25 KB / ~6.3 K tokens —
+// too much when Groq's free tier caps you at 6-12 K TPM. The base set is
+// ~24 tools (the ones a Telegram chat actually reaches for); everything else
+// (browser/Puppeteer, fetch, web_search, runtime delegation, voice, …) stays
+// off the wire until the model asks for it with discover_tools().
+// ---------------------------------------------------------------------------
+
+// Always loaded on lightweight channels. Covers messages, files, memory,
+// sessions, projects/inventory, basic shell, tasks, skills, and discovery.
+export const BASE_TOOL_NAMES = new Set([
+  // Discovery — the entry point to everything not loaded here.
+  "discover_tools",
+  // Inventory — the model needs these to know what exists.
   "list_projects",
   "list_agents",
   "list_mcps",
   "list_skills",
-  // Memory + identity — used during identity / config conversations.
+  "load_skill",
+  // Memory + identity.
   "read_agent_memory",
-  "set_identity",
-  // Self-memory: jot durable facts so they survive across sessions.
+  "read_self_memory",
   "remember",
-  // Self-recall: "what did we do / last session" must work on every channel.
+  "set_identity",
+  // Sessions + messages (self-recall + channel history).
   "search_sessions",
-  // Conversation control.
-  "ask_questions",
-  // On-demand expansion: this is how the model loads the rest of the surface.
-  "load_skill",
-  // Channels the user expects out of any super-agent turn.
+  "search_messages",
+  "tail_messages",
+  // Channels + conversation control + lightweight delegation.
   "send_telegram",
-  // Lightweight delegation (no spawn).
+  "ask_questions",
   "call_agent",
-  // Routine creation (very common ask via chat).
+  // Tasks (very common ask via chat).
   "create_task",
   "list_tasks",
+  // Files + basic shell — frequent enough on chat to keep hot.
+  "read_file",
+  "write_file",
+  "edit_file",
+  "list_files",
+  "search_files",
+  "run_shell",
 ]);
 
-export const CORE_TOOL_SCHEMAS = TOOLS
-  .filter((t) => CORE_TOOL_NAMES.has(t.name))
+// Channels that get the FULL registry up front (deliberate, user-picked model,
+// no cheap-tier TPM cap). Everything else is a "lightweight" channel and starts
+// on BASE_TOOL_NAMES with discover_tools to expand.
+const FULL_CHANNELS = new Set(["routine", "api", "web", "code", "terminal"]);
+
+// Category labels for grouping the discover_tools catalog. Native tools have no
+// registry category, so we assign one here; bridged tools carry their own
+// (browser/fetch/search/file) from registry-bridge.js.
+const NATIVE_CATEGORY = {
+  discover_tools: "system",
+  set_permission_mode: "system",
+  list_projects: "inventory",
+  list_agents: "inventory",
+  list_vault_agents: "inventory",
+  list_mcps: "inventory",
+  list_skills: "inventory",
+  load_skill: "skills",
+  import_agent: "agents",
+  add_project: "projects",
+  call_agent: "agents",
+  call_runtime: "runtime",
+  call_mcp: "mcp",
+  read_agent_memory: "memory",
+  read_self_memory: "memory",
+  remember: "memory",
+  set_identity: "identity",
+  search_sessions: "sessions",
+  search_messages: "messages",
+  tail_messages: "messages",
+  send_telegram: "messages",
+  ask_questions: "conversation",
+  create_task: "tasks",
+  list_tasks: "tasks",
+  transcribe_audio: "voice",
+  read_file: "files",
+  write_file: "files",
+  edit_file: "files",
+  list_files: "files",
+  search_files: "files",
+  run_shell: "shell",
+};
+
+function categoryOf(tool) {
+  return tool.category || NATIVE_CATEGORY[tool.name] || "other";
+}
+
+function oneLine(desc = "") {
+  const flat = String(desc).replace(/\s+/g, " ").trim();
+  if (flat.length <= 120) return flat;
+  return flat.slice(0, 117).trimEnd() + "…";
+}
+
+// Static metadata index for every tool — name, schema, category, short blurb.
+// Used by the per-turn tool session for the catalog and activation lookups.
+const TOOL_META = TOOLS.map((t) => ({
+  name: t.name,
+  schema: t.schema,
+  category: categoryOf(t),
+  description: oneLine(t.schema?.function?.description),
+}));
+const META_BY_NAME = new Map(TOOL_META.map((m) => [m.name, m]));
+
+export const BASE_TOOL_SCHEMAS = TOOLS
+  .filter((t) => BASE_TOOL_NAMES.has(t.name))
   .map((t) => t.schema);
 
+// Back-compat alias: a few callers/tests historically referenced the "core"
+// subset. The base set supersedes it.
+export const CORE_TOOL_SCHEMAS = BASE_TOOL_SCHEMAS;
+
+const schemaName = (s) => s?.function?.name || s?.name;
+
 /**
- * Choose the tool schema list for a given channel. Telegram / desktop / api
- * (chit-chat) get the "core" subset to stay under cheap-tier TPM limits;
- * routines get the full list because they're deliberate, scheduled, and the
- * user has chosen the model. Override with the explicit `full: true` opt.
+ * Choose the INITIAL tool schema list for a channel. Full channels get the
+ * whole registry; lightweight channels (telegram/desktop/deck/web_sidebar) get
+ * the base set and expand on demand via discover_tools. `full: true` forces the
+ * complete registry regardless of channel.
  */
 export function schemasForChannel(channel, { full = false } = {}) {
-  if (full) return TOOL_SCHEMAS;
-  // Full registry for deliberate, local surfaces running on a user-picked model
-  // (not subject to the cheap-tier TPM caps that motivate the "core" subset):
-  //   routine — scheduled/autonomous · api — generic HTTP / `apx exec`
-  //   web     — the big web chat (long-form workspace)
-  //   code    — the web Code module (needs read/write/edit/run_shell/grep/glob)
-  //   terminal — the `apx code`/`apx sys` TUI: same coding surface as web Code,
-  //              so it needs the full read/write/edit/run_shell registry too.
-  if (
-    channel === "routine" ||
-    channel === "api" ||
-    channel === "web" ||
-    channel === "code" ||
-    channel === "terminal"
-  )
-    return TOOL_SCHEMAS;
-  // Lightweight surfaces stay on the small subset to fit cheap cloud TPM limits
-  // and keep replies snappy: telegram, web_sidebar, deck, desktop.
-  return CORE_TOOL_SCHEMAS;
+  if (full || FULL_CHANNELS.has(channel)) return TOOL_SCHEMAS;
+  return BASE_TOOL_SCHEMAS;
+}
+
+/**
+ * Per-turn tool session: tracks which tools are live, exposes the catalog of
+ * not-yet-loaded tools, and activates more on demand. The agent loop reads
+ * `pending` after each iteration and merges the new schemas into the live set,
+ * so activated tools become callable on the model's next step.
+ *
+ * `allowedTools` mirrors the role gate: "*" = unrestricted, [] = nothing, an
+ * array = allowlist. Both the initial set AND any activation respect it, so a
+ * limited sender can't discover its way past the gate.
+ */
+export function createToolSession(channel, { full = false, allowedTools = "*" } = {}) {
+  const allowAll = allowedTools === "*";
+  const allow = allowAll || !Array.isArray(allowedTools) ? null : new Set(allowedTools);
+  const permits = (name) => allowAll || (allow ? allow.has(name) : false);
+
+  // If the role gate is "[]" (no tools), start empty and stay empty.
+  const gateEmpty = Array.isArray(allowedTools) && allowedTools.length === 0;
+
+  const initial = (gateEmpty ? [] : schemasForChannel(channel, { full }))
+    .filter((s) => permits(schemaName(s)));
+  const activeNames = new Set(initial.map(schemaName));
+
+  const session = {
+    channel,
+    initialSchemas: initial,
+    pending: [],
+    activeNames,
+
+    // Tools that exist but aren't loaded yet (and are permitted by the gate).
+    notLoaded() {
+      return TOOL_META.filter((m) => !activeNames.has(m.name) && permits(m.name));
+    },
+
+    // Catalog response for discover_tools() with no args: grouped by category.
+    catalogResponse() {
+      const pool = session.notLoaded();
+      const byCategory = {};
+      for (const m of pool) {
+        (byCategory[m.category] ||= []).push({ name: m.name, description: m.description });
+      }
+      return {
+        ok: true,
+        loaded_count: activeNames.size,
+        available_count: pool.length,
+        categories: byCategory,
+        hint:
+          "Activá lo que necesites con discover_tools({ category: \"<cat>\" }) o " +
+          "discover_tools({ names: [\"tool_a\", \"tool_b\"] }). Quedan disponibles desde tu próximo paso.",
+      };
+    },
+
+    // Activate by exact names and/or whole category. Pushes new schemas to
+    // `pending` for the agent loop to merge.
+    activate({ names, category } = {}) {
+      const targets = new Set();
+      if (Array.isArray(names)) for (const n of names) targets.add(n);
+      if (typeof category === "string" && category.trim()) {
+        const cat = category.trim();
+        for (const m of TOOL_META) if (m.category === cat) targets.add(m.name);
+      }
+
+      const activated = [];
+      const alreadyLoaded = [];
+      const unknown = [];
+      const denied = [];
+      for (const name of targets) {
+        const meta = META_BY_NAME.get(name);
+        if (!meta) { unknown.push(name); continue; }
+        if (!permits(name)) { denied.push(name); continue; }
+        if (activeNames.has(name)) { alreadyLoaded.push(name); continue; }
+        activeNames.add(name);
+        session.pending.push(meta.schema);
+        activated.push(name);
+      }
+
+      return {
+        ok: activated.length > 0 || (unknown.length === 0 && denied.length === 0),
+        activated,
+        already_loaded: alreadyLoaded,
+        ...(unknown.length ? { unknown } : {}),
+        ...(denied.length ? { denied } : {}),
+        note: activated.length
+          ? `Activé ${activated.length} tool(s): ${activated.join(", ")}. Ya las podés usar desde tu próximo paso.`
+          : "No se activó ninguna tool nueva.",
+      };
+    },
+  };
+
+  return session;
+}
+
+/**
+ * Compact "tools you can activate" block for the system prompt: instructions +
+ * just the NAMES (no schemas) of not-loaded tools, grouped by category. Returns
+ * "" when nothing is pending (full channels), so it's omitted from the prompt.
+ */
+export function buildLazyToolsBlock(session) {
+  if (!session) return "";
+  const pool = session.notLoaded();
+  if (pool.length === 0) return "";
+
+  const byCategory = {};
+  for (const m of pool) (byCategory[m.category] ||= []).push(m.name);
+  const lines = Object.keys(byCategory)
+    .sort()
+    .map((cat) => `- ${cat}: ${byCategory[cat].join(", ")}`);
+
+  return [
+    "# Tools adicionales (activación on-demand)",
+    "Tenés las tools base siempre cargadas. Estas otras EXISTEN pero no están",
+    "cargadas (para ahorrar tokens). Activalas cuando las necesites con",
+    "discover_tools — quedan disponibles desde tu próximo paso:",
+    '  • discover_tools()                              → catálogo completo (nombre + descripción)',
+    '  • discover_tools({ category: "browser" })       → activa toda una categoría',
+    '  • discover_tools({ names: ["browser_navigate"] })→ activa tools puntuales',
+    "Si no encontrás la tool que buscás, llamá discover_tools() sin argumentos.",
+    "",
+    `Tools no cargadas (solo nombres, ${pool.length} en total):`,
+    ...lines,
+  ].join("\n");
 }
 
 export function makeToolHandlers(ctx) {

package/src/host/daemon/super-agent-tools/registry-bridge.js

@@ -18,7 +18,29 @@
 // Net result: adding a tool = adding one entry to registry.js. No file in
 // super-agent-tools/tools/, no import in index.js.
 
+import fs from "node:fs";
 import { TOOL_DEFINITIONS } from "../../../core/tools/registry.js";
+import { TOKEN_PATH } from "../../../core/config.js";
+
+// The bridge POSTs to the daemon's OWN HTTP server, which is behind the bearer
+// auth middleware (see api/shared.js). Without a token every bridged tool call
+// (web_search, browser_*, http_*, glob, grep) comes back 401 "unauthorized" —
+// which is exactly what Roby hit. We read the daemon's master token from
+// ~/.apx/daemon.token (the same file the CLI authenticates with) and cache it.
+let cachedToken = null;
+function daemonToken() {
+  if (cachedToken !== null) return cachedToken;
+  cachedToken =
+    process.env.APX_TOKEN ||
+    (() => {
+      try {
+        return fs.readFileSync(TOKEN_PATH, "utf8").trim();
+      } catch {
+        return "";
+      }
+    })();
+  return cachedToken;
+}
 
 // Native handlers in super-agent-tools/tools/ that own these names. The bridge
 // MUST skip them or the registry version (HTTP roundtrip) would shadow the
@@ -56,9 +78,13 @@ function buildHandler(entry) {
     const method = String(entry.endpoint?.method || "POST").toUpperCase();
     let url = `http://127.0.0.1:${port}${entry.endpoint?.path || ""}`;
 
+    const token = daemonToken();
     const opts = {
       method,
-      headers: { "content-type": "application/json" },
+      headers: {
+        "content-type": "application/json",
+        ...(token ? { authorization: `Bearer ${token}` } : {}),
+      },
     };
 
     if (method === "GET" || method === "HEAD") {
@@ -114,6 +140,9 @@ export function buildBridgedTools(opts = {}) {
     .filter(e => e.endpoint?.path)
     .map(entry => ({
       name: entry.name,
+      // Carried through so the lazy-tools catalog can group on-demand tools by
+      // their registry category (browser/fetch/search/file) for discover_tools.
+      category: entry.category,
       schema: buildSchema(entry),
       makeHandler: buildHandler(entry),
     }));