@byfriends/agent-core 0.3.0 → 0.3.1

package/dist/index.mjs

@@ -3032,7 +3032,7 @@ function parseSkillText(options) {
 		throw error;
 	}
 	const frontmatter = parsed.data ?? {};
-	if (!isRecord$1(frontmatter)) throw new SkillParseError(`Frontmatter in ${options.skillMdPath} must be a mapping at the top level`);
+	if (!isRecord$2(frontmatter)) throw new SkillParseError(`Frontmatter in ${options.skillMdPath} must be a mapping at the top level`);
 	const metadata = normalizeMetadata(frontmatter);
 	if (!isSupportedSkillType(metadata.type)) throw new UnsupportedSkillTypeError(metadata.type ?? String(frontmatter["type"]));
 	const name = nonEmptyString$2(metadata.name);
@@ -3145,7 +3145,7 @@ function tokenizeArgs(raw) {
 function nonEmptyString$2(value) {
 	return typeof value === "string" && value.trim() !== "" ? value.trim() : void 0;
 }
-function isRecord$1(value) {
+function isRecord$2(value) {
 	return typeof value === "object" && value !== null && !Array.isArray(value);
 }
 //#endregion
@@ -3966,12 +3966,12 @@ function joinPath(parent, child, pathClass) {
 }
 //#endregion
 //#region src/tools/builtin/file/glob.md
-var glob_default = "Find files (and optionally directories) by glob pattern, sorted by modification time (most recent first).\n\nGood patterns:\n- `*.ts` — files in the current directory matching an extension\n- `src/**/*.ts` — recursive with a subdirectory anchor and extension\n- `test_*.py` — files whose name starts with a literal prefix\n\nRejected patterns (no literal anchor):\n- `**`, `**/*`, `*/*` — pure wildcards. Add an extension or subdirectory to give the walk a concrete target.\n- Anything starting with `**/` (e.g. `**/*.md`, `**/main/*.py`). Anchor it with a top-level subdirectory like `src/**/*.md`.\n- `*.{ts,tsx}` — brace expansion is not supported. Issue two calls: `*.ts` and `*.tsx`.\n\nLarge-directory warning — avoid recursing into dependency/build output even with an anchor:\n- `node_modules/**/*.js`, `.venv/**/*.py`, `__pycache__/**`, `target/**` match technically but typically produce thousands of results that truncate at the match cap. Prefer specific subpaths like `node_modules/react/src/**/*.js`.\n";
+var glob_default = "Find files (and optionally directories) by glob pattern, sorted by modification time (most recent first).\n\nREJECTED patterns (no literal anchor — will be rejected):\n- **Pure wildcards**: `**`, `**/*`, `*/*` — no literal anchor bounds the result. Add an extension or subdirectory to give the walk a concrete target.\n- **`**/` prefix**: Anything starting with `**/` (e.g. `**/*.py`, `**/main/*.ts`). The leading `**/` has no literal anchor in front of it. Anchor it with a top-level subdirectory like `src/**/*.ts`.\n- **Brace expansion**: `*.{ts,tsx}` is not supported. Split it into separate calls: `*.ts` and `*.tsx`.\n\nGood patterns:\n- `*.ts` — files in the current directory matching an extension\n- `src/**/*.ts` — recursive with a subdirectory anchor and extension\n- `test_*.py` — files whose name starts with a literal prefix\n\nLarge-directory warning — avoid recursing into dependency/build output even with an anchor:\n- `node_modules/**/*.js`, `.venv/**/*.py`, `__pycache__/**`, `target/**` match technically but typically produce thousands of results that truncate at the match cap. Prefer specific subpaths like `node_modules/react/src/**/*.js`.\n\nWhen you need to search the entire project, first use Glob to explore the top-level directory structure, then use an anchored pattern like `src/**/*.ts` or `packages/**/*.ts` to narrow the search.\n";
 //#endregion
 //#region src/tools/builtin/file/glob.ts
 const GlobInputSchema = z.object({
-	pattern: z.string().describe("Glob pattern to match files/directories."),
-	path: z.string().optional().describe("Absolute path to the directory to search in. Defaults to the current working directory."),
+	pattern: z.string().describe("Glob pattern to match files/directories. IMPORTANT: pattern MUST contain a literal anchor like a file extension (.ts) or a subdirectory name (src/). Patterns starting with **/ (e.g. **/*.py, **/main/*.ts), pure wildcards (**, **/*, */*, *), and brace expansion (*.{ts,tsx}) are REJECTED. Example: src/**/*.ts searches all .ts files under src/."),
+	path: z.string().optional().describe("Absolute path to the directory to search in. Defaults to the current working directory. Explicit absolute paths outside the workspace are allowed (e.g. to search a dependency installed elsewhere); relative paths are resolved against the working directory and rejected if they escape it."),
 	include_dirs: z.boolean().default(true).optional().describe("Whether to include directories in results. Defaults to true. Set false to return only files.")
 });
 const MAX_MATCHES = 1e3;
@@ -4013,7 +4013,7 @@ var GlobTool = class {
 			workspace: this.workspace,
 			operation: "search",
 			policy: {
-				guardMode: "strict",
+				guardMode: "absolute-outside-allowed",
 				checkSensitive: false
 			}
 		});
@@ -4047,7 +4047,7 @@ var GlobTool = class {
 			}
 			return {
 				isError: true,
-				output: `Pattern "${args.pattern}" is a pure wildcard (only \`*\`, \`?\`, \`**\`, \`/\`) and would enumerate every file under the search root — with no literal anchor to bound the result set, this typically exhausts your context on large trees. Add an extension ("${args.pattern === "**" || args.pattern === "**/*" ? "**/*.ts" : "**/*.md"}") or a subdirectory ("src/**/*.ts") to constrain the walk.\n\nAllowed roots for explicit path searches:\n${rootList}\n\nTop of ${this.workspace.workspaceDir}:\n${tree}`
+				output: `Pattern "${args.pattern}" is a pure wildcard (only \`*\`, \`?\`, \`**\`, \`/\`) and would enumerate every file under the search root — with no literal anchor to bound the result set, this typically exhausts your context on large trees. Add an extension ("${args.pattern === "**" || args.pattern === "**/*" ? "**/*.ts" : "**/*.md"}") or a subdirectory ("src/**/*.ts") to constrain the walk.\n\nWorkspace roots:\n${rootList}\n\nTop of ${this.workspace.workspaceDir}:\n${tree}`
 			};
 		}
 		if (containsBraceExpansion(args.pattern)) return {
@@ -4075,6 +4075,8 @@ var GlobTool = class {
 		try {
 			const seen = /* @__PURE__ */ new Set();
 			const entries = [];
+			const pathClass = this.kaos.pathClass();
+			const filteredSensitive = [];
 			const YIELD_SAFETY_CAP = MAX_MATCHES * 2;
 			let yielded = 0;
 			let truncated = false;
@@ -4090,6 +4092,10 @@ var GlobTool = class {
 					break outer;
 				}
 				seen.add(filePath);
+				if (isSensitiveFile(filePath, pathClass)) {
+					filteredSensitive.push(filePath);
+					continue;
+				}
 				let mtime = 0;
 				let isDir = false;
 				try {
@@ -4105,10 +4111,10 @@ var GlobTool = class {
 			}
 			entries.sort((a, b) => b.mtime - a.mtime);
 			const paths = entries.map((e) => e.path);
-			const pathClass = this.kaos.pathClass();
 			const relBase = searchRoots[0] ?? this.workspace.workspaceDir;
 			const displayLines = paths.map((p) => relativizeIfUnder$1(p, relBase, pathClass));
-			if (entries.length === 0 && !truncated) return { output: "No matches found" };
+			const filteredSome = filteredSensitive.length > 0;
+			if (entries.length === 0 && !truncated) return { output: filteredSome ? `No non-sensitive matches found (filtered ${String(filteredSensitive.length)} sensitive file(s))` : "No matches found" };
 			const lines = [];
 			if (truncated) {
 				lines.push(`[Truncated at ${String(MAX_MATCHES)} matches — use a more specific pattern]`);
@@ -4116,6 +4122,10 @@ var GlobTool = class {
 			}
 			lines.push(...displayLines);
 			if (!truncated && entries.length === 1e3) lines.push(`Found ${String(entries.length)} matches`);
+			if (filteredSome) {
+				const displayedFiltered = filteredSensitive.map((p) => relativizeIfUnder$1(p, relBase, pathClass));
+				lines.push(`Filtered ${String(filteredSensitive.length)} sensitive file(s): ${displayedFiltered.join(", ")}`);
+			}
 			return { output: lines.join("\n") };
 		} catch (error) {
 			if (error !== null && typeof error === "object" && "code" in error) {
@@ -6312,7 +6322,7 @@ function rewriteWindowsNullRedirect$1(command) {
 }
 //#endregion
 //#region src/tools/builtin/state/todo-list.md
-var todo_list_default = "Use this tool to maintain a structured TODO list as you work through a multi-step task.\n\nUse for multi-step tasks, tracking investigation progress, or planning a sequence of edits. Do not use for single-shot answers or trivial requests.\n\n**Avoid churn:**\n- Do not re-call this tool when nothing meaningful has changed since the last call — update the list only after real progress.\n- When unsure of the current state, call query mode first (omit `todos`) to check the list before deciding what to update.\n- If no available tool can move any task forward, tell the user where you are stuck instead of repeatedly re-ordering the same todos.\n\n**How to use:**\n- Call with `todos: [...]` to replace the full list. Statuses: pending / in_progress / done.\n- Call with no arguments to query the current list.\n- Call with `todos: []` to clear the list.\n- Keep titles short and actionable.\n- Update statuses as you make progress — mark one item in_progress at a time.\n";
+var todo_list_default = "Use this tool to maintain a structured TODO list as you work through a multi-step task.\n\nUse for multi-step tasks, tracking investigation progress, or planning a sequence of edits. Do not use for single-shot answers or trivial requests.\n\n**Update discipline:**\n- Update status immediately when you start or complete a subtask: mark it `in_progress` when you begin working on it, and `done` when finished.\n- Do not skip the `in_progress` state — the user should always see what you are currently working on.\n- Avoid redundant calls: do not re-call this tool when nothing meaningful has changed since the last call.\n- When unsure of the current state, call query mode first (omit `todos`) to check the list before deciding what to update.\n- If no available tool can move any task forward, tell the user where you are stuck instead of repeatedly re-ordering the same todos.\n\n**How to use:**\n- Call with `todos: [...]` to replace the full list. Statuses: pending / in_progress / done.\n- Call with no arguments to query the current list.\n- Call with `todos: []` to clear the list.\n- Keep titles short and actionable.\n- Update statuses as you make progress — mark one item in_progress at a time.\n";
 //#endregion
 //#region src/tools/builtin/state/todo-list.ts
 /**
@@ -8211,7 +8221,7 @@ const OptionalStringSchema = z.preprocess((value) => {
 	if (typeof value === "string") return value;
 	if (typeof value === "number" || typeof value === "boolean" || typeof value === "bigint") return String(value);
 }, z.string().optional());
-const HookSpecificOutputSchema = z.preprocess((value) => isRecord(value) ? value : void 0, z.looseObject({
+const HookSpecificOutputSchema = z.preprocess((value) => isRecord$1(value) ? value : void 0, z.looseObject({
 	message: OptionalStringSchema,
 	permissionDecision: z.unknown().optional(),
 	permissionDecisionReason: OptionalStringSchema
@@ -8371,7 +8381,7 @@ function tryKillProcess(child, signal) {
 		} catch {}
 	}
 }
-function isRecord(value) {
+function isRecord$1(value) {
 	return typeof value === "object" && value !== null && !Array.isArray(value);
 }
 function errorMessage(error) {
@@ -11476,8 +11486,7 @@ var AgentRecords = class {
 			tools: "tools",
 			usage: "usage",
 			background: "background",
-			full_compaction: "fullCompaction",
-			plan_mode: "planMode"
+			full_compaction: "fullCompaction"
 		}[recordType.split(".")[0]] ?? null;
 	}
 	async replay() {
@@ -13522,8 +13531,8 @@ var ToolManager = class {
 		return (input) => withProviderRequestAuth(resolveAuth, (auth) => uploadVideo(input, { auth }));
 	}
 	get loopTools() {
-		const builtinNames = [...this.builtinTools.keys()].filter((name) => this.enabledTools.has(name)).sort();
-		const userNames = [...this.userTools.keys()].filter((name) => this.enabledTools.has(name)).sort();
+		const builtinNames = [...this.builtinTools.keys()].filter((name) => this.enabledTools.has(name)).toSorted();
+		const userNames = [...this.userTools.keys()].filter((name) => this.enabledTools.has(name)).toSorted();
 		const mcpNames = [...this.mcpTools.keys()].filter((name) => this.isMcpToolEnabled(name));
 		return [
 			...builtinNames.map((name) => this.builtinTools.get(name)),
@@ -13699,7 +13708,7 @@ function findImplicitBoundaries(prompt) {
 		const index = prompt.indexOf(header);
 		if (index !== -1) boundaries.push(index);
 	}
-	return boundaries.sort((a, b) => a - b);
+	return boundaries.toSorted((a, b) => a - b);
 }
 /**
 * Split prompt by implicit boundaries into blocks.
@@ -15124,15 +15133,6 @@ var Agent = class {
 			getModel: () => {
 				return this.config.modelAlias ?? "";
 			},
-			enterPlan: async () => {
-				throw new ByfError(ErrorCodes.NOT_IMPLEMENTED, "Plan mode has been removed");
-			},
-			cancelPlan: async () => {
-				throw new ByfError(ErrorCodes.NOT_IMPLEMENTED, "Plan mode has been removed");
-			},
-			clearPlan: async () => {
-				throw new ByfError(ErrorCodes.NOT_IMPLEMENTED, "Plan mode has been removed");
-			},
 			beginCompaction: (payload) => {
 				this.fullCompaction.begin({
 					source: "manual",
@@ -15167,7 +15167,6 @@ var Agent = class {
 			getContext: () => this.context.data(),
 			getConfig: () => this.config.data(),
 			getPermission: () => this.permission.data(),
-			getPlan: async () => null,
 			getUsage: () => this.usage.data(),
 			getTools: () => this.tools.data(),
 			getBackground: (payload) => this.background.list(payload.activeOnly ?? false, payload.limit)
@@ -15300,6 +15299,21 @@ function proxyWithExtraPayload(methods, extraPayload) {
 		}, ...args);
 	} });
 }
+/** The Zod `z.enum` literal inferred from registry keys. */
+const PROVIDER_TYPE_VALUES = Object.keys({
+	exa: { defaultBaseUrl: "https://api.exa.ai/search" },
+	brave: { defaultBaseUrl: "https://api.search.brave.com/res/v1/web/search" },
+	firecrawl: { defaultBaseUrl: "https://api.firecrawl.dev/v2/search" }
+});
+const providerClassMap = /* @__PURE__ */ new Map();
+function registerProvider(type, cls) {
+	providerClassMap.set(type, cls);
+}
+function createProvider$1(type, options) {
+	const cls = providerClassMap.get(type);
+	if (cls === void 0) throw new Error(`WebSearch provider type "${type}" is not registered. Did you import the provider module?`);
+	return new cls(options);
+}
 //#endregion
 //#region src/config/schema.ts
 const ProviderTypeSchema = z.enum([
@@ -15399,9 +15413,18 @@ const ByfServiceConfigSchema = z.object({
 	oauth: OAuthRefSchema.optional(),
 	customHeaders: StringRecordSchema.optional()
 });
+/** Provider type enum derived from webSearchProviderRegistry keys. */
+const WebSearchProviderTypeSchema = z.enum(PROVIDER_TYPE_VALUES);
+const WebSearchProviderConfigSchema = z.object({
+	type: WebSearchProviderTypeSchema,
+	apiKeys: z.array(z.string().min(1)).nonempty(),
+	baseUrl: z.string().optional(),
+	priority: z.number().int().positive()
+});
+const WebSearchConfigSchema = z.object({ providers: z.array(WebSearchProviderConfigSchema).nonempty() });
 const ServicesConfigSchema = z.object({
-	byfSearch: ByfServiceConfigSchema.optional(),
-	byfFetch: ByfServiceConfigSchema.optional()
+	webSearch: WebSearchConfigSchema.optional(),
+	fetchUrl: ByfServiceConfigSchema.optional()
 });
 const McpServerCommonFields = {
 	enabled: z.boolean().optional(),
@@ -15467,8 +15490,8 @@ const LoopControlPatchSchema = LoopControlSchema.partial();
 const BackgroundConfigPatchSchema = BackgroundConfigSchema.partial();
 const ByfServiceConfigPatchSchema = ByfServiceConfigSchema.partial();
 const ServicesConfigPatchSchema = z.object({
-	byfSearch: ByfServiceConfigPatchSchema.optional(),
-	byfFetch: ByfServiceConfigPatchSchema.optional()
+	webSearch: WebSearchConfigSchema.optional(),
+	fetchUrl: ByfServiceConfigPatchSchema.optional()
 });
 const ByfConfigPatchSchema = z.object({
 	providers: z.record(z.string(), ProviderConfigPatchSchema).optional(),
@@ -15716,10 +15739,15 @@ function transformServiceData(data) {
 		const targetKey = snakeToCamel(key);
 		if (targetKey === "oauth") out[targetKey] = isPlainObject(value) ? transformPlainObject(value) : value;
 		else if (targetKey === "customHeaders") out[targetKey] = cloneObjectValue(value);
+		else if (Array.isArray(value)) out[targetKey] = value.map((item) => isPlainObject(item) ? transformRecord(item, identity, snakeToCamel) : item);
+		else if (isPlainObject(value)) out[targetKey] = transformPlainObject(value);
 		else out[targetKey] = value;
 	}
 	return out;
 }
+function identity(v) {
+	return v;
+}
 function transformLoopControlData(data) {
 	const out = transformPlainObject(data);
 	if (out["maxStepsPerTurn"] === void 0 && out["maxStepsPerRun"] !== void 0) out["maxStepsPerTurn"] = out["maxStepsPerRun"];
@@ -15739,11 +15767,11 @@ function configToTomlData(config) {
 	delete out["default_yolo"];
 	delete out["defaultYolo"];
 	delete out["defaultPermissionMode"];
+	delete out["default_thinking"];
 	for (const key of [
 		"defaultProvider",
 		"defaultModel",
 		"yolo",
-		"defaultThinking",
 		"defaultPermissionMode",
 		"mergeAllAvailableSkills",
 		"extraSkillDirs"
@@ -15812,10 +15840,17 @@ function permissionRuleToToml(rule) {
 }
 function servicesToToml(services, rawServices) {
 	const out = cloneRecord(rawServices);
-	if (services.byfSearch !== void 0) out["byf_search"] = serviceToToml(services.byfSearch);
-	else delete out["byf_search"];
-	if (services.byfFetch !== void 0) out["byf_fetch"] = serviceToToml(services.byfFetch);
-	else delete out["byf_fetch"];
+	if (services.webSearch !== void 0 && services.webSearch.providers.length > 0) {
+		const providersToml = services.webSearch.providers.map((p) => {
+			const providerOut = {};
+			for (const [key, value] of Object.entries(p)) setDefined(providerOut, camelToSnake(key), value);
+			return providerOut;
+		});
+		out["web_search"] = out["web_search"] ?? {};
+		out["web_search"]["providers"] = providersToml;
+	} else delete out["web_search"];
+	if (services.fetchUrl !== void 0) out["fetch_url"] = serviceToToml(services.fetchUrl);
+	else delete out["fetch_url"];
 	return out;
 }
 function serviceToToml(service) {
@@ -15873,90 +15908,679 @@ function isFileExistsError(error) {
 	return typeof error === "object" && error !== null && error.code === "EEXIST";
 }
 //#endregion
-//#region src/version.ts
-function getCoreVersion() {
-	try {
-		const raw = readFileSync(fileURLToPath(new URL("../package.json", import.meta.url)), "utf-8");
-		const pkg = JSON.parse(raw);
-		return typeof pkg.version === "string" ? pkg.version : "0.0.0";
-	} catch {
-		return "0.0.0";
+//#region src/config/update-rules.ts
+const REMOVED_RULES = [
+	{
+		path: "default_yolo",
+		pathParts: ["default_yolo"],
+		kind: "removed",
+		detail: "Top-level field default_yolo is removed. Use yolo instead.",
+		deprecatedSince: "pre-0.1.0"
+	},
+	{
+		path: "defaultYolo",
+		pathParts: ["defaultYolo"],
+		kind: "removed",
+		detail: "Top-level field defaultYolo is removed. Use yolo instead.",
+		deprecatedSince: "pre-0.1.0"
+	},
+	{
+		path: "services.byf_search",
+		pathParts: ["services", "byf_search"],
+		kind: "removed",
+		detail: "Deprecated service byf_search is removed.",
+		deprecatedSince: "pre-0.1.0"
+	},
+	{
+		path: "services.byf_fetch",
+		pathParts: ["services", "byf_fetch"],
+		kind: "removed",
+		detail: "Deprecated service byf_fetch is removed. Use services.fetch_url instead.",
+		deprecatedSince: "pre-0.1.0"
 	}
-}
-//#endregion
-//#region src/mcp/client-shared.ts
-const BYF_MCP_CLIENT_VERSION = getCoreVersion();
+];
+const RENAMED_RULES = [{
+	path: "loop_control.max_steps_per_run",
+	pathParts: ["loop_control", "max_steps_per_run"],
+	kind: "renamed",
+	detail: "Renamed to max_steps_per_turn.",
+	deprecatedSince: "pre-0.1.0"
+}];
+const MIGRATED_RULES = [{
+	path: "default_thinking",
+	pathParts: ["default_thinking"],
+	kind: "migrated",
+	detail: "Migrate default_thinking to [thinking] block.",
+	deprecatedSince: "pre-0.1.0"
+}];
 /**
-* Build the `RequestOptions` object accepted by the MCP SDK's `callTool`,
-* including either the configured tool-call timeout, an in-flight abort
-* signal, both, or neither. Returns `undefined` when nothing needs to be
-* passed so the SDK falls back to its defaults.
+* Combined list of all deprecated-field rules.
+*
+* Order within the list does not affect correctness (the CLI groups by kind
+* at display time), but a stable order helps test expectations.
 */
-function buildRequestOptions(toolCallTimeoutMs, signal) {
-	if (toolCallTimeoutMs === void 0 && signal === void 0) return void 0;
+const DEPRECATED_FIELD_RULES = [
+	...REMOVED_RULES,
+	...RENAMED_RULES,
+	...MIGRATED_RULES
+];
+//#endregion
+//#region src/providers/runtime-provider.ts
+function resolveRuntimeProvider(input) {
+	const modelName = input.model ?? input.config.defaultModel;
+	if (modelName === void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, "No model is selected. Set default_model in config.toml or pass a configured model alias.");
+	const alias = input.config.models?.[modelName];
+	if (alias === void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Model "${modelName}" is not configured in config.toml. Add a [models."${modelName}"] entry with max_context_size.`);
+	const resolvedModel = alias.model;
+	const providerName = alias.provider ?? input.config.defaultProvider;
+	const providerConfig = providerName === void 0 ? void 0 : input.config.providers[providerName];
+	if (providerName === void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Model "${modelName}" must define a provider in config.toml.`);
+	if (providerConfig === void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Provider "${providerName}" for model "${modelName}" is not configured.`);
+	if (!Number.isInteger(alias.maxContextSize) || alias.maxContextSize <= 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Model "${modelName}" must define a positive max_context_size in config.toml.`);
+	if (input.validateCredentials !== false && providerConfig.type !== "vertexai" && providerConfig.oauth === void 0 && providerApiKey(providerConfig) === void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Provider "${providerName}" has no credentials configured. Set apiKey, oauth, or a provider env API key in config.toml.`);
+	const provider = toKosongProviderConfig(providerConfig, resolvedModel, input.byfRequestHeaders, alias.maxOutputSize, alias.reasoningKey, input.promptCacheKey);
 	return {
-		timeout: toolCallTimeoutMs,
-		signal
+		modelName,
+		providerName,
+		modelCapabilities: resolveModelCapabilities(alias, provider),
+		provider
 	};
 }
-function toMcpToolDefinition(tool) {
+async function resolveRuntimeProviderWithOAuth(input) {
+	const resolved = resolveRuntimeProvider(input);
+	const resolveAuth = createRuntimeProviderAuthResolver(input, resolved);
+	if (resolveAuth === void 0) return resolved;
+	await resolveAuth();
 	return {
-		name: tool.name,
-		description: tool.description ?? "",
-		inputSchema: tool.inputSchema
+		...resolved,
+		resolveAuth
+	};
+}
+function createRuntimeProviderAuthResolver(input, resolved = resolveRuntimeProvider(input)) {
+	const providerName = resolved.providerName;
+	if (providerName === void 0) return void 0;
+	const providerConfig = input.config.providers[providerName];
+	if (providerConfig?.oauth === void 0) return void 0;
+	if (providerApiKey(providerConfig) !== void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Provider "${providerName}" has both apiKey and oauth set in config.toml — they are mutually exclusive. Remove one.`);
+	const tokenProvider = input.resolveOAuthTokenProvider?.(providerName, providerConfig.oauth);
+	if (tokenProvider === void 0) return async () => {
+		throw new ByfError(ErrorCodes.AUTH_LOGIN_REQUIRED, `OAuth provider "${providerName}" requires login before it can be used.`);
+	};
+	return async (options) => {
+		let apiKey;
+		try {
+			apiKey = await tokenProvider.getAccessToken(options?.forceRefresh === true ? { force: true } : void 0);
+		} catch (error) {
+			if (!isAuthLoginRequired(error)) (input.log ?? log).warn("oauth token fetch failed", {
+				providerName,
+				error
+			});
+			throw new ByfError(ErrorCodes.AUTH_LOGIN_REQUIRED, `OAuth provider "${providerName}" requires login before it can be used.`, { cause: error });
+		}
+		if (apiKey.trim().length === 0) throw new ByfError(ErrorCodes.AUTH_LOGIN_REQUIRED, `OAuth provider "${providerName}" requires login before it can be used.`);
+		return { apiKey };
 	};
 }
+function isAuthLoginRequired(error) {
+	return isByfError(error) && error.code === ErrorCodes.AUTH_LOGIN_REQUIRED;
+}
+const CAPABILITY_DEFINITIONS = [
+	{
+		name: "image_in",
+		returnKey: "image_in"
+	},
+	{
+		name: "video_in",
+		returnKey: "video_in"
+	},
+	{
+		name: "audio_in",
+		returnKey: "audio_in"
+	},
+	{
+		name: "thinking",
+		returnKey: "thinking"
+	},
+	{
+		name: "always_thinking",
+		returnKey: "thinking"
+	},
+	{
+		name: "tool_use",
+		returnKey: "tool_use"
+	},
+	{
+		name: "thinking_effort",
+		returnKey: "thinking_effort"
+	},
+	{
+		name: "thinking_xhigh",
+		returnKey: "thinking_xhigh"
+	},
+	{
+		name: "thinking_max",
+		returnKey: "thinking_max"
+	}
+];
 /**
-* Normalise the SDK's `callTool` return into kosong's {@link MCPToolResult}.
-* The SDK can return either the modern `{ content, isError }` shape or a
-* legacy `{ toolResult }` shape; we collapse the legacy shape to a single
-* text content block.
+* The list of every valid capability name that can appear in a model
+* alias's `capabilities` array.
+*
+* Derives directly from {@link CAPABILITY_DEFINITIONS} so that adding a
+* new capability in one place automatically keeps both the validation
+* gate (`update-config`) and the runtime resolver in sync.
 */
-function toMcpToolResult(result) {
-	if (typeof result === "object" && result !== null && "content" in result) {
-		const typed = result;
-		if (Array.isArray(typed.content)) return {
-			content: typed.content,
-			isError: typed.isError === true
+const VALID_CAPABILITIES = CAPABILITY_DEFINITIONS.map((d) => d.name);
+function resolveModelCapabilities(alias, provider) {
+	const capabilities = new Set((alias.capabilities ?? []).map((capability) => capability.trim().toLowerCase()));
+	const has = (capability) => capabilities.has(capability);
+	const providerCapability = createProvider(providerForCapabilityProbe(provider)).getCapability?.(provider.model) ?? UNKNOWN_CAPABILITY;
+	const returnKeyToNames = /* @__PURE__ */ new Map();
+	for (const def of CAPABILITY_DEFINITIONS) {
+		const names = returnKeyToNames.get(def.returnKey) ?? [];
+		names.push(def.name);
+		returnKeyToNames.set(def.returnKey, names);
+	}
+	const resolved = {};
+	for (const [returnKey, names] of returnKeyToNames) resolved[returnKey] = names.some((n) => has(n)) || Boolean(providerCapability[returnKey]);
+	return {
+		...resolved,
+		max_context_tokens: alias.maxContextSize
+	};
+}
+function toKosongProviderConfig(provider, model, byfRequestHeaders, maxOutputSize, reasoningKey, promptCacheKey) {
+	switch (provider.type) {
+		case "anthropic": return {
+			type: "anthropic",
+			model,
+			baseUrl: providerValue(provider.baseUrl, provider.env, "ANTHROPIC_BASE_URL"),
+			apiKey: providerApiKey(provider),
+			...maxOutputSize !== void 0 ? { defaultMaxTokens: maxOutputSize } : {},
+			...defaultHeadersField(provider.customHeaders)
 		};
-	}
-	if (typeof result === "object" && result !== null && "toolResult" in result) {
-		const legacy = result.toolResult;
-		return {
-			content: [{
-				type: "text",
-				text: typeof legacy === "string" ? legacy : JSON.stringify(legacy)
-			}],
-			isError: false
+		case "openai-completions": {
+			const defaultHeaders = {
+				...byfRequestHeaders,
+				...provider.customHeaders
+			};
+			const generationKwargs = {
+				prompt_cache_key: promptCacheKey,
+				extra_body: provider.extraBody
+			};
+			if (Object.keys(defaultHeaders).length === 0) return {
+				type: "openai-completions",
+				model,
+				baseUrl: providerValue(provider.baseUrl, provider.env, "BYF_BASE_URL"),
+				reasoningKey,
+				thinkingEffortKey: provider.thinkingEffortKey,
+				generationKwargs,
+				apiKey: providerApiKey(provider)
+			};
+			return {
+				type: "openai-completions",
+				model,
+				baseUrl: providerValue(provider.baseUrl, provider.env, "BYF_BASE_URL"),
+				reasoningKey,
+				thinkingEffortKey: provider.thinkingEffortKey,
+				generationKwargs,
+				defaultHeaders,
+				apiKey: providerApiKey(provider)
+			};
+		}
+		case "google-genai": return {
+			type: "google-genai",
+			model,
+			apiKey: providerApiKey(provider)
+		};
+		case "openai_responses": return {
+			type: "openai_responses",
+			model,
+			baseUrl: providerValue(provider.baseUrl, provider.env, "OPENAI_BASE_URL"),
+			apiKey: providerApiKey(provider),
+			...defaultHeadersField(provider.customHeaders)
+		};
+		case "vertexai": return {
+			type: "vertexai",
+			model,
+			vertexai: hasVertexAIServiceEnv(provider),
+			apiKey: hasVertexAIServiceEnv(provider) ? void 0 : providerApiKey(provider),
+			project: vertexAIProject(provider),
+			location: vertexAILocation(provider)
 		};
+		default: {
+			const exhaustive = provider.type;
+			throw new ByfError(ErrorCodes.MODEL_CONFIG_INVALID, `Unsupported provider type: ${String(exhaustive)}`);
+		}
 	}
+}
+function defaultHeadersField(headers) {
+	if (headers === void 0 || Object.keys(headers).length === 0) return {};
+	return { defaultHeaders: { ...headers } };
+}
+function providerForCapabilityProbe(provider) {
+	if (provider.type === "vertexai") return {
+		...provider,
+		vertexai: false,
+		project: void 0,
+		location: void 0,
+		apiKey: provider.apiKey === void 0 || provider.apiKey.length === 0 ? "capability-probe" : provider.apiKey
+	};
+	if (provider.apiKey !== void 0 && provider.apiKey.length > 0) return provider;
 	return {
-		content: [],
-		isError: false
+		...provider,
+		apiKey: "capability-probe"
 	};
 }
-//#endregion
-//#region src/mcp/client-http.ts
-/**
-* Wraps the SDK streamable-HTTP transport as a kosong {@link MCPClient}.
-* Static bearer tokens are looked up from `process.env[bearerTokenEnvVar]`.
-* OAuth providers are attached separately by the connection manager.
-*/
-var HttpMcpClient = class {
-	client;
-	transport;
-	toolCallTimeoutMs;
-	started = false;
-	closed = false;
-	ready = false;
-	hooksInstalled = false;
-	unexpectedCloseListener;
-	lastTransportError;
-	pendingUnexpectedClose;
-	unexpectedCloseFired = false;
-	constructor(config, options = {}) {
-		const headers = buildMcpHttpHeaders(config, options.envLookup ?? ((name) => process.env[name]));
-		this.transport = new StreamableHTTPClientTransport(new URL(config.url), {
+function providerApiKey(provider) {
+	switch (provider.type) {
+		case "anthropic": return providerValue(provider.apiKey, provider.env, "ANTHROPIC_API_KEY");
+		case "openai_responses": return providerValue(provider.apiKey, provider.env, "OPENAI_API_KEY");
+		case "openai-completions": return providerValue(provider.apiKey, provider.env, "BYF_API_KEY");
+		case "google-genai": return providerValue(provider.apiKey, provider.env, "GOOGLE_API_KEY");
+		case "vertexai": return nonEmptyString$1(provider.apiKey) ?? envValue(provider.env, "VERTEXAI_API_KEY") ?? envValue(provider.env, "GOOGLE_API_KEY");
+		default: {
+			const exhaustive = provider.type;
+			throw new ByfError(ErrorCodes.MODEL_CONFIG_INVALID, `Unsupported provider type: ${String(exhaustive)}`);
+		}
+	}
+}
+function hasVertexAIServiceEnv(provider) {
+	return vertexAIProject(provider) !== void 0 && vertexAILocation(provider) !== void 0;
+}
+function vertexAIProject(provider) {
+	return envValue(provider.env, "GOOGLE_CLOUD_PROJECT");
+}
+function vertexAILocation(provider) {
+	return envValue(provider.env, "GOOGLE_CLOUD_LOCATION") ?? locationFromVertexAIBaseUrl(provider.baseUrl);
+}
+function providerValue(configured, env, envKey) {
+	return nonEmptyString$1(configured) ?? envValue(env, envKey);
+}
+function envValue(env, key) {
+	return nonEmptyString$1(env?.[key]);
+}
+function nonEmptyString$1(value) {
+	const trimmed = value?.trim();
+	return trimmed === void 0 || trimmed.length === 0 ? void 0 : trimmed;
+}
+function locationFromVertexAIBaseUrl(baseUrl) {
+	const url = nonEmptyString$1(baseUrl);
+	if (url === void 0) return void 0;
+	try {
+		const host = new URL(url).hostname;
+		return host.endsWith("-aiplatform.googleapis.com") ? nonEmptyString$1(host.slice(0, -26)) : void 0;
+	} catch {
+		return;
+	}
+}
+//#endregion
+//#region src/config/update.ts
+/**
+* Scan a parsed config (including `config.raw`) and return all Findings
+* for deprecated / renamed / migrated / dangling / unknown / invalid-value
+* fields.
+*
+* This is a **pure** function — no file I/O, no side effects.
+*
+* Detection is based on `config.raw` (the clone of the original TOML data),
+* not on the parsed camelCase schema. This matches the PRD's observation
+* that `raw` is both the protection layer (preserving unknown fields) and
+* the blind spot (retaining stale keys through read→write cycles).
+*/
+function analyzeConfig(config) {
+	const raw = config.raw;
+	const findings = [];
+	if (isRecord(raw)) {
+		for (const rule of DEPRECATED_FIELD_RULES) if (pathExistsInRaw(raw, rule.pathParts)) findings.push({
+			kind: rule.kind,
+			path: rule.path,
+			detail: rule.detail,
+			deprecatedSince: rule.deprecatedSince
+		});
+		const defaultThinkingFinding = findings.find((f) => f.path === "default_thinking");
+		if (defaultThinkingFinding) {
+			const thinking = config.thinking;
+			if (thinking && (thinking.mode !== void 0 || thinking.effort !== void 0)) {
+				defaultThinkingFinding.kind = "removed";
+				defaultThinkingFinding.detail = "Already superseded by [thinking] block.";
+			}
+		}
+		const UNKNOWN_SKIP_PATHS = new Set(DEPRECATED_FIELD_RULES.map((r) => r.pathParts.join(".")));
+		const byfShapeKeys = /* @__PURE__ */ new Set();
+		for (const key of Object.keys(ByfConfigSchema.shape)) {
+			byfShapeKeys.add(key);
+			byfShapeKeys.add(camelToSnakeStatic(key));
+		}
+		for (const rawKey of Object.keys(raw)) {
+			if (rawKey === "raw") continue;
+			if (UNKNOWN_SKIP_PATHS.has(rawKey)) continue;
+			const camelKey = snakeToCamelStatic(rawKey);
+			if (!byfShapeKeys.has(camelKey) && !byfShapeKeys.has(rawKey)) findings.push({
+				kind: "unknown",
+				path: rawKey,
+				detail: `Field "${rawKey}" is not recognized by the current schema. Its value has been ignored. This may be a typo or a field from a previous version.`
+			});
+		}
+		const nestedFindings = scanNestedUnknowns(raw, UNKNOWN_SKIP_PATHS);
+		findings.push(...nestedFindings);
+	}
+	if (config.models) {
+		const validCapsLower = new Set(VALID_CAPABILITIES.map((c) => c.toLowerCase()));
+		for (const [alias, modelConfig] of Object.entries(config.models)) if (modelConfig.capabilities) for (let i = 0; i < modelConfig.capabilities.length; i++) {
+			const cap = modelConfig.capabilities[i];
+			if (cap === void 0) continue;
+			if (!validCapsLower.has(cap.toLowerCase())) findings.push({
+				kind: "invalid-value",
+				path: `models.${alias}.capabilities[${i}]`,
+				detail: `"${cap}" is not a valid capability. Valid values: ${VALID_CAPABILITIES.join(", ")}.`
+			});
+		}
+	}
+	const providerKeys = Object.keys(config.providers ?? {});
+	if (config.models) {
+		for (const [alias, modelConfig] of Object.entries(config.models)) if (!providerKeys.includes(modelConfig.provider)) findings.push({
+			kind: "dangling",
+			path: `models.${alias}.provider`,
+			detail: `Model alias "${alias}" references provider "${modelConfig.provider}", which does not exist in [providers].`
+		});
+	}
+	if (config.defaultProvider !== void 0 && !providerKeys.includes(config.defaultProvider)) findings.push({
+		kind: "dangling",
+		path: "default_provider",
+		detail: `Default provider "${config.defaultProvider}" does not exist in [providers].`
+	});
+	const modelKeys = Object.keys(config.models ?? {});
+	if (config.defaultModel !== void 0 && !modelKeys.includes(config.defaultModel)) findings.push({
+		kind: "dangling",
+		path: "default_model",
+		detail: `Default model "${config.defaultModel}" does not exist in [models].`
+	});
+	return findings;
+}
+/**
+* Apply automatic fixes to a `ByfConfig` by deleting every path registered in
+* `DEPRECATED_FIELD_RULES` from `config.raw`.
+*
+* The `_findings` parameter is intentionally **not consulted** — deletion is
+* driven exclusively by the whitelist in `DEPRECATED_FIELD_RULES`. This ensures
+* that a call to `applyFixes` always produces a clean config regardless of
+* what analysis step previously ran.
+*
+* This is a **pure** function — it returns a new config object without
+* mutating the input.
+*/
+function applyFixes(config, findings) {
+	const newRaw = rawShallowClone(config.raw);
+	for (const rule of DEPRECATED_FIELD_RULES) deletePath(newRaw, rule.pathParts);
+	let newConfig = {
+		...config,
+		raw: newRaw
+	};
+	if (findings.find((f) => f.kind === "migrated" && f.path === "default_thinking")) {
+		const rawValue = config.raw?.["default_thinking"];
+		const isTruthy = rawValue === true || rawValue === "true" || rawValue === 1;
+		newConfig = {
+			...newConfig,
+			thinking: isTruthy ? {
+				mode: "on",
+				effort: "high"
+			} : { mode: "off" }
+		};
+	}
+	return newConfig;
+}
+/** Convert snake_case to camelCase (static helper for unknown detection). */
+function snakeToCamelStatic(str) {
+	return str.replaceAll(/_([a-z])/g, (_, ch) => ch.toUpperCase());
+}
+/** Convert camelCase to snake_case (static helper for unknown detection). */
+function camelToSnakeStatic(str) {
+	return str.replaceAll(/[A-Z]/g, (ch) => `_${ch.toLowerCase()}`);
+}
+/** True when `value` is a non-null, non-array object. */
+function isRecord(value) {
+	return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+/**
+* Walk `root` along `pathParts` checking that **every** segment exists.
+*
+* Returns `true` iff all parts exist as own keys (or inherited keys — TOML
+* parse results are plain objects so the distinction doesn't matter here).
+*/
+function pathExistsInRaw(root, pathParts) {
+	let current = root;
+	for (const part of pathParts) {
+		if (!isRecord(current) || !(part in current)) return false;
+		current = current[part];
+	}
+	return true;
+}
+/**
+* Delete a leaf (or entire sub-tree) from `root` following `pathParts`.
+*
+* If the parent after deletion becomes empty it is cleaned up as well
+* (recursive upward), so that a service table cleared of all deprecated
+* keys does not leave behind an empty `{}`.
+*/
+function deletePath(root, pathParts) {
+	if (pathParts.length === 0) return;
+	const parentParts = pathParts.slice(0, -1);
+	const leafKey = pathParts.at(-1);
+	let current;
+	if (parentParts.length === 0) current = root;
+	else current = traverseTo(root, parentParts);
+	if (current === void 0) return;
+	const keyExisted = leafKey in current;
+	delete current[leafKey];
+	if (keyExisted && parentParts.length > 0 && Object.keys(current).length === 0) deletePath(root, parentParts);
+}
+/**
+* Walk `root` along `pathParts` returning the penultimate record, or
+* `undefined` if any segment is missing.
+*/
+function traverseTo(root, pathParts) {
+	let current = root;
+	for (const part of pathParts) {
+		if (!isRecord(current) || !(part in current)) return void 0;
+		current = current[part];
+	}
+	return isRecord(current) ? current : void 0;
+}
+/**
+* Shallow-clone `raw`: each nested record is also shallow-cloned so that
+* mutations in `applyFixes` do not affect the original object.
+*/
+function rawShallowClone(raw) {
+	if (!isRecord(raw)) return {};
+	const clone = {};
+	for (const [key, value] of Object.entries(raw)) clone[key] = isRecord(value) ? { ...value } : value;
+	return clone;
+}
+/**
+* Build a set of all valid keys (camelCase + snake_case) from a zod
+* object schema's `.shape`.
+*/
+function getShapeKeySet(schema) {
+	const keys = /* @__PURE__ */ new Set();
+	for (const key of Object.keys(schema.shape)) {
+		keys.add(key);
+		keys.add(camelToSnakeStatic(key));
+	}
+	return keys;
+}
+/**
+* Scan known container keys in `raw` for sub-keys that don't match the
+* corresponding schema shape.  Unknown paths that overlap with
+* `skipPaths` (e.g. already reported deprecated fields) are skipped.
+*
+* Detects e.g. `models.gpt4.max_context_tokns` (typo) or
+* `providers.anthropic.api_kei` (typo).
+*/
+function scanNestedUnknowns(raw, skipPaths) {
+	const findings = [];
+	const containers = [
+		{
+			rawKey: "models",
+			isRecord: true,
+			schema: ModelAliasSchema
+		},
+		{
+			rawKey: "providers",
+			isRecord: true,
+			schema: ProviderConfigSchema
+		},
+		{
+			rawKey: "services",
+			isRecord: false,
+			schema: ServicesConfigSchema
+		},
+		{
+			rawKey: "background",
+			isRecord: false,
+			schema: BackgroundConfigSchema
+		},
+		{
+			rawKey: "loop_control",
+			isRecord: false,
+			schema: LoopControlSchema
+		},
+		{
+			rawKey: "thinking",
+			isRecord: false,
+			schema: ThinkingConfigSchema
+		},
+		{
+			rawKey: "permission",
+			isRecord: false,
+			schema: PermissionConfigSchema,
+			legacyKeys: [
+				"deny",
+				"allow",
+				"ask"
+			]
+		}
+	];
+	const schemaKeySets = /* @__PURE__ */ new Map();
+	containers.forEach((entry, index) => {
+		const base = getShapeKeySet(entry.schema);
+		if (entry.legacyKeys) for (const k of entry.legacyKeys) base.add(k);
+		schemaKeySets.set(index, base);
+	});
+	for (const [entryIndex, entry] of containers.entries()) {
+		if (!(entry.rawKey in raw)) continue;
+		const rawValue = raw[entry.rawKey];
+		if (!isRecord(rawValue)) continue;
+		if (entry.isRecord) for (const [itemKey, itemValue] of Object.entries(rawValue)) {
+			if (!isRecord(itemValue)) continue;
+			const validKeys = schemaKeySets.get(entryIndex);
+			for (const subKey of Object.keys(itemValue)) if (!validKeys.has(subKey)) {
+				const path = `${entry.rawKey}.${itemKey}.${subKey}`;
+				if (!skipPaths.has(path)) findings.push({
+					kind: "unknown",
+					path,
+					detail: `Field "${subKey}" is not recognized in ${entry.rawKey}.${itemKey}. This may be a typo or a field from a previous version.`
+				});
+			}
+		}
+		else {
+			const validKeys = schemaKeySets.get(entryIndex);
+			for (const subKey of Object.keys(rawValue)) if (!validKeys.has(subKey)) {
+				const path = `${entry.rawKey}.${subKey}`;
+				if (!skipPaths.has(path)) findings.push({
+					kind: "unknown",
+					path,
+					detail: `Field "${subKey}" is not recognized in [${entry.rawKey}]. This may be a typo or a field from a previous version.`
+				});
+			}
+		}
+	}
+	return findings;
+}
+//#endregion
+//#region src/version.ts
+function getCoreVersion() {
+	try {
+		const raw = readFileSync(fileURLToPath(new URL("../package.json", import.meta.url)), "utf-8");
+		const pkg = JSON.parse(raw);
+		return typeof pkg.version === "string" ? pkg.version : "0.0.0";
+	} catch {
+		return "0.0.0";
+	}
+}
+//#endregion
+//#region src/mcp/client-shared.ts
+const BYF_MCP_CLIENT_VERSION = getCoreVersion();
+/**
+* Build the `RequestOptions` object accepted by the MCP SDK's `callTool`,
+* including either the configured tool-call timeout, an in-flight abort
+* signal, both, or neither. Returns `undefined` when nothing needs to be
+* passed so the SDK falls back to its defaults.
+*/
+function buildRequestOptions(toolCallTimeoutMs, signal) {
+	if (toolCallTimeoutMs === void 0 && signal === void 0) return void 0;
+	return {
+		timeout: toolCallTimeoutMs,
+		signal
+	};
+}
+function toMcpToolDefinition(tool) {
+	return {
+		name: tool.name,
+		description: tool.description ?? "",
+		inputSchema: tool.inputSchema
+	};
+}
+/**
+* Normalise the SDK's `callTool` return into kosong's {@link MCPToolResult}.
+* The SDK can return either the modern `{ content, isError }` shape or a
+* legacy `{ toolResult }` shape; we collapse the legacy shape to a single
+* text content block.
+*/
+function toMcpToolResult(result) {
+	if (typeof result === "object" && result !== null && "content" in result) {
+		const typed = result;
+		if (Array.isArray(typed.content)) return {
+			content: typed.content,
+			isError: typed.isError === true
+		};
+	}
+	if (typeof result === "object" && result !== null && "toolResult" in result) {
+		const legacy = result.toolResult;
+		return {
+			content: [{
+				type: "text",
+				text: typeof legacy === "string" ? legacy : JSON.stringify(legacy)
+			}],
+			isError: false
+		};
+	}
+	return {
+		content: [],
+		isError: false
+	};
+}
+//#endregion
+//#region src/mcp/client-http.ts
+/**
+* Wraps the SDK streamable-HTTP transport as a kosong {@link MCPClient}.
+* Static bearer tokens are looked up from `process.env[bearerTokenEnvVar]`.
+* OAuth providers are attached separately by the connection manager.
+*/
+var HttpMcpClient = class {
+	client;
+	transport;
+	toolCallTimeoutMs;
+	started = false;
+	closed = false;
+	ready = false;
+	hooksInstalled = false;
+	unexpectedCloseListener;
+	lastTransportError;
+	pendingUnexpectedClose;
+	unexpectedCloseFired = false;
+	constructor(config, options = {}) {
+		const headers = buildMcpHttpHeaders(config, options.envLookup ?? ((name) => process.env[name]));
+		this.transport = new StreamableHTTPClientTransport(new URL(config.url), {
 			requestInit: headers !== void 0 ? { headers } : void 0,
 			fetch: options.fetch,
 			authProvider: options.oauthProvider
@@ -17608,11 +18232,15 @@ function createProxiedFetch(deps) {
 		const proxyUrl = getProxyForUrl(url, envLookup, sysProxy);
 		const noProxyMatch = noProxy !== void 0 && isNoProxyHost(hostname, noProxy);
 		const controller = new AbortController();
-		const timeoutId = setTimeout(() => controller.abort(), REQUEST_TIMEOUT_MS);
+		const timeoutId = setTimeout(() => {
+			controller.abort();
+		}, REQUEST_TIMEOUT_MS);
 		if (init?.signal) if (init.signal.aborted) {
 			clearTimeout(timeoutId);
 			controller.abort();
-		} else init.signal.addEventListener("abort", () => controller.abort(), { once: true });
+		} else init.signal.addEventListener("abort", () => {
+			controller.abort();
+		}, { once: true });
 		const mergedInit = {
 			...init,
 			signal: controller.signal
@@ -17624,7 +18252,7 @@ function createProxiedFetch(deps) {
 			return response;
 		} catch (error) {
 			clearTimeout(timeoutId);
-			if (isRetryableError(error) && proxyUrl && !noProxyMatch) return await retryViaProxy(input, init, proxyUrl, innerFetch);
+			if (isRetryableError(error) && proxyUrl && !noProxyMatch) return retryViaProxy(input, init, proxyUrl, innerFetch);
 			throw error;
 		}
 	};
@@ -17632,11 +18260,15 @@ function createProxiedFetch(deps) {
 }
 async function retryViaProxy(input, init, proxyUrl, innerFetch) {
 	const controller = new AbortController();
-	const timeoutId = setTimeout(() => controller.abort(), REQUEST_TIMEOUT_MS);
+	const timeoutId = setTimeout(() => {
+		controller.abort();
+	}, REQUEST_TIMEOUT_MS);
 	if (init?.signal) if (init.signal.aborted) {
 		clearTimeout(timeoutId);
 		controller.abort();
-	} else init.signal.addEventListener("abort", () => controller.abort(), { once: true });
+	} else init.signal.addEventListener("abort", () => {
+		controller.abort();
+	}, { once: true });
 	const dispatcher = new ProxyAgent(proxyUrl);
 	const retryInit = {
 		...init,
@@ -17786,82 +18418,188 @@ var RemoteFetchURLProvider = class {
 	}
 };
 //#endregion
-//#region src/tools/providers/remote-web-search.ts
-var RemoteWebSearchProvider = class {
-	tokenProvider;
-	apiKey;
+//#region src/tools/providers/router.ts
+var AllProvidersFailedError = class extends Error {
+	lastError;
+	constructor(lastError) {
+		super(`All search providers failed. Last error: ${lastError ?? "unknown"}`);
+		this.lastError = lastError;
+		this.name = "AllProvidersFailedError";
+	}
+};
+var PriorityRouter = class {
+	providers;
+	constructor(providers) {
+		this.providers = providers;
+	}
+	async search(query, options) {
+		let lastError;
+		for (const provider of this.providers) try {
+			return await provider.search(query, options);
+		} catch (error) {
+			lastError = error instanceof Error ? error.message : String(error);
+		}
+		throw new AllProvidersFailedError(lastError);
+	}
+};
+//#endregion
+//#region src/tools/providers/exa.ts
+var ExaWebSearchProvider = class {
+	apiKeys;
 	baseUrl;
-	defaultHeaders;
-	customHeaders;
 	fetchImpl;
 	constructor(options) {
-		this.tokenProvider = options.tokenProvider;
-		this.apiKey = options.apiKey;
-		this.baseUrl = options.baseUrl;
-		this.defaultHeaders = options.defaultHeaders ?? {};
-		this.customHeaders = options.customHeaders ?? {};
+		this.apiKeys = options.apiKeys;
+		this.baseUrl = options.baseUrl ?? "https://api.exa.ai/search";
 		this.fetchImpl = options.fetchImpl ?? globalThis.fetch.bind(globalThis);
 	}
 	async search(query, options) {
-		const body = {
-			text_query: query,
-			limit: options?.limit ?? 5,
-			enable_page_crawling: options?.includeContent ?? false,
-			timeout_seconds: 30
+		const limit = options?.limit ?? 5;
+		const includeContent = options?.includeContent ?? false;
+		const contents = {};
+		if (includeContent) contents.text = { maxCharacters: 1e4 };
+		else contents.highlights = {
+			query,
+			maxCharacters: 300
 		};
-		const bodyJson = JSON.stringify(body);
-		const response = await this.post(bodyJson);
-		if (response.status === 401) {
-			const detail = await safeReadText(response);
-			throw new Error(`Remote search request failed: HTTP 401 (auth/unauthorized). ${detail}`.trim());
-		}
-		if (response.status !== 200) {
-			const detail = await safeReadText(response);
-			throw new Error(`Remote search request failed: HTTP ${String(response.status)}. ${detail}`.trim());
-		}
-		const json = await response.json();
-		return (Array.isArray(json.search_results) ? json.search_results : []).map((r) => {
-			const out = {
-				title: r.title ?? "",
-				url: r.url ?? "",
-				snippet: r.snippet ?? ""
-			};
-			if (typeof r.date === "string" && r.date.length > 0) out.date = r.date;
-			if (typeof r.content === "string" && r.content.length > 0) out.content = r.content;
-			return out;
+		const body = JSON.stringify({
+			query,
+			numResults: limit,
+			contents
 		});
+		let lastError;
+		for (const apiKey of this.apiKeys) try {
+			const response = await this.fetchImpl(this.baseUrl, {
+				method: "POST",
+				headers: {
+					Authorization: `Bearer ${apiKey}`,
+					"Content-Type": "application/json"
+				},
+				body
+			});
+			if (!response.ok) {
+				const detail = (await response.text().catch(() => "")).slice(0, 200);
+				throw new Error(`Exa search failed: HTTP ${response.status}${detail ? `: ${detail}` : ""}`);
+			}
+			const json = await response.json();
+			return (Array.isArray(json.results) ? json.results : []).map((r) => {
+				const out = {
+					title: r.title ?? "",
+					url: r.url ?? "",
+					snippet: ""
+				};
+				if (includeContent && typeof r.text === "string") {
+					out.snippet = r.text.slice(0, 300);
+					if (r.text.length > 0) out.content = r.text;
+				} else if (Array.isArray(r.highlights) && r.highlights.length > 0) out.snippet = r.highlights[0].slice(0, 300);
+				if (typeof r.publishedDate === "string" && r.publishedDate.length > 0) out.date = r.publishedDate;
+				return out;
+			});
+		} catch (error) {
+			lastError = error instanceof Error ? error : new Error(String(error));
+		}
+		throw lastError ?? /* @__PURE__ */ new Error("Exa search failed: no API keys configured");
 	}
-	async post(bodyJson) {
-		const accessToken = await this.resolveApiKey();
-		return this.fetchImpl(this.baseUrl, {
-			method: "POST",
-			headers: {
-				...this.defaultHeaders,
-				Authorization: `Bearer ${accessToken}`,
-				"Content-Type": "application/json",
-				...this.customHeaders
-			},
-			body: bodyJson
-		});
+};
+registerProvider("exa", ExaWebSearchProvider);
+//#endregion
+//#region src/tools/providers/brave.ts
+var BraveWebSearchProvider = class {
+	apiKeys;
+	baseUrl;
+	fetchImpl;
+	constructor(options) {
+		this.apiKeys = options.apiKeys;
+		this.baseUrl = options.baseUrl ?? "https://api.search.brave.com/res/v1/web/search";
+		this.fetchImpl = options.fetchImpl ?? globalThis.fetch.bind(globalThis);
 	}
-	async resolveApiKey() {
-		if (this.tokenProvider !== void 0) try {
-			return await this.tokenProvider.getAccessToken();
+	async search(query, options) {
+		const limit = options?.limit ?? 5;
+		const url = new URL(this.baseUrl);
+		url.searchParams.set("q", query);
+		url.searchParams.set("count", String(limit));
+		let lastError;
+		for (const apiKey of this.apiKeys) try {
+			const response = await this.fetchImpl(url.toString(), {
+				method: "GET",
+				headers: {
+					"Accept": "application/json",
+					"Accept-Encoding": "gzip",
+					"X-Subscription-Token": apiKey
+				}
+			});
+			if (!response.ok) {
+				const detail = (await response.text().catch(() => "")).slice(0, 200);
+				throw new Error(`Brave search failed: HTTP ${response.status}${detail ? `: ${detail}` : ""}`);
+			}
+			const json = await response.json();
+			return (Array.isArray(json.web?.results) ? json.web.results : []).map((r) => {
+				const out = {
+					title: r.title ?? "",
+					url: r.url ?? "",
+					snippet: r.description ?? ""
+				};
+				if (typeof r.age === "string" && r.age.length > 0) out.date = r.age;
+				return out;
+			});
 		} catch (error) {
-			if (this.apiKey !== void 0 && this.apiKey.length > 0) return this.apiKey;
-			throw error;
+			lastError = error instanceof Error ? error : new Error(String(error));
 		}
-		if (this.apiKey !== void 0 && this.apiKey.length > 0) return this.apiKey;
-		throw new Error("Remote search service is not configured: missing API key or token provider.");
+		throw lastError ?? /* @__PURE__ */ new Error("Brave search failed: no API keys configured");
 	}
 };
-async function safeReadText(response) {
-	try {
-		return await response.text();
-	} catch {
-		return "";
+registerProvider("brave", BraveWebSearchProvider);
+//#endregion
+//#region src/tools/providers/firecrawl.ts
+var FirecrawlWebSearchProvider = class {
+	apiKeys;
+	baseUrl;
+	fetchImpl;
+	constructor(options) {
+		this.apiKeys = options.apiKeys;
+		this.baseUrl = options.baseUrl ?? "https://api.firecrawl.dev/v2/search";
+		this.fetchImpl = options.fetchImpl ?? globalThis.fetch.bind(globalThis);
 	}
-}
+	async search(query, options) {
+		const limit = options?.limit ?? 5;
+		const includeContent = options?.includeContent ?? false;
+		const requestBody = {
+			query,
+			limit
+		};
+		if (includeContent) requestBody.scrapeOptions = { formats: ["markdown"] };
+		const body = JSON.stringify(requestBody);
+		let lastError;
+		for (const apiKey of this.apiKeys) try {
+			const response = await this.fetchImpl(this.baseUrl, {
+				method: "POST",
+				headers: {
+					"Authorization": `Bearer ${apiKey}`,
+					"Content-Type": "application/json"
+				},
+				body
+			});
+			if (!response.ok) {
+				const detail = (await response.text().catch(() => "")).slice(0, 200);
+				throw new Error(`Firecrawl search failed: HTTP ${response.status}${detail ? `: ${detail}` : ""}`);
+			}
+			const json = await response.json();
+			return (Array.isArray(json.data?.web) ? json.data.web : []).map((r) => {
+				const out = {
+					title: r.title ?? "",
+					url: r.url ?? "",
+					snippet: r.description ?? ""
+				};
+				if (includeContent && typeof r.markdown === "string" && r.markdown.length > 0) out.content = r.markdown;
+				return out;
+			});
+		} catch (error) {
+			lastError = error instanceof Error ? error : new Error(String(error));
+		}
+		throw lastError ?? /* @__PURE__ */ new Error("Firecrawl search failed: no API keys configured");
+	}
+};
+registerProvider("firecrawl", FirecrawlWebSearchProvider);
 //#endregion
 //#region src/utils/environment.ts
 /**
@@ -18123,15 +18861,6 @@ var SessionAPIImpl = class {
 	getModel({ agentId, ...payload }) {
 		return this.getAgent(agentId).getModel(payload);
 	}
-	enterPlan({ agentId, ...payload }) {
-		return this.getAgent(agentId).enterPlan(payload);
-	}
-	cancelPlan({ agentId, ...payload }) {
-		return this.getAgent(agentId).cancelPlan(payload);
-	}
-	clearPlan({ agentId, ...payload }) {
-		return this.getAgent(agentId).clearPlan(payload);
-	}
 	beginCompaction({ agentId, ...payload }) {
 		return this.getAgent(agentId).beginCompaction(payload);
 	}
@@ -18172,9 +18901,6 @@ var SessionAPIImpl = class {
 	getPermission({ agentId, ...payload }) {
 		return this.getAgent(agentId).getPermission(payload);
 	}
-	getPlan({ agentId, ...payload }) {
-		return this.getAgent(agentId).getPlan(payload);
-	}
 	getUsage({ agentId, ...payload }) {
 		return this.getAgent(agentId).getUsage(payload);
 	}
@@ -19322,207 +20048,6 @@ async function readOptionalFile(path) {
 	}
 }
 //#endregion
-//#region src/providers/runtime-provider.ts
-function resolveRuntimeProvider(input) {
-	const modelName = input.model ?? input.config.defaultModel;
-	if (modelName === void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, "No model is selected. Set default_model in config.toml or pass a configured model alias.");
-	const alias = input.config.models?.[modelName];
-	if (alias === void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Model "${modelName}" is not configured in config.toml. Add a [models."${modelName}"] entry with max_context_size.`);
-	const resolvedModel = alias.model;
-	const providerName = alias.provider ?? input.config.defaultProvider;
-	const providerConfig = providerName === void 0 ? void 0 : input.config.providers[providerName];
-	if (providerName === void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Model "${modelName}" must define a provider in config.toml.`);
-	if (providerConfig === void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Provider "${providerName}" for model "${modelName}" is not configured.`);
-	if (!Number.isInteger(alias.maxContextSize) || alias.maxContextSize <= 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Model "${modelName}" must define a positive max_context_size in config.toml.`);
-	if (input.validateCredentials !== false && providerConfig.type !== "vertexai" && providerConfig.oauth === void 0 && providerApiKey(providerConfig) === void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Provider "${providerName}" has no credentials configured. Set apiKey, oauth, or a provider env API key in config.toml.`);
-	const provider = toKosongProviderConfig(providerConfig, resolvedModel, input.byfRequestHeaders, alias.maxOutputSize, alias.reasoningKey, input.promptCacheKey);
-	return {
-		modelName,
-		providerName,
-		modelCapabilities: resolveModelCapabilities(alias, provider),
-		provider
-	};
-}
-async function resolveRuntimeProviderWithOAuth(input) {
-	const resolved = resolveRuntimeProvider(input);
-	const resolveAuth = createRuntimeProviderAuthResolver(input, resolved);
-	if (resolveAuth === void 0) return resolved;
-	await resolveAuth();
-	return {
-		...resolved,
-		resolveAuth
-	};
-}
-function createRuntimeProviderAuthResolver(input, resolved = resolveRuntimeProvider(input)) {
-	const providerName = resolved.providerName;
-	if (providerName === void 0) return void 0;
-	const providerConfig = input.config.providers[providerName];
-	if (providerConfig?.oauth === void 0) return void 0;
-	if (providerApiKey(providerConfig) !== void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Provider "${providerName}" has both apiKey and oauth set in config.toml — they are mutually exclusive. Remove one.`);
-	const tokenProvider = input.resolveOAuthTokenProvider?.(providerName, providerConfig.oauth);
-	if (tokenProvider === void 0) return async () => {
-		throw new ByfError(ErrorCodes.AUTH_LOGIN_REQUIRED, `OAuth provider "${providerName}" requires login before it can be used.`);
-	};
-	return async (options) => {
-		let apiKey;
-		try {
-			apiKey = await tokenProvider.getAccessToken(options?.forceRefresh === true ? { force: true } : void 0);
-		} catch (error) {
-			if (!isAuthLoginRequired(error)) (input.log ?? log).warn("oauth token fetch failed", {
-				providerName,
-				error
-			});
-			throw new ByfError(ErrorCodes.AUTH_LOGIN_REQUIRED, `OAuth provider "${providerName}" requires login before it can be used.`, { cause: error });
-		}
-		if (apiKey.trim().length === 0) throw new ByfError(ErrorCodes.AUTH_LOGIN_REQUIRED, `OAuth provider "${providerName}" requires login before it can be used.`);
-		return { apiKey };
-	};
-}
-function isAuthLoginRequired(error) {
-	return isByfError(error) && error.code === ErrorCodes.AUTH_LOGIN_REQUIRED;
-}
-function resolveModelCapabilities(alias, provider) {
-	const capabilities = new Set((alias.capabilities ?? []).map((capability) => capability.trim().toLowerCase()));
-	const has = (capability) => capabilities.has(capability);
-	const providerCapability = createProvider(providerForCapabilityProbe(provider)).getCapability?.(provider.model) ?? UNKNOWN_CAPABILITY;
-	return {
-		image_in: has("image_in") || providerCapability.image_in,
-		video_in: has("video_in") || providerCapability.video_in,
-		audio_in: has("audio_in") || providerCapability.audio_in,
-		thinking: has("thinking") || has("always_thinking") || providerCapability.thinking,
-		tool_use: has("tool_use") || providerCapability.tool_use,
-		thinking_effort: has("thinking_effort") || providerCapability.thinking_effort,
-		thinking_xhigh: has("thinking_xhigh") || providerCapability.thinking_xhigh,
-		thinking_max: has("thinking_max") || providerCapability.thinking_max,
-		max_context_tokens: alias.maxContextSize
-	};
-}
-function toKosongProviderConfig(provider, model, byfRequestHeaders, maxOutputSize, reasoningKey, promptCacheKey) {
-	switch (provider.type) {
-		case "anthropic": return {
-			type: "anthropic",
-			model,
-			baseUrl: providerValue(provider.baseUrl, provider.env, "ANTHROPIC_BASE_URL"),
-			apiKey: providerApiKey(provider),
-			...maxOutputSize !== void 0 ? { defaultMaxTokens: maxOutputSize } : {},
-			...defaultHeadersField(provider.customHeaders)
-		};
-		case "openai-completions": {
-			const defaultHeaders = {
-				...byfRequestHeaders,
-				...provider.customHeaders
-			};
-			const generationKwargs = {
-				prompt_cache_key: promptCacheKey,
-				extra_body: provider.extraBody
-			};
-			if (Object.keys(defaultHeaders).length === 0) return {
-				type: "openai-completions",
-				model,
-				baseUrl: providerValue(provider.baseUrl, provider.env, "BYF_BASE_URL"),
-				reasoningKey,
-				thinkingEffortKey: provider.thinkingEffortKey,
-				generationKwargs,
-				apiKey: providerApiKey(provider)
-			};
-			return {
-				type: "openai-completions",
-				model,
-				baseUrl: providerValue(provider.baseUrl, provider.env, "BYF_BASE_URL"),
-				reasoningKey,
-				thinkingEffortKey: provider.thinkingEffortKey,
-				generationKwargs,
-				defaultHeaders,
-				apiKey: providerApiKey(provider)
-			};
-		}
-		case "google-genai": return {
-			type: "google-genai",
-			model,
-			apiKey: providerApiKey(provider)
-		};
-		case "openai_responses": return {
-			type: "openai_responses",
-			model,
-			baseUrl: providerValue(provider.baseUrl, provider.env, "OPENAI_BASE_URL"),
-			apiKey: providerApiKey(provider),
-			...defaultHeadersField(provider.customHeaders)
-		};
-		case "vertexai": return {
-			type: "vertexai",
-			model,
-			vertexai: hasVertexAIServiceEnv(provider),
-			apiKey: hasVertexAIServiceEnv(provider) ? void 0 : providerApiKey(provider),
-			project: vertexAIProject(provider),
-			location: vertexAILocation(provider)
-		};
-		default: {
-			const exhaustive = provider.type;
-			throw new ByfError(ErrorCodes.MODEL_CONFIG_INVALID, `Unsupported provider type: ${String(exhaustive)}`);
-		}
-	}
-}
-function defaultHeadersField(headers) {
-	if (headers === void 0 || Object.keys(headers).length === 0) return {};
-	return { defaultHeaders: { ...headers } };
-}
-function providerForCapabilityProbe(provider) {
-	if (provider.type === "vertexai") return {
-		...provider,
-		vertexai: false,
-		project: void 0,
-		location: void 0,
-		apiKey: provider.apiKey === void 0 || provider.apiKey.length === 0 ? "capability-probe" : provider.apiKey
-	};
-	if (provider.apiKey !== void 0 && provider.apiKey.length > 0) return provider;
-	return {
-		...provider,
-		apiKey: "capability-probe"
-	};
-}
-function providerApiKey(provider) {
-	switch (provider.type) {
-		case "anthropic": return providerValue(provider.apiKey, provider.env, "ANTHROPIC_API_KEY");
-		case "openai_responses": return providerValue(provider.apiKey, provider.env, "OPENAI_API_KEY");
-		case "openai-completions": return providerValue(provider.apiKey, provider.env, "BYF_API_KEY");
-		case "google-genai": return providerValue(provider.apiKey, provider.env, "GOOGLE_API_KEY");
-		case "vertexai": return nonEmptyString$1(provider.apiKey) ?? envValue(provider.env, "VERTEXAI_API_KEY") ?? envValue(provider.env, "GOOGLE_API_KEY");
-		default: {
-			const exhaustive = provider.type;
-			throw new ByfError(ErrorCodes.MODEL_CONFIG_INVALID, `Unsupported provider type: ${String(exhaustive)}`);
-		}
-	}
-}
-function hasVertexAIServiceEnv(provider) {
-	return vertexAIProject(provider) !== void 0 && vertexAILocation(provider) !== void 0;
-}
-function vertexAIProject(provider) {
-	return envValue(provider.env, "GOOGLE_CLOUD_PROJECT");
-}
-function vertexAILocation(provider) {
-	return envValue(provider.env, "GOOGLE_CLOUD_LOCATION") ?? locationFromVertexAIBaseUrl(provider.baseUrl);
-}
-function providerValue(configured, env, envKey) {
-	return nonEmptyString$1(configured) ?? envValue(env, envKey);
-}
-function envValue(env, key) {
-	return nonEmptyString$1(env?.[key]);
-}
-function nonEmptyString$1(value) {
-	const trimmed = value?.trim();
-	return trimmed === void 0 || trimmed.length === 0 ? void 0 : trimmed;
-}
-function locationFromVertexAIBaseUrl(baseUrl) {
-	const url = nonEmptyString$1(baseUrl);
-	if (url === void 0) return void 0;
-	try {
-		const host = new URL(url).hostname;
-		return host.endsWith("-aiplatform.googleapis.com") ? nonEmptyString$1(host.slice(0, -26)) : void 0;
-	} catch {
-		return;
-	}
-}
-//#endregion
 //#region src/providers/provider-manager.ts
 var ProviderManager = class ProviderManager {
 	options;
@@ -19854,15 +20379,6 @@ var ByfCore = class {
 	getModel({ sessionId, ...payload }) {
 		return this.sessionApi(sessionId).getModel(payload);
 	}
-	enterPlan({ sessionId, ...payload }) {
-		return this.sessionApi(sessionId).enterPlan(payload);
-	}
-	cancelPlan({ sessionId, ...payload }) {
-		return this.sessionApi(sessionId).cancelPlan(payload);
-	}
-	clearPlan({ sessionId, ...payload }) {
-		return this.sessionApi(sessionId).clearPlan(payload);
-	}
 	beginCompaction({ sessionId, ...payload }) {
 		return this.sessionApi(sessionId).beginCompaction(payload);
 	}
@@ -19902,9 +20418,6 @@ var ByfCore = class {
 	getPermission({ sessionId, ...payload }) {
 		return this.sessionApi(sessionId).getPermission(payload);
 	}
-	getPlan({ sessionId, ...payload }) {
-		return this.sessionApi(sessionId).getPlan(payload);
-	}
 	getUsage({ sessionId, ...payload }) {
 		return this.sessionApi(sessionId).getUsage(payload);
 	}
@@ -19992,8 +20505,8 @@ async function createRuntimeConfig(input) {
 		systemProxy: () => detectSystemProxy()
 	});
 	const localFetcher = new LocalFetchURLProvider({ fetchImpl: proxiedFetch });
-	const searchService = input.config.services?.byfSearch;
-	const fetchService = input.config.services?.byfFetch;
+	const fetchService = input.config.services?.fetchUrl;
+	const webSearchConfig = input.config.services?.webSearch;
 	return {
 		kaos: localKaos,
 		osEnv: await detectEnvironmentFromNode(),
@@ -20005,12 +20518,11 @@ async function createRuntimeConfig(input) {
 			fetchImpl: proxiedFetch,
 			...serviceCredentials(fetchService, input.resolveOAuthTokenProvider)
 		}),
-		webSearcher: searchService?.baseUrl === void 0 ? void 0 : new RemoteWebSearchProvider({
-			baseUrl: searchService.baseUrl,
-			defaultHeaders: input.byfRequestHeaders,
-			fetchImpl: proxiedFetch,
-			...serviceCredentials(searchService, input.resolveOAuthTokenProvider)
-		})
+		webSearcher: webSearchConfig === void 0 ? void 0 : new PriorityRouter([...webSearchConfig.providers].toSorted((a, b) => a.priority - b.priority).map((p) => createProvider$1(p.type, {
+			apiKeys: p.apiKeys,
+			baseUrl: p.baseUrl,
+			fetchImpl: proxiedFetch
+		})))
 	};
 }
 function serviceCredentials(service, resolveOAuthTokenProvider) {
@@ -20045,7 +20557,6 @@ async function resumeSessionResult(summary, session, warning) {
 			context,
 			replay: agent.replayBuilder.buildResult(),
 			permission,
-			plan: null,
 			usage,
 			tools: await api.getTools({ agentId }),
 			toolStore: agent.tools.storeData(),
@@ -20105,4 +20616,4 @@ function parsePositiveInt(value) {
 	return n;
 }
 //#endregion
-export { AGENT_WIRE_PROTOCOL_VERSION, Agent, BYF_ERROR_INFO, BackgroundConfigSchema, ByfConfigPatchSchema, ByfConfigSchema, ByfCore, ByfError, ByfServiceConfigSchema, ErrorCodes, HookDefSchema, LoopControlSchema, MCP_OAUTH_AUTHORIZATION_URL_TOOL_UPDATE, McpServerConfigSchema, McpServerHttpConfigSchema, McpServerStdioConfigSchema, ModelAliasSchema, OAuthRefSchema, PermissionConfigSchema, PermissionModeSchema, PermissionRuleDecisionSchema, PermissionRuleSchema, PermissionRuleScopeSchema, ProviderConfigSchema, ProviderTypeSchema, ServicesConfigSchema, Session, SessionSubagentHost, ThinkingConfigSchema, USER_PROMPT_ORIGIN, WIRE_PROTOCOL_VERSION, buildExportManifest, buildPromptPlan, collectFilesRecursive, configToTomlData, createRPC, ensureByfHome, ensureConfigFile, exportSessionDirectory, flushDiagnosticLogs, formatConfigValidationError, fromByfErrorPayload, getDefaultConfig, getRootLogger, isByfError, log, makeErrorPayload, mergeConfigPatch, normalizeTimestampMs, parseBooleanEnv, parseConfigString, proxyWithExtraPayload, readConfigFile, redact, resolveByfHome, resolveConfigPath, resolveConfigValue, resolveGlobalLogPath, resolveLoggingConfig, scanSessionWire, toByfErrorPayload, transformTomlData, validateConfig, writeConfigFile, writeExportZip };
+export { AGENT_WIRE_PROTOCOL_VERSION, Agent, BYF_ERROR_INFO, BackgroundConfigSchema, ByfConfigPatchSchema, ByfConfigSchema, ByfCore, ByfError, ByfServiceConfigSchema, DEPRECATED_FIELD_RULES, ErrorCodes, HookDefSchema, LoopControlSchema, MCP_OAUTH_AUTHORIZATION_URL_TOOL_UPDATE, McpServerConfigSchema, McpServerHttpConfigSchema, McpServerStdioConfigSchema, ModelAliasSchema, OAuthRefSchema, PermissionConfigSchema, PermissionModeSchema, PermissionRuleDecisionSchema, PermissionRuleSchema, PermissionRuleScopeSchema, ProviderConfigSchema, ProviderTypeSchema, ServicesConfigSchema, Session, SessionSubagentHost, ThinkingConfigSchema, USER_PROMPT_ORIGIN, WIRE_PROTOCOL_VERSION, WebSearchConfigSchema, WebSearchProviderConfigSchema, analyzeConfig, applyFixes, buildExportManifest, buildPromptPlan, collectFilesRecursive, configToTomlData, createRPC, ensureByfHome, ensureConfigFile, exportSessionDirectory, flushDiagnosticLogs, formatConfigValidationError, fromByfErrorPayload, getDefaultConfig, getRootLogger, isByfError, log, makeErrorPayload, mergeConfigPatch, normalizeTimestampMs, parseBooleanEnv, parseConfigString, proxyWithExtraPayload, readConfigFile, redact, resolveByfHome, resolveConfigPath, resolveConfigValue, resolveGlobalLogPath, resolveLoggingConfig, scanSessionWire, toByfErrorPayload, transformTomlData, validateConfig, writeConfigFile, writeExportZip };