@byfriends/sdk 0.3.0 → 0.3.1

package/dist/index.mjs

@@ -3,23 +3,23 @@ import { dirname as __cjsShimDirname } from 'node:path';
 const __filename = __cjsShimFileURLToPath(import.meta.url);
 const __dirname = __cjsShimDirname(__filename);
 import { createRequire } from "node:module";
+import * as fs$8 from "node:fs";
+import Vt, { appendFileSync, chmodSync, closeSync, constants, createReadStream, createWriteStream, existsSync, fsyncSync, mkdirSync, openSync, promises, readFileSync, renameSync, statSync, unlinkSync, writeSync } from "node:fs";
+import jn, { access, appendFile, chmod, copyFile, cp, lstat, mkdir, mkdtemp, open, readFile, readdir, rename, rm, stat, unlink, writeFile } from "node:fs/promises";
 import { createHash, randomBytes, randomUUID } from "node:crypto";
 import * as path$8 from "node:path";
 import path, { basename, dirname, isAbsolute, join, normalize, posix, relative, resolve, win32 } from "node:path";
-import I, { createWriteStream } from "fs";
+import I, { createWriteStream as createWriteStream$1 } from "fs";
 import Kr, { EventEmitter } from "events";
 import * as path$1$1 from "path";
 import $s, { dirname as dirname$1, parse } from "path";
 import { Buffer as Buffer$1 } from "buffer";
 import * as fs$9 from "fs/promises";
-import { writeFile } from "fs/promises";
+import { writeFile as writeFile$1 } from "fs/promises";
 import Ns, { PassThrough, Readable } from "node:stream";
 import { finished, pipeline as pipeline$1 } from "node:stream/promises";
 import * as ks from "zlib";
 import qr from "zlib";
-import * as fs$8 from "node:fs";
-import Vt, { appendFileSync, chmodSync, closeSync, constants, createReadStream, createWriteStream as createWriteStream$1, existsSync, fsyncSync, mkdirSync, openSync, promises, readFileSync, renameSync, statSync, unlinkSync, writeSync } from "node:fs";
-import jn, { access, appendFile, chmod, cp, lstat, mkdir, mkdtemp, open, readFile, readdir, rename, rm, stat, unlink, writeFile as writeFile$1 } from "node:fs/promises";
 import { z } from "zod";
 import * as posixPath from "node:path/posix";
 import * as win32Path from "node:path/win32";
@@ -10288,7 +10288,7 @@ var require_gaxios = /* @__PURE__ */ __commonJSMin(((exports) => {
 		}
 		static async #getFetch() {
 			const hasWindow = typeof window !== "undefined" && !!window;
-			this.#fetch ||= hasWindow ? window.fetch : (await import("./src-Dedv0Wfs.mjs")).default;
+			this.#fetch ||= hasWindow ? window.fetch : (await import("./src-u7agTn5O.mjs")).default;
 			return this.#fetch;
 		}
 		/**
@@ -36078,11 +36078,11 @@ var NodeDownloader = class {
 		if (params.downloadPath) {
 			const response = await downloadFile(params, apiClient);
 			if (response instanceof HttpResponse) {
-				const writer = createWriteStream(params.downloadPath);
+				const writer = createWriteStream$1(params.downloadPath);
 				Readable.fromWeb(response.responseInternal.body).pipe(writer);
 				await finished(writer);
 			} else try {
-				await writeFile(params.downloadPath, response, { encoding: "base64" });
+				await writeFile$1(params.downloadPath, response, { encoding: "base64" });
 			} catch (error) {
 				throw new Error(`Failed to write file to ${params.downloadPath}: ${error}`);
 			}
@@ -38110,7 +38110,7 @@ function normalizeOpenAICompatToolSchema(schema) {
 }
 function ensureOpenAICompatPropertyTypes(schema) {
 	const normalized = cloneJsonValue(schema);
-	if (!isRecord$5(normalized)) throw new Error("JSON Schema root must normalize to an object.");
+	if (!isRecord$6(normalized)) throw new Error("JSON Schema root must normalize to an object.");
 	recurseSchema(normalized);
 	return normalized;
 }
@@ -38171,7 +38171,7 @@ function resolveLocalJsonPointer(root, ref) {
 	let current = root;
 	for (const rawPart of ref.slice(2).split("/")) {
 		const part = unescapeJsonPointerPart(rawPart);
-		if (isRecord$5(current)) {
+		if (isRecord$6(current)) {
 			if (!hasOwn$1(current, part)) return { found: false };
 			current = current[part];
 		} else if (Array.isArray(current)) {
@@ -38193,20 +38193,20 @@ function parseJsonPointerArrayIndex(part) {
 	return Number(part);
 }
 function recurseSchema(node) {
-	if (!isRecord$5(node)) return;
+	if (!isRecord$6(node)) return;
 	visitChildSchemas(node, normalizeProperty);
 }
 function visitChildSchemas(node, visit) {
 	for (const { key, kind } of CHILD_SCHEMA_SLOTS) {
 		const value = node[key];
 		if (kind === "single") {
-			if (isRecord$5(value)) visit(value);
+			if (isRecord$6(value)) visit(value);
 		} else if (kind === "array") {
 			if (Array.isArray(value)) for (const item of value) visit(item);
 		} else if (kind === "map") {
-			if (isRecord$5(value)) for (const item of Object.values(value)) visit(item);
+			if (isRecord$6(value)) for (const item of Object.values(value)) visit(item);
 		} else if (kind === "schema-or-array") {
-			if (isRecord$5(value)) visit(value);
+			if (isRecord$6(value)) visit(value);
 			else if (Array.isArray(value)) for (const item of value) visit(item);
 		}
 	}
@@ -38218,7 +38218,7 @@ function childSchemaKeysForParentType(parentType) {
 	});
 }
 function normalizeProperty(node) {
-	if (!isRecord$5(node)) return;
+	if (!isRecord$6(node)) return;
 	if (!hasOwn$1(node, "type") && !hasAnyKey(node, TYPE_COMPLETION_SKIP_KEYS)) {
 		const enumValues = node["enum"];
 		if (Array.isArray(enumValues) && enumValues.length > 0) node["type"] = inferTypeFromValues(enumValues);
@@ -38282,14 +38282,14 @@ function hasAnyKey(obj, keys) {
 }
 function cloneJsonValue(value) {
 	if (Array.isArray(value)) return value.map((item) => cloneJsonValue(item));
-	if (isRecord$5(value)) {
+	if (isRecord$6(value)) {
 		const cloned = {};
 		for (const [key, child] of Object.entries(value)) cloned[key] = cloneJsonValue(child);
 		return cloned;
 	}
 	return value;
 }
-function isRecord$5(value) {
+function isRecord$6(value) {
 	return typeof value === "object" && value !== null && !Array.isArray(value);
 }
 function hasOwn$1(obj, key) {
@@ -46352,7 +46352,7 @@ var OpenAIResponsesChatProvider = class OpenAIResponsesChatProvider extends Base
 };
 //#endregion
 //#region ../kosong/src/providers/index.ts
-function createProvider(config) {
+function createProvider$1(config) {
 	switch (config.type) {
 		case "anthropic": return new AnthropicChatProvider(config);
 		case "openai-completions": return new OpenAICompletionsChatProvider(config);
@@ -54783,7 +54783,7 @@ function isAbortError(err) {
 	if (err instanceof Error) return err.name === "AbortError";
 	return false;
 }
-function errorMessage$2(err) {
+function errorMessage$3(err) {
 	if (err instanceof Error) return err.message;
 	return String(err);
 }
@@ -58027,7 +58027,7 @@ function parseSkillText(options) {
 		throw error;
 	}
 	const frontmatter = parsed.data ?? {};
-	if (!isRecord$4(frontmatter)) throw new SkillParseError(`Frontmatter in ${options.skillMdPath} must be a mapping at the top level`);
+	if (!isRecord$5(frontmatter)) throw new SkillParseError(`Frontmatter in ${options.skillMdPath} must be a mapping at the top level`);
 	const metadata = normalizeMetadata(frontmatter);
 	if (!isSupportedSkillType(metadata.type)) throw new UnsupportedSkillTypeError(metadata.type ?? String(frontmatter["type"]));
 	const name = nonEmptyString$3(metadata.name);
@@ -58140,7 +58140,7 @@ function tokenizeArgs(raw) {
 function nonEmptyString$3(value) {
 	return typeof value === "string" && value.trim() !== "" ? value.trim() : void 0;
 }
-function isRecord$4(value) {
+function isRecord$5(value) {
 	return typeof value === "object" && value !== null && !Array.isArray(value);
 }
 //#endregion
@@ -58961,12 +58961,12 @@ function joinPath(parent, child, pathClass) {
 }
 //#endregion
 //#region ../agent-core/src/tools/builtin/file/glob.md
-var glob_default = "Find files (and optionally directories) by glob pattern, sorted by modification time (most recent first).\n\nGood patterns:\n- `*.ts` — files in the current directory matching an extension\n- `src/**/*.ts` — recursive with a subdirectory anchor and extension\n- `test_*.py` — files whose name starts with a literal prefix\n\nRejected patterns (no literal anchor):\n- `**`, `**/*`, `*/*` — pure wildcards. Add an extension or subdirectory to give the walk a concrete target.\n- Anything starting with `**/` (e.g. `**/*.md`, `**/main/*.py`). Anchor it with a top-level subdirectory like `src/**/*.md`.\n- `*.{ts,tsx}` — brace expansion is not supported. Issue two calls: `*.ts` and `*.tsx`.\n\nLarge-directory warning — avoid recursing into dependency/build output even with an anchor:\n- `node_modules/**/*.js`, `.venv/**/*.py`, `__pycache__/**`, `target/**` match technically but typically produce thousands of results that truncate at the match cap. Prefer specific subpaths like `node_modules/react/src/**/*.js`.\n";
+var glob_default = "Find files (and optionally directories) by glob pattern, sorted by modification time (most recent first).\n\nREJECTED patterns (no literal anchor — will be rejected):\n- **Pure wildcards**: `**`, `**/*`, `*/*` — no literal anchor bounds the result. Add an extension or subdirectory to give the walk a concrete target.\n- **`**/` prefix**: Anything starting with `**/` (e.g. `**/*.py`, `**/main/*.ts`). The leading `**/` has no literal anchor in front of it. Anchor it with a top-level subdirectory like `src/**/*.ts`.\n- **Brace expansion**: `*.{ts,tsx}` is not supported. Split it into separate calls: `*.ts` and `*.tsx`.\n\nGood patterns:\n- `*.ts` — files in the current directory matching an extension\n- `src/**/*.ts` — recursive with a subdirectory anchor and extension\n- `test_*.py` — files whose name starts with a literal prefix\n\nLarge-directory warning — avoid recursing into dependency/build output even with an anchor:\n- `node_modules/**/*.js`, `.venv/**/*.py`, `__pycache__/**`, `target/**` match technically but typically produce thousands of results that truncate at the match cap. Prefer specific subpaths like `node_modules/react/src/**/*.js`.\n\nWhen you need to search the entire project, first use Glob to explore the top-level directory structure, then use an anchored pattern like `src/**/*.ts` or `packages/**/*.ts` to narrow the search.\n";
 //#endregion
 //#region ../agent-core/src/tools/builtin/file/glob.ts
 const GlobInputSchema = z.object({
-	pattern: z.string().describe("Glob pattern to match files/directories."),
-	path: z.string().optional().describe("Absolute path to the directory to search in. Defaults to the current working directory."),
+	pattern: z.string().describe("Glob pattern to match files/directories. IMPORTANT: pattern MUST contain a literal anchor like a file extension (.ts) or a subdirectory name (src/). Patterns starting with **/ (e.g. **/*.py, **/main/*.ts), pure wildcards (**, **/*, */*, *), and brace expansion (*.{ts,tsx}) are REJECTED. Example: src/**/*.ts searches all .ts files under src/."),
+	path: z.string().optional().describe("Absolute path to the directory to search in. Defaults to the current working directory. Explicit absolute paths outside the workspace are allowed (e.g. to search a dependency installed elsewhere); relative paths are resolved against the working directory and rejected if they escape it."),
 	include_dirs: z.boolean().default(true).optional().describe("Whether to include directories in results. Defaults to true. Set false to return only files.")
 });
 const MAX_MATCHES = 1e3;
@@ -59008,7 +59008,7 @@ var GlobTool = class {
 			workspace: this.workspace,
 			operation: "search",
 			policy: {
-				guardMode: "strict",
+				guardMode: "absolute-outside-allowed",
 				checkSensitive: false
 			}
 		});
@@ -59042,7 +59042,7 @@ var GlobTool = class {
 			}
 			return {
 				isError: true,
-				output: `Pattern "${args.pattern}" is a pure wildcard (only \`*\`, \`?\`, \`**\`, \`/\`) and would enumerate every file under the search root — with no literal anchor to bound the result set, this typically exhausts your context on large trees. Add an extension ("${args.pattern === "**" || args.pattern === "**/*" ? "**/*.ts" : "**/*.md"}") or a subdirectory ("src/**/*.ts") to constrain the walk.\n\nAllowed roots for explicit path searches:\n${rootList}\n\nTop of ${this.workspace.workspaceDir}:\n${tree}`
+				output: `Pattern "${args.pattern}" is a pure wildcard (only \`*\`, \`?\`, \`**\`, \`/\`) and would enumerate every file under the search root — with no literal anchor to bound the result set, this typically exhausts your context on large trees. Add an extension ("${args.pattern === "**" || args.pattern === "**/*" ? "**/*.ts" : "**/*.md"}") or a subdirectory ("src/**/*.ts") to constrain the walk.\n\nWorkspace roots:\n${rootList}\n\nTop of ${this.workspace.workspaceDir}:\n${tree}`
 			};
 		}
 		if (containsBraceExpansion(args.pattern)) return {
@@ -59070,6 +59070,8 @@ var GlobTool = class {
 		try {
 			const seen = /* @__PURE__ */ new Set();
 			const entries = [];
+			const pathClass = this.kaos.pathClass();
+			const filteredSensitive = [];
 			const YIELD_SAFETY_CAP = MAX_MATCHES * 2;
 			let yielded = 0;
 			let truncated = false;
@@ -59085,6 +59087,10 @@ var GlobTool = class {
 					break outer;
 				}
 				seen.add(filePath);
+				if (isSensitiveFile(filePath, pathClass)) {
+					filteredSensitive.push(filePath);
+					continue;
+				}
 				let mtime = 0;
 				let isDir = false;
 				try {
@@ -59100,10 +59106,10 @@ var GlobTool = class {
 			}
 			entries.sort((a, b) => b.mtime - a.mtime);
 			const paths = entries.map((e) => e.path);
-			const pathClass = this.kaos.pathClass();
 			const relBase = searchRoots[0] ?? this.workspace.workspaceDir;
 			const displayLines = paths.map((p) => relativizeIfUnder$1(p, relBase, pathClass));
-			if (entries.length === 0 && !truncated) return { output: "No matches found" };
+			const filteredSome = filteredSensitive.length > 0;
+			if (entries.length === 0 && !truncated) return { output: filteredSome ? `No non-sensitive matches found (filtered ${String(filteredSensitive.length)} sensitive file(s))` : "No matches found" };
 			const lines = [];
 			if (truncated) {
 				lines.push(`[Truncated at ${String(MAX_MATCHES)} matches — use a more specific pattern]`);
@@ -59111,6 +59117,10 @@ var GlobTool = class {
 			}
 			lines.push(...displayLines);
 			if (!truncated && entries.length === 1e3) lines.push(`Found ${String(entries.length)} matches`);
+			if (filteredSome) {
+				const displayedFiltered = filteredSensitive.map((p) => relativizeIfUnder$1(p, relBase, pathClass));
+				lines.push(`Filtered ${String(filteredSensitive.length)} sensitive file(s): ${displayedFiltered.join(", ")}`);
+			}
 			return { output: lines.join("\n") };
 		} catch (error) {
 			if (error !== null && typeof error === "object" && "code" in error) {
@@ -63458,7 +63468,7 @@ async function downloadAndInstallRg(shareDir) {
 			clearTimeout(timeoutHandle);
 		}
 		if (!resp.ok || resp.body === null) throw new Error(`Failed to download ripgrep: HTTP ${String(resp.status)} ${resp.statusText}`);
-		const write = createWriteStream$1(archivePath);
+		const write = createWriteStream(archivePath);
 		await pipeline$1(Readable.fromWeb(resp.body), write);
 		await verifyArchiveChecksum(archivePath, archiveName, expectedSha256);
 		if (isWindows) await extractRgFromZip(archivePath, destination);
@@ -63519,7 +63529,7 @@ async function extractRgFromZip(archivePath, destination) {
 						zipfile.close();
 						return;
 					}
-					const out = createWriteStream$1(destination);
+					const out = createWriteStream(destination);
 					(async () => {
 						try {
 							await pipeline$1(stream, out);
@@ -65435,7 +65445,7 @@ function rewriteWindowsNullRedirect$1(command) {
 }
 //#endregion
 //#region ../agent-core/src/tools/builtin/state/todo-list.md
-var todo_list_default = "Use this tool to maintain a structured TODO list as you work through a multi-step task.\n\nUse for multi-step tasks, tracking investigation progress, or planning a sequence of edits. Do not use for single-shot answers or trivial requests.\n\n**Avoid churn:**\n- Do not re-call this tool when nothing meaningful has changed since the last call — update the list only after real progress.\n- When unsure of the current state, call query mode first (omit `todos`) to check the list before deciding what to update.\n- If no available tool can move any task forward, tell the user where you are stuck instead of repeatedly re-ordering the same todos.\n\n**How to use:**\n- Call with `todos: [...]` to replace the full list. Statuses: pending / in_progress / done.\n- Call with no arguments to query the current list.\n- Call with `todos: []` to clear the list.\n- Keep titles short and actionable.\n- Update statuses as you make progress — mark one item in_progress at a time.\n";
+var todo_list_default = "Use this tool to maintain a structured TODO list as you work through a multi-step task.\n\nUse for multi-step tasks, tracking investigation progress, or planning a sequence of edits. Do not use for single-shot answers or trivial requests.\n\n**Update discipline:**\n- Update status immediately when you start or complete a subtask: mark it `in_progress` when you begin working on it, and `done` when finished.\n- Do not skip the `in_progress` state — the user should always see what you are currently working on.\n- Avoid redundant calls: do not re-call this tool when nothing meaningful has changed since the last call.\n- When unsure of the current state, call query mode first (omit `todos`) to check the list before deciding what to update.\n- If no available tool can move any task forward, tell the user where you are stuck instead of repeatedly re-ordering the same todos.\n\n**How to use:**\n- Call with `todos: [...]` to replace the full list. Statuses: pending / in_progress / done.\n- Call with no arguments to query the current list.\n- Call with `todos: []` to clear the list.\n- Keep titles short and actionable.\n- Update statuses as you make progress — mark one item in_progress at a time.\n";
 //#endregion
 //#region ../agent-core/src/tools/builtin/state/todo-list.ts
 /**
@@ -66810,7 +66820,7 @@ var ConfigState = class {
 		return provider;
 	}
 	get provider() {
-		return createProvider(this.providerConfig);
+		return createProvider$1(this.providerConfig);
 	}
 	get model() {
 		if (this._modelAlias === void 0) throw new Error("Model not set");
@@ -67337,7 +67347,7 @@ const OptionalStringSchema = z.preprocess((value) => {
 	if (typeof value === "string") return value;
 	if (typeof value === "number" || typeof value === "boolean" || typeof value === "bigint") return String(value);
 }, z.string().optional());
-const HookSpecificOutputSchema = z.preprocess((value) => isRecord$3(value) ? value : void 0, z.looseObject({
+const HookSpecificOutputSchema = z.preprocess((value) => isRecord$4(value) ? value : void 0, z.looseObject({
 	message: OptionalStringSchema,
 	permissionDecision: z.unknown().optional(),
 	permissionDecisionReason: OptionalStringSchema
@@ -67356,7 +67366,7 @@ async function runHook(command, input, options) {
 			detached: process.platform !== "win32"
 		});
 	} catch (error) {
-		return allowResult({ stderr: errorMessage$1(error) });
+		return allowResult({ stderr: errorMessage$2(error) });
 	}
 	return new Promise((resolve) => {
 		let stdout = "";
@@ -67404,7 +67414,7 @@ async function runHook(command, input, options) {
 		child.on("error", (error) => {
 			settle(allowResult({
 				stdout,
-				stderr: stderr + errorMessage$1(error)
+				stderr: stderr + errorMessage$2(error)
 			}));
 		});
 		child.on("close", (code) => {
@@ -67497,10 +67507,10 @@ function tryKillProcess(child, signal) {
 		} catch {}
 	}
 }
-function isRecord$3(value) {
+function isRecord$4(value) {
 	return typeof value === "object" && value !== null && !Array.isArray(value);
 }
-function errorMessage$1(error) {
+function errorMessage$2(error) {
 	return error instanceof Error ? error.message : String(error);
 }
 //#endregion
@@ -70432,8 +70442,8 @@ function approvalTelemetryMode(mode) {
 //#endregion
 //#region ../agent-core/src/agent/records/migration/v1.1.ts
 function isLegacyToolCall(v) {
-	if (!isRecord$2(v)) return false;
-	return v["type"] === "function" && typeof v["id"] === "string" && isRecord$2(v["function"]);
+	if (!isRecord$3(v)) return false;
+	return v["type"] === "function" && typeof v["id"] === "string" && isRecord$3(v["function"]);
 }
 function migrateToolCall(v) {
 	const { function: fn, ...rest } = v;
@@ -70443,7 +70453,7 @@ function migrateToolCall(v) {
 		arguments: fn.arguments
 	};
 }
-function isRecord$2(value) {
+function isRecord$3(value) {
 	return typeof value === "object" && value !== null && !Array.isArray(value);
 }
 const MIGRATIONS = [{
@@ -70672,8 +70682,7 @@ var AgentRecords = class {
 			tools: "tools",
 			usage: "usage",
 			background: "background",
-			full_compaction: "fullCompaction",
-			plan_mode: "planMode"
+			full_compaction: "fullCompaction"
 		}[recordType.split(".")[0]] ?? null;
 	}
 	async replay() {
@@ -78256,7 +78265,7 @@ function parseToolCallArguments(raw) {
 	} catch (error) {
 		return {
 			success: false,
-			error: errorMessage$2(error)
+			error: errorMessage$3(error)
 		};
 	}
 }
@@ -78308,7 +78317,7 @@ async function prepareToolCall(step, call) {
 			toolCallId: call.toolCall.id,
 			error
 		});
-		const output = error instanceof PathSecurityError ? error.message : `Tool "${call.toolName}" failed to resolve execution: ${errorMessage$2(error)}`;
+		const output = error instanceof PathSecurityError ? error.message : `Tool "${call.toolName}" failed to resolve execution: ${errorMessage$3(error)}`;
 		await dispatchToolCall(step, call, effectiveArgs);
 		return { task: makeResolvedToolCallTask(makeErrorToolResult(call, effectiveArgs, output)) };
 	}
@@ -78368,7 +78377,7 @@ async function runPrepareToolExecutionHook(step, call) {
 		return {
 			kind: "hookFailed",
 			args,
-			output: `prepareToolExecution hook failed for "${call.toolName}": ${errorMessage$2(error)}`
+			output: `prepareToolExecution hook failed for "${call.toolName}": ${errorMessage$3(error)}`
 		};
 	}
 	const effectiveArgs = hookResult?.updatedArgs ?? args;
@@ -78412,7 +78421,7 @@ async function runRunnableToolCall(step, call, effectiveArgs, metadata, executio
 			toolCallId: toolCall.id,
 			error
 		});
-		return makeErrorToolResult(call, effectiveArgs, aborted ? `Tool "${toolName}" was aborted` : `Tool "${toolName}" failed: ${errorMessage$2(error)}`);
+		return makeErrorToolResult(call, effectiveArgs, aborted ? `Tool "${toolName}" was aborted` : `Tool "${toolName}" failed: ${errorMessage$3(error)}`);
 	}
 	return makeToolResult(call, effectiveArgs, toolResult);
 }
@@ -78444,7 +78453,7 @@ async function finalizePendingToolResult(step, pendingResult) {
 			toolCallId: pendingResult.toolCall.id,
 			error
 		});
-		const output = aborted ? `Tool "${pendingResult.toolName}" aborted during finalizeToolResult hook.` : `finalizeToolResult hook failed for "${pendingResult.toolName}": ${errorMessage$2(error)}`;
+		const output = aborted ? `Tool "${pendingResult.toolName}" aborted during finalizeToolResult hook.` : `finalizeToolResult hook failed for "${pendingResult.toolName}": ${errorMessage$3(error)}`;
 		return {
 			...pendingResult,
 			stopTurn: pendingResult.stopTurn,
@@ -78806,7 +78815,7 @@ async function runTurn(input) {
 				usage
 			};
 		}
-		dispatchEvent(makeInterruptedEvent(isMaxStepsExceededError(error) ? "max_steps" : "error", steps, activeStep, errorMessage$2(error)));
+		dispatchEvent(makeInterruptedEvent(isMaxStepsExceededError(error) ? "max_steps" : "error", steps, activeStep, errorMessage$3(error)));
 		throw error;
 	}
 	return {
@@ -82939,8 +82948,8 @@ var ToolManager = class {
 		return (input) => withProviderRequestAuth(resolveAuth, (auth) => uploadVideo(input, { auth }));
 	}
 	get loopTools() {
-		const builtinNames = [...this.builtinTools.keys()].filter((name) => this.enabledTools.has(name)).sort();
-		const userNames = [...this.userTools.keys()].filter((name) => this.enabledTools.has(name)).sort();
+		const builtinNames = [...this.builtinTools.keys()].filter((name) => this.enabledTools.has(name)).toSorted();
+		const userNames = [...this.userTools.keys()].filter((name) => this.enabledTools.has(name)).toSorted();
 		const mcpNames = [...this.mcpTools.keys()].filter((name) => this.isMcpToolEnabled(name));
 		return [
 			...builtinNames.map((name) => this.builtinTools.get(name)),
@@ -83116,7 +83125,7 @@ function findImplicitBoundaries(prompt) {
 		const index = prompt.indexOf(header);
 		if (index !== -1) boundaries.push(index);
 	}
-	return boundaries.sort((a, b) => a - b);
+	return boundaries.toSorted((a, b) => a - b);
 }
 /**
 * Split prompt by implicit boundaries into blocks.
@@ -84541,15 +84550,6 @@ var Agent = class {
 			getModel: () => {
 				return this.config.modelAlias ?? "";
 			},
-			enterPlan: async () => {
-				throw new ByfError(ErrorCodes.NOT_IMPLEMENTED, "Plan mode has been removed");
-			},
-			cancelPlan: async () => {
-				throw new ByfError(ErrorCodes.NOT_IMPLEMENTED, "Plan mode has been removed");
-			},
-			clearPlan: async () => {
-				throw new ByfError(ErrorCodes.NOT_IMPLEMENTED, "Plan mode has been removed");
-			},
 			beginCompaction: (payload) => {
 				this.fullCompaction.begin({
 					source: "manual",
@@ -84584,7 +84584,6 @@ var Agent = class {
 			getContext: () => this.context.data(),
 			getConfig: () => this.config.data(),
 			getPermission: () => this.permission.data(),
-			getPlan: async () => null,
 			getUsage: () => this.usage.data(),
 			getTools: () => this.tools.data(),
 			getBackground: (payload) => this.background.list(payload.activeOnly ?? false, payload.limit)
@@ -84717,6 +84716,21 @@ function proxyWithExtraPayload(methods, extraPayload) {
 		}, ...args);
 	} });
 }
+/** The Zod `z.enum` literal inferred from registry keys. */
+const PROVIDER_TYPE_VALUES = Object.keys({
+	exa: { defaultBaseUrl: "https://api.exa.ai/search" },
+	brave: { defaultBaseUrl: "https://api.search.brave.com/res/v1/web/search" },
+	firecrawl: { defaultBaseUrl: "https://api.firecrawl.dev/v2/search" }
+});
+const providerClassMap = /* @__PURE__ */ new Map();
+function registerProvider(type, cls) {
+	providerClassMap.set(type, cls);
+}
+function createProvider(type, options) {
+	const cls = providerClassMap.get(type);
+	if (cls === void 0) throw new Error(`WebSearch provider type "${type}" is not registered. Did you import the provider module?`);
+	return new cls(options);
+}
 //#endregion
 //#region ../agent-core/src/config/schema.ts
 const ProviderTypeSchema = z.enum([
@@ -84816,9 +84830,18 @@ const ByfServiceConfigSchema = z.object({
 	oauth: OAuthRefSchema.optional(),
 	customHeaders: StringRecordSchema.optional()
 });
+/** Provider type enum derived from webSearchProviderRegistry keys. */
+const WebSearchProviderTypeSchema = z.enum(PROVIDER_TYPE_VALUES);
+const WebSearchProviderConfigSchema = z.object({
+	type: WebSearchProviderTypeSchema,
+	apiKeys: z.array(z.string().min(1)).nonempty(),
+	baseUrl: z.string().optional(),
+	priority: z.number().int().positive()
+});
+const WebSearchConfigSchema = z.object({ providers: z.array(WebSearchProviderConfigSchema).nonempty() });
 const ServicesConfigSchema = z.object({
-	byfSearch: ByfServiceConfigSchema.optional(),
-	byfFetch: ByfServiceConfigSchema.optional()
+	webSearch: WebSearchConfigSchema.optional(),
+	fetchUrl: ByfServiceConfigSchema.optional()
 });
 const McpServerCommonFields = {
 	enabled: z.boolean().optional(),
@@ -84884,8 +84907,8 @@ const LoopControlPatchSchema = LoopControlSchema.partial();
 const BackgroundConfigPatchSchema = BackgroundConfigSchema.partial();
 const ByfServiceConfigPatchSchema = ByfServiceConfigSchema.partial();
 const ServicesConfigPatchSchema = z.object({
-	byfSearch: ByfServiceConfigPatchSchema.optional(),
-	byfFetch: ByfServiceConfigPatchSchema.optional()
+	webSearch: WebSearchConfigSchema.optional(),
+	fetchUrl: ByfServiceConfigPatchSchema.optional()
 });
 const ByfConfigPatchSchema = z.object({
 	providers: z.record(z.string(), ProviderConfigPatchSchema).optional(),
@@ -85133,10 +85156,15 @@ function transformServiceData(data) {
 		const targetKey = snakeToCamel(key);
 		if (targetKey === "oauth") out[targetKey] = isPlainObject$1(value) ? transformPlainObject(value) : value;
 		else if (targetKey === "customHeaders") out[targetKey] = cloneObjectValue(value);
+		else if (Array.isArray(value)) out[targetKey] = value.map((item) => isPlainObject$1(item) ? transformRecord(item, identity, snakeToCamel) : item);
+		else if (isPlainObject$1(value)) out[targetKey] = transformPlainObject(value);
 		else out[targetKey] = value;
 	}
 	return out;
 }
+function identity(v) {
+	return v;
+}
 function transformLoopControlData(data) {
 	const out = transformPlainObject(data);
 	if (out["maxStepsPerTurn"] === void 0 && out["maxStepsPerRun"] !== void 0) out["maxStepsPerTurn"] = out["maxStepsPerRun"];
@@ -85156,11 +85184,11 @@ function configToTomlData(config) {
 	delete out["default_yolo"];
 	delete out["defaultYolo"];
 	delete out["defaultPermissionMode"];
+	delete out["default_thinking"];
 	for (const key of [
 		"defaultProvider",
 		"defaultModel",
 		"yolo",
-		"defaultThinking",
 		"defaultPermissionMode",
 		"mergeAllAvailableSkills",
 		"extraSkillDirs"
@@ -85229,10 +85257,17 @@ function permissionRuleToToml(rule) {
 }
 function servicesToToml(services, rawServices) {
 	const out = cloneRecord(rawServices);
-	if (services.byfSearch !== void 0) out["byf_search"] = serviceToToml(services.byfSearch);
-	else delete out["byf_search"];
-	if (services.byfFetch !== void 0) out["byf_fetch"] = serviceToToml(services.byfFetch);
-	else delete out["byf_fetch"];
+	if (services.webSearch !== void 0 && services.webSearch.providers.length > 0) {
+		const providersToml = services.webSearch.providers.map((p) => {
+			const providerOut = {};
+			for (const [key, value] of Object.entries(p)) setDefined(providerOut, camelToSnake(key), value);
+			return providerOut;
+		});
+		out["web_search"] = out["web_search"] ?? {};
+		out["web_search"]["providers"] = providersToml;
+	} else delete out["web_search"];
+	if (services.fetchUrl !== void 0) out["fetch_url"] = serviceToToml(services.fetchUrl);
+	else delete out["fetch_url"];
 	return out;
 }
 function serviceToToml(service) {
@@ -85290,6 +85325,595 @@ function isFileExistsError(error) {
 	return typeof error === "object" && error !== null && error.code === "EEXIST";
 }
 //#endregion
+//#region ../agent-core/src/config/update-rules.ts
+const REMOVED_RULES = [
+	{
+		path: "default_yolo",
+		pathParts: ["default_yolo"],
+		kind: "removed",
+		detail: "Top-level field default_yolo is removed. Use yolo instead.",
+		deprecatedSince: "pre-0.1.0"
+	},
+	{
+		path: "defaultYolo",
+		pathParts: ["defaultYolo"],
+		kind: "removed",
+		detail: "Top-level field defaultYolo is removed. Use yolo instead.",
+		deprecatedSince: "pre-0.1.0"
+	},
+	{
+		path: "services.byf_search",
+		pathParts: ["services", "byf_search"],
+		kind: "removed",
+		detail: "Deprecated service byf_search is removed.",
+		deprecatedSince: "pre-0.1.0"
+	},
+	{
+		path: "services.byf_fetch",
+		pathParts: ["services", "byf_fetch"],
+		kind: "removed",
+		detail: "Deprecated service byf_fetch is removed. Use services.fetch_url instead.",
+		deprecatedSince: "pre-0.1.0"
+	}
+];
+const RENAMED_RULES = [{
+	path: "loop_control.max_steps_per_run",
+	pathParts: ["loop_control", "max_steps_per_run"],
+	kind: "renamed",
+	detail: "Renamed to max_steps_per_turn.",
+	deprecatedSince: "pre-0.1.0"
+}];
+const MIGRATED_RULES = [{
+	path: "default_thinking",
+	pathParts: ["default_thinking"],
+	kind: "migrated",
+	detail: "Migrate default_thinking to [thinking] block.",
+	deprecatedSince: "pre-0.1.0"
+}];
+/**
+* Combined list of all deprecated-field rules.
+*
+* Order within the list does not affect correctness (the CLI groups by kind
+* at display time), but a stable order helps test expectations.
+*/
+const DEPRECATED_FIELD_RULES = [
+	...REMOVED_RULES,
+	...RENAMED_RULES,
+	...MIGRATED_RULES
+];
+//#endregion
+//#region ../agent-core/src/providers/runtime-provider.ts
+function resolveRuntimeProvider(input) {
+	const modelName = input.model ?? input.config.defaultModel;
+	if (modelName === void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, "No model is selected. Set default_model in config.toml or pass a configured model alias.");
+	const alias = input.config.models?.[modelName];
+	if (alias === void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Model "${modelName}" is not configured in config.toml. Add a [models."${modelName}"] entry with max_context_size.`);
+	const resolvedModel = alias.model;
+	const providerName = alias.provider ?? input.config.defaultProvider;
+	const providerConfig = providerName === void 0 ? void 0 : input.config.providers[providerName];
+	if (providerName === void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Model "${modelName}" must define a provider in config.toml.`);
+	if (providerConfig === void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Provider "${providerName}" for model "${modelName}" is not configured.`);
+	if (!Number.isInteger(alias.maxContextSize) || alias.maxContextSize <= 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Model "${modelName}" must define a positive max_context_size in config.toml.`);
+	if (input.validateCredentials !== false && providerConfig.type !== "vertexai" && providerConfig.oauth === void 0 && providerApiKey(providerConfig) === void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Provider "${providerName}" has no credentials configured. Set apiKey, oauth, or a provider env API key in config.toml.`);
+	const provider = toKosongProviderConfig(providerConfig, resolvedModel, input.byfRequestHeaders, alias.maxOutputSize, alias.reasoningKey, input.promptCacheKey);
+	return {
+		modelName,
+		providerName,
+		modelCapabilities: resolveModelCapabilities(alias, provider),
+		provider
+	};
+}
+async function resolveRuntimeProviderWithOAuth(input) {
+	const resolved = resolveRuntimeProvider(input);
+	const resolveAuth = createRuntimeProviderAuthResolver(input, resolved);
+	if (resolveAuth === void 0) return resolved;
+	await resolveAuth();
+	return {
+		...resolved,
+		resolveAuth
+	};
+}
+function createRuntimeProviderAuthResolver(input, resolved = resolveRuntimeProvider(input)) {
+	const providerName = resolved.providerName;
+	if (providerName === void 0) return void 0;
+	const providerConfig = input.config.providers[providerName];
+	if (providerConfig?.oauth === void 0) return void 0;
+	if (providerApiKey(providerConfig) !== void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Provider "${providerName}" has both apiKey and oauth set in config.toml — they are mutually exclusive. Remove one.`);
+	const tokenProvider = input.resolveOAuthTokenProvider?.(providerName, providerConfig.oauth);
+	if (tokenProvider === void 0) return async () => {
+		throw new ByfError(ErrorCodes.AUTH_LOGIN_REQUIRED, `OAuth provider "${providerName}" requires login before it can be used.`);
+	};
+	return async (options) => {
+		let apiKey;
+		try {
+			apiKey = await tokenProvider.getAccessToken(options?.forceRefresh === true ? { force: true } : void 0);
+		} catch (error) {
+			if (!isAuthLoginRequired(error)) (input.log ?? log).warn("oauth token fetch failed", {
+				providerName,
+				error
+			});
+			throw new ByfError(ErrorCodes.AUTH_LOGIN_REQUIRED, `OAuth provider "${providerName}" requires login before it can be used.`, { cause: error });
+		}
+		if (apiKey.trim().length === 0) throw new ByfError(ErrorCodes.AUTH_LOGIN_REQUIRED, `OAuth provider "${providerName}" requires login before it can be used.`);
+		return { apiKey };
+	};
+}
+function isAuthLoginRequired(error) {
+	return isByfError(error) && error.code === ErrorCodes.AUTH_LOGIN_REQUIRED;
+}
+const CAPABILITY_DEFINITIONS = [
+	{
+		name: "image_in",
+		returnKey: "image_in"
+	},
+	{
+		name: "video_in",
+		returnKey: "video_in"
+	},
+	{
+		name: "audio_in",
+		returnKey: "audio_in"
+	},
+	{
+		name: "thinking",
+		returnKey: "thinking"
+	},
+	{
+		name: "always_thinking",
+		returnKey: "thinking"
+	},
+	{
+		name: "tool_use",
+		returnKey: "tool_use"
+	},
+	{
+		name: "thinking_effort",
+		returnKey: "thinking_effort"
+	},
+	{
+		name: "thinking_xhigh",
+		returnKey: "thinking_xhigh"
+	},
+	{
+		name: "thinking_max",
+		returnKey: "thinking_max"
+	}
+];
+/**
+* The list of every valid capability name that can appear in a model
+* alias's `capabilities` array.
+*
+* Derives directly from {@link CAPABILITY_DEFINITIONS} so that adding a
+* new capability in one place automatically keeps both the validation
+* gate (`update-config`) and the runtime resolver in sync.
+*/
+const VALID_CAPABILITIES = CAPABILITY_DEFINITIONS.map((d) => d.name);
+function resolveModelCapabilities(alias, provider) {
+	const capabilities = new Set((alias.capabilities ?? []).map((capability) => capability.trim().toLowerCase()));
+	const has = (capability) => capabilities.has(capability);
+	const providerCapability = createProvider$1(providerForCapabilityProbe(provider)).getCapability?.(provider.model) ?? UNKNOWN_CAPABILITY;
+	const returnKeyToNames = /* @__PURE__ */ new Map();
+	for (const def of CAPABILITY_DEFINITIONS) {
+		const names = returnKeyToNames.get(def.returnKey) ?? [];
+		names.push(def.name);
+		returnKeyToNames.set(def.returnKey, names);
+	}
+	const resolved = {};
+	for (const [returnKey, names] of returnKeyToNames) resolved[returnKey] = names.some((n) => has(n)) || Boolean(providerCapability[returnKey]);
+	return {
+		...resolved,
+		max_context_tokens: alias.maxContextSize
+	};
+}
+function toKosongProviderConfig(provider, model, byfRequestHeaders, maxOutputSize, reasoningKey, promptCacheKey) {
+	switch (provider.type) {
+		case "anthropic": return {
+			type: "anthropic",
+			model,
+			baseUrl: providerValue(provider.baseUrl, provider.env, "ANTHROPIC_BASE_URL"),
+			apiKey: providerApiKey(provider),
+			...maxOutputSize !== void 0 ? { defaultMaxTokens: maxOutputSize } : {},
+			...defaultHeadersField(provider.customHeaders)
+		};
+		case "openai-completions": {
+			const defaultHeaders = {
+				...byfRequestHeaders,
+				...provider.customHeaders
+			};
+			const generationKwargs = {
+				prompt_cache_key: promptCacheKey,
+				extra_body: provider.extraBody
+			};
+			if (Object.keys(defaultHeaders).length === 0) return {
+				type: "openai-completions",
+				model,
+				baseUrl: providerValue(provider.baseUrl, provider.env, "BYF_BASE_URL"),
+				reasoningKey,
+				thinkingEffortKey: provider.thinkingEffortKey,
+				generationKwargs,
+				apiKey: providerApiKey(provider)
+			};
+			return {
+				type: "openai-completions",
+				model,
+				baseUrl: providerValue(provider.baseUrl, provider.env, "BYF_BASE_URL"),
+				reasoningKey,
+				thinkingEffortKey: provider.thinkingEffortKey,
+				generationKwargs,
+				defaultHeaders,
+				apiKey: providerApiKey(provider)
+			};
+		}
+		case "google-genai": return {
+			type: "google-genai",
+			model,
+			apiKey: providerApiKey(provider)
+		};
+		case "openai_responses": return {
+			type: "openai_responses",
+			model,
+			baseUrl: providerValue(provider.baseUrl, provider.env, "OPENAI_BASE_URL"),
+			apiKey: providerApiKey(provider),
+			...defaultHeadersField(provider.customHeaders)
+		};
+		case "vertexai": return {
+			type: "vertexai",
+			model,
+			vertexai: hasVertexAIServiceEnv(provider),
+			apiKey: hasVertexAIServiceEnv(provider) ? void 0 : providerApiKey(provider),
+			project: vertexAIProject(provider),
+			location: vertexAILocation(provider)
+		};
+		default: {
+			const exhaustive = provider.type;
+			throw new ByfError(ErrorCodes.MODEL_CONFIG_INVALID, `Unsupported provider type: ${String(exhaustive)}`);
+		}
+	}
+}
+function defaultHeadersField(headers) {
+	if (headers === void 0 || Object.keys(headers).length === 0) return {};
+	return { defaultHeaders: { ...headers } };
+}
+function providerForCapabilityProbe(provider) {
+	if (provider.type === "vertexai") return {
+		...provider,
+		vertexai: false,
+		project: void 0,
+		location: void 0,
+		apiKey: provider.apiKey === void 0 || provider.apiKey.length === 0 ? "capability-probe" : provider.apiKey
+	};
+	if (provider.apiKey !== void 0 && provider.apiKey.length > 0) return provider;
+	return {
+		...provider,
+		apiKey: "capability-probe"
+	};
+}
+function providerApiKey(provider) {
+	switch (provider.type) {
+		case "anthropic": return providerValue(provider.apiKey, provider.env, "ANTHROPIC_API_KEY");
+		case "openai_responses": return providerValue(provider.apiKey, provider.env, "OPENAI_API_KEY");
+		case "openai-completions": return providerValue(provider.apiKey, provider.env, "BYF_API_KEY");
+		case "google-genai": return providerValue(provider.apiKey, provider.env, "GOOGLE_API_KEY");
+		case "vertexai": return nonEmptyString$2(provider.apiKey) ?? envValue(provider.env, "VERTEXAI_API_KEY") ?? envValue(provider.env, "GOOGLE_API_KEY");
+		default: {
+			const exhaustive = provider.type;
+			throw new ByfError(ErrorCodes.MODEL_CONFIG_INVALID, `Unsupported provider type: ${String(exhaustive)}`);
+		}
+	}
+}
+function hasVertexAIServiceEnv(provider) {
+	return vertexAIProject(provider) !== void 0 && vertexAILocation(provider) !== void 0;
+}
+function vertexAIProject(provider) {
+	return envValue(provider.env, "GOOGLE_CLOUD_PROJECT");
+}
+function vertexAILocation(provider) {
+	return envValue(provider.env, "GOOGLE_CLOUD_LOCATION") ?? locationFromVertexAIBaseUrl(provider.baseUrl);
+}
+function providerValue(configured, env, envKey) {
+	return nonEmptyString$2(configured) ?? envValue(env, envKey);
+}
+function envValue(env, key) {
+	return nonEmptyString$2(env?.[key]);
+}
+function nonEmptyString$2(value) {
+	const trimmed = value?.trim();
+	return trimmed === void 0 || trimmed.length === 0 ? void 0 : trimmed;
+}
+function locationFromVertexAIBaseUrl(baseUrl) {
+	const url = nonEmptyString$2(baseUrl);
+	if (url === void 0) return void 0;
+	try {
+		const host = new URL(url).hostname;
+		return host.endsWith("-aiplatform.googleapis.com") ? nonEmptyString$2(host.slice(0, -26)) : void 0;
+	} catch {
+		return;
+	}
+}
+//#endregion
+//#region ../agent-core/src/config/update.ts
+/**
+* Scan a parsed config (including `config.raw`) and return all Findings
+* for deprecated / renamed / migrated / dangling / unknown / invalid-value
+* fields.
+*
+* This is a **pure** function — no file I/O, no side effects.
+*
+* Detection is based on `config.raw` (the clone of the original TOML data),
+* not on the parsed camelCase schema. This matches the PRD's observation
+* that `raw` is both the protection layer (preserving unknown fields) and
+* the blind spot (retaining stale keys through read→write cycles).
+*/
+function analyzeConfig(config) {
+	const raw = config.raw;
+	const findings = [];
+	if (isRecord$2(raw)) {
+		for (const rule of DEPRECATED_FIELD_RULES) if (pathExistsInRaw(raw, rule.pathParts)) findings.push({
+			kind: rule.kind,
+			path: rule.path,
+			detail: rule.detail,
+			deprecatedSince: rule.deprecatedSince
+		});
+		const defaultThinkingFinding = findings.find((f) => f.path === "default_thinking");
+		if (defaultThinkingFinding) {
+			const thinking = config.thinking;
+			if (thinking && (thinking.mode !== void 0 || thinking.effort !== void 0)) {
+				defaultThinkingFinding.kind = "removed";
+				defaultThinkingFinding.detail = "Already superseded by [thinking] block.";
+			}
+		}
+		const UNKNOWN_SKIP_PATHS = new Set(DEPRECATED_FIELD_RULES.map((r) => r.pathParts.join(".")));
+		const byfShapeKeys = /* @__PURE__ */ new Set();
+		for (const key of Object.keys(ByfConfigSchema.shape)) {
+			byfShapeKeys.add(key);
+			byfShapeKeys.add(camelToSnakeStatic(key));
+		}
+		for (const rawKey of Object.keys(raw)) {
+			if (rawKey === "raw") continue;
+			if (UNKNOWN_SKIP_PATHS.has(rawKey)) continue;
+			const camelKey = snakeToCamelStatic(rawKey);
+			if (!byfShapeKeys.has(camelKey) && !byfShapeKeys.has(rawKey)) findings.push({
+				kind: "unknown",
+				path: rawKey,
+				detail: `Field "${rawKey}" is not recognized by the current schema. Its value has been ignored. This may be a typo or a field from a previous version.`
+			});
+		}
+		const nestedFindings = scanNestedUnknowns(raw, UNKNOWN_SKIP_PATHS);
+		findings.push(...nestedFindings);
+	}
+	if (config.models) {
+		const validCapsLower = new Set(VALID_CAPABILITIES.map((c) => c.toLowerCase()));
+		for (const [alias, modelConfig] of Object.entries(config.models)) if (modelConfig.capabilities) for (let i = 0; i < modelConfig.capabilities.length; i++) {
+			const cap = modelConfig.capabilities[i];
+			if (cap === void 0) continue;
+			if (!validCapsLower.has(cap.toLowerCase())) findings.push({
+				kind: "invalid-value",
+				path: `models.${alias}.capabilities[${i}]`,
+				detail: `"${cap}" is not a valid capability. Valid values: ${VALID_CAPABILITIES.join(", ")}.`
+			});
+		}
+	}
+	const providerKeys = Object.keys(config.providers ?? {});
+	if (config.models) {
+		for (const [alias, modelConfig] of Object.entries(config.models)) if (!providerKeys.includes(modelConfig.provider)) findings.push({
+			kind: "dangling",
+			path: `models.${alias}.provider`,
+			detail: `Model alias "${alias}" references provider "${modelConfig.provider}", which does not exist in [providers].`
+		});
+	}
+	if (config.defaultProvider !== void 0 && !providerKeys.includes(config.defaultProvider)) findings.push({
+		kind: "dangling",
+		path: "default_provider",
+		detail: `Default provider "${config.defaultProvider}" does not exist in [providers].`
+	});
+	const modelKeys = Object.keys(config.models ?? {});
+	if (config.defaultModel !== void 0 && !modelKeys.includes(config.defaultModel)) findings.push({
+		kind: "dangling",
+		path: "default_model",
+		detail: `Default model "${config.defaultModel}" does not exist in [models].`
+	});
+	return findings;
+}
+/**
+* Apply automatic fixes to a `ByfConfig` by deleting every path registered in
+* `DEPRECATED_FIELD_RULES` from `config.raw`.
+*
+* The `_findings` parameter is intentionally **not consulted** — deletion is
+* driven exclusively by the whitelist in `DEPRECATED_FIELD_RULES`. This ensures
+* that a call to `applyFixes` always produces a clean config regardless of
+* what analysis step previously ran.
+*
+* This is a **pure** function — it returns a new config object without
+* mutating the input.
+*/
+function applyFixes(config, findings) {
+	const newRaw = rawShallowClone(config.raw);
+	for (const rule of DEPRECATED_FIELD_RULES) deletePath(newRaw, rule.pathParts);
+	let newConfig = {
+		...config,
+		raw: newRaw
+	};
+	if (findings.find((f) => f.kind === "migrated" && f.path === "default_thinking")) {
+		const rawValue = config.raw?.["default_thinking"];
+		const isTruthy = rawValue === true || rawValue === "true" || rawValue === 1;
+		newConfig = {
+			...newConfig,
+			thinking: isTruthy ? {
+				mode: "on",
+				effort: "high"
+			} : { mode: "off" }
+		};
+	}
+	return newConfig;
+}
+/** Convert snake_case to camelCase (static helper for unknown detection). */
+function snakeToCamelStatic(str) {
+	return str.replaceAll(/_([a-z])/g, (_, ch) => ch.toUpperCase());
+}
+/** Convert camelCase to snake_case (static helper for unknown detection). */
+function camelToSnakeStatic(str) {
+	return str.replaceAll(/[A-Z]/g, (ch) => `_${ch.toLowerCase()}`);
+}
+/** True when `value` is a non-null, non-array object. */
+function isRecord$2(value) {
+	return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+/**
+* Walk `root` along `pathParts` checking that **every** segment exists.
+*
+* Returns `true` iff all parts exist as own keys (or inherited keys — TOML
+* parse results are plain objects so the distinction doesn't matter here).
+*/
+function pathExistsInRaw(root, pathParts) {
+	let current = root;
+	for (const part of pathParts) {
+		if (!isRecord$2(current) || !(part in current)) return false;
+		current = current[part];
+	}
+	return true;
+}
+/**
+* Delete a leaf (or entire sub-tree) from `root` following `pathParts`.
+*
+* If the parent after deletion becomes empty it is cleaned up as well
+* (recursive upward), so that a service table cleared of all deprecated
+* keys does not leave behind an empty `{}`.
+*/
+function deletePath(root, pathParts) {
+	if (pathParts.length === 0) return;
+	const parentParts = pathParts.slice(0, -1);
+	const leafKey = pathParts.at(-1);
+	let current;
+	if (parentParts.length === 0) current = root;
+	else current = traverseTo(root, parentParts);
+	if (current === void 0) return;
+	const keyExisted = leafKey in current;
+	delete current[leafKey];
+	if (keyExisted && parentParts.length > 0 && Object.keys(current).length === 0) deletePath(root, parentParts);
+}
+/**
+* Walk `root` along `pathParts` returning the penultimate record, or
+* `undefined` if any segment is missing.
+*/
+function traverseTo(root, pathParts) {
+	let current = root;
+	for (const part of pathParts) {
+		if (!isRecord$2(current) || !(part in current)) return void 0;
+		current = current[part];
+	}
+	return isRecord$2(current) ? current : void 0;
+}
+/**
+* Shallow-clone `raw`: each nested record is also shallow-cloned so that
+* mutations in `applyFixes` do not affect the original object.
+*/
+function rawShallowClone(raw) {
+	if (!isRecord$2(raw)) return {};
+	const clone = {};
+	for (const [key, value] of Object.entries(raw)) clone[key] = isRecord$2(value) ? { ...value } : value;
+	return clone;
+}
+/**
+* Build a set of all valid keys (camelCase + snake_case) from a zod
+* object schema's `.shape`.
+*/
+function getShapeKeySet(schema) {
+	const keys = /* @__PURE__ */ new Set();
+	for (const key of Object.keys(schema.shape)) {
+		keys.add(key);
+		keys.add(camelToSnakeStatic(key));
+	}
+	return keys;
+}
+/**
+* Scan known container keys in `raw` for sub-keys that don't match the
+* corresponding schema shape.  Unknown paths that overlap with
+* `skipPaths` (e.g. already reported deprecated fields) are skipped.
+*
+* Detects e.g. `models.gpt4.max_context_tokns` (typo) or
+* `providers.anthropic.api_kei` (typo).
+*/
+function scanNestedUnknowns(raw, skipPaths) {
+	const findings = [];
+	const containers = [
+		{
+			rawKey: "models",
+			isRecord: true,
+			schema: ModelAliasSchema
+		},
+		{
+			rawKey: "providers",
+			isRecord: true,
+			schema: ProviderConfigSchema
+		},
+		{
+			rawKey: "services",
+			isRecord: false,
+			schema: ServicesConfigSchema
+		},
+		{
+			rawKey: "background",
+			isRecord: false,
+			schema: BackgroundConfigSchema
+		},
+		{
+			rawKey: "loop_control",
+			isRecord: false,
+			schema: LoopControlSchema
+		},
+		{
+			rawKey: "thinking",
+			isRecord: false,
+			schema: ThinkingConfigSchema
+		},
+		{
+			rawKey: "permission",
+			isRecord: false,
+			schema: PermissionConfigSchema,
+			legacyKeys: [
+				"deny",
+				"allow",
+				"ask"
+			]
+		}
+	];
+	const schemaKeySets = /* @__PURE__ */ new Map();
+	containers.forEach((entry, index) => {
+		const base = getShapeKeySet(entry.schema);
+		if (entry.legacyKeys) for (const k of entry.legacyKeys) base.add(k);
+		schemaKeySets.set(index, base);
+	});
+	for (const [entryIndex, entry] of containers.entries()) {
+		if (!(entry.rawKey in raw)) continue;
+		const rawValue = raw[entry.rawKey];
+		if (!isRecord$2(rawValue)) continue;
+		if (entry.isRecord) for (const [itemKey, itemValue] of Object.entries(rawValue)) {
+			if (!isRecord$2(itemValue)) continue;
+			const validKeys = schemaKeySets.get(entryIndex);
+			for (const subKey of Object.keys(itemValue)) if (!validKeys.has(subKey)) {
+				const path = `${entry.rawKey}.${itemKey}.${subKey}`;
+				if (!skipPaths.has(path)) findings.push({
+					kind: "unknown",
+					path,
+					detail: `Field "${subKey}" is not recognized in ${entry.rawKey}.${itemKey}. This may be a typo or a field from a previous version.`
+				});
+			}
+		}
+		else {
+			const validKeys = schemaKeySets.get(entryIndex);
+			for (const subKey of Object.keys(rawValue)) if (!validKeys.has(subKey)) {
+				const path = `${entry.rawKey}.${subKey}`;
+				if (!skipPaths.has(path)) findings.push({
+					kind: "unknown",
+					path,
+					detail: `Field "${subKey}" is not recognized in [${entry.rawKey}]. This may be a typo or a field from a previous version.`
+				});
+			}
+		}
+	}
+	return findings;
+}
+//#endregion
 //#region ../../node_modules/.pnpm/@modelcontextprotocol+sdk@1.29.0_zod@4.3.6/node_modules/@modelcontextprotocol/sdk/dist/esm/server/zod-compat.js
 function isZ4Schema(s) {
 	return !!s._zod;
@@ -90026,14 +90650,14 @@ var LocalKaos = class {
 		}
 	}
 	async writeBytes(path, data) {
-		await writeFile$1(this._resolvePath(path), data);
+		await writeFile(this._resolvePath(path), data);
 		return data.length;
 	}
 	async writeText(path, data, options) {
 		const resolved = this._resolvePath(path);
 		const encoding = options?.encoding ?? "utf-8";
 		if ((options?.mode ?? "w") === "a") await appendFile(resolved, data, encoding);
-		else await writeFile$1(resolved, data, encoding);
+		else await writeFile(resolved, data, encoding);
 		return data.length;
 	}
 	async mkdir(path, options) {
@@ -125212,11 +125836,15 @@ function createProxiedFetch(deps) {
 		const proxyUrl = getProxyForUrl(url, envLookup, sysProxy);
 		const noProxyMatch = noProxy !== void 0 && isNoProxyHost(hostname, noProxy);
 		const controller = new AbortController();
-		const timeoutId = setTimeout(() => controller.abort(), REQUEST_TIMEOUT_MS);
+		const timeoutId = setTimeout(() => {
+			controller.abort();
+		}, REQUEST_TIMEOUT_MS);
 		if (init?.signal) if (init.signal.aborted) {
 			clearTimeout(timeoutId);
 			controller.abort();
-		} else init.signal.addEventListener("abort", () => controller.abort(), { once: true });
+		} else init.signal.addEventListener("abort", () => {
+			controller.abort();
+		}, { once: true });
 		const mergedInit = {
 			...init,
 			signal: controller.signal
@@ -125228,7 +125856,7 @@ function createProxiedFetch(deps) {
 			return response;
 		} catch (error) {
 			clearTimeout(timeoutId);
-			if (isRetryableError(error) && proxyUrl && !noProxyMatch) return await retryViaProxy(input, init, proxyUrl, innerFetch);
+			if (isRetryableError(error) && proxyUrl && !noProxyMatch) return retryViaProxy(input, init, proxyUrl, innerFetch);
 			throw error;
 		}
 	};
@@ -125236,11 +125864,15 @@ function createProxiedFetch(deps) {
 }
 async function retryViaProxy(input, init, proxyUrl, innerFetch) {
 	const controller = new AbortController();
-	const timeoutId = setTimeout(() => controller.abort(), REQUEST_TIMEOUT_MS);
+	const timeoutId = setTimeout(() => {
+		controller.abort();
+	}, REQUEST_TIMEOUT_MS);
 	if (init?.signal) if (init.signal.aborted) {
 		clearTimeout(timeoutId);
 		controller.abort();
-	} else init.signal.addEventListener("abort", () => controller.abort(), { once: true });
+	} else init.signal.addEventListener("abort", () => {
+		controller.abort();
+	}, { once: true });
 	const dispatcher = new import_undici.ProxyAgent(proxyUrl);
 	const retryInit = {
 		...init,
@@ -125390,82 +126022,188 @@ var RemoteFetchURLProvider = class {
 	}
 };
 //#endregion
-//#region ../agent-core/src/tools/providers/remote-web-search.ts
-var RemoteWebSearchProvider = class {
-	tokenProvider;
-	apiKey;
+//#region ../agent-core/src/tools/providers/router.ts
+var AllProvidersFailedError = class extends Error {
+	lastError;
+	constructor(lastError) {
+		super(`All search providers failed. Last error: ${lastError ?? "unknown"}`);
+		this.lastError = lastError;
+		this.name = "AllProvidersFailedError";
+	}
+};
+var PriorityRouter = class {
+	providers;
+	constructor(providers) {
+		this.providers = providers;
+	}
+	async search(query, options) {
+		let lastError;
+		for (const provider of this.providers) try {
+			return await provider.search(query, options);
+		} catch (error) {
+			lastError = error instanceof Error ? error.message : String(error);
+		}
+		throw new AllProvidersFailedError(lastError);
+	}
+};
+//#endregion
+//#region ../agent-core/src/tools/providers/exa.ts
+var ExaWebSearchProvider = class {
+	apiKeys;
 	baseUrl;
-	defaultHeaders;
-	customHeaders;
 	fetchImpl;
 	constructor(options) {
-		this.tokenProvider = options.tokenProvider;
-		this.apiKey = options.apiKey;
-		this.baseUrl = options.baseUrl;
-		this.defaultHeaders = options.defaultHeaders ?? {};
-		this.customHeaders = options.customHeaders ?? {};
+		this.apiKeys = options.apiKeys;
+		this.baseUrl = options.baseUrl ?? "https://api.exa.ai/search";
 		this.fetchImpl = options.fetchImpl ?? globalThis.fetch.bind(globalThis);
 	}
 	async search(query, options) {
-		const body = {
-			text_query: query,
-			limit: options?.limit ?? 5,
-			enable_page_crawling: options?.includeContent ?? false,
-			timeout_seconds: 30
+		const limit = options?.limit ?? 5;
+		const includeContent = options?.includeContent ?? false;
+		const contents = {};
+		if (includeContent) contents.text = { maxCharacters: 1e4 };
+		else contents.highlights = {
+			query,
+			maxCharacters: 300
 		};
-		const bodyJson = JSON.stringify(body);
-		const response = await this.post(bodyJson);
-		if (response.status === 401) {
-			const detail = await safeReadText(response);
-			throw new Error(`Remote search request failed: HTTP 401 (auth/unauthorized). ${detail}`.trim());
-		}
-		if (response.status !== 200) {
-			const detail = await safeReadText(response);
-			throw new Error(`Remote search request failed: HTTP ${String(response.status)}. ${detail}`.trim());
-		}
-		const json = await response.json();
-		return (Array.isArray(json.search_results) ? json.search_results : []).map((r) => {
-			const out = {
-				title: r.title ?? "",
-				url: r.url ?? "",
-				snippet: r.snippet ?? ""
-			};
-			if (typeof r.date === "string" && r.date.length > 0) out.date = r.date;
-			if (typeof r.content === "string" && r.content.length > 0) out.content = r.content;
-			return out;
+		const body = JSON.stringify({
+			query,
+			numResults: limit,
+			contents
 		});
+		let lastError;
+		for (const apiKey of this.apiKeys) try {
+			const response = await this.fetchImpl(this.baseUrl, {
+				method: "POST",
+				headers: {
+					Authorization: `Bearer ${apiKey}`,
+					"Content-Type": "application/json"
+				},
+				body
+			});
+			if (!response.ok) {
+				const detail = (await response.text().catch(() => "")).slice(0, 200);
+				throw new Error(`Exa search failed: HTTP ${response.status}${detail ? `: ${detail}` : ""}`);
+			}
+			const json = await response.json();
+			return (Array.isArray(json.results) ? json.results : []).map((r) => {
+				const out = {
+					title: r.title ?? "",
+					url: r.url ?? "",
+					snippet: ""
+				};
+				if (includeContent && typeof r.text === "string") {
+					out.snippet = r.text.slice(0, 300);
+					if (r.text.length > 0) out.content = r.text;
+				} else if (Array.isArray(r.highlights) && r.highlights.length > 0) out.snippet = r.highlights[0].slice(0, 300);
+				if (typeof r.publishedDate === "string" && r.publishedDate.length > 0) out.date = r.publishedDate;
+				return out;
+			});
+		} catch (error) {
+			lastError = error instanceof Error ? error : new Error(String(error));
+		}
+		throw lastError ?? /* @__PURE__ */ new Error("Exa search failed: no API keys configured");
 	}
-	async post(bodyJson) {
-		const accessToken = await this.resolveApiKey();
-		return this.fetchImpl(this.baseUrl, {
-			method: "POST",
-			headers: {
-				...this.defaultHeaders,
-				Authorization: `Bearer ${accessToken}`,
-				"Content-Type": "application/json",
-				...this.customHeaders
-			},
-			body: bodyJson
-		});
+};
+registerProvider("exa", ExaWebSearchProvider);
+//#endregion
+//#region ../agent-core/src/tools/providers/brave.ts
+var BraveWebSearchProvider = class {
+	apiKeys;
+	baseUrl;
+	fetchImpl;
+	constructor(options) {
+		this.apiKeys = options.apiKeys;
+		this.baseUrl = options.baseUrl ?? "https://api.search.brave.com/res/v1/web/search";
+		this.fetchImpl = options.fetchImpl ?? globalThis.fetch.bind(globalThis);
 	}
-	async resolveApiKey() {
-		if (this.tokenProvider !== void 0) try {
-			return await this.tokenProvider.getAccessToken();
+	async search(query, options) {
+		const limit = options?.limit ?? 5;
+		const url = new URL(this.baseUrl);
+		url.searchParams.set("q", query);
+		url.searchParams.set("count", String(limit));
+		let lastError;
+		for (const apiKey of this.apiKeys) try {
+			const response = await this.fetchImpl(url.toString(), {
+				method: "GET",
+				headers: {
+					"Accept": "application/json",
+					"Accept-Encoding": "gzip",
+					"X-Subscription-Token": apiKey
+				}
+			});
+			if (!response.ok) {
+				const detail = (await response.text().catch(() => "")).slice(0, 200);
+				throw new Error(`Brave search failed: HTTP ${response.status}${detail ? `: ${detail}` : ""}`);
+			}
+			const json = await response.json();
+			return (Array.isArray(json.web?.results) ? json.web.results : []).map((r) => {
+				const out = {
+					title: r.title ?? "",
+					url: r.url ?? "",
+					snippet: r.description ?? ""
+				};
+				if (typeof r.age === "string" && r.age.length > 0) out.date = r.age;
+				return out;
+			});
 		} catch (error) {
-			if (this.apiKey !== void 0 && this.apiKey.length > 0) return this.apiKey;
-			throw error;
+			lastError = error instanceof Error ? error : new Error(String(error));
 		}
-		if (this.apiKey !== void 0 && this.apiKey.length > 0) return this.apiKey;
-		throw new Error("Remote search service is not configured: missing API key or token provider.");
+		throw lastError ?? /* @__PURE__ */ new Error("Brave search failed: no API keys configured");
 	}
 };
-async function safeReadText(response) {
-	try {
-		return await response.text();
-	} catch {
-		return "";
+registerProvider("brave", BraveWebSearchProvider);
+//#endregion
+//#region ../agent-core/src/tools/providers/firecrawl.ts
+var FirecrawlWebSearchProvider = class {
+	apiKeys;
+	baseUrl;
+	fetchImpl;
+	constructor(options) {
+		this.apiKeys = options.apiKeys;
+		this.baseUrl = options.baseUrl ?? "https://api.firecrawl.dev/v2/search";
+		this.fetchImpl = options.fetchImpl ?? globalThis.fetch.bind(globalThis);
 	}
-}
+	async search(query, options) {
+		const limit = options?.limit ?? 5;
+		const includeContent = options?.includeContent ?? false;
+		const requestBody = {
+			query,
+			limit
+		};
+		if (includeContent) requestBody.scrapeOptions = { formats: ["markdown"] };
+		const body = JSON.stringify(requestBody);
+		let lastError;
+		for (const apiKey of this.apiKeys) try {
+			const response = await this.fetchImpl(this.baseUrl, {
+				method: "POST",
+				headers: {
+					"Authorization": `Bearer ${apiKey}`,
+					"Content-Type": "application/json"
+				},
+				body
+			});
+			if (!response.ok) {
+				const detail = (await response.text().catch(() => "")).slice(0, 200);
+				throw new Error(`Firecrawl search failed: HTTP ${response.status}${detail ? `: ${detail}` : ""}`);
+			}
+			const json = await response.json();
+			return (Array.isArray(json.data?.web) ? json.data.web : []).map((r) => {
+				const out = {
+					title: r.title ?? "",
+					url: r.url ?? "",
+					snippet: r.description ?? ""
+				};
+				if (includeContent && typeof r.markdown === "string" && r.markdown.length > 0) out.content = r.markdown;
+				return out;
+			});
+		} catch (error) {
+			lastError = error instanceof Error ? error : new Error(String(error));
+		}
+		throw lastError ?? /* @__PURE__ */ new Error("Firecrawl search failed: no API keys configured");
+	}
+};
+registerProvider("firecrawl", FirecrawlWebSearchProvider);
 //#endregion
 //#region ../agent-core/src/utils/environment.ts
 /**
@@ -125727,15 +126465,6 @@ var SessionAPIImpl = class {
 	getModel({ agentId, ...payload }) {
 		return this.getAgent(agentId).getModel(payload);
 	}
-	enterPlan({ agentId, ...payload }) {
-		return this.getAgent(agentId).enterPlan(payload);
-	}
-	cancelPlan({ agentId, ...payload }) {
-		return this.getAgent(agentId).cancelPlan(payload);
-	}
-	clearPlan({ agentId, ...payload }) {
-		return this.getAgent(agentId).clearPlan(payload);
-	}
 	beginCompaction({ agentId, ...payload }) {
 		return this.getAgent(agentId).beginCompaction(payload);
 	}
@@ -125776,9 +126505,6 @@ var SessionAPIImpl = class {
 	getPermission({ agentId, ...payload }) {
 		return this.getAgent(agentId).getPermission(payload);
 	}
-	getPlan({ agentId, ...payload }) {
-		return this.getAgent(agentId).getPlan(payload);
-	}
 	getUsage({ agentId, ...payload }) {
 		return this.getAgent(agentId).getUsage(payload);
 	}
@@ -125998,7 +126724,7 @@ async function writeExportZip(args) {
 		entries.push(extra.target);
 	} catch {}
 	zip.end();
-	await pipeline$1(zip.outputStream, createWriteStream$1(args.outputPath));
+	await pipeline$1(zip.outputStream, createWriteStream(args.outputPath));
 	return entries;
 }
 //#endregion
@@ -126057,207 +126783,6 @@ async function readOptionalFile(path) {
 	}
 }
 //#endregion
-//#region ../agent-core/src/providers/runtime-provider.ts
-function resolveRuntimeProvider(input) {
-	const modelName = input.model ?? input.config.defaultModel;
-	if (modelName === void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, "No model is selected. Set default_model in config.toml or pass a configured model alias.");
-	const alias = input.config.models?.[modelName];
-	if (alias === void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Model "${modelName}" is not configured in config.toml. Add a [models."${modelName}"] entry with max_context_size.`);
-	const resolvedModel = alias.model;
-	const providerName = alias.provider ?? input.config.defaultProvider;
-	const providerConfig = providerName === void 0 ? void 0 : input.config.providers[providerName];
-	if (providerName === void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Model "${modelName}" must define a provider in config.toml.`);
-	if (providerConfig === void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Provider "${providerName}" for model "${modelName}" is not configured.`);
-	if (!Number.isInteger(alias.maxContextSize) || alias.maxContextSize <= 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Model "${modelName}" must define a positive max_context_size in config.toml.`);
-	if (input.validateCredentials !== false && providerConfig.type !== "vertexai" && providerConfig.oauth === void 0 && providerApiKey(providerConfig) === void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Provider "${providerName}" has no credentials configured. Set apiKey, oauth, or a provider env API key in config.toml.`);
-	const provider = toKosongProviderConfig(providerConfig, resolvedModel, input.byfRequestHeaders, alias.maxOutputSize, alias.reasoningKey, input.promptCacheKey);
-	return {
-		modelName,
-		providerName,
-		modelCapabilities: resolveModelCapabilities(alias, provider),
-		provider
-	};
-}
-async function resolveRuntimeProviderWithOAuth(input) {
-	const resolved = resolveRuntimeProvider(input);
-	const resolveAuth = createRuntimeProviderAuthResolver(input, resolved);
-	if (resolveAuth === void 0) return resolved;
-	await resolveAuth();
-	return {
-		...resolved,
-		resolveAuth
-	};
-}
-function createRuntimeProviderAuthResolver(input, resolved = resolveRuntimeProvider(input)) {
-	const providerName = resolved.providerName;
-	if (providerName === void 0) return void 0;
-	const providerConfig = input.config.providers[providerName];
-	if (providerConfig?.oauth === void 0) return void 0;
-	if (providerApiKey(providerConfig) !== void 0) throw new ByfError(ErrorCodes.CONFIG_INVALID, `Provider "${providerName}" has both apiKey and oauth set in config.toml — they are mutually exclusive. Remove one.`);
-	const tokenProvider = input.resolveOAuthTokenProvider?.(providerName, providerConfig.oauth);
-	if (tokenProvider === void 0) return async () => {
-		throw new ByfError(ErrorCodes.AUTH_LOGIN_REQUIRED, `OAuth provider "${providerName}" requires login before it can be used.`);
-	};
-	return async (options) => {
-		let apiKey;
-		try {
-			apiKey = await tokenProvider.getAccessToken(options?.forceRefresh === true ? { force: true } : void 0);
-		} catch (error) {
-			if (!isAuthLoginRequired(error)) (input.log ?? log).warn("oauth token fetch failed", {
-				providerName,
-				error
-			});
-			throw new ByfError(ErrorCodes.AUTH_LOGIN_REQUIRED, `OAuth provider "${providerName}" requires login before it can be used.`, { cause: error });
-		}
-		if (apiKey.trim().length === 0) throw new ByfError(ErrorCodes.AUTH_LOGIN_REQUIRED, `OAuth provider "${providerName}" requires login before it can be used.`);
-		return { apiKey };
-	};
-}
-function isAuthLoginRequired(error) {
-	return isByfError(error) && error.code === ErrorCodes.AUTH_LOGIN_REQUIRED;
-}
-function resolveModelCapabilities(alias, provider) {
-	const capabilities = new Set((alias.capabilities ?? []).map((capability) => capability.trim().toLowerCase()));
-	const has = (capability) => capabilities.has(capability);
-	const providerCapability = createProvider(providerForCapabilityProbe(provider)).getCapability?.(provider.model) ?? UNKNOWN_CAPABILITY;
-	return {
-		image_in: has("image_in") || providerCapability.image_in,
-		video_in: has("video_in") || providerCapability.video_in,
-		audio_in: has("audio_in") || providerCapability.audio_in,
-		thinking: has("thinking") || has("always_thinking") || providerCapability.thinking,
-		tool_use: has("tool_use") || providerCapability.tool_use,
-		thinking_effort: has("thinking_effort") || providerCapability.thinking_effort,
-		thinking_xhigh: has("thinking_xhigh") || providerCapability.thinking_xhigh,
-		thinking_max: has("thinking_max") || providerCapability.thinking_max,
-		max_context_tokens: alias.maxContextSize
-	};
-}
-function toKosongProviderConfig(provider, model, byfRequestHeaders, maxOutputSize, reasoningKey, promptCacheKey) {
-	switch (provider.type) {
-		case "anthropic": return {
-			type: "anthropic",
-			model,
-			baseUrl: providerValue(provider.baseUrl, provider.env, "ANTHROPIC_BASE_URL"),
-			apiKey: providerApiKey(provider),
-			...maxOutputSize !== void 0 ? { defaultMaxTokens: maxOutputSize } : {},
-			...defaultHeadersField(provider.customHeaders)
-		};
-		case "openai-completions": {
-			const defaultHeaders = {
-				...byfRequestHeaders,
-				...provider.customHeaders
-			};
-			const generationKwargs = {
-				prompt_cache_key: promptCacheKey,
-				extra_body: provider.extraBody
-			};
-			if (Object.keys(defaultHeaders).length === 0) return {
-				type: "openai-completions",
-				model,
-				baseUrl: providerValue(provider.baseUrl, provider.env, "BYF_BASE_URL"),
-				reasoningKey,
-				thinkingEffortKey: provider.thinkingEffortKey,
-				generationKwargs,
-				apiKey: providerApiKey(provider)
-			};
-			return {
-				type: "openai-completions",
-				model,
-				baseUrl: providerValue(provider.baseUrl, provider.env, "BYF_BASE_URL"),
-				reasoningKey,
-				thinkingEffortKey: provider.thinkingEffortKey,
-				generationKwargs,
-				defaultHeaders,
-				apiKey: providerApiKey(provider)
-			};
-		}
-		case "google-genai": return {
-			type: "google-genai",
-			model,
-			apiKey: providerApiKey(provider)
-		};
-		case "openai_responses": return {
-			type: "openai_responses",
-			model,
-			baseUrl: providerValue(provider.baseUrl, provider.env, "OPENAI_BASE_URL"),
-			apiKey: providerApiKey(provider),
-			...defaultHeadersField(provider.customHeaders)
-		};
-		case "vertexai": return {
-			type: "vertexai",
-			model,
-			vertexai: hasVertexAIServiceEnv(provider),
-			apiKey: hasVertexAIServiceEnv(provider) ? void 0 : providerApiKey(provider),
-			project: vertexAIProject(provider),
-			location: vertexAILocation(provider)
-		};
-		default: {
-			const exhaustive = provider.type;
-			throw new ByfError(ErrorCodes.MODEL_CONFIG_INVALID, `Unsupported provider type: ${String(exhaustive)}`);
-		}
-	}
-}
-function defaultHeadersField(headers) {
-	if (headers === void 0 || Object.keys(headers).length === 0) return {};
-	return { defaultHeaders: { ...headers } };
-}
-function providerForCapabilityProbe(provider) {
-	if (provider.type === "vertexai") return {
-		...provider,
-		vertexai: false,
-		project: void 0,
-		location: void 0,
-		apiKey: provider.apiKey === void 0 || provider.apiKey.length === 0 ? "capability-probe" : provider.apiKey
-	};
-	if (provider.apiKey !== void 0 && provider.apiKey.length > 0) return provider;
-	return {
-		...provider,
-		apiKey: "capability-probe"
-	};
-}
-function providerApiKey(provider) {
-	switch (provider.type) {
-		case "anthropic": return providerValue(provider.apiKey, provider.env, "ANTHROPIC_API_KEY");
-		case "openai_responses": return providerValue(provider.apiKey, provider.env, "OPENAI_API_KEY");
-		case "openai-completions": return providerValue(provider.apiKey, provider.env, "BYF_API_KEY");
-		case "google-genai": return providerValue(provider.apiKey, provider.env, "GOOGLE_API_KEY");
-		case "vertexai": return nonEmptyString$2(provider.apiKey) ?? envValue(provider.env, "VERTEXAI_API_KEY") ?? envValue(provider.env, "GOOGLE_API_KEY");
-		default: {
-			const exhaustive = provider.type;
-			throw new ByfError(ErrorCodes.MODEL_CONFIG_INVALID, `Unsupported provider type: ${String(exhaustive)}`);
-		}
-	}
-}
-function hasVertexAIServiceEnv(provider) {
-	return vertexAIProject(provider) !== void 0 && vertexAILocation(provider) !== void 0;
-}
-function vertexAIProject(provider) {
-	return envValue(provider.env, "GOOGLE_CLOUD_PROJECT");
-}
-function vertexAILocation(provider) {
-	return envValue(provider.env, "GOOGLE_CLOUD_LOCATION") ?? locationFromVertexAIBaseUrl(provider.baseUrl);
-}
-function providerValue(configured, env, envKey) {
-	return nonEmptyString$2(configured) ?? envValue(env, envKey);
-}
-function envValue(env, key) {
-	return nonEmptyString$2(env?.[key]);
-}
-function nonEmptyString$2(value) {
-	const trimmed = value?.trim();
-	return trimmed === void 0 || trimmed.length === 0 ? void 0 : trimmed;
-}
-function locationFromVertexAIBaseUrl(baseUrl) {
-	const url = nonEmptyString$2(baseUrl);
-	if (url === void 0) return void 0;
-	try {
-		const host = new URL(url).hostname;
-		return host.endsWith("-aiplatform.googleapis.com") ? nonEmptyString$2(host.slice(0, -26)) : void 0;
-	} catch {
-		return;
-	}
-}
-//#endregion
 //#region ../agent-core/src/providers/provider-manager.ts
 var ProviderManager = class ProviderManager {
 	options;
@@ -126518,7 +127043,7 @@ var SessionStore = class {
 			title: normalized,
 			isCustomTitle: true
 		};
-		await writeFile$1(statePath, `${JSON.stringify(next, null, 2)}\n`, "utf-8");
+		await writeFile(statePath, `${JSON.stringify(next, null, 2)}\n`, "utf-8");
 	}
 	async list(options) {
 		const workDir = normalizeWorkDir(options.workDir);
@@ -126573,7 +127098,7 @@ var SessionStore = class {
 			agents: rewriteAgentHomedirs(parsed["agents"], sourceDir, targetDir),
 			custom: Object.assign({}, isRecord$1(parsed["custom"]) ? parsed["custom"] : {}, input.metadata)
 		};
-		await writeFile$1(statePath, `${JSON.stringify(next, null, 2)}\n`, "utf-8");
+		await writeFile(statePath, `${JSON.stringify(next, null, 2)}\n`, "utf-8");
 	}
 	async summaryFromDir(id, sessionDir, workDir) {
 		const dirStat = await stat(sessionDir);
@@ -126936,15 +127461,6 @@ var ByfCore = class {
 	getModel({ sessionId, ...payload }) {
 		return this.sessionApi(sessionId).getModel(payload);
 	}
-	enterPlan({ sessionId, ...payload }) {
-		return this.sessionApi(sessionId).enterPlan(payload);
-	}
-	cancelPlan({ sessionId, ...payload }) {
-		return this.sessionApi(sessionId).cancelPlan(payload);
-	}
-	clearPlan({ sessionId, ...payload }) {
-		return this.sessionApi(sessionId).clearPlan(payload);
-	}
 	beginCompaction({ sessionId, ...payload }) {
 		return this.sessionApi(sessionId).beginCompaction(payload);
 	}
@@ -126984,9 +127500,6 @@ var ByfCore = class {
 	getPermission({ sessionId, ...payload }) {
 		return this.sessionApi(sessionId).getPermission(payload);
 	}
-	getPlan({ sessionId, ...payload }) {
-		return this.sessionApi(sessionId).getPlan(payload);
-	}
 	getUsage({ sessionId, ...payload }) {
 		return this.sessionApi(sessionId).getUsage(payload);
 	}
@@ -127074,8 +127587,8 @@ async function createRuntimeConfig(input) {
 		systemProxy: () => detectSystemProxy()
 	});
 	const localFetcher = new LocalFetchURLProvider({ fetchImpl: proxiedFetch });
-	const searchService = input.config.services?.byfSearch;
-	const fetchService = input.config.services?.byfFetch;
+	const fetchService = input.config.services?.fetchUrl;
+	const webSearchConfig = input.config.services?.webSearch;
 	return {
 		kaos: localKaos,
 		osEnv: await detectEnvironmentFromNode(),
@@ -127087,12 +127600,11 @@ async function createRuntimeConfig(input) {
 			fetchImpl: proxiedFetch,
 			...serviceCredentials(fetchService, input.resolveOAuthTokenProvider)
 		}),
-		webSearcher: searchService?.baseUrl === void 0 ? void 0 : new RemoteWebSearchProvider({
-			baseUrl: searchService.baseUrl,
-			defaultHeaders: input.byfRequestHeaders,
-			fetchImpl: proxiedFetch,
-			...serviceCredentials(searchService, input.resolveOAuthTokenProvider)
-		})
+		webSearcher: webSearchConfig === void 0 ? void 0 : new PriorityRouter([...webSearchConfig.providers].toSorted((a, b) => a.priority - b.priority).map((p) => createProvider(p.type, {
+			apiKeys: p.apiKeys,
+			baseUrl: p.baseUrl,
+			fetchImpl: proxiedFetch
+		})))
 	};
 }
 function serviceCredentials(service, resolveOAuthTokenProvider) {
@@ -127127,7 +127639,6 @@ async function resumeSessionResult(summary, session, warning) {
 			context,
 			replay: agent.replayBuilder.buildResult(),
 			permission,
-			plan: null,
 			usage,
 			tools: await api.getTools({ agentId }),
 			toolStore: agent.tools.storeData(),
@@ -127228,7 +127739,8 @@ var SDKRpcClient = class {
 		this.core = new ByfCore(coreRpc, {
 			homeDir: options.homeDir,
 			configPath: options.configPath,
-			skillDirs: options.skillDirs
+			skillDirs: options.skillDirs,
+			runtime: options.runtime
 		});
 		this.ready = sdkRpc(new ClientAPI(this)).then((rpc) => {
 			this.rpc = rpc;
@@ -127327,18 +127839,6 @@ var SDKRpcClient = class {
 			mode: input.mode
 		});
 	}
-	async getPlan(input) {
-		return (await this.getRpc()).getPlan({
-			sessionId: input.sessionId,
-			agentId: this.interactiveAgentId
-		});
-	}
-	async clearPlan(input) {
-		await (await this.getRpc()).clearPlan({
-			sessionId: input.sessionId,
-			agentId: this.interactiveAgentId
-		});
-	}
 	async compact(input) {
 		return (await this.getRpc()).beginCompaction({
 			sessionId: input.sessionId,
@@ -127495,7 +127995,7 @@ var SDKRpcClient = class {
 				type: "error",
 				sessionId: request.sessionId,
 				agentId: request.agentId,
-				...makeErrorPayload(ErrorCodes.SESSION_APPROVAL_HANDLER_ERROR, errorMessage(error))
+				...makeErrorPayload(ErrorCodes.SESSION_APPROVAL_HANDLER_ERROR, errorMessage$1(error))
 			});
 			return {
 				decision: "cancelled",
@@ -127513,7 +128013,7 @@ var SDKRpcClient = class {
 				type: "error",
 				sessionId: request.sessionId,
 				agentId: request.agentId,
-				...makeErrorPayload(ErrorCodes.SESSION_QUESTION_HANDLER_ERROR, errorMessage(error))
+				...makeErrorPayload(ErrorCodes.SESSION_QUESTION_HANDLER_ERROR, errorMessage$1(error))
 			});
 			return null;
 		}
@@ -127548,7 +128048,7 @@ var ClientAPI = class {
 		return this.client.toolCall(request);
 	}
 };
-function errorMessage(error) {
+function errorMessage$1(error) {
 	return error instanceof Error ? error.message : String(error);
 }
 //#endregion
@@ -127644,13 +128144,6 @@ var Session = class {
 			mode
 		});
 	}
-	async getPlan() {
-		this.ensureOpen();
-		return null;
-	}
-	async clearPlan() {
-		this.ensureOpen();
-	}
 	async compact(options = {}) {
 		this.ensureOpen();
 		const instruction = normalizeOptionalString(options.instruction);
@@ -127857,7 +128350,8 @@ var ByfHarness = class {
 		this.rpc = new SDKRpcClient({
 			homeDir: options.homeDir,
 			configPath: this.configPath,
-			skillDirs: options.skillDirs
+			skillDirs: options.skillDirs,
+			runtime: options.runtime
 		});
 	}
 	configureLogging() {
@@ -127872,7 +128366,7 @@ var ByfHarness = class {
 	set interactiveAgentId(agentId) {
 		this.rpc.interactiveAgentId = agentId;
 	}
-	track(event, properties) {}
+	track(_event, _properties) {}
 	async createSession(options) {
 		const summary = await this.rpc.createSession(options);
 		const session = new Session({
@@ -127954,6 +128448,38 @@ var ByfHarness = class {
 	async removeProvider(providerId) {
 		return this.rpc.removeProvider(providerId);
 	}
+	async updateConfig(input = {}) {
+		const configPath = input.configPath ?? this.configPath;
+		if (!existsSync(configPath)) return {
+			findings: [],
+			fixed: false
+		};
+		const config = readConfigFile(configPath);
+		const findings = analyzeConfig(config);
+		if (!input.fix || findings.length === 0) return {
+			findings,
+			fixed: false
+		};
+		const backupPath = `${configPath}.bak.${(/* @__PURE__ */ new Date()).toISOString().replaceAll(/[:.]/g, "-")}`;
+		await copyFile(configPath, backupPath);
+		await chmod(backupPath, 384);
+		try {
+			await writeConfigFile(configPath, applyFixes(config, findings));
+			readConfigFile(configPath);
+			return {
+				findings,
+				fixed: true,
+				backupPath
+			};
+		} catch (error) {
+			try {
+				await copyFile(backupPath, configPath);
+			} catch (rollbackError) {
+				throw new Error(`[update-config] Rollback failed: could not restore backup at ${backupPath}. Original error: ${errorMessage(error)}. Rollback error: ${errorMessage(rollbackError)}.`, { cause: rollbackError });
+			}
+			throw error;
+		}
+	}
 	async shellExec(command, options = {}) {
 		const normalizedCommand = command.trim();
 		if (normalizedCommand.length === 0) throw new ByfError(ErrorCodes.REQUEST_INVALID, "Shell command cannot be empty.");
@@ -127984,6 +128510,9 @@ function normalizeSessionId(value) {
 	if (normalized.length === 0) throw new ByfError(ErrorCodes.SESSION_ID_EMPTY, "Session id cannot be empty.");
 	return normalized;
 }
+function errorMessage(error) {
+	return error instanceof Error ? error.message : String(error);
+}
 //#endregion
 //#region src/catalog.ts
 const DEFAULT_CATALOG_URL = "https://models.dev/api.json";