@buildautomaton/cli 0.1.25 → 0.1.27

package/dist/index.js

@@ -22933,8 +22933,77 @@ function isClaudeCodePermissionMode(value) {
   return MODE_SET.has(value);
 }
 
+// ../types/src/cli-permission-mode.ts
+var CLI_PERMISSION_MODE_DEFAULT = "default";
+var CLI_PERMISSION_MODE_DANGEROUS = "dangerous";
+function normalizeCliPermissionModeInput(raw) {
+  if (typeof raw !== "string") return CLI_PERMISSION_MODE_DEFAULT;
+  const t = raw.trim();
+  if (t === CLI_PERMISSION_MODE_DANGEROUS) return CLI_PERMISSION_MODE_DANGEROUS;
+  if (t === "standard") return CLI_PERMISSION_MODE_DEFAULT;
+  return CLI_PERMISSION_MODE_DEFAULT;
+}
+
+// ../types/src/acp-permission-auto-approve.ts
+function isRejectKind(kind) {
+  return kind === "reject_once" || kind === "reject_always";
+}
+function normalizeOptions(raw) {
+  if (!Array.isArray(raw)) return [];
+  const out = [];
+  for (const item of raw) {
+    if (item == null || typeof item !== "object" || Array.isArray(item)) continue;
+    const o = item;
+    const rawId = o.optionId ?? o.id;
+    const optionId = typeof rawId === "string" && rawId.trim() !== "" ? rawId.trim() : typeof rawId === "number" && Number.isFinite(rawId) ? String(rawId) : "";
+    if (!optionId) continue;
+    const kind = typeof o.kind === "string" ? o.kind : void 0;
+    out.push({ optionId, ...kind ? { kind } : {} });
+  }
+  return out;
+}
+function pickAllowOption(options) {
+  const nonReject = options.filter((o) => !isRejectKind(o.kind));
+  if (nonReject.length === 0) return null;
+  const allowOnce = nonReject.find((o) => o.kind === "allow_once");
+  if (allowOnce) return allowOnce;
+  const notAlways = nonReject.filter((o) => o.kind !== "allow_always");
+  if (notAlways.length > 0) return notAlways[0] ?? null;
+  return nonReject.find((o) => o.kind === "allow_always") ?? nonReject[0] ?? null;
+}
+function firstNonEmptyOptionsArray(...candidates) {
+  for (const c of candidates) {
+    if (Array.isArray(c) && c.length > 0) return c;
+  }
+  const fallback = candidates[0];
+  return Array.isArray(fallback) ? fallback : [];
+}
+function extractAcpPermissionRequestOptionArray(params) {
+  const toolCall = params.toolCall;
+  const fromToolCall = toolCall != null && typeof toolCall === "object" && !Array.isArray(toolCall) ? toolCall : null;
+  return firstNonEmptyOptionsArray(
+    params.options,
+    params.permissionOptions,
+    fromToolCall?.options,
+    fromToolCall?.permissionOptions
+  );
+}
+function buildCliAutoApprovedPermissionRpcResult(requestParams) {
+  const opt = pickAllowOption(normalizeOptions(extractAcpPermissionRequestOptionArray(requestParams)));
+  if (!opt) return null;
+  const kind = opt.kind?.trim();
+  return {
+    outcome: {
+      outcome: "selected",
+      optionId: opt.optionId,
+      ...kind ? { _meta: { permissionOptionKind: kind } } : {}
+    }
+  };
+}
+
 // ../types/src/agent-config.ts
 var AGENT_CONFIG_CLAUDE_PERMISSION_MODE_KEY = "claude_permission_mode";
+var AGENT_CONFIG_CLI_PERMISSION_MODE_KEY = "cli_permission_mode";
 function getClaudePermissionModeFromAgentConfig(config2) {
   if (!config2) return null;
   const raw = config2[AGENT_CONFIG_CLAUDE_PERMISSION_MODE_KEY];
@@ -22942,6 +23011,10 @@ function getClaudePermissionModeFromAgentConfig(config2) {
   const t = raw.trim();
   return isClaudeCodePermissionMode(t) ? t : null;
 }
+function getCliPermissionModeFromAgentConfig(config2) {
+  if (!config2) return CLI_PERMISSION_MODE_DEFAULT;
+  return normalizeCliPermissionModeInput(config2[AGENT_CONFIG_CLI_PERMISSION_MODE_KEY]);
+}
 
 // src/agents/acp/claude-acp-permission-from-session.ts
 function flattenSelectOptions(options) {
@@ -23055,13 +23128,16 @@ function parseAcpInitAgentCapabilities(initResult) {
   const canLoad = agentCapabilities?.loadSession === true;
   const sessionCaps = agentCapabilities?.sessionCapabilities;
   const canResume = Boolean(sessionCaps?.resume);
-  return { canResume, canLoad };
+  const promptCaps = agentCapabilities?.promptCapabilities;
+  const promptSupportsImage = promptCaps?.image === true;
+  return { canResume, canLoad, promptSupportsImage };
 }
 
 // src/agents/acp/clients/shared/bootstrap-acp-wire-session.ts
 async function bootstrapAcpWireSession(transport, ctx, initializeRequest) {
   const initResult = await transport.initialize(initializeRequest);
-  const { canResume, canLoad } = parseAcpInitAgentCapabilities(initResult);
+  const { canResume, canLoad, promptSupportsImage } = parseAcpInitAgentCapabilities(initResult);
+  ctx.agentPromptImageSupported = promptSupportsImage;
   await transport.afterInitialize?.();
   const established = await establishAcpSessionWithTransport(transport, ctx, canResume, canLoad);
   const sessionId = established.sessionId;
@@ -23152,11 +23228,27 @@ function normalizeAcpPromptTurnFailure(err, stderrCaptureText) {
 }
 
 // src/agents/acp/clients/shared/send-acp-prompt-via-transport.ts
-async function sendAcpPromptViaTransport(transport, ctx, sessionId, promptText) {
+async function sendAcpPromptViaTransport(transport, ctx, sessionId, promptText, images) {
+  if (images && images.length > 0 && !ctx.agentPromptImageSupported) {
+    await new Promise((r) => setImmediate(r));
+    return normalizeAcpPromptTurnFailure(
+      new Error(
+        "This agent does not advertise image support in ACP (missing agentCapabilities.promptCapabilities.image). Remove images or use an agent that supports prompt images."
+      ),
+      ctx.getStderrText()
+    );
+  }
+  const textBlock = promptText.trim() !== "" ? promptText : images?.length ? " " : "";
+  const prompt = [{ type: "text", text: textBlock }];
+  if (images && images.length > 0) {
+    for (const im of images) {
+      prompt.push({ type: "image", mimeType: im.mimeType, data: im.data });
+    }
+  }
   try {
     const response = await transport.prompt({
       sessionId,
-      prompt: [{ type: "text", text: promptText }]
+      prompt
     });
     await new Promise((r2) => setImmediate(r2));
     const r = response;
@@ -23172,6 +23264,22 @@ async function sendAcpPromptViaTransport(transport, ctx, sessionId, promptText)
   }
 }
 
+// src/agents/acp/clients/sdk/sdk-stdio-permission-request-handshake.ts
+function awaitSdkStdioPermissionRequestHandshake(params) {
+  const { requestId, paramsRecord, pending, onRequest } = params;
+  return new Promise((resolve16) => {
+    pending.set(requestId, { resolve: resolve16, params: paramsRecord });
+    try {
+      onRequest?.({
+        requestId,
+        method: "session/request_permission",
+        params: paramsRecord
+      });
+    } catch {
+    }
+  });
+}
+
 // src/agents/acp/clients/sdk/sdk-acp-session-transport.ts
 function createSdkAcpSessionTransport(connection) {
   const c = connection;
@@ -23282,16 +23390,11 @@ async function createSdkStdioAcpClient(options) {
           async requestPermission(params) {
             const requestId = `perm-${++permissionSeq}`;
             const paramsRecord = params != null && typeof params === "object" ? params : {};
-            try {
-              onRequest?.({
-                requestId,
-                method: "session/request_permission",
-                params: paramsRecord
-              });
-            } catch {
-            }
-            return await new Promise((resolve17) => {
-              pendingPermissionReplies.set(requestId, { resolve: resolve17, params: paramsRecord });
+            return await awaitSdkStdioPermissionRequestHandshake({
+              requestId,
+              paramsRecord,
+              pending: pendingPermissionReplies,
+              onRequest
             });
           },
           async readTextFile(params) {
@@ -23321,15 +23424,17 @@ async function createSdkStdioAcpClient(options) {
         const established = await bootstrapAcpWireSession(transport, sessionCtx, {
           protocolVersion: PROTOCOL_VERSION2,
           clientCapabilities: {
-            fs: { readTextFile: true, writeTextFile: true }
+            fs: { readTextFile: true, writeTextFile: true },
+            prompt: { image: true }
           },
           clientInfo: { name: "buildautomaton-cli", version: "0.1.0" }
         });
         const sessionId = established.sessionId;
         settleResolve({
           sessionId,
-          async sendPrompt(prompt, _options) {
-            return sendAcpPromptViaTransport(transport, sessionCtx, sessionId, prompt);
+          async sendPrompt(prompt, options2) {
+            const imgs = options2?.images?.map((im) => ({ type: "image", mimeType: im.mimeType, data: im.dataBase64 }));
+            return sendAcpPromptViaTransport(transport, sessionCtx, sessionId, prompt, imgs);
           },
           async cancel() {
             for (const [id, entry] of [...pendingPermissionReplies.entries()]) {
@@ -23791,7 +23896,7 @@ function installBridgeProcessResilience() {
 }
 
 // src/cli-version.ts
-var CLI_VERSION = "0.1.25".length > 0 ? "0.1.25" : "0.0.0-dev";
+var CLI_VERSION = "0.1.27".length > 0 ? "0.1.27" : "0.0.0-dev";
 
 // ../../node_modules/.pnpm/open@10.2.0/node_modules/open/index.js
 import process7 from "node:process";
@@ -29867,6 +29972,122 @@ function augmentPromptResultAuthFields(agentType, errorText) {
   return { agentAuthRequired: true, agentType };
 }
 
+// ../e2ee/src/constants.ts
+var E2EE_NONCE_BYTES = 12;
+
+// ../e2ee/src/types.ts
+function isE2eeEnvelope(value) {
+  if (value === null || typeof value !== "object" || Array.isArray(value)) return false;
+  const o = value;
+  return typeof o.k === "string" && typeof o.n === "string" && typeof o.c === "string";
+}
+
+// ../e2ee/src/encoding.ts
+function base64UrlEncode(bytes) {
+  let binary = "";
+  for (let i = 0; i < bytes.length; i += 1) binary += String.fromCharCode(bytes[i]);
+  const b64 = btoa(binary);
+  return b64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, "");
+}
+function base64UrlDecode(value) {
+  const b64 = value.replace(/-/g, "+").replace(/_/g, "/");
+  const padded = b64 + "=".repeat((4 - b64.length % 4) % 4);
+  const binary = atob(padded);
+  const out = new Uint8Array(binary.length);
+  for (let i = 0; i < binary.length; i += 1) out[i] = binary.charCodeAt(i);
+  return out;
+}
+
+// src/agents/acp/fetch-session-attachments.ts
+function metaSaysEncrypted(meta) {
+  if (!meta) return false;
+  const e = meta.encrypted;
+  return e === true || e === "true" || e === 1;
+}
+function warnIfDecodedImageMagicUnexpected(buf, mimeType, idShort) {
+  const m = mimeType.toLowerCase();
+  if (!m.startsWith("image/") || buf.length < 4) return;
+  const b0 = buf[0];
+  const b1 = buf[1];
+  const b2 = buf[2];
+  const b3 = buf[3];
+  let looksOk = false;
+  if (m.includes("png") && b0 === 137 && b1 === 80 && b2 === 78 && b3 === 71) looksOk = true;
+  else if ((m.includes("jpeg") || m.includes("jpg")) && b0 === 255 && b1 === 216 && b2 === 255) looksOk = true;
+  else if (m.includes("gif") && b0 === 71 && b1 === 73 && b2 === 70) looksOk = true;
+  else if (m.includes("webp") && buf.length >= 12 && buf.subarray(0, 4).toString("ascii") === "RIFF" && buf.subarray(8, 12).toString("ascii") === "WEBP")
+    looksOk = true;
+  else if (!/(png|jpe?g|gif|webp)/i.test(m)) looksOk = true;
+  if (!looksOk) {
+    logDebug(
+      `[Agent] Attachment ${idShort} (${mimeType}): decoded bytes do not match common image signatures \u2014 wrong E2EE key, corrupt blob, or metadata mismatch. First 12 bytes (hex): ${buf.subarray(0, Math.min(12, buf.length)).toString("hex")}`
+    );
+  }
+}
+async function fetchSessionAttachmentPayloadsForAgent(params) {
+  const { attachments, sessionId, cloudApiBaseUrl, getCloudAccessToken, e2ee, log: log2 } = params;
+  const token = getCloudAccessToken();
+  if (!token) {
+    return { ok: false, error: "Missing cloud access token; cannot download attachments." };
+  }
+  const wantedCount = attachments.filter((a) => typeof a.attachmentId === "string" && a.attachmentId.trim() !== "").length;
+  if (wantedCount === 0) {
+    return { ok: false, error: "No valid attachment ids in prompt." };
+  }
+  const base = cloudApiBaseUrl.replace(/\/+$/, "");
+  const out = [];
+  for (const a of attachments) {
+    const id = typeof a.attachmentId === "string" ? a.attachmentId.trim() : "";
+    if (!id) continue;
+    const metaUrl = `${base}/api/sessions/${encodeURIComponent(sessionId)}/attachments/${encodeURIComponent(id)}/meta`;
+    const blobUrl = `${base}/api/sessions/${encodeURIComponent(sessionId)}/attachments/${encodeURIComponent(id)}/blob`;
+    const metaRes = await fetch(metaUrl, { headers: { Authorization: `Bearer ${token}` } });
+    if (!metaRes.ok) {
+      const t = await metaRes.text().catch(() => "");
+      log2(`[Agent] Attachment meta fetch failed ${metaRes.status}: ${t.slice(0, 200)}`);
+      return { ok: false, error: `Could not load attachment (${id.slice(0, 8)}\u2026): ${metaRes.status}` };
+    }
+    const meta = await metaRes.json().catch(() => null);
+    const mimeType = typeof meta?.mimeType === "string" && meta.mimeType.trim() ? meta.mimeType.trim() : a.mimeType;
+    const blobRes = await fetch(blobUrl, { headers: { Authorization: `Bearer ${token}` } });
+    if (!blobRes.ok) {
+      const t = await blobRes.text().catch(() => "");
+      log2(`[Agent] Attachment blob fetch failed ${blobRes.status}: ${t.slice(0, 200)}`);
+      return { ok: false, error: `Could not load attachment data (${id.slice(0, 8)}\u2026): ${blobRes.status}` };
+    }
+    const buf = Buffer.from(await blobRes.arrayBuffer());
+    let imageBytes;
+    const encrypted = metaSaysEncrypted(meta);
+    if (encrypted) {
+      if (!e2ee) {
+        return { ok: false, error: "Encrypted attachments require E2EE keys on this bridge." };
+      }
+      const k = typeof meta?.k === "string" ? meta.k : "";
+      const n = typeof meta?.n === "string" ? meta.n : "";
+      if (!k || !n) {
+        return { ok: false, error: "Invalid encrypted attachment metadata (missing key id or nonce)." };
+      }
+      const c = base64UrlEncode(buf);
+      imageBytes = e2ee.decryptEnvelopeToBuffer({ k, n, c });
+    } else {
+      imageBytes = buf;
+    }
+    warnIfDecodedImageMagicUnexpected(imageBytes, mimeType, id.slice(0, 8));
+    logDebug(
+      `[Agent] Loaded prompt image ${id.slice(0, 8)}\u2026: ${imageBytes.length} bytes, mime=${mimeType}, ${encrypted ? "E2EE decrypted" : "plaintext from storage"}`
+    );
+    const dataBase64 = imageBytes.toString("base64");
+    out.push({ mimeType, dataBase64 });
+  }
+  if (out.length !== wantedCount) {
+    return {
+      ok: false,
+      error: `Expected ${wantedCount} image attachment(s) but only loaded ${out.length} (check attachment ids and empty rows).`
+    };
+  }
+  return { ok: true, images: out };
+}
+
 // src/agents/acp/send-prompt-to-agent.ts
 async function sendPromptToAgent(options) {
   const {
@@ -29884,10 +30105,49 @@ async function sendPromptToAgent(options) {
     sessionChangeSummaryFilePaths,
     cloudApiBaseUrl,
     getCloudAccessToken,
-    e2ee
+    e2ee,
+    attachments
   } = options;
   try {
-    const result = await handle.sendPrompt(promptText, {});
+    let sendOpts = {};
+    if (attachments && attachments.length > 0) {
+      if (!sessionId || !cloudApiBaseUrl || !getCloudAccessToken) {
+        sendResult2({
+          type: "prompt_result",
+          id: promptId,
+          ...sessionId ? { sessionId } : {},
+          ...runId ? { runId } : {},
+          success: false,
+          error: "Prompt includes images but the bridge is not configured with a cloud API URL and token to fetch them.",
+          ...followUpCatalogPromptId != null && followUpCatalogPromptId !== "" ? { followUpCatalogPromptId } : {},
+          ...augmentPromptResultAuthFields(agentType, "missing cloud for images download")
+        });
+        return;
+      }
+      const resolved = await fetchSessionAttachmentPayloadsForAgent({
+        attachments,
+        sessionId,
+        cloudApiBaseUrl,
+        getCloudAccessToken,
+        e2ee,
+        log: log2
+      });
+      if (!resolved.ok) {
+        sendResult2({
+          type: "prompt_result",
+          id: promptId,
+          ...sessionId ? { sessionId } : {},
+          ...runId ? { runId } : {},
+          success: false,
+          error: resolved.error,
+          ...followUpCatalogPromptId != null && followUpCatalogPromptId !== "" ? { followUpCatalogPromptId } : {},
+          ...augmentPromptResultAuthFields(agentType, resolved.error)
+        });
+        return;
+      }
+      sendOpts = { images: resolved.images };
+    }
+    const result = await handle.sendPrompt(promptText, sendOpts);
     if (sessionId && runId && sendSessionUpdate && agentCwd && result.success) {
       await collectTurnGitDiffFromPreTurnSnapshot({
         sessionId,
@@ -30308,14 +30568,19 @@ async function createCursorAcpClient(options) {
         });
         const established = await bootstrapAcpWireSession(transport, sessionCtx, {
           protocolVersion: 1,
-          clientCapabilities: { fs: { readTextFile: true, writeTextFile: true }, terminal: false },
+          clientCapabilities: {
+            fs: { readTextFile: true, writeTextFile: true },
+            terminal: false,
+            prompt: { image: true }
+          },
           clientInfo: { name: "buildautomaton-cli", version: "0.1.0" }
         });
         const sessionId = established.sessionId;
         resolve16({
           sessionId,
-          async sendPrompt(prompt, _options) {
-            return sendAcpPromptViaTransport(transport, sessionCtx, sessionId, prompt);
+          async sendPrompt(prompt, options2) {
+            const imgs = options2?.images?.map((im) => ({ type: "image", mimeType: im.mimeType, data: im.dataBase64 }));
+            return sendAcpPromptViaTransport(transport, sessionCtx, sessionId, prompt, imgs);
           },
           async cancel() {
             cancelPendingPermissionRequests2();
@@ -30603,7 +30868,7 @@ function createBridgeOnFileChange(opts) {
 
 // src/agents/acp/hooks/bridge-on-request.ts
 function createBridgeOnRequest(opts) {
-  const { routing, getSendRequest, log: log2 } = opts;
+  const { routing, getSendRequest, log: log2, getAutoApproveAcpPermissions, resolveAcpPermissionRequest } = opts;
   return (request) => {
     const runId = routing.runId;
     const sessionId = routing.sessionId;
@@ -30611,6 +30876,26 @@ function createBridgeOnRequest(opts) {
     if (!runId || !sendReq) return;
     const kind = request.method === "cursor/create_plan" ? "plan" : request.method === "session/request_permission" ? "permission" : "question";
     const sessionUpdate = request.method === "cursor/create_plan" ? "plan" : request.method === "session/request_permission" ? "permission" : "question";
+    if (request.method === "session/request_permission" && getAutoApproveAcpPermissions() && resolveAcpPermissionRequest) {
+      const params = request.params != null && typeof request.params === "object" && !Array.isArray(request.params) ? request.params : {};
+      const auto = buildCliAutoApprovedPermissionRpcResult(params);
+      if (auto != null) {
+        try {
+          resolveAcpPermissionRequest(request.requestId, auto);
+          log2(
+            `[Bridge service] CLI dangerous mode: auto-approved permission requestId=${request.requestId} runId=${runId}`
+          );
+          return;
+        } catch (err) {
+          log2(
+            `[Bridge service] CLI dangerous mode: auto-approve failed (${errorMessage(err)}); forwarding permission`
+          );
+        }
+      }
+      log2(
+        `[Bridge service] CLI dangerous mode: no allow option to auto-select; forwarding permission requestId=${request.requestId}`
+      );
+    }
     try {
       sendReq({
         type: "session_update",
@@ -31161,6 +31446,7 @@ async function ensureAcpClient(options) {
     sendRequest,
     log: log2
   } = options;
+  state.latestAgentConfigForBridgeHooks = agentConfig != null && typeof agentConfig === "object" && !Array.isArray(agentConfig) ? agentConfig : null;
   const targetSessionParentPath = resolveSessionParentPathForAgentProcess(sessionParentPath);
   if (state.acpStartPromise && !state.acpHandle) {
     await state.acpStartPromise;
@@ -31218,7 +31504,11 @@ async function ensureAcpClient(options) {
       sessionParentPath: targetSessionParentPath,
       getSendSessionUpdate: () => sendSessionUpdate,
       getSendRequest: () => sendRequest,
-      log: log2
+      log: log2,
+      getAutoApproveAcpPermissions: () => getCliPermissionModeFromAgentConfig(state.latestAgentConfigForBridgeHooks) === CLI_PERMISSION_MODE_DANGEROUS,
+      resolveAcpPermissionRequest: (requestId, result) => {
+        state.acpHandle?.resolveRequest?.(requestId, result);
+      }
     });
     const persisted = cloudSessionId != null && cloudSessionId !== "" && preferredAgentType != null && preferredAgentType !== "" ? readLocalAgentSessionFile(cloudSessionId) : null;
     const persistedAcpSessionId = persisted && persisted.backendAgentType === preferredAgentType && typeof persisted.acpSessionId === "string" && persisted.acpSessionId.trim() !== "" ? persisted.acpSessionId.trim() : null;
@@ -31254,6 +31544,7 @@ async function ensureAcpClient(options) {
         state.acpStartPromise = null;
         state.acpAgentKey = null;
         state.activeSessionConfigOptions = null;
+        state.latestAgentConfigForBridgeHooks = null;
         state.lastAcpStartError = "Agent subprocess exited";
       },
       ...hooks,
@@ -31284,7 +31575,8 @@ async function createAcpManager(options) {
     lastAcpStartError: null,
     lastAcpCwd: null,
     acpAgentKey: null,
-    activeSessionConfigOptions: null
+    activeSessionConfigOptions: null,
+    latestAgentConfigForBridgeHooks: null
   };
   let backendFallbackAgentType = null;
   const promptRouting = {};
@@ -31319,7 +31611,8 @@ async function createAcpManager(options) {
       sessionChangeSummaryFilePaths,
       cloudApiBaseUrl,
       getCloudAccessToken,
-      e2ee
+      e2ee,
+      attachments
     } = opts;
     const preferredForPrompt = agentType ?? backendFallbackAgentType ?? null;
     pendingCancelRunId = void 0;
@@ -31390,7 +31683,8 @@ async function createAcpManager(options) {
         sessionChangeSummaryFilePaths,
         cloudApiBaseUrl,
         getCloudAccessToken,
-        e2ee
+        e2ee,
+        attachments
       });
     }
     void run().finally(() => {
@@ -31426,6 +31720,7 @@ async function createAcpManager(options) {
     state.acpStartPromise = null;
     state.acpAgentKey = null;
     state.activeSessionConfigOptions = null;
+    state.latestAgentConfigForBridgeHooks = null;
   }
   return {
     setPreferredAgentType,
@@ -34593,7 +34888,8 @@ function dispatchLocalPrompt(next, deps) {
     ...Array.isArray(pl.sessionChangeSummaryFilePaths) ? { sessionChangeSummaryFilePaths: pl.sessionChangeSummaryFilePaths } : {},
     ...Array.isArray(pl.sessionChangeSummaryFileSnapshots) ? { sessionChangeSummaryFileSnapshots: pl.sessionChangeSummaryFileSnapshots } : {},
     ...typeof pl.agentType === "string" && pl.agentType.trim() ? { agentType: pl.agentType.trim() } : {},
-    ...pl.agentConfig != null && typeof pl.agentConfig === "object" && !Array.isArray(pl.agentConfig) && Object.keys(pl.agentConfig).length > 0 ? { agentConfig: pl.agentConfig } : {}
+    ...pl.agentConfig != null && typeof pl.agentConfig === "object" && !Array.isArray(pl.agentConfig) && Object.keys(pl.agentConfig).length > 0 ? { agentConfig: pl.agentConfig } : {},
+    ...Array.isArray(pl.attachments) && pl.attachments.length > 0 ? { attachments: pl.attachments } : {}
   };
   handleBridgePrompt(msg, deps);
 }
@@ -34804,32 +35100,6 @@ function parseFollowUpFieldsFromPromptMessage(msg) {
   return { followUpCatalogPromptId, sessionChangeSummaryFilePaths, sessionChangeSummaryFileSnapshots };
 }
 
-// ../e2ee/src/constants.ts
-var E2EE_NONCE_BYTES = 12;
-
-// ../e2ee/src/types.ts
-function isE2eeEnvelope(value) {
-  if (value === null || typeof value !== "object" || Array.isArray(value)) return false;
-  const o = value;
-  return typeof o.k === "string" && typeof o.n === "string" && typeof o.c === "string";
-}
-
-// ../e2ee/src/encoding.ts
-function base64UrlEncode(bytes) {
-  let binary = "";
-  for (let i = 0; i < bytes.length; i += 1) binary += String.fromCharCode(bytes[i]);
-  const b64 = btoa(binary);
-  return b64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/g, "");
-}
-function base64UrlDecode(value) {
-  const b64 = value.replace(/-/g, "+").replace(/_/g, "/");
-  const padded = b64 + "=".repeat((4 - b64.length % 4) % 4);
-  const binary = atob(padded);
-  const out = new Uint8Array(binary.length);
-  for (let i = 0; i < binary.length; i += 1) out[i] = binary.charCodeAt(i);
-  return out;
-}
-
 // src/agents/acp/change-summary/decrypt-change-summary-file-input.ts
 function decryptChangeSummaryFileInput(row, e2ee) {
   if (!e2ee) return row;
@@ -34886,15 +35156,30 @@ function resolveChangeSummaryPromptForAgent(params) {
 }
 
 // src/agents/acp/from-bridge/handle-bridge-prompt.ts
+function parseBridgeAttachments(msg) {
+  const raw = msg.attachments;
+  if (!Array.isArray(raw)) return [];
+  const out = [];
+  for (const x of raw) {
+    if (x === null || typeof x !== "object" || Array.isArray(x)) continue;
+    const o = x;
+    const id = typeof o.attachmentId === "string" ? o.attachmentId.trim() : "";
+    if (!id) continue;
+    const mt = typeof o.mimeType === "string" && o.mimeType.trim() ? o.mimeType.trim() : "application/octet-stream";
+    out.push({ attachmentId: id, mimeType: mt });
+  }
+  return out;
+}
 function handleBridgePrompt(msg, deps) {
   const { getWs, log: log2, acpManager, sessionWorktreeManager } = deps;
   const rawPrompt = msg.prompt;
   const promptText = typeof rawPrompt === "string" ? rawPrompt : rawPrompt != null ? String(rawPrompt) : "";
+  const attachments = parseBridgeAttachments(msg);
   const sessionId = msg.sessionId;
   const runId = typeof msg.runId === "string" ? msg.runId : void 0;
   const promptId = typeof msg.id === "string" ? msg.id : void 0;
   const { sendBridgeMessage, sendResult: sendResult2, sendSessionUpdate } = createBridgePromptSenders(deps, getWs);
-  if (!promptText.trim()) {
+  if (!promptText.trim() && attachments.length === 0) {
     log2(
       `[Bridge service] Prompt ignored: empty or missing prompt text (session ${typeof msg.sessionId === "string" ? msg.sessionId.slice(0, 8) : "\u2014"}\u2026, run ${typeof msg.runId === "string" ? msg.runId.slice(0, 8) : "\u2014"}\u2026).`
     );
@@ -34961,7 +35246,8 @@ function handleBridgePrompt(msg, deps) {
       sessionChangeSummaryFilePaths: pathsForUpload,
       cloudApiBaseUrl: deps.cloudApiBaseUrl,
       getCloudAccessToken: deps.getCloudAccessToken,
-      e2ee: deps.e2ee
+      e2ee: deps.e2ee,
+      ...attachments.length > 0 ? { attachments } : {}
     });
   }
   void sessionWorktreeManager.resolveSessionParentPathForPrompt(sessionId, { isNewSession, sessionParent, sessionParentPath }).then((cwd) => preambleAndPrompt(cwd)).catch((err) => {
@@ -35931,6 +36217,17 @@ function createCliE2eeRuntime(key) {
       const merged = { ...message, ...parsed };
       delete merged.ee;
       return merged;
+    },
+    decryptEnvelopeToBuffer(envelope) {
+      if (envelope.k !== key.id) throw new Error(`E2EE key mismatch: ${envelope.k}`);
+      const sealed = Buffer.from(base64UrlDecode(envelope.c));
+      if (sealed.length < 16) throw new Error("Invalid E2EE payload.");
+      const ciphertext = sealed.subarray(0, sealed.length - 16);
+      const tag = sealed.subarray(sealed.length - 16);
+      const nonce = Buffer.from(base64UrlDecode(envelope.n));
+      const decipher = createDecipheriv("aes-256-gcm", rawKey, nonce);
+      decipher.setAuthTag(tag);
+      return Buffer.concat([decipher.update(ciphertext), decipher.final()]);
     }
   };
 }